Leveraging traffic repetitions for high-speed deep packet inspection
作者: Anat Bremler-Barr , Shimrit Tzur David , Yotam Harchol , David Hay
DOI: 10.1109/INFOCOM.2015.7218648
关键词: Bottleneck 、 Deep packet inspection 、 Process (computing) 、 Packet payload 、 Computer science 、 Throughput (business) 、 Real-time computing 、 State (computer science) 、 Path (graph theory) 、 Byte
摘要: Deep Packet Inspection (DPI) plays a major role in contemporary networks. Specifically, datacenters of content providers, the scanned data may be highly repetitive. Most DPI engines are based on identifying signatures packet payload. This pattern matching process is expensive both memory and CPU resources, thus, often becomes bottleneck entire application. In this paper we show how can accelerated by leveraging repetitions inspected traffic. Our new mechanism makes use these to allow repeated skipped rather than again. The consists slow path, which frequently strings identified stored dictionary, along with some succinct information for accelerating process, where traffic byte but from if encountered, skipped. Upon skipping, path recovers state it would have been had scanning continued byte. solution achieves significant performance boost, especially when same source (e.g., website). experiments that such cases, our throughput gain 1.25–2.5 times original throughput, implemented software.
sci-hub.se 参考文章(36)
Udi Manber, Sun Wu, A FAST ALGORITHM FOR MULTI-PATTERN SEARCHING ,(1999)
Henry Levy, Anna Karlin, Tashana Landray, Denise Pinnel, Alec Wolman, Neal Cardwell, Molly Brown, Geoff Voelker, Nitin Sharma, Organization-based analysis of web-object sharing and caching usenix symposium on internet technologies and systems. pp. 3- 3 ,(1999)
Pushkar Chitnis, Ashok Anand, Chitra Muthukrishnan, Bhavish Aggarwal, George Varghese, Athula Balachandran, Aditya Akella, Ramachandran Ramjee, EndRE: an end-system redundancy elimination service for enterprises networked systems design and implementation. pp. 28- 28 ,(2010) , 10.5555/1855711.1855739
Eric Norige, Eric Torng, Alex X. Liu, Jignesh Patel, Chad R. Meiners, Fast regular expression matching using small TCAMs for network intrusion detection and prevention systems usenix security symposium. pp. 8- 8 ,(2010)
Daniele Paolo Scarpazza, Oreste Villa, Fabrizio Petrini, Exact multi-pattern string matching on the cell/b.e. processor Proceedings of the 2008 conference on Computing frontiers - CF '08. pp. 33- 42 ,(2008) , 10.1145/1366230.1366237
Derek Pao, Wei Lin, Bin Liu, A memory-efficient pipelined implementation of the aho-corasick string-matching algorithm ACM Transactions on Architecture and Code Optimization. ,vol. 7, pp. 10- ,(2010) , 10.1145/1839667.1839672
Janghaeng Lee, Sung Ho Hwang, Neungsoo Park, Seong-Won Lee, Sunglk Jun, Young Soo Kim, A high performance NIDS using FPGA-based regular expression matching Proceedings of the 2007 ACM symposium on Applied computing - SAC '07. pp. 1187- 1191 ,(2007) , 10.1145/1244002.1244259
Anat Bremler-Barr, Shir Landau Feibish, Yehuda Afek, Automated signature extraction for high volume attacks architectures for networking and communications systems. pp. 147- 156 ,(2013) , 10.5555/2537857.2537884
Neil T. Spring, David Wetherall, A protocol-independent technique for eliminating redundant network traffic acm special interest group on data communication. ,vol. 30, pp. 87- 95 ,(2000) , 10.1145/347057.347408
Domenico Ficara, Stefano Giordano, Gregorio Procissi, Fabio Vitucci, Gianni Antichi, Andrea Di Pietro, An improved DFA for fast regular expression matching ACM SIGCOMM Computer Communication Review. ,vol. 38, pp. 29- 40 ,(2008) , 10.1145/1452335.1452339