Detail publikace

Trade-offs and Progressive Adoption of FPGA Acceleration in Network Traffic Monitoring

KEKELY, L. PUŠ, V. BENÁČEK, P. KOŘENEK, J.

Originální název

Trade-offs and Progressive Adoption of FPGA Acceleration in Network Traffic Monitoring

Anglický název

Trade-offs and Progressive Adoption of FPGA Acceleration in Network Traffic Monitoring

Jazyk

en

Originální abstrakt

Current hardware acceleration cores for network traffic processing are often well optimized for one particular task and therefore provide high level of hardware acceleration. But for many applications, such as network traffic monitoring and security, it is also necessary to achieve rapid development cycle to provide fast response to security threats. We propose and evaluate a new concept of hardware acceleration for flexible flow-based network traffic monitoring with support of application protocol analysis. The concept is called Software Defined Monitoring (SDM) and it relies on a configurable hardware accelerator implemented in FPGA, coupled with smart monitoring tasks running as software on general CPU. The monitoring tasks in the software control the level of detail and type of information retained during the hardware processing. This arrangement allows rapid application prototyping in the software, followed by further shifting of the timing critical parts of the processing to the hardware accelerator. The concept is proposed with the scalability in mind, therefore it is suitable for different FPGA based platforms ranging from embedded single-chip solutions (such as Zynq or Cyclone V) to high-speed backbone network monitoring boxes. Our pilot high-speed implementation using FPGA acceleration board in a commodity server performs a 100 Gb/s flow traffic measurement augmented by a selected application protocol analysis.

Anglický abstrakt

Current hardware acceleration cores for network traffic processing are often well optimized for one particular task and therefore provide high level of hardware acceleration. But for many applications, such as network traffic monitoring and security, it is also necessary to achieve rapid development cycle to provide fast response to security threats. We propose and evaluate a new concept of hardware acceleration for flexible flow-based network traffic monitoring with support of application protocol analysis. The concept is called Software Defined Monitoring (SDM) and it relies on a configurable hardware accelerator implemented in FPGA, coupled with smart monitoring tasks running as software on general CPU. The monitoring tasks in the software control the level of detail and type of information retained during the hardware processing. This arrangement allows rapid application prototyping in the software, followed by further shifting of the timing critical parts of the processing to the hardware accelerator. The concept is proposed with the scalability in mind, therefore it is suitable for different FPGA based platforms ranging from embedded single-chip solutions (such as Zynq or Cyclone V) to high-speed backbone network monitoring boxes. Our pilot high-speed implementation using FPGA acceleration board in a commodity server performs a 100 Gb/s flow traffic measurement augmented by a selected application protocol analysis.

Dokumenty

BibTex


@inproceedings{BUT111645,
  author="Lukáš {Kekely} and Viktor {Puš} and Pavel {Benáček} and Jan {Kořenek}",
  title="Trade-offs and Progressive Adoption of FPGA Acceleration in Network Traffic Monitoring",
  annote="Current hardware acceleration cores for network traffic processing are often well
optimized for one particular task and therefore provide high level of hardware
acceleration. But for many applications, such as network traffic monitoring and
security, it is also necessary to achieve rapid development cycle to provide fast
response to security threats. We propose and evaluate a new concept of hardware
acceleration for flexible flow-based network traffic monitoring with support of
application protocol analysis. The concept is called Software Defined Monitoring
(SDM) and it relies on a configurable hardware accelerator implemented in FPGA,
coupled with smart monitoring tasks running as software on general CPU. The
monitoring tasks in the software control the level of detail and type of
information retained during the hardware processing. This arrangement allows
rapid application prototyping in the software, followed by further shifting of
the timing critical parts of the processing to the hardware accelerator. The
concept is proposed with the scalability in mind, therefore it is suitable for
different FPGA based platforms ranging from embedded single-chip solutions (such
as Zynq or Cyclone V) to high-speed backbone network monitoring boxes. Our pilot
high-speed implementation using FPGA acceleration board in a commodity server
performs a 100 Gb/s flow traffic measurement augmented by a selected application
protocol analysis.",
  address="IEEE Circuits and Systems Society",
  booktitle="2014 24th International Conference on Field Programmable Logic and Applications (FPL 2014)",
  chapter="111645",
  doi="10.1109/FPL.2014.6927443",
  edition="NEUVEDEN",
  howpublished="electronic, physical medium",
  institution="IEEE Circuits and Systems Society",
  year="2014",
  month="september",
  pages="264--267",
  publisher="IEEE Circuits and Systems Society",
  type="conference paper"
}