Visible to the public Biblio

Filters: Keyword is programmable networks  [Clear All Filters]
2020-04-06
Kumar, Rakesh, Babu, Vignesh, Nicol, David.  2018.  Network Coding for Critical Infrastructure Networks. 2018 IEEE 26th International Conference on Network Protocols (ICNP). :436–437.
The applications in the critical infrastructure systems pose simultaneous resilience and performance requirements to the underlying computer network. To meet such requirements, the networks that use the store-and-forward paradigm poses stringent conditions on the redundancy in the network topology and results in problems that becoming computationally challenging to solve at scale. However, with the advent of programmable data-planes, it is now possible to use linear network coding (NC) at the intermediate network nodes to meet resilience requirements of the applications. To that end, we propose an architecture that realizes linear NC in programmable networks by decomposing the linear NC functions into the atomic coding primitives. We designed and implemented the primitives using the features offered by the P4 ecosystem. Using an empirical evaluation, we show that the theoretical gains promised by linear network coding can be realized with a per-packet processing cost.
2017-06-05
Cox, Jr., Jacob H., Clark, Russell J., Owen, III, Henry L..  2016.  Leveraging SDN to Improve the Security of DHCP. Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization. :35–38.

Current State of the art technologies for detecting and neutralizing rogue DHCP servers are tediously complex and prone to error. Network operators can spend hours (even days) before realizing that a rogue server is affecting their network. Additionally, once network operators suspect that a rogue server is active on their network, even more hours can be spent finding the server's MAC address and preventing it from affecting other clients. Not only are such methods slow to eliminate rogue servers, they are also likely to affect other clients as network operators shutdown services while attempting to locate the server. In this paper, we present Network Flow Guard (NFG), a simple security application that utilizes the software defined networking (SDN) paradigm of programmable networks to detect and disable rogue servers before they are able to affect network clients. Consequently, the key contributions of NFG are its modular approach and its automated detection/prevention of rogue DHCP servers, which is accomplished with little impact to network architecture, protocols, and network operators.