{"id":"https://openalex.org/W4308632443","doi":"https://doi.org/10.1145/3548606.3560606","title":"A Scalable and Dynamic ACL System for In-Network Defense","display_name":"A Scalable and Dynamic ACL System for In-Network Defense","publication_year":2022,"publication_date":"2022-11-07","ids":{"openalex":"https://openalex.org/W4308632443","doi":"https://doi.org/10.1145/3548606.3560606"},"language":"en","primary_location":{"id":"doi:10.1145/3548606.3560606","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3548606.3560606","pdf_url":null,"source":{"id":"https://openalex.org/S4363608815","display_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5015781673","display_name":"Changhun Jung","orcid":"https://orcid.org/0000-0001-6299-1207"},"institutions":[{"id":"https://openalex.org/I138925566","display_name":"Ewha Womans University","ror":"https://ror.org/053fp5c05","country_code":"KR","type":"education","lineage":["https://openalex.org/I138925566"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Changhun Jung","raw_affiliation_strings":["Ewha Womans University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Ewha Womans University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I138925566"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005697343","display_name":"Sian Kim","orcid":null},"institutions":[{"id":"https://openalex.org/I138925566","display_name":"Ewha Womans University","ror":"https://ror.org/053fp5c05","country_code":"KR","type":"education","lineage":["https://openalex.org/I138925566"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Sian Kim","raw_affiliation_strings":["Ewha Womans University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Ewha Womans University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I138925566"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017780520","display_name":"Rhongho Jang","orcid":"https://orcid.org/0000-0002-3417-6851"},"institutions":[{"id":"https://openalex.org/I185443292","display_name":"Wayne State University","ror":"https://ror.org/01070mq45","country_code":"US","type":"education","lineage":["https://openalex.org/I185443292"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rhongho Jang","raw_affiliation_strings":["Wayne State University, Detroit, MI, USA"],"affiliations":[{"raw_affiliation_string":"Wayne State University, Detroit, MI, USA","institution_ids":["https://openalex.org/I185443292"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077402873","display_name":"Aziz Mohaisen","orcid":"https://orcid.org/0000-0003-3227-2505"},"institutions":[{"id":"https://openalex.org/I106165777","display_name":"University of Central Florida","ror":"https://ror.org/036nfer12","country_code":"US","type":"education","lineage":["https://openalex.org/I106165777"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"David Mohaisen","raw_affiliation_strings":["University of Central Florida, Orlando, FL, USA"],"affiliations":[{"raw_affiliation_string":"University of Central Florida, Orlando, FL, USA","institution_ids":["https://openalex.org/I106165777"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079230730","display_name":"DaeHun Nyang","orcid":"https://orcid.org/0000-0001-5183-891X"},"institutions":[{"id":"https://openalex.org/I138925566","display_name":"Ewha Womans University","ror":"https://ror.org/053fp5c05","country_code":"KR","type":"education","lineage":["https://openalex.org/I138925566"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"DaeHun Nyang","raw_affiliation_strings":["Ewha Womans University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Ewha Womans University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I138925566"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5015781673"],"corresponding_institution_ids":["https://openalex.org/I138925566"],"apc_list":null,"apc_paid":null,"fwci":3.4301,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.94438827,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1679","last_page":"1693"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7442882657051086},{"id":"https://openalex.org/keywords/static-random-access-memory","display_name":"Static random-access memory","score":0.714563250541687},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.6511380672454834},{"id":"https://openalex.org/keywords/latency","display_name":"Latency (audio)","score":0.6201308369636536},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.45954224467277527},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.4546610713005066},{"id":"https://openalex.org/keywords/hash-function","display_name":"Hash function","score":0.4273204207420349},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.3928992748260498},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3674502670764923},{"id":"https://openalex.org/keywords/computer-hardware","display_name":"Computer hardware","score":0.24922719597816467},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.15997064113616943},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.0875006914138794}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7442882657051086},{"id":"https://openalex.org/C68043766","wikidata":"https://www.wikidata.org/wiki/Q267416","display_name":"Static random-access memory","level":2,"score":0.714563250541687},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.6511380672454834},{"id":"https://openalex.org/C82876162","wikidata":"https://www.wikidata.org/wiki/Q17096504","display_name":"Latency (audio)","level":2,"score":0.6201308369636536},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.45954224467277527},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.4546610713005066},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.4273204207420349},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3928992748260498},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3674502670764923},{"id":"https://openalex.org/C9390403","wikidata":"https://www.wikidata.org/wiki/Q3966","display_name":"Computer hardware","level":1,"score":0.24922719597816467},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.15997064113616943},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.0875006914138794},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3548606.3560606","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3548606.3560606","pdf_url":null,"source":{"id":"https://openalex.org/S4363608815","display_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":50,"referenced_works":["https://openalex.org/W95608104","https://openalex.org/W1763961826","https://openalex.org/W1977053091","https://openalex.org/W2000680379","https://openalex.org/W2002248199","https://openalex.org/W2008365755","https://openalex.org/W2015820470","https://openalex.org/W2025051251","https://openalex.org/W2064710146","https://openalex.org/W2065955361","https://openalex.org/W2080234606","https://openalex.org/W2096620160","https://openalex.org/W2125015454","https://openalex.org/W2126655973","https://openalex.org/W2139221507","https://openalex.org/W2139587756","https://openalex.org/W2144159136","https://openalex.org/W2169851099","https://openalex.org/W2344234954","https://openalex.org/W2415657706","https://openalex.org/W2465793152","https://openalex.org/W2487095677","https://openalex.org/W2597472767","https://openalex.org/W2625013748","https://openalex.org/W2725092554","https://openalex.org/W2743723076","https://openalex.org/W2744693751","https://openalex.org/W2792001294","https://openalex.org/W2793089345","https://openalex.org/W2797742547","https://openalex.org/W2834288129","https://openalex.org/W2912330601","https://openalex.org/W2953037974","https://openalex.org/W2967106834","https://openalex.org/W2993465391","https://openalex.org/W2997681437","https://openalex.org/W3005685361","https://openalex.org/W3006383271","https://openalex.org/W3008207353","https://openalex.org/W3040090707","https://openalex.org/W3049183817","https://openalex.org/W3103457053","https://openalex.org/W3105750153","https://openalex.org/W3109296341","https://openalex.org/W3112898938","https://openalex.org/W3117481056","https://openalex.org/W3121740272","https://openalex.org/W3128928115","https://openalex.org/W4206137901","https://openalex.org/W6637945393"],"related_works":["https://openalex.org/W3151633427","https://openalex.org/W2212894501","https://openalex.org/W2793465010","https://openalex.org/W3024050170","https://openalex.org/W4293253840","https://openalex.org/W4378977321","https://openalex.org/W2967161359","https://openalex.org/W1976168335","https://openalex.org/W4308090481","https://openalex.org/W2393741509"],"abstract_inverted_index":{"In-network/in-switch":[0],"Access":[1],"Control":[2],"List":[3],"(ACL)":[4],"is":[5],"an":[6,44,127],"essential":[7],"security":[8],"component":[9],"of":[10,279],"modern":[11],"networks.":[12],"In":[13],"high-speed":[14],"networks,":[15],"ACL":[16,30,40,65,76,129,192,199,223],"rules":[17,248,280],"are":[18,42,249],"often":[19],"placed":[20],"in":[21,122,176,252],"a":[22,96,120,159,230,243,255,268],"switch's":[23],"Ternary":[24],"Content-Addressable":[25],"Memory":[26,82],"(TCAM)":[27],"for":[28,151,194],"timely":[29,195],"match-action":[31],"and":[32,36,57,139,185],"management":[33,93,141,193,271],"(e.g.":[34],"insertion":[35],"deletion).":[37],"However,":[38],"TCAM-based":[39],"systems":[41],"encountering":[43],"scalability":[45,113,138],"issue":[46],"owing":[47],"to":[48,210,217,233,273],"increasing":[49],"demand":[50],"on":[51,229],"AI-powered":[52],"autonomous":[53,117,260],"defenses":[54,118],"that":[55,203,235,265],"detect":[56],"block":[58,274],"attacks":[59],"online,":[60],"which":[61,100,133,171],"inevitably":[62],"derives":[63],"finer-grained":[64],"rules.":[66],"Existing":[67],"solutions":[68,90],"minimize":[69],"the":[70,106,135],"TCAM":[71,150,207],"usage":[72],"by":[73,213],"partially":[74],"offloading":[75],"matching":[77,148,175,188,241],"into":[78],"larger":[79],"Static":[80],"Random-Access":[81],"(SRAM)":[83],"or":[84],"customized":[85,107],"hardware.":[86],"Nevertheless,":[87],"current":[88],"SRAM-based":[89,177],"induce":[91],"high":[92,97],"costs,":[94],"especially":[95],"rule-deployment":[98],"latency,":[99],"delays":[101],"time-sensitive":[102],"defense":[103],"actions.":[104],"Also,":[105,225],"hardware":[108],"approaches":[109,212],"have":[110],"its":[111,153],"own":[112],"issue.":[114],"To":[115],"support":[116],"at":[119,242],"scale,":[121],"this":[123],"paper,":[124],"we":[125,144,157,201,226,263],"propose":[126],"in-switch":[128],"system":[130],"called":[131,166],"PortCatcher,":[132],"breaks":[134],"trade-off":[136],"between":[137],"rule":[140,163,240,270],"latency.":[142],"System-wise,":[143],"detach":[145],"layer-4":[146],"port":[147,161,173,187,247],"from":[149],"improving":[152],"memory":[154],"efficiency.":[155],"Algorithm-wise,":[156],"introduce":[158],"novel":[160],"(range)":[162,174],"representation":[164],"concept,":[165],"linear":[167],"range":[168],"map":[169],"(LRM),":[170],"enables":[172],"hash":[178],"tables.":[179],"LRM":[180],"guarantees":[181],"not":[182],"only":[183],"fast":[184],"scalable":[186],"but":[189],"also":[190],"low-latency":[191],"defenses.":[196],"With":[197,254],"real-world":[198],"datasets,":[200],"show":[202,264],"PortCatcher":[204,228,236,266],"saves":[205],"74%-90%":[206],"space":[208],"compared":[209],"state-of-the-art":[211],"adding":[214],"small":[215],"overhead":[216],"SRAM":[218,220],"(0.49":[219],"entry":[221],"per":[222],"rule).":[224],"deploy":[227],"programmable":[231],"switch":[232],"demonstrate":[234],"can":[237],"serve":[238],"5-tuple":[239],"line":[244],"rate,":[245],"where":[246],"completely":[250],"matched":[251],"SRAM.":[253],"use":[256],"case":[257],"study,":[258],"namely":[259],"attack":[261,275],"mitigation,":[262],"has":[267],"negligible":[269],"latency":[272],"flows":[276],"(i.e.":[277],"94.42%":[278],"deployed":[281],"within":[282],"10":[283],"ms).":[284]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":5}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}