Skip to content

simonschdev/srds23-albus-p4

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
include
include
 
 
README.md
README.md
 
 
albus.p4
albus.p4
 
 
albus_controller.py
albus_controller.py
 
 
albus_send.py
albus_send.py
 
 
p4app.json
p4app.json
 
 
packet_generator.py
packet_generator.py
 
 

Repository files navigation

P4 Code for probabilistic traffic-burst detection with ALBUS

The following P4 code was used in the paper 'ALBUS: a Probabilistic Monitoring Algorithm to Counter Burst Flood Attacks' by Simon Scherrer, Jo Vliegen, Arish Sateesan, Hsu-Chun Hsiao, Nele Mentens, and Adrian Perrig, published at the International Symposium or Reliable Distributed Systems (SRDS) in 2023.

Source Code

This repository contains the following source code:

  • albus.p4: P4 code for the ALBUS flow monitor that runs on the P4-enabled Mininet switch.
  • p4app.json: Configuration file to set up the Mininet topology on the p4-learning VM.
  • albus_controller.py: Python code for the controller that interacts with the Mininet switch. This controller performs configuration tasks, which mostly works via rule installation in the match-action tables of the P4 switch. Importantly, the controller also receives the five-tuple of a provably malicious flow from the switch. This five-tuple is then used as the match criterion in a blacklist rule.
  • albus_send.py/packet_generator.py: Scripts to generate traffic for testing and evaluating the project implementation (see below). These scripts have been adapted from Exercise 04 'Count-Min Sketch' of the p4-learning utilities.

Environment Setup

This implementation was developed for the p4-utils VM, which can be installed as documented in the corresponding Wiki.

Running Instructions for ALBUS Experiment

  1. Copy the code to the p4-utils VM.
  2. cd to the directory with the code.
  3. Start the Mininet CLI with access to the P4-enabled switch using
sudo p4run --conf p4app.json
  1. When Mininet is ready, start up the controller in another terminal:
python albus_controller.py
  1. Run the test with the command below. The command will simulate 100 flows, where there is 1 pulsating flow sending one pulse per second with overuse ratio 2 and pulse width of 2^18 = 262'144 microseconds (approximately 0.25 seconds). The experiment will take 2.1 seconds such that the pulsating flow sends two pulses in total.
mininet> h1 python3 albus-send.py --n-hh 1 --n-sf 99 --our 2 --intv 0.262144 --len 2.1

At some point, the controller will announce that it received flow ('44.101.177.245', '155.183.88.74', '55538', '52578', '6'), which is the pulsating flow (It is also output by albus_send.sh). There is a small probability that the flow is not found in the first try; in that case, the command above should be repeated.

  1. Shut down the ALBUS controller using Ctrl-C and the Mininet CLI using Ctrl-D.

About

P4 Code for ALBUS algorithm (SRDS 2023)

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages