Network traffic is now largely encrypted. Yet analysis of side-channel features-packet sizes, timings, and directions-can still reveal patterns about encrypted flows. Recent machine learning (ML) techniques have made such traffic analysis more powerful, and they can be applied both offensively (e.g., inference attacks) and defensively (e.g., intrusion detection). This raises the need for protections that keep pace with ML-enabled capabilities without exacerbating resource overhead and reaction delays. My research explores new opportunities, such as application-agnostic defenses, offered by data-plane programmability (e.g., eBPF/XDP at hosts and P4 in switches) to reshape observable traffic patterns and fast feature extraction for advanced detection mechanisms. My PhD also focuses on designing and prototyping the combination of ML together with programmable data planes to both mitigate traffic analysis and harness it for defense, while clarifying the trade-offs between privacy, performance, and deployability.

Enforcing Security Policies in the Application Layer and the Data Plane / Rinaudi, Federico; Sacco, Alessio; Marchetto, Guido. - ELETTRONICO. - (In corso di stampa). (Intervento presentato al convegno 2025 21st International Conference on Network and Service Management (CNSM) tenutosi a Bologna nel 27 - 31 October 2025).

Enforcing Security Policies in the Application Layer and the Data Plane

Federico Rinaudi;Alessio Sacco;Guido Marchetto
In corso di stampa

Abstract

Network traffic is now largely encrypted. Yet analysis of side-channel features-packet sizes, timings, and directions-can still reveal patterns about encrypted flows. Recent machine learning (ML) techniques have made such traffic analysis more powerful, and they can be applied both offensively (e.g., inference attacks) and defensively (e.g., intrusion detection). This raises the need for protections that keep pace with ML-enabled capabilities without exacerbating resource overhead and reaction delays. My research explores new opportunities, such as application-agnostic defenses, offered by data-plane programmability (e.g., eBPF/XDP at hosts and P4 in switches) to reshape observable traffic patterns and fast feature extraction for advanced detection mechanisms. My PhD also focuses on designing and prototyping the combination of ML together with programmable data planes to both mitigate traffic analysis and harness it for defense, while clarifying the trade-offs between privacy, performance, and deployability.
In corso di stampa
File in questo prodotto:
File Dimensione Formato  
1571190298 final (2).pdf

accesso aperto

Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: Pubblico - Tutti i diritti riservati
Dimensione 176.57 kB
Formato Adobe PDF
176.57 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/3003703