Ph.D. Research Update: Year#4 Annual Progress and Planned Activities
Ph.D Annual report II
-
Upload
matteo-avalle -
Category
Documents
-
view
376 -
download
2
Transcript of Ph.D Annual report II
![Page 1: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/1.jpg)
Matteo AvalleAnnual Oral Presentation For Ph.D Evaluation2012 (Second Ph.D year)
![Page 2: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/2.jpg)
Main research topic:regexp-based packet processing
• Background
• Research directions
• Results
Ou
tlin
e
![Page 3: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/3.jpg)
Background
• Regexp-based data processing:– Powerful technique to analyze data– Several possible application fields (e.g NIDS).
• Rule sets must be transformed in automata (in our case NFAs)
• NFAs can then be used to parse data by using a packet processor– iNFAnt, a GPU-based packet processor
• Processing throughput is critical
2/10Main: • • • • Sec: • • •
![Page 4: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/4.jpg)
Main research directionsThere is a technique, called multi-stride:•Based on transforming the NFA into a more efficient form•Multiplies the processing throughput by a factor of 2n
For these reasons:•A new, faster multistride algorithm has been developed•Test cases have been developed by applying multistride to huge rule sets
But:• “n” depends on the size
of the rule set, and is usually very small
• Obtaining a 4x NFA of a medium ruleset requires several months of computation
• Inapplicable to big rulesets
3/10Main: • • • • Sec: • • •
![Page 5: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/5.jpg)
Main research directions• The new multistride algorithm pushes forwards the limits of
the previous algorithms
For these reasons:•A new technique, called multi-map multistride has been developed•It exploits GPU architecture•It allows to further push forward the limits of the original multistride
But:• Even with faster
algorithms, multi stride still have limits
• It should be possible to optimize NFAs to achieve better results when using GPU-based processors
4/10Main: • • • • Sec: • • •
![Page 6: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/6.jpg)
Obtained results
• With the new “Multi-Stride” algorithm it is now possible to quadruple the processing throughput of medium-sized NFAs while the previous algorithms did not allow to achieve more than a 2x boost on the same NFAs
– M. Avalle, F. Risso, R. Sisto, “Efficient Multistriding of Large Non-deterministic Finite State Automata for Deep Packet Inspection”, in Proc. of the IEEE International Conference on Communications (ICC) 2012 – Communication and Information Systems Security Symposium.
• The new “Multi-Map Multistride” technique further extends the previous limits by multiplying the processing throughput of bigger NFAs and with higher coefficients
– A paper is under development to present results of this algorithm
5/10Main: • • • • Sec: • • •
![Page 7: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/7.jpg)
Secondary research topic:Design and implementation of Security protocols with javaSPI
• Background
• Our solution: JavaSPI
• Results
Ou
tlin
e
![Page 8: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/8.jpg)
Background• Developing a security protocol is an hard, error-
prone task even for experts• Formal methods can be the key to simplify this
process– Mathematical demonstration of the claimed security
properties
– Semi-automated generation of the implementation code to reduce the presence of bugs
• Anyway, using formal methods is still a complex task as the formal languages are usually unknown to the developers
7/10Main: • • • • Sec: • • •
![Page 9: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/9.jpg)
Our solution: JavaSPI
8/10Main: • • • • Sec: • • •
![Page 10: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/10.jpg)
Results
• The javaSPI tool has been developed
• A case study, regarding a particular configuration of the SSL 3.0 handshake protocol, has been developed
– M. Avalle, A. Pironti, R. Sisto D. Pozza, “The Java SPI Framework for Security Protocol Implementation”, in Proc. of the Sixth International Conference on Availability, Reliability and Security (ARES), Vienna, Austria, pp. 746-751, IEEE, 2011.
• Moreover, there is an article under development to present the mathematical Soundness proofs of javaSPI.
• A survey regarding the state of the art of formal methods applied to security protocols have been written
– M. Avalle, A. Pironti, R. Sisto, “Formal Verification of Security Protocol Implementations: A Survey”, accepted for publication in Formal Aspects of Computing, Springer.
9/10Main: • • • • Sec: • • •
![Page 11: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/11.jpg)
Future work
• The first, short-term objective is to finish the actual work by publishing the papers under development regarding both the research topics
• Moreover, there should still be room to improve the performance of actual techniques by implementing new GPU-specific optimization techniques.
10/10
![Page 12: Ph.D Annual report II](https://reader033.fdocuments.net/reader033/viewer/2022052900/5562c9b0d8b42a13618b59db/html5/thumbnails/12.jpg)
Questions?