Monday, 4 Novembre 2024
- Imprimer
- Partager
- Partager sur Facebook
- Share on X
- Partager sur LinkedIn
Improving Network Security AND Performance in Multi-Tenant Environments
In today's interconnected world, ensuring robust network security is crucial, especially in multi-tenant cloud environments. However, existing network monitoring and network function platforms often incur a high performance cost or disregard critical security concerns. This talk presents two of our recent approaches to address these challenges by leveraging new programmable networking devices and operating systems abstractions. We first explore immUNITY, a framework that unifies programmable P4 switches, SmartNICs, and hosts to detect and mitigate slow, stealthy network attacks. By focusing on the initial packets of each flow and employing a novel Overwriting Flow Filter data structure, immUNITY achieves high accuracy in identifying suspicious traffic with minimal false positives, even at scales of 1.4 Tbps. Next, we introduce Byways, an operating systems abstraction designed to deploy high-performance, isolated network functions alongside end-host VMs in cloud environments. Byways ensure strict isolation and customizable access rights, providing robust fault tolerance and security. Our implementation demonstrates performance to native solutions that offer no isolation, while significantly reducing the trusted computing base compared to traditional virtual machine networking technologies. Together, these projects offer a comprehensive strategy for enhancing network security and performance within the network and end-hosts.
Biography:
Timothy Wood is a professor in the Department of Computer Science at George Washington University. Before joining GW, he received a doctoral degree in computer science from the University of Massachusetts Amherst and a bachelor’s degree in electrical and computer engineering from Rutgers University. His research studies how new virtualization technologies can provide application agnostic tools that improve performance, efficiency, and reliability in cloud computing data centers and software-based networks. His PhD thesis received the UMass CS Outstanding Dissertation Award, his students have voted him CS Professor of the Year, and he has won three best paper awards, a Google Faculty Research Award, and an NSF Career award.
Date et lieu
le 04 Novembre à 16h
en visio
Speaker
Timothy WOOD
Professeur à George Washington University
Organisé par
Alain TCHANA
Equipe ERODS
- Imprimer
- Partager
- Partager sur Facebook
- Share on X
- Partager sur LinkedIn