Přístupnostní navigace
E-application
Search Search Close
Publication detail
KUČERA, J. POPESCU, D. ANTICHI, G. MOORE, A. KOŘENEK, J.
Original Title
Elastic Trie: Enabling Event Triggered Monitoring in the Dataplane
Type
article in a collection out of WoS and Scopus
Language
English
Original Abstract
High level goals such as bandwidth provisioning, accounting and network anomaly detection can be easily met if high-volume traffic clusters are detected in real time. This paper presents Elastic Trie, an alternative to approaches leveraging controller-dataplane architectures. Our solution is a novel push-based network monitoring approach that allows detection, within the dataplane, of high-volume traffic clusters. Notifications from the switch to the controller can be sent only as required, avoiding the transmission or processing of unnecessary data. Furthermore, the dataplane can iteratively refine the responsible IP prefixes allowing a controller to receive a flexible granularity information. We report and discuss an evaluation of our P4-based prototype, showing our solution to be able to detect (with 95% of precision), hierarchical heavy hitters and superspreaders using less than 8KB or 80KB of active memory respectively. Finally, Elastic Trie can identify changes in the network traffic patterns, symptomatic of Denial-of-Service attack events.
Keywords
Software-Defined Networks, Network Monitoring, Programmable Networks, Network Algorithms, Hierarchical Heavy Hitters.
Authors
KUČERA, J.; POPESCU, D.; ANTICHI, G.; MOORE, A.; KOŘENEK, J.
Released
24. 8. 2018
Publisher
Association for Computing Machinery
Location
Budapest
Pages from
1
Pages to
12
Pages count
BibTex
@inproceedings{BUT168461, author="KUČERA, J. and POPESCU, D. and ANTICHI, G. and MOORE, A. and KOŘENEK, J.", title="Elastic Trie: Enabling Event Triggered Monitoring in the Dataplane", booktitle="SIGCOMM '18 Proceedings of the 2018 ACM SIGCOMM Conference", year="2018", pages="1--12", publisher="Association for Computing Machinery", address="Budapest" }