|
|
Current Research
AwardsTechnical Program Committee Member
Scientific Membership
|
Publications
2019
-
![[PDF]](http://lendulet.tmit.bme.hu/lendulet_website/wp-content/plugins/papercite/img/pdf.png)
![[DOI]](http://lendulet.tmit.bme.hu/lendulet_website/wp-content/plugins/papercite/img/external.png)
L. Csikor, D. M. Divakaran, M. S. Kang, A. Kőrösi, B. Sonkoly, D. Haja, D. P. Pezaros, S. Schmid, and G. Rétvári, “Tuple Space Explosion: A Denial-of-Service Attack against a Software Packet Classifier,” in Proc. International Conference on Emerging Networking Experiments And Technologies, New York, NY, USA, 2019, p. 292–304.
[Bibtex]@inproceedings{csikor2019tse, author = {Csikor, Levente and Divakaran, Dinil Mon and Kang, Min Suk and K\H{o}r\"{o}si, Attila and Sonkoly, Bal\'{a}zs and Haja, D\'{a}vid and Pezaros, Dimitrios P. and Schmid, Stefan and R\'{e}tv\'{a}ri, G\'{a}bor}, title = {Tuple Space Explosion: A Denial-of-Service Attack against a Software Packet Classifier}, year = {2019}, isbn = {9781450369985}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3359989.3365431}, doi = {10.1145/3359989.3365431}, abstract = {Efficient and highly available packet classification is fundamental for various security primitives. In this paper, we evaluate whether the de facto Tuple Space Search (TSS) packet classification algorithm used in popular software networking stacks such as the Open vSwitch is robust against low-rate denial-of-service attacks. We present the Tuple Space Explosion (TSE) attack that exploits the fundamental space/time complexity of the TSS algorithm.TSE can degrade the switch performance to 12\% of its full capacity with a very low packet rate (0.7 Mbps) when the target only has simple policies such as, "allow some, but drop others". Worse, an adversary with additional partial knowledge of these policies can virtually bring down the target with the same low attack rate. Interestingly, TSE does not generate any specific traffic patterns but only requires arbitrary headers and payloads which makes it particularly hard to detect.Due to the fundamental complexity characteristics of TSS, unfortunately, there seems to be no complete mitigation to the problem. As a long-term solution, we suggest the use of other algorithms (e.g., HaRP) that are not vulnerable to the TSE attack. As a short-term countermeasure, we propose MFCGuard that carefully manages the tuple space and keeps packet classification fast.}, booktitle = {Proc. International Conference on Emerging Networking Experiments And Technologies}, pages = {292–304}, numpages = {13}, keywords = {packet classifier, denial-of-service, algorithmic complexity, data plane, tuple space search, security, software-defined networking, open vswitch}, location = {Orlando, Florida}, series = {CoNEXT '19} }
2018
- B. Sonkoly, M. Szabó, B. Németh, A. Majdán, G. Pongrácz, and L. Toka, “FERO: Fast and Efficient Resource Orchestrator for a Data Plane Built on Docker and DPDK,” in Proc. IEEE INFOCOM, Honolulu, USA, 2018.
[Bibtex]@INPROCEEDINGS{sonkoly2018fero, AUTHOR="Bal\'azs Sonkoly and M\'arton Szabó and Bal\'azs N\'emeth and Andr\'as Majd\'an and Gergely Pongr\'acz and Laszlo Toka", TITLE="{FERO:} Fast and Efficient Resource Orchestrator for a Data Plane Built on Docker and {DPDK}", BOOKTITLE={Proc. IEEE INFOCOM}, ADDRESS="Honolulu, USA", DAYS=15, MONTH=apr, YEAR=2018, KEYWORDS="5G and Software Defined Networking and Network Function Virtualization and top" }
2017
- L. Toka, J. Tapolcai, G. Darzanos, and B. Sonkoly, “On Pricing of 5G Services,” in Proc. IEEE Global Telecommunications Conference (GLOBECOM), 2017. acceptance rate 35\%
[Bibtex]@INPROCEEDINGS{toka2017pricing5G, author = {L\'aszl\'o Toka and J\'anos Tapolcai and George Darzanos and Bal{\'a}zs Sonkoly}, title = {On Pricing of 5G Services}, booktitle = {Proc. IEEE Global Telecommunications Conference (GLOBECOM)}, year = {2017}, comment = {acceptance rate 35\%}, keywords = {5G and Network Function Virtualization and Software Defined Networking} }
2015
- S. Sahhaf, W. Tavernier, J. Czentye, B. Sonkoly, P. Skoldstrom, D. Jocha, and J. Garay, “Scalable Architecture for Service Function Chain Orchestration,” Proc. European Workshop on Software Defined Networking (EWSDN), 2015.
[Bibtex]@ARTICLE{sahhaf2015ewsdn, author = {Sahhaf, Sahel and Tavernier, Wouter and Czentye, J{\'a}nos and Sonkoly, Bal{\'a}zs and Skoldstrom, Pontus and Jocha, D{\'a}vid and Garay, Jokin}, title = {Scalable Architecture for Service Function Chain Orchestration}, journal = {Proc. European Workshop on Software Defined Networking (EWSDN)}, year = {2015}, keywords = {Network Function Virtualization and SFC and orchestration and embedding} } - B. Sonkoly, R. Szabó, D. Jocha, J. Czentye, M. Kind, and F. Westphal, “UNIFYing Cloud and Carrier Network Resources: An Architectural View,” in Proc. IEEE Global Telecommunications Conference (GLOBECOM), 2015. acceptance rate 35\%
[Bibtex]@INPROCEEDINGS{sonkoly2015globecom, author = {Sonkoly, Bal{\'a}zs and Szab{\'o}, R{\'o}bert and Jocha, D{\'a}vid and Czentye, J{\'a}nos and Kind, Mario and Westphal, Fritz-Joachim}, title = {UNIFYing Cloud and Carrier Network Resources: An Architectural View}, booktitle = {Proc. IEEE Global Telecommunications Conference (GLOBECOM)}, year = {2015}, comment = {acceptance rate 35\%}, keywords = {Network Function Virtualization and Software Defined Networking and SFC control plane} } - B. Sonkoly, J. Czentye, R. Szabó, D. Jocha, J. Elek, S. Sahhaf, W. Tavernier, and F. Risso, “Multi-Domain Service Orchestration Over Networks and Clouds: A Unified Approach,” in ACM SIGCOMM (DEMO), 2015.
[Bibtex]@INPROCEEDINGS{sonkoly2015sigcomm, author = {Sonkoly, Bal{\'a}zs and Czentye, J{\'a}nos and Szab{\'o}, R{\'o}bert and Jocha, D{\'a}vid and Elek, J{\'a}nos and Sahhaf, Sahel and Tavernier, Wouter and Risso, Fulvio}, title = {Multi-Domain Service Orchestration Over Networks and Clouds: A Unified Approach}, booktitle = {ACM SIGCOMM (DEMO)}, year = {2015}, keywords = {Network Function Virtualization and Software Defined Networking and multi-domain orchestration and SFC control plane and demo} } - D. Szabó, F. Németh, B. Sonkoly, A. Gulyás, and F. H. P. Fitzek, “Towards the 5G Revolution: A Software Defined Network Architecture Exploiting Network Coding as a Service,” in ACM SIGCOMM (DEMO), 2015.
[Bibtex]@INPROCEEDINGS{szabo2015sigcomm, author = {Szab{\'o}, D{\'a}vid and N{\'e}meth, Felici{\'a}n and Sonkoly, Bal{\'a}zs and Guly{\'a}s, Andr{\'a}s and Fitzek, Frank H.P.}, title = {Towards the 5G Revolution: A Software Defined Network Architecture Exploiting Network Coding as a Service}, booktitle = {ACM SIGCOMM (DEMO)}, year = {2015}, keywords = {Software Defined Networking and network coding and demo} } - B. Németh, J. Czentye, G. Vaszkun, L. Csikor, and B. Sonkoly, “Customizable real-time service graph mapping algorithm in carrier grade networks,” in IEEE Conference on Network Function Virtualization and Software Defined Networks Demo Track (NFV-SDN), San Francisco, CA, USA, 2015, pp. 30-32.
[Bibtex]@inproceedings{nemethb2015nfvsdn, title={Customizable real-time service graph mapping algorithm in carrier grade networks}, author={N\'emeth, Bal\'azs and Czentye, J\'anos and Vaszkun, G\'abor and Csikor, Levente and Sonkoly, Bal{\'a}zs}, booktitle={IEEE Conference on Network Function Virtualization and Software Defined Networks Demo Track (NFV-SDN)}, pages={30--32}, year={2015}, address = {San Francisco, CA, USA}, keywords = {Software Defined Networking and Network Function Virtualization and demo} } - S. Van Rossem, W. Tavernier, B. Sonkoly, D. Colle, J. Czentye, M. Pickavet, and P. Demeester, “Deploying elastic routing capability in an SDN/NFV-enabled environment,” in IEEE Conference on Network Function Virtualization and Software Defined Networks Demo Track (NFV-SDN), San Francisco, CA, USA, 2015, pp. 24-26.
[Bibtex]@inproceedings{sonkoly2015nfvsdn, title={Deploying elastic routing capability in an SDN/NFV-enabled environment}, author={Van Rossem, Steven and Tavernier, Wouter and Sonkoly, Bal{\'a}zs and Colle, Didier and Czentye, J\'anos and Pickavet, Mario and Demeester, Piet}, booktitle={IEEE Conference on Network Function Virtualization and Software Defined Networks Demo Track (NFV-SDN)}, pages={24--26}, year={2015}, address = {San Francisco, CA, USA}, keywords = {Software Defined Networking and Network Function Virtualization and demo} }
2014
- A. Csoma, B. Sonkoly, L. Csikor, F. Németh, A. Gulyás, W. Tavernier, and S. Sahhaf, “ESCAPE: Extensible Service Chain Prototyping Environment Using Mininet, Click, NETCONF and POX,” in ACM SIGCOMM (DEMO), Chicago, Illinois, USA, 2014, pp. 125-126.
[Bibtex]@INPROCEEDINGS{csoma2014escape, author = {Csoma, Attila and Sonkoly, Bal\'azs and Csikor, Levente and N\'emeth, Felici\'an and Guly\'as, Andr\'as and Tavernier, Wouter and Sahhaf, Sahel}, title = {ESCAPE: Extensible Service Chain Prototyping Environment Using Mininet, Click, NETCONF and POX}, booktitle = {ACM SIGCOMM (DEMO)}, year = {2014}, pages = {125--126}, address = {Chicago, Illinois, USA}, publisher = {ACM}, acmid = {2631448}, doi = {10.1145/2619239.2631448}, isbn = {978-1-4503-2836-4}, keywords = {Software Defined Networking and NETCONF and click and mininet and prototyping and service chain and demo}, numpages = {2}, url = {http://doi.acm.org/10.1145/2619239.2631448} } - A. Csoma, B. Sonkoly, L. Csikor, F. Németh, A. Gulyás, D. Jocha, J. Elek, W. Tavernier, and S. Sahhaf, “Multi-layered Service Orchestration in a Multi-Domain Network Environment,” in EWSDN (DEMO), Budapest, Hungary, 2014.
[Bibtex]@INPROCEEDINGS{ewsdn2014, author = {Attila Csoma and Bal\'azs Sonkoly and Levente Csikor and Felici\'an N\'emeth and Andr\'as Guly\'as and Da\'vid Jocha and Ja\'nos Elek and Wouter Tavernier and Sahel Sahhaf}, title = {Multi-layered Service Orchestration in a Multi-Domain Network Environment}, booktitle = {EWSDN (DEMO)}, year = {2014}, address = {Budapest, Hungary}, month = sep, keywords = {Software Defined Networking and demo} } - B. Sonkoly, F. Németh, L. Csikor, L. Gulyás, and A. Gulyás, “SDN based testbeds for evaluating and promoting multipath TCP,” in Proc. IEEE International Conference on Communications (ICC), 2014, pp. 3044-3050.
[Bibtex]@INPROCEEDINGS{sonkoly2014sdn, author = {Sonkoly, Bal\'azs and N\'emeth, Felici\'an and Csikor, Levente and Guly\'as, L\'aszl\'o and Guly\'as, Andr\'as}, title = {SDN based testbeds for evaluating and promoting multipath TCP}, booktitle = {Proc. IEEE International Conference on Communications (ICC)}, year = {2014}, pages = {3044--3050}, organization = {IEEE}, keywords = {Software Defined Networking} }
2013
- M. Csernai, A. Gulyás, A. Kőrösi, B. Sonkoly, and G. Biczók, “Incrementally upgradable data center architecture using hyperbolic tessellations,” Computer Networks, vol. 57, iss. 6, pp. 1373-1393, 2013.
[Bibtex]@ARTICLE{csernai2013incrementally, author = {Csernai, M\'arton and Guly\'as, Andr\'as and K{\H{o}}r{\"o}si, Attila and Sonkoly, Bal\'azs and Bicz\'ok, Gergely}, title = {Incrementally upgradable data center architecture using hyperbolic tessellations}, journal = {Computer Networks}, year = {2013}, volume = {57}, pages = {1373--1393}, number = {6}, keywords = {data center}, publisher = {Elsevier} } - L. Gyarmati, A. Gulyás, B. Sonkoly, T. A. Trinh, and G. Biczók, “Free-scaling your data center,” Computer Networks, vol. 57, iss. 8, pp. 1758-1773, 2013.
[Bibtex]@ARTICLE{gyarmati2013free, author = {Gyarmati, L\'aszl\'o and Guly\'as, Andr\'as and Sonkoly, Bal\'azs and Trinh, Tuan A and Bicz\'ok, Gergely}, title = {Free-scaling your data center}, journal = {Computer Networks}, year = {2013}, volume = {57}, pages = {1758--1773}, number = {8}, keywords = {data center}, publisher = {Elsevier} } - F. Németh, B. Sonkoly, L. Csikor, and A. Gulyás, “A Large-Scale Multipath Playground for Experimenters and Early Adopters,” in ACM SIGCOMM (DEMO), Hong Kong, China, 2013, pp. 482-483.
[Bibtex]@INPROCEEDINGS{nemethf_multipath_playground2013, author = {Felici\'an N\'emeth and Bal\'azs Sonkoly and Levente Csikor and Andr\'as Guly\'as}, title = {A Large-Scale Multipath Playground for Experimenters and Early Adopters}, booktitle = {ACM SIGCOMM (DEMO)}, year = {2013}, pages = {482-483}, address = {Hong Kong, China}, month = aug, keywords = {Software Defined Networking and demo} } - F. Németh, B. Sonkoly, L. Csikor, and A. Gulyás, “Improving resiliency and throughput of transport networks with OpenFlow and Multipath TCP: Demonstration of results over the Géant OpenFlow testbed (Demonstration of results over the Géant OpenFlow testbed),” in Open Networking Summit (DEMO), Santa Clara, USA, 2013.
[Bibtex]@INPROCEEDINGS{nemethf_ons2013, author = {Felici\'an N\'emeth and Bal\'azs Sonkoly and Levente Csikor and Andr\'as Guly\'as}, title = {Improving resiliency and throughput of transport networks with OpenFlow and Multipath TCP: Demonstration of results over the Géant OpenFlow testbed (Demonstration of results over the Géant OpenFlow testbed)}, booktitle = {Open Networking Summit (DEMO)}, year = {2013}, address = {Santa Clara, USA}, month = apr, keywords = {Software Defined Networking and demo} }
2012
- A. Gulyás, A. Kőrösi, B. Sonkoly, G. Biczók, and others, “Poincare: a hyperbolic data center architecture,” in International Conference on Distributed Computing Systems Workshops (ICDCSW), 2012, pp. 8-16.
[Bibtex]@INPROCEEDINGS{guly2012poincare, author = {Andr\'as Guly\'as and Attila K\H{o}r{\"o}si and Bal\'azs Sonkoly and Gergely Bicz\'ok and others}, title = {Poincare: a hyperbolic data center architecture}, booktitle = {International Conference on Distributed Computing Systems Workshops (ICDCSW)}, year = {2012}, pages = {8--16}, organization = {IEEE}, keywords = {data center} } - F. Németh, Ádám. Stipkovits, B. Sonkoly, and A. Gulyás, “Towards smartflow: case studies on enhanced programmable forwarding in openflow switches,” in ACM SIGCOMM (DEMO), 2012, pp. 85-86.
[Bibtex]@INPROCEEDINGS{nemeth2012towards, author = {N\'emeth, Felici\'an and Stipkovits, \'Ad\'am and Sonkoly, Bal\'azs and Guly\'as, Andr\'as}, title = {Towards smartflow: case studies on enhanced programmable forwarding in openflow switches}, booktitle = {ACM SIGCOMM (DEMO)}, year = {2012}, volume = {42}, pages = {85--86}, keywords = {Software Defined Networking and demo} }
