Skip to Main content Skip to Navigation
Conference papers

Defeating Protocol Abuse with P4: Application to Explicit Congestion Notification

Abstract : In recent years, programmable data planes enabled by the protocol independent switch architecture (PISA) allowed the relocation of network functions closer to traffic flows and thereby the ability to react in real-time to network events. However , expressing complex and stateful network monitoring functions using state-of-the-art data plane programming languages such as P4 still remain challenging. In this context, we propose a method for modeling a stateful security monitoring function as an Extended Finite State Machine (EFSM) and express the EFSM using P4 language abstractions. We demonstrate the feasibility and benefit of our proposed approach in detecting and mitigating Explicit Congestion Notification (ECN) protocol abuse without any TCP protocol modification. Our evaluation shows that the proposed security monitoring function can restore 24.67% throughput loss caused by misbehaving TCP end-hosts while ensuring fair share of bandwidth among TCP flows.
Document type :
Conference papers
Complete list of metadata

Cited literature [43 references]  Display  Hide  Download
Contributor : Abir Laraba Connect in order to contact the contributor
Submitted on : Friday, November 6, 2020 - 4:48:59 PM
Last modification on : Wednesday, November 3, 2021 - 7:56:54 AM
Long-term archiving on: : Sunday, February 7, 2021 - 8:05:06 PM


Defeating Protocol Abuse with ...
Files produced by the author(s)


  • HAL Id : hal-02993199, version 1



Abir Laraba, Jérôme François, Isabelle Chrisment, Shihabur Chowdhury, Raouf Boutaba. Defeating Protocol Abuse with P4: Application to Explicit Congestion Notification. 2020 IFIP Networking Conference (Networking), Jun 2020, Paris, France. ⟨hal-02993199⟩



Record views


Files downloads