Cross-VM Cache Timing Attacks on Virtualized Network Functions

Abstract

Network function virtualization (NFV) achieves the flexibility of network service provisioning by using virtualization technology. However, NFV is exposed to a serious security threat known as cross-VM cache timing attacks. In this letter, we look into real security impacts on network virtualization. Specifically, we present two kinds of practical cache timing attacks on virtualized firewalls and routers. We also propose some countermeasures to mitigate such attacks on virtualized network functions.