发布求助
文献互助 智能选刊 最新文献

2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems最新文献

筛选
英文 中文
Encrypted Packet Forwarding in Virtualized Networks 虚拟化网络中的加密报文转发
2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems Pub Date : 2011-10-03 DOI: 10.1109/ANCS.2011.38
S. Natarajan, T. Wolf
{"title":"Encrypted Packet Forwarding in Virtualized Networks","authors":"S. Natarajan, T. Wolf","doi":"10.1109/ANCS.2011.38","DOIUrl":"https://doi.org/10.1109/ANCS.2011.38","url":null,"abstract":"Virtualized networks provide a shared infrastructure platform for hosting multiple independent networks with different protocol stacks. The infrastructure and the virtual networks are operated by different entities who may not trust each other. In our work, we address one of the arising security issues by providing data confidentiality for forwarding network traffic. We propose an encrypted representation of IP addresses and forwarding data structures that hides the operations of the virtual network from the infrastructure provider. We describe the cryptographic computations and data structures that forwards network traffic and discuss their space requirements.","PeriodicalId":124429,"journal":{"name":"2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125445595","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Chain-Based DFA Deflation for Fast and Scalable Regular Expression Matching Using TCAM 基于链的DFA压缩基于TCAM的快速可扩展正则表达式匹配
2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems Pub Date : 2011-10-03 DOI: 10.1109/ANCS.2011.13
Kunyang Peng, Siyuan Tang, Min Chen, Qunfeng Dong
{"title":"Chain-Based DFA Deflation for Fast and Scalable Regular Expression Matching Using TCAM","authors":"Kunyang Peng, Siyuan Tang, Min Chen, Qunfeng Dong","doi":"10.1109/ANCS.2011.13","DOIUrl":"https://doi.org/10.1109/ANCS.2011.13","url":null,"abstract":"Regular expression matching is the core engine of many network functions such as intrusion detection, protocol analysis and so on. In spite of intensive research, we are still in need of a method for fast and scalable regular expression matching, where it takes one simple memory lookup to match each input character (like DFA) and storage space growing linearly with regular expression pattern set size (like NFA). Most recently, TCAM-based DFA implementation has been proposed as a promising approach, for TCAM's unique parallel and wildcard matching capabilities. However, the number of TCAM entries needed is still above exponentially growing DFA size and hence not scalable. In this paper, we propose a chain-based {DFA deflation} method for fast and scalable regular expression matching using TCAM, which takes one simple TCAM lookup to match each input character and effectively deflates DFA size. Experiments based on real life pattern sets demonstrate that, the number of TCAM entries used by our DFA deflation method is up to two orders of magnitude lower than the DFA size, and comes quite close to the linearly growing NFA size. This not only means superior scalability, but also allows us to implement regular expression matching at extremely fast matching speed, up to two orders of magnitude faster than the existing TCAM-based DFA implementation method.","PeriodicalId":124429,"journal":{"name":"2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems","volume":"28 18","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132061131","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 45
SMILER: Towards Practical Online Traffic Classification smile:走向实用的在线流量分类
2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems Pub Date : 2011-10-03 DOI: 10.1109/ANCS.2011.34
Baohua Yang, Guangdong Hou, Lingyun Ruan, Y. Xue, Jun Li
{"title":"SMILER: Towards Practical Online Traffic Classification","authors":"Baohua Yang, Guangdong Hou, Lingyun Ruan, Y. Xue, Jun Li","doi":"10.1109/ANCS.2011.34","DOIUrl":"https://doi.org/10.1109/ANCS.2011.34","url":null,"abstract":"Network traffic classification is extremely important in numerous network functions today. However, most of the current approaches based on port number or payload detection are becoming increasingly impractical with the appearance of dynamic or encrypted applications. Even though some supervised learning based work were proposed, it is difficult to collect sufficient flow-labeled traces for training. On the other hand, online classification needs an early identification, which is still challenging for most well-known approaches. In this paper, we propose a semi-supervised learning based traffic classification approach named SMILER, which supports an early classification from the sizes of the first few packets (empirically 5 packets) of a flow. Experiments in real networks demonstrate that SMILER achieves 94% precision and 96% recall on average for all tested applications, even with disordered packets SMILER still works well. With a hybrid scheme, the performance is further improved. Meanwhile, SMILER performs fast in both classification and updating. All experimental results show that SMILER is practical for fast and accurate online traffic classification.","PeriodicalId":124429,"journal":{"name":"2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems","volume":"230 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115836336","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
A Multi-dimensional Progressive Perfect Hashing for High-Speed String Matching 用于高速字符串匹配的多维渐进式完美哈希
2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems Pub Date : 2011-10-03 DOI: 10.1109/ANCS.2011.33
Yang Xu, L. Ma, Zhaobo Liu, H. J. Chao
{"title":"A Multi-dimensional Progressive Perfect Hashing for High-Speed String Matching","authors":"Yang Xu, L. Ma, Zhaobo Liu, H. J. Chao","doi":"10.1109/ANCS.2011.33","DOIUrl":"https://doi.org/10.1109/ANCS.2011.33","url":null,"abstract":"Aho-Corasick (AC) automaton is widely used for multi-string matching in today's Network Intrusion Detection System (NIDS). With fast-growing rule sets, implementing AC automaton with a small memory without sacrificing its performance has remained challenging in NIDS design. In this paper, we propose a multi-dimensional progressive perfect hashing algorithm named P2-Hashing, which allows transitions of an AC automaton to be placed in a compact hash table without any collision. P2-Hashing is based on the observation that a hash key of each transition consists of two dimensions, namely a source state ID and an input character. When placing a transition in a hash table and causing a collision, we can change the value of a dimension of the hash key to rehash the transition to a new location of the hash table. For a given AC automaton, P2-Hashing first divides all the transitions into many small sets based on the two-dimensional values of the hash keys, and then places the sets of transitions progressively into the hash table until all are placed. Hash collisions that occurred during the insertion of a transition will only affect the transitions in the same set. The proposed P2-Hashing has many unique properties, including fast hash index generation and zero memory overhead, which are very suitable for the AC automaton operation. The feasibility and performance of P2-Hashing are investigated through simulations on the full Snort (6.4k rules) and Clam AV (54k rules) rule sets, each of which is first converted to a single AC automaton. Simulation results show that P2-Hashing can successfully construct the perfect hash table even when the load factor of the hash table is as high as 0.91.","PeriodicalId":124429,"journal":{"name":"2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124516423","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Non-crypto Hardware Hash Functions for High Performance Networking ASICs 用于高性能网络asic的非加密硬件哈希函数
2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems Pub Date : 2011-10-03 DOI: 10.1109/ANCS.2011.32
Nan Hua, Eric Norige, S. Sushanth Kumar, Bill Lynch
{"title":"Non-crypto Hardware Hash Functions for High Performance Networking ASICs","authors":"Nan Hua, Eric Norige, S. Sushanth Kumar, Bill Lynch","doi":"10.1109/ANCS.2011.32","DOIUrl":"https://doi.org/10.1109/ANCS.2011.32","url":null,"abstract":"Hash functions are vital in networking. Hash-based algorithms are increasingly deployed in mission-critical, high speed network devices. These devices will need small, quick, hardware hash functions to keep up with Internet growth. There are many hardware hash functions used in this situation, foremost among them CRC-32. We develop parametrized methods for evaluating hash function output quality so as to better compare similar hash functions. We use these methods to explore the quality of candidate hash functions, including CRC-32, $H_3$ (with fixed seed), MD5 and others. We also propose optimized building blocks for hardware hash functions based on SP-networks. Given a size budget of 4K gates and only 1 cycle to compute the result, we demonstrate a 128 bit input, 64 bit output hash function built using this framework that ranks highly in our tests.","PeriodicalId":124429,"journal":{"name":"2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123606881","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
E-AHRW: An Energy-Efficient Adaptive Hash Scheduler for Stream Processing on Multi-core Servers E-AHRW:一种用于多核服务器流处理的节能自适应哈希调度程序
2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems Pub Date : 2011-10-03 DOI: 10.1109/ANCS.2011.15
Jilong Kuang, L. Bhuyan, Haiyong Xie, Danhua Guo
{"title":"E-AHRW: An Energy-Efficient Adaptive Hash Scheduler for Stream Processing on Multi-core Servers","authors":"Jilong Kuang, L. Bhuyan, Haiyong Xie, Danhua Guo","doi":"10.1109/ANCS.2011.15","DOIUrl":"https://doi.org/10.1109/ANCS.2011.15","url":null,"abstract":"We study a streaming network application -- video transcoding to be executed on a multi-core server. It is important for the scheduler to minimize the total processing time and preserve good video quality in an energy-efficient manner. However, the performance of existing scheduling schemes is largely limited by ineffective use of the multi-core architecture characteristic and undifferentiated transcoding cost in terms of energy consumption. In this paper, we identify three key factors that collectively play important roles in affecting transcoding performance: memory access (M), core/cache topology (C) and transcoding format cost (C), or MC^2 for short. Based on MC^2, we propose E-AHRW, an Energy-efficient Adaptive Highest Random Weight hash scheduler by extending the HRW scheduler proposed for packet scheduling on a homogeneous multiprocessor. E-AHRW achieves stream locality and load balancing at both stream and packet (frame) level by adaptively adjusting the hashing decision according to real-time weighted queue length of each processing unit (PU). Based on E-AHRW, we also design, implement and evaluate a hash-tree scheduler to further reduce the computation cost and achieve more effective load balancing on multi-core architectures. Through implementation on an Intel Xeon server and evaluations on realistic workload, we demonstrate that E-AHRW improves throughput, energy efficiency and video quality due to better load balancing, lower L2 cache miss rate and negligible scheduling overhead.","PeriodicalId":124429,"journal":{"name":"2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124101582","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Netbench: Framework for Evaluation of Packet Processing Algorithms Netbench:评估包处理算法的框架
2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems Pub Date : 2011-10-03 DOI: 10.1109/ANCS.2011.25
V. Pus, Jiri Tobola, V. Kosar, Jan Kastil, J. Korenek
{"title":"Netbench: Framework for Evaluation of Packet Processing Algorithms","authors":"V. Pus, Jiri Tobola, V. Kosar, Jan Kastil, J. Korenek","doi":"10.1109/ANCS.2011.25","DOIUrl":"https://doi.org/10.1109/ANCS.2011.25","url":null,"abstract":"Many algorithms and hardware architectures are proposed to increase processing speed of time-critical operations in the field of longest prefix matching, packet classification and regular expression matching. Despite this fact, there is still no free and easily extensible platform for evaluation, comparison and experiments with existing approaches. We propose the Net bench Framework which aims to serve as an independent platform for researchers seeking the easiest way to implement their algorithms, as well as the comparison of their algorithms with reference implementations of other approaches. The framework is provided as an open source and can be easily extended to support new algorithms or new comparison methodology. Net bench is publicly available at http://www.fit.vutbr.cz/netbench.","PeriodicalId":124429,"journal":{"name":"2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127124453","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Hardware Precomputation of Entropy for Anomaly Detection 异常检测中熵的硬件预计算
2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems Pub Date : 2011-10-03 DOI: 10.1109/ANCS.2011.41
Václav Bartos, M. Zádník
{"title":"Hardware Precomputation of Entropy for Anomaly Detection","authors":"Václav Bartos, M. Zádník","doi":"10.1109/ANCS.2011.41","DOIUrl":"https://doi.org/10.1109/ANCS.2011.41","url":null,"abstract":"This paper deals with hardware acceleration of entropy computation. Various entropies are computed from network features and their mutual combinations. The precomputation allows to offload entropy computation to metering points where it can be computed using unsampled data.","PeriodicalId":124429,"journal":{"name":"2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126732000","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Inferring Packet Processing Behavior Using Input/Output Monitors 使用输入/输出监视器推断包处理行为
2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems Pub Date : 2011-10-03 DOI: 10.1109/ANCS.2011.23
D. Chasaki, Qiang Wu, T. Wolf
{"title":"Inferring Packet Processing Behavior Using Input/Output Monitors","authors":"D. Chasaki, Qiang Wu, T. Wolf","doi":"10.1109/ANCS.2011.23","DOIUrl":"https://doi.org/10.1109/ANCS.2011.23","url":null,"abstract":"Programmable packet processors have replaced traditional fixed-function custom logic in the data path of routers. This programmability introduces new vulnerabilities in these systems that can lead to new types of network attacks. We propose a modular packet processor monitoring technique that can help in detecting and avoiding such attacks. Using information about the processing time distribution of individual modules, input/output traffic characteristics can be inferred and abnormal behavior can be detected.","PeriodicalId":124429,"journal":{"name":"2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126983113","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Fast Content Distribution on Datacenter Networks 数据中心网络上的快速内容分发
2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems Pub Date : 2011-10-03 DOI: 10.1109/ANCS.2011.21
S. James, P. Crowley
{"title":"Fast Content Distribution on Datacenter Networks","authors":"S. James, P. Crowley","doi":"10.1109/ANCS.2011.21","DOIUrl":"https://doi.org/10.1109/ANCS.2011.21","url":null,"abstract":"Peer-to-peer (P2P) applications distribute large files fast. That makes them popular on the Internet and has motivated their use on data center networks. On data center networks, however, these Internet applications waste bandwidth. To fully use available bandwidth, we propose the P2P copy (PCP) application. Results with a prototype show that PCP reduces content distribution times by an order of magnitude.","PeriodicalId":124429,"journal":{"name":"2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134341545","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信