Accelerating Application Identification with Two-Stage Matching and Pre-Classification

Modern datacenter and enterprise networks require application identification to enable granular traffic control that eJther Jmproves data transfer rates or ensures network security. Providing application visi- bility as a core network function is challenging due to its performance requirements, incl...

Full description

Saved in:
Bibliographic Details
Published in:Tsinghua science and technology 2011-08, Vol.16 (4), p.422-431
Main Author: 何飞 项帆 邵熠阳 薛一波 李军
Format: Article
Language:English
Subjects:
application identification
deep inspection
regular expression
traffic classification
内存使用
分类
匹配算法
应用程序
性能要求
数据传输速率
正则表达式
识别精度
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Modern datacenter and enterprise networks require application identification to enable granular traffic control that eJther Jmproves data transfer rates or ensures network security. Providing application visi- bility as a core network function is challenging due to its performance requirements, including high through- put, low memory usage, and high identification accuracy. This paper presents a payload-based application identification method using a signature matching engine utilizing characteristics of the application identifica- tion. The solution uses two-stage matching and pre-classification to simultaneously improve the throughput and reduce the memory. Compared to a state-of-the-art common regular expression engine, this matching engine achieves 38% memory use reduction and triples the throughput. In addition, the solution is orthogonal to most existing optimization techniques for regular expression matching, which means it can be leveraged to further increase the performance of other matching algorithms.
ISSN:1007-0214
1878-7606
1007-0214
DOI:10.1016/S1007-0214(11)70061-X