research-article

A Framework for In-network Inference using P4

Authors:

Huu Nghia Nguyen,

Manh-Dung Nguyen,

Edgardo Montes de OcaAuthors Info & Claims

ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security

Article No.: 175, Pages 1 - 6

https://doi.org/10.1145/3664476.3670453

Published: 30 July 2024 Publication History

Abstract

Machine Learning (ML) has been widely used in network security monitoring. Although, its application to data intensive use cases and those requiring ultra-low latency remains challenging. This is due to the large amounts of network data and the need of transferring data to a central location hosting analysis services. In this paper, we present a framework to perform in-network analysis by offloading ML inference tasks from end servers to P4-capable programmable network devices. This helps reduce transfer latency and, thus, allows faster attack detection and mitigation. It also improves privacy since the data is processed at the networking devices. The paper also presents an experimental use-case of the framework to classify network traffic, and to early detect and rapidly mitigate against IoT malicious traffic.

References

[1]

Aristide Tanyi-jong Akem, Guillaume Fraysse, and Marco Fiore. 2024. Encrypted Traffic Classification at Line Rate in Programmable Switches with Machine Learning. In Proc. of NOMS.

[2]

Alejandro Barredo Arrieta 2020. Explainable Artificial Intelligence (XAI): Concepts, taxonomies, opportunities and challenges toward responsible AI. Information fusion (2020).

[3]

Pat Bosshart, Dan Daly, Glen Gibb, Martin Izzard, Nick McKeown, Jennifer Rexford, Cole Schlesinger, Dan Talayco, Amin Vahdat, George Varghese, and David Walker. 2014. P4: Programming Protocol-Independent Packet Processors. Computer Communication Review 44, 3 (2014), 87–95.

Digital Library

[4]

Pat Bosshart, Glen Gibb, Hun-Seok Kim, George Varghese, Nick McKeown, Martin Izzard, Fernando Mujica, and Mark Horowitz. 2013. Forwarding Metamorphosis: Fast Programmable Match-Action Processing in Hardware for SDN. In Proc. of SIGCOMM.

Digital Library

[5]

Livadas Carl, R Walsh, D Lapsley, and WT Strayer. 2006. Using machine learning technliques to identify botnet traffic. In Local Computer Networks, Proceedings 2006 31st IEEE Conference on. IEEE.

[6]

Hossein Doroud, Ahmad Alaswad, and Falko Dressler. 2022. Encrypted Traffic Detection: Beyond the Port Number Era. In 2022 IEEE 47th Conference on Local Computer Networks (LCN). 198–204.

[7]

Jong hyouk Lee and Kamal Sigh. 2020. SwitchTree: In-network Computing and Traffic Analyses with Random Forests. Neural Computing and Applications (2020).

[8]

Fabian Ihle, Steffen Lindner, and Michael Menth. 2023. P4-PSFP: P4-Based Per-Stream Filtering and Policing for Time-Sensitive Networking. (2023).

[9]

Sándor Laki, Radostin Stoyanov, Dávid Kis, Robert Soulé, Péter Vörös, and Noa Zilberman. 2021. P4Pi: P4 on Raspberry Pi for networking education. SIGCOMM Comput. Commun. Rev. 51, 3 (jul 2021), 17–21.

Digital Library

[10]

Scott M Lundberg and Su-In Lee. 2017. A unified approach to interpreting model predictions. Advances in neural information processing systems 30 (2017).

[11]

Huu Nghia Nguyen, Bertrand Mathieu, Marius Letourneau, and Guillaume Doyen. 2023. A Comprehensive P4-based Monitoring Framework for L4S leveraging In-band Network Telemetry. In Proc. of NOMS.

[12]

Manh-Dung Nguyen, Anis Bouaziz, Valeria Valdes, Ana Rosa Cavalli, Wissam Mallouli, and Edgardo Montes De Oca. 2023. A deep learning anomaly detection framework with explainability and robustness. In Proceedings of the 18th International Conference on Availability, Reliability and Security(ARES ’23).

Digital Library

[13]

F. Paolucci, F. Civerchia, A. Sgambelluri, A. Giorgetti, F. Cugini, and P. Castoldi. 2019. P4 edge node enabling stateful traffic engineering and cyber security. Journal of Optical Communications and Networking 11, 1 (2019), A94–A95.

[14]

Ricardo Parizotto and Israat Haque. 2024. Offloading Machine Learning to Programmable Data Planes: A Systematic Survey. January 2024 (2024).

[15]

Marco Tulio Ribeiro, Sameer Singh, and Carlos Guestrin. 2016. " Why should I trust you?" Explaining the predictions of any classifier. In Proc. of SIGKDD. 1135–1144.

[16]

Iman Sharafaldin, Arash Habibi Lashkari, Ali A Ghorbani, 2018. Toward generating a new intrusion detection dataset and intrusion traffic characterization.Proc. of ICISSP 1, 108–116.

[17]

W Timothy Strayer, David E Lapsley, Robert Walsh, and Carl Livadas. 2008. Botnet detection based on network behavior.Botnet detection 36, August (2008), 1–24.

[18]

Sandra Wachter, Brent Mittelstadt, and Chris Russell. 2017. Counterfactual explanations without opening the black box: Automated decisions and the GDPR. Harv. JL & Tech. 31 (2017), 841.

[19]

Z Xiong and N Zilberman. 2019. Do Switches Dream of Machine Learning? Toward In-Network Classification. Proc. of HotNets, 25–33.

Digital Library

[20]

Mingyuan Zang, Changgang Zheng, Lars Dittmann, and Noa Zilberman. 2023. Towards Continuous Threat Defense: In-Network Traffic Analysis for IoT Gateways. IEEE Internet of Things Journal 11, 6 (2023), 9244–9257.

[21]

Changgang Zheng, Damu Ding, Shay Vargaftik, and Yaniv Ben-itzhak. 2023. In-Network Machine Learning Using Programmable Network Devices : A Survey. EEE Communications Surveys & Tutorials (2023), 1–35.

Cited By

La VMallouli WNguyen Mde Oca ECavalli AVörös PKecskeméti KAlshawki MLaki SLalas AKalafatidis SMpatziakas AMakris NDrosou A(2024)Enhancing IoT Security in 6G Networks: AI-Based Intrusion Detection, Penetration Testing, and Blockchain-Based Trust Management (Work-in-Progress Paper)Internet of Things. 7th IFIPIoT 2024 International IFIP WG 5.5 Workshops10.1007/978-3-031-82065-6_5(53-67)Online publication date: 29-Dec-2024
https://doi.org/10.1007/978-3-031-82065-6_5

Index Terms

A Framework for In-network Inference using P4

Index terms have been assigned to the content through auto-classification.

Recommendations

SECAP Switch—Defeating Topology Poisoning Attacks Using P4 Data Planes
Abstract
Programmable networking is evolving from programmable control plane solutions such as OpenFlow-based software-defined networking (SDN) to programmable data planes such as P4-based SDN. To support the functionality of the SDN, the correct view of ...
Cyber Attack Detection in IoT Networks with Small Samples: Implementation And Analysis
Advanced Data Mining and Applications
Abstract
Securing Internet of Things networks from cyber security attacks is essential for preventing data loss and safeguarding backbone networks. The resource-constrained nature of the sensor nodes used in the IoT makes them vulnerable to various ...
DroPPPP: A P4 Approach to Mitigating DoS Attacks in SDN
Information Security Applications
Abstract
Software-Defined Networking (SDN) has proven itself a useful technology for establishing and managing configurable, dynamic networks with the rapid deployment of services in the past decade. Despite these advantages, the fact that the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security

July 2024

2032 pages

ISBN:9798400717185

DOI:10.1145/3664476

Copyright © 2024 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 July 2024

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

This work is partially supported by the INFLUENCE project
This work is partially supported by the European Union?s Horizon Europe research and innovation program under grant agreements Numbers 101096504 (DETERMINISTIC6G)
This work is partially supported by the European Union?s Horizon Europe research and innovation program under grant agreements Numbers 101070450 (AI4CYBER)

Conference

ARES 2024

ARES 2024: The 19th International Conference on Availability, Reliability and Security

July 30 - August 2, 2024

Vienna, Austria

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
116
Total Downloads

Downloads (Last 12 months)116
Downloads (Last 6 weeks)37

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

La VMallouli WNguyen Mde Oca ECavalli AVörös PKecskeméti KAlshawki MLaki SLalas AKalafatidis SMpatziakas AMakris NDrosou A(2024)Enhancing IoT Security in 6G Networks: AI-Based Intrusion Detection, Penetration Testing, and Blockchain-Based Trust Management (Work-in-Progress Paper)Internet of Things. 7th IFIPIoT 2024 International IFIP WG 5.5 Workshops10.1007/978-3-031-82065-6_5(53-67)Online publication date: 29-Dec-2024
https://doi.org/10.1007/978-3-031-82065-6_5

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Figures

Tables

Media

View Table of Conten