new directions for network verification
play

New Directions for Network Verification Aurojit Panda, Katerina - PowerPoint PPT Presentation

Feb 06, 2024 •267 likes •813 views

New Directions for Network Verification Aurojit Panda, Katerina Argyraki, Mooly Sagiv, Michael Schapira, Scott Shenker Brief Summary of This Talk Context : Proliferation of network verification tools. Build on assumption that the

  1. New Directions for Network Verification Aurojit Panda, Katerina Argyraki, Mooly Sagiv, Michael Schapira, Scott Shenker

  2. Brief Summary of This Talk • Context : • Proliferation of network verification tools. • Build on assumption that the network state is immutable . • Immutable = Data packets do not change behavior of network

  3. Brief Summary of This Talk • Context : • Proliferation of network verification tools. • Build on assumption that the network state is immutable . • Immutable = Data packets do not change behavior of network • My point : • Many network elements have mutable state • Verifying mutable networks requires new techniques • Two technical challenges: Modeling and Scaling

  4. Outline • Background on networks. • Background on network verification. • Verifying mutable networks.

  5. Classical Networking Ted Stevens was right Alice Bob Switch Switch Switch Mallory Trent • Networks provide end-to-end connectivity. • Just contain host and switches. • All interesting processing at the hosts.

  6. Real Networks have Middleboxes! Alice Bob Switch Switch Switch Trent Mallory

  7. Real Networks have Middleboxes! Alice Bob Firewall Switch Switch Switch Trent Mallory • Security (firewalls, IDSs,…).

  8. Real Networks have Middleboxes! Alice Bob Firewall Switch Switch Switch Cache Trent Mallory • Security (firewalls, IDSs,…). • Performance (caches, load balancers,…).

  9. Real Networks have Middleboxes! Alice Bob Firewall Switch Switch Switch Proxy Cache Trent Mallory • Security (firewalls, IDSs,…). • Performance (caches, load balancers,…). • New functionality (proxies,…).

  10. Outline • Background on networks. • Background on network verification. • Verifying mutable networks.

  11. Reachability Invariants • Focus on reachability invariants • Most important in practice, simple to state but already hard Firewall S1 Balancer Firewall Mallory S2

  12. Reachability Invariants • Focus on reachability invariants • Most important in practice, simple to state but already hard Firewall S1 Balancer Firewall Mallory S2 Can S2 receive packets of type T from Mallory?

  13. Reachability Invariants • Focus on reachability invariants • Most important in practice, simple to state but already hard Firewall S1 Balancer Firewall Mallory S2 Can S2 receive “infected” packets from Mallory?

  14. Reachability Invariants • Focus on reachability invariants • Most important in practice, simple to state but already hard Firewall S1 Balancer Firewall Mallory S2 Can S2 receive packets from Mallory without a connection?

  15. Abstractions for Invariants • Operators want to specify packet types using abstractions:

  16. Abstractions for Invariants • Operators want to specify packet types using abstractions: • “infected”

  17. Abstractions for Invariants • Operators want to specify packet types using abstractions: • “infected” • from “authenticated user”

  18. Abstractions for Invariants • Operators want to specify packet types using abstractions: • “infected” • from “authenticated user” • from a given application

  19. Abstractions for Invariants • Operators want to specify packet types using abstractions: • “infected” • from “authenticated user” • from a given application • How these types are determined in a network varies

  20. Abstractions for Invariants • Operators want to specify packet types using abstractions: • “infected” • from “authenticated user” • from a given application • How these types are determined in a network varies • Invariants should not depend on these details

  21. Network Verification Today • Switches: Forwarding rules in switches. HSA, Veriflow, NetKAT, etc.

  22. Network Verification Today • Switches: Forwarding rules in switches. HSA, Veriflow, NetKAT, etc. • SDN Controller: Code generating these rules. Vericon, FlowLog, etc.

  23. Network Verification Today • Switches: Forwarding rules in switches. HSA, Veriflow, NetKAT, etc. • SDN Controller: Code generating these rules. Vericon, FlowLog, etc. • Firewalls: Verify firewall configuration. Fang, Margrave, etc.

  24. Existing Assumptions/Limitations Switches • Limited computational model (rule-based forwarding). • Immutable , functionality only changes with new rules. • Limited set of invariants enforced by networks.

  25. Existing Assumptions/Limitations Switches • Limited computational model (rule-based forwarding). • Immutable , functionality only changes with new rules. • Limited set of invariants enforced by networks. Controllers • All state and actions are centralized . (Globally ordered) • Data plane itself is immutable .

  26. Existing Assumptions/Limitations Switches • Limited computational model (rule-based forwarding). • Immutable , functionality only changes with new rules. • Limited set of invariants enforced by networks. Controllers • All state and actions are centralized . (Globally ordered) • Data plane itself is immutable . Firewalls • Treated as if they contain Immutable state. • Assume a particular (simple) computational model.

  27. Existing Assumptions/Limitations Violated by many middleboxes Switches • Limited computational model (rule-based forwarding). • Immutable , functionality only changes with new rules. • Limited set of invariants enforced by networks. Controllers • All state and actions are centralized . (Globally ordered) • Data plane itself is immutable . Firewalls • Treated as if they contain Immutable state. • Assume a particular (simple) computational model.

  28. Outline • Background on networks. • Background on network verification. • Verifying mutable networks.

  29. Verification of Mutable Networks • Naive approach • Verify a program equivalent to the entire network.

  30. Verification of Mutable Networks • Naive approach • Verify a program equivalent to the entire network. • Feasibility is not clear • Large, proprietary code bases (Bro ~102K lines of code).

  31. Verification of Mutable Networks • Naive approach • Verify a program equivalent to the entire network. • Feasibility is not clear • Large, proprietary code bases (Bro ~102K lines of code). • Scalability is crucial • Networks contain several 1000 middleboxes or more.

  32. Modeling Middleboxes

  33. Modeling Middleboxes Determines what application sent a packet, etc. Classify Packet Complex, proprietary processing.

  34. Modeling Middleboxes Determines what application sent a packet, etc. Classify Packet Complex, proprietary processing. Updating payload is complex (compression, etc.) Update Packet Updating header is simple (fixed format).

  35. Modeling Middleboxes Determines what application sent a packet, etc. Classify Packet Complex, proprietary processing. Updating payload is complex (compression, etc.) Update Packet Updating header is simple (fixed format). Could be simple (remember packets) Update State or complex (update many hash tables).

  36. Modeling Middleboxes Determines what application sent a packet, etc. Classify Packet Complex, proprietary processing. Updating payload is complex (compression, etc.) Update Packet Updating header is simple (fixed format). Could be simple (remember packets) Update State or Forward Packet Always simple: forward or drop packets.

  37. Modeling Middleboxes Oracle: Specify data dependencies and outputs Determines what application sent a packet, etc. Classify Packet Complex, proprietary processing. Updating payload is complex (compression, etc.) Update Packet Updating header is simple (fixed format). Could be simple (remember packets) Update State or Forward Packet Always simple: forward or drop packets.

  38. Modeling Middleboxes Oracle: Specify data dependencies and outputs Determines what application sent a packet, etc. Classify Packet Complex, proprietary processing. Updating payload is complex (compression, etc.) Update Packet Updating header is simple (fixed format). Could be simple (remember packets) Update State or Forward Packet Always simple: forward or drop packets. Forwarding Model: Specify Completely

  39. Example Oracle: Specify data dependencies and outputs Classify Packet Update Packet Update State Forward Packet Forwarding Model: Specify Completely

  40. Example Oracle: Specify data dependencies and outputs Dependencies Classify Packet See all packets in connection (flow). Outputs Update Packet Is packet infected . Update State Forward Packet Forwarding Model: Specify Completely

  41. Example Oracle: Specify data dependencies and outputs Dependencies Classify Packet See all packets in connection (flow). Outputs Update Packet Is packet infected . if ( infected ) { infected_connections.add(packet.flow) Update State } Forward Packet Forwarding Model: Specify Completely

  42. Example Oracle: Specify data dependencies and outputs Dependencies Classify Packet See all packets in connection (flow). Outputs Update Packet Is packet infected . if ( infected ) { infected_connections.add(packet.flow) Update State } if ( packet.flow not in infected_connections ) { Forward Packet forward (packet); } Forwarding Model: Specify Completely

  43. Scaling Verification

  44. Scaling Verification • Middleboxes are “flow-parallel”

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Network Verification Using Atomic Network Verification Using Atomic Predicates Predicates Ne

Network Verification Using Atomic Network Verification Using Atomic Predicates Predicates Ne

Network Verification Using Atomic Network Verification Using Atomic Predicates Predicates Ne two rk Ve rific atio n U sing Ato mic Pre dic ate s (S. S. L am) 1 3/ 28/ 2017 Difficulty in Managing Large Networks Difficulty in Managing Large

760 views • 44 slides
Name Space Analysis (NSA): Verification of Named Data Network Data Planes Mohammad Jahanian and

Name Space Analysis (NSA): Verification of Named Data Network Data Planes Mohammad Jahanian and

Name Space Analysis (NSA): Verification of Named Data Network Data Planes Mohammad Jahanian and K. K. Ramakrishnan University of California, Riverside ACM ICN 2019 Network Verification is important Network data planes are complex and hard to

630 views • 49 slides
U.S. Climate Reference Network: Current Status and Future Directions Sharon LeDuc Michael

U.S. Climate Reference Network: Current Status and Future Directions Sharon LeDuc Michael

U.S. Climate Reference Network: Current Status and Future Directions Sharon LeDuc Michael Palecki National Climatic Data Center DOC/NOAA/NESDIS USCRN Current Status and Future Directions, May 2009 1 USCRN Goals Making science quality

316 views • 27 slides
PRESENTATION FOR TESTING DIRECTIONS (NO 2) The World Health Organization declared COVID-19 a

PRESENTATION FOR TESTING DIRECTIONS (NO 2) The World Health Organization declared COVID-19 a

EMERGENCY MANAGEMENT ACT 2005 (WA) who enters Westero Australia (including any person who entered Westero 4. The Presentation for Testing Directions I made on 9 July 2020 are revoked. DIRECTIONS 5. Subject to paragraph 9, these directions apply

554 views • 5 slides
Run-time firmware integrity verification: what if you cant trust your network card? Loc

Run-time firmware integrity verification: what if you cant trust your network card? Loc

Run-time firmware integrity verification: what if you cant trust your network card? Loc Duflot , Yves-Alexis Perez , Benjamin Morin Agence Nationale de la Scurit des Systmes dInformation Introduction & reminder Last year...

467 views • 44 slides
Run-time firmware integrity verification: what if you cant trust your network card?

Run-time firmware integrity verification: what if you cant trust your network card?

Run-time firmware integrity verification: what if you cant trust your network card? International Symposium on Recent Advances in Intrusion Detection Menlo Park, September 2011 Loc Duflot, Yves-Alexis Perez, Benjamin Morin ANSSI French

627 views • 37 slides
Network verification and synthesis CSE 599N1 Sep 25, 2019 Who are we? Ratul Mahajan UW

Network verification and synthesis CSE 599N1 Sep 25, 2019 Who are we? Ratul Mahajan UW

Network verification and synthesis CSE 599N1 Sep 25, 2019 Who are we? Ratul Mahajan UW MSR Intentionet UW One of the first paper was Understanding BGP misconfiguration (2002) Ryan Beckett Princeton MSR

834 views • 23 slides
DB Future Directions Future Directions The Future is hard to predict and is driven by

DB Future Directions Future Directions The Future is hard to predict and is driven by

DB Future Directions Future Directions The Future is hard to predict and is driven by technology trends, unforeseen events, special needs, previous commitments, policy, mistakes, innovation, etc. What follows is some personal

538 views • 20 slides
Introduction to Electronic Verification Electronic Verification of Educational Records

Introduction to Electronic Verification Electronic Verification of Educational Records

Introduction to Electronic Verification Electronic Verification of Educational Records OVERVIEW 01 04 Scope of Verification Peggys Picks Types of verification, Verifying exam results or parameters, privacy graduation using databases

1.25k views • 81 slides
Bayes Network Analysis by Program Verification Joost-Pieter Katoen Alan Turing Institute,

Bayes Network Analysis by Program Verification Joost-Pieter Katoen Alan Turing Institute,

Bayes Network Analysis by Program Verification Joost-Pieter Katoen Alan Turing Institute, January 2018 Joost-Pieter Katoen Bayes Network Analysis by Program Verification 1/62 Perspective There are several reasons why probabilistic

1.06k views • 62 slides
A 5G Media Delivery Network Demonstrator A Development and Verification platform Nikos Bakalos

A 5G Media Delivery Network Demonstrator A Development and Verification platform Nikos Bakalos

A 5G Media Delivery Network Demonstrator A Development and Verification platform Nikos Bakalos Research Engineer ICCS/NTUA Institute of Communications and Computer Systems National Technical University of Athens Internet Science Group 5G

63 views • 3 slides
Directions and Rubric for Magnified Giving Presentation Project Directions: For this project, you

Directions and Rubric for Magnified Giving Presentation Project Directions: For this project, you

Name: Date: Period: Directions and Rubric for Magnified Giving Presentation Project Directions: For this project, you will be working individually. Your goal is to research a non-profit organization with a mission you think contributes to the

186 views • 4 slides
DIVS DL/ID Verification Systems Verification of Legal Status DIVS Passport Verification

DIVS DL/ID Verification Systems Verification of Legal Status DIVS Passport Verification

DIVS DL/ID Verification Systems Verification of Legal Status DIVS Passport Verification Projects Birth Record Verification State to State Verification DIVS State to State Verification Service (S2S) Program Benefits Mission

349 views • 8 slides
Preparing for Re-Verification Brief Mr. Terrence Moultrie Chief, Verification and Executive

Preparing for Re-Verification Brief Mr. Terrence Moultrie Chief, Verification and Executive

The Center for Verification and Evaluation (CVE) Preparing for Re-Verification Brief Mr. Terrence Moultrie Chief, Verification and Executive Support Services Agenda What is Re-Verification? o Simplified Reverification Program VIP

320 views • 21 slides
Institutional mechanism(s) and policy directions for effective operationalization of corridors

Institutional mechanism(s) and policy directions for effective operationalization of corridors

S EMINAR ON RAILWAY NETWORK CONNECTIVITY AND INTEROPERABILITY CHALLENGES Dushanbe, 5-6 September 2018 Institutional mechanism(s) and policy directions for effective operationalization of corridors Ariadne Abel Economic Affairs Officer

670 views • 12 slides
Secure Scheduling Legislative Process & Initial Policy Directions - policy directions

Secure Scheduling Legislative Process & Initial Policy Directions - policy directions

Secure Scheduling Legislative Process & Initial Policy Directions - policy directions proposed by Oregon presentation City staff , not endorsed by elected officials 07-21-16 1 Businesses dont need the same amount of workers on a

451 views • 14 slides
HSA Foundation Politecnico di Milano Seminar Room (Bld 20) 15 December, 2017

HSA Foundation Politecnico di Milano Seminar Room (Bld 20) 15 December, 2017

Advanced Topics on Heterogeneous System Architectures HSA Foundation Politecnico di Milano Seminar Room (Bld 20) 15 December, 2017 Antonio R. Antonio R. Miele Miele Marco D. Santambrogio Marco D. Santambrogio Politecnico

748 views • 73 slides
OFFICE OF THE CONTROLLER Ben Rosenfield Controller Todd Rydstrom CITY AND COUNTY OF SAN

OFFICE OF THE CONTROLLER Ben Rosenfield Controller Todd Rydstrom CITY AND COUNTY OF SAN

OFFICE OF THE CONTROLLER Ben Rosenfield Controller Todd Rydstrom CITY AND COUNTY OF SAN FRANCISCO Deputy Controller Nonprofit Contracting Forum Wedn dnesda day, Novem ember er 6, 2019, 1:00pm pm 2:30 30pm Koret Aud uditorium um,

1.05k views • 63 slides
Finding the Math for Infants Toddlers and Twos Laura Keeley-Saldana, M.Ed and Bonnie

Finding the Math for Infants Toddlers and Twos Laura Keeley-Saldana, M.Ed and Bonnie

Finding the Math for Infants Toddlers and Twos Laura Keeley-Saldana, M.Ed and Bonnie MacKenzie, M.Ed Region IX TTA Network These materials were developed for OHS/Region IX TTA Network under Contract No. HHSP233201500012C by STG

640 views • 34 slides
WELCOMING AMERICA Building a Nation of Neighbors The Oracle /Domonique Neukomm WHERE WE WORK 1

WELCOMING AMERICA Building a Nation of Neighbors The Oracle /Domonique Neukomm WHERE WE WORK 1

WELCOMING AMERICA Building a Nation of Neighbors The Oracle /Domonique Neukomm WHERE WE WORK 1 IN 8 Americans now lives in a community in the Welcoming America network. WELCOMING COMMUNITY PATHWAY Adopt Framework Advance Policy, Achieve

135 views • 11 slides
2020 2020 WHAT IS MIDNIGHT MADNESS? A celebration for the senior class that starts after

2020 2020 WHAT IS MIDNIGHT MADNESS? A celebration for the senior class that starts after

2020 2020 WHAT IS MIDNIGHT MADNESS? A celebration for the senior class that starts after Commencement on June 24 Students come to CHS, check in and board buses headed for a secret location Buses head through downtown Maplewood

467 views • 5 slides
Fast Control Plane Analysis Using an Abstract Representation Aaron Gember-Jacobson, Raajay

Fast Control Plane Analysis Using an Abstract Representation Aaron Gember-Jacobson, Raajay

Fast Control Plane Analysis Using an Abstract Representation Aaron Gember-Jacobson, Raajay Viswanathan, Aditya Akella, Ratul Mahajan 1 ConfiguraAon errors are common MulAple rouAng protocols RouAng process prioriAes Route exchange

516 views • 26 slides
Determining Income for the HOME Program June 2018 Welcome Trainer Shawna LaRue Moraille,

Determining Income for the HOME Program June 2018 Welcome Trainer Shawna LaRue Moraille,

Determining Income for the HOME Program June 2018 Welcome Trainer Shawna LaRue Moraille, ICF International Les Warner, ICF International Questions supported by Chantel Key , ICF International Written Questions: Enter your

1.46k views • 80 slides
The Economics of Taxation A course on understanding and evaluating tax proposals Friday

The Economics of Taxation A course on understanding and evaluating tax proposals Friday

The Economics of Taxation A course on understanding and evaluating tax proposals Friday December 6: Tax Basics Friday December 13: Taxes and Consequences Aim is to provide you with the ability to effectively analyze how proposed tax

645 views • 32 slides

More recommend