P4ID: P4 Enhanced Intrusion Detection

Benjamin Lewis; Matthew Broadbent; Nicholas Race

doi:10.1109/NFV-SDN47374.2019.9040044

P4ID: P4 Enhanced Intrusion Detection

Benjamin Lewis
, Matthew Broadbent
, Nicholas Race

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

26 Citations (Scopus)

Abstract

The growth in scale and capacity of networks in recent years leads to challenges of positioning and scalability of Intrusion Detection Systems (IDS). With the flexibility afforded by programmable dataplanes, it is now possible to perform a new level of intrusion detection in switches themselves. We present P4ID, combining a rule parser, stateless and stateful packet processing using P4, and evaluate it using publicly available datasets. We show that using this technique, we can achieve a significant reduction in traffic being processed by an IDS.

Original language	English
Title of host publication	IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings
Editors	Larry Horner, Kurt Tutschku, Fabrizio Granelli, Yuji Sekiya, Marco Tacca, Deval Bhamare, Helge Parzyjegla
ISBN (Electronic)	9781728145457
DOIs	https://doi.org/10.1109/NFV-SDN47374.2019.9040044
Publication status	Print publication - Nov 2019
Externally published	Yes

Publication series

Name	IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings

Bibliographical note

Publisher Copyright:
© 2019 IEEE.

Access to Document

10.1109/NFV-SDN47374.2019.9040044

Cite this

Lewis, B., Broadbent, M., & Race, N. (2019). P4ID: P4 Enhanced Intrusion Detection. In L. Horner, K. Tutschku, F. Granelli, Y. Sekiya, M. Tacca, D. Bhamare, & H. Parzyjegla (Eds.), IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings Article 9040044 (IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings). https://doi.org/10.1109/NFV-SDN47374.2019.9040044

Lewis, Benjamin ; Broadbent, Matthew ; Race, Nicholas. / P4ID : P4 Enhanced Intrusion Detection. IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings. editor / Larry Horner ; Kurt Tutschku ; Fabrizio Granelli ; Yuji Sekiya ; Marco Tacca ; Deval Bhamare ; Helge Parzyjegla. 2019. (IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings).

@inproceedings{f20bebbb207b4267907b4ce7373e14ed,

title = "P4ID: P4 Enhanced Intrusion Detection",

abstract = "The growth in scale and capacity of networks in recent years leads to challenges of positioning and scalability of Intrusion Detection Systems (IDS). With the flexibility afforded by programmable dataplanes, it is now possible to perform a new level of intrusion detection in switches themselves. We present P4ID, combining a rule parser, stateless and stateful packet processing using P4, and evaluate it using publicly available datasets. We show that using this technique, we can achieve a significant reduction in traffic being processed by an IDS.",

author = "Benjamin Lewis and Matthew Broadbent and Nicholas Race",

note = "Publisher Copyright: {\textcopyright} 2019 IEEE.",

year = "2019",

month = nov,

doi = "10.1109/NFV-SDN47374.2019.9040044",

language = "English",

isbn = "9781728145457",

series = "IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings",

editor = "Larry Horner and Kurt Tutschku and Fabrizio Granelli and Yuji Sekiya and Marco Tacca and Deval Bhamare and Helge Parzyjegla",

booktitle = "IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings",

}

Lewis, B, Broadbent, M & Race, N 2019, P4ID: P4 Enhanced Intrusion Detection. in L Horner, K Tutschku, F Granelli, Y Sekiya, M Tacca, D Bhamare & H Parzyjegla (eds), IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings., 9040044, IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings. https://doi.org/10.1109/NFV-SDN47374.2019.9040044

P4ID: P4 Enhanced Intrusion Detection. / Lewis, Benjamin; Broadbent, Matthew; Race, Nicholas.
IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings. ed. / Larry Horner; Kurt Tutschku; Fabrizio Granelli; Yuji Sekiya; Marco Tacca; Deval Bhamare; Helge Parzyjegla. 2019. 9040044 (IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - P4ID

T2 - P4 Enhanced Intrusion Detection

AU - Lewis, Benjamin

AU - Broadbent, Matthew

AU - Race, Nicholas

PY - 2019/11

Y1 - 2019/11

N2 - The growth in scale and capacity of networks in recent years leads to challenges of positioning and scalability of Intrusion Detection Systems (IDS). With the flexibility afforded by programmable dataplanes, it is now possible to perform a new level of intrusion detection in switches themselves. We present P4ID, combining a rule parser, stateless and stateful packet processing using P4, and evaluate it using publicly available datasets. We show that using this technique, we can achieve a significant reduction in traffic being processed by an IDS.

AB - The growth in scale and capacity of networks in recent years leads to challenges of positioning and scalability of Intrusion Detection Systems (IDS). With the flexibility afforded by programmable dataplanes, it is now possible to perform a new level of intrusion detection in switches themselves. We present P4ID, combining a rule parser, stateless and stateful packet processing using P4, and evaluate it using publicly available datasets. We show that using this technique, we can achieve a significant reduction in traffic being processed by an IDS.

UR - https://research.lancaster-university.uk/en/publications/ff165fa5-0086-4e55-82bb-cde539cb162f

UR - https://www.scopus.com/pages/publications/85082994393

U2 - 10.1109/NFV-SDN47374.2019.9040044

DO - 10.1109/NFV-SDN47374.2019.9040044

M3 - Conference contribution

SN - 9781728145457

T3 - IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings

BT - IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings

A2 - Horner, Larry

A2 - Tutschku, Kurt

A2 - Granelli, Fabrizio

A2 - Sekiya, Yuji

A2 - Tacca, Marco

A2 - Bhamare, Deval

A2 - Parzyjegla, Helge

ER -

Lewis B, Broadbent M, Race N. P4ID: P4 Enhanced Intrusion Detection. In Horner L, Tutschku K, Granelli F, Sekiya Y, Tacca M, Bhamare D, Parzyjegla H, editors, IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings. 2019. 9040044. (IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2019 - Proceedings). doi: 10.1109/NFV-SDN47374.2019.9040044

P4ID: P4 Enhanced Intrusion Detection

Abstract

Publication series

Bibliographical note

Access to Document

Other files and links

Fingerprint

Cite this