13,739 research outputs found
An Experimental Evaluation of the Computational Cost of a DPI Traffic Classifier
A common belief in the scientific community is that traffic classifiers based on deep packet inspection (DPI) are far more expensive in terms of computational complexity compared to statistical classifiers. In this paper we counter this notion by defining accurate models for a deep packet inspection classifier and a statistical one based on support vector machines, and by evaluating their actual processing costs through experimental analysis. The results suggest that, contrary to the common belief, a DPI classifier and an SVM-based one can have comparable computational costs. Although much work is left to prove that our results apply in more general cases, this preliminary analysis is a first indication of how DPI classifiers might not be as computationally complex, compared to other approaches, as we previously though
Relaxing state-access constraints in stateful programmable data planes
Supporting the programming of stateful packet forwarding functions in
hardware has recently attracted the interest of the research community. When
designing such switching chips, the challenge is to guarantee the ability to
program functions that can read and modify data plane's state, while keeping
line rate performance and state consistency. Current state-of-the-art designs
are based on a very conservative all-or-nothing model: programmability is
limited only to those functions that are guaranteed to sustain line rate, with
any traffic workload. In effect, this limits the maximum time to execute state
update operations. In this paper, we explore possible options to relax these
constraints by using simulations on real traffic traces. We then propose a
model in which functions can be executed in a larger but bounded time, while
preventing data hazards with memory locking. We present results showing that
such flexibility can be supported with little or no throughput degradation.Comment: 6 page
KISS: Stochastic Packet Inspection Classifier for UDP Traffic
This paper proposes KISS, a novel Internet classifica- tion engine. Motivated by the expected raise of UDP traffic, which stems from the momentum of Peer-to-Peer (P2P) streaming appli- cations, we propose a novel classification framework that leverages on statistical characterization of payload. Statistical signatures are derived by the means of a Chi-Square-like test, which extracts the protocol "format," but ignores the protocol "semantic" and "synchronization" rules. The signatures feed a decision process based either on the geometric distance among samples, or on Sup- port Vector Machines. KISS is very accurate, and its signatures are intrinsically robust to packet sampling, reordering, and flow asym- metry, so that it can be used on almost any network. KISS is tested in different scenarios, considering traditional client-server proto- cols, VoIP, and both traditional and new P2P Internet applications. Results are astonishing. The average True Positive percentage is 99.6%, with the worst case equal to 98.1,% while results are al- most perfect when dealing with new P2P streaming applications
Comparative Evaluation of Packet Classification Algorithms for Implementation on Resource Constrained Systems
This paper provides a comparative evaluation of a number of known classification algorithms that have been considered for both software and hardware implementation. Differently from other sources, the comparison has been carried out on implementations based on the same principles and design choices. Performance measurements are obtained by feeding the implemented classifiers with various traffic traces in the same test scenario. The comparison also takes into account implementation feasibility of the considered algorithms in resource constrained systems (e.g. embedded processors on special purpose network platforms). In particular, the comparison focuses on achieving a good compromise between performance, memory usage, flexibility and code portability to different target platforms
Mining Unclassified Traffic Using Automatic Clustering Techniques
In this paper we present a fully unsupervised algorithm to identify classes of traffic inside an aggregate. The algorithm leverages on the K-means clustering algorithm, augmented with a mechanism to automatically determine the number of traffic clusters. The signatures used for clustering are statistical representations of the application layer protocols. The proposed technique is extensively tested considering UDP traffic traces collected from operative networks. Performance tests show that it can clusterize the traffic in few tens of pure clusters, achieving an accuracy above 95%. Results are promising and suggest that the proposed approach might effectively be used for automatic traffic monitoring, e.g., to identify the birth of new applications and protocols, or the presence of anomalous or unexpected traffi
A two-level Markov model for packet loss in UDP/IP-based real-time video applications targeting residential users
The packet loss characteristics of Internet paths that include residential broadband links are not well understood, and there are no good models for their behaviour. This compli- cates the design of real-time video applications targeting home users, since it is difficult to choose appropriate error correction and concealment algorithms without a good model for the types of loss observed. Using measurements of residential broadband networks in the UK and Finland, we show that existing models for packet loss, such as the Gilbert model and simple hidden Markov models, do not effectively model the loss patterns seen in this environment. We present a new two-level Markov model for packet loss that can more accurately describe the characteristics of these links, and quantify the effectiveness of this model. We demonstrate that our new packet loss model allows for improved application design, by using it to model the performance of forward error correction on such links
IREEL: remote experimentation with real protocols and applications over emulated network
This paper presents a novel e-learning platform called IREEL. IREEL is a virtual laboratory allowing students to drive experiments with real Internet applications and end-to-end protocols in the context of networking courses. This platform consists in a remote network emulator offering a set of predefined applications and protocol mechanisms. Experimenters configure and control the emulation and the end-systems behavior in order to perform tests, measurements and observations on protocols or applications operating under controlled specific networking conditions. A set of end-to-end mechanisms, mainly focusing on transport and application level protocols, are currently available. IREEL is scalable and easy to use thanks to an ergonomic web interface
The Dynamics of Internet Traffic: Self-Similarity, Self-Organization, and Complex Phenomena
The Internet is the most complex system ever created in human history.
Therefore, its dynamics and traffic unsurprisingly take on a rich variety of
complex dynamics, self-organization, and other phenomena that have been
researched for years. This paper is a review of the complex dynamics of
Internet traffic. Departing from normal treatises, we will take a view from
both the network engineering and physics perspectives showing the strengths and
weaknesses as well as insights of both. In addition, many less covered
phenomena such as traffic oscillations, large-scale effects of worm traffic,
and comparisons of the Internet and biological models will be covered.Comment: 63 pages, 7 figures, 7 tables, submitted to Advances in Complex
System
- ā¦