Data plane programming in networks.

Modern computer networks must continually adapt to evolving requirements driven by the exponential growth of the Internet and its applications. Networks must be able to adapt to new technologies in a scalable manner, while maintaining cost efficiency. Network programmability allows users (typically...

Olles dieđut

Furkejuvvon:
Bibliográfalaš dieđut
Váldodahkki: Brandino, Belén (author)
Materiálatiipa: masterThesis
Giella:eaŋgalasgiella
Almmustuhtton: 2024
Fáttát:
Liŋkkat:https://hdl.handle.net/20.500.12008/48137
Fáddágilkorat: Lasit fáddágilkoriid
Eai fáddágilkorat, Lasit vuosttaš fáddágilkora!
Govvádus
Čoahkkáigeassu:Modern computer networks must continually adapt to evolving requirements driven by the exponential growth of the Internet and its applications. Networks must be able to adapt to new technologies in a scalable manner, while maintaining cost efficiency. Network programmability allows users (typically network operators) to modify the functionality of network devices, defining the packet processing to their specific needs, without relying on vendor-provided solutions. Furthermore, there is a new computing trend known as “in-network computing”, which leverages network programmability not only for connectivity but also for computation. In this way, the network devices stop being treated as mere forwarding entities, taking advantage of their capabilities, contributing to task offloading, decentralization and faster decision-making. This work introduces the key concepts of network programmability, along with the technologies, languages and hardware that make it possible. Then, a complex software solution is introduced to demonstrate the potential and complexity of applications enabled by this concept. In particular, an Intru- sion Detection System (IDS) was implemented to detect abnormal traffic at flow level directly on the network device. This approach incorporates Machine Learning (ML) by developing a simple ML model on the switch, to make quick decisions (at line-rate) about traffic, when there is sufficient confidence. Oth- erwise, it defers to an external oracle that uses a more powerful ML model with additional training data. Based on the oracle’s decisions, the network device can go through the retraining process, with hopes of reducing reliance on the oracle over time. Finally, to validate the potential hardware implementation of this problem, a small proof-of-concept was carried out on. Both proof-of- concepts were implemented using the most popular data plane programming language: P4 (Programming protocol-independent packet processors).