Advanced Search
Volume 41 Issue 9
Sep.  2019
Turn off MathJax
Article Contents
ZHOU Yulong, CAO Xiangyu, GAO Jun, ZHENG Yuejun, ZHANG Chen. Dualband Frequncey Selective Surface and Its Application to Wideband RCS Reduction of The Microstrip Antenna[J]. Journal of Electronics & Information Technology, 2017, 39(6): 1446-1451. doi: 10.11999/JEIT160854
Citation: Kaizhi HUANG, Qirun PAN, Quan YUAN, Wei YOU. A Virtual Node Migration Method for Sensing Side-channel Risk[J]. Journal of Electronics & Information Technology, 2019, 41(9): 2164-2171. doi: 10.11999/JEIT180905

A Virtual Node Migration Method for Sensing Side-channel Risk

doi: 10.11999/JEIT180905
Funds:  The National Key R & D Program Cyberspace Security Special (2016YFB0801605), The National Natural Science Foundation Innovative Groups Project of China (61521003)
  • Received Date: 2018-09-20
  • Rev Recd Date: 2019-02-26
  • Available Online: 2019-03-11
  • Publish Date: 2019-09-10
  • In order to defend against Side-Channel Attacks (SCA) in Network Slicing (NS), the existing defense methods based on dynamic migration have the problem that the conditions for sharing of physical resources between different virtual nodes are not strict enough, a virtual node migration method is proposed for sensing side-channel risk. According to the characteristics of SCA, the entropy method is used to evaluate the side-channel risks and migrate the virtual node from a server with large deviation from average risk. The Markov decision process is used to describe the migration of virtual nodes for network slicing, and the Sarsa learning algorithm is used to solve the optimal migration scheme. The simulation results show that this method can separates malicious network slice instances from other target network slice instances to achieve the purpose of defense side channel attacks.
  • NGMN Alliance. 5G white paper[EB/OL]. https://www.ngmn.org/5g-white-paper/5g-white-paper.html, 2015.
    WANG Zhiming, WU Jiangxing, GUO Zehua, et al. Secure virtual network embedding to mitigate the risk of covert channel attacks[C]. 2016 IEEE Conference on Computer Communications Workshops, San Francisco, USA, 2016: 144–145.
    RISTENPART T, TROMER E, SHACHAM H, et al. Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds[C]. The 16th ACM Conference on Computer and Communications Security, Chicago, USA, 2009: 199–212.
    GULMEZOGLU B, İNCI M S, IRAZOQUI G, et al. Cross-VM cache attacks on AES[J]. IEEE Transactions on Multi-Scale Computing Systems, 2016, 2(3): 211–222. doi: 10.1109/tmscs.2016.2550438
    OKAMURA K and OYAMA Y. Load-based covert channels between Xen virtual machines[C]. 2010 ACM Symposium on Applied Computing, Sierre, Switzerland, 2010: 173–180.
    YU Si, GUI Xiaolin, and LIN Jiancai. An approach with two-stage mode to detect cache-based side channel attacks[C]. 2013 International Conference on Information Networking, Bangkok, Thailand, 2013: 186–191.
    WANG Lina, LIU Weijie, KUMAR N, et al. A novel covert channel detection method in cloud based on XSRM and improved event association algorithm[J]. Security and Communication Networks, 2016, 9(16): 3543–3557. doi: 10.1002/sec.1560
    WANG Zhenghong and LEE R B. A novel cache architecture with enhanced performance and security[C]. The 41st Annual IEEE/ACM International Symposium on Microarchitecture, Lake Como, Italy, 2008: 83–93.
    PATTUK E, KANTARCIOGLU M, LIN Zhiqiang, et al. Preventing cryptographic key leakage in cloud virtual machines[C]. The 23rd Usenix Conference on Security Symposium, San Diego, USA, 2014: 703–718.
    HAN Yi, CHAN J, ALPCAN T, et al. Using virtual machine allocation policies to defend against co-resident attacks in cloud computing[J]. IEEE Transactions on Dependable and Secure Computing, 2017, 14(1): 95–108. doi: 10.1109/tdsc.2015.2429132
    ADILI M T, MOHAMMADI A, MANSHAEI M H, et al. A cost-effective security management for clouds: A game-theoretic deception mechanism[C]. 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), Lisbon, Portugal, 2017: 98–106.
    赵硕, 季新生, 毛宇星, 等. 基于安全等级的虚拟机动态迁移方法[J]. 通信学报, 2017, 38(7): 165–174. doi: 10.11959/j.issn.1000-436x.2017091

    ZHAO Shuo, JI Xinsheng, MAO Yuxing, et al. Research on dynamic migration of virtual machine based on security level[J]. Journal on Communications, 2017, 38(7): 165–174. doi: 10.11959/j.issn.1000-436x.2017091
    YU Si, GUI Xiaolin, LIN Jiancai, et al. A security-awareness virtual machine management scheme based on Chinese wall policy in cloud computing[J]. The Scientific World Journal, 2014, 2014: 805923. doi: 10.1155/2014/805923
    桂小林, 余思, 黄汝维, 等. 一种面向云计算环境侧通道攻击防御的虚拟机部署方法[P]. 中国, 102571746, 2012.

    GUI Xiaolin, YU Si, HUANG Ruwei, et al. Virtual machine deployment method oriented to side channel attack defense of cloud computation environment[P]. CN, 102571746, 2012.
    LIANG Xin, GUI Xiaolin, JIAN A N, et al. Mitigating cloud co-resident attacks via grouping-based virtual machine placement strategy[C]. The 36th IEEE International Performance Computing and Communications Conference, San Diego, USA, 2017: 1–8.
    ANWAR A H, ATIA G, GUIRGUIS M. It’s time to migrate! A game-theoretic framework for protecting a multi-tenant cloud against collocation attacks[C]. The 11th IEEE International Conference on Cloud Computing, San Francisco, USA, 2018: 725–731.
    ALJAZZAR H and LEUE S. K*: A heuristic search algorithm for finding the k shortest paths[J]. Artificial Intelligence, 2011, 175(18): 2129–2154. doi: 10.1016/j.artint.2011.07.003
    GILLANI F, AL-SHAER E, LO S, et al. Agile virtualized infrastructure to proactively defend against cyber attacks[C]. 2015 IEEE Conference on Computer Communications, Hong Kong, China, 2015: 729–737.
    GONG Long, WEN Yonggang, ZHU Zuqing, et al. Toward profit-seeking virtual network embedding algorithm via global resource capacity[C]. IEEE Conference on Computer Communications, Toronto, Canada, 2014: 1–9.
  • Cited by

    Periodical cited type(6)

    1. 王凤随 ,闫涛 ,刘芙蓉 ,钱亚萍 ,许月 . 融合子空间共享特征的多尺度跨模态行人重识别方法. 电子与信息学报. 2023(01): 325-334 . 本站查看
    2. 王晓红,李超奇,卢辉. 基于可见光-红外模态下双向特征生成的行人重识别方法. 光学技术. 2022(03): 372-378 .
    3. 张佳琦,张金艺,楼亮亮. 基于分组特征赋权的动态视角图像特征融合. 电子测量技术. 2021(04): 144-148 .
    4. 吴普民,赵晋扬,陈德浪,王喆. 视频结构化技术在公安实战中的深度应用. 警察技术. 2020(04): 68-71 .
    5. 王粉花,赵波,黄超,严由齐. 基于多尺度和注意力融合学习的行人重识别. 电子与信息学报. 2020(12): 3045-3052 . 本站查看
    6. 陈莹,陈巧媛. 引入语义部位约束的行人再识别. 电子与信息学报. 2020(12): 3037-3044 . 本站查看

    Other cited types(10)

  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Figures(8)  / Tables(5)

    Article Metrics

    Article views (2034) PDF downloads(80) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return