Accession Number:

AD1069489

Title:

Virtual Machine Detection in Software Defined Networks

Descriptive Note:

Technical Report

Corporate Author:

NAVAL POSTGRADUATE SCHOOL MONTEREY CA MONTEREY United States

Personal Author(s):

• Bihl,Timothy D.

Report Date:

2018-12-01

Pagination or Media Count:

57.0

Abstract:

In this thesis, we evaluate a means of determining whether or not a network host is a virtual machine from the perspective of a network administrator using software-defined networking infrastructure. Virtualization presents a user with a desktop and computing environment identical to what is normally expected while also permitting them to be unwittingly controlled from outside the desktop environment. The added complexity of virtual environments causes extra computing delays, which may be observed in traffic round-trip times. In this thesis, we demonstrate how the observed round-trip times may be used to determine which machines were virtualized and which were running natively directly atop the hardware. Two versions of the experiment were performed. The first substantiated that the approach was feasible. The second, using a more realistic software-defined networking infrastructure, showed that delay measurement must be done by methods that minimize unnecessary hops before measurement, though the experiment still succeeded in differentiating virtual machines in the majority of cases.

Descriptors:

• virtualization software
• network protocols
• network architecture
• virtual machines
• routing protocols
• virtualization
• virtual reality

Subject Categories:

• Computer Programming and Software

Distribution Statement:

APPROVED FOR PUBLIC RELEASE