Software Defined Networking has put the accent on the implementation of effective, sophisticated algorithms for the control plane, running on centralized devices. Pure centralization, however, also introduces inefficiencies and limitations in many scenarios, often negatively affecting security. Network applications could benefit from data plane programmability, e.g. implementing the increasingly popular P4 language. In this paper, we show that P4-enabled switches can run simple yet significant tasks that enhance the cooperation with the control plane, improving traffic analysis functionalities of practical relevance for security monitoring purposes. We also show how this P4- based solutions can be integrated into an SDN architecture acting as an Intrusion Detection System.
A Security Monitoring Architecture based on Data Plane Programmability / Amir Al Sadi, Davide Berardi, Franco Callegati, Andrea Melis, Marco Prandini. - ELETTRONICO. - (2021), pp. 1-6. (Intervento presentato al convegno Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit) tenutosi a Porto (PT) nel 8-11 June 2021) [10.1109/EuCNC/6GSummit51104.2021.9482549].
A Security Monitoring Architecture based on Data Plane Programmability
Amir Al SadiMembro del Collaboration Group
;Davide BerardiMembro del Collaboration Group
;Franco CallegatiConceptualization
;Andrea Melis
Membro del Collaboration Group
;Marco PrandiniConceptualization
2021
Abstract
Software Defined Networking has put the accent on the implementation of effective, sophisticated algorithms for the control plane, running on centralized devices. Pure centralization, however, also introduces inefficiencies and limitations in many scenarios, often negatively affecting security. Network applications could benefit from data plane programmability, e.g. implementing the increasingly popular P4 language. In this paper, we show that P4-enabled switches can run simple yet significant tasks that enhance the cooperation with the control plane, improving traffic analysis functionalities of practical relevance for security monitoring purposes. We also show how this P4- based solutions can be integrated into an SDN architecture acting as an Intrusion Detection System.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
