Cited By
View all- Felstaine EChai EGilboa NElisha A(2010)Distributed flow detection over multi-path sessionsComputer Communications10.1016/j.comcom.2009.12.00233:7(816-827)Online publication date: 1-May-2010
Distributed flow detection over multi path sessions
Article No.: 3, Pages 1 - 10
Abstract
Recently, there has been a growing interest in performing flow inspection within devices in the core network. Frequently, a session passing through the core network is routed through several paths either due to network architecture or due to malicious intent.
This paper present a re-routing layer that enables, for the first time, multi-path-flow inspection. At any point in time, each session is inspected by a single inspection device using existing single-path flow inspection algorithms. Session packets that arrive at other devices are forwarded to the designated device.
Our scheme takes into account the packet arrival history among the collaborating devices for optimized re-routing. We show that the mechanism is highly effcient in terms of the storage and communications overhead imposed on the network due to packet re-routing. The per-packet computation overhead at the devices is shown to be minimal and in the order of O(1).
References
[1]
F. Baboescu, S. Singh, and G. Varghse. Packet classification for core router: Is there an alternative to CAMs? IEEE Infocom 2003, 1:53--63, Apr 2003.
[2]
F. Baboescu and G. Varghese. Scalable packet classification. In Proc. ACM SIGCOMM'01, September 2001.
[3]
M. M. Buddhlkot, S. Suri, and M. Waldvogel. Space decomposition techniques for fast layer-4 switching. In Proc. Conf. Protocols for high Speed Networks, pages 25--41, August 1999.
[4]
H. Chernoff. A measure of asymptotic efficiency for tests of a hypothesis based on the sum of observations. Annals of Mathematical Statistics, 23:493--507, 1952.
[5]
P. Gupta and N. Mckeown. Classification using herarchical intelligent cuttings. In Proc. Hot Interconnects VII, Stanford CA, August 1999.
[6]
P. Gupta and N. Mckeown. Packet classification on multiple fields. In Proc. ACM SIGCOMM'99, pages 147--160, Harvard University, September 1999.
[7]
H. Braun H. Clafly and G. Polyzos. A paramerizable methodology for internet traffic flow profiling. IEEE Journal of Selected Areas in Communications, 13(8), Oct. 1995.
[8]
A. Krikelis and C. C. Weems. Associative processing and processors. Computers, 27(11):12--17, Nov 1994.
[9]
Hyesook Lim, Hye-Ran Kim, and Yeo-Jin Jung. Parallel multiple hashing for packet classification. IEEE Workshop on High Performance Switching and Routing, pages 104--107, May 2005.
[10]
T. Lyon P. Newman and G. Minshall. Flow switching: To switch or not to switch. NSF Workshop on Internet Statistics Measurment, March 1996.
[11]
V. Srinivasan, G. Varghese, and S. Suri. Packet classification using tuple space search. In Proc. ACM SIGCOMM'99, pages 135--146, August 1999.
[12]
V. Srinivasan, G. Varghese, S. Suri, and M. Waldvogel. Fast and scalable layer four switching. In Proc. ACM SIGCOMM'98, pages 191--202, August 1998.
Index Terms
- Distributed flow detection over multi path sessions
Recommendations
Distributed flow detection over multi-path sessions
Recently, there has been great interest in performing flow inspection within devices in the network. Frequently, a session passing through the network is routed through several paths either due to network architecture or due to malicious intent. This ...
A location prediction based routing protocol and its extensions for multicast and multi-path routing in mobile ad hoc networks
This paper discusses a new location prediction based routing (LPBR) protocol for mobile ad hoc networks (MANETs) and its extensions for multicast and multi-path routing. The objective of the LPBR protocol is to simultaneously minimize the number of ...
Design and analysis of a multipacket signature detection system
Worm epidemics in the last few years have shown that manual defences against worm epidemics are not practical. Recently, various automatic worm identification methods have been proposed to be deployed at high-speed network nodes to respond in time to ...
Comments
Information & Contributors
Information
Published In
Copyright © 2008 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
- Create-Net
- INRIA: Institut Natl de Recherche en Info et en Automatique
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 22 September 2008
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
Securecomm08
Sponsor:
- INRIA
Securecomm08: Fourth International Conference On Security on Privacy for communication Networks
September 22 - 25, 2008
Istanbul, Turkey
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 69Total Downloads
- Downloads (Last 12 months)1
- Downloads (Last 6 weeks)0
Reflects downloads up to 03 Mar 2025
Other Metrics
Citations
Cited By
View all- Felstaine EChai EGilboa NElisha A(2010)Distributed flow detection over multi-path sessionsComputer Communications10.1016/j.comcom.2009.12.00233:7(816-827)Online publication date: 1-May-2010
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in