Securing Virtual Architecture of Smartphones based on Network Function Virtualization

Authors

DOI:

https://doi.org/10.56294/mr202337

Keywords:

Network Function Virtualization, Hypervisor, Specter, DoS, Smartphones

Abstract

One of the most difficult parts of Network Function Virtualization (NFV) installations is security. The NFV environment is a large-scale, software-driven one with a variety of components. Network topologies and traffic flows are continuously and managed to change. Such complexity necessitates a comprehensive security framework that permits automatic and to manage changeable network conditions, a quick response is required with the least amount of manual involvement. This paper introduced many solutions for securing the NFV environment from attacks such as (Specter and DoS) that attack parts of this architecture based on some experiments. Applied NFV on an operating system of smartphones (Android). We tested some attacks on the device and then on some of the layers in the architecture. We obtain new and obvious results, by comparison, to traditional and updated NFV architecture. Also, update the NFV architecture using vCenter/ESX and Hyper-V being two important terms in security After adding the necessary algorithms to protect the NFV architecture, we noticed about 128 hours to hack a 1,4 megabyte (WinRAR) file, while the same file and the same size needed 126 hours to reach the root without the algorithms used to protect the architecture.

References

1. Han B, Gopalakrishnan V, Ji L, Lee SJ. Network function virtualization: Challenges and opportunities for innovations. IEEE Communications Magazine. 2015;53(2):90-97.

2. Cotroneo D, De Simone L, Iannillo AK, Lanzaro A, Natella R, Fan J, et al. Network function virtualization: Challenges and directions for reliability assurance. In: Editor (Ed.)^(Eds.). Book Network function virtualization: Challenges and directions for reliability assurance. IEEE; 2014. p. 37-42.

3. Jawdhari HA, Abdullah AA. The application of network Functions Virtualization on different networks, and its new applications in blockchain: A survey. 2021.

4. Virtualisation NF. Introductory white paper. Editor (Ed.)^(Eds.). 2012. p.

5. Hawilo H, Shami A, Mirahmadi M, Asal RJ. NFV: state of the art, challenges, and implementation in next generation mobile networks (vEPC). Network. 2014;28(6):18-26.

6. Gember-Jacobson A, Viswanathan R, Prakash C, Grandl R, Khalid J, Das S, et al. OpenNF: Enabling innovation in network function control. ACM SIGCOMM Computer Communication Review. 2014;44(4):163-174.

7. Soares J, Gonçalves C, Parreira B, Tavares P, Carapinha J, Barraca JP, et al. Toward a telco cloud environment for service functions. IEEE Communications Magazine. 2015;53(2):98-106.

8. Ding W, Qi W, Wang J, Chen B. OpenSCaaS: an open service chain as a service platform toward the integration of SDN and NFV. Network. 2015;29(3):30-35.

9. Montero D, Yannuzzi M, Shaw A, Jacquin L, Pastor A, Serral-Gracia R, et al. Virtualized security at the network edge: A user-centric approach. Network. 2015;53(4):176-186.

10. Lal S, Taleb T, Dutta A. NFV: Security threats and best practices. IEEE Communications Magazine. 2017;55(8):211-217.

11. ETSI Group Specification. Network Functions Virtualization (NFV) NFV Security and TrustGuidance. Dec. 2014.

12. Dulphy J-P, Demarquilly C, Boisseau J, Bousquet H, Lhotelier L. Etude du comportement alimentaire et mérycique de moutons recevant des fourrages verts hachés. Editor (Ed.)^(Eds.). Book Etude du comportement alimentaire et mérycique de moutons recevant des fourrages verts hachés. 1974. p. 193-212.

13. Arya N, Gidwani M, Gupta SK. Hypervisor security-A major concern. International Journal of Innovations in Engineering and Technology. 2013;3(6):533-538.

14. Szefer J, Keller E, Lee RB, Rexford J. Eliminating the hypervisor attack surface for a more secure cloud. Editor (Ed.)^(Eds.). Book Eliminating the hypervisor attack surface for a more secure cloud. 2011. p. 401-412.

15. Jawdhari HA, Abdullah AA. A novel blockchain architecture based on network functions virtualization (NFV) with auto smart contracts. IEEE Open Journal of the Communications Society. 2021;9(4):834-844.

16. Haleplidis E, Pentikousis K, Denazis S, Salim JH, Meyer D, Koufopavlou O. Software-defined networking (SDN): Layers and architecture terminology. Editor (Ed.)^(Eds.). Book Software-defined networking (SDN): Layers and architecture terminology. 2015.

17. Alwakeel AM, Alnaim AK, Fernandez EB. A Pattern for a Virtual Network Function (VNF). Editor (Ed.)^(Eds.). Book A Pattern for a Virtual Network Function (VNF). 2019. p. 1-7.

18. Liang C, Yu FR. Wireless network virtualization: A survey, some research issues and challenges. IEEE Communications Surveys & Tutorials. 2014;17(1):358-380.

19. Mijumbi R, Serrat J, Gorricho J-L, Bouten N, De Turck F, Boutaba R. Network function virtualization: State-of-the-art and research challenges. IEEE Communications Surveys & Tutorials. 2015;18(1):236-262.

20. Shacham H. The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). Editor (Ed.)^(Eds.). Book The geometry of innocent flesh on the bone: Return-into-libc without function (on the x86). 2007. p. 552-561.

21. Cloosters T, Paaßen D, Wang J, Draissi O, Jauernig P, Stapf E, et al. RiscyROP: Automated ReturnOriented Programming Attacks on RISC-V and ARM64. Editor (Ed.)^(Eds.). Book RiscyROP: Automated ReturnOriented Programming Attacks on RISC-V and ARM64. 2022. p. 30-42.

22. Shrivastava RK, Singh SP, Hasan MK, Islam S, Abdullah S, Aman AHM. Securing Internet of Things devices against code tampering attacks using Return Oriented Programming. Computers & Electrical Engineering. 2022;193:38-46.

23. Tobah Y, Kwong A, Kang I, Genkin D, Shin KG. SpecHammer: Combining Spectre and Rowhammer for New Speculative Attacks. Editor (Ed.)^(Eds.). Book SpecHammer: Combining Spectre and Rowhammer for New Speculative Attacks. 2022.

24. Roney J, Appel T, Pinisetti P, Mickens J. Identifying Valuable Pointers in Heap Data. Editor (Ed.)^(Eds.). Book Identifying Valuable Pointers in Heap Data. IEEE; 2021. p. 373-382.

25. Canella C. Hardening the Kernel Against Unprivileged Attacks. 2022.

Downloads

Published

2023-07-15

Issue

Vol. 2 (2023): Metaverse Basic and Applied Research

Section

Original

License

Copyright (c) 2023 Hayder A. Nahi, Mustafa Asaad Hasan, Ali Hussein Lazem, Mohammed Ayad Alkhafaji (Author)

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The article is distributed under the Creative Commons Attribution 4.0 License. Unless otherwise stated, associated published material is distributed under the same licence.

How to Cite

1.
Nahi HA, Asaad Hasan M, Hussein Lazem A, Ayad Alkhafaji M. Securing Virtual Architecture of Smartphones based on Network Function Virtualization. Metaverse Basic and Applied Research [Internet]. 2023 Jul. 15 [cited 2025 Mar. 14];2:37. Available from: https://mr.ageditor.ar/index.php/mr/article/view/32