Abstract
Migrating middleboxes to third-party service providers (e.g., clouds and ISPs) has drawn widespread attentions recently from both industry and academia. While its benefits on reduced local cost and increased service scalability are well understood, such deployment also introduces new security concerns, due to the fact that these boxes are no longer under the direct control of enterprises. Among others, one fundamental desideratum here is to ensure that those middleboxes consistently perform network functions as intended. In this work, we propose practical solutions towards enabling runtime execution assurances of outsourced middleboxes with high confidence. As an initial effort, we target on pattern matching based network functions, which cover a broad class of middlebox applications such as instruction detection, web firewall, and traffic classification. For efficiency, our design follows the same roadmap of probabilistic checking that provides tunable levels of assurance, as in outsourced computation and distributed computing literature. We show how to synthesize the design intuitions in the context of outsourced middleboxes and the dynamic network effect. We present diligent technical instantiations, in the case of single middlebox and the composition of multiple middlebox service chaining, respectively. For a large batch of packets, sufficiently high assurance levels can be achieved by pre-processing only a few randomly selected packets, with marginal overhead. Evaluations of our system prototype on Amazon EC2 show that, the processing of 1000 packets, which includes pattern matching and execution proof generation, results in 200–500ms latency and throughput up to 360Mbps.