skip to main content
10.1145/2465839.2465845acmconferencesArticle/Chapter ViewAbstractPublication PagesConference Proceedingsacm-pubtype
research-article

Multi-gigabit traffic identification on GPU

Published: 18 June 2013 Publication History

Abstract

Traffic Identification is a crucial task performed by ISP administrators to evaluate and improve network service quality. Deep Packet Inspection (DPI) is a well-known technique used to identify networked traffic. DPI relies mostly on Regular Expressions (REs) evaluated by Finite Automata. Many previous studies have investigated the impacts on the classification accuracy of such systems when inspecting only a portion of the traffic. However, none have discussed the real impacts on the overall system throughput. This work presents a novel technique to perform DPI on Graphics Processing Units (GPU) called Flow-Based Traffic Identification (FBTI) and a proof-of-concept prototype analysis. Basically we want to increase DPI systems? performance on commodity platforms as well as their capacity to identify networked traffic on high speed links. By combining Deterministic Finite Automaton (DFA) for evaluating REs and flow-level packet sampling we achieve a raw performance of over 60 Gbps on GPUs. Our prototype solution could reach a real throughput of over 12 Gbps, measured as the identified volume of flows.

References

[1]
Aceto, G., Dainotti, A., de Donato, W., Pescapè, A., "PortLoad: taking the best of two worlds in traffic classification", IEEE INFOCOM 2010, March 2010, San Diego (CA, USA).
[2]
Aho, A. V., Corasick, M. J., "Efficient String Matching: An Aid to Bibliographic Search", in Communications of the ACM, 18(6):333--340. 1975.
[3]
Antonello, R., Fernandes, S., Sadok, D., Kelner, J. and Szabó, G., "Deterministic Finite Automaton for Scalable Traffic Identification: the Power of Compressing by Range", in Proc. of IEEE NOMS, 2012, Hawai, USA.
[4]
Antonello, R., Fernandes, S., Sadok, D., e Kelner, J., "Characterizing Signature Sets for Testing DPI Systems", in 3rd IEEE International Workshop on Management of Emerging Networks and Services (MENS) - Globecom Workshop, Houston, USA, 2011.
[5]
Becchi, M. e Crowley, P., "An improved algorithm to accelerate regular expression evaluation", in Proc. of the 3rd ACM/IEEE Symposium on Architecture For Networking and Communications Systems, ANCS '07.
[6]
Cascarano, N., Rolando, P., Risso, F., Sisto, R., "iNFAnt: Nfa Pattern Matching on GPGPU Devices" in ACM SIGCOMM Computer Communication Review (CCR), volume 40 issue 5, October 2010.
[7]
Dainotti, A., Pescape, A., Claffy, K.C., "Issues and future directions in traffic classification," in IEEE Network, vol.26, no.1, pp.35--40, January-February 2012.
[8]
Fernandes, S.; Antonello, R.; Lacerda, T.; Santos, A.; Sadok, D.; Westholm, T.;, "Slimming Down Deep Packet Inspection Systems," in INFOCOM Workshops 2009, IEEE, vol., no., pp.1--6, 19--25 April 2009.
[9]
GPU Direct. https://developer.nvidia.com/gpudirect. Accessed in February 2013.
[10]
Lin., C., Liu, C., Chang, S., "Accelerating Regular Expression Matching Using Hierarchical Parallel Machines on GPU," in IEEE Global Telecommunications Conference, vol., no., pp.1--5, 5--9 Dec. 2011, Houston, USA.
[11]
Luchaup, D., Smith, R., Estan, C., Jha, S., "Multi-byte regular expression matching with speculation", in Proc. of Recent Advances in Intrusion Detection (RAID) on September 23--25, 2009, Britanny, France.
[12]
Mu, S., Zhang, X., Lu, J., Deng, Y. S., Zhang, S., "IP routing processing with graphic processors" in the Design, Automation and Test in Europe, 2010, pp. 93--99.
[13]
NVIDIA, "Cuda c programming guide", 2007, version 3.1.
[14]
Sharp, T., "Implementing decision trees and forests on a GPU", in Proc. ECCV, 2008.
[15]
Smith, R., Goyal, N., Ormont, J., Sankaralingam, K., Estan, C., "Evaluating GPUs for network packet signature matching," in Proc. of Performance Analysis of Systems and Software (ISPASS), pp.175--184, April 2009.
[16]
Smith, R., Estan, C., Jha, S., "XFA: Faster Signature Matching with Extended Automata,", in IEEE Symposium Security and Privacy (SP), pp.187--201, May 2008.
[17]
Snort, http://www.snort.org. Accessed in February 2013.
[18]
TCPDUMP, http://www.tcpdump.org/. Accessed in February 2013.
[19]
Thompson, K., "Programming techniques: Regular expression search algorithm", in ACM Commun. 11(6):419--422, 1968.
[20]
Vasiliadis, G. et al., "Regular expression matching on graphics hardware for intrusion detection," in Proc. of the 12th International Symposium on Recent Advances in Intrusion Detection, Saint-Malo, France, 2009, pp. 265--283.
[21]
Wang, L. et al., "Gregex: GPU Based High Speed Regular Expression Matching Engine," in Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp.366--370, June 2011.
[22]
Yu, F. et al., "Fast and memory-efficient regular expression matching for deep packet inspection", in ACM/IEEE symposium on Architecture for networking and communications systems (ANCS '06). ACM, New York, NY, USA, 93--102, 2006.
[23]
Zu, Y., Yang et al., "GPU-based NFA implementation for memory efficient high speed regular expression matching" In Proceedings of the 17th ACM SIGPLAN symposium on Principles and Practice of Parallel Programming (PPoPP '12).

Cited By

View all
  • (2024)An encrypted traffic classifier via combination of deep learning and automata learningSoft Computing - A Fusion of Foundations, Methodologies and Applications10.1007/s00500-024-10383-028:23(13443-13460)Online publication date: 1-Dec-2024
  • (2021)Network Monitoring and Analysis2021 7th International Conference on Advanced Computing and Communication Systems (ICACCS)10.1109/ICACCS51430.2021.9441767(1400-1403)Online publication date: 19-Mar-2021
  • (2018)Parallelizing Deep Packet Inspection on GPU2018 IEEE Fourth International Conference on Big Data Computing Service and Applications (BigDataService)10.1109/BigDataService.2018.00044(248-253)Online publication date: Mar-2018
  • Show More Cited By

Index Terms

  1. Multi-gigabit traffic identification on GPU

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    HPPN '13: Proceedings of the first edition workshop on High performance and programmable networking
    June 2013
    70 pages
    ISBN:9781450319812
    DOI:10.1145/2465839
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 18 June 2013

    Permissions

    Request permissions for this article.

    Check for updates

    Qualifiers

    • Research-article

    Conference

    HPDC'13
    Sponsor:

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)2
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 13 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)An encrypted traffic classifier via combination of deep learning and automata learningSoft Computing - A Fusion of Foundations, Methodologies and Applications10.1007/s00500-024-10383-028:23(13443-13460)Online publication date: 1-Dec-2024
    • (2021)Network Monitoring and Analysis2021 7th International Conference on Advanced Computing and Communication Systems (ICACCS)10.1109/ICACCS51430.2021.9441767(1400-1403)Online publication date: 19-Mar-2021
    • (2018)Parallelizing Deep Packet Inspection on GPU2018 IEEE Fourth International Conference on Big Data Computing Service and Applications (BigDataService)10.1109/BigDataService.2018.00044(248-253)Online publication date: Mar-2018
    • (2017)System architecture for deep packet inspection in high-speed networks2017 Siberian Symposium on Data Science and Engineering (SSDSE)10.1109/SSDSE.2017.8071958(27-32)Online publication date: Apr-2017
    • (2014)Traffic classification with on-line ensemble method2014 Global Information Infrastructure and Networking Symposium (GIIS)10.1109/GIIS.2014.6934280(1-4)Online publication date: Sep-2014

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media