Name
Abstract | ||
|---|---|---|
With the increasing network traffic volume in the big data era, enterprises have paid significant attentions on outsourcing middlebox services to the public cloud. While offering appealing benefits, including network resource scalability and management cost reduction, it also raises severe privacy and security issues, such as the exposure of packet payload and middlebox rules. Since the traffic is redirected to cloud server, the exposure of packet payload and middlebox rule becomes inevitable. Simply encrypting the traffic can mitigate this problem at the cost of sacrificing data utility, which poses great challenges on deep packet inspection. In this paper, an efficient and secure Deep Packet Inspection (DPI) scheme is proposed based on non-collusion two cloud servers to enable data utility, while protecting the packet payload and middlebox rules. We leverage encrypted Matryoshka filter and T-set to process DPI. Since both the middlebox rule and packet payload are encrypted, cloud server cannot breach the confidentiality of them. We also build a secure hash chain to prevent the leakage of token order information. Extensive experiments demonstrate that proposed scheme performances better in terms of packet processing, rule preparation and rule matching. |
Year | DOI | Venue |
|---|---|---|
2019 | 10.1109/ICC.2019.8761954 | IEEE International Conference on Communications |
Field | DocType | ISSN |
Deep packet inspection,Middlebox,Computer science,Network packet,Computer network,Encryption,Packet processing,Hash chain,Cloud computing,Payload | Conference | 1550-3607 |
Citations | PageRank | References |
0 | 0.34 | 0 |
Authors | ||
4 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Hao Ren | 1 | 25 | 8.99 |
| Hongwei Li | 2 | 125 | 5.32 |
| Dongxiao Liu | 3 | 11 | 3.89 |
| Xuemin Shen | 4 | 15389 | 928.67 |