scholarly journals DSM: Delayed Signature Matching in Deep Packet Inspection

Symmetry ◽  
2020 ◽  
Vol 12 (12) ◽  
pp. 2011
Author(s):  
Yingpei Zeng ◽  
Shanqing Guo ◽  
Ting Wu ◽  
Qiuhua Zheng
Keyword(s):  
Deep Packet Inspection ◽  
Memory Consumption ◽  
Security Systems ◽  
The Core ◽  
Signature Matching ◽  
Packet Inspection ◽  
And Performance ◽  
Abstract Syntax Trees ◽  
Core Part ◽  
Rule Evaluation

Deep Packet Inspection (DPI) is widely used in network management and network security systems. The core part of existing DPI is signature matching, and many researchers focus on improving the signature-matching algorithms. In this paper, we work from a different angle: The scheduling of signature matching. We propose a Delayed Signature Matching (DSM) method, in which we do not always immediately match received packets to the signatures since there may be not enough packets received yet. Instead, we predefine some rules, and evaluate the packets against these rules first to decide when to start signature matching and which signatures to match. The predefined rules are convenient to create and maintain since they support custom expressions and statements and can be created in a text rule file. The correctness and performance of the DSM method are theoretically analyzed as well. Finally, we implement a prototype of the DSM method in the open-source DPI library nDPI, and find that it can reduce the signature-matching time about 30∼84% in different datasets, with even smaller memory consumption. Note that the abstract syntax trees (ASTs) used to implement DSM rule evaluation are usually symmetric, and the DSM method supports asymmetric (i.e., single-direction) traffic as well.

scholarly journals Thermodynamic and Aerodynamic Analysis of an Air-Driven Fan System in Low-Cost High-Bypass-Ratio Turbofan Engine

Energies ◽  
2019 ◽  
Vol 12 (10) ◽  
pp. 1917 ◽  
Author(s):  
Weiyu Lu ◽  
Guoping Huang ◽  
Xin Xiang ◽  
Jinchun Wang ◽  
Yuxuan Yang
Keyword(s):  
Numerical Simulation ◽  
Design Principle ◽  
Low Cost ◽  
Complex Structure ◽  
Batch Production ◽  
Turbofan Engine ◽  
The Core ◽  
And Performance ◽  
Core Part ◽  
Bypass Ratio

In some cases, the improvement of the bypass ratio (BPR) of turbofans is pursued for military or civilian purposes owing to economic, environmental, and performance reasons, among others. However, high-BPR turbofans suffer from incompatibility of spool speed, complex structure for manufacture, development difficulty, and substantially increasing costs, especially for those with small batch production. To deal with the issues, a novel low-cost concept of high-BPR turbofan with air-driven fan (ADTF) is presented in this research. First, the problems faced by high-BPR turbofans are discussed, and the difficulties of geared turbofan (GTF), which is developed as a solution to the problems, are analyzed. A novel turbofan with potential advantages is proposed, and its basic theory is interpreted. Second, high-BPR ADTF is analyzed at the top level, and the design principle and important primary parameters are discussed. Some important concepts and criteria are proposed, enabling the comparison between ADTF and GTF. Finally, an air-driven fan system, the core part of ADTF, is exploratorily designed, and numerical simulation is performed to demonstrate its feasibility.

scholarly journals A Heterogeneous Service-Oriented Deep Packet Inspection and Analysis Framework for Traffic-Aware Network Management and Security Systems

IEEE Access ◽  
2016 ◽  
Vol 4 ◽  
pp. 5918-5936 ◽  
Author(s):  
Muhammad Asrar Ashraf ◽  
Habibullah Jamal ◽  
Shoab Ahmed Khan ◽  
Zaheer Ahmed ◽  
Muhammad Iram Baig
Keyword(s):  
Network Management ◽  
Deep Packet Inspection ◽  
Analysis Framework ◽  
Security Systems ◽  
Service Oriented ◽  
Packet Inspection ◽  
Heterogeneous Service

scholarly journals Bitmaps & Bitmasks: Efficient Tools to Compress Deterministic Automata

2018 ◽  
Vol 6 (3) ◽  
pp. 41-75
Author(s):  
Shiva Shankar Subramanian ◽  
PinXing Lin ◽  
Andreas Herkersdorf ◽  
Thomas Wild
Keyword(s):  
Linear Time ◽  
Deep Packet Inspection ◽  
Matching Function ◽  
Deterministic Finite Automaton ◽  
Compression Algorithms ◽  
Software Model ◽  
Signature Matching ◽  
Functional Correctness ◽  
Deterministic Automata ◽  
Packet Inspection

Accelerating the signature matching function is essential to perform Deep Packet Inspection (DPI) at line rates. The conversion of the signatures into the Deterministic Finite Automaton (DFA) enables performance of this function at linear time. However, since the DFA is extremely storage inefficient, it is compressed before being stored in the memory. Although state-of-the-art bitmap-based compression algorithms can perform line rate signature matching, they only achieve transition compression of ~90-95%. Addressing the storage inefficiency, two bitmap-based transition compression algorithms were proposed by Subramanian et al. in 2016 to achieve transition compression of over 98%. A theoretical relationship is established in this article between the achievable signature matching throughput and the number of pipeline stages required to perform the decompression through the hardware accelerator based on the proposed techniques. Additional optimizations are proposed and evaluated to improve the per-stream signature matching throughput through the proposed decompression engines. The experimental evaluation of the optimizations shows that the per-stream signature matching throughput can be improved by a factor of 1.2–1.4x. A software model of the proposed decompression engines was designed and evaluated across a multitude of payload byte streams to verify the functional correctness of the proposed compression methods.

scholarly journals Bitmaps & Bitmasks: Efficient Tools to Compress Deterministic Automata

2018 ◽  
Vol 6 (3) ◽  
pp. 41-75
Author(s):  
Shiva Shankar Subramanian ◽  
PinXing Lin ◽  
Andreas Herkersdorf ◽  
Thomas Wild
Keyword(s):  
Linear Time ◽  
Deep Packet Inspection ◽  
Matching Function ◽  
Deterministic Finite Automaton ◽  
Compression Algorithms ◽  
Software Model ◽  
Signature Matching ◽  
Functional Correctness ◽  
Deterministic Automata ◽  
Packet Inspection

Accelerating the signature matching function is essential to perform Deep Packet Inspection (DPI) at line rates. The conversion of the signatures into the Deterministic Finite Automaton (DFA) enables performance of this function at linear time. However, since the DFA is extremely storage inefficient, it is compressed before being stored in the memory. Although state-of-the-art bitmap-based compression algorithms can perform line rate signature matching, they only achieve transition compression of ~90-95%. Addressing the storage inefficiency, two bitmap-based transition compression algorithms were proposed by Subramanian et al. in 2016 to achieve transition compression of over 98%. A theoretical relationship is established in this article between the achievable signature matching throughput and the number of pipeline stages required to perform the decompression through the hardware accelerator based on the proposed techniques. Additional optimizations are proposed and evaluated to improve the per-stream signature matching throughput through the proposed decompression engines. The experimental evaluation of the optimizations shows that the per-stream signature matching throughput can be improved by a factor of 1.2–1.4x. A software model of the proposed decompression engines was designed and evaluated across a multitude of payload byte streams to verify the functional correctness of the proposed compression methods.

scholarly journals Internet Traffic Classification with Federated Learning

Electronics ◽  
2020 ◽  
Vol 10 (1) ◽  
pp. 27
Author(s):  
Hyunsu Mun ◽  
Youngseok Lee
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Internet Traffic ◽  
Packet Classification ◽  
Deep Packet Inspection ◽  
Traffic Classification ◽  
User Privacy ◽  
Internet Traffic Classification ◽  
Packet Inspection ◽  
And Performance

As Internet traffic classification is a typical problem for ISPs or mobile carriers, there have been a lot of studies based on statistical packet header information, deep packet inspection, or machine learning. Due to recent advances in end-to-end encryption and dynamic port policies, machine or deep learning has been an essential key to improve the accuracy of packet classification. In addition, ISPs or mobile carriers should carefully deal with the privacy issue while collecting user packets for accounting or security. The recent development of distributed machine learning, called federated learning, collaboratively carries out machine learning jobs on the clients without uploading data to a central server. Although federated learning provides an on-device learning framework towards user privacy protection, its feasibility and performance of Internet traffic classification have not been fully examined. In this paper, we propose a federated-learning traffic classification protocol (FLIC), which can achieve an accuracy comparable to centralized deep learning for Internet application identification without privacy leakage. FLIC can classify new applications on-the-fly when a participant joins in learning with a new application, which has not been done in previous works. By implementing the prototype of FLIC clients and a server with TensorFlow, the clients gather packets, perform the on-device training job and exchange the training results with the FLIC server. In addition, we demonstrate that federated learning-based packet classification achieves an accuracy of 88% under non-independent and identically distributed (non-IID) traffic across clients. When a new application that can be classified dynamically as a client participates in learning was added, an accuracy of 92% was achieved.

Efficient Regular Expression Compression Algorithm for Deep Packet Inspection

2009 ◽  
Vol 20 (8) ◽  
pp. 2214-2226 ◽  
Author(s):  
Qian XU ◽  
Yue-Peng E ◽  
Jing-Guo GE ◽  
Hua-Lin QIAN
Keyword(s):  
Regular Expression ◽  
Compression Algorithm ◽  
Deep Packet Inspection ◽  
Packet Inspection
Sign in / Sign up

Export Citation Format

Share Document