基于多核平台的高性能深度包检测

2009 2nd IEEE International Conference on Broadband Network & Multimedia Technology Pub Date : 2009-12-04 DOI:10.1109/ICBNMT.2009.5347845

Wang Cong, J. Morris, W. Xiaojun

{"title":"基于多核平台的高性能深度包检测","authors":"Wang Cong, J. Morris, W. Xiaojun","doi":"10.1109/ICBNMT.2009.5347845","DOIUrl":null,"url":null,"abstract":"Deep Packet Inspection (DPI) provides the ability to perform Quality of Service (QoS) and Intrusion Detection on network packets. But since the explosive growth of Intrnet, performance and scalability issues have been raised due to the gap between network and end-system speeds. This article describles how a desirable DPI system with multi-gigabits throughput and good scalability should be like by exploiting parallelism on Network Interface Card, network stack and user applications. Connection-based Parallelism, Affinity-based Scheduling and Lock-free Data Structure are the main technologies introduced to alleviate the performance and scalability issues. A common DPI application L7-Filter is used as an example to illustrate the applicaiton level parallelism.","PeriodicalId":267128,"journal":{"name":"2009 2nd IEEE International Conference on Broadband Network & Multimedia Technology","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"High performance Deep Packet Inspection on multi-core platform\",\"authors\":\"Wang Cong, J. Morris, W. Xiaojun\",\"doi\":\"10.1109/ICBNMT.2009.5347845\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Deep Packet Inspection (DPI) provides the ability to perform Quality of Service (QoS) and Intrusion Detection on network packets. But since the explosive growth of Intrnet, performance and scalability issues have been raised due to the gap between network and end-system speeds. This article describles how a desirable DPI system with multi-gigabits throughput and good scalability should be like by exploiting parallelism on Network Interface Card, network stack and user applications. Connection-based Parallelism, Affinity-based Scheduling and Lock-free Data Structure are the main technologies introduced to alleviate the performance and scalability issues. A common DPI application L7-Filter is used as an example to illustrate the applicaiton level parallelism.\",\"PeriodicalId\":267128,\"journal\":{\"name\":\"2009 2nd IEEE International Conference on Broadband Network & Multimedia Technology\",\"volume\":\"16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-12-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 2nd IEEE International Conference on Broadband Network & Multimedia Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICBNMT.2009.5347845\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 2nd IEEE International Conference on Broadband Network & Multimedia Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICBNMT.2009.5347845","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

摘要

DPI (Deep Packet Inspection)是指对网络报文进行QoS (Quality of Service)和入侵检测的能力。但是，由于internet的爆炸性增长，由于网络和终端系统速度之间的差距，性能和可伸缩性问题已经提出。本文描述了通过利用网络接口卡、网络堆栈和用户应用程序上的并行性，一个具有千兆吞吐量和良好可伸缩性的理想DPI系统应该是什么样的。基于连接的并行、基于亲和的调度和无锁数据结构是缓解性能和可伸缩性问题的主要技术。本文以一个常见的DPI应用程序L7-Filter为例说明了应用程序级的并行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

High performance Deep Packet Inspection on multi-core platform

Deep Packet Inspection (DPI) provides the ability to perform Quality of Service (QoS) and Intrusion Detection on network packets. But since the explosive growth of Intrnet, performance and scalability issues have been raised due to the gap between network and end-system speeds. This article describles how a desirable DPI system with multi-gigabits throughput and good scalability should be like by exploiting parallelism on Network Interface Card, network stack and user applications. Connection-based Parallelism, Affinity-based Scheduling and Lock-free Data Structure are the main technologies introduced to alleviate the performance and scalability issues. A common DPI application L7-Filter is used as an example to illustrate the applicaiton level parallelism.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2009 2nd IEEE International Conference on Broadband Network & Multimedia Technology

自引率

0.00%

发文量