BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//P4 - Language Consortium - ECPv6.15.20//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:P4 - Language Consortium
X-ORIGINAL-URL:https://p4.org
X-WR-CALDESC:Events for P4 - Language Consortium
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:UTC
BEGIN:STANDARD
TZOFFSETFROM:+0000
TZOFFSETTO:+0000
TZNAME:UTC
DTSTART:20220101T000000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=UTC:20231208T080000
DTEND;TZID=UTC:20231208T080000
DTSTAMP:20260422T175138
CREATED:20250912T220230Z
LAST-MODIFIED:20250915T225515Z
UID:10000118-1702022400-1702022400@p4.org
SUMMARY:Euro P4 2023
DESCRIPTION:EuroP4 2023 took place December 8th in conjunction with ACM CoNEXT 2023 in Paris (France). This event brought together networking researchers and practitioners to discuss cutting-edge\, P4-enabled research and P4-based technology. The workshop provided a venue for presenting and discussing research and projects related to P4\, as well as for more broadly discussing the needs of this research community. The workshop aimed to forge new connections between researchers who already work with P4\, introduce more networking researchers to the P4 community\, and seed future top-tier publications\, innovation and contributions to this community.\nView proceedings from the 2023 EuroP4 Workshop \n  \nSession 1: P4 Networking\n\nLANTERN: Layered Adaptive Network Telemetry Collection for Programmable Data Planes\nKaiyu Hou (Alibaba Cloud)\, Dhiraj Saharia (Georgetown University)\, Vinod Yegneswaran (SRI International)\, Phil Porras (SRI International) \n\nAbstract: \nManaging next-generation enterprise networks requires collecting and analyzing enormous volumes (tens of Tbps) of network traffic data in real time to detect potential anomalies\, classify attacks\, identify root causes\, and rapidly deploy effective mitigations. Conducting robust and scalable analysis on such traffic volumes is a daunting ”haystack” problem that demands intelligent strategies to winnow traffic to extract and pinpoint ”needles” of interest. Recent advances in software-defined networking and programmable dataplanes\, that enable dynamic reconfiguration of switching hardware to adapt to changing traffic conditions\, provide a foundational building block. However\, they lack the resources and programming primitives for complex computational models. \nToward that end\, we present LANTERN\, a layered and adaptive network telemetry system that facilitates joint collection and analysis of network traffic at multiple resolutions in coordination with the controller. Our design offloads complex machine-learning analysis to the controller\, while still enabling proactive telemetry refinement and reactive mitigation triggers at the data-plane level. We evaluate our layered approach by replaying a labeled CIC-IDS attack dataset through both software and hardware P4 switches. LANTERN is able to detect most anomalies\, accurately classify them\, and introduces negligible switching overhead (1% latency). \nRead Paper | View Slides \n  \nPer Priority Data Rate Measurement in Data Plane \nHabib Mostafaei (Eindhoven University of Technology)\, Georgios Smaragdakis (Delft University of Technology) \nAbstract: \nMany applications\, such as video streaming\, congestion control\, and server selection\, can benefit when the data rate of different priority groups between two endpoints is accurately estimated over the end-to-end path. With the introduction of programmable networks\, e.g.\, P4\, it is now possible to offload the measurements to the data plane of intermediate devices. Recently\, tools have been developed to react to changes in available bandwidth\, but a tool to accurately estimate end-to-end per-priority data rates needs to be added. This motivates us to design and implement a new end-to-end and per-priority data rate estimation tool\, PrioMeter. PrioMeter can accurately report the data rate per priority group of flows in programmable networks using high-precision timestamps for arbitrary traffic scales. PrioMeter leverages two primitives: quantization and truncation\, to achieve its goals. We implement PrioMeter in P4 and test it on BMv2 switches\, and our preliminary results using NS3 simulations show that it can accurately estimate the data rate of different priority flows with minimal overhead. \nRead Paper | View Slides \n  \nCryptographic Path Validation for SCION in P4 \nLars-Christian Schulz (OVGU Magdeburg)\, Robin Wehner (OVGU Magdeburg)\, David Hausheer (OVGU Magdeburg) \nAbstract: \nSCION has been proposed as a new Internet architecture addressing security and scalability shortcomings in the current Internet. Multiple real-world deployments of SCION exist already\, nevertheless few hardware implementations of SCION routers are available. \nIn this paper\, we implement a SCION border router on a programmable 12.8 Tbit/s Intel Tofino 2 switch. Our router utilizes the multiple separately programmable packet pipelines of Tofino 2 in order to compute SCION’s AES-CMAC-based hop authenticators in general-purpose P4 without assistance from specialized hardware. \nUsing three out of four available pipelines\, we achieve 394.7 Gbit/s throughput per port on 8 ports for a total of 3.16 Tbit/s capacity. Using only two pipelines we still achieve line rate throughput on 4 ports for a total of 1.58 Tbit/s capacity. To our knowledge there is no other SCION router including the AES-CMAC validation that offers a comparable performance. \nRead Paper | View Slides \n\n  \n\n\nSession 2 – P4 Control & Targets\n\n\nIntroducing P4TC – A P4 Implementation on Linux Kernel using Traffic Control\nJamal Hadi Salim (Mojatatu Networks)\, Deb Chatterjee (Intel Corporation)\, Victor Nogueira (Mojatatu Networks)\, Pedro Tammela (Mojatatu Networks)\, Tomasz Osinski (Intel Corporation)\, Evangelos Haleplidis (Mojatatu Networks)\, Balachandher Sambasivam (Intel Corporation)\, Usha Gupta (Intel Corporation)\, Komal Jain (Intel Corporation)\, Sosutha Sethuramapandian (Intel Corporation) \nAbstract: \nThe networking industry is at an inflection point with ever increasing network link capacities coupled with the presence of programmable hardware ASICs. These set of circumstances call out for a robust approach to hardware and software co-existence for network programmability. \nP4TC is a P4 Linux kernel-native implementation on top of the Linux Traffic Control (TC) infrastructure that provides a vendor-neutral\, kernel-independent and architecture-independent interface for Match-Action packet processing compatible with the P4 specification. P4TC facilitates both a hardware datapath and a functionally equivalent kernel eBPF-assisted software datapath making it ideal to deal with both high speed links and programmable hardware. \nIn this paper\, we describe the goals and motivation of P4TC\, the design and architecture as well as illustrate the different concepts of the P4TC infrastructure via an example of a simple L2 switch. \nRead Paper | View Slides \n  \n\nNAP: Programming data planes with Approximate Data Structures\nMengying Pan (Princeton University)\, Hyojoon Kim (University of Virginia)\, Jennifer Rexford (Princeton University)\, David Walker (Princeton University) \nAbstract: \nMany applications that run on programmable data planes rely on approximate data structures\, due to insufficient in-network memory. However\, programming with approximate data structures is challenging because it requires (1) expertise in streaming algorithms to select the data structures that best match an application’s requirements\, (2) meticulous configuration to minimize approximation error while fitting within the hardware constraints\, and (3) proficiency in the low-level P4 language. To address these issues\, we propose NAP\, a high-level network programming language. The core of NAP is the versatile approximate dictionary abstraction that captures a wide range of compact data structures\, while allowing programmers to simply specify the kinds of error an application can tolerate. We demonstrate the language’s expressiveness\, conciseness\, and efficiency through a variety of network applications\, each compiling to P4 for the Intel Tofino in less than a second and featuring 25X–50X fewer lines of code compared to the P4 output. We evaluate an approximate stateful firewall written in NAP with real campus traffic\, achieving performance consistent with the predicted accuracy. \nRead Paper | View Slides \n  \nP4EAD: Securing the In-band Control Channels on Commodity Programmable Switches \nArchit Bhatnagar (Birla Institute of Technology & Science\, Pilani)\, Xin Zhe Khooi (National University of Singapore)\, Cha Hwan Song (National University of Singapore)\, Mun Choon Chan (National University of Singapore) \nAbstract: \nConventionally\, the control channel on network switches has always been out-of-band. With the emergence of high-performance systems built upon programmable switches\, the out-of-band control channel has become the bottleneck. Thus\, there is an emerging trend of implementing the control channel in the data path (i.e.\, in-band) on programmable switches to achieve high throughput and low-latency control actions. However\, the use of in-band control channels comes with the risk of security vulnerabilities that have not been explored in prior literature. In this paper\, we present P4EAD\, a cryptographic primitive to secure the in-band control channels on programmable switches entirely in the data plane. This ensures the integrity\, authenticity\, and confidentiality of in-band control messages. We conduct micro-benchmarks on P4EAD and demonstrate its integration with an existing high-performance in-band control framework\, showcasing minimal performance impact when securing the control channel. \nRead Paper | View Slides \n\n  \n\n\nPosters and Demos Session\nPoster: High-Speed Per-Packet Checksums on the Intel Tofino\nDavid Grölle (OVGU Magdeburg)\, Lars-Christian Schulz (OVGU Magdeburg)\, Robin Wehner (OVGU Magdeburg)\, David Hausheer (OVGU Magdeburg) \nAbstract: \nPath-aware networking has introduced new possibilities to monitor and control network access and solved a multitude of modern-day Internet security issues. Being able to authorize usage of specific paths enables network operators to offer high-quality services to customers requiring highly reliable network access. \nCurrently\, securing a network path or an end host is only possible by using high-level solutions like VPNs. With EPIC-HP (Every Packet Is Checked – Hidden Path)\, it has been shown that it is possible to move this functionality down into the network itself. EPIC-HP extends the path-aware Internet architecture SCION by offering per-packet checksums\, adding authentication to network traffic. This is used to combat DoS attacks on the network’s end hosts and give high-priority access to specific end users. In this paper\, we show that it is possible to implement the functionality of EPIC-HP along with SCION on the Intel Tofino 2 ASIC. EPIC-HP requires AES-based MAC verification with per-path keys in the data plane. By using the multi-pipeline structure of the Tofino\, we implemented the required AES and AES-CMAC cryptography using three pipes of the switch’s total four independent pipes. \nThe throughput we achieve is an order of magnitude above the data rates previously achieved for EPIC-HP and is a significant step towards a more secure Internet. \nRead Paper \n  \nPoster: P4DME: DNS Threat Mitigation with P4 In-Network Machine Learning Offload \nJuan Vanerio (University of Vienna)\, Csaba Györgyi (University of Vienna)\, Stefan Schmid (TU Berlin\, Fraunhofer SIT) \nAbstract: \nThe ever-evolving cybersecurity landscape demands innovative solutions to safeguard critical network infrastructure such as the Domain Name System (DNS). This paper presents P4DME\, a novel approach that harnesses the potential of Machine Learning (ML) in conjunction with P4 programmable switches to tackle DNS threats efficiently. P4DME’s primary benefit lies in offloading filtering from resource-intensive ML processing tasks on dedicated servers. This offloading boosts the overall traffic throughput that can be inspected or achieves the same throughput with reduced resource consumption while preserving the servers’ capabilities for high-performance threat identification. This work uses P4-based in-network elements to handle crucial DNS threats\, dynamic white- and blacklisting\, and an online popularity-based anomaly detection heuristic. The latter serves as a trigger for dedicated ML-based inspection. Furthermore\, we introduce in-network mitigation filters updated through the control plane to provide adaptable and responsive threat mitigation. Preliminary simulation results show more than 99.9% offload ratio at 5% increased False Negative Ratio. \nRead Paper \n  \nPoster: Maintaining Sets With Deletions in the Data Plane \nJonathan Diamant (The Open University of Israel)\, Shir Landau Feibish (The Open University of Israel) \nAbstract: \nSets are one of the most fundamental data types in Computer Science\, and data structures used to maintain sets are used in many algorithms. These structures normally support three basic operations: insertion\, look-up (i.e. set-membership query)\, and deletion. The most common set-membership data structure used in the data plane is the Bloom Filter (BF). While BFs are relatively easy to adapt to the data plane\, they offer a limited set-membership functionality as they do not support deletions. If deletions are required\, a Counting Bloom Filter (CBF) (which maintains counters instead of bits) may be used. Yet\, if a key was inserted multiple times\, multiple deletions would be needed to completely remove the key from the structure. We present MEM-D\, a fast and lightweight set-membership data structure for the data plane\, which supports all three operations: look-up\, insertion\, and deletion. MEM-D supports the uniqueness property\, meaning that a key would be removed with a single deletion operation even if it was inserted multiple times. MEM-D provides a false positive (FP) error rate similar to the rate of the standard BF and additionally may incur a small false negative (FN) error. We have implemented MEM-D on a hardware Tofino target using P4. To the best of our knowledge\, MEM-D is the first data structure for set-membership in the data plane\, which supports deletion. \nRead Paper \n  \n\nPoster: Adaptive In-Network Inference using Early-Exits\nHeewon Kim (Korea University)\, Seongyeon Yoon (Korea University)\, Sangheon Pack (Korea University) \nAbstract: \nIn-network (or on-path) inference over programmable data planes allows fast and low-overhead inference in deep neural networks. In this work\, we propose an adaptive approach to strike the balance between accuracy and processing cost. To be specific\, the confidence score is evaluated at the end of each layer\, and an early exit is triggered if the confidence score is sufficiently high. We implement this early-exit scheme over BMv2 software switches and the results demonstrate that the proposed scheme successfully controls the trade-off by making use of the confidence score. \nRead Paper \n  \nDemo: Enabling DNN-Based Inference in the Network Data Plane \nSiddhartha (AMD)\, Justin Tan (AMD & NUS)\, Rajesh Bansal (AMD)\, Chee Chung Chan (AMD)\, Yuta Tokusashi (AMD)\, Yew Kwan Chong (AMD)\, Haris Javaid (AMD)\, Mario Baldi (AMD) \nAbstract: \nAdvancements in programmable packet processing technologies have fostered innovation across a range of networking applications. Integration of deep neural networks (DNN) in the network data plane\, however\, has remained largely unaddressed due to the high compute requirements of the underlying algebraic kernels. In this paper\, we show how P4 packet processing pipelines can be augmented with DNN inference engines on devices readily available in the market today. We share a network security case study\, where we train a DNN-based anomaly detector that classifies active traffic flows as either malicious or benign using per-packet inference. Our implementation runs on an AMD AlveotextsuperscriptTM U250 FPGA accelerator card\, and is capable of servicing network traffic of up to approx~98~Mpps on 100~GbpE links. \nRead Paper \n  \nWorkshop General Chairs\nFernando Ramos\, University of Lisbon\nMuhammad Shahbaz\, Purdue University \nProgram Chairs\nVladimir Gurevich\, P4ica\nSalvatore Signorello\, Telefonica Research\, Spain \nPublicity Chairs\nDenise Barton\, ONF\nSandor Laki\, Eötvös Loránd University \nProgram Committee\nAlan Lo\,  NVIDIA\nAlan Zaoxing Liu\, University of Maryland\nAndy Fingerhut\, Intel\nAnirudh Sivaraman\, New York University\nChristian Esteve Rothenberg\, University of Campinas\nDaehyeok Kim\, University of Texas at Austin\nDavide Sanvito\, NEC Labs\nEnnan Zhai\, Alibaba Cloud\nGianni Antichi\, Politecnico di Milano & Queen Mary University of London\nJiarong Xing\, Rice University\nMario Baldi\, AMD & Politecnico di Torino\nNate Foster\, Cornell University\nNik Sultana\, Illinois Institute of Technology\nRobert Soulé\, Yale University\nShir Landau Feibish – The Open University of Israel \n 
URL:https://p4.org/event/euro-p4-2023/
CATEGORIES:Events
END:VEVENT
END:VCALENDAR