Decision Tree Based IoT Attack Detection in Programmable Data Plane Using P4 Language

Abstract

The Internet of Things (IoT) is a massively growing domain. With this the threats are also growing. Software Defined Networking (SDNs) is an emerging architecture which separates the control plane and the data plane of a network. It is being put to practice in networks around the world to mitigate issues. With growing heterogeneity in IoT protocols, it is cumbersome and costly to use SDNs. The Programming Protocol-independent Packet Processors (P4) is an open source, domain-specific programming language for network devices, specifying how data plane devices (switches, routers, NICs, filters, etc.) process packets. To overcome the challenges of IoT, P4 language is ideal as it provides flexibility for programming the data plane. We propose a light and fast approach to use decision tree to detect attacks from network traces and form small header fields to implement high accuracy attack detection in the programmable data plane using the P4 language.