Benjamin Lewis
4MIDable: Flexible Network Offloading For Security VNFs
Lewis, Benjamin; Broadbent, Matthew; Rotsos, Charalampos; Race, Nicholas
Authors
Abstract
The ever-growing volume of network traffic and widening adoption of Internet protocols to underpin common communication processes augments the importance of network security. In order to enforce network security policies, network managers adopt a widening set of middleboxes and network appliances to improve traffic monitoring and processing capabilities. The resource requirements to support network security appliances are constantly increasing, making efficiency of these systems an essential aspect. The move toward Software-Defined Networking and programmable data planes offers a mean to offload traffic processing functionalities to within the network itself. To this end, we present the 4MIDable framework: a platform that facilitates the integration of existing middleboxes and monitoring appliances with an SDN (P4) network infrastructure. We also present P4Protect, a 4MIDable agent that protects the network from control plane DoS attacks with negligible impact on control plane latency, and P4ID (P4-Enhanced Intrusion Detection), a 4MIDable agent that offers stateful processing and feedback to unmodified Intrusion Detection System middleboxes and reduces traffic processing by over 80% without affecting threat detection rates.
Citation
Lewis, B., Broadbent, M., Rotsos, C., & Race, N. (2023). 4MIDable: Flexible Network Offloading For Security VNFs. Journal of Network and Systems Management, 31(3), Article 52. https://doi.org/10.1007/s10922-023-09744-1
| Journal Article Type | Article |
|---|---|
| Acceptance Date | May 22, 2023 |
| Online Publication Date | Jun 15, 2023 |
| Publication Date | 2023-07 |
| Deposit Date | Jun 19, 2023 |
| Publicly Available Date | Jun 19, 2023 |
| Journal | Journal of Network and Systems Management |
| Print ISSN | 1064-7570 |
| Publisher | Springer |
| Peer Reviewed | Peer Reviewed |
| Volume | 31 |
| Issue | 3 |
| Article Number | 52 |
| DOI | https://doi.org/10.1007/s10922-023-09744-1 |
| Keywords | P4, IDS, VNF, SDN |
Files
4MIDable: Flexible Network Offloading For Security VNFs
(1.1 Mb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by/4.0/
Copyright Statement
This article is licensed under a Creative Commons Attribution 4.0 International License.
You might also like
Improving quality of experience in adaptive low latency live streaming
(2023)
Journal Article
5G in the Wild: Performance of C-Band 5G-NR in Rural Low-Power Fixed Wireless Access
(2022)
Conference Proceeding
Practical Intrusion Detection of Emerging Threats
(2021)
Journal Article
Effectiveness of Vicinity-based Content Finding in Mobile NDN Environments
(2021)
Conference Proceeding
Llama-Low Latency Adaptive Media Algorithm
(2021)
Conference Proceeding
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search