GraphBLAS on the Edge: Anonymized High Performance Streaming of Network Traffic

Long range detection is a cornerstone of defense in many operating domains (land, sea, undersea, air, space, ..,). In the cyber domain, long range detection requires the analysis of significant network traffic from a variety of observatories and outposts. Construction of anonymized hypersparse traff...

Full description

Saved in:
Bibliographic Details
Published in:arXiv.org 2022-09
Main Authors: Jones, Michael, Kepner, Jeremy, Andersen, Daniel, Aydin Buluc, Byun, Chansup, Claffy, K, Davis, Timothy, Arcand, William, Bernays, Jonathan, Bestor, David, Bergeron, William, Gadepally, Vijay, Houle, Micheal, Hubbell, Matthew, Hayden Jananthan, Klein, Anna, Meiners, Chad, Milechin, Lauren, Mullen, Julie, Pisharody, Sandeep, Prout, Andrew, Reuther, Albert, Rosa, Antonio, Samsi, Siddharth, Sreekanth, Jon, Stetson, Doug, Yee, Charles, Michaleas, Peter
Format: Article
Language:English
Subjects:
Communications traffic
Data compression
Domains
Electronic devices
Microprocessors
Observatories
Undersea
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Long range detection is a cornerstone of defense in many operating domains (land, sea, undersea, air, space, ..,). In the cyber domain, long range detection requires the analysis of significant network traffic from a variety of observatories and outposts. Construction of anonymized hypersparse traffic matrices on edge network devices can be a key enabler by providing significant data compression in a rapidly analyzable format that protects privacy. GraphBLAS is ideally suited for both constructing and analyzing anonymized hypersparse traffic matrices. The performance of GraphBLAS on an Accolade Technologies edge network device is demonstrated on a near worse case traffic scenario using a continuous stream of CAIDA Telescope darknet packets. The performance for varying numbers of traffic buffers, threads, and processor cores is explored. Anonymized hypersparse traffic matrices can be constructed at a rate of over 50,000,000 packets per second; exceeding a typical 400 Gigabit network link. This performance demonstrates that anonymized hypersparse traffic matrices are readily computable on edge network devices with minimal compute resources and can be a viable data product for such devices.
ISSN:2331-8422
DOI:10.48550/arxiv.2203.13934