Browse wiki

From Navigators

Jump to: navigation, search
Publication:Mest FabioPereira Set17
Abstract Monitoring is a fundamental activity in ne Monitoring is a fundamental activity in network management as it provides knowledge about the behavior of a network. Different monitoring methodologies have been employed in practice, with sample-based and sketch-based approaches standing out because of their manageable memory requirements. The accuracy provided by traditional sampling-based monitoring approaches, such as NetFlow, is increasingly being considered insufficient to meet the requirements of today’s networks. By summarizing all traffic for specific statistics of interest, sketch-based alternatives have been shown to achieve higher levels of accuracy for the same cost. Existing switches, however, lack the necessary capability to perform the sort of processing required by this approach. The emergence of programmable switches and the processing they enable in the data plane has recently led sketch-based solutions to be made possible in switching hardware. One limitation of existing solutions is that they lack security. At the scale of the datacenter networks that power cloud computing, this limitation becomes a serious concern. For instance, there is evidence of security incidents perpetrated by malicious insiders inside cloud infrastructures. By compromising the monitoring algorithm, such an attacker can render the monitoring process useless, leading to undesirable actions (such as routing sensitive traffic to disallowed locations). The objective of this thesis is to propose a novel sketch-based monitoring algorithm that is secure. In particular, we propose the design and implementation of a secure and scalable version of the Count-Min algorithm [16, 17], which tracks the frequency of items through a data structure and a set of hash functions. As traditional switches do not have the capabilities to allow these advanced forms of monitoring, we leverage the recently proposed programmable switches. The algorithm was implemented in P4 [11], a programmable language for programmable switches, which are now able to process packets just as fast as the fastest fixed-function switches [12]. Our evaluation demonstrates that our secure solution entails a negligible performance penalty when compared with the original Count-Min algorithm, despite the security proprieties provided. despite the security proprieties provided.
Advisor Nuno Ferreira Neves + , Fernando Ramos +
Author Fabio Pereira +
Document Document for Publication-Mest FabioPereira Set17.pdf +
Key Mest FabioPereira Set17  +
Month sep  +
NumPubDate 2,017.09  +
Project Project:SEGRID +
ResearchLine Fault and Intrusion Tolerance in Open Distributed Systems (FIT) +
School Mestrado em Engenharia Informática, Departamento de Informática, Faculdade de Ciências da Universidade de Lisboa  +
Title Secure Network Monitoring Using Programmable Data Planes  +
Type mastersthesis  +
Year 2017  +
Has improper value forThis property is a special property in this wiki. Url  +
Categories Publication  +
Modification dateThis property is a special property in this wiki. 24 February 2018 19:05:08  +
hide properties that link here 
  No properties link to this page.


Enter the name of the page to start browsing from.
Personal tools
Navigators toolbox