Mitigating Security Problems in Virtualized Networks Through Resource Management

Network Virtualization is the key to the current and future success of the Internet, and it has proven to be one of the core technologies in the evolution of the Internet. The virtualization of network resources offers many benefits. Resources are more efficiently utilized, and they can be deployed flexibly and elastically. It can lower the cost of ownership by moving from dedicated hardware to virtual resources. Another important benefit is the ease of management through standard abstractions. However, these benefits come at the cost of security. Network virtualization has increased the threat surface due to the virtualization of resources. Such as risk of isolation failure, privacy, and confidentiality of hosted services, side-channel attacks, and amplified impact of Denial-of-Service attacks. In this dissertation, we take a look at some of the security issues in the virtualized networks. We aim to utilize resource management to mitigate some of the security problems in the virtualized networks. In particular, we use Software-Defined Networking (SDN) and 5G mobile networks as a focus of our study to investigate and mitigate security issues. We identified that Distributed Denial-of-Service (DDoS) attacks pose a significant risk in SDN and emerging 5G mobile networks because both networks are virtualized, and the impact of DDoS is amplified. In a traditional network, there are usually very few stakeholders that are impacted by the DDoS. Whereas, in virtualized networks, many tenants share the same resources; therefore, many stakeholders can be impacted (e.g., from infrastructure provider to network operator to the tenants). We use resource management to deal with DDoS attacks. In SDN, load-balancing is used to deal with DDoS attacks. Whereas, in 5G mobile networks, we proposed an optimization-based resource allocation solution to mitigate DDoS attacks. We also analyze the defense against malicious co-residency using our solution in 5G mobile networks. Last but not least, we proposed a framework for resource allocation in the 5G mobile networks.