ABSTRACT
AtoZ, an automatic traffic organizer, provides control of how network-resources are used by applications. It does this by combining the high-speed packet processing of the NetFPGA with an efficient method for application-behavior labeling. AtoZ can control network resources by prohibiting certain applications and controlling the resources available to others. We discuss deployment experience and use real traffic to illustrate how such an architecture enables several distinct features: high accuracy, high throughput, minimal delay, and efficient packet labeling --- all in a low-cost, robust configuration that works alongside the enterprise access-router.
- M. Roesch. Snort --- Lightweight Intrusion Detection for Networks. In Proceedings of USENIX LISA'99, 1999. Google ScholarDigital Library
- V. Paxson. Bro: a system for detecting network intruders in real-time. Computer Networks, 31(23--24):2435--2463, 1999. Google ScholarDigital Library
- J. W. Lockwood et al. "NetFPGA--an open platform for gigabit-rate network switching and routing". In IEEE International Conference on Microelectronic Systems Education (MSE'07), 2007. Google ScholarDigital Library
- L. Bernaille et al. Early application identification. In Proceedings of the ACM CoNEXT'06, December 2006. Google ScholarDigital Library
- W. Li et al. Efficient application identification and the temporal and spatial stability of classification schema. Computer Networks, 53(6):790--809, Apr 2009. Google ScholarDigital Library
- M. Dusi et al. Tunnel Hunter: Detecting application-layer tunnels with statistical fingerprinting. Computer Networks, 53(1):81--97, Jan 2009. Google ScholarDigital Library
- G. Maier et al. Enriching network security analysis with time travel. In Proceedings of ACM SIGCOMM'08, 2008. Google ScholarDigital Library
- R. Morris et al. The Click Modular Router. ACM Trans. Comput. Syst., 18(3):263--297, 2000. Google ScholarDigital Library
- A. Broder & M. Mitzenmacher. Network applications of bloom filters: A survey. Internet Mathematics, 1(4):485--609, 2003.Google ScholarCross Ref
- C. Estan and G. Varghese. New directions in traffic measurement and accounting: Focusing on the elephants, ignoring the mice. ACM Trans. Comput. Syst., 21(3):270--313, 2003. Google ScholarDigital Library
- A. Kumar et al. Space-code bloom filter for efficient per-flow traffic measurement. In Proceedings of IEEE INFOCOM, Mar 2004.Google ScholarCross Ref
- R. Pang et al. Characteristics of internet background radiation. In Proceedings of IMC'04, 2004. Google ScholarDigital Library
- R. Karedla et al. Caching strategies to improve disk system performance. Computer, 27(3), 1994. Google ScholarDigital Library
- M. Canini et al. GTVS: Boosting the collection of application traffic ground truth. In Proceedings of TMA'09, May 2009. Google ScholarDigital Library
- M. Attig and J. W. Lockwood. SIFT: Snort intrusion filter for TCP. In Proceedings of the 13th Symposium on High Performance Interconnects (HOTI'05), 2005. Google ScholarDigital Library
- H. Song et al. Snort offloader: A reconfigurable hardware NIDS filter. In Proceedings of FPL'05, 2005.Google Scholar
- J. Gonzalez et al. Shunting: A hardware/software architecture for flexible, high-performance network intrusion prevention. In Proceedings of CCS'07, 2007. Google ScholarDigital Library
Recommendations
High-speed buffer management for 40 Gb/s-based photonic packet switches
We develop a method of high-speed buffer management for output-buffered photonic packet switches. The use of optical fiber delay lines is a promising solution to constructing optical buffers. The buffer manager determines packet delays in the fiber ...
Comments