User privacy and security are constantly being improved by increasingly strong and more widely deployed encryption. This workshop aims to discuss ways to improve network management techniques in support of even broader adoption of encryption on the Internet.
Network management techniques need to evolve to work effectively and reliably in the presence of ubiquitous traffic encryption and support techniques that enhance user privacy. In an all-encrypted network, it is not viable to rely on unencrypted metadata for network monitoring and security functions, troubleshooting devices, and passive traffic measurements. New approaches are needed to track network behaviors, e.g., by directly cooperating with endpoints and applications, increasing use of in-band telemetry, increasing use of active measurement approaches, and privacy-preserving inference techniques.
The aim of this workshop is to provide a platform to explore the interaction between network management and traffic encryption and initiate new work on collaborative approaches that promote security and user privacy while supporting operational requirements. As such the workshop aims to address the following questions:
- What are actionable network management requirements?
- Who is willing to work on collaborative solutions?
- What are the starting points for collaborative solutions?
The following topics are considered in-scope; however, this list is non-exhaustive:
- Actionable requirements for network management, including:
- Troubleshooting needs
- Metrics for network performance measurements
- Requirements for security functions
- Proposals or reports on improvements to network management
- Ways to support evolving, encrypted traffic better
- Measurement techniques for encrypted traffic
- New privacy-preserving active measurement methods
- Direct communication with endpoints or applications
- Secure and privacy-preserving data collection, storage, and sharing
- Adoption of encryption for the management functions themselves
Interested participants are invited to submit position papers on the workshop topics; it may take the form of an Internet-Draft. Paper size is not limited, but brevity is encouraged. Interested participants who have published relevant academic papers may submit these as a position paper, optionally with a short abstract explaining their interest and the paper’s relevance to the workshop. The workshop itself will be focused on discussions based on the position paper topics received.
All inputs submitted and considered relevant will be published on the workshop website. The organizers will issue invitations based on the submissions received. Sessions will be organized according to content, and not every accepted submission or invited attendee will have an opportunity to present; the intent is to foster an active discussion and not simply to have a sequence of presentations. A workshop report covering all submissions and the workshop discussion will be published afterwards.
The workshop will be by invitation only. Those wishing to attend should submit a position paper to the address above topics and questions. Position papers from those not planning to attend the workshop themselves are also encouraged.
Please indicate your interest by submitting a research proposal by August 19, 2022 to firstname.lastname@example.org
The Program Committee members are Wes Hardaker (IAB, USC/ISI), Mallory Knodel (IAB, Center for Democracy and Technology), Mirja Kühlewind (IAB, Ericsson), Tommy Pauly (IAB, Apple), Russ White (IAB, Juniper), Qin Wu (IAB, Huawei).
Feel free to contact the program committee with any further questions: email@example.com
This workshop will be held remotely during the week of Oct 17-21, 2022, likely supporting three 2-3h sessions spread over the week based on submissions and the availability of the invited participants. Additionally, an in-person wrap-up or dissemination session may be organized in co-location with RIPE85 (Belgrade, Serbia) on Monday Oct 24 if there is sufficient interest by the participants. Please indicate with your submission if you are interested in this option.
- Submissions Due: Aug 19, 2022
- Invitations Issued by: Sep 2, 2022
- Workshop Date: Oct 17-21, 2022, optionally Oct 24
- Location: Online, optionally one day Belgrade, Serbia
Monday, Oct 17, 2022, 2-4pm UTC
Session I: “Where we are” – Requirements and Passive Observations
Chair: Tommy Pauly
Introduction (5m – Tommy Pauly)
The state of network measurement and traffic classification:
Towards Designing Robust and Efficient Classifiers for Encrypted Traffic in the Modern Internet (15m + 5m – Chase Jiang)
Network Management of Encrypted Traffic: Detect it don’t decrypt it (15m + 5m – Qin Wu)
The state of preventing traffic analysis:
ditto: WAN Traffic Obfuscation at Line Rate (15m + 5m – Laurent Vanbever)
The state of users and privacy:
Guidelines for Performing Safe Measurement on the Internet (15m + 5m – Mallory Knodel)
Group discussion and next steps (Remainder of time)
Tuesday, Oct 18, 2022, 2-4pm UTC
Session II: “Where we want to go” – Collaboration Principles
Chair: Mallory Knodel
Introduction (5m – Mallory Knodel)
What’s In It For Me? Revisiting the reasons people collaborate (15m + 5m – Richard Barnes)
Relying on Relays: The future of secure communication (15m + 5m – Marcus Ihlar)
The Sidecar: ‘Opting in’ to PEP Functions (15m + 5m – Michael Welzl)
Group discussion and next steps (Remainder of time)
Wednesday, Oct 19, 2022, 2-4pm UTC
Session III: “How we get there” – Collaboration Use cases
Chair: Wes Hardaker
Introduction (5m – Wes Hardaker)
Improving Network Monitoring Through Contracts (15m + 5m – Michael Collins)
Zero-Knowledge Middleboxes (15m +5m – Paul Grubbs)
Red Rover: A collaborative approach to content filtering (15m + 5m- Tommy Pauly)
Group discussion and next steps towards a solution (45m)
Workshop Wrap-up:Concluding Workshop Discussions (15m)
Motivations and Principles
- Richard Barnes. “What’s In It For Me? Revisiting the reasons people collaborate.”
- Iain R. Learmonth, Gurshabad Grover, Mallory Knodel. “Guidelines for Performing Safe Measurement on the Internet.” (Additional rationale)
- Qin Wu, Jun Wu, Qiufang Ma. “Network Management of Encrypted Traffic: Detect it don’t decrypt it.”
Classification of Traffic
- Luca Deri. “nDPI Research Proposal.”
- Wes Hardaker. “Network Flow Management by Probability.”
- Xi Jiang, Shinan Liu, Saloua Naama, Francesco Bronzino, Paul Schmitt, Nick Feamster. “Towards Designing Robust and Efficient Classifiers for Encrypted Traffic in the Modern Internet.”
- Yupeng Lei, Jun Wu, Xudong Sun, Liang Zhang, Qin Wu. “Encrypted Traffic Classification Through Deep Learning.”
Ideas for Collaboration and Coordination
- Michael Collins. “Improving Network Monitoring Through Contracts.”
- Paul Grubbs, Arasu Arun, Ye Zhang, Joseph Bonneau, Michael Walfish. “Zero-Knowledge Middleboxes.”
- Mirja Kühlewind, Magnus Westerlund, Zaheduzzaman Sarker, Marcus Ihlar. “Relying on Relays: The future of secure communication.”
- Tommy Pauly, Richard Barnes. “Red Rover: A collaborative approach to content filtering.”
- Michael Welzl. “The Sidecar: ‘Opting in’ to PEP Functions.“
Other Background Material
- Pedro Casas. “Monitoring User-Perceived Quality in an Encrypted Internet – AI to the Rescue.”
- Nalini Elkins, Mike Ackermann, Mohit P. Tahiliani, Dhruv Dhody, Prof. Tommaso Pecorella. “Performance Monitoring in Encrypted Networks: PDMv2.”