P4ID: P4 enhanced intrusion detection

Lewis, Benjamin; Broadbent, Matthew; Race, Nicholas

doi:10.1109/NFV-SDN47374.2019.9040044

Authors

Benjamin Lewis

Dr Matthew Broadbent M.Broadbent@napier.ac.uk
Associate Professor

Nicholas Race

Abstract

The growth in scale and capacity of networks in recent years leads to challenges of positioning and scalability of Intrusion Detection Systems (IDS). With the flexibility afforded by programmable dataplanes, it is now possible to perform a new level of intrusion detection in switches themselves. We present P4ID, combining a rule parser, stateless and stateful packet processing using P4, and evaluate it using publicly available datasets. We show that using this technique, we can achieve a significant reduction in traffic being processed by an IDS.

Citation

Lewis, B., Broadbent, M., & Race, N. (2020). P4ID: P4 enhanced intrusion detection. In 2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN) (1-4). https://doi.org/10.1109/NFV-SDN47374.2019.9040044

Conference Name	2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)
Conference Location	Dallas, TX, USA
Start Date	Nov 12, 2019
End Date	Nov 14, 2019
Online Publication Date	Mar 19, 2020
Publication Date	2020
Deposit Date	Mar 9, 2022
Publisher	Institute of Electrical and Electronics Engineers
Pages	1-4
Book Title	2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)
DOI	https://doi.org/10.1109/NFV-SDN47374.2019.9040044
Keywords	P4 enhanced intrusion detection, stateful packet processing, stateless packet processing, programmable dataplanes, IDS, intrusion detection systems, P4ID
Public URL	http://researchrepository.napier.ac.uk/Output/2844067