Loading [a11y]/accessibility-menu.js
Mitigation of security attacks in the SDN data plane using P4-enabled switches | IEEE Conference Publication | IEEE Xplore

Mitigation of security attacks in the SDN data plane using P4-enabled switches


Abstract:

This paper presents a study and demonstration of some of the commonly seen internal security attacks and related countermeasures using P4, a dataplane programming languag...Show More

Abstract:

This paper presents a study and demonstration of some of the commonly seen internal security attacks and related countermeasures using P4, a dataplane programming language. The idea is that the vulnerabilities arising in programmable data planes are sufficiently mitigated with this P4 implementation. This also provides users with the flexibility to add or drop security features in the deployed switches, better visibility into the defense system owing to its open source nature and the portability of these P4 programs across many different vendors and devices. We evaluate our P4 code on software and hardware switches to detect IP-address spoofing attacks. The results show that attack packets are always detected and dropped, while the throughput remains unaffected and nearly constant across varying fractions of malicious packets injected in the network.
Date of Conference: 16-19 December 2019
Date Added to IEEE Xplore: 16 June 2020
ISBN Information:

ISSN Information:

Conference Location: Goa, India

References

References is not available for this document.