Anomaly Detection in Data Plane Systems using Packet Execution Paths

Sanghi, Archit and Kadiyala, Krishna P. and Tammana, Praveen and Joshi, Saurabh (2021) Anomaly Detection in Data Plane Systems using Packet Execution Paths. In: 2nd ACM SIGCOMM Workshop on Secure Programmable Network INfrastructure, SPIN 2021, 23-27 August 2021, Virtual, Online.

[img] Text
SPIN_2021.pdf - Published Version
Restricted to Registered users only

Download (735kB)

Abstract

Programmable data planes provide exciting opportunities to realize fast, accurate, and data-driven control-loop decisions. Many data plane systems have been proposed for handling network dynamics (e.g., congestion, failures) in near real-time. The core of these systems has packet-processing data-plane algorithms that continuously monitor traffic and respond automatically. Despite their benefits, automatic response to network events lead to increase in potential sources of inputs, and hence, increase in attack surface. This paper takes a step towards securing such systems by (1) identifying possible attacks on recently proposed data-driven data-plane systems; and (2) designing a scalable tool for detecting such attacks at run time. Our approach models plausible expected behavior and uses the model as a reference to check whether the system is under attack. We conduct preliminary experiments to demonstrate the feasibility of our detection methodology. © 2021 ACM.

[error in script]
IITH Creators:
IITH CreatorsORCiD
Tammana, PraveenUNSPECIFIED
Item Type: Conference or Workshop Item (Paper)
Additional Information: We thank the anonymous reviewers for their insightful feedback; we also thank Liang Wang, Rinku Shah, Shiv Kumar, and Ranjitha for their valuable comments on the earlier drafts and for their participation in the discussions. This work is supported by a startup grant awarded by IIT Hyderabad.
Uncontrolled Keywords: Distributed Denial-of-Service attacks; In-network computing; Intrusion Detection Systems; Network security; Programmable networks
Subjects: Computer science
Divisions: Department of Computer Science & Engineering
Depositing User: . LibTrainee 2021
Date Deposited: 04 Aug 2022 11:55
Last Modified: 04 Aug 2022 11:55
URI: http://raiithold.iith.ac.in/id/eprint/10095
Publisher URL: http://doi.org/10.1145/3472873.3472880
Related URLs:

Actions (login required)

View Item View Item
Statistics for RAIITH ePrint 10095 Statistics for this ePrint Item