Skip to main content

Research Repository

Advanced Search

P4ID: P4 enhanced intrusion detection

Lewis, Benjamin; Broadbent, Matthew; Race, Nicholas

Authors

Benjamin Lewis

Matthew Broadbent

Nicholas Race



Abstract

The growth in scale and capacity of networks in recent years leads to challenges of positioning and scalability of Intrusion Detection Systems (IDS). With the flexibility afforded by programmable dataplanes, it is now possible to perform a new level of intrusion detection in switches themselves. We present P4ID, combining a rule parser, stateless and stateful packet processing using P4, and evaluate it using publicly available datasets. We show that using this technique, we can achieve a significant reduction in traffic being processed by an IDS.

Presentation Conference Type Conference Paper (Published)
Conference Name 2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)
Start Date Nov 12, 2019
End Date Nov 14, 2019
Online Publication Date Mar 19, 2020
Publication Date 2020
Deposit Date Mar 9, 2022
Publisher Institute of Electrical and Electronics Engineers
Pages 1-4
Book Title 2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)
DOI https://doi.org/10.1109/NFV-SDN47374.2019.9040044
Keywords P4 enhanced intrusion detection, stateful packet processing, stateless packet processing, programmable dataplanes, IDS, intrusion detection systems, P4ID
Public URL http://researchrepository.napier.ac.uk/Output/2844067