SPArch: A Hardware-oriented Sketch-based Architecture for High-speed Network Flow Measurements

IF 4.3 3区材料科学 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC

ACS Applied Electronic Materials Pub Date : 2024-08-08 DOI:10.1145/3687477

Arish Sateesan, J. Vliegen, Simon Scherrer, H. Hsiao, A. Perrig, N. Mentens

{"title":"SPArch: A Hardware-oriented Sketch-based Architecture for High-speed Network Flow Measurements","authors":"Arish Sateesan, J. Vliegen, Simon Scherrer, H. Hsiao, A. Perrig, N. Mentens","doi":"10.1145/3687477","DOIUrl":null,"url":null,"abstract":"Network flow measurement is an integral part of modern high-speed applications for network security and data-stream processing. However, processing at line rate while maintaining the required data structure within the on-chip memory of the hardware platform is a challenging task for measurement algorithms, especially when accuracy is of primary importance, such as in network security applications. Most of the existing measurement algorithms are no exception to such issues when deployed in high-speed networking environments and are also not tailored for efficient hardware implementation. Sketch-based measurement algorithms minimize the memory requirement and are suitable for high-speed networks but possess a low memory-accuracy trade-off and lack the versatility of individual flow mapping. To address these challenges, we present a hardware-friendly data structure named Sketch-based Pseudo-associative array Architecture (SPArch). SPArch is highly accurate and extremely memory-efficient, making it suitable for network flow measurement and security applications. The parallelism in SPArch ensures minimal and constant memory access cycles. Unlike other sketch architectures, SPArch provides the functionality of individual flow mapping similar to associative arrays, and the optimized version of SPArch allows the organization of counters in multiple buckets based on the flow sizes. An in-depth analysis of SPArch is carried out in this paper and implemented SPArch on the Alveo data center accelerator card, demonstrating its suitability for high-speed networks.","PeriodicalId":3,"journal":{"name":"ACS Applied Electronic Materials","volume":"23 11","pages":""},"PeriodicalIF":4.3000,"publicationDate":"2024-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACS Applied Electronic Materials","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3687477","RegionNum":3,"RegionCategory":"材料科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

Abstract

Network flow measurement is an integral part of modern high-speed applications for network security and data-stream processing. However, processing at line rate while maintaining the required data structure within the on-chip memory of the hardware platform is a challenging task for measurement algorithms, especially when accuracy is of primary importance, such as in network security applications. Most of the existing measurement algorithms are no exception to such issues when deployed in high-speed networking environments and are also not tailored for efficient hardware implementation. Sketch-based measurement algorithms minimize the memory requirement and are suitable for high-speed networks but possess a low memory-accuracy trade-off and lack the versatility of individual flow mapping. To address these challenges, we present a hardware-friendly data structure named Sketch-based Pseudo-associative array Architecture (SPArch). SPArch is highly accurate and extremely memory-efficient, making it suitable for network flow measurement and security applications. The parallelism in SPArch ensures minimal and constant memory access cycles. Unlike other sketch architectures, SPArch provides the functionality of individual flow mapping similar to associative arrays, and the optimized version of SPArch allows the organization of counters in multiple buckets based on the flow sizes. An in-depth analysis of SPArch is carried out in this paper and implemented SPArch on the Alveo data center accelerator card, demonstrating its suitability for high-speed networks.

查看原文本刊更多论文

SPArch：面向硬件的基于草图的高速网络流量测量架构

网络流量测量是现代网络安全和数据流处理高速应用不可或缺的一部分。然而，在硬件平台的片上内存中保持所需的数据结构，同时以线速进行处理，这对测量算法来说是一项具有挑战性的任务，尤其是在网络安全应用等对精度要求极高的情况下。现有的大多数测量算法在部署到高速网络环境中时也不例外，而且也不是为高效的硬件实施而量身定制的。基于草图的测量算法能最大限度地减少内存需求，适用于高速网络，但内存-精度权衡较低，且缺乏单个流量映射的多功能性。为了应对这些挑战，我们提出了一种硬件友好型数据结构，命名为基于草图的伪关联阵列架构（SPArch）。SPArch 具有高精度和极高的内存效率，因此适用于网络流量测量和安全应用。SPArch 的并行性可确保内存访问周期最小且保持不变。与其他草图架构不同，SPArch 提供了与关联数组类似的单个流量映射功能，而且 SPArch 的优化版本允许根据流量大小将计数器组织到多个桶中。本文对 SPArch 进行了深入分析，并在 Alveo 数据中心加速卡上实现了 SPArch，证明其适用于高速网络。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACS Applied Electronic Materials Multiple-

CiteScore

7.20

自引率

4.30%

发文量

567

期刊介绍： ACS Applied Electronic Materials is an interdisciplinary journal publishing original research covering all aspects of electronic materials. The journal is devoted to reports of new and original experimental and theoretical research of an applied nature that integrate knowledge in the areas of materials science, engineering, optics, physics, and chemistry into important applications of electronic materials. Sample research topics that span the journal's scope are inorganic, organic, ionic and polymeric materials with properties that include conducting, semiconducting, superconducting, insulating, dielectric, magnetic, optoelectronic, piezoelectric, ferroelectric and thermoelectric. Indexed/Abstracted： Web of Science SCIE Scopus CAS INSPEC Portico