Jie Li,Jinshu Su,Rongmao Chen,Xiaofeng Wang,Shuhui Chen

DOI: https://doi.org/10.1002/cpe.4435

2019-01-01

Abstract:SummaryHardware‐based middleboxes are ubiquitous in computer networks, which usually incur high deployment and management expenses. A recently arising trend aims to address those problems by outsourcing the functions of traditional hardware‐based middleboxes to high volume servers in a cloud. This technology is promising but still faces a few challenges from different aspects, including privacy concerns, middlebox functionality, and performance. In this paper, we propose two practical approaches to implementing a cloud‐based DPI middlebox. The outsourced DPI middlebox performs payload inspection over encrypted traffic while preserving the privacy of both communication data and inspection rules. Our first approach employs a modified reversible sketch structure, which is used for efficient error‐free membership testing, and our second approach extends the famous AC pattern matching algorithm to the cipher text domain. We utilize unkeyed one‐way hash functions instead of complex cryptographic protocols to achieve the privacy preservation requirements. Our system supports a wide range of real‐world inspection rules. We conduct evaluations on the ClamAV rule set, and the experiment results demonstrate the effectiveness of our proposals.

Helei Cui,Yajin Zhou,Cong Wang,Xinyu Wang,Yuefeng Du,Qian Wang

DOI: https://doi.org/10.1109/tdsc.2019.2937783

2020-01-01

Abstract:Safe Browsing (SB) is an important security feature in modern web browsers to help detect new unsafe websites. Although useful, recent studies have pointed out that the widely adopted SB services, such as Google Safe Browsing and Microsoft SmartScreen, can raise privacy concerns since users' browsing history might be subject to unauthorized leakage to service providers. In this paper, we present a Privacy-Preserving Safe Browsing (PPSB) platform. It bridges the browser that uses the service and the third-party blacklist providers who provide unsafe URLs, with the guaranteed privacy of users and blacklist providers. Particularly, in PPSB, the actual URL to be checked, as well as its associated hashes or hash prefixes, never leave the browser in cleartext. This protects the user's browsing history from being directly leaked or indirectly inferred. Moreover, these lists of unsafe URLs, the most valuable asset for the blacklist providers, are always encrypted and kept private within our platform. Extensive evaluations using real datasets (with over 1 million unsafe URLs) demonstrate that our prototype can function as intended without sacrificing normal user experience, and block unsafe URLs at the millisecond level. All resources, including Chrome extension, Docker image, and source code, are available for public use.

Jie Li,Jinshu Su,Xiaofeng Wang,Hao Sun,Shuhui Chen

DOI: https://doi.org/10.1007/978-3-319-69471-9_9

2017-01-01

Abstract:Hardware-based middleboxes are ubiquitous in computer networks, which usually incur high deployment and management expenses. A recently arsing trend aims to address those problems by outsourcing the functions of traditional hardware-based middleboxes to high volume servers in a cloud. This technology is promising but still faces a few challenges. First, the widely adopted data encryption techniques contradict with payload inspection needs of some middleboxes such as DPI and IDS devices. Second, the inspection rules of middleboxes may be commercial properties, thus the middlebox providers want to keep their rules confidential under third-party cloud environments, and this creates hindrances for the cloud to perform outsourced middlebox functions. Third, performance of the outsourced middlebox is an inevitable issue that needs deliberate consideration. In this paper, we propose a cloud-based DPI middlebox implementation which performs payload inspection over encrypted traffic while preserving the privacy of both communication data and inspection rules. Our design employs a modified reversible sketch structure which is used for efficient error-free membership testing, and we utilize unkeyed one-way hash functions instead of complex cryptographic protocols to achieve the privacy preservation requirements. CloudDPI supports a wide range of real-world inspection rules, we conduct evaluations on ClamAV rule set and the experiment results demonstrate the effectiveness of our proposal.

Jianting Ning,Geong Sen Poh,Jia-Chng Loh,Jason Chia,Ee-Chien Chang

DOI: https://doi.org/10.1145/3319535.3354204

2019-01-01

Abstract:Network middleboxes perform deep packet inspection (DPI) to detect anomalies and suspicious activities in network traffic. However, increasingly these traffic are encrypted and middleboxes can no longer make sense of them. A recent proposal by Sherry et al. (SIGCOMM 2015), named BlindBox, enables the middlebox to perform inspection in a privacy-preserving manner. BlindBox deploys garbled circuit to generate encrypted rules for the purpose of inspecting the encrypted traffic directly. However, the setup latency (which could be 97s on a ruleset of 3,000 as reported) and overhead size incurred by garbled circuit are high. Since communication can only be commenced after the encrypted rules being generated, such delay is intolerable in many real-time applications. In this work, we present PrivDPI, which reduces the setup delay while retaining similar privacy guarantee. Compared to BlindBox, for a ruleset of 3,000, our encrypted rule generation is 288x faster and requires 290,227x smaller overhead for the first session, and is even 1,036x faster and requires 3424,505x smaller overhead over 20 consecutive sessions. The performance gain is based on a new technique for generating encrypted rules as well as the idea of reusing intermediate results generated in previous sessions across subsequent sessions. This is in contrast to Blindbox which performs encrypted rule generation from scratch for every session. Nevertheless, PrivDPI is 6x slower in generating the encrypted traffic tokens, yet in our implementation, the token encryption rate of PrivDPI is more than 17,271 per second which is sufficient for many real-time applications. Moreover, the intermediate values generated in each session can be reused across subsequent sessions for repeated tokens, which could further speedup token encryption. Overall, our experiment shows that PrivDPI is practical and especially suitable for connections with short flows.

Zeqing Guo,Weili Han,Liangxing Liu,Wenyuan Xu,Ruiqi Bu,Minyue Ni

DOI: https://doi.org/10.1145/2752952.2752974

2015-01-01

Abstract:More and more powerful personal smart devices take users, especially the elder, into a disaster of policy administration where users are forced to set personal management policies in these devices. Considering a real case of this issue in the Android security, it is hard for users, even some programmers, to generally identify malicious permission requests when they install a third-party application. Motivated by the popularity of mutual assistance among friends (including family members) in the real world, we propose a novel framework for policy administration, referring to Socialized Policy Administration (SPA for short), to help users manage the policies in widely deployed personal devices. SPA leverages a basic idea that a user may invite his or her friends to help set the applications. Especially, when the size of invited friends increases, the setting result can be more resilient to a few malicious or unprofessional friends. We define the security properties of SPA, and propose an enforcement framework where users' friends can help users set applications without the leakage of friends' preferences with the supports of a privacy preserving mechanism. In our prototype, we only leverage partially homomorphic encryption cryptosystems to implement our framework, because the fully homomorphic encryption is not acceptable to be deployed in a practical service at the moment. Based on our prototype and performance evaluation, SPA is promising to support major types of policies in current popular applications with acceptable performance.

Hao Ren,Hongwei Li,Dongxiao Liu,Guowen Xu,Nan Cheng,Xuemin Shen,Xuemin Sherman Shen

DOI: https://doi.org/10.1109/tcc.2020.2991167

IF: 5.697

2020-01-01

IEEE Transactions on Cloud Computing

Abstract:With the increasing traffic volume, enterprises choose to outsource their middlebox services, such as deep packet inspection, to the cloud to acquire rich computational and communication resources. However, since the traffic is redirected to the public cloud, information leakages, such as packet payload and inspection rules, arouse privacy concerns of both middlebox owner and packet senders. To address the concerns, we propose an efficient verifiable deep packet inspection (EV-DPI) scheme with strong privacy guarantees. Specifically, a two-layer architecture is designed and deployed over two non-collusion cloud servers. The first layer fast filters out most of legitimate packets and the second layer supports exact rule matching. During the inspection, the privacy of packet payload and the confidentiality of inspection rules are well preserved. To improve the efficiency, only fast symmetric crypto-systems, such as hash functions, are used. Moreover, the proposed scheme allows the network administrator to verify the execution results, which offers a strong control of outsourced services. To validate the performance of the proposed EV-DPI scheme, we conduct extensive experiments on the Amazon Cloud. Large-scale dataset (millions of packets) is tested to obtain the key performance metrics. The experimental results demonstrate that EV-DPI not only preserves the packet privacy, but also achieves high packet inspection efficiency.

computer science, information systems, theory & methods

Geong Sen Poh,Dinil Mon Divakaran,Hoon Wei Lim,Jianting Ning,Achintya Desai

DOI: https://doi.org/10.48550/arXiv.2101.04338

2021-01-12

Cryptography and Security

Abstract:Middleboxes in a computer network system inspect and analyse network traffic to detect malicious communications, monitor system performance and provide operational services. However, encrypted traffic hinders the ability of middleboxes to perform such services. A common practice in addressing this issue is by employing a "Man-in-the-Middle" (MitM) approach, wherein an encrypted traffic flow between two endpoints is interrupted, decrypted and analysed by the middleboxes. The MitM approach is straightforward and is used by many organisations, but there are both practical and privacy concerns. Due to the cost of the MitM appliances and the latency incurred in the encrypt-decrypt processes, enterprises continue to seek solutions that are less costly. There were discussion on the many efforts required to configure MitM. Besides, MitM violates end-to-end privacy guarantee, raising privacy concerns and issues on compliance especially with the rising awareness on user privacy. Furthermore, some of the MitM implementations were found to be flawed. Consequently, new practical and privacy-preserving techniques for inspection over encrypted traffic were proposed. We examine them to compare their advantages, limitations and challenges. We categorise them into four main categories by defining a framework that consist of system architectures, use cases, trust and threat models. These are searchable encryption, access control, machine learning and trusted hardware. We first discuss the man-in-the-middle approach as a baseline, then discuss in details each of them, and provide an in-depth comparisons of their advantages and limitations. By doing so we describe practical constraints, advantages and pitfalls towards adopting the techniques. We also give insights on the gaps between research work and industrial deployment, which leads us to the discussion on the challenges and research directions.

Minjun Deng,Kai Zhang,Pengfei Wu,Mi Wen,Jianting Ning

DOI: https://doi.org/10.1109/tcc.2023.3293134

IF: 5.697

2023-01-01

IEEE Transactions on Cloud Computing

Abstract:Secure outsourced middleboxes are deployed in network function virtualization services that detect malicious activities on communications, which provides privacy-preserving deep packet inspection (DPI) over encrypted traffic. To boost filtering efficiency of packets, the two-layer middlebox architecture has been adopted in recent DPI systems. Nevertheless, state-of-the-art solutions based on two-layer architecture mainly suffer from two limitations: i) cannot support dynamic rule addition; ii) failed to inspect discontinuous token for rule matching. To address these limitations, this work proposes an efficient, dynamic and continuous DPI (DCDPI) system in secure outsourced middleboxes. To achieve dynamic rule addition with forward privacy, we refine a data structure called virtual binary tree (VBTree) and further introduce a variant of VBTree for DCDPI, termed VBTree+. VBTree+ supports two new desirable features: i) taking the rule action information into consideration; ii) achieving both rule identifier and rule action hiding. By introducing a token continuity check mechanism, DCDPI can effectively identify discontinuous tokens and categorize continuous tokens into one group. The extensive experiment over the real dataset and rule set confirms the practicality and efficiency of DCDPI. Compared to state-of-the-art works with same setting, DCDPI is 18% $\sim$ 110% more efficient for a connection establishment between gateway/client and server.

Jianting Ning,Xinyi Huang,Geong Sen Poh,Shengmin Xu,Jia-Ch'ng Loh,Robert H. Deng,Jian Weng

DOI: https://doi.org/10.1007/978-3-030-58951-6_1

2020-01-01

Abstract:Transport Layer Security Inspection (TLSI) enables enterprises to decrypt, inspect and then re-encrypt users’ traffic before it is routed to the destination. This breaks the end-to-end security guarantee of the TLS specification and implementation. It also raises privacy concerns since users’ traffic is now known by the enterprises, and third-party middlebox providers providing the inspection services may additionally learn the inspection or attack rules, policies of the enterprises. Two recent works, BlindBox (SIGCOMM 2015) and PrivDPI (CCS 2019) propose privacy-preserving approaches that inspect encrypted traffic directly to address the privacy concern of users’ traffic. However, BlindBox incurs high preprocessing overhead during TLS connection establishment, and while PrivDPI reduces the overhead substantially, it is still notable compared to that of TLSI. Furthermore, the underlying assumption in both approaches is that the middlebox knows the rule sets. Nevertheless, with the services increasingly migrating to third-party cloud-based setting, rule privacy should be preserved. Also, both approaches are static in nature in the sense that addition of any rules requires significant amount of preprocessing and re-instantiation of the protocols.

Cong Liu,Yong Cui,Kun Tan,Quan Fan,Kui Ren,Jianping Wu

DOI: https://doi.org/10.1109/INFOCOM.2018.8485861

2018-01-01

Abstract:The trends of the increasing middleboxes make the middle network more and more complex. Today, many middlehoxes work on application layer and offer significant network services by the plain-text traffic, such as firewalling, intrusion detecting and application layer gateways. At the same time, more and more network applications arc encrypting their data transmission to protect security and privacy. It is becoming a critical task and hot topic to continue providing application-layer middlehox services in the encrypted Internet, however, the state of the art is far from being able to be deployed in the real network. In this paper, we propose a practical architecture, named PlainBox, to enable session key sharing between the communication client and the middleboxes in the network path. It employs Attribute-Based Encryption (ABE) in the key sharing protocol to support multiple chaining middleboxes efficiently and securely. We develop a prototype system and apply it to popular security protocols such as TLS and SSH. We have tested our prototype system in a lab testhed as well as real-world websites. Our result shows PlainBox introduces very little overhead and the performance is practically deployable.

Mengqi Zhan,Yang Li,Guangxi Yu,Yan Zhang,Bo Li,Weiping Wang

DOI: https://doi.org/10.1109/tifs.2023.3266629

IF: 7.231

2023-04-28

IEEE Transactions on Information Forensics and Security

Abstract:The deepening of digital transformation has led to an increasing amount of data from industries being transmitted over the Internet. However, packets in plaintext originally designed for transmission in private networks suffer from significant security threats on the Internet. Unfortunately, existing encryption schemes, such as the representative TLS, are difficult to be applied to these industrial protocols due to their specific requirements and conditions such as low latency requirements and restricted operating environments. In this paper, we present a high-performance encryption/decryption middlebox called GuardBox to provide confidentiality and integrity for packets. GuardBox is expected to transparently encrypt/decrypt packets sent/received by protected industrial equipment with low latency and supports almost any application-layer protocol. To do that, we design a high-performance packet I/O framework and an optimized encryption/decryption scheme for GuardBox. More importantly, we use commodity trusted hardware, Intel SGX, to ensure the security of keys and the encryption/decryption process. Our extensive evaluation demonstrates that GuardBox can provide confidentiality and integrity for packets transmitted over the Internet with low latency and a near-native throughput.

computer science, theory & methods,engineering, electrical & electronic

Shiying LUO,Tian SONG,Xiangjun SHI,Hong ZHENG

DOI: https://doi.org/10.3778/j.issn.1673-9418.1407064

2015-01-01

Abstract:The conventional deep packet inspection technologies usually need to inspect complete payloads of the network packets, and this will bring hidden dangers to the users?privacy. Privacy aware deep packet inspection (PaDPI) can protect users?privacy while getting higher accuracy of identification. Firstly, this paper studies several privacy levels that deep packet inspection involves, and classifies the privacy of packet payload into different levels according to the depth in payloads. Secondly, this paper proposes several schemes to truncate the payloads of network packets according to the privacy levels. Thirdly, this paper evaluates 12 widely used application protocols with those truncated payloads through PaDPI for application protocol identification. The results show that privacy aware deep packet inspec-tion can gain above 80%accuracy on truncated payloads, and can limit the leakage of users?privacy strictly.

Xiaoli Zhang,Wei Geng,Yiqiao Song,Hongbing Cheng,Ke Xu,Qi Li

DOI: https://doi.org/10.1109/tnet.2023.3282100

2024-01-01

Abstract:In the trend of network middleboxes as a service, enterprise customers adopt in-the-cloud deep packet inspection (DPI) services to protect networks. As network misconfigurations and hardware failures notoriously exist, recent efforts envision to ensure the execution integrity of DPI services in untrusted clouds. However, they either require enterprise customers to know proprietary DPI rulesets of cloud providers or introduce forbidden overhead in the network context. In the paper, we propose a privacy-preserving and lightweight verification scheme that efficiently checks whether in-the-cloud DPI services run correctly without leaking private DPI rulesets. Particularly, our design introduces one trusted third party to perform privacy-preserving and trustworthy ruleset evaluation and DPI execution verification. Meanwhile, it devises a novel DPI ruleset authentication method that enables tamper-proof DPI operations and facilitates fast proof generation. The proofs can be verified without requiring the verifier to always maintain all rulesets. To further reduce the verification costs while resisting cloud cheating behaviors like bias treatments of packets, it employs a commitment-based delayed sampling mechanism which requires the DPI services to first demonstrate that all packets have been processed before receiving sampling decisions. Moreover, extensive experiments are conducted based on Click modules. The results show that the proposed scheme is practical and only incurs the real-time overhead of 10-20 microseconds.

Zhongqi Fan,Yong Zeng,Xiaoyan zhu,Jianfeng Ma

DOI: https://doi.org/10.1145/3417312.3432093

2020-01-01

Abstract:In CCS 2019, the privacy-preserving deep package inspection (PrivDPI) was proposed to detect anomalies and suspicious activities in encrypted network traffic, which is a provably secure and highly efficient approach for the end-to-end communication model. However, PrivDPI cannot be applied directly on the scenarios of the Internet of Things (IoT) due to its one/many-to-many communication model in which key agreement will bring giant power consumption. In this paper, we propose a group key agreement based encrypted traffic detection scheme for the Internet of Things (GKA_DPI) to solve it. In GKA_DPI, we still use BlindBox for traffic detection, which was used in PrivDPI and Sherry's scheme. The difference is that we use a dynamic group key agreement to replace the original key agreement protocol to reduce power consumption. Then we can perform deep traffic detection over encrypted packages on the widely used protocol Message Queuing Telemetry Transport (MQTT) of IoT. GKA_DPI can detect encrypted traffic without decrypting transmitted messages and find out malicious traffic to ensure the security of sensor network communication. Finally, we prove the forward and backward secrecy of proposed GKA_DPI.

Huayi Duan,Cong Wang,Xingliang Yuan,Yajin Zhou,Qian Wang,Kui Ren

DOI: https://doi.org/10.48550/arXiv.1706.06261

2017-06-20

Cryptography and Security

Abstract:Running off-site software middleboxes at third-party service providers has been a popular practice. However, routing large volumes of raw traffic, which may carry sensitive information, to a remote site for processing raises severe security concerns. Prior solutions often abstract away important factors pertinent to real-world deployment. In particular, they overlook the significance of metadata protection and stateful processing. Unprotected traffic metadata like low-level headers, size and count, can be exploited to learn supposedly encrypted application contents. Meanwhile, tracking the states of 100,000s of flows concurrently is often indispensable in production-level middleboxes deployed at real networks. We present LightBox, the first system that can drive off-site middleboxes at near-native speed with stateful processing and the most comprehensive protection to date. Built upon commodity trusted hardware, Intel SGX, LightBox is the product of our systematic investigation of how to overcome the inherent limitations of secure enclaves using domain knowledge and customization. First, we introduce an elegant virtual network interface that allows convenient access to fully protected packets at line rate without leaving the enclave, as if from the trusted source network. Second, we provide complete flow state management for efficient stateful processing, by tailoring a set of data structures and algorithms optimized for the highly constrained enclave space. Extensive evaluations demonstrate that LightBox, with all security benefits, can achieve 10Gbps packet I/O, and that with case studies on three stateful middleboxes, it can operate at near-native speed.

Wen Ming Liu,Lingyu Wang,Kui Ren,Mourad Debbabi

DOI: https://doi.org/10.1109/CloudCom.2013.96

2013-01-01

Abstract:While enjoying the convenience of Software as a Service (SaaS), users are also at an increased risk of privacy breaches. Recent studies show that a Web-based application may be inherently vulnerable to side-channel attacks which exploit unique packet sizes to identify sensitive user inputs from encrypted traffic. Existing solutions based on packet padding or packet-size rounding generally rely on the assumption that adversaries do not possess prior background knowledge about possible user inputs. In this paper, we propose a novel random ceiling padding approach whose results are resistant to such adversarial knowledge. Specifically, the approach injects randomness into the process of forming padding groups, such that an adversary armed with background knowledge would still face sufficient uncertainty in estimating user inputs. We formally present a generic scheme and discuss two concrete instantiations. We then confirm the correctness and performance of our approach through both theoretic analysis and experiments with two real world applications.

Wen Ming Liu,Lingyu Wang,Kui Ren,Pengsu Cheng,Mourad Debbabi

DOI: https://doi.org/10.1007/978-3-642-31680-7_5

2012-01-01

Abstract:While web-based applications are becoming increasingly ubiquitous, they also present new security and privacy challenges. In particular, recent research revealed that many high profile Web applications might cause private user information to leak from encrypted traffic due to side-channel attacks exploiting packet sizes and timing. Moreover, existing solutions, such as random padding and packet-size rounding, are shown to incur prohibitive cost while still not ensuring sufficient privacy protection. In this paper, we propose a novel k-indistinguishable traffic padding technique to achieve the optimal tradeoff between privacy protection and communication and computational cost. Specifically, we first present a formal model of the privacy-preserving traffic padding (PPTP). We then formulate PPTP problems under different application scenarios, analyze their complexity, and design efficient heuristic algorithms. Finally, we confirm the effectiveness and efficiency of our algorithms by comparing them to existing solutions through experiments using real-world Web applications.

Kai Zhang,Minjun Deng,Bei Gong,Yinbin Miao,Jianting Ning

DOI: https://doi.org/10.1109/jiot.2023.3297601

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Blockchain-based Industrial Internet-of-Things (IIoT) integrates the blockchain technology into the traditional IIoT infrastructure to provide secure and collaborative services. In IIoT, the traffic is usually encrypted using cipher suite (SSL/TLS) for secure communication, which makes it hard for middleboxes to detect malicious activity in the traffic. To address this problem, secure middleboxes that directly perform encrypted traffic inspection have been presented. Recently, a new privacy-preserving deep packet inspection (DPI) system on middlebox for IoT scenarios was proposed, but it suffered from the following two limitations: (i) no support for fast token detection; (ii) no support for tracing abnormal sources. To address the two limitations, we propose BTDPI, a privacy-preserving traceable DPI system that efficiently performs inspection over encrypted traffic in Blockchain-based IIoT. Technically, we adopt a two-layer filter architecture to improve the efficiency of detection, and moreover introduce a new online-offline certificateless aggregate signature with smart contract to design an identity traceability mechanism. The experiment result shows that BTDPI runs 26.7× faster for token detection with 3,000 tokens and 3,000 rules than the state-of-the-art work.

computer science, information systems,telecommunications,engineering, electrical & electronic

Junjie Shi,Yuan Zhang,Sheng Zhong

DOI: https://doi.org/10.48550/arxiv.1502.00389

2015-01-01

Abstract:Since the advent of software defined networks (SDN), there have been many attempts to outsource the complex and costly local network functionality, i.e. the middlebox, to the cloud in the same way as outsourcing computation and storage. The privacy issues, however, may thwart the enterprises' willingness to adopt this innovation since the underlying configurations of these middleboxes may leak crucial and confidential information which can be utilized by attackers. To address this new problem, we use firewall as an sample functionality and propose the first privacy preserving outsourcing framework and schemes in SDN. The basic technique that we exploit is a ground-breaking tool in cryptography, the cryptographic multilinear map. In contrast to the infeasibility in efficiency if a naive approach is adopted, we devise practical schemes that can outsource the middlebox as a blackbox after obfuscating it such that the cloud provider can efficiently perform the same functionality without knowing its underlying private configurations. Both theoretical analysis and experiments on real-world firewall rules demonstrate that our schemes are secure, accurate, and practical.

Kai Bu,Yutian Yang,Zixuan Guo,Yuanyuan Yang,Xing Li,Shigeng Zhang

DOI: https://doi.org/10.1016/j.comnet.2021.108099

IF: 5.493

2021-01-01

Computer Networks

Abstract:Software-Defined Networking (SDN) greatly simplifies middlebox policy enforcement. Middleboxes need tag packet headers to avoid forwarding ambiguity on SDN switches. In this paper, we present a new attack, called middlebox-bypass attack, to breach SDN-based middlebox policy enforcement. Such an attack manipulates a compromised switch to locally tag attacking packets without handing them over to the attached middlebox for inspection. Existing SDN security solutions, however, cannot detect the middlebox-bypass attack under practical constraints of efficiency, robustness, and applicability. We design and implement FlowCloak, the first protocol for per-packet real-time detection and prevention of middlebox-bypass attacks. FlowCloak enables middleboxes to generate tags that are probabilistically unknown to an attacker and confines it to only random guessing. We propose a multi-tag verification technique to address the tradeoff between FlowCloak robustness and TCAM usage by tag verification rules on the egress switch. Experiment results show that dozens of verification rules can confine the attacking probability under 0.1%. We further explore implementation techniques of packet looping and field swapping that can enable a flow table pipeline on a single TCAM and mitigate packet correlation, respectively. FlowCloak imposes only a 0.01 ms packet processing delay on middleboxes and no obvious delay on the egress switch.