Defeating Protocol Abuse with P4: Application to Explicit Congestion Notification - Archive ouverte HAL Access content directly
Conference Papers Year :

Defeating Protocol Abuse with P4: Application to Explicit Congestion Notification

(1, 2, 3) , (3) , (3) , (4) , (4)
1
2
3
4

Abstract

In recent years, programmable data planes enabled by the protocol independent switch architecture (PISA) allowed the relocation of network functions closer to traffic flows and thereby the ability to react in real-time to network events. However , expressing complex and stateful network monitoring functions using state-of-the-art data plane programming languages such as P4 still remain challenging. In this context, we propose a method for modeling a stateful security monitoring function as an Extended Finite State Machine (EFSM) and express the EFSM using P4 language abstractions. We demonstrate the feasibility and benefit of our proposed approach in detecting and mitigating Explicit Congestion Notification (ECN) protocol abuse without any TCP protocol modification. Our evaluation shows that the proposed security monitoring function can restore 24.67% throughput loss caused by misbehaving TCP end-hosts while ensuring fair share of bandwidth among TCP flows.
Fichier principal
Vignette du fichier
Defeating Protocol Abuse with P4: Application to Explicit Congestion Notification.pdf (958.81 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-02993199 , version 1 (06-11-2020)

Identifiers

  • HAL Id : hal-02993199 , version 1

Cite

Abir Laraba, Jérôme François, Isabelle Chrisment, Shihabur Rahman Chowdhury, Raouf Boutaba. Defeating Protocol Abuse with P4: Application to Explicit Congestion Notification. 2020 IFIP Networking Conference (Networking), Jun 2020, Paris, France. ⟨hal-02993199⟩
347 View
384 Download

Share

Gmail Facebook Twitter LinkedIn More