Chen, Ang2024-08-302024-08-302024-082024-08-09August 202Xing, Jiarong. Building Secure Runtime Programmable Networked Systems. (2024). PhD diss., Rice University. https://hdl.handle.net/1911/117776https://hdl.handle.net/1911/117776Our modern lives rely on a variety of network services, which are powered by large-scale networked systems spanning the globe. These systems constantly evolve to match the growing demand for variegated applications and services. The most recent advance in this domain is programmable network devices (e.g., programmable switches, SmartNICs, and FPGAs). Built with specialized hardware, these new devices can deliver high performance while enabling greater operational flexibility. Researchers have seized this opportunity to build efficient and agile networked systems by redesigning the network protocols and applications. On these grounds, in this thesis, we consider the research question of what next-generation networked systems should entail. While we view network programmability as a positive initial step, we believe future networked systems should extend beyond that. Specifically, we investigate two crucial properties that are absent from today's networked systems: security and runtime programmability. Security is a long-absent network property, as has been proved by the escalating network attacks. Although those attacks are launched through or directly targeting the network, the current network infrastructure has not played an active role in defense. We believe the future network infrastructure should treat security as a first-class goal just as it does routing so that while routing traffic end-to-end, the network also applies a variety of security defenses to eliminate threats within the traffic. The increasing programmability provides an unprecedented opportunity to architect security into the network without incurring intrusive infrastructure changes. In this thesis, we envision enhancing the network infrastructure with security functionalities in two steps. We first turn a programmable switch into a defense platform where a range of defenses can be activated according to the type of threat. Next, we turn the whole network into a defense fleet that conducts security functions while performing end-to-end routing. Following this roadmap, we design NetWarden, a performance-preserving covert channel defense on a single switch, and Ripple, a programmable, decentralized link-flooding defense on multiple switches across the network. Furthermore, for most of the programmable network devices available on the market, their programmability is restricted by a practical yet fundamental barrier: device functions are only programmable at compile time, but they effectively become fixed functions at runtime. We believe future networked systems need not only compile-time programmability but also runtime programmability---the ability to seamlessly incorporate function changes at any time. Runtime programmable networked systems can shapeshift in response to real-time change; they can be optimally tuned for the current requirements and traffic workloads. This requires runtime programming of individual devices as a building block including both switches and NICs. In this thesis, we first realize runtime programmability for switches by designing FlexCore, a whole-stack design for runtime programmable switches. Next, we explore runtime programmability on SmartNICs in Pipeleon, where packet processing performance varies with traffic patterns. Leveraging runtime programmability, we address the problem by adjusting the implementation according to runtime traffic profiles.application/pdfengCopyright is held by the author, unless otherwise indicated. Permission to reuse, publish, or reproduce the work beyond the bounds of fair use or other exemptions to copyright law must be obtained from the copyright holder.Programmable switchesSmartNICsNetwork securityRuntime programmabilityP4DDoSThesis2024-08-30