Archivio Istituzionale della RicercaNetwork traffic is now largely encrypted. Yet analysis of side-channel features-packet sizes, timings, and directions-can still reveal patterns about encrypted flows. Recent machine learning (ML) techniques have made such traffic analysis more powerful, and they can be applied both offensively (e.g., inference attacks) and defensively (e.g., intrusion detection). This raises the need for protections that keep pace with ML-enabled capabilities without exacerbating resource overhead and reaction delays. My research explores new opportunities, such as application-agnostic defenses, offered by data-plane programmability (e.g., eBPF/XDP at hosts and P4 in switches) to reshape observable traffic patterns and fast feature extraction for advanced detection mechanisms. My PhD also focuses on designing and prototyping the combination of ML together with programmable data planes to both mitigate traffic analysis and harness it for defense, while clarifying the trade-offs between privacy, performance, and deployability.
Enforcing Security Policies in the Application Layer and the Data Plane / Rinaudi, Federico; Sacco, Alessio; Marchetto, Guido. - ELETTRONICO. - (2025). ( 2025 21st International Conference on Network and Service Management (CNSM) Bologna (ITA) 27 - 31 October 2025) [10.23919/CNSM67658.2025.11297512].
Enforcing Security Policies in the Application Layer and the Data Plane
Federico Rinaudi;Alessio Sacco;Guido Marchetto
2025
Abstract
Network traffic is now largely encrypted. Yet analysis of side-channel features-packet sizes, timings, and directions-can still reveal patterns about encrypted flows. Recent machine learning (ML) techniques have made such traffic analysis more powerful, and they can be applied both offensively (e.g., inference attacks) and defensively (e.g., intrusion detection). This raises the need for protections that keep pace with ML-enabled capabilities without exacerbating resource overhead and reaction delays. My research explores new opportunities, such as application-agnostic defenses, offered by data-plane programmability (e.g., eBPF/XDP at hosts and P4 in switches) to reshape observable traffic patterns and fast feature extraction for advanced detection mechanisms. My PhD also focuses on designing and prototyping the combination of ML together with programmable data planes to both mitigate traffic analysis and harness it for defense, while clarifying the trade-offs between privacy, performance, and deployability.
| File | Dimensione | Formato | |
|---|---|---|---|
|
1571190298 final (2).pdf
accesso aperto
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Pubblico - Tutti i diritti riservati
Dimensione
176.57 kB
Formato
Adobe PDF
|
176.57 kB | Adobe PDF | Visualizza/Apri |
|
Enforcing_Security_Policies_in_the_Application_Layer_and_the_Data_Plane.pdf
accesso riservato
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
201.69 kB
Formato
Adobe PDF
|
201.69 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/3003703