Software Defined Monitoring of Application Protocols

článek ve sborníku ve WoS nebo Scopus

angličtina

Current high-speed network monitoring systems focus more and more on the data from the application layers. Flow data is usually enriched by the information from HTTP, DNS and other protocols. The increasing speed of the network links, together with the time consuming application protocol parsing, require a new way of hardware acceleration. Therefore, we propose a new concept of hardware acceleration for flexible flow-based application level monitoring, which we call Software Defined Monitoring (SDM). The concept relies on smart monitoring tasks implemented in the software in conjunction with a configurable hardware accelerator. The hardware accelerator is an application-specific processor tailored to stateful flow processing. The monitoring tasks reside in the software and can easily control the level of detail retained by the hardware for each flow. This way, the measurement of bulk/uninteresting traffic is offloaded to the hardware, while the advanced monitoring over the interesting traffic is performed in the software. The proposed concept allows one to create flexible monitoring systems capable of deep packet inspection at high throughput. Our pilot implementation in FPGA is able to perform a 100 Gb/s flow traffic measurement augmented by a selected application-level protocol parsing.

FPGA, Monitoring, Acceleration, Application protocols, L7

KEKELY, L.; PUŠ, V.; KOŘENEK, J.

2014

27. 4. 2014

IEEE Computer Society

Toronto

978-1-4799-3360-0

Proceedings of IEEE INFOCOM 2014 - IEEE Conference on Computer Communications

1725

1733

9

https://www.fit.vut.cz/research/publication/10657/