{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:17:23Z","timestamp":1750220243296,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":52,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,1,4]],"date-time":"2022-01-04T00:00:00Z","timestamp":1641254400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100013401","name":"Singapore Telecommunications Limited","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100013401","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001381","name":"National Research Foundation Singapore","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100001381","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001352","name":"National University of Singapore","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100001352","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100014188","name":"Ministry of Science and ICT, South Korea","doi-asserted-by":"publisher","award":["2021-0-00796"],"award-info":[{"award-number":["2021-0-00796"]}],"id":[{"id":"10.13039\/501100014188","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,1,4]]},"DOI":"10.1145\/3491003.3491007","type":"proceedings-article","created":{"date-parts":[[2022,1,25]],"date-time":"2022-01-25T00:14:42Z","timestamp":1643069682000},"page":"175-187","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["A Step Towards On-Path Security Function Outsourcing"],"prefix":"10.1145","author":[{"given":"Jehyun","family":"Lee","sequence":"first","affiliation":[{"name":"Trustwave, Singapore"}]},{"given":"Min Suk","family":"Kang","sequence":"additional","affiliation":[{"name":"Korea Advanced Institute of Science and Technology (KAIST), South Korea"}]},{"given":"Dinil Mon","family":"Divakaran","sequence":"additional","affiliation":[{"name":"Trustwave, Singapore"}]},{"given":"Phyo","family":"May Thet","sequence":"additional","affiliation":[{"name":"Institute for Infocomm Research - A*STAR, Singapore"}]},{"given":"Videet","family":"Singhai","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, United States"}]},{"given":"Jun Seung","family":"You","sequence":"additional","affiliation":[{"name":"Seoul National University, South Korea"}]}],"member":"320","published-online":{"date-parts":[[2022,1,24]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338466.3358916"},{"key":"e_1_3_2_1_2_1","unstructured":"Alexa Internet Inc.2019. Alexa top sites. https:\/\/www.alexa.com\/topsites.  Alexa Internet Inc.2019. Alexa top sites. https:\/\/www.alexa.com\/topsites."},{"key":"e_1_3_2_1_3_1","volume-title":"Security technology building a secure system using TrustZone technology (white paper). ARM Limited","author":"A ARM.","year":"2009","unstructured":"A ARM. 2009. Security technology building a secure system using TrustZone technology (white paper). ARM Limited ( 2009 ). A ARM. 2009. Security technology building a secure system using TrustZone technology (white paper). ARM Limited (2009)."},{"key":"e_1_3_2_1_4_1","volume-title":"d.]. AT&T Global Security Gateway. https:\/\/cybersecurity.att.com\/products\/global-security-gateway last accessed","author":"AT&T Inc.","year":"2021","unstructured":"AT&T Inc. [n. d.]. AT&T Global Security Gateway. https:\/\/cybersecurity.att.com\/products\/global-security-gateway last accessed : Jan. 2021 . AT&T Inc.[n. d.]. AT&T Global Security Gateway. https:\/\/cybersecurity.att.com\/products\/global-security-gateway last accessed: Jan. 2021."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"crossref","unstructured":"David Borman Bob Braden Van Jacobson and Richard Scheffenegger. 2014. TCP Extensions for High Performance. (2014).  David Borman Bob Braden Van Jacobson and Richard Scheffenegger. 2014. TCP Extensions for High Performance. (2014).","DOI":"10.17487\/rfc7323"},{"key":"e_1_3_2_1_6_1","volume-title":"Proc. USENIX Security.","author":"Bulck Jo\u00a0Van","year":"2017","unstructured":"Jo\u00a0Van Bulck , Nico Weichbrodt , R\u00fcdiger Kapitza , Frank Piessens , and Raoul Strackx . 2017 . Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution . In Proc. USENIX Security. Jo\u00a0Van Bulck, Nico Weichbrodt, R\u00fcdiger Kapitza, Frank Piessens, and Raoul Strackx. 2017. Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution. In Proc. USENIX Security."},{"key":"e_1_3_2_1_7_1","volume-title":"d.]. Security and Anti-virus solutions. https:\/\/cloudsolutions.comcast.com. last accessed","author":"Comcast Corp.","year":"2021","unstructured":"Comcast Corp. [n. d.]. Security and Anti-virus solutions. https:\/\/cloudsolutions.comcast.com. last accessed : Jan. 2021 . Comcast Corp.[n. d.]. Security and Anti-virus solutions. https:\/\/cloudsolutions.comcast.com. last accessed: Jan. 2021."},{"key":"e_1_3_2_1_8_1","unstructured":"International Business\u00a0Machines Corp.2017. CPLEX Optimization Studio 12.8.0. https:\/\/www.ibm.com\/analytics\/cplex-optimizer.  International Business\u00a0Machines Corp.2017. CPLEX Optimization Studio 12.8.0. https:\/\/www.ibm.com\/analytics\/cplex-optimizer."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3040992.3040994"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-29959-0_38"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3374664.3375748"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.21236\/ADA465464"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3339814"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"Lars Eggert. 2011. Moving the Undeployed TCP Extensions RFC 1072 RFC 1106 RFC 1110 RFC 1145 RFC 1146 RFC 1379 RFC 1644 and RFC 1693 to Historic Status. In IETF RFC 6247 (Informational).  Lars Eggert. 2011. Moving the Undeployed TCP Extensions RFC 1072 RFC 1106 RFC 1110 RFC 1145 RFC 1146 RFC 1379 RFC 1644 and RFC 1693 to Historic Status. In IETF RFC 6247 (Informational).","DOI":"10.17487\/rfc6247"},{"key":"e_1_3_2_1_15_1","volume-title":"Proc. USENIX Security.","author":"Fayaz Seyed\u00a0Kaveh","year":"2015","unstructured":"Seyed\u00a0Kaveh Fayaz , Yoshiaki Tobioka , Vyas Sekar , and Michael Bailey . 2015 . Bohatei: Flexible and Elastic DDoS Defense . In Proc. USENIX Security. Seyed\u00a0Kaveh Fayaz, Yoshiaki Tobioka, Vyas Sekar, and Michael Bailey. 2015. Bohatei: Flexible and Elastic DDoS Defense. In Proc. USENIX Security."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1851307.1851317"},{"key":"e_1_3_2_1_17_1","volume-title":"d.]. SD-WAN Solutions for Your Business. https:\/\/www.fusionconnect.com\/products\/networking-security\/sd-wan\/?megapath. last accessed","author":"Fusion Connect Inc.","year":"2021","unstructured":"Fusion Connect Inc. [n. d.]. SD-WAN Solutions for Your Business. https:\/\/www.fusionconnect.com\/products\/networking-security\/sd-wan\/?megapath. last accessed : Jan. 2021 . Fusion Connect Inc.[n. d.]. SD-WAN Solutions for Your Business. https:\/\/www.fusionconnect.com\/products\/networking-security\/sd-wan\/?megapath. last accessed: Jan. 2021."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3361525.3361541"},{"key":"e_1_3_2_1_19_1","volume-title":"Proc. USENIX Security.","author":"Gruss Daniel","year":"2017","unstructured":"Daniel Gruss , Julian Lettner , Felix Schuster , Olya Ohrimenko , Istvan Haller , and Manuel Costa . 2017 . Strong and efficient cache side-channel protection using hardware transactional memory . In Proc. USENIX Security. Daniel Gruss, Julian Lettner, Felix Schuster, Olya Ohrimenko, Istvan Haller, and Manuel Costa. 2017. Strong and efficient cache side-channel protection using hardware transactional memory. In Proc. USENIX Security."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3106989.3106994"},{"key":"e_1_3_2_1_21_1","volume-title":"Intel Software Guard Extensions: EPID Provisioning and Attestation Services. White Paper","author":"Johnson Simon","year":"2016","unstructured":"Simon Johnson , Vinnie Scarlata , Carlos Rozas , Ernie Brickell , and Frank Mckeen . 2016. Intel Software Guard Extensions: EPID Provisioning and Attestation Services. White Paper ( 2016 ). Simon Johnson, Vinnie Scarlata, Carlos Rozas, Ernie Brickell, and Frank Mckeen. 2016. Intel Software Guard Extensions: EPID Provisioning and Attestation Services. White Paper (2016)."},{"key":"e_1_3_2_1_22_1","volume-title":"Proc. IEEE S&P.","author":"Kang Min\u00a0Suk","year":"2013","unstructured":"Min\u00a0Suk Kang , Soo\u00a0Bum Lee , and Virgil\u00a0 D Gligor . 2013 . The Crossfire Attack . In Proc. IEEE S&P. Min\u00a0Suk Kang, Soo\u00a0Bum Lee, and Virgil\u00a0D Gligor. 2013. The Crossfire Attack. In Proc. IEEE S&P."},{"key":"e_1_3_2_1_23_1","article-title":"The internet topology zoo","volume":"29","author":"Knight Simon","year":"2011","unstructured":"Simon Knight , Hung\u00a0 X Nguyen , Nickolas Falkner , Rhys Bowden , and Matthew Roughan . 2011 . The internet topology zoo . IEEE J. SAC 29 , 9 (2011). Simon Knight, Hung\u00a0X Nguyen, Nickolas Falkner, Rhys Bowden, and Matthew Roughan. 2011. The internet topology zoo. IEEE J. SAC 29, 9 (2011).","journal-title":"IEEE J. SAC"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.14722\/diss.2018.23002"},{"key":"e_1_3_2_1_25_1","unstructured":"Dmitrii Kuvaiskii Somnath Chakrabarti and Mona Vij. 2018. Snort Intrusion Detection System with Intel Software Guard Extension (Intel SGX). arXiv preprint arXiv:1802.00508(2018). https:\/\/arxiv.org\/pdf\/1802.00508.pdf  Dmitrii Kuvaiskii Somnath Chakrabarti and Mona Vij. 2018. Snort Intrusion Detection System with Intel Software Guard Extension (Intel SGX). arXiv preprint arXiv:1802.00508(2018). https:\/\/arxiv.org\/pdf\/1802.00508.pdf"},{"key":"e_1_3_2_1_26_1","volume-title":"Proc. USENIX NSDI.","author":"Lan Chang","year":"2016","unstructured":"Chang Lan , Justine Sherry , Raluca\u00a0Ada Popa , Sylvia Ratnasamy , and Zhi Liu . 2016 . Embark: Securely Outsourcing Middleboxes to the Cloud .. In Proc. USENIX NSDI. Chang Lan, Justine Sherry, Raluca\u00a0Ada Popa, Sylvia Ratnasamy, and Zhi Liu. 2016. Embark: Securely Outsourcing Middleboxes to the Cloud.. In Proc. USENIX NSDI."},{"key":"e_1_3_2_1_27_1","volume-title":"Keystone: A Framework for Architecting TEEs. arXiv preprint arXiv:1907.10119(2019). https:\/\/arxiv.org\/pdf\/1907.10119","author":"Lee Dayeol","year":"2019","unstructured":"Dayeol Lee , David Kohlbrenner , Shweta Shinde , Dawn Song , and Krste Asanovi\u0107 . 2019 . Keystone: A Framework for Architecting TEEs. arXiv preprint arXiv:1907.10119(2019). https:\/\/arxiv.org\/pdf\/1907.10119 Dayeol Lee, David Kohlbrenner, Shweta Shinde, Dawn Song, and Krste Asanovi\u0107. 2019. Keystone: A Framework for Architecting TEEs. arXiv preprint arXiv:1907.10119(2019). https:\/\/arxiv.org\/pdf\/1907.10119"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP51992.2021.00045"},{"key":"e_1_3_2_1_29_1","unstructured":"Jehyun Lee Pingxiao Ye Ruofan Liu Dinil\u00a0Mon Divakaran and Chan\u00a0Mun Choon. 2020. Building robust phishing detection system: an empirical analysis. In NDSS MADWeb (Workshop on Measurements Attacks and Defenses for the Web).  Jehyun Lee Pingxiao Ye Ruofan Liu Dinil\u00a0Mon Divakaran and Chan\u00a0Mun Choon. 2020. Building robust phishing detection system: an empirical analysis. In NDSS MADWeb (Workshop on Measurements Attacks and Defenses for the Web)."},{"key":"e_1_3_2_1_30_1","volume-title":"Proc. USENIX Security.","author":"Lee Sangho","year":"2017","unstructured":"Sangho Lee , Ming-Wei Shih , Prasun Gera , Taesoo Kim , Hyesoon Kim , and Marcus Peinado . 2017 . Inferring fine-grained control flow inside SGX enclaves with branch shadowing . In Proc. USENIX Security. Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado. 2017. Inferring fine-grained control flow inside SGX enclaves with branch shadowing. In Proc. USENIX Security."},{"key":"e_1_3_2_1_31_1","volume-title":"USENIX Security Symposium.","author":"Lin Yun","year":"2021","unstructured":"Yun Lin , Ruofan Liu , Dinil\u00a0Mon Divakaran , Jun\u00a0Yang Ng , Qing\u00a0Zhou Chan , Yiwen Lu , Yuxuan Si , Fan Zhang , and Jin\u00a0Song Dong . 2021 . Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages . In USENIX Security Symposium. Yun Lin, Ruofan Liu, Dinil\u00a0Mon Divakaran, Jun\u00a0Yang Ng, Qing\u00a0Zhou Chan, Yiwen Lu, Yuxuan Si, Fan Zhang, and Jin\u00a0Song Dong. 2021. Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages. In USENIX Security Symposium."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2948618.2954331"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134075"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3143361.3143383"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2017.2765719"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2019.8802833"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2815400.2815423"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1282380.1282413"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom.2016.0115"},{"key":"e_1_3_2_1_40_1","volume-title":"Proc. USENIX NSDI.","author":"Poddar Rishabh","year":"2018","unstructured":"Rishabh Poddar , Chang Lan , Raluca\u00a0Ada Popa , and Sylvia Ratnasamy . 2018 . SafeBricks: Shielding Network Functions in the Cloud . In Proc. USENIX NSDI. Rishabh Poddar, Chang Lan, Raluca\u00a0Ada Popa, and Sylvia Ratnasamy. 2018. SafeBricks: Shielding Network Functions in the Cloud. In Proc. USENIX NSDI."},{"key":"e_1_3_2_1_41_1","unstructured":"Christian Priebe Divya Muthukumaran Joshua Lind Huanzhou Zhu Shujie Cui Vasily\u00a0A Sartakov and Peter Pietzuch. 2019. SGX-LKL: Securing the Host OS Interface for Trusted Execution. arXiv preprint arXiv:1908.11143(2019). https:\/\/arxiv.org\/pdf\/1908.11143.pdf  Christian Priebe Divya Muthukumaran Joshua Lind Huanzhou Zhu Shujie Cui Vasily\u00a0A Sartakov and Peter Pietzuch. 2019. SGX-LKL: Securing the Host OS Interface for Trusted Execution. arXiv preprint arXiv:1908.11143(2019). https:\/\/arxiv.org\/pdf\/1908.11143.pdf"},{"key":"e_1_3_2_1_42_1","volume-title":"Proc. USENIX LISA, Vol.\u00a099","author":"Roesch Martin","year":"1999","unstructured":"Martin Roesch 1999 . Snort: Lightweight intrusion detection for networks .. In Proc. USENIX LISA, Vol.\u00a099 . Martin Roesch 1999. Snort: Lightweight intrusion detection for networks.. In Proc. USENIX LISA, Vol.\u00a099."},{"key":"e_1_3_2_1_43_1","unstructured":"RYU project team. 2014. Ryu SDN framework. http:\/\/osrg.github.io\/ryu.  RYU project team. 2014. Ryu SDN framework. http:\/\/osrg.github.io\/ryu."},{"key":"e_1_3_2_1_44_1","volume-title":"Making middleboxes someone else\u2019s problem: network processing as a cloud service. ACM SIGCOMM CCR 42, 4","author":"Sherry Justine","year":"2012","unstructured":"Justine Sherry , Shaddi Hasan , Colin Scott , Arvind Krishnamurthy , Sylvia Ratnasamy , and Vyas Sekar . 2012. Making middleboxes someone else\u2019s problem: network processing as a cloud service. ACM SIGCOMM CCR 42, 4 ( 2012 ). Justine Sherry, Shaddi Hasan, Colin Scott, Arvind Krishnamurthy, Sylvia Ratnasamy, and Vyas Sekar. 2012. Making middleboxes someone else\u2019s problem: network processing as a cloud service. ACM SIGCOMM CCR 42, 4 (2012)."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/2876019.2876032"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23193"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3098822.3098826"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-93387-0_34"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00055"},{"key":"e_1_3_2_1_50_1","volume-title":"Proc. USENIX ATC.","author":"Tsai Chia-Che","year":"2017","unstructured":"Chia-Che Tsai , Donald\u00a0 E Porter , and Mona Vij . 2017 . Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX . In Proc. USENIX ATC. Chia-Che Tsai, Donald\u00a0E Porter, and Mona Vij. 2017. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In Proc. USENIX ATC."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23200"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"crossref","unstructured":"Yin Zhang Matthew Roughan Nick Duffield and Albert Greenberg. 2003. Fast accurate computation of large-scale IP traffic matrices from link loads. In ACM SIGMETRICS PER Vol.\u00a031.  Yin Zhang Matthew Roughan Nick Duffield and Albert Greenberg. 2003. Fast accurate computation of large-scale IP traffic matrices from link loads. In ACM SIGMETRICS PER Vol.\u00a031.","DOI":"10.1145\/781027.781053"}],"event":{"name":"ICDCN '22: 23rd International Conference on Distributed Computing and Networking","acronym":"ICDCN '22","location":"Delhi AA India"},"container-title":["Proceedings of the 23rd International Conference on Distributed Computing and Networking"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3491003.3491007","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3491003.3491007","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:30:30Z","timestamp":1750188630000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3491003.3491007"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,1,4]]},"references-count":52,"alternative-id":["10.1145\/3491003.3491007","10.1145\/3491003"],"URL":"https:\/\/doi.org\/10.1145\/3491003.3491007","relation":{},"subject":[],"published":{"date-parts":[[2022,1,4]]},"assertion":[{"value":"2022-01-24","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}