Hands-On P4-DPDK Workshop
Friday, May 30, 2025
2025 MS-CC Annual Meeting
Click Here to Register
Organizers
University of South Carolina (USC)
Minority Serving Cyberinfrastructure Consortium (MSCC)
- Loews Nashville Hotel at Vanderbilt Plaza
- Nashville, Tenn.
Overview
This workshop will cover two main topics: 1) “Cybersecurity Tools and Applications,” and 2) “Introduction to P4-DPDK.”
The “Cybersecurity Tools and Applications” library covers the main concepts needed by learners who may want to be introduced to cybersecurity and/or want to obtain the Security+ certificate. Topics are reinforced with virtual labs that can be deployed in a NETLAB+ system. Examples of labs include Remote Access Trojan (RAT) using Reverse TCP Meterpreter, Social Engineering Attacks, Credentials Harvesting and Remote Access through Phishing Emails, SQL Injection Attack on a Web Application, Cross-site Scripting (XSS) Attack on a Web Application, Asymmetric Encryption (RSA, Digital Signatures, Diffie-Hellman), Configuring a Stateful Packet Filter using iptables, Intrusion Detection and Prevention using Suricata, and more.
The P4-DPDK library covers the fundamentals of P4, including P4 building blocks, parser implementation, and match-action tables. It will then progress to application such as mitigating denial of service attacks at 100Gbps traffic rates
Audience
The target audience for this tutorial includes Information Technology (IT) professionals and practitioners, network and security students, researchers, and application developers. The tutorial can also be useful for instructors interested in teaching cybersecurity and P4-DPDK in the classrooms.
Tutorial Goals
The workshop aims to equip participants with both theoretical knowledge and practical skills related to packet processing in high-speed networks, with an emphasis on cybersecurity applications. By the end of this workshop, attendees will:
Cybersecurity Labs:
- Perform vulnerability scanning and penetration testing
- Create and deploy a malicious payload on a victim's machine
- Maintain persistent access by installing a backdoor
- Perform web-based attacks including SQL injection and XSS
- Understand symmetric and asymmetric cryptography algorithms
- Implement stateful packet filtering and deploy an intrusion detection system
P4-DPDK Labs:
- Implement DPDK pipelines using the P4 language.
- Describe the elements of the Portable NIC Architecture (PNA), define and parse protocol headers and header fields in P4, define match-action tables and populate them at runtime, and leverage stateful elements (registers) to store arbitrary data in the data plane.
- Develop DPDK-based defense solutions to mitigate common cyberattacks.
- Accelerate packet processing using the Receive Side Scaling (RSS), which distributes packets across multiple CPU cores.
Pre-requisites
Connectivity to the Internet and a browser to access the online virtual platform. Attendees will be provided with an account to access USC’s NETLAB system: https://netlab.cec.sc.edu/
Agenda
Friday, May 30
| Time (MDT) | Topic | Presenter |
|---|---|---|
| 8:30-8:35 | Welcome and Introduction [pdf, ppt] | Elie Kfoury, Samia Choueiri, Jorge Crichigno |
| 8:35-9:05 | Motivation for Cybersecurity Training [pdf, ppt] | Elie Kfoury |
| 9:05-9:50 | Hands-on session 1: Collecting Information with Spyware: Screen Captures and Keyloggers [pdf, ppt] | Elie Kfoury, Samia Choueiri |
| 9:50-10:00 | Break | |
| 10:00-10:50 | Hands-on session 2: Social Engineering Attack: Credentials Harvesting and Remote Access Through Phishing Emails [pdf, ppt] | Elie Kfoury, Samia Choueiri |
| 10:50-11:00 | Break | |
| 11:00-11:20 | Elie Kfoury | |
| 11:20-11:30 | Demos P4-DPDK: DDoS Detection and Application Identification at 100Gbps [pdf, ppt] | Elie Kfoury, Samia Choueiri |
|
|
||
Access to Lab Platform
To access the lab platform, please use the following URL: https://netlab.cec.sc.edu/
Resources
| Item | Note |
|---|---|
| swx pipeline: Link | The DPDK pipeline library source code |
| Cybertraining Material: Link | List of virtual labs on P4, SDN, network tools and protocols, ... |
| P4 Campus: Link | P4 applications for campus networks |
| FABRIC: Link | A programmable research infrastructure |
| Behavioral Model version 2 (BMv2): Link | Reference P4 software switch used as a tool for developing, testing and debugging P4 data planes |
| Software-Defined Networks: A Systems Approach: Link | A book that explores the key principles of Software-Defined Networking (SDN) |
| Mininet: Link | Virtual testbed enabling the development and testing of network tools and protocols |
| Containernet: Link | Mininet fork that allows to use Docker containers as hosts in emulated networks |
| Mininet Installation: Link | A guide that describes the steps to install Mininet on Linux |
| Wireshark: Link | Packet analyzer used for network troubleshooting, analysis, protocol development, and education |