Programmable In-network Security: A Vision for Network Security in the Next Generation, with Ang Chen (Rice Univ.)

Abstract: Network attacks are on the rise, and many of them can be traced to a common root cause---the Internet does not have security support in its architecture. Existing proposals either need to make intrusive changes to the Internet, or resort to bolt-on protection for each discovered attack. In the Poise (Programmable In-network Security) project, we are rethinking how to develop a secure foundation for the next-generation Internet. Poise leverages technological advances in emerging programmable networking hardware, and it takes a three-step approach. First, Poise transforms a programmable switch into a defense platform by developing a suite of defenses that reside in the switch. Next, Poise transforms a programmable network into a defense fleet by synchronizing distributed defenses across the network. Furthermore, Poise reasons about the in-network defenses to ensure that they are themselves secure, both individually and in composition.
 

Bio: Ang Chen is an assistant professor in the Department of Computer Science at Rice University. His research interests span networking, security, and systems, with a particular focus on making networked systems more reliable, efficient, and secure. Ang loves life and hopes that you do, too!