Close

Presentation

Leveraging In-band Network Telemetry for Automated DDoS Detection in Production Programmable Networks: The AmLight Use Case
DescriptionProgrammable data planes have provided great flexibility in defining the behaviors of packet forwarding switches, routers, and network interface cards (NICs). The In-band
Network Telemetry (INT) technology further increased network operators’ potential to manage packet flows by enabling realtime and customizable monitoring of packets without creating much overhead on the network. These recent advancements in networking technology have generated significant research interest and activity, including studies on INT-based DDoS detection and mitigation mechanisms. However, in practice, INT technology has not been fully realized yet, especially in detecting network anomalies in real-time. In this paper, we aim to implement a holistic real-time INT-based DDoS detection mechanism. The proposed mechanism will retrieve INT data from the network, analyze it using machine learning (ML) models in real-time, and send the information to the control plane. We will also compare the performance of using INT to detect DDoS attacks against sFlow-based detection.
Event Type
Workshop
TimeMonday, 18 November 20242:40pm - 3pm EST
LocationB305
Tags
Architecture
Data-Intensive
Network
Performance Optimization
System Administration
Registration Categories
W