P4ID: P4增强入侵检测

2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN) Pub Date : 2019-11-01 DOI:10.1109/NFV-SDN47374.2019.9040044

B. Lewis, M. Broadbent, N. Race

{"title":"P4ID: P4增强入侵检测","authors":"B. Lewis, M. Broadbent, N. Race","doi":"10.1109/NFV-SDN47374.2019.9040044","DOIUrl":null,"url":null,"abstract":"The growth in scale and capacity of networks in recent years leads to challenges of positioning and scalability of Intrusion Detection Systems (IDS). With the flexibility afforded by programmable dataplanes, it is now possible to perform a new level of intrusion detection in switches themselves. We present P4ID, combining a rule parser, stateless and stateful packet processing using P4, and evaluate it using publicly available datasets. We show that using this technique, we can achieve a significant reduction in traffic being processed by an IDS.","PeriodicalId":394933,"journal":{"name":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"P4ID: P4 Enhanced Intrusion Detection\",\"authors\":\"B. Lewis, M. Broadbent, N. Race\",\"doi\":\"10.1109/NFV-SDN47374.2019.9040044\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The growth in scale and capacity of networks in recent years leads to challenges of positioning and scalability of Intrusion Detection Systems (IDS). With the flexibility afforded by programmable dataplanes, it is now possible to perform a new level of intrusion detection in switches themselves. We present P4ID, combining a rule parser, stateless and stateful packet processing using P4, and evaluate it using publicly available datasets. We show that using this technique, we can achieve a significant reduction in traffic being processed by an IDS.\",\"PeriodicalId\":394933,\"journal\":{\"name\":\"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NFV-SDN47374.2019.9040044\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NFV-SDN47374.2019.9040044","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 18

摘要

近年来，网络规模和容量的增长给入侵检测系统的定位和可扩展性带来了挑战。由于可编程数据平面提供的灵活性，现在可以在交换机本身中执行一个新的入侵检测级别。我们提出了P4ID，结合了一个规则解析器，使用P4进行无状态和有状态数据包处理，并使用公开可用的数据集对其进行评估。我们展示了使用这种技术，我们可以显著减少由IDS处理的流量。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

P4ID: P4 Enhanced Intrusion Detection

The growth in scale and capacity of networks in recent years leads to challenges of positioning and scalability of Intrusion Detection Systems (IDS). With the flexibility afforded by programmable dataplanes, it is now possible to perform a new level of intrusion detection in switches themselves. We present P4ID, combining a rule parser, stateless and stateful packet processing using P4, and evaluate it using publicly available datasets. We show that using this technique, we can achieve a significant reduction in traffic being processed by an IDS.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)

自引率

0.00%

发文量