Network security using the P4 language

Programming Protocol-independent Packet Processors (P4) is a domain-specific language for network devices, specifying how data plane devices (switches, NICs, routers, filters, etc.) process packets.

P4 programs are designed to be implementation-independent: they can be compiled against many different types of execution machines such as general-purpose CPUs, FPGAs, system(s)-on-chip, network processors, and ASICs.

Goal

The goal of this project is to study the possibilities of the P4 language, specifically regarding security: how can we implement filtering or detection systems directly on a programmable switch or router, using the P4 language?

For this project you will have to test the possibilities of P4:

• setup a test network with traffic source(s)
• write some P4 experiments
• setup a server that will act as a programmable switch or router, on which you will run your P4 code
• capture and analyze traffic, to verify your code is working as expected

Expected outcome

• 1 blog post
• 1 poster
• source code of the experiments on our GitLab server
• a project report

Required skills

To start this project you should have some knowledge in

• programming (any language)
• network security

Tools and technologies

To achieve this project, you will use the following tools and technologies:

• the Laravel framework
• use git to manage your source code
• use GitLab to implement Continuous Implementation (CI)

References

• https://p4.org/
• https://codilime.com/blog/p4-network-programming-language-what-is-it-all-about/
• https://opennetworking.org/news-and-events/blog/getting-started-with-p4/
• http://ce.sc.edu/cyberinfra/project/P4%20Programmable%20Switches%20Poster[4367].pdf

Interested?

Contact us