Rule-set Database Inspection: Towards Data Utilization in Packet Processing
نویسندگان
چکیده
A critical task in network processing is packet analysis that includes operations like packet classification, filtering, and inspection. These operations are commonly based on matching headers and/or data within packets to rules inside a rule-set database. Consequently, the matching procedure determines how packets are classified. When matched, the same database contains the actions to be taken on the matched incoming packets. Even though much research has been performed in improving the performance of these packet processing operations, a thorough inspection of rule-set databases into their characteristics is still left open for further investigation. In this paper, we describe our inspection of real rule-set databases in order to determine the properties that can be exploited in future packet processing techniques or used to optimize current ones. As a result, different graphs are presented and discussed based on extracted information from various fields of rule-set database records.
منابع مشابه
Feature Extraction to Identify Network Traffic with Considering Packet Loss Effects
There are huge petitions of network traffic coming from various applications on Internet. In dealing with this volume of network traffic, network management plays a crucial rule. Traffic classification is a basic technique which is used by Internet service providers (ISP) to manage network resources and to guarantee Internet security. In addition, growing bandwidth usage, at one hand, and limit...
متن کاملEfficient Pre-filtering Techniques for Packet Inspection
Faculty of Electrical Engineering, Mathematics and Computer Science CE-MS-2008-15 Network Security is a significant issue nowadays. The information flow is enormous and the attacks have been substantially evolved. Every single packet of the flow must be scanned in deep and checked with all known attack rules (Deep Packet Inspection) to determine whether it is malicious. However, the task of Dee...
متن کاملAn Analysis of Rule-set Databases in Packet Classification
Packet classification has proved to be an important challenge in network processing. It requires comparing each packet against a database of rules and forwarding the packet according to the highest priority matching rule. Packet classification can be seen as the categorization of incoming packets based on their headers according to specific criteria that examine specific fields within a packet ...
متن کاملSWM: Simplified Wu-Manber for GPU-based Deep Packet Inspection
Graphics processing units (GPU) have potential to speed up deep packet inspection (DPI) by processing many packets in parallel. However, popular methods of DPI such as deterministic finite automata are limited because they are single stride. Alternatively, the complexity of multiple stride methods is not appropriate for the SIMD operation of a GPU. In this work we present SWM, a simplified, mul...
متن کاملInternet Traffic Classification for Faster and Secured Network Service
Due to the growth in prominence of Web, there is a need for proficient system administration. Network visibility becomes very crucial for traffic engineering and network management. A large number of users demands varied information at a given time. By identifying the users that demand same type of information and clustering them into different groups, the Internet accessibility and resource ut...
متن کامل