XNetMon: A Network Monitor for Securing Virtual Networks

Natalia Castro Fernandes, Otto Carlos Muniz Bandeira Duarte
2011 2011 IEEE International Conference on Communications (ICC)  
Isolation and performance are critical issues for virtual networking. In this paper, we consider the use of Xen virtualization platform for building software-based virtual routers. We propose a network monitor for Xen to increase the isolation and the performance on packet forwarding. The network monitor controls the use of shared resources and punishes misbehaving virtual routers, guaranteeing an isolated operation of the virtual networks. In order to secure the shared data plane, we propose a
more » ... secure communication protocol that provides mutual authentication, protection against replay attacks, and privacy between the virtual routers and the administrative domain. The results obtained with the developed prototype show that our proposal guarantees availability of the virtual-network control and packet forwarding services and also provides a fair resource sharing.
doi:10.1109/icc.2011.5963443 dblp:conf/icc/FernandesD11 fatcat:tfeaj5jovjay5jazjutyhxmyua