Data-plane security applications in adversarial settings

High-speed programmable switches have emerged as a promising building block for developing performant data-plane applications. In this paper, we argue that the resource constraints and programming model in hardware switches has led to developers adopting problematic design patterns, whose security implications are not widely understood. We bridge the gap by identifying the major challenges and common design pitfalls in switch-based applications in adversarial settings. Examining six recently-proposed switch-based security applications, we nd that adversaries can exploit these design pitfalls to completely bypass the protection these applications were designed to provide, or disrupt system operations by introducing collateral damage.

[1]  Philippe Flajolet,et al.  Birthday Paradox, Coupon Collectors, Caching Algorithms and Self-Organizing Search , 1992, Discret. Appl. Math..

[2]  Anirudh Sivaraman,et al.  Switch Code Generation Using Program Synthesis , 2020, SIGCOMM.

[3]  Georg Carle,et al.  Me Love (SYN-)Cookies: SYN Flood Mitigation in Programmable Data Planes , 2020, ArXiv.

[4]  Costin Raiciu,et al.  bf4: towards bug-free P4 programs , 2020, SIGCOMM.

[5]  Vladimir Braverman,et al.  One Sketch to Rule Them All: Rethinking Network Flow Monitoring with UnivMon , 2016, SIGCOMM.

[6]  Minlan Yu,et al.  Lyra: A Cross-Platform Language and Compiler for Data Plane Programming on Heterogeneous ASICs , 2020, SIGCOMM.

[7]  Jianping Wu,et al.  Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches , 2020, NDSS.

[8]  Costin Raiciu,et al.  Debugging P4 programs with vera , 2018, SIGCOMM.

[9]  Jiarong Xing,et al.  Probabilistic profiling of stateful data planes for adversarial testing , 2021, ASPLOS.

[10]  Noa Zilberman,et al.  P4DNS: In-Network DNS , 2019, 2019 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[11]  Peter M. Athanas,et al.  p4pktgen: Automated Test Case Generation for P4 Programs , 2018, SOSR.

[12]  Alvin Cheung,et al.  Packet Transactions: High-Level Programming for Line-Rate Switches , 2015, SIGCOMM.

[13]  Ankit Singla,et al.  (Self) Driving Under the Influence: Intoxicating Adversarial Network Inputs , 2019, HotNets.

[14]  Minlan Yu,et al.  Jaqen: A High-Performance Switch-Native Approach for Detecting and Mitigating Volumetric DDoS Attacks with Programmable Switches , 2021, USENIX Security Symposium.

[15]  S. Muthukrishnan,et al.  Heavy-Hitter Detection Entirely in the Data Plane , 2016, SOSR.

[16]  Adam J. Aviv,et al.  Turboflow: information rich flow record generation on commodity switches , 2018, EuroSys.

[17]  Christopher Patton,et al.  Probabilistic Data Structures in Adversarial Environments , 2019, CCS.

[18]  Guofei Gu,et al.  NETHCF: Enabling Line-rate and Adaptive Spoofed IP Traffic Filtering , 2019, 2019 IEEE 27th International Conference on Network Protocols (ICNP).

[19]  Krishna P. Gummadi,et al.  King: estimating latency between arbitrary internet end hosts , 2002, IMW '02.

[20]  Adam J. Aviv,et al.  Scaling Hardware Accelerated Network Monitoring to Concurrent and Dynamic Queries With *Flow , 2018, USENIX ATC.

[21]  Jennifer Rexford,et al.  Elastic Switch Programming with P4All , 2020, HotNets.

[22]  Xiapu Luo,et al.  Programmable In-Network Security for Context-aware BYOD Policies , 2019, USENIX Security Symposium.

[23]  David Walker,et al.  Lucid: a language for control in the data plane , 2021, SIGCOMM.

[24]  Costin Raiciu,et al.  Dataplane equivalence and its applications , 2019, NSDI.

[25]  George Varghese,et al.  P4: programming protocol-independent packet processors , 2013, CCRV.

[26]  Pedro Reviriego,et al.  Breaking Cuckoo Hash: Black Box Attacks , 2021 .

[27]  Alberto Dainotti,et al.  Blink: Fast Connectivity Recovery Entirely in the Data Plane , 2019, NSDI.

[28]  Pedro Reviriego,et al.  Security of HyperLogLog (HLL) Cardinality Estimation: Vulnerabilities and Protection , 2020, IEEE Communications Letters.

[29]  Mark Handley,et al.  Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics , 2001, USENIX Security Symposium.

[30]  Jiarong Xing,et al.  NetWarden: Mitigating Network Covert Channels while Preserving Performance , 2020, USENIX Security Symposium.

[31]  Nate Foster,et al.  NetCache: Balancing Key-Value Stores with Fast In-Network Caching , 2017, SOSP.

[32]  Jennifer Rexford,et al.  Measuring TCP Round-Trip Time in the Data Plane , 2020, SPIN@SIGCOMM.

[33]  Nick McKeown,et al.  p4v: practical verification for programmable data planes , 2018, SIGCOMM.