This thesis proposes efficient solutions for embedding Machine Learning (ML) models into commercial network user-plane equipment, addressing limitations in previous proposals that are less scalable when handling complex inference tasks. The thesis makes four main contributions. First, a practical application of user-plane inference is considered to show how in-switch inference can enable rapid detection of cyberattacks on Smart Grid (SG) networks. SGs rely on ML for cyberattack detection, but current methods mostly run in the control plane and are slow. This thesis proposes using programmable switches for in-switch inference enabling faster attack detection. The proposed approach yields high accuracy and significant response time improvements compared to existing methods.

Second, the above solution and all earlier solutions for user-plane inference on individual data packets focus on flat classification by which a single model addresses each task, often leading to very large, complex, and sometimes infeasible models when handling difficult tasks. To tackle this limitation, this thesis proposes Henna, a technique for splitting difficult classification tasks into easier sequential inference tasks based on hierarchical relationships between the classes, which can be addressed with separate simple models. This improves accuracy while ensuring the generated models can fit within switch resources.

Despite the improvements that Henna brought about, most in-switch inference solutions are either limited to only packet-level (PL) operation, lack support for rich statistical features or are not scalable, performing poorly in complex tasks. To address this limitation, Flowrest is presented as the first complete RF model implementation that operates at the level of traffic flows which are groups of packets with some common network properties. The proposed solution builds on (i) novel guidelines for tailoring RF models to operation in programmable switches right from the design phase, (ii) an original framework to embed flow-level (FL) machine learning models into programmable switch ASICs, and (iii) efficient strategies for maintaining state within switches to compute, store and employ FL features for inference.

Finally, while FL inference leads to improved performance, it leaves early packets in each flow unclassified while it computes FL features. On the other hand, PL solutions suffer from low accuracy due to their reliance on only simple header features. To close these gaps, Jewel is presented as an in-switch ML solution based on a fully joint PL and FL design, which offers the best of both worlds by classifying early flow packets individually at PL and shifting to FL inference as soon as possible. This leverages the strengths of both approaches while addressing their limitations.

In summary, this thesis presents novel solutions for inference in programmable network user planes. Technical details on the design and implementation of the proposed solutions are first described, followed by thorough experimental evaluations that shed light on the merits of each solution in comparison to prior work. Through these contributions, this thesis sets new standards in user-plane ML inference and makes steps towards enabling and encouraging the pervasive adoption of user-plane inference in programmable networks by making all the solutions open-source.

About Aristide Akem

Akem is a final-year PhD student at IMDEA Networks Institute and University Carlos III of Madrid, both in Spain. His skills and research interests cut across machine learning, network programming, and mobile networking, as well as their applications to other domains like network security, IoT, and energy. Before his PhD studies, Akem obtained a Master of Science in Electrical and Computer Engineering from Carnegie Mellon University Africa in Rwanda, and a Master of Engineering in Telecommunications from the University of Yaounde I in Cameroon. During his PhD, Akem has developed several solutions for deploying machine learning models into P4-programmable hardware for high-speed inference. He also made research visits to Orange Labs in France, Ranplan Wireless and the University of Cambridge, both in the United Kingdom. Akem has co-authored over ten peer-reviewed articles, some of which have been presented at top conferences like IEEE INFOCOM.

Supervisor de tesis: Dr. Marco Fiore, IMDEA Networks Institute, España

Universidad: Universidad Carlos III de Madrid, España

Programa de doctorado: Ingeniería Telemática

Miembros del tribunal:

• Presidente: Catedrático, Universidad Carlos III de Madrid, España e IMDEA Networks Institute, España
• Secretario: Gianni Antichi, Profesor Titular, Politécnico de Milán (Italia) y Queen Mary University of London (Reino Unido).
• Miembros del panel: Salvatore Pontarelli, Profesor Titular, Sapienza University of Rome, Italia