Aniswar S. Krishnan, K. Sivalingam, Gauravdeep Shami, M. Lyonnais, Rodney G. Wilson
{"title":"基于p4的可编程数据平面交换机的网络安全流分类","authors":"Aniswar S. Krishnan, K. Sivalingam, Gauravdeep Shami, M. Lyonnais, Rodney G. Wilson","doi":"10.1109/NetSoft57336.2023.10175420","DOIUrl":null,"url":null,"abstract":"This paper deals with programmable data plane switches that perform flow classification using machine learning (ML) algorithms. This paper describes the implementation-based study of an existing ML-based packet marking scheme called FlowLens. The core algorithm, written in the P4 language, generates features, called flow markers, while processing packets. These flow markers are an efficient formulation of the packet length distribution of a particular flow. Secondly, a controller responsible for configuring the switch, extracting the features periodically, and applying machine learning algorithms for flow classification, is implemented in Python. The generation of flow markers is evaluated using flows in a tree-based topology in Mininet using the P4-enab1ed BMv2 packet switch on the mininet emulator. Classification is performed for the detection of two different types of network attacks: Active Wiretap and Mirai Botnet. In both cases, we obtain a 30-fold reduction in memory footprint with no loss in accuracy demonstrating the potential of running P4-based ML algorithms in packet switches.","PeriodicalId":223208,"journal":{"name":"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Flow classification for network security using P4-based Programmable Data Plane switches\",\"authors\":\"Aniswar S. Krishnan, K. Sivalingam, Gauravdeep Shami, M. Lyonnais, Rodney G. Wilson\",\"doi\":\"10.1109/NetSoft57336.2023.10175420\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper deals with programmable data plane switches that perform flow classification using machine learning (ML) algorithms. This paper describes the implementation-based study of an existing ML-based packet marking scheme called FlowLens. The core algorithm, written in the P4 language, generates features, called flow markers, while processing packets. These flow markers are an efficient formulation of the packet length distribution of a particular flow. Secondly, a controller responsible for configuring the switch, extracting the features periodically, and applying machine learning algorithms for flow classification, is implemented in Python. The generation of flow markers is evaluated using flows in a tree-based topology in Mininet using the P4-enab1ed BMv2 packet switch on the mininet emulator. Classification is performed for the detection of two different types of network attacks: Active Wiretap and Mirai Botnet. In both cases, we obtain a 30-fold reduction in memory footprint with no loss in accuracy demonstrating the potential of running P4-based ML algorithms in packet switches.\",\"PeriodicalId\":223208,\"journal\":{\"name\":\"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-06-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NetSoft57336.2023.10175420\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NetSoft57336.2023.10175420","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Flow classification for network security using P4-based Programmable Data Plane switches
This paper deals with programmable data plane switches that perform flow classification using machine learning (ML) algorithms. This paper describes the implementation-based study of an existing ML-based packet marking scheme called FlowLens. The core algorithm, written in the P4 language, generates features, called flow markers, while processing packets. These flow markers are an efficient formulation of the packet length distribution of a particular flow. Secondly, a controller responsible for configuring the switch, extracting the features periodically, and applying machine learning algorithms for flow classification, is implemented in Python. The generation of flow markers is evaluated using flows in a tree-based topology in Mininet using the P4-enab1ed BMv2 packet switch on the mininet emulator. Classification is performed for the detection of two different types of network attacks: Active Wiretap and Mirai Botnet. In both cases, we obtain a 30-fold reduction in memory footprint with no loss in accuracy demonstrating the potential of running P4-based ML algorithms in packet switches.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
