skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Deep Packet/Flow Analysis using GPUs

Conference ·
OSTI ID:1462242
 [1];  [1];  [1]
  1. Fermilab
+ Show Author Affiliations

aDeep packet inspection (DPI) faces severe performance challenges in high-speed networks (40/100 GE) as it requires a large amount of raw computing power and high I/O throughputs. Recently, researchers have tentatively used GPUs to address the above issues and boost the performance of DPI. Typically, DPI applications involve highly complex operations in both per-packet and per-flow data level, often in real-time. The parallel architecture of GPUs fits exceptionally well for per-packet network traffic processing. However, for stateful network protocols such as TCP, their data stream need to be reconstructed in a per-flow level to deliver a consistent content analysis. Since the flow-centric operations are naturally anti-parallel and often require large memory space for buffering out-of-sequence packets, they can be problematic for GPUs, whose memory is normally limited to several gigabytes. In this work, we present a highly efficient GPU-based deep packet/flow analysi s framework. The proposed design includes a purely GPU-implemented flow tracking and TCP stream reassembly. Instead of buffering and waiting for TCP packets to become in sequence, our framework process the packets in batch and uses a deterministic finite automaton (DFA) with prefix-/suffix- tree method to detect patterns across out-of-sequence packets that happen to be located in different batches. Evaluation shows that our code can reassemble and forward tens of millions of packets per second and conduct a stateful signature-based deep packet inspection at 55 Gbit/s using an NVIDIA K40 GPU.

Research Organization:
Fermi National Accelerator Lab. (FNAL), Batavia, IL (United States)
Sponsoring Organization:
USDOE Office of Science (SC), High Energy Physics (HEP)
DOE Contract Number:
AC02-07CH11359
OSTI ID:
1462242
Report Number(s):
FERMILAB-POSTER-17-032-CD; 1683399
Resource Relation:
Conference: International Conference for High Performance Computing, Networking, Storage and Analysis, Denver, CO, 11/12-11/17/2017
Country of Publication:
United States
Language:
English

Similar Records

Deep Packet/Flow Analysis using GPUs
Conference · Sun Nov 12 00:00:00 EST 2017 · OSTI ID:1462242
GoldenEye: stream-based network packet inspection using GPUs
Conference · Thu Oct 04 00:00:00 EDT 2018 · OSTI ID:1462242
Real-time Intrusion Detection for High-bandwidth Research Networks using Unsupervised Deep Learning
Conference · Wed Jan 01 00:00:00 EST 2020 · OSTI ID:1462242

Related Subjects