P4Pir and FLIP4

The wide use of IoT devices has increased network-data generation, but also cyber-attacks, with newly emerging threats.

P4Pir introduced in-network ML-based attack detection that is effective and fast, detecting and blocking previously unknown attacks. P4Pir facilitates continuous and seamless updates of in-network inference models within gateways. P4Pir is prototyped in P4 language on Raspberry Pi and Dell Edge Gateway. 

Still, supporting distributed edge IoT devices increases communication overheads, and raises data privacy concerns.

FLIP4 is a distributed in-network attack detection framework based on federated tree models. FLIP4 maintains data privacy by enabling distributed machine learning training while keeping data local at the edge. It uses in-network inference within the programmable data plane to provide timely attack labelling and mitigation. FLIP4 can accurately detect attacks while maintaining source data privacy and enabling lightweight deployment on IoT edge gateways.

Contributions by Mingyuan Zang, Tomasz Koziak, Lars Dittmann (DTU), Changgang Zheng and Noa Zilberman (Oxford)