南方科技大学知识苑(SUSTech KC): Soter: Deep Learning Enhanced In-Network Attack Detection Based on Programmable Switches

题名	Soter: Deep Learning Enhanced In-Network Attack Detection Based on Programmable Switches
作者	Guorui Xie 1; Qing Li2 ; Chupeng Cui 3; Peican Zhu 4; Dan Zhao 1; Wanxin Shi 1; Zhuyun Qi 1; Yong Jiang 1; Xi Xiao 5
DOI	10.1109/SRDS55811.2022.00029
发表日期	2022
会议名称	41st International Symposium on Reliable Distributed Systems (SRDS)
ISSN	1060-9857
EISSN	2575-8462
ISBN	978-1-6654-9754-1
会议录名称	2022 41st International Symposium on Reliable Distributed Systems (SRDS)
页码	225-236
会议日期	19-22 Sept. 2022
会议地点	Vienna, Austria
出版地	345 E 47TH ST, NEW YORK, NY 10017 USA
出版者	IEEE
摘要	Though several deep learning (DL) detectors have been proposed for the network attack detection and achieved high accuracy, they are computationally expensive and struggle to satisfy the real-time detection for high-speed networks. Recently, programmable switches exhibit a remarkable throughput efficiency on production networks, indicating a possible deployment of the timely detector. Therefore, we present Soter, a DL enhanced in-network framework for the accurate real-time detection. Soter consists of two phases. One is filtering packets by a rule-based decision tree running on the Tofino ASIC. The other is executing a well-designed lightweight neural network for the thorough inspection of the suspicious packets on the CPU. Experiments on the commodity switch demonstrate that Soter behaves stably in ten network scenarios of different traffic rates and fulfills perflow detection in 0.03s. Moreover, Soter naturally adapts to the distributed deployment among multiple switches, guaranteeing a higher total throughput for large data centers and cloud networks.
关键词	In-network intelligence deep learning network security
学校署名	其他
语种	英语
相关链接	[IEEE记录]
收录类别	CPCI-S
资助项目	National Key Research and Development Project of China[2020AAA0107704] ; National Natural Science Foundation of China["61972189","62073263"] ; Shenzhen Key Lab of Software Defined Networking[ZDSYS20140509172959989]
WOS研究方向	Computer Science ; Engineering
WOS类目	Computer Science, Hardware & Architecture ; Computer Science, Theory & Methods ; Engineering, Electrical & Electronic
WOS记录号	WOS:000920405900019
来源库	IEEE
全文链接	https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9996861
引用统计	被引频次[WOS]：3
成果类型	会议论文
条目标识符	http://sustech.caswiz.com/handle/2SGJ60CL/424448
专题	南方科技大学
作者单位	1.Peng Cheng Laboratory, Shenzhen, China 2.Southern University of Science and Technology, Shenzhen, China 3.Jilin University, Changchun, China 4.Northwestern Polytechnical University, Xi'an, China 5.International Graduate School, Tsinghua University, Shenzhen, China
推荐引用方式 GB/T 7714	Guorui Xie,Qing Li,Chupeng Cui,et al. Soter: Deep Learning Enhanced In-Network Attack Detection Based on Programmable Switches[C]. 345 E 47TH ST, NEW YORK, NY 10017 USA:IEEE,2022:225-236.