short-paper

Free access

Accelerating Linux Security with eBPF iptables

Authors:

Matteo Bertrone,

Sebastiano Miano,

Fulvio Risso,

Massimo TumoloAuthors Info & Claims

SIGCOMM '18: Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos

Pages 108 - 110

https://doi.org/10.1145/3234200.3234228

Published: 07 August 2018 Publication History

PDF eReader

References

[1]

D. Borkmann. 2018. net: add bpfilter. (feb 2018). https://lwn.net/Articles/747504/

Google Scholar

[2]

T. Graf. 2018. Why is the kernel community replacing iptables with BPF? (apr 2018). https://cilium.io/blog/2018/04/17/why-is-the-kernel-community-replacing-iptables

Google Scholar

[3]

T.V. Lakshman and D. Stiliadis. 1998. High-speed policy-based packet forwarding using efficient multi-dimensional range matching. In ACM SIGCOMM Computer Communication Review, Vol. 28. ACM, 203--214.

Digital Library

Google Scholar

[4]

S. Miano, M. Bertrone, F. Risso, M. Vásquez Bernal, and M. Tumolo. 2018. Creating Complex Network Service with eBPF: Experience and Lessons Learned. In High Performance Switching and Routing (HPSR). IEEE.

Google Scholar

[5]

P. Russell. 1998. The netfilter.org project. (1998). https://netfilter.org/

Google Scholar

Cited By

View all

Hadi HAdnan MCao YHussain FAhmad NAlshara MJaved Y(2024)iKern: Advanced Intrusion Detection and Prevention at the Kernel Level Using eBPFTechnologies10.3390/technologies1208012212:8(122)Online publication date: 30-Jul-2024
https://doi.org/10.3390/technologies12080122
Osaki APoisson MMakino SShiiba RFukuda KOkoshi TNakazawa J(2024)Dynamic Fixed-point Values in eBPF: a Case for Fully In-kernel Anomaly DetectionProceedings of the Asian Internet Engineering Conference 202410.1145/3674213.3674219(46-54)Online publication date: 9-Aug-2024
https://dl.acm.org/doi/10.1145/3674213.3674219
Simon MStubbe HGallenmüller SCarle G(2024)Honey for the Ice Bear - Dynamic eBPF in P4Proceedings of the ACM SIGCOMM 2024 Workshop on eBPF and Kernel Extensions10.1145/3672197.3673436(44-50)Online publication date: 4-Aug-2024
https://dl.acm.org/doi/10.1145/3672197.3673436
Show More Cited By

Index Terms

Accelerating Linux Security with eBPF iptables
1. Networks

Recommendations

Fast In-kernel Traffic Sketching in eBPF

The extended Berkeley Packet Filter (eBPF) is an infrastructure that allows to dynamically load and run micro-programs directly in the Linux kernel without recompiling it.

In this work, we study how to develop high-performance network measurements in ...
Securing Linux with a faster and scalable iptables

The sheer increase in network speed and the massive deployment of containerized applications in a Linux server has led to the consciousness that iptables, the current de-facto firewall in Linux, may not be able to cope with the current requirements ...
eGossip: Optimizing Resource Utilization in Gossip-Based Clusters through eBPF
SNTA '24: Proceedings of the Seventh International Workshop on Systems and Network Telemetry and Analytics

The Extended Berkeley Packet Filter (eBPF) presents a transformative approach to dynamic micro-program loading and execution directly within the Linux kernel, circumventing the need for kernel recompilation. This paper explores the innovative application ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

SIGCOMM '18: Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos

August 2018

165 pages

ISBN:9781450359153

DOI:10.1145/3234200

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 August 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Conference

SIGCOMM '18

Sponsor:

SIGCOMM

SIGCOMM '18: ACM SIGCOMM 2018 Conference

August 20 - 25, 2018

Budapest, Hungary

Acceptance Rates

Overall Acceptance Rate 92 of 158 submissions, 58%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

37
Total Citations
View Citations
4,338
Total Downloads

Downloads (Last 12 months)1,021
Downloads (Last 6 weeks)81

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hadi HAdnan MCao YHussain FAhmad NAlshara MJaved Y(2024)iKern: Advanced Intrusion Detection and Prevention at the Kernel Level Using eBPFTechnologies10.3390/technologies1208012212:8(122)Online publication date: 30-Jul-2024
https://doi.org/10.3390/technologies12080122
Osaki APoisson MMakino SShiiba RFukuda KOkoshi TNakazawa J(2024)Dynamic Fixed-point Values in eBPF: a Case for Fully In-kernel Anomaly DetectionProceedings of the Asian Internet Engineering Conference 202410.1145/3674213.3674219(46-54)Online publication date: 9-Aug-2024
https://dl.acm.org/doi/10.1145/3674213.3674219
Simon MStubbe HGallenmüller SCarle G(2024)Honey for the Ice Bear - Dynamic eBPF in P4Proceedings of the ACM SIGCOMM 2024 Workshop on eBPF and Kernel Extensions10.1145/3672197.3673436(44-50)Online publication date: 4-Aug-2024
https://dl.acm.org/doi/10.1145/3672197.3673436
Craun MHussain KGautam UJi ZRao TWilliams D(2024)Eliminating eBPF Tracing Overhead on Untraced ProcessesProceedings of the ACM SIGCOMM 2024 Workshop on eBPF and Kernel Extensions10.1145/3672197.3673431(16-22)Online publication date: 4-Aug-2024
https://dl.acm.org/doi/10.1145/3672197.3673431
Mayer ABracciale LLungaroni PSidoretti GSalsano SBianchi GLoreti P(2024)Composing eBPF Programs Made Easy With HIKe and eCLATIEEE Transactions on Network and Service Management10.1109/TNSM.2023.332562421:2(1359-1371)Online publication date: Apr-2024
https://doi.org/10.1109/TNSM.2023.3325624
Zhang XShu XChen LXie R(2024)High-Performance Network Firewall Based on XDP2024 20th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery (ICNC-FSKD)10.1109/ICNC-FSKD64080.2024.10702282(1-6)Online publication date: 27-Jul-2024
https://doi.org/10.1109/ICNC-FSKD64080.2024.10702282
Zhang JChen PHe ZChen HLi X(2024)Real-Time Intrusion Detection and Prevention with Neural Network in Kernel Using eBPF2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00048(416-428)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00048
Song LLi J(2024)eBPF: Pioneering Kernel Programmability and System Observability - Past, Present, and Future Insights2024 3rd International Conference on Artificial Intelligence and Computer Information Technology (AICIT)10.1109/AICIT62434.2024.10730620(1-10)Online publication date: 20-Sep-2024
https://doi.org/10.1109/AICIT62434.2024.10730620
Hoang XPham VBui N(2024)An Efficient Administration for Multiple Firewalls in Cloud EnvironmentsProceedings of the International Conference on Intelligent Systems and Networks10.1007/978-981-97-5504-2_1(1-10)Online publication date: 1-Sep-2024
https://doi.org/10.1007/978-981-97-5504-2_1
Gallego-Madrid JBru-Santa ISanchez-Iborra RSkarmeta A(2024)Integrating Machine Learning Models into the Linux Kernel: Opportunities and ChallengesMobile Internet Security10.1007/978-981-97-4465-7_15(209-219)Online publication date: 12-Jul-2024
https://doi.org/10.1007/978-981-97-4465-7_15
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Fast In-kernel Traffic Sketching in eBPF

Securing Linux with a faster and scalable iptables

eGossip: Optimizing Resource Utilization in Gossip-Based Clusters through eBPF