Critical analysis of layer 2 network security in virtualised environments

Ronny L. Bull, Jeanna N. Matthews
2016 International Journal of Communication Networks and Distributed Systems  
In this article, we explore whether layer 2 network attacks that work on physical switches apply to their virtualised counterparts by performing a systematic study across four major hypervisor environments -Open vSwitch, Citrix XenServer, Microsoft Hyper-V Server and VMware vSphere -in seven different virtual networking configurations. First, we use a malicious virtual machine to run a MAC flooding attack and evaluate the impact on co-resident virtual machines. We find that network performance
more » ... s degraded on all platforms and that it is possible to eavesdrop on other client traffic passing over the same virtual network for Open vSwitch and Citrix XenServer. Second, we use a malicious virtual machine to run a rogue DHCP server and then run multiple DHCP attack scenarios. On all four platforms, co-resident virtual machines can be manipulated by providing them with incorrect or malicious network information.
doi:10.1504/ijcnds.2016.10000954 fatcat:mj53ub575nfrtft3vfe22apcca