PPP： Towards Parallel Protocol Parsing

PPP： Towards Parallel Protocol Parsing

下载PDF

导出

摘要 Network traffic classification plays an important role and benefits many practical network issues,such as Next-Generation Firewalls(NGFW),Quality of Service(QoS),etc.To face the challenges brought by modern high speed networks,many inspiring solutions have been proposed to enhance traffic classification.However,taking many factual network conditions into consideration,e.g.,diversity of network environment,traffic classification methods based on Deep Inspection(DI) technique still occupy the top spot in actual usage.In this paper,we propose a novel classification system employing Deep Inspection technique,aiming to achieve Parallel Protocol Parsing(PPP).We start with an analytical study of the existing popular DI methods,namely,regular expression based methods and protocol parsing based methods.Motivated by their relative merits,we extend traditional protocol parsers to achieve parallel matching,which is the representative merit of regular expression.We build a prototype system,and evaluation results show that significant improvement has been made comparing to existing open-source solutions in terms of both memory usage and throughput. Network traffic classification plays an important role and benefits many practical network issues, such as Next-Generation Firewalls （NGFW）, Quality of Service （QoS）, etc. To face the challenges brought by modern high speed networks, many inspiring solutions have been proposed to enhance traffic classification. However, taking many factual network conditions into consideration, e.g., diversity of network environment, traffic classification methods based on Deep Inspection （DI） technique still occupy the top spot in actual usage. In this paper, we propose a novel classification system employing Deep Inspection technique, aiming to achieve Parallel Protocol Parsing （PPP）. We start with an analytical study of the existing popular DI methods, namely, regular expression based methods and protocol parsing based methods. Motivated by their relative merits, we extend traditional protocol parsers to achieve parallel matching, which is the representative merit of regular expression. We build a prototype system, and evaluation results show that significant improvement has been made comparing to existing open-source solutions in terms of both memory usage and throughput.

作者 SHAO Yiyang

机构地区 Department of Automation Research Institute of Information Technology Tsinghua National Lab for Information Science and Technology

出处《China Communications》 SCIE CSCD 2014年第10期106-116,共11页 中国通信（英文版）

基金 supported by the National Key Technology R&D Program of China under Grant No.2012BAH46B04

关键词协议解析 PPP 并行正则表达式分类方法网络流量服务质量检测技术 trafficinspection regularparsingclassification deepexpression protocol

分类号 TP393.08 [自动化与计算机技术—计算机应用技术] TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献1

1何飞,项帆,邵熠阳,薛一波,李军.Accelerating Application Identification with Two-Stage Matching and Pre-Classification[J].Tsinghua Science and Technology,2011,16(4):422-431. 被引量：1

二级参考文献25

1Michela Becchi. Regular expression processor, http:// regex.wustl.edu/. 2010.11,15.
2Libnids. http://libnids.sourceforge.net. 2010.11.15.
3Group S. Defcon 9 Capture the Flag Data. http://ictf.cs. ucsb.edu/data/defcon ctf 09. 2010.11,1.
4A1-Fares M, Radhakrishnan S, Raghavan B, et al. Hedera: Dynamic flow scheduling for data center networks. In: Proceedings of the 7th USENIX Conference on Networked Systems Design and Implementation (NSDI). USA: USENIX, 2010.
5McKeown N, Anderson T, Balakrishnan H, et al. OpenFlow: Enabling innovation in campus networks. SIGCOMM Computer Communication Review, 2008, 38(2).
6Sen S, Spatscheck O, Wang D. Accurate, scalable in-network identification of p2p traffic using application signatures. In: Proceedings of the 13th International Conference on World Wide Web. USA: ACM, 2004: 512-520.
7Haffner P, Sen S, Spatscheck O, et al. ACAS: Automated construction of application signatures. In: Proceedings of the 2005 ACM SIGCOMM Workshop on Mining Network Data. USA: ACM, 2005.
8Moore A W, Zuev D. Intemet traffic classification using Bayesian analysis techniques. In: Proceedings of the ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems. Canada: ACM, 2005.
9Callado A, Kelner J, Sadok D, et al. Better network traffic identification through the independent combination of techniques. Journal of Network and Computer Applications, 2010, 33(4): 433-446.
10Bernaille L, Teixeira R, Akodkenou I, et al. Traffic classification on the fly. SIGCOMM Computer Communication Review, 2006, 36(2).

1Yushan Sun,Lei Zhou,Yuqiang Sun,Zhenghua Ma.Parallel Transitional Rules of Items in Parsing[J].通讯和计算机（中英文版）,2005,2(9):46-49.
2韩磊,罗森林,陈倩柔,潘丽敏.Fast Chinese syntactic parsing method based on conditional random fields[J].Journal of Beijing Institute of Technology,2015,24(4):519-525.
3董永吉,郭云飞,黄万伟,夏军波.一种新的高速报文解析结构研究[J].电子与信息学报,2013,35(5):1083-1089. 被引量：3
4王宗江,王英林,张申生,杜涛.A Parsing Graph-based Algorithm for Ontology Mapping[J].Journal of Donghua University(English Edition),2009,26(3):323-328.
5朱玉娜,韩继红,袁霖,陈韩托,范钰丹.SPFPA:一种面向未知安全协议的格式解析方法[J].计算机研究与发展,2015,52(10):2200-2211. 被引量：15
6曹茂永,赵猛,裴明涛,赵增顺.Video events recognition by improved stochastic parsing based on extended stochastic context-free grammar representation[J].Journal of Beijing Institute of Technology,2013,22(1):81-88.
7DUAN Tong,SHEN Juan,WANG Peng,LIU Shiran.A Self-Adaptive Programming Mechanism for Reconfigurable Parsing and Processing[J].China Communications,2016,13(S1):87-97.
8CAO Yu-fei,LIAO Jian-xin,QI qi,ZHU Xiao-min.Selective parsing to enhance SIP performance[J].The Journal of China Universities of Posts and Telecommunications,2009,16(5):50-55.
9宗成庆,陈肇雄,黄河燕.Parsing with Dynamic Rule Selection[J].Journal of Computer Science & Technology,1997,12(1):90-96.
10张松懋.Weak Precedence Story Parsing Grammar[J].Journal of Computer Science & Technology,1995,10(1):53-64.

China Communications

2014年第10期

浏览历史

内容加载中请稍等...

PPP： Towards Parallel Protocol Parsing

参考文献1

二级参考文献25

相关作者

相关机构

相关主题

浏览历史