Circuit and packet switching convergence offers significant advantages in core networks to exploit their complementary characteristics in terms of flexibility, scalability and quality of service. This paper considers the possibility of unifying the two different types of transport using the Software Defined Networking (SDN) approach. The proposed architecture applies a modular design to the whole set of node functions, representing the key enabler for a fully programmable network implementation. This paper also proposes a possible extension to the basic concept of flow defined by the current OpenFlow standard to properly support a hybrid network. A set of experiments are performed to assess the main functionality and the performance of the hybrid node where packet and circuit switching are assumed to be configured through the OpenFlow protocol in a fully automated way.
{"title":"Design and test of a software defined hybrid network architecture","authors":"W. Cerroni, G. Leli, C. Raffaelli","doi":"10.1145/2465839.2465840","DOIUrl":"https://doi.org/10.1145/2465839.2465840","url":null,"abstract":"Circuit and packet switching convergence offers significant advantages in core networks to exploit their complementary characteristics in terms of flexibility, scalability and quality of service. This paper considers the possibility of unifying the two different types of transport using the Software Defined Networking (SDN) approach. The proposed architecture applies a modular design to the whole set of node functions, representing the key enabler for a fully programmable network implementation. This paper also proposes a possible extension to the basic concept of flow defined by the current OpenFlow standard to properly support a hybrid network. A set of experiments are performed to assess the main functionality and the performance of the hybrid node where packet and circuit switching are assumed to be configured through the OpenFlow protocol in a fully automated way.","PeriodicalId":212430,"journal":{"name":"HPPN '13","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127240869","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Thibaut Stimpfling, Y. Savaria, André Béliveau, N. Bélanger, O. Cherkaoui
Packet Classification remains a hot research topic, as it is a fundamental function in telecommunication networks, which are now facing new challenges. Due to the emergence of new standards such as OpenFlow, packet classification algorithms have to be reconsidered to support effectively classification over more than 5 fields. In this paper, we analyze the performance offered by EffiCuts in the context of OpenFlow. We extended the EffiCuts algorithm according to OpenFlow's context by proposing three improvements: optimization of the leaf data set size, enhancements to the heuristic used to compute the number of cuts, and utilization of an adaptive grouping factor. These extensions provide gains in many contexts but they were tailored for the OpenFlow context. When used in this context, it is shown using suitable benchmarks that they allow reducing the number of memory accesses by a factor of 2 on average, while decreasing the size of the data structure by about 35%.
{"title":"Optimal packet classification applicable tothe OpenFlow context","authors":"Thibaut Stimpfling, Y. Savaria, André Béliveau, N. Bélanger, O. Cherkaoui","doi":"10.1145/2465839.2465841","DOIUrl":"https://doi.org/10.1145/2465839.2465841","url":null,"abstract":"Packet Classification remains a hot research topic, as it is a fundamental function in telecommunication networks, which are now facing new challenges. Due to the emergence of new standards such as OpenFlow, packet classification algorithms have to be reconsidered to support effectively classification over more than 5 fields. In this paper, we analyze the performance offered by EffiCuts in the context of OpenFlow. We extended the EffiCuts algorithm according to OpenFlow's context by proposing three improvements: optimization of the leaf data set size, enhancements to the heuristic used to compute the number of cuts, and utilization of an adaptive grouping factor. These extensions provide gains in many contexts but they were tailored for the OpenFlow context. When used in this context, it is shown using suitable benchmarks that they allow reducing the number of memory accesses by a factor of 2 on average, while decreasing the size of the data structure by about 35%.","PeriodicalId":212430,"journal":{"name":"HPPN '13","volume":"107 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127811469","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Classifying host roles based on network traffic behavior is valuable for network security analysis and detecting security policy violation. Behavior-based network security analysis has advantages over traditional approaches such as code patterns or signatures. Modeling host roles based on network flow data is challenging because of the huge volume of network traffic and overlap among host roles. Many studies of network traffic classification have focused on classifying applications such as web, peer-to-peer, and DNS traffic. In general, machine learning approaches have been applied on classifying applications, security awareness, and anomaly detection. In this paper, we present a supervised machine learning approach that use On-Line Support Vector Machine and Decision Tree to classify host roles. We collect sFlow data from main gateways of a large campus network. We classify different roles, namely, clients versus servers, regular web non-email servers versus web email servers, clients at personal offices versus public places of laboratories and libraries, and personal office clients from two different colleges. We achieved very high classification accuracy, i.e., 99.2% accuracy in classifying clients versus servers, 100% accuracy in classifying regular web non-email servers versus web email servers, 93.3% accuracy in classifying clients at personnel offices versus public places, and 93.3% accuracy in classifying clients at personal offices from two different colleges.
{"title":"A supervised machine learning approach to classify host roles on line using sFlow","authors":"Bingdong Li, M. H. Gunes, G. Bebis, Jeff Springer","doi":"10.1145/2465839.2465847","DOIUrl":"https://doi.org/10.1145/2465839.2465847","url":null,"abstract":"Classifying host roles based on network traffic behavior is valuable for network security analysis and detecting security policy violation. Behavior-based network security analysis has advantages over traditional approaches such as code patterns or signatures. Modeling host roles based on network flow data is challenging because of the huge volume of network traffic and overlap among host roles. Many studies of network traffic classification have focused on classifying applications such as web, peer-to-peer, and DNS traffic. In general, machine learning approaches have been applied on classifying applications, security awareness, and anomaly detection. In this paper, we present a supervised machine learning approach that use On-Line Support Vector Machine and Decision Tree to classify host roles. We collect sFlow data from main gateways of a large campus network. We classify different roles, namely, clients versus servers, regular web non-email servers versus web email servers, clients at personal offices versus public places of laboratories and libraries, and personal office clients from two different colleges. We achieved very high classification accuracy, i.e., 99.2% accuracy in classifying clients versus servers, 100% accuracy in classifying regular web non-email servers versus web email servers, 93.3% accuracy in classifying clients at personnel offices versus public places, and 93.3% accuracy in classifying clients at personal offices from two different colleges.","PeriodicalId":212430,"journal":{"name":"HPPN '13","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131499448","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ever increasing traffic quantities and link-bandwidths force network devices to meet ever-increasing demands; the march to 100G is well under way. The high-speed networking of today is no longer that of five years ago: Unfortunately, such growth contrasts with current financial forces and this leads organisations to find ways to save money. As a result many developers face the common problem: how to make existing, systems reusable in this new, higher-speed scenario? To attack this problem, we propose new, flexible, legacy support mechanics for designs built using System on a Chip (SoC) and System on FPGA (SoFPGA). We illustrate our approach using the widely used, open-source, NetFPGA platform presenting a migration path for existing 1G designs to plugin into the new NetFPGA 10G board without alteration to code structure.
{"title":"From 1G to 10G: code reuse in action","authors":"G. Antichi, M. Shahbaz, S. Giordano, A. Moore","doi":"10.1145/2465839.2465844","DOIUrl":"https://doi.org/10.1145/2465839.2465844","url":null,"abstract":"Ever increasing traffic quantities and link-bandwidths force network devices to meet ever-increasing demands; the march to 100G is well under way. The high-speed networking of today is no longer that of five years ago: Unfortunately, such growth contrasts with current financial forces and this leads organisations to find ways to save money. As a result many developers face the common problem: how to make existing, systems reusable in this new, higher-speed scenario? To attack this problem, we propose new, flexible, legacy support mechanics for designs built using System on a Chip (SoC) and System on FPGA (SoFPGA). We illustrate our approach using the widely used, open-source, NetFPGA platform presenting a migration path for existing 1G designs to plugin into the new NetFPGA 10G board without alteration to code structure.","PeriodicalId":212430,"journal":{"name":"HPPN '13","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124408100","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Nowadays, the bottleneck in network communications is not represented by the link capacity anymore, but by the receiver processing power. To face this problem, more and more offloading techniques have been developed and implemented in modern NICs, allowing the CPUs to offload some of the required processing onto the underlying hardware. In this work, we present an implementation on an open hardware platform of a stateless Large Receive Offload method (LRO). The presented results experimental demonstrate the effectiveness of the proposed implementation.
{"title":"Implementation of TCP large receive offload on open hardware platform","authors":"G. Antichi, C. Callegari, S. Giordano","doi":"10.1145/2465839.2465842","DOIUrl":"https://doi.org/10.1145/2465839.2465842","url":null,"abstract":"Nowadays, the bottleneck in network communications is not represented by the link capacity anymore, but by the receiver processing power. To face this problem, more and more offloading techniques have been developed and implemented in modern NICs, allowing the CPUs to offload some of the required processing onto the underlying hardware. In this work, we present an implementation on an open hardware platform of a stateless Large Receive Offload method (LRO). The presented results experimental demonstrate the effectiveness of the proposed implementation.","PeriodicalId":212430,"journal":{"name":"HPPN '13","volume":"88 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127656693","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The use of MapReduce for distributed data processing has been growing and achieving benefits with its application for different workloads. MapReduce can be used for distributed traffic analysis, although network traces present characteristics which are not similar to the data type commonly processed through MapReduce. Motivated by the use of MapReduce for profiling application traffic and due to the lack of evaluation of MapReduce for network traffic analysis and the peculiarity of this kind of data, this paper evaluates the performance of MapReduce in packet level analysis and DPI, analysing its scalability, speed-up, and the behavior of MapReduce phases. The experiments provide evidences for the predominant phases in this kind of job, and show the impact of input size, block size and number of nodes, on MapReduce completion time and scalability.
{"title":"Evaluating MapReduce for profiling application traffic","authors":"T. Vieira, S. Fernandes, V. Garcia","doi":"10.1145/2465839.2465846","DOIUrl":"https://doi.org/10.1145/2465839.2465846","url":null,"abstract":"The use of MapReduce for distributed data processing has been growing and achieving benefits with its application for different workloads. MapReduce can be used for distributed traffic analysis, although network traces present characteristics which are not similar to the data type commonly processed through MapReduce. Motivated by the use of MapReduce for profiling application traffic and due to the lack of evaluation of MapReduce for network traffic analysis and the peculiarity of this kind of data, this paper evaluates the performance of MapReduce in packet level analysis and DPI, analysing its scalability, speed-up, and the behavior of MapReduce phases. The experiments provide evidences for the predominant phases in this kind of job, and show the impact of input size, block size and number of nodes, on MapReduce completion time and scalability.","PeriodicalId":212430,"journal":{"name":"HPPN '13","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131876687","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Alysson Santos, S. Fernandes, Petrônio Gomes Lopes Júnior, D. Sadok, G. Szabó
Traffic Identification is a crucial task performed by ISP administrators to evaluate and improve network service quality. Deep Packet Inspection (DPI) is a well-known technique used to identify networked traffic. DPI relies mostly on Regular Expressions (REs) evaluated by Finite Automata. Many previous studies have investigated the impacts on the classification accuracy of such systems when inspecting only a portion of the traffic. However, none have discussed the real impacts on the overall system throughput. This work presents a novel technique to perform DPI on Graphics Processing Units (GPU) called Flow-Based Traffic Identification (FBTI) and a proof-of-concept prototype analysis. Basically we want to increase DPI systems? performance on commodity platforms as well as their capacity to identify networked traffic on high speed links. By combining Deterministic Finite Automaton (DFA) for evaluating REs and flow-level packet sampling we achieve a raw performance of over 60 Gbps on GPUs. Our prototype solution could reach a real throughput of over 12 Gbps, measured as the identified volume of flows.
{"title":"Multi-gigabit traffic identification on GPU","authors":"Alysson Santos, S. Fernandes, Petrônio Gomes Lopes Júnior, D. Sadok, G. Szabó","doi":"10.1145/2465839.2465845","DOIUrl":"https://doi.org/10.1145/2465839.2465845","url":null,"abstract":"Traffic Identification is a crucial task performed by ISP administrators to evaluate and improve network service quality. Deep Packet Inspection (DPI) is a well-known technique used to identify networked traffic. DPI relies mostly on Regular Expressions (REs) evaluated by Finite Automata. Many previous studies have investigated the impacts on the classification accuracy of such systems when inspecting only a portion of the traffic. However, none have discussed the real impacts on the overall system throughput. This work presents a novel technique to perform DPI on Graphics Processing Units (GPU) called Flow-Based Traffic Identification (FBTI) and a proof-of-concept prototype analysis. Basically we want to increase DPI systems? performance on commodity platforms as well as their capacity to identify networked traffic on high speed links. By combining Deterministic Finite Automaton (DFA) for evaluating REs and flow-level packet sampling we achieve a raw performance of over 60 Gbps on GPUs. Our prototype solution could reach a real throughput of over 12 Gbps, measured as the identified volume of flows.","PeriodicalId":212430,"journal":{"name":"HPPN '13","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115868481","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Tristan Groléat, M. Arzel, Sandrine Vaton, A. Bourge, Yannick Le Balch, Hicham Bougdal, Manuel Aranaz Padron
As high-speed links become ubiquitous in current networks, testing new algorithms at high speed is essential for researchers. This task often makes it necessary to generate traffic with some specified features : distribution of packet sizes, payload content, number of TCP or UDP flows, etc. When targeting a data rate of many Gb/s, this cannot be done with commodity computers. Commercial traffic generators exist for this task, but they are expensive and do not fit the precise needs of researchers. In this paper, we describe an open-source implementation of a traffic generator capable of filling a 10 Gb/s Ethernet link, with traffic features specified in software. The implementation works on a board including an FPGA and a 10 Gb/s network interface, like the Combo from INVEA-TECH or the NetFPGA 10G. These boards are affordable for research and can provide a configurable and easily extensible traffic generator.
{"title":"Flexible, extensible, open-source and affordable FPGA-based traffic generator","authors":"Tristan Groléat, M. Arzel, Sandrine Vaton, A. Bourge, Yannick Le Balch, Hicham Bougdal, Manuel Aranaz Padron","doi":"10.1145/2465839.2465843","DOIUrl":"https://doi.org/10.1145/2465839.2465843","url":null,"abstract":"As high-speed links become ubiquitous in current networks, testing new algorithms at high speed is essential for researchers. This task often makes it necessary to generate traffic with some specified features : distribution of packet sizes, payload content, number of TCP or UDP flows, etc. When targeting a data rate of many Gb/s, this cannot be done with commodity computers. Commercial traffic generators exist for this task, but they are expensive and do not fit the precise needs of researchers. In this paper, we describe an open-source implementation of a traffic generator capable of filling a 10 Gb/s Ethernet link, with traffic features specified in software. The implementation works on a board including an FPGA and a 10 Gb/s network interface, like the Combo from INVEA-TECH or the NetFPGA 10G. These boards are affordable for research and can provide a configurable and easily extensible traffic generator.","PeriodicalId":212430,"journal":{"name":"HPPN '13","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126418261","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: