Mario Patetta, a Ph.D. student in the ROC Team, will defend his Ph.D. thesis on December 16, 2025, at 1:30 p.m., in the Amphitheatre Gaston-Planté, Accès 35 – Level 1, 2 rue Conté, 75003 Paris, France.
PhD Title: Data Plane Systems for Network Monitoring and Packet Scheduling in Programmable Networks
PhD Title (French): Systèmes de Plan de Transfert pour la Surveillance et l’Ordonnancement des Paquets dans les Réseaux Programmables
Abstract:
Modern networks face increasing challenges, driven by fundamental changes in the nature of the services they support. The emergence of cloud computing and virtualisation, intensifies the need for programmability and fine-grained traffic measurement and control. The proliferation of IoT devices–in terms of both quantity and heterogeneity–constitutes a fertile ground for malicious actors to exploit vulnerable machines to generate massive attacks. The evolution of 5G and beyond introduces new demands for tailored and multifaceted resource provisioning.
In response to these challenges, this thesis investigates how Programmable Data Plane (PDP) devices can be employed to develop real-time, distributed solutions for network security and quality-of-service-aware packet scheduling. Among PDP technologies, we focus on Field-Programmable Gate Arrays (FPGAs), because of their reprogrammability, and since they offer a more expressive design space compared to fixed-function, proprietary ASICs.
First, we focus on the detection of botnets, i.e., large ensembles of devices exploited to launch massive cyberattacks. We propose a Collaborative Intrusion Detection System (CIDS) that performs line-rate, per-port traffic analysis using lightweight data sketches implemented on FPGA-based programmable switches. The system extracts statistical features and transmits them to a centralized controller for anomaly detection and attack mitigation. We design a custom interface protocol to enable communication between the data plane and control plane. Evaluation on real-world traffic datasets demonstrates the system’s ability to detect both known attacks and zero-day exploits–which we tentatively identify by investigating vulnerabilities related to anomalous ports.
Second, we introduce the concept of multi-resource congestion in multi-domain 5G networks, defined as the failure of one of the cooperating operators to deliver the pre-agreed resources. To address this, we propose Multi-Resource Explicit Congestion Notification (MR-ECN), a novel protocol that extends traditional congestion control to handle unforeseen shortfalls in heterogeneous resources–including radio spectrum, computing power, and bandwidth–within multi-operator infrastructures. MR-ECN enables real-time, data-plane-driven allocation adjustments by embedding congestion notifications directly into affected packets. We propose multiple congestion encoding strategies and allocation adjustment functions, and evaluate their performance under diverse congestion patterns. Accordingly, we design and implement an FPGA-based programmable traffic manager supporting several scheduling policies and the MR-ECN protocol.
Overall, this thesis contributes to the development of multi-level network programmability–from telemetry to congestion control–highlighting the need for data plane offloading of network functions that require real-time deployment, as well as demonstrating the potential of FPGA technology to implement prototypes capable of operating at line-rate.
Mario’s publications:
Journal articles
- Mario Patetta, Stefano Secci, Sami Taktak. Line-rate Botnet Detection with SmartNIC-Embedded Feature Extraction. Computer Networks, 2024, 254 (110809), ⟨10.1016/j.comnet.2024.110809⟩. ⟨hal-04699807v2⟩
Conference papers
- Mario Patetta, Stefano Secci, Sami Taktak. A Lightweight Southbound Interface for Standalone P4-NetFPGA SmartNICs. 2022 1st International Conference on 6G Networking (6GNet), Jul 2022, Paris, France. pp.1-4, ⟨10.1109/6GNet54646.2022.9830380⟩. ⟨hal-03702720⟩
Powered by HAL 
