{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,3]],"date-time":"2025-12-03T20:17:48Z","timestamp":1764793068813,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":71,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,28]],"date-time":"2023-11-28T00:00:00Z","timestamp":1701129600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,28]]},"DOI":"10.1145\/3626111.3628198","type":"proceedings-article","created":{"date-parts":[[2023,11,13]],"date-time":"2023-11-13T12:11:20Z","timestamp":1699877480000},"page":"272-279","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Securing Public Clouds using Dynamic Communication Graphs"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2776-6917","authenticated-orcid":false,"given":"Sathiya Kumaran","family":"Mani","sequence":"first","affiliation":[{"name":"Microsoft"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4154-4525","authenticated-orcid":false,"given":"Kevin","family":"Hsieh","sequence":"additional","affiliation":[{"name":"Microsoft"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8408-9633","authenticated-orcid":false,"given":"Santiago","family":"Segarra","sequence":"additional","affiliation":[{"name":"Microsoft and Rice University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-3055-9378","authenticated-orcid":false,"given":"Trevor","family":"Eberl","sequence":"additional","affiliation":[{"name":"Microsoft"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4175-1404","authenticated-orcid":false,"given":"Ranveer","family":"Chandra","sequence":"additional","affiliation":[{"name":"Microsoft"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-1633-082X","authenticated-orcid":false,"given":"Eliran","family":"Azulai","sequence":"additional","affiliation":[{"name":"Microsoft"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-6060-7888","authenticated-orcid":false,"given":"Narayan","family":"Annamalai","sequence":"additional","affiliation":[{"name":"Microsoft"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-6509-5409","authenticated-orcid":false,"given":"Deepak","family":"Bansal","sequence":"additional","affiliation":[{"name":"Microsoft"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9494-6435","authenticated-orcid":false,"given":"Srikanth","family":"Kandula","sequence":"additional","affiliation":[{"name":"Microsoft"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,11,28]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Advanced persistent threats. https:\/\/www.cisa.gov\/topics\/cyber-threats-and-advisories\/advanced-persistent-threats."},{"key":"e_1_3_2_1_2_1","unstructured":"Amazon redshift. https:\/\/aws.amazon.com\/redshift\/."},{"key":"e_1_3_2_1_3_1","unstructured":"Apache spark. https:\/\/www.databricks.com\/spark\/about."},{"key":"e_1_3_2_1_4_1","unstructured":"AWS: Data Transfer Costs for Common Architectures. https:\/\/go.aws\/3cg5J3O."},{"key":"e_1_3_2_1_5_1","unstructured":"Azure: Bandwidth Pricing. https:\/\/bit.ly\/3Cou81Z."},{"key":"e_1_3_2_1_6_1","unstructured":"Azure synapse analytics. https:\/\/learn.microsoft.com\/en-us\/azure\/synapse-analytics\/."},{"key":"e_1_3_2_1_7_1","unstructured":"Cisco Adaptive Security Virtual Appliance (ASAv) Data Sheet. https:\/\/bit.ly\/3UldTJq."},{"key":"e_1_3_2_1_8_1","unstructured":"Fast ica. https:\/\/scikit-learn.org\/stable\/modules\/generated\/sklearn.decomposition.FastICA.html."},{"key":"e_1_3_2_1_9_1","unstructured":"Flow logging for network security groups. https:\/\/learn.microsoft.com\/en-us\/azure\/network-watcher\/network-watcher-nsg-flow-logging-overview."},{"key":"e_1_3_2_1_10_1","unstructured":"FortiGate-VM on Amazon Web Services. https:\/\/bit.ly\/3Bp5qwb."},{"key":"e_1_3_2_1_11_1","unstructured":"Gcp: Vpc flow logs. https:\/\/cloud.google.com\/vpc\/docs\/flow-logs."},{"key":"e_1_3_2_1_12_1","unstructured":"Google Cloud: Bandwidth Pricing. https:\/\/bit.ly\/3Cw83i9."},{"key":"e_1_3_2_1_13_1","unstructured":"Google cloud platform microservices demo. https:\/\/github.com\/GoogleCloudPlatform\/microservices-demo."},{"key":"e_1_3_2_1_14_1","unstructured":"Horizontal pod autoscaling. https:\/\/kubernetes.io\/docs\/tasks\/run-application\/horizontal-pod-autoscale\/."},{"key":"e_1_3_2_1_15_1","unstructured":"Infection monkey - breach and attack simulation. https:\/\/www.akamai.com\/infectionmonkey\/breach-and-attack-simulation."},{"key":"e_1_3_2_1_16_1","unstructured":"Intel tofino. https:\/\/intel.ly\/3wxWT8w."},{"key":"e_1_3_2_1_17_1","unstructured":"Intel tofino 2. https:\/\/intel.ly\/3QTeD6F."},{"key":"e_1_3_2_1_18_1","unstructured":"Logging ip traffic using vpc flow logs. https:\/\/docs.aws.amazon.com\/vpc\/latest\/userguide\/flow-logs.html."},{"key":"e_1_3_2_1_19_1","unstructured":"A new walmart 'cloud factory' will accelerate digital innovation boost business efficiency. https:\/\/shorturl.at\/amwHI."},{"key":"e_1_3_2_1_20_1","unstructured":"Palo Alto Networks VM-Series Firewall. https:\/\/docs.paloaltonetworks.com\/vm-series."},{"key":"e_1_3_2_1_21_1","unstructured":"tcpdump. http:\/\/ee.lbl.gov\/tcpdump.tar.Z."},{"key":"e_1_3_2_1_22_1","unstructured":"Using netflow filtering or sampling to select the network traffic to track. https:\/\/rb.gy\/83mcu."},{"key":"e_1_3_2_1_23_1","unstructured":"What is an advanced persistent threat (apt)? https:\/\/www.cisco.com\/c\/en\/us\/products\/security\/advanced- persistent- threat.html."},{"volume-title":"NSDI","year":"2017","key":"e_1_3_2_1_24_1","unstructured":"Vfp: A virtual switch platform for host sdn in the public cloud. In NSDI, 2017."},{"volume-title":"NSDI","year":"2018","key":"e_1_3_2_1_25_1","unstructured":"Azure accelerated networking: Smartnics in the public cloud. In NSDI, 2018."},{"volume-title":"https:\/\/www.researchandmarkets.com\/report\/microsegmentation","year":"2023","key":"e_1_3_2_1_26_1","unstructured":"Microsegmentation - global strategic business report. https:\/\/www.researchandmarkets.com\/report\/microsegmentation, 2023."},{"key":"e_1_3_2_1_27_1","unstructured":"Akamai. Akamai Guardicore Segmentation. https:\/\/www.akamai.com\/products\/akamai-guardicore-segmentation."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.14778\/1453856.1453903"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1282380.1282383"},{"key":"e_1_3_2_1_30_1","unstructured":"J. Bailey and B. Jensen. Walmart and azure. https:\/\/shorturl.at\/vMTY0."},{"key":"e_1_3_2_1_31_1","volume-title":"Off by default! In HotNets","author":"Ballani H.","year":"2005","unstructured":"H. Ballani, Y. Chawathe, S. Ratnasamy, T. Roscoe, and S. Shenker. Off by default! In HotNets, 2005."},{"key":"e_1_3_2_1_32_1","volume-title":"NSDI","author":"Bansal D.","year":"2023","unstructured":"D. Bansal, G. DeGrace, R. Tewari, M. Zygmunt, J. Grantham, S. Gai, M. Baldi, K. Doddapaneni, A. Selvarajan, A. Arumugam, B. Raman, A. Gupta, S. Jain, D. Jagasia, E. Langlais, P. Srivastava, R. Hazarika, N. Motwani, S. Tiwari, S. Grant, R. Chandra, and S. Kandula. Disaggregating stateful network functions. In NSDI, 2023."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1088\/1742-5468\/2008\/10\/P10008"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2342356.2342439"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.5555\/829502.830043"},{"key":"e_1_3_2_1_36_1","volume-title":"ICDE","author":"Carbone P.","year":"2015","unstructured":"P. Carbone, A. Katsifodimos, S. Ewen, V. Markl, S. Haridi, et al. Apache Flink: Stream and batch processing in a single engine. In ICDE, 2015."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/1282427.1282382"},{"key":"e_1_3_2_1_38_1","volume-title":"Network Virtualization: State of the Art and Research Challenges","author":"Chowdhury N. M. M. K.","year":"2009","unstructured":"N. M. M. K. Chowdhury and R. Boutaba. Network Virtualization: State of the Art and Research Challenges. IEEE ComSoc, 2009."},{"key":"e_1_3_2_1_39_1","unstructured":"Cisco. Cisco Tetration. https:\/\/www.cisco.com\/c\/en_sg\/products\/data-center-analytics\/tetration-analytics\/index.html."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/564691.564777"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/872757.872838"},{"key":"e_1_3_2_1_42_1","volume-title":"The gigascope stream database","author":"Cranor C.","year":"2003","unstructured":"C. Cranor, T. Johnson, O. Spatscheck, and V. Shkapenyuk. The gigascope stream database. IEEE Data Eng. Bull., 2003."},{"key":"e_1_3_2_1_43_1","volume-title":"NSDI","author":"Dalton M.","year":"2018","unstructured":"M. Dalton et al. Andromeda: Performance, Isolation, and Velocity at Scale in Cloud Network Virtualization. In NSDI, 2018."},{"key":"e_1_3_2_1_44_1","volume-title":"Bert: Pre-training of deep bidirectional transformers for language understanding","author":"Devlin J.","year":"2019","unstructured":"J. Devlin, M.-W. Chang, K. Lee, and K. Toutanova. Bert: Pre-training of deep bidirectional transformers for language understanding, 2019."},{"key":"e_1_3_2_1_45_1","unstructured":"O. Ertl. Superminhash -- a new minwise hashing algorithm for jaccard similarity estimation. https:\/\/arxiv.org\/pdf\/1706.05698.pdf."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/863955.863972"},{"key":"e_1_3_2_1_47_1","unstructured":"B. Evans. Walmart cio: We picked microsoft for huge cloud deal to accelerate digital transformation. https:\/\/shorturl.at\/aABI3."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/2619239.2626313"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/2785956.2787496"},{"key":"e_1_3_2_1_50_1","volume-title":"Deep residual learning for image recognition","author":"He K.","year":"2015","unstructured":"K. He, X. Zhang, S. Ren, and J. Sun. Deep residual learning for image recognition, 2015."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2339530.2339723"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/1298306.1298349"},{"key":"e_1_3_2_1_53_1","unstructured":"Illumio. Zero Trust: the security paradigm for the modern organization. https:\/\/www.illumio.com\/solutions\/zero-trust."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/775047.775126"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1402958.1402970"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/1644893.1644918"},{"key":"e_1_3_2_1_57_1","volume-title":"NSDI","author":"Koponen T.","year":"2014","unstructured":"T. Koponen, K. Amidon, P. Balland, M. Casado, A. Chanda, B. Fulton, I. Ganichev, J. Gross, P. Ingram, E. Jackson, A. Lambeth, R. Lenglet, S.-H. Li, A. Padmanabhan, J. Pettit, B. Pfaff, R. Ramanathan, S. Shenker, A. Shieh, J. Stribling, P. Thakkar, D. Wendlandt, A. Yip, and R. Zhang. Network virtualization in multi-tenant datacenters. In NSDI, 2014."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/1080091.1080118"},{"key":"e_1_3_2_1_59_1","volume-title":"NSDI","author":"Li Y.","year":"2016","unstructured":"Y. Li, R. Miao, C. Kim, and M. Yu. Flowradar: A better netflow for data centers. In NSDI, 2016."},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.14778\/1453856.1453904"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23204"},{"key":"e_1_3_2_1_62_1","volume-title":"NSDI","author":"Mogul J. C.","year":"2020","unstructured":"J. C. Mogul, D. Goricanec, M. Pool, A. Shaikh, D. Turk, B. Koley, and X. Zhao. Experiences with modeling network topologies at multiple levels of abstraction. In NSDI, 2020."},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/2623330.2623732"},{"key":"e_1_3_2_1_64_1","volume-title":"NSDI","author":"Pfaff B.","year":"2015","unstructured":"B. Pfaff, J. Pettit, T. Koponen, E. Jackson, A. Zhou, J. Rajahalme, J. Gross, A. Wang, J. Stringer, P. Shelar, K. Amidon, and M. Casado. The design and implementation of open vSwitch. In NSDI, 2015."},{"key":"e_1_3_2_1_65_1","volume-title":"Similarity measure for social networks -- a brief survey","author":"Rawashdeh A.","year":"2015","unstructured":"A. Rawashdeh and A. Ralescu. Similarity measure for social networks -- a brief survey. volume 1353, 2015."},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1145\/2785956.2787472"},{"key":"e_1_3_2_1_67_1","volume-title":"Packet Classification Using Multidimensional Cutting. In ACM SIGCOMM","author":"Singh S.","year":"2003","unstructured":"S. Singh, F. Baboescu, G. Varghese, and J. Wang. Packet Classification Using Multidimensional Cutting. In ACM SIGCOMM 2003."},{"key":"e_1_3_2_1_68_1","unstructured":"Verizon. 2023 data breach investigations report. https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/."},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"crossref","unstructured":"Verizon. Data breach investigations report: 2008-2022. https:\/\/www.verizon.com\/business\/resources\/reports\/2022\/dbir\/2022-data-breach-investigations-report-dbir.pdf.","DOI":"10.12968\/S1361-3723(22)70578-7"},{"key":"e_1_3_2_1_70_1","unstructured":"VMWare. VMware NSX. https:\/\/www.vmware.com\/products\/nsx.html."},{"key":"e_1_3_2_1_71_1","volume-title":"NSDI","author":"Zhao K.","year":"2023","unstructured":"K. Zhao, P. Goyal, M. Alizadeh, and T. E. Anderson. Scalable tail latency estimation for data center networks. In NSDI, 2023."}],"event":{"name":"HotNets '23: The 22nd ACM Workshop on Hot Topics in Networks","sponsor":["SIGCOMM ACM Special Interest Group on Data Communication"],"location":"Cambridge MA USA","acronym":"HotNets '23"},"container-title":["Proceedings of the 22nd ACM Workshop on Hot Topics in Networks"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3626111.3628198","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3626111.3628198","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T19:39:57Z","timestamp":1755891597000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3626111.3628198"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,28]]},"references-count":71,"alternative-id":["10.1145\/3626111.3628198","10.1145\/3626111"],"URL":"https:\/\/doi.org\/10.1145\/3626111.3628198","relation":{},"subject":[],"published":{"date-parts":[[2023,11,28]]},"assertion":[{"value":"2023-11-28","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}