LAMP: Prompt Layer 7 Attack Mitigation with Programmable Data Planes

Grigoryan, Garegin; Liu, Yaoqing

doi:10.1109/nca.2018.8548136

Cited by 5 publications

(4 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…DIDA and DroPPPP introduce blacklists to indicate malicious traffic for further dropping. Moreover, in [73], [77], [80], authors also apply the dropping action after parsing the incoming packets and checking them against a blacklist. Similarly, in [72], [75], authors introduce Firewalls that apply dropping to traffic that matches ban lists.…”

Section: ) Droppingmentioning

confidence: 99%

“…For works such as [51], [55], [49], and [63], authors used BMv2 switches to extract relevant traffic features in order to apply detection mechanisms through ML algorithms. Moreover, in P4-based security solutions such as [77], [42], [37], [81], [83], [45], [38] and [58], authors took advantage of BMv2 switches aiming to design a testing environment to evaluate the performance of the corresponding P4 detection and mitigation strategies.…”

Section: ) Bmv2mentioning

confidence: 99%

“…Ndonda et al [76] 2018 Two level defense, the first level drops malicious packets and redirects unknown packets to a second level functioning as an IDS that further analyses traffic. Grigoryan et al [77] 2018 LAMP defines a collaborative DP defense through a custom header embedding an alarm to drop malicious packets at the edge of the network. Paolucci et al [37] 2019 P4-programmable switch at the edge that applies dropping to malicious packets while implementing traffic offloading to dynamically reroute traffic when a threshold rate is surpassed.…”

Section: ) Baretoot-intel Tofinomentioning

confidence: 99%

See 2 more Smart Citations

P4 Cybersecurity Solutions: Taxonomy and Open Challenges

Garzón,

Ríos-Guiral,

Leal

et al. 2024

IEEE Access

View full text Add to dashboard Cite

The field of cybersecurity has witnessed a significant shift towards Programmable Data Planes with the emergence of the P4 programming P4. The existing literature lacks a comprehensive taxonomy that provides collaborative classifications and characterization of P4-based cybersecurity solutions. In this paper, we propose a novel taxonomy to better characterize published works in the field of cybersecurity solutions developed leveraging P4 and Programmable Data Planes. Our taxonomy introduces three main categories: detection techniques, mitigation actions, and deployment platforms. Unlike existing classification approaches present in literature, our taxonomy allows categorizing a given work according to different criteria, thus enabling collaborative classifications and the identification of shared features by highlighting intra-category and inter-category relationships that can be established among different works. Through our comprehensive characterization of the works identified in the literature, we present key findings that contribute to extend the current understanding of the field. By identifying the diverse range of techniques employed and the platforms utilized, we aim at addressing the needs to understand the area, which is fundamental for future advancements. Notably, we emphasize the significance of security provisioning through the adoption of cybersecurity functional abstractions. These abstractions enable the emulation of the behavior of conventional security devices, leveraging the capabilities of P4. Furthermore, we discuss several research challenges and possible future directions that have emerged from our analysis. This paper focuses on providing valuable insights and knowledge for researchers and practitioners in the field of cybersecurity solutions based on Programmable Data Planes leveraging P4, with the final goal of opening avenues for new research.

show abstract

Section: ) Droppingmentioning

confidence: 99%

Section: ) Bmv2mentioning

confidence: 99%

Section: ) Baretoot-intel Tofinomentioning

confidence: 99%

See 1 more Smart Citation

P4 Cybersecurity Solutions: Taxonomy and Open Challenges

Garzón,

Ríos-Guiral,

Leal

et al. 2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…DDoS Attack. Grigoryan et al [67] propose a cooperative mitigation mechanism for DDoS attacks, LAMP (Layer 7 Attack Mitigation with Programmable data planes), which relies on information from the application layer. If a host detects a DDoS attack on the application layer, an attack flag will be padded to the IP option header field of a packet, and the packet will be sent to the ingress switch.…”

Section: Availabilitymentioning

confidence: 99%

A Review of P4 Programmable Data Planes for Network Security

Gao

Wang

2021

Mobile Information Systems

View full text Add to dashboard Cite

Network attacks show a trend of increased attack intensity, enhanced diversity, and more concealed attack methods, which put forward higher requirements for the performance of network security equipment. Unlike the SDN (software defined network) switch with a fixed-function data plane, switches with programmable data planes can help users realize more network protocols. Programming Protocol-independent Packet Processors (P4) is proposed to define the operations of the data plane and to implement user’s applications, e.g., data center networks, security, or 5G. This paper provides a review of research papers on solving network security problems with P4-based programmable data plane. The work can be organized into two parts. In the first part, the programming language P4, P4 program, architectures, P4 compilers, P4 Runtime, and P4 target are introduced according to the workflow model. The advantages of P4-based programmable switching in solving network security are analyzed. In the second part, the existing network security research papers are divided into four parts according to the perspectives of passive defense, active defense, and combination of multiple technologies. The schemes in each category are compared, and the core ideas and limitations are clarified. In addition, a detailed comparison is made for the research on the performance of P4 targets. Finally, trends and challenges related to the P4-based programmable data plane are discussed.

show abstract

IOT-Based Traffic Signal Violation and Over Speed Recognition

Aswatha

Shwetha

2021

Lecture Notes in Networks and Systems

View full text Add to dashboard Cite

LAMP: Prompt Layer 7 Attack Mitigation with Programmable Data Planes

Cited by 5 publications

References 26 publications

P4 Cybersecurity Solutions: Taxonomy and Open Challenges

P4 Cybersecurity Solutions: Taxonomy and Open Challenges

A Review of P4 Programmable Data Planes for Network Security

IOT-Based Traffic Signal Violation and Over Speed Recognition

Contact Info

Product

Resources

About