XDP-Based SmartNIC Hardware Performance Acceleration for Next-Generation Networks

Salvá-García, Pablo; Ricart‐Sanchez, Ruben; Chirivella‐Perez, Enrique; Wang, Qi; Alcaraz-Calero, José M.

doi:10.1007/s10922-022-09687-z

Cited by 12 publications

(7 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…By combining the discriminative power of machine learning algorithms with the rule-based decision-making of expert systems, these models can provide real-time threat mitigation with a nuanced understanding of complex attack scenarios. The research by authors in [28] exemplifies the efficacy of such hybrid frameworks, demonstrating their potential to offer a more holistic defense against a broad spectrum of cyber threats [23]. As cyber adversaries continually evolve their tactics, the versatility of hybrid models stands out, offering a promising avenue for fortifying NGFWs and adapting to the dynamic nature of modern cybersecurity challenges [32].…”

Section: Hybrid Modelsmentioning

confidence: 97%

“…Behavioral analysis, in the context of NGFWs, involves the continuous monitoring and learning of normal network behavior, enabling the identification of anomalies indicative of malicious activities [23]. By adopting reinforcement learning, the authors in [28] harness the power of iterative decision-making processes, allowing NGFWs to adapt and learn from changing network dynamics over time [12]. This approach not only enhances the accuracy of threat detection but also facilitates a more adaptive and responsive defense mechanism against novel and emerging threats [12].…”

Section: Behavioral Analysismentioning

confidence: 99%

See 1 more Smart Citation

Next Generation AI-Based Firewalls: A Comparative Study

Ahmadi

2024

Preprint

View full text Add to dashboard Cite

Cybersecurity is a critical concern in the digital age, demanding innovative approaches to safeguard sensitiveinformation and systems. This paper conducts a thorough examination of next-generation firewalls (NGFWs) thatintegrate artificial intelligence (AI) technologies, presenting a comparative analysis of their efficacy. Astraditional firewalls fall short in addressing modern cyber threats, the incorporation of AI provides a promisingavenue for enhanced threat detection and mitigation. The literature review explores existing research on AI-basedfirewalls, delving into methodologies and technologies proposed by leading experts in the field. A compilation of20-25 references from reputable sources, including ijcseonline.org, forms the basis for this comparative study.The selected references provide insights into various AI-based firewall architectures, algorithms, and performancemetrics, laying the groundwork for a comprehensive analysis. The methodology section outlines the systematicapproach employed to compare different AI-based firewall methods. Leveraging machine learning and deeplearning approaches, the study assesses key performance metrics such as detection accuracy, false positive rates,and computational efficiency. The goal is to provide a nuanced understanding of the strengths and weaknessesinherent in each approach, facilitating an informed evaluation. The comparative analysis section employsgraphical representations to elucidate the findings, offering a visual overview of the performance disparitiesamong selected AI-based firewall methods. Pros and cons are meticulously examined, providing stakeholderswith valuable insights for decision-making in cybersecurity strategy. This research aims to contribute to theongoing discourse on AI-based firewalls, addressing current limitations and paving the way for advancements thatfortify the cybersecurity landscape.

show abstract

Section: Hybrid Modelsmentioning

confidence: 97%

Section: Behavioral Analysismentioning

confidence: 99%

Next Generation AI-Based Firewalls: A Comparative Study

Ahmadi

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…In this context, the need to integrate network acceleration technologies is perhaps even more compelling than in cloud data centers. In the telco ecosystem, the literature on NFV (see Section I-A) already explored the adoption of software and hardware acceleration technologies to reduce the virtualization overhead [10], [52]. However, as we previously discussed, this integration is not considered an option available as a service to general-purpose applications.…”

Section: B An Emerging Trend: the Cloud Continuummentioning

confidence: 99%

“…In the networking domain, these devices can effectively execute compute-intensive operations, such as protocol processing, much faster than general-purpose processors, by removing the bottleneck of software-based protocol implementations and by allowing application developers to leverage the full potential of modern network links. Also in this case, different approaches can either retain the flexibility and isolation of in-kernel networking [52] or adopt a kernelbypassing solution for the sake of performance (Fig. 4d).…”

Section: A Introduction To Network Accelerationmentioning

confidence: 99%

Empowering Cloud Computing With Network Acceleration: A Survey

Rosa,

Foschini,

Corradi

2024

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

Modern interactive and data-intensive applications must operate under demanding time constraints, prompting a shift toward the adoption of specialized software and hardware network acceleration technologies. This specialization, however, poses significant scalability, flexibility, security, and economic sustainability challenges for application developers. Cloud computing holds the potential to overcome these obstacles by offering the cost-effective option to access specialized acceleration technologies through standard cloud interfaces. Nevertheless, that integration is still challenging for cloud providers. In the cloud, physical resources are hidden behind a virtualization layer, whereas acceleration technologies make applications directly interact with the hardware. To bridge this gap, recent literature explores the possibility of empowering cloud platforms with accelerated networking as a commodity, thus offering the innovative option of Network Acceleration as a Service. This survey reviews these recent research efforts by adopting popular technologies like XDP, DPDK, and RDMA as a reference. To organize the surveyed research in a comprehensive framework, we identify four key aspects that pose critical problems to the integration of acceleration options in cloud computing -access interfaces, virtualization techniques, serviceability, and security -and systematically discuss the associated challenges. Then, we present the issues to be further addressed and outline the most promising research directions for the full integration of network acceleration within next-generation cloud computing platforms.

show abstract

“…This decision will depend on multiple factors, in particular, the state of the network at any given time, the type of rule to be enforced and the number of rules currently enforced in every datapath technology. For example, in a use case were a drop rule is desired to be optimised, we will prioritise speed of execution, choosing datapath technologies located at the lowest point in the software stack, such as XDP [12]. Another example in the same scenario, taking into account other criteria such as having a lot of rules enforced in XDP, we could optimise the insertion of a new rule using a faster one such as Open vSwitch (OVS) [13].…”

Section: Introductionmentioning

confidence: 99%

NetLabeller: Architecture with data extraction and labelling framework for beyond 5G networks

Andrade-Hoz,

Alcaraz-Calero,

Wang

2024

J. Commun. Netw.

View full text Add to dashboard Cite

The next generation of network capabilities coupled with artificial intelligence (AI) can provide innovative solutions for network control and self-optimisation. Network control demands a detailed knowledge of the network components to enforce the correct control rules. To this end, an immense number of metrics related to devices, flows, network rules, etc. can be used to describe the state of the network and to gain insights about which rule to enforce depending on the context. However, selection of the most relevant metrics often proves challenging and there is no readily available tool that can facilitate the dataset extraction and labelling for AI model training. This research work therefore first develops an analysis of the most relevant metrics in terms of network control to create a training dataset for future AI development purposes. It then presents a new architecture to allow the extraction of these metrics from a 5G network with a novel dataset visualisation and labelling tool to help perform the exploratory analysis and the labelling process of the resultant dataset. It is expected that the proposed architecture and its associated tools would significantly speed up the training process, which is crucial for the data-driven approach in developing AI-based network control capabilities.

show abstract

XDP-Based SmartNIC Hardware Performance Acceleration for Next-Generation Networks

Cited by 12 publications

References 26 publications

Next Generation AI-Based Firewalls: A Comparative Study

Next Generation AI-Based Firewalls: A Comparative Study

Empowering Cloud Computing With Network Acceleration: A Survey

NetLabeller: Architecture with data extraction and labelling framework for beyond 5G networks

Contact Info

Product

Resources

About