Abstract

Network attacks are escalating rapidly, but today's network infrastructure plays little role in the defense due to its fixed nature. The advance in programmable network devices provide exciting opportunities to build security defenses in the network, and to swap them in and out dynamically in response to changing attacks. In this talk, I will first describe my work in architecting various defenses into the network infrastructure, transforming it into a defense backbone. This leverages network programmability to perform per-packet inspection and real-time defense actions at hardware speeds. I will then describe my work in elevating static, compile-time programmability to runtime reconfiguration of network devices without downtime. Runtime programmability leads to dynamic defenses, and also opens up new possibilities for performance optimization. Taken together, my work significantly increases the security and efficiency of next-generation networked systems.

Bio

Jiarong Xing is a Ph.D. candidate in the Department of Computer Science at Rice University, advised by Ang Chen. His work spans security, systems, and networking, with a focus on enhancing the security and performance of networked systems, by leveraging and improving programmable hardware devices. His research has been published in USENIX Security, NSDI, SIGCOMM, Mobicom, SOSP,ASPLOS, and MLSys, and led to real-world implementations and deployments by Nvidia and Bytedance. He has received the Google PhD Fellowship in Systems and Networking (2022), as well as a Distinguished Paper Award in USENIXSecurity (2023).

Host

Y. Charlie Hu, ychu@purdue.edu