Distributed Computing

, Volume 28, Issue 2, pp 91–109

Adversarial topology discovery in network virtualization environments: a threat for ISPs?

  • Yvonne Anne Pignolet
  • Stefan Schmid
  • Gilles Tredan
Article

DOI: 10.1007/s00446-014-0217-4

Cite this article as:
Pignolet, Y.A., Schmid, S. & Tredan, G. Distrib. Comput. (2015) 28: 91. doi:10.1007/s00446-014-0217-4

Abstract

Network virtualization is a new Internet paradigm which allows multiple virtual networks (VNets) to share the resources of a given physical infrastructure. The virtualization of entire networks is the natural next step after the virtualization of nodes and links. While the problem of how to embed a VNet (“guest network”) on a given resource network (“host network”) is algorithmically well-understood, much less is known about the security implications of this new technology. This paper introduces a new model to reason about one particular security threat: the leakage of information about the physical infrastructure—often a business secret. We initiate the study of this new problem and introduce the notion of request complexity which describes the number of VNet requests needed to fully disclose the substrate topology. We derive lower bounds and present algorithms achieving an asymptotically optimal request complexity for important graph classes such as trees, cactus graphs (complexity \(O(n)\)) as well as arbitrary graphs (complexity \(O(n^2)\)). Moreover, a general motif-based topology discovery framework is described which exploits the poset structure of the VNet embedding relation.

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Yvonne Anne Pignolet
    • 1
  • Stefan Schmid
    • 2
  • Gilles Tredan
    • 3
  1. 1.ABB Corporate ResearchDättwilSwitzerland
  2. 2.Telekom Innovation Laboratories and TU BerlinBerlinGermany
  3. 3.LAAS-CNRSToulouseFrance

Personalised recommendations