Přístupnostní navigace
E-přihláška
Vyhledávání Vyhledat Zavřít
Detail publikace
KUČERA, J. POPESCU, D. ANTICHI, G. MOORE, A. KOŘENEK, J.
Originální název
Elastic Trie: Enabling Event Triggered Monitoring in the Dataplane
Typ
článek ve sborníku mimo WoS a Scopus
Jazyk
angličtina
Originální abstrakt
High level goals such as bandwidth provisioning, accounting and network anomaly detection can be easily met if high-volume traffic clusters are detected in real time. This paper presents Elastic Trie, an alternative to approaches leveraging controller-dataplane architectures. Our solution is a novel push-based network monitoring approach that allows detection, within the dataplane, of high-volume traffic clusters. Notifications from the switch to the controller can be sent only as required, avoiding the transmission or processing of unnecessary data. Furthermore, the dataplane can iteratively refine the responsible IP prefixes allowing a controller to receive a flexible granularity information. We report and discuss an evaluation of our P4-based prototype, showing our solution to be able to detect (with 95% of precision), hierarchical heavy hitters and superspreaders using less than 8KB or 80KB of active memory respectively. Finally, Elastic Trie can identify changes in the network traffic patterns, symptomatic of Denial-of-Service attack events.
Klíčová slova
Software-Defined Networks, Network Monitoring, Programmable Networks, Network Algorithms, Hierarchical Heavy Hitters.
Autoři
KUČERA, J.; POPESCU, D.; ANTICHI, G.; MOORE, A.; KOŘENEK, J.
Vydáno
24. 8. 2018
Nakladatel
Association for Computing Machinery
Místo
Budapest
Strany od
1
Strany do
12
Strany počet
BibTex
@inproceedings{BUT168461, author="KUČERA, J. and POPESCU, D. and ANTICHI, G. and MOORE, A. and KOŘENEK, J.", title="Elastic Trie: Enabling Event Triggered Monitoring in the Dataplane", booktitle="SIGCOMM '18 Proceedings of the 2018 ACM SIGCOMM Conference", year="2018", pages="1--12", publisher="Association for Computing Machinery", address="Budapest" }