English
Related papers

Related papers: A flow-based IDS using Machine Learning in eBPF

200 papers

Linux-based cloud environments have become lucrative targets for ransomware attacks, employing various encryption schemes at unprecedented speeds. Addressing the urgency for real-time ransomware protection, we propose leveraging the…

Cryptography and Security · Computer Science 2024-09-11 Adrian Brodzik , Tomasz Malec-Kruszyński , Wojciech Niewolski , Mikołaj Tkaczyk , Krzysztof Bocianiak , Sok-Yen Loui

Extended Berkeley Packet Filter (eBPF) is a runtime that enables users to load programs into the operating system (OS) kernel, like Linux or Windows, and execute them safely and efficiently at designated kernel hooks. Each program passes…

With the advent of Software Defined Networks (SDN), Network Function Virtualisation (NFV) or Service Function Chaining (SFC), operators expect networks to support flexible services beyond the mere forwarding of packets. The network…

Networking and Internet Architecture · Computer Science 2018-10-25 Mathieu Xhonneux , Fabien Duchene , Olivier Bonaventure

This paper introduces a Testbed designed for generating network traffic, leveraging the capabilities of containers, Kubernetes, and eBPF/XDP technologies. Our Testbed serves as an advanced platform for producing network traffic for machine…

Cryptography and Security · Computer Science 2024-10-25 Talaya Farasat , JongWon Kim , Joachim Posegga

The rapid expansion of the Internet of Things (IoT) has intensified security challenges, notably from Distributed Denial of Service (DDoS) attacks launched by compromised, resource-constrained devices. Traditional defenses are often…

Cryptography and Security · Computer Science 2025-08-05 Abdurrahman Tolay

The eBPF framework enables execution of user-provided code in the Linux kernel. In the last few years, a large ecosystem of cloud services has leveraged eBPF to enhance container security, system observability, and network management.…

Cryptography and Security · Computer Science 2024-09-13 Soo Yee Lim , Tanya Prasad , Xueyuan Han , Thomas Pasquier

Information and Communication Technologies (ICT) infrastructures are becoming increasingly complex day by day, facing numerous challenges to support the latest networking paradigms. Security is undeniably a critical component for the…

Cryptography and Security · Computer Science 2024-10-29 Talaya Farasat , JongWon Kim , Joachim Posegga

A Network Intrusion Detection System (NIDS) is a tool that identifies potential threats to a network. Recently, different flow-based NIDS designs utilizing Machine Learning (ML) algorithms have been proposed as solutions to detect…

Cryptography and Security · Computer Science 2023-10-27 Loc Gia Nguyen , Kohei Watabe

As large language models (LLMs) move from research to production, understanding how inference engines behave in real time has become both essential and elusive. Unlike general-purpose engines such as ONNX Runtime, today's LLM inference…

Software Engineering · Computer Science 2026-01-30 Bohua Zou , Debayan Roy , Dhimankumar Yogesh Airao , Weihao Xu , Binqi Sun , Yutao Liu , Haibo Chen

A Network Intrusion Detection System (NIDS) is an important tool that identifies potential threats to a network. Recently, different flow-based NIDS designs utilizing Machine Learning (ML) algorithms have been proposed as potential…

Cryptography and Security · Computer Science 2023-06-09 Loc Gia Nguyen , Kohei Watabe

Segment Routing is a modern variant of source routing that is being gradually deployed by network operators. Large ISPs use it for traffic engineering and fast reroute purposes. Its IPv6 dataplane, named SRv6, goes beyond the initial MPLS…

Networking and Internet Architecture · Computer Science 2018-10-25 Mathieu Xhonneux , Olivier Bonaventure

The extended Berkeley Packet Filter (eBPF) is useful for faster packet processing and network monitoring in softwarized deployments. Similarly, softwarized deployments of 5G core network services adopted eBPF to meet the stringent latency…

Networking and Internet Architecture · Computer Science 2026-03-23 Yash Deshpande , Samaresh Bera

We leverage eBPF in order to implement custom policies in the Linux memory subsystem. Inspired by CBMM, we create a mechanism that provides the kernel with hints regarding the benefit of promoting a page to a specific size. We introduce a…

Operating Systems · Computer Science 2024-09-18 Konstantinos Mores , Stratos Psomadakis , Georgios Goumas

For safety reasons, unprivileged users today have only limited ways to customize the kernel through the extended Berkeley Packet Filter (eBPF). This is unfortunate, especially since the eBPF framework itself has seen an increase in scope…

Operating Systems · Computer Science 2023-08-16 Soo Yee Lim , Xueyuan Han , Thomas Pasquier

A growing issue in the modern cyberspace world is the direct identification of malicious activity over network connections. The boom of the machine learning industry in the past few years has led to the increasing usage of machine learning…

Networking and Internet Architecture · Computer Science 2018-10-05 Jinoh Kim , Caitlin Sim , Jinhwan Choi

An Intrusion Detection System (IDS) is a software that monitors a single or a network of computers for malicious activities (attacks) that are aimed at stealing or censoring information or corrupting network protocols. Most techniques used…

Cryptography and Security · Computer Science 2015-05-12 Mahdi Zamani , Mahnush Movahedi

Inaccuracies in conventional dependency-tracking methods frequently undermine the security and integrity of modern software supply chains. This paper introduces a kernel-level framework leveraging extended Berkeley Packet Filter (eBPF) to…

Cryptography and Security · Computer Science 2025-03-05 Naveen Srinivasan , Nathan Naveen , Neil Naveen

The overhead of the kernel storage path accounts for half of the access latency for new NVMe storage devices. We explore using BPF to reduce this overhead, by injecting user-defined functions deep in the kernel's I/O processing stack. When…

Operating Systems · Computer Science 2021-02-26 Yu Jian Wu , Hongyi Wang , Yuhong Zhong , Asaf Cidon , Ryan Stutsman , Amy Tai , Junfeng Yang

Intrusion Detection Systems (IDS) are a vital part of a network-connected device. In this paper, we develop a deep learning based intrusion detection system that is deployed in a distributed setup across devices connected to a network. Our…

Cryptography and Security · Computer Science 2025-08-13 Abu Shafin Mohammad Mahdee Jameel , Shreya Ghosh , Aly El Gamal

Network security engineers work to keep services available all the time by handling intruder attacks. Intrusion Detection System (IDS) is one of the obtainable mechanisms that is used to sense and classify any abnormal actions. Therefore,…

Networking and Internet Architecture · Computer Science 2018-09-10 Mouhammad Alkasassbeh , Mohammad Almseidin
‹ Prev 1 2 3 10 Next ›