透過您的圖書館登入 IP:18.224.39.32
透過您的圖書館登入
IP:18.224.39.32
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

於可重新架構化硬體平台上設計與實現基於彈性化速寫演算法之網絡流量監控系統

Design and Implementation of a Flexible Sketch-based Network Traffic Monitoring System on a Reconfigurable Hardware Platform

魏特佑(Theophilus Wellem)
指導教授 : 賴裕昆 鍾文耀
中原大學/電機資訊學院/電子工程研究所/博士(2020年)
https://doi.org/10.6840/cycu202000830
全文下載

摘要

本論文提出並且具體設計一套基於場效可程式化晶片(FPGA)之系統框架,以彈性化的方式,提供多樣化基於速寫演算法流量量測與監控的應用。此系統為了不同網路流量監控應用,針對網路封包流量統計資料以及網路封包標頭資訊之儲存,透過5-Universal哈希函數之特性,基於限制線性探測探查之次數,提出一個高速表格更新之新穎資料層架構。本論文在資料層方面設計了兩個用於儲存封包資訊的資料結構,分別是 網路封包計數器表與網路封包索引表。 本系統是實現於NetFPGA-SUME的平臺上,此平臺可用於處理網路中最糟的網路情況亦即假設每筆網路訊框大小皆為64位元組。此系統對網路封包計數器表更新速率,也就是流量處理的效能可以超過100 Gbps。 系統驗證之網路流量輸入資料使用實際網路封包流量檔,本論文目前在此系統框架上,針對三種網路封包流量監測的應用:資訊熵值估測、超級散播者偵測與巨大流量偵測進行實際的測試,並以此三種網路封包流量監測結果證明本系統之效能。本論文所提出的系統與先前文獻所提出的方法相比較,不但有更好的彈性也有更佳的流量處理效能與量測精度。

關鍵字

網路流量監控 速寫演算法 雜湊表 布隆濾波器 QDRII+ SRAM DDR3 DRAM NetFPGA-SUME

並列摘要

This dissertation proposes a system designed to provide the flexibility of using various sketch-based algorithms for traffic monitoring and measurement tasks. The proposed system leverages on a novel data plane architecture that collects traffic flow statistics and provides arbitrary flow aggregations to the monitoring applications. The data plane design comprises a flow counter table and a flow key table for storing flow-level data. The flow counter table design can achieve a throughput of more than 100 Gbps. Simulation results based on a real traffic trace for three monitoring applications - entropy estimation, superspreader detection, and heavy hitter detection - are presented to demonstrate the performance of the proposed system. The results show that the proposed system yields comparable and better measurement accuracy compared to previous approaches. The proposed system is implemented on the NetFPGA-SUME platform and is sufficient of processing network traffic at line rate. Overall, the proposed system can handle around 83 million packets per second (Mpps), resulting in a throughput of 55.86 Gbps in a worst-case scenario corresponding to a 64-byte minimum Ethernet frame size.

並列關鍵字

Network traffic monitoring sketch hash table Bloom filter QDRII+ SRAM DDR3 DRAM NetFPGA-SUME

參考文獻

[1] B. Li, J. Springer, G. Bebis, and M. Hadi Gunes, "A survey of network flow applications," Journal of Network and Computer Applications, vol. 36, pp. 567–581, Mar. 2013.
[2] R. Hofstede, P. Celeda, B. Trammell, I. Drago, R. Sadre, A. Sperotto, and A. Pras, "Flow Monitoring Explained: From Packet Capture to Data Analysis With NetFlow and IPFIX," IEEE Communications Surveys Tutorials, vol. 16, no. 4, pp. 2037–2064, 2014.
[3] "Cisco NetFlow, http://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-netflow/index.html."
[4] J. Mai, C.-N. Chuah, A. Sridharan, T. Ye, and H. Zang, "Is sampled data sufficient for anomaly detection?," in Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, IMC ’06, (New York, NY, USA), pp. 165–176, ACM, 2006.
[5] D. Brauckhoff, B. Tellenbach, A. Wagner, M. May, and A. Lakhina, "Impact of packet sampling on anomaly detection metrics," in Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, IMC ’06, (New York, NY, USA), pp. 159–164, ACM, 2006.

延伸閱讀

全文下載