ACM SIGCOMM 2021 Workshop on Secure Programmable network INfrastructure (SPIN 2021)

The workshop has an associated Slack channel for discussions. Click on the link below to visit it. If you're asked to sign in, please use this link.

Go to workshop Slack channel

Workshop program

Friday, August 27, 2021 EDT
1:00 - 2:00 pm EDT Opening + Keynote
Tea/Coffee/Meal Break

1:00 - 1:10 pm EDT

Opening Remarks

Speakers: Workshop co-chairs

1:10 - 2:00 pm EDT

Keynote: (How) Can Programmable Networks Help Reverse Attacker-Defender Asymmetry?

Speaker: Vyas Sekar (CMU)
Abstrac: Today, security breaches and downtime of critical infrastructures continue to be the norm rather than the exception, despite the dramatic rise in spending on network security. Attackers today can easily leverage a distributed and programmable infrastructure of compromised machines (or botnets) to launch large-scale and sophisticated attacks. In contrast, the defenders of our critical infrastructures are crippled as they rely on fixed capacity, inflexible, and expensive hardware appliances. This forces them into adopting weak and static security postures, as they face unpleasant tradeoffs between false positives and false negatives. Continuing along this trajectory means that attackers will always hold the upper hand as defenders are stifled by the inflexible and ineffective tools in their arsenal.
Programmable networks offer a glimmer of hope to potentially reverse this long-standing asymmetry and fundamentally change the dynamics of this attack-defense equation. Instead of developing attack-specific defenses, we can focus on empowering defenders with the right tools and abstractions to tackle the constantly evolving attack landscape. Such a software-defined approach to network security can enable the development and deployment of novel in-depth defenses and dynamically customize the network’s security posture to the current operating context. Realizing this vision raises fundamental challenges that transcend conventional networking and security technologies and necessitates a radical rethink across the entire “stack”.
In this talk, I will provide some examples of prior and ongoing work in this broad theme and also highlight some open challenges and future directions.
Biography: Vyas Sekar is the Tan Family Chair Professor in the Electrical and Computer Engineering Department at Carnegie Mellon University. His research is broadly in the area of networking, security, and systems, Vyas received a B.Tech from the Indian Institute of Technology, Madras where he was awarded the President of India Gold Medal, and a Ph.D from Carnegie Mellon University. He is the recipient of the NSF CAREER award and the ACM SIGCOMM Rising Star Award. His work has received best paper awards at ACM Sigcomm, ACM CoNext, and ACM Multimedia, the NSA Science of Security prize, the CSAW Applied Security Research Prize, and the Applied Networking Research Prize. He has served on organizing committees of many conferences, workshops, mentoring events, and award panels in both the computer networking and security communities.

2:00 - 3:30 pm EDT Workshop Session

Session chair: Yixin Sun

Faster enclave transitions for IO-intensive network applications

Jakob Svenningsson (KTH), Nicolae Paladi (Lund University, RISE Cybersecurity), Arash Vahidi (RISE Cybersecurity)

Anomaly Detection in Data Plane Systems using Packet Execution Paths

Archit Sanghi (IIT Hyderabad), Krishna P. Kadiyala (Texas Christian University), Praveen Tammana (IIT Hyderabad), Saurabh Joshi (IIT Hyderabad)

Secure Keyed Hashing on Programmable Switches

Sophia Yoo (Princeton University), Xiaoqi Chen (Princeton University)

3:30 - 3:45 pm EDT Break
Tea/Coffee Break
3:45 - 4:45 pm EDT Panel
Tea/Coffee/Meal Break

3:45 - 4:45 pm EDT

Panel chair: Ram Durairajan

Panelists: Anja Feldmann (Max Planck Institute), Guofei Gu (TAMU), Deep Medhi (NSF), Gordon Brebner (Xilinx)

4:45 - 4:50 pm EDT Closing Remarks
Tea/Coffee/Meal Break

4:45 - 4:50 pm EDT

Closing Remarks

Speaker: Workshop co-chairs

Call for Papers

The Internet was not designed with a secure foundation. However, as more and more applications rely on secure network services, the importance of network security has grown significantly. Looking forward, the security of networks and networked systems will become a first-class design goal, just like performance and reliability are today. Up until recently, one hindrance in designing secure networks is that the Internet was very hard to change. Networking devices used to be "black boxes", and only the switch vendors can decide what goes into these boxes. Despite many interesting proposals on Internet/network security, many of them cannot be easily integrated into the operational network without a forklift change.

Recently, a new opportunity is on the horizon: networking hardware is becoming programmable. The networking community has already leveraged this to design a range of new systems and capabilities “in-network”, but we argue that it is important to rethink network security in light of this trend as well.

The 2nd SPIN workshop aims to provide a forum for the community to come together and rethink fundamental questions in Internet security. In this workshop, we are soliciting papers that examine the security implications of the trend of network programmability, particularly in the recent development of programmable data planes. We seek contributions on early ideas in these areas, position papers that outline the next steps in network security, as well as preliminary papers from ongoing projects that could benefit from early community feedback. The workshop seeks to bring together experts in networking, security, hardware, programming languages, and systems to reexamine opportunities for network security in the next generation.

Topics of Interest

We invite submissions on a wide range of topics of interest, including, but not limited to:

Security applications of programmable networking hardware
Security risks of programmable networking hardware
Intrusion and anomaly detection and prevention
Denial-of-service attacks and countermeasures
Deployable or backward-compatible designs for programmable networks
Architectural support for Internet/network security
Role of programmable optics for network security
Cross-layer programmability and software-defined infrastructures for network security
New deployment environments (e.g., IoT, smart homes, multi-tenant data centers) that could benefit from secure programmable infrastructures
Incrementally deployable designs for secure programmable networks
Automated analysis of secure programmable networks

Submission Instructions

Submissions must be original, unpublished work, and not under consideration at another conference or journal. LaTeX sources can be found at this link. With older versions of this template, authors should use "10pt" in the documentclass command to ensure that the font size for all submitted papers is 10 points. The length of the submitted paper should be 6 pages, excluding references. Authors are welcome to include an appendix beyond the page limit, but the main paper should be self-contained. Paper submissions should not include author names or affiliations, and submissions will go through a double-blind reviewing process by the program committee. At least one author for each accepted paper is expected to present the paper at the workshop in person. We expect that at least some papers at SPIN would represent "work-in-progress" projects. Therefore, authors of published papers could choose to extend their work to full-length conference papers later.

Please submit your paper via https://spin21.hotcrp.com.