SketchFeature: High-Quality Per-Flow Feature Extractor Towards Security-Aware Data Plane
Sian Kim
Network and Distributed System Security (NDSS) Symposium 2025 · Day 1 · Internet Security
In an era where network security increasingly relies on sophisticated **AI-enhanced in-network defense** mechanisms, the ability to efficiently extract high-quality packet features has become paramount. Yang Kim from Ewa Women's University presented "SketchFeature: High-Quality Per-Flow Feature Extractor Towards Security-Aware Data Plane" at the NDSS Symposium, addressing critical shortcomings in current network monitoring capabilities. The talk highlights that incomplete or low-resolution feature extraction can lead to significant blind spots and misclassifications, leaving networks vulnerable to a wide array of attacks. For rapid attack mitigation, real-time feature extraction directly within the **data plane** is indispensable, yet it remains a formidable challenge due to the inherent hardware limitations of network devices.
AI review
Legitimate systems research with a concrete contribution — sketch virtualization plus a Bloom-filter membership test to suppress phantom decoding is a real, implementable idea with provable error bounds and Tofino validation. It's solid conference-grade work, but it's incremental: the building blocks (count-min sketch, Bloom filters, programmable ASICs) are all well-established, and the threat models addressed (evasion of top-K detectors, control plane flooding) are known problems getting an engineering fix rather than a conceptual breakthrough.