CyberTraining: Implementation: Small: Cybertraining on P4 Programmable Devices using an Online Scalable Platform with Physical and Virtual Switches and Real Protocol Stacks

网络培训:实施:小型:使用具有物理和虚拟交换机以及真实协议栈的在线可扩展平台在 P4 可编程设备上进行网络培训

基本信息

  • 批准号:
    2118311
  • 负责人:
  • 金额:
    $ 49.95万
  • 依托单位:
  • 依托单位国家:
    美国
  • 项目类别:
    Standard Grant
  • 财政年份:
    2021
  • 资助国家:
    美国
  • 起止时间:
    2021-10-01 至 2025-09-30
  • 项目状态:
    未结题

项目摘要

Traditionally, the data plane of network devices has been designed with fixed functions to forward data packets, using a small set of communication protocols. This closed-design paradigm has limited the capability of switches to costly proprietary implementations that are hard-coded by vendors. Recently, data plane programmability has attracted significant attention, permitting the owners of communication networks to use switches with customized processing functions. While large companies are now using programmable platforms, campus networks and small- and medium-sized enterprises have yet to fully benefit from the advantages of P4, the de-facto standard for programming the data plane. A key barrier preventing faster adoption of P4 is the availability of engaging training material for cyberinfrastructure (CI) professionals that focuses on the operation and management of P4 systems. This project addresses the gap by developing hands-on virtual labs that run on a platform for online instruction, referred to as the academic cloud. The project will lower the entry barrier to innovation through P4 technology, which will enable CI professionals to reduce the time to design, test, and adopt new communication protocols; devise new customized applications; understand the behavior of data packets as they travel across networks; develop more effective defenses against cybersecurity attacks; and improve the performance of applications used in essential areas such as cybersecurity, Internet of Things (IoT), congestion control, and others.The first goal of the project is to facilitate the adoption of programmable P4 devices by CI professionals and by network owners in general, by developing virtual labs. The second goal is to promote the integration of P4 and virtual labs into academic degree programs at the associate, bachelor, and graduate levels. Equipment used in virtual labs consists of production-grade devices such as software switches (e.g., Open vSwitch, PISCES), hardware switches based on state-of-the-art Tofino chips, and open-source operating systems and controllers (e.g., Open Network Linux, Open Network Operating System). For virtual labs using physical devices, the equipment pods incorporate P4 programmable hardware switches that are attached to the cloud and are managed via remote-access capability. Virtual labs provide both functional and traffic realism, as they use the same equipment as in real deployments and generate interactive network traffic. They emulate communications across local area networks (LANs), wide area networks (WANs), campus networks, data centers, and high-performance systems. The project will organize workshops to create awareness of this new technology and virtual labs resources, and to train CI professionals on P4. Workshops are co-organized and broadly disseminated through collaborators that play a critical role in enhancing and securing the national cyberinfrastructure: ESnet, the high-performance network that carries science traffic for the U.S. Department of Energy, including the National Laboratory system; and Internet2 and Front Range GigaPOP, two Research and Education Networks (RENs) that operate national and regional communication backbones. Finally, in coordination with the Western Academy Support and Training Center, one of the main technical training centers in the U.S. for two- and four-year instruction, and the Network Development Group, a company in virtualized training, the project will train IT instructors interested in the P4 technology.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
传统上,网络设备的数据平面被设计为具有固定功能,以使用一小组通信协议来转发数据包。这种封闭式设计模式将交换机的功能限制在由供应商硬编码的昂贵的专有实现上。最近,数据平面可编程性已经引起了极大的关注,允许通信网络的所有者使用具有定制处理功能的交换机。虽然大公司现在都在使用可编程平台,但园区网络和中小型企业尚未充分受益于P4的优势,P4是数据平面编程的事实标准。阻碍更快采用P4的一个关键障碍是针对网络基础设施(CI)专业人员的培训材料的可用性,这些培训材料侧重于P4系统的操作和管理。该项目通过开发在在线教学平台(称为学术云)上运行的动手虚拟实验室来解决差距。该项目将通过P4技术降低创新的准入门槛,这将使CI专业人员能够减少设计,测试和采用新通信协议的时间;设计新的定制应用程序;了解数据包在网络中传输时的行为;开发更有效的防御网络安全攻击;提高网络安全、物联网(IoT)、拥塞控制等重要领域应用的性能,该项目的第一个目标是通过开发虚拟实验室,促进CI专业人员和一般网络所有者采用可编程P4设备。第二个目标是促进P4和虚拟实验室与副学士、学士和研究生学位课程的整合。虚拟实验室中使用的设备包括生产级设备,如软件交换机(例如,Open vSwitch、PISCES)、基于最先进的Tofino芯片的硬件交换机以及开源操作系统和控制器(例如,开放网络Linux、开放网络操作系统)。对于使用物理设备的虚拟实验室,设备吊舱包含连接到云并通过远程访问功能进行管理的P4可编程硬件交换机。虚拟实验室提供功能和流量的真实感,因为它们使用与真实的部署相同的设备,并生成交互式网络流量。它们模拟跨局域网(LAN)、广域网(WAN)、校园网、数据中心和高性能系统的通信。该项目将组织研讨会,以提高人们对这项新技术和虚拟实验室资源的认识,并对P4的CI专业人员进行培训。讲习班通过在加强和保护国家网络基础设施方面发挥关键作用的合作者共同组织和广泛传播:ESnet,为美国能源部提供科学流量的高性能网络,包括国家实验室系统;以及Internet 2和Front Range GigaPOP,两个研究和教育网络(REN),运营国家和区域通信骨干。最后,在与西方学院支持和培训中心,在美国的主要技术培训中心之一,两年和四年的指导,和网络开发集团,在虚拟化培训公司的协调,该项目将培训对P4技术感兴趣的IT讲师。该奖项反映了NSF的法定使命,并通过使用基金会的知识价值和更广泛的影响审查标准。

项目成果

期刊论文数量(7)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
A survey on TCP enhancements using P4-programmable devices
  • DOI:
    10.1016/j.comnet.2022.109030
  • 发表时间:
    2022-05
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Ignacio Aguaded;Elie F. Kfoury;J. Crichigno;Gautam Srivastava
  • 通讯作者:
    Ignacio Aguaded;Elie F. Kfoury;J. Crichigno;Gautam Srivastava
A survey on security applications of P4 programmable switches and a STRIDE-based vulnerability assessment
  • DOI:
    10.1016/j.comnet.2022.108800
  • 发表时间:
    2022-02
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Ali AlSabeh;Joseph Khoury;Elie F. Kfoury;J. Crichigno;E. Bou-Harb
  • 通讯作者:
    Ali AlSabeh;Joseph Khoury;Elie F. Kfoury;J. Crichigno;E. Bou-Harb
P4DDPI: Securing P4-Programmable Data Plane Networks via DNS Deep Packet Inspection
P4DDPI:通过 DNS 深度数据包检查保护 P4 可编程数据平面网络
Enabling P4 Hands-on Training in an Academic Cloud
A Survey on Rerouting Techniques with P4 Programmable Data Plane Switches
  • DOI:
    10.1016/j.comnet.2023.109795
  • 发表时间:
    2023-04
  • 期刊:
  • 影响因子:
    0
  • 作者:
    A. Mazloum;Elie F. Kfoury;Ignacio Aguaded;J. Crichigno
  • 通讯作者:
    A. Mazloum;Elie F. Kfoury;Ignacio Aguaded;J. Crichigno
{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

Jorge Crichigno其他文献

Throughput Optimization in Multihop Wireless Networks with Multipacket Reception and Directional Antennas
具有多包接收和定向天线的多跳无线网络的吞吐量优化
A survey on security applications with SmartNICs: Taxonomy, implementations, challenges, and future trends
  • DOI:
    10.1016/j.jnca.2025.104257
  • 发表时间:
    2025-10-01
  • 期刊:
  • 影响因子:
    8.000
  • 作者:
    Sergio Elizalde;Ali AlSabeh;Ali Mazloum;Samia Choueiri;Elie Kfoury;Jose Gomez;Jorge Crichigno
  • 通讯作者:
    Jorge Crichigno
On DGA Detection and Classification Using P4 Programmable Switches
  • DOI:
    10.1016/j.cose.2024.104007
  • 发表时间:
    2024-10-01
  • 期刊:
  • 影响因子:
  • 作者:
    Ali AlSabeh;Kurt Friday;Elie Kfoury;Jorge Crichigno;Elias Bou-Harb
  • 通讯作者:
    Elias Bou-Harb
Enhancing visibility on a science DMZ with P4-perfSONAR
  • DOI:
    10.1016/j.jnca.2025.104263
  • 发表时间:
    2025-10-01
  • 期刊:
  • 影响因子:
    8.000
  • 作者:
    Ali Mazloum;Elie Kfoury;Ali AlSabeh;Jose Gomez;Jorge Crichigno
  • 通讯作者:
    Jorge Crichigno

Jorge Crichigno的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

{{ truncateString('Jorge Crichigno', 18)}}的其他基金

OAC Core: Enhancing Network Security by Implementing an ML Malware Detection and Classification Scheme in P4 Programmable Data Planes and SmartNICs
OAC 核心:通过在 P4 可编程数据平面和智能网卡中实施 ML 恶意软件检测和分类方案来增强网络安全
  • 批准号:
    2403360
  • 财政年份:
    2024
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
CC* Integration-Small: Enhancing Data Transfers by Enabling Programmability and Closed-loop Control in a Non-programmable Science DMZ
CC* Integration-Small:通过在不可编程科学 DMZ 中启用可编程性和闭环控制来增强数据传输
  • 批准号:
    2346726
  • 财政年份:
    2024
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
Collaborative: Multi-state Community College, University and Industry Collaboration to Prepare Learners for 21st Century Information Technology Jobs
协作:多州社区学院、大学和行业协作,帮助学习者为 21 世纪信息技术工作做好准备
  • 批准号:
    1902397
  • 财政年份:
    2019
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
CC* Networking Infrastructure: Building a Science DMZ for Data-intensive Research and Computation at the University of South Carolina
CC* 网络基础设施:在南卡罗来纳大学构建用于数据密集型研究和计算的科学 DMZ
  • 批准号:
    1925484
  • 财政年份:
    2019
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
CyberTraining CIP: Cyberinfrastructure Expertise on High-throughput Networks for Big Science Data Transfers
Cyber​​Training CIP:用于大科学数据传输的高吞吐量网络的网络基础设施专业知识
  • 批准号:
    1829698
  • 财政年份:
    2018
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
Collaborative Research: Capacity Building: Building a Cybersecurity Pipeline through Experiential Virtual Labs and Workforce Alliances
合作研究:能力建设:通过体验式虚拟实验室和劳动力联盟构建网络安全管道
  • 批准号:
    1822567
  • 财政年份:
    2018
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
Collaborative Research: Capacity Building: Building a Cybersecurity Pipeline through Experiential Virtual Labs and Workforce Alliances
合作研究:能力建设:通过体验式虚拟实验室和劳动力联盟构建网络安全管道
  • 批准号:
    1723323
  • 财政年份:
    2017
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
CC*DNI Campus Design: Northern's Network Expansion for Large Science and Engineering Data Flows
CC*DNI 校园设计:北方针对大型科学和工程数据流的网络扩展
  • 批准号:
    1541352
  • 财政年份:
    2015
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant

相似海外基金

Collaborative Research: CyberTraining: Implementation: Small: Inclusive Cyberinfrastructure and Machine Learning Training to Advance Water Science Research
合作研究:网络培训:实施:小型:包容性网络基础设施和机器学习培训,以推进水科学研究
  • 批准号:
    2320980
  • 财政年份:
    2024
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
Collaborative Research: CyberTraining: Implementation: Small: Inclusive Cyberinfrastructure and Machine Learning Training to Advance Water Science Research
合作研究:网络培训:实施:小型:包容性网络基础设施和机器学习培训,以推进水科学研究
  • 批准号:
    2320979
  • 财政年份:
    2024
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
Cybertraining: Implementation: Small: CIberCATSS, A Comprehensive, Applied and Tangible CyberInfrastructure Summer School in Southeastern Wisconsin
网络培训:实施:小型:CIberCATSS,威斯康星州东南部的综合性、应用性和有形的网络基础设施暑期学校
  • 批准号:
    2229652
  • 财政年份:
    2023
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
CyberTraining: Implementation: Small: COMPrehensive Learning for end-users to Effectively utilize CyberinfraStructure (COMPLECS)
网络培训:实施:小型:最终用户全面学习以有效利用网络基础设施 (COMPLECS)
  • 批准号:
    2320934
  • 财政年份:
    2023
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
Collaborative Research: CyberTraining: Implementation: Small: Train the Trainers as Next Generation Leaders in Data Science for Cybersecurity for Underrepresented Communities
协作研究:网络培训:实施:小型:将培训师培训为代表性不足社区网络安全数据科学的下一代领导者
  • 批准号:
    2321111
  • 财政年份:
    2023
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
CyberTraining: Implementation: Small: Infrastructure Cybersecurity Curriculum Development and Training for Advanced Manufacturing Research Workforce
网络培训:实施:小型:基础设施网络安全课程开发和先进制造研究人员培训
  • 批准号:
    2230025
  • 财政年份:
    2023
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
Collaborative Research: CyberTraining: Implementation: Small: Broadening Adoption of Cyberinfrastructure and Research Workforce Development for Disaster Management
协作研究:网络培训:实施:小型:扩大网络基础设施的采用和灾害管理研究队伍的发展
  • 批准号:
    2321069
  • 财政年份:
    2023
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
Collaborative Research: CyberTraining: Implementation: Small: Broadening Adoption of Cyberinfrastructure and Research Workforce Development for Disaster Management
协作研究:网络培训:实施:小型:扩大网络基础设施的采用和灾害管理研究队伍的发展
  • 批准号:
    2321070
  • 财政年份:
    2023
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
Collaborative Research: CyberTraining: Implementation: Small: Train the Trainers as Next Generation Leaders in Data Science for Cybersecurity for Underrepresented Communities
协作研究:网络培训:实施:小型:将培训师培训为代表性不足社区网络安全数据科学的下一代领导者
  • 批准号:
    2321112
  • 财政年份:
    2023
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
Collaborative Research: CyberTraining: Implementation: Small: Train the Trainers as Next Generation Leaders in Data Science for Cybersecurity for Underrepresented Communities
协作研究:网络培训:实施:小型:将培训师培训为代表性不足社区网络安全数据科学的下一代领导者
  • 批准号:
    2321110
  • 财政年份:
    2023
  • 资助金额:
    $ 49.95万
  • 项目类别:
    Standard Grant
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了