P4 Cybersecurity Solutions: Taxonomy and Open Challenges

The field of cybersecurity has witnessed a significant shift towards Programmable Data Planes with the emergence of the P4 programming P4. The existing literature lacks a comprehensive taxonomy that provides collaborative classifications and characterization of P4-based cybersecurity solutions. In this paper, we propose a novel taxonomy to better characterize published works in the field of cybersecurity solutions developed leveraging P4 and Programmable Data Planes. Our taxonomy introduces three main categories: detection techniques, mitigation actions, and deployment platforms. Unlike existing classification approaches present in literature, our taxonomy allows categorizing a given work according to different criteria, thus enabling collaborative classifications and the identification of shared features by highlighting intra-category and inter-category relationships that can be established among different works. Through our comprehensive characterization of the works identified in the literature, we present key findings that contribute to extend the current understanding of the field. By identifying the diverse range of techniques employed and the platforms utilized, we aim at addressing the needs to understand the area, which is fundamental for future advancements. Notably, we emphasize the significance of security provisioning through the adoption of cybersecurity functional abstractions. These abstractions enable the emulation of the behavior of conventional security devices, leveraging the capabilities of P4. Furthermore, we discuss several research challenges and possible future directions that have emerged from our analysis. This paper focuses on providing valuable insights and knowledge for researchers and practitioners in the field of cybersecurity solutions based on Programmable Data Planes leveraging P4, with the final goal of opening avenues for new research.