AMS: Adaptive Multipath Scheduling Mechanism against Eavesdropping Attacks with Programmable Data Planes

Abstract

Splitting traffic packets from one stream into multiple network paths is a novel hotspot for defending eavesdropping attacks. It can increase the difficulties of eavesdropping effectively. However, due to heterogeneous network characteristics, forwarding traffic packets via different network paths causes an extremely severe out-of-order problem. Whats worse, the problem becomes a stumbling block to the bandwidth aggregation of multiple network paths. It is wasteful for bandwidth resources of multiple network paths. Therefore, this paper provides an adaptive multipath scheduling (AMS) mechanism to not only increase difficulties of eavesdropping but also aggregate network bandwidths of multiple paths effectively. Specifically, AMS has two general forwarding blocks: network-paths-selection block and packets-scheduling block. The network-paths-selection block predicts network characteristics for multiple available paths, chooses three network paths whose characteristics are similar, and distributes traffic packets into the selected paths to defend against eavesdropping attacks. According to the network path characteristics, the packets-scheduling block decides how many and whats order traffic packets should be split into each selected path to mitigate the out-of-order problem. Using a paradigm of programmable data plane—P4, We implement the proposed mechanism and evaluate its performances. Experimental results show that AMS decreases the out-of-order ratio by 48% and increases transmission throughput by 74% compared with the baseline mechanism.