No abstract available.
Proceeding Downloads
Taking Control of SDN-based Cloud Systems via the Data Plane
- Kashyap Thimmaraju,
- Bhargava Shastry,
- Tobias Fiebig,
- Felicitas Hetzelt,
- Jean-Pierre Seifert,
- Anja Feldmann,
- Stefan Schmid
Virtual switches are a crucial component of SDN-based cloud systems, enabling the interconnection of virtual machines in a flexible and "software-defined" manner. This paper raises the alarm on the security implications of virtual switches. In ...
ShieldBox: Secure Middleboxes using Shielded Execution
Middleboxes that process confidential data cannot be securely deployed in untrusted cloud environments. To securely outsource middleboxes to the cloud, state-of-the-art systems advocate network processing over the encrypted traffic. Unfortunately, these ...
PivotWall: SDN-Based Information Flow Control
Advanced Persistent Threats (APTs) commonly use stepping stone attacks that allow the adversary to move laterally undetected within an enterprise network towards a target. Existing network security techniques provide limited protection against such ...
Uncovering Bugs in P4 Programs with Assertion-based Verification
Recent trends in software-defined networking have extended network programmability to the data plane through programming languages such as P4. Unfortunately, the chance of introducing bugs in the network also increases significantly in this new context. ...
p4pktgen: Automated Test Case Generation for P4 Programs
With the rise of programmable network switches, network infrastructure is becoming more flexible and more capable than ever before. Programming languages such as P4 lower the barrier for changing the inner workings of network switches and offer a ...
Software Resolved Networks: Rethinking Enterprise Networks with IPv6 Segment Routing
Enterprise networks often need to implement complex policies that match business objectives. They will embrace IPv6 like ISP networks in the coming years. Among the benefits of IPv6, the recently proposed IPv6 Segment Routing (SRv6) architecture ...
Pausing and Resuming Network Flows using Programmable Buffers
The emerging 5G networks and applications require network traffic to be buffered at different points in a wide area network with different policies based on user mobility, usage patterns, device and application types. Existing Software Defined Network (...
Network-Wide Heavy Hitter Detection with Commodity Switches
Many network monitoring tasks identify subsets of traffic that stand out, e.g., top-k flows for a particular statistic. A Protocol Independent Switch Architecture (PISA) switch can identify these "heavy hitter" flows directly in the data plane, by ...
How to implement complex policies on existing network infrastructure
Transport networks satisfy requests to forward data in a given topology. At the level of a network element, forwarding decisions are defined by flows. To implement desired data properties during forwarding, a network operator imposes economic models by ...
Life in the Fast Lane: A Line-Rate Linear Road
This paper explores the question: what abstractions are needed to support a more general form of stateful processing in programmable forwarding planes? It argues that we should look for clues from the domain of stream processing. As a case study, it ...
YATES: Rapid Prototyping for Traffic Engineering Systems
This paper presents the design and implementation of Yates, a software framework that seeks to dramatically lower the cost of experimenting with different traffic engineering approaches. Yates offers a suite of tools that make it possible to rapidly ...
NS4: Enabling Programmable Data Plane Simulation
Network simulation plays a crucial role in the field of network research, education, and industry. However, before conducting a simulation on traditional network simulators, operators need to develop a simulative behavioral model, which requires ...
Oko: Extending Open vSwitch with Stateful Filters
With the Software-Defined Networking paradigm, software switches emerged as the new edge of datacenter networks. The widely adopted Open vSwitch implements the OpenFlow forwarding model; its simple match-action abstraction eases network management, ...
Probius: Automated Approach for VNF and Service Chain Analysis in Software-Defined NFV
As the complexity of modern networks increases, virtualization techniques, such as software-defined networking (SDN) and network function virtualization (NFV), get highlighted to achieve various network management and operating requirements. However, ...
Hardware-assisted Isolation in a Multi-tenant Function-based Dataplane
Existing software dataplanes that run network functions inside VMs or containers can provide either performance (by dedicating CPU cores) or multiplexing (by context switching), but not both at once. Function-based dataplane architectures by replacing ...
Instrumenting Open vSwitch with Monitoring Capabilities: Designs and Challenges
Recent advances in Software-Defined Networking (SDN) have enabled flexible and programmable network measurement. A promising trend is to conduct network traffic measurement on widely deployed Open vSwitches (OVS) in data centers. However, little ...
SDProber: A Software Defined Prober for SDN
Proactive measurement of the delay in communication networks aims to detect congestion as early as possible and find links on which the traffic flow is obstructed. There is, however, a tradeoff between detection time and cost (e.g., bandwidth ...
A Comparison of Performance and Accuracy of Measurement Algorithms in Software
Many network functions are moving from hardware to software to get better programmability and lower cost. Measurement is critical to most network functions because getting detailed information about traffic is often the first step to make control ...
A Zero Flow Entry Expiration Timeout P4 Switch
Existing OpenFlow based flow expiry mechanisms rely on a fixed timeout after which the switch proactively removes the flow entries from its flow table. Assigning an appropriate value to this timeout presents a tradeoff between efficient flow table ...
OpenNetVM: A Platform for High Performance NFV Service Chains
Middleboxes in traditional networks relied on purpose-built hardware/software appliances to run data plane services, making it difficult for networks to evolve. OpenNetVM seeks to address this problem by offering a flexible Network Function ...
SBAR: SDN flow-Based monitoring and Application Recognition
We present SBAR, a monitoring system compliant with OpenFlow that provides flow-level measurement reports similar to those of NetFlow in traditional networks, but additionally enriched with labels that classify flows at the application layer. For the ...
Umbrella: a deployable SDN-enabled IXP Switching Fabric
- Marc Bruyere,
- Remy Lapeyrade,
- Eder L. Fernandes,
- Ignacio Castro,
- Steve Uhlig,
- Andrew W. Moore,
- Gianni Antichi
Software Defined internet eXchange Points (SDXs) are a promising solution to the long-standing limitations and problems of interdomain routing. While proposed SDX architectures have improved the scalability of the control plane, these solutions have ...
Recommendations
Acceptance Rates
Year | Submitted | Accepted | Rate |
---|---|---|---|
SOSR '15 | 43 | 7 | 16% |
Overall | 43 | 7 | 16% |