Asghar, H; Melis, L; Soldani, C; De Cristofaro, E; Kaafar, MA; Mathy, L; (2016) SplitBox: Toward Efficient Private Network Function Virtualization. In: Han, D and Raz, D, (eds.) HotMIddlebox '16: Proceedings of the 2016 workshop on Hot topics in Middleboxes and Network Function Virtualization. (pp. pp. 7-13). Association for Computing Machinery (ACM): New York, NY, USA.

Preview

Text 1605.03772.pdf - Accepted Version Download (621kB) | Preview

Abstract

This paper presents SplitBox, an efficient system for privacy-preserving processing of network functions that are outsourced as software processes to the cloud. Specifically, cloud providers processing the network functions do not learn the network policies instructing how the functions are to be processed. First, we propose an abstract model of a generic network function based on match-action pairs. We assume that this function is processed in a distributed manner by multiple honest-but-curious cloud service providers. Then, we introduce our SplitBox system for private network function virtualization and present a proof-of-concept implementation on FastClick, an extension of the Click modular router, using a firewall as a use case. Our experimental results achieve a throughput of over 2 Gbps with 1 kB-sized packets on average, traversing up to 60 firewall rules.

Download activity - last month

Export as CSVJSONXML

Download activity - last 12 months

Export as XMLCSVJSON

Downloads by country - last 12 months

Export as CSVJSONXML

Archive Staff Only

View Item