In this dissertation we adopt a threat model where the data center network infrastructure is potentially malicious. To describe practical threats and solutions related to malicious switches, we draw our attention to multi-tenant data center networks that i) consolidate control over the (hardware and software) switches to a logically centralized controller and ii) use virtualization techniques for multi-tenancy. Our extensive security analyses and evaluations of the design, specifications and systems of logically centralized data center network controllers reveals the following. Malicious switches can covertly bypass network-wide security policies and mechanisms via the controller. We identify three reasons for the existence of such covert...
Middleboxes are typically hardware-accelerated appliances such as firewalls, proxies, WAN optimizers...
As an important component of cloud platform, virtual switch (vSwitch) is responsible for achieving n...
The advent of virtualization introduced the need for virtual switches to interconnect virtual machin...
Virtual switches have become popular among cloud operating systems to interconnect virtual machines ...
A large amount of today's communication occurs within data centers where a large number of virtual s...
Virtual switches are a crucial component of SDN-based cloud systems, enabling the interconnection of...
Virtual machine technology is rapidly gaining acceptance as a fundamental building block in enterpri...
Virtual switches manage and route traffic in a virtual environment, but often network engineers don'...
Virtualization has become an important enabler of several concepts, like cloud computing, network fu...
Intrusion detection is a concept from the field of IT security. Network intrusion detection systems ...
The rise of cloud computing as the standard deployment model for internet-based applications introdu...
Network Functions Virtualization (NFV) aims to change how network operators handle their network equ...
Virtualization has increased amongst the IT service providers as a method for achieving more efficie...
Network Function Virtualization (NFV) technology has been proposed to improve the deployment flexibi...
Software Defined Networking has brought revolution to the world of Network technology which replaces...
Middleboxes are typically hardware-accelerated appliances such as firewalls, proxies, WAN optimizers...
As an important component of cloud platform, virtual switch (vSwitch) is responsible for achieving n...
The advent of virtualization introduced the need for virtual switches to interconnect virtual machin...
Virtual switches have become popular among cloud operating systems to interconnect virtual machines ...
A large amount of today's communication occurs within data centers where a large number of virtual s...
Virtual switches are a crucial component of SDN-based cloud systems, enabling the interconnection of...
Virtual machine technology is rapidly gaining acceptance as a fundamental building block in enterpri...
Virtual switches manage and route traffic in a virtual environment, but often network engineers don'...
Virtualization has become an important enabler of several concepts, like cloud computing, network fu...
Intrusion detection is a concept from the field of IT security. Network intrusion detection systems ...
The rise of cloud computing as the standard deployment model for internet-based applications introdu...
Network Functions Virtualization (NFV) aims to change how network operators handle their network equ...
Virtualization has increased amongst the IT service providers as a method for achieving more efficie...
Network Function Virtualization (NFV) technology has been proposed to improve the deployment flexibi...
Software Defined Networking has brought revolution to the world of Network technology which replaces...
Middleboxes are typically hardware-accelerated appliances such as firewalls, proxies, WAN optimizers...
As an important component of cloud platform, virtual switch (vSwitch) is responsible for achieving n...
The advent of virtualization introduced the need for virtual switches to interconnect virtual machin...