Network traffic is now largely encrypted. Yet analysis of side-channel features-packet sizes, timings, and directions-can still reveal patterns about encrypted flows. Recent machine learning (ML) techniques have made such traffic analysis more powerful, and they can be applied both offensively (e.g., inference attacks) and defensively (e.g., intrusion detection). This raises the need for protections that keep pace with ML-enabled capabilities without exacerbating resource overhead and reaction delays. My research explores new opportunities, such as application-agnostic defenses, offered by data-plane programmability (e.g., eBPF/XDP at hosts and P4 in switches) to reshape observable traffic patterns and fast feature extraction for advanced detection mechanisms. My PhD also focuses on designing and prototyping the combination of ML together with programmable data planes to both mitigate traffic analysis and harness it for defense, while clarifying the trade-offs between privacy, performance, and deployability.
Enforcing Security Policies in the Application Layer and the Data Plane / Rinaudi, Federico; Sacco, Alessio; Marchetto, Guido. - ELETTRONICO. - (2025). (Intervento presentato al convegno 2025 21st International Conference on Network and Service Management (CNSM) tenutosi a Bologna).
Enforcing Security Policies in the Application Layer and the Data Plane
Federico Rinaudi;Alessio Sacco;Guido Marchetto
2025
Abstract
Network traffic is now largely encrypted. Yet analysis of side-channel features-packet sizes, timings, and directions-can still reveal patterns about encrypted flows. Recent machine learning (ML) techniques have made such traffic analysis more powerful, and they can be applied both offensively (e.g., inference attacks) and defensively (e.g., intrusion detection). This raises the need for protections that keep pace with ML-enabled capabilities without exacerbating resource overhead and reaction delays. My research explores new opportunities, such as application-agnostic defenses, offered by data-plane programmability (e.g., eBPF/XDP at hosts and P4 in switches) to reshape observable traffic patterns and fast feature extraction for advanced detection mechanisms. My PhD also focuses on designing and prototyping the combination of ML together with programmable data planes to both mitigate traffic analysis and harness it for defense, while clarifying the trade-offs between privacy, performance, and deployability.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/3003703
Attenzione
Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo