Skip to Main content Skip to Navigation
Conference papers

Defeating Protocol Abuse with P4: Application to Explicit Congestion Notification

Abstract : In recent years, programmable data planes enabled by the protocol independent switch architecture (PISA) allowed the relocation of network functions closer to traffic flows and thereby the ability to react in real-time to network events. However , expressing complex and stateful network monitoring functions using state-of-the-art data plane programming languages such as P4 still remain challenging. In this context, we propose a method for modeling a stateful security monitoring function as an Extended Finite State Machine (EFSM) and express the EFSM using P4 language abstractions. We demonstrate the feasibility and benefit of our proposed approach in detecting and mitigating Explicit Congestion Notification (ECN) protocol abuse without any TCP protocol modification. Our evaluation shows that the proposed security monitoring function can restore 24.67% throughput loss caused by misbehaving TCP end-hosts while ensuring fair share of bandwidth among TCP flows.
Document type :
Conference papers
Complete list of metadatas

Cited literature [43 references]  Display  Hide  Download

https://hal.inria.fr/hal-02993199
Contributor : Abir Laraba <>
Submitted on : Friday, November 6, 2020 - 4:48:59 PM
Last modification on : Monday, November 30, 2020 - 10:26:03 PM

File

Defeating Protocol Abuse with ...
Files produced by the author(s)

Identifiers

  • HAL Id : hal-02993199, version 1

Collections

Citation

Abir Laraba, Jérôme François, Isabelle Chrisment, Shihabur Chowdhury, Raouf Boutaba. Defeating Protocol Abuse with P4: Application to Explicit Congestion Notification. 2020 IFIP Networking Conference (Networking), Jun 2020, Paris, France. ⟨hal-02993199⟩

Share

Metrics

Record views

63

Files downloads

53