@inproceedings{8beac625eee24b2d8286ec5204b531bb,
title = "Soter: Deep Learning Enhanced In-Network Attack Detection Based on Programmable Switches",
abstract = "Though several deep learning (DL) detectors have been proposed for the network attack detection and achieved high accuracy, they are computationally expensive and struggle to satisfy the real-time detection for high-speed networks. Recently, programmable switches exhibit a remarkable throughput efficiency on production networks, indicating a possible deployment of the timely detector. Therefore, we present Soter, a DL enhanced in-network framework for the accurate real-time detection. Soter consists of two phases. One is filtering packets by a rule-based decision tree running on the Tofino ASIC. The other is executing a well-designed lightweight neural network for the thorough inspection of the suspicious packets on the CPU. Experiments on the commodity switch demonstrate that Soter behaves stably in ten network scenarios of different traffic rates and fulfills per-flow detection in 0.03s. Moreover, Soter naturally adapts to the distributed deployment among multiple switches, guaranteeing a higher total throughput for large data centers and cloud networks.",
keywords = "deep learning, In-network intelligence, network security",
author = "Guorui Xie and Qing Li and Chupeng Cui and Peican Zhu and Dan Zhao and Wanxin Shi and Zhuyun Qi and Yong Jiang and Xi Xiao",
note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 41st International Symposium on Reliable Distributed Systems, SRDS 2022 ; Conference date: 19-09-2022 Through 22-09-2022",
year = "2022",
doi = "10.1109/SRDS55811.2022.00029",
language = "英语",
series = "Proceedings of the IEEE Symposium on Reliable Distributed Systems",
publisher = "IEEE Computer Society",
pages = "225--236",
booktitle = "Proceedings - 41st International Symposium on Reliable Distributed Systems, SRDS 2022",
}