Publication: Implementing Adaptive Cuckoo Firewall for Programmable Switch
No Thumbnail Available
Open/View Files
Date
2023-06-30
Authors
Published Version
Published Version
Journal Title
Journal ISSN
Volume Title
Publisher
The Harvard community has made this article openly available. Please share how this access benefits you.
Citation
Pedersen, Alexander Scott. 2023. Implementing Adaptive Cuckoo Firewall for Programmable Switch. Bachelor's thesis, Harvard College.
Research Data
Abstract
Stateful firewalls are a critical security function in many networks. To implement
a faster stateful firewall using high-speed programmable switch and support
a large number of connections, we need to avoid the memory footprint of storing
full 5-tuples. We store shorter hash digests in switch memory, while mitigating the
effect of false positives by applying adaptations. We present a stateful firewall implementation
on programmable switches, as well as design choices and benchmarks
for adapting to false positives using cuckoo filters.
Description
Other Available Sources
Keywords
Networking, Systems, Computer science
Terms of Use
This article is made available under the terms and conditions applicable to Other Posted Material (LAA), as set forth at Terms of Service