Skip to main content

Talk Timothy Wood

Monday, november, 4, 2024

Improving Network Security AND Performance in Multi-Tenant Environments

In today's interconnected world, ensuring robust network security is crucial, especially in multi-tenant cloud environments. However, existing network monitoring and network function platforms often incur a high performance cost or disregard critical security concerns. This talk presents two of our recent approaches to address these challenges by leveraging new programmable networking devices and operating systems abstractions. We first explore immUNITY, a framework that unifies programmable P4 switches, SmartNICs, and hosts to detect and mitigate slow, stealthy network attacks. By focusing on the initial packets of each flow and employing a novel Overwriting Flow Filter data structure, immUNITY achieves high accuracy in identifying suspicious traffic with minimal false positives, even at scales of 1.4 Tbps. Next, we introduce Byways, an operating systems abstraction designed to deploy high-performance, isolated network functions alongside end-host VMs in cloud environments. Byways ensure strict isolation and customizable access rights, providing robust fault tolerance and security. Our implementation demonstrates performance to native solutions that offer no isolation, while significantly reducing the trusted computing base compared to traditional virtual machine networking technologies. Together, these projects offer a comprehensive strategy for enhancing network security and performance within the network and end-hosts.

 

Biography:

Timothy Wood is a professor in the Department of Computer Science at George Washington University. Before joining GW, he received a doctoral degree in computer science from the University of Massachusetts Amherst and a bachelor’s degree in electrical and computer engineering from Rutgers University. His research studies how new virtualization technologies can provide application agnostic tools that improve performance, efficiency, and reliability in cloud computing data centers and software-based networks. His PhD thesis received the UMass CS Outstanding Dissertation Award, his students have voted him CS Professor of the Year, and he has won three best paper awards, a Google Faculty Research Award, and an NSF Career award.

Date and place

November the 4, at 4:00
visio

Speaker

Timothy WOOD
Professeur à George Washington University

Organised by

Alain TCHANA
Equipe ERODS

Submitted on October 18, 2024

Updated on October 18, 2024