A Dynamically Reconfigurable System for Closed-Loop Measurements of Network Traffic

Khan, Faisal; Ghiasi, Soheil; Chuah, Chen -Nee

doi:10.1109/TC.2012.228

Title: A Dynamically Reconfigurable System for Closed-Loop Measurements of Network Traffic

Abstract

Streaming network traffic measurement and analysis is critical for detecting and preventing any real-time anomalies in the network. The high speeds and complexity of today's networks, coupled with ever evolving threats, necessitate closing of the loop between measurements and their analysis in real time. The ensuing system demands high levels of programmability and processing where streaming measurements adapt to the changing network behavior in a goal-oriented manner. In this work, we exploit the features and requirements of the problem and develop an application-specific FPGA-based closed-loop measurement (CLM) system. We make novel use of fine-grained partial dynamic reconfiguration (PDR) as underlying reprogramming paradigm, performing low-latency just-in-time compiled logic changes in FPGA fabric corresponding to the dynamic measurement requirements. Our innovative dynamically reconfigurable socket offers 3× logic savings over conventional static solutions, while offering much reduced reconfiguration latencies over conventional PDR mechanisms. Here, we integrate multiple sockets in a highly parallel CLM framework and demonstrate its effectiveness in identifying heavy flows in streaming network traffic. The results using an FPGA prototype offer 100 percent detection accuracy while sustaining increasing link speeds.

Authors:

Khan, Faisal ^[1]; Ghiasi, Soheil ^[1]; Chuah, Chen -Nee ^[1]

Univ. of California, Davis, CA (United States)

Publication Date:: Thu Sep 13 00:00:00 EDT 2012

Research Org.:: Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)

Sponsoring Org.:: USDOE Office of Science (SC)

OSTI Identifier:: 1523920

Grant/Contract Number:: AC02-05CH11231

Resource Type:: Accepted Manuscript

Journal Name:: IEEE Transactions on Computers

Additional Journal Information:: Journal Volume: 63; Journal Issue: 2; Journal ID: ISSN 0018-9340

Publisher:: IEEE

Country of Publication:: United States

Language:: English

Subject:: 97 MATHEMATICS AND COMPUTING; Field programmable gate arrays; Table lookup; Registers; Sockets; Hardware; Programming; Pattern matching; parallel circuits; Reconfigurable hardware; network monitoring

Citation Formats


                    Khan, Faisal, Ghiasi, Soheil, and Chuah, Chen -Nee. A Dynamically Reconfigurable System for Closed-Loop Measurements of Network Traffic.  United States: N. p., 2012. 
Web.  doi:10.1109/TC.2012.228.

Copy to clipboard


                    Khan, Faisal, Ghiasi, Soheil, & Chuah, Chen -Nee. A Dynamically Reconfigurable System for Closed-Loop Measurements of Network Traffic.  United States.  https://doi.org/10.1109/TC.2012.228

Copy to clipboard


                    Khan, Faisal, Ghiasi, Soheil, and Chuah, Chen -Nee. Thu .  
"A Dynamically Reconfigurable System for Closed-Loop Measurements of Network Traffic".  United States.  https://doi.org/10.1109/TC.2012.228.  https://www.osti.gov/servlets/purl/1523920.

Copy to clipboard


                    
@article{osti_1523920,

  title        = {A Dynamically Reconfigurable System for Closed-Loop Measurements of Network Traffic},

  author       = {Khan, Faisal and Ghiasi, Soheil and Chuah, Chen -Nee},

  abstractNote = {Streaming network traffic measurement and analysis is critical for detecting and preventing any real-time anomalies in the network. The high speeds and complexity of today's networks, coupled with ever evolving threats, necessitate closing of the loop between measurements and their analysis in real time. The ensuing system demands high levels of programmability and processing where streaming measurements adapt to the changing network behavior in a goal-oriented manner. In this work, we exploit the features and requirements of the problem and develop an application-specific FPGA-based closed-loop measurement (CLM) system. We make novel use of fine-grained partial dynamic reconfiguration (PDR) as underlying reprogramming paradigm, performing low-latency just-in-time compiled logic changes in FPGA fabric corresponding to the dynamic measurement requirements. Our innovative dynamically reconfigurable socket offers 3× logic savings over conventional static solutions, while offering much reduced reconfiguration latencies over conventional PDR mechanisms. Here, we integrate multiple sockets in a highly parallel CLM framework and demonstrate its effectiveness in identifying heavy flows in streaming network traffic. The results using an FPGA prototype offer 100 percent detection accuracy while sustaining increasing link speeds.},

  doi          = {10.1109/TC.2012.228},

  journal      = {IEEE Transactions on Computers},

  number       = 2,

  volume       = 63,

  place        = {United States},

  year         = {Thu Sep 13 00:00:00 EDT 2012},

  month        = {Thu Sep 13 00:00:00 EDT 2012}

}

Copy to clipboard

Journal Article:

Free Publicly Available Full Text

Accepted Manuscript (DOE)

Publisher's Version of Record

https://doi.org/10.1109/TC.2012.228

Other availability

Search WorldCat to find libraries that may hold this journal

Citation Metrics:

Cited by: 1 work

Citation information provided by
Web of Science

Figures / Tables:

Fig. 1: Network measurement paradigms.

All figures and tables (16 total)

Save / Share:

Export Metadata

Save to My Library

Figures / Tables found in this record:

Figures/Tables have been extracted from DOE-funded journal article accepted manuscripts.

Similar Records in DOE PAGES and OSTI.GOV collections:

Reconfigurable computing in space: from current technology to reconfigurable systems-on-a-chip.

Conference Graham, R C ; Caffrey, M P ; Johnson, D E ; ...

The performance, in-system reprogrammability, flexibility, and reduced costs of SRAM-based FPGAs make them very interesting for high-speed, on-orbit data processing, but, because the current generation of radiation-tolerant SRAM-based FPGAs are derived directly from COTS versions of the chips, several issues must be dealt with for space, including SEU sensitivities, power consumption, thermal problems, and support logic. This paper will discuss Los Alamos National Laboratory's approach to using the Xilinx XQVR1000 FPGAs for on-orbit processing in the Cibola Flight Experiment (CFE) as well as the possibilities and challenges of using newer, system-on-a-reprogrammable-chip FPGAs, such as Virtex I1 Pro, in space-based reconfigurablemore »« less
https://doi.org/10.1109/AERO.2003.1235164

Full Text Available
Metropolitan Road Traffic Simulation on FPGAs.

Conference L, Tripp J ; Mortveit, H S ; Hansson, A A ; ...

This work demonstrates that road traffic simulation of entire metropolitan areas is possible with reconfigurable supercomputing that combines 64-bit microprocessors and FPGAs in a high bandwidth, low latency interconnect. Previously, traffic simulation on FPGAs was limited to very short road segments or required a very large number of FPGAs. Our data streaming approach overcomes scaling issues associated with direct implementations and still allows for high-level parallelism by dividing the data sets between hardware and software across the reconfigurable supercomputer. Using one FPGA on the Cray XD1 supercomputer, we are able to achieve a 34.4 x speed up over the AMDmore »« less
Full Text Available
LINEBACkER: Bio-inspired Data Reduction Toward Real Time Network Traffic Analysis

Conference Teuton, Jeremy R. ; Peterson, Elena S. ; Nordwall, Douglas J. ; ...

Abstract—One essential component of resilient cyber applications is the ability to detect adversaries and protect systems with the same flexibility adversaries will use to achieve their goals. Current detection techniques do not enable this degree of flexibility because most existing applications are built using exact or regular-expression matching to libraries of rule sets. Further, network traffic defies traditional cyber security approaches that focus on limiting access based on the use of passwords and examination of lists of installed or downloaded programs. These approaches do not readily apply to network traffic occurring beyond the access control point, and when the datamore »« less
https://doi.org/10.1109/ISRCS.2013.6623771
FPGA Based Real-time Network Traffic Analysis using Traffic Dispersion Patterns

Conference Khan, F ; Gokhale, M ; Chuah, C N

The problem of Network Traffic Classification (NTC) has attracted significant amount of interest in the research community, offering a wide range of solutions at various levels. The core challenge is in addressing high amounts of traffic diversity found in today's networks. The problem becomes more challenging if a quick detection is required as in the case of identifying malicious network behavior or new applications like peer-to-peer traffic that have potential to quickly throttle the network bandwidth or cause significant damage. Recently, Traffic Dispersion Graphs (TDGs) have been introduced as a viable candidate for NTC. The TDGs work by forming amore »« less
Full Text Available
Streaming Solutions for Fine-Grained Network Traffic Measurements and Analysis

Journal Article Khan, Faisal ; Hosein, Nicholas ; Ghiasi, Soheil ; ... - IEEE/ACM Transactions on Networking

Online network traffic measurements and analysis is critical for detecting and preventing any real-time anomalies in the network. We propose, implement, and evaluate an online, adaptive measurement platform, which utilizes real-time traffic analysis results to refine subsequent traffic measurements. Central to our solution is the concept of Multi-Resolution Tiling (MRT), a heuristic approach that performs sequential analysis of traffic data to zoom into traffic subregions of interest. However, MRT is sensitive to transient traffic spikes. In this paper, we propose three novel traffic streaming algorithms that overcome the limitations of MRT and can cater to varying degrees of computational andmore »« less
Cited by 6
https://doi.org/10.1109/TNET.2013.2263228

Full Text Available

Similar Records