DPF: fast, flexible message demultiplexing using dynamic code generation
Conference proceedings on Applications, technologies, architectures, and protocols for computer communications
Scalable high speed IP routing lookups
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
Fast and scalable layer four switching
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
High-speed policy-based packet forwarding using efficient multi-dimensional range matching
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
An extensible probe architecture for network protocol performance measurement
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
Router plugins: a software architecture for next generation routers
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
Building Internet Firewalls
IP switching and gigabit routers
IEEE Communications Magazine
Characterizing processor architectures for programmable network interfaces
Proceedings of the 14th international conference on Supercomputing
Fast firewall implementations for software-based and hardware-based routers
Proceedings of the 2001 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Scalable packet classification
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Pattern matching in reconfigurable logic for packet classification
CASES '01 Proceedings of the 2001 international conference on Compilers, architecture, and synthesis for embedded systems
Scalable high-speed prefix matching
ACM Transactions on Computer Systems (TOCS)
QoS-Sensitive Flows: Issues in IP Packet Handling
IEEE Internet Computing
Fast Updating Algorithms for TCAMs
IEEE Micro
IEEE/ACM Transactions on Networking (TON)
A Fast Packet Classification by Using Enhanced Tuple Pruning
PIHSN '02 Proceedings of the 7th IFIP/IEEE International Workshop on Protocols for High Speed Networks
New Algorithms for Subset Query, Partial Match, Orthogonal Range Searching, and Related Problems
ICALP '02 Proceedings of the 29th International Colloquium on Automata, Languages and Programming
Profile-Based Routing: A New Framework for MPLS Traffic Engineering
COST 263 Proceedings of the Second International Workshop on Quality of Future Internet Services
Dynamic Algorithms with Worst-Case Performance for Packet Classification
NETWORKING '00 Proceedings of the IFIP-TC6 / European Commission International Conference on Broadband Communications, High Performance Networking, and Performance of Communication Networks
Packet classification using multidimensional cutting
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Fast and scalable conflict detection for packet classifiers
Computer Networks: The International Journal of Computer and Telecommunications Networking
Online identification of hierarchical heavy hitters: algorithms, evaluation, and applications
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
CoPTUA: Consistent Policy Table Update Algorithm for TCAM without Locking
IEEE Transactions on Computers
Scalable packet classification
IEEE/ACM Transactions on Networking (TON)
Packet classification in large ISPs: design and evaluation of decision tree classifiers
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Fast hash table lookup using extended bloom filter: an aid to network processing
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Packet classification consuming small amount of memory
IEEE/ACM Transactions on Networking (TON)
Survey and taxonomy of packet classification techniques
ACM Computing Surveys (CSUR)
Efficient manipulation of binary data using pattern matching
Journal of Functional Programming
Conflict detection and resolution in two-dimensional prefix router tables
IEEE/ACM Transactions on Networking (TON)
Dynamic rule-ordering optimization for high-speed firewall filtering
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Packet classifiers in ternary CAMs can be smaller
SIGMETRICS '06/Performance '06 Proceedings of the joint international conference on Measurement and modeling of computer systems
Packet classification using diagonal-based tuple space search
Computer Networks: The International Journal of Computer and Telecommunications Networking
Data trace cache: an application specific cache architecture
MEDEA '05 Proceedings of the 2005 workshop on MEmory performance: DEaling with Applications , systems and architecture
DPPC-RE: TCAM-Based Distributed Parallel Packet Classification with Range Encoding
IEEE Transactions on Computers
Fast packet classification for two-dimensional conflict-free filters
Computer Networks: The International Journal of Computer and Telecommunications Networking
Packet classification using coarse-grained tuple spaces
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Simulation Study of Firewalls to Aid Improved Performance
ANSS '06 Proceedings of the 39th annual Symposium on Simulation
Two-dimensional packet classification algorithm using a quad-tree
Computer Communications
Wire speed packet classification without tcams: a few more registers (and a bit of logic) are enough
Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
O(logW) multidimensional packet classification
IEEE/ACM Transactions on Networking (TON)
ClassBench: a packet classification benchmark
IEEE/ACM Transactions on Networking (TON)
Performance improvement of two-dimensional packet classification by filter rephrasing
IEEE/ACM Transactions on Networking (TON)
Modified collision packet classification using counting Bloom filter in tuple space
PDCN'07 Proceedings of the 25th conference on Proceedings of the 25th IASTED International Multi-Conference: parallel and distributed computing and networks
Two stage packet classification using most specific filter matching and transport level sharing
Computer Networks: The International Journal of Computer and Telecommunications Networking
High-speed packet classification using binary search on length
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
Scalable packet classification by TCAM entry encryption algorithm
Journal of High Speed Networks
Network Security: Know It All: Know It All
Network Security: Know It All: Know It All
Distributed flow detection over multi path sessions
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Acceleration of decision tree searching for IP traffic classification
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Low power architecture for high speed packet classification
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Journal of Computer Systems, Networks, and Communications
Scalable packet classification with controlled cross-producting
Computer Networks: The International Journal of Computer and Telecommunications Networking
Linear connectivity problems in directed hypergraphs
Theoretical Computer Science
LOP: a novel SRAM-based architecture for low power and high throughput packet classification
CODES+ISSS '09 Proceedings of the 7th IEEE/ACM international conference on Hardware/software codesign and system synthesis
Packet classification using diagonal-based tuple space search
Computer Networks: The International Journal of Computer and Telecommunications Networking
A high-speed and EDP-efficient range-matching scheme for packet classification
IEEE Transactions on Circuits and Systems II: Express Briefs
A formal logic approach to firewall packet filtering analysis and generation
Artificial Intelligence Review
Linear-tree rule structure for firewall optimization
CIIT '07 The Sixth IASTED International Conference on Communications, Internet, and Information Technology
Scalable packet classification through rulebase partitioning using the maximum entropy hashing
IEEE/ACM Transactions on Networking (TON)
Distributed flow detection over multi-path sessions
Computer Communications
Analysis of firewall policy rules using traffic mining techniques
International Journal of Internet Protocol Technology
Hierarchical packet classification using a Bloom filter and rule-priority tries
Computer Communications
Leveraging parallelism for multi-dimensional packetclassification on software routers
Proceedings of the ACM SIGMETRICS international conference on Measurement and modeling of computer systems
A prefix-distribution adaptive scheme for routing lookup acceleration
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Ant Colony Optimization based approach for efficient packet filtering in firewall
Applied Soft Computing
A fast IPv6 packet classification algorithm based on efficient multi-bit selection
Computer Communications
EffiCuts: optimizing packet classification for memory and throughput
Proceedings of the ACM SIGCOMM 2010 conference
NetShield: massive semantics-based vulnerability signature matching for high-speed networks
Proceedings of the ACM SIGCOMM 2010 conference
Hashing round-down prefixes for rapid packet classification
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Progressive hashing for packet processing using set associative memory
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
ERFC: an enhanced recursive flow classification algorithm
Journal of Computer Science and Technology
TreeCAM: decoupling updates and lookups in packet classification
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
A polyclonal selection clustering for packet classification
FSKD'06 Proceedings of the Third international conference on Fuzzy Systems and Knowledge Discovery
Intelligent DDoS packet filtering in high-speed networks
ISPA'05 Proceedings of the Third international conference on Parallel and Distributed Processing and Applications
Performance improvement of hardware-based packet classification algorithm
ICN'05 Proceedings of the 4th international conference on Networking - Volume Part II
Network of shortcuts: an adaptive data structure for tree-based search methods
NETWORKING'05 Proceedings of the 4th IFIP-TC6 international conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communication Systems
A cache architecture for counting bloom filters: theory and application
Journal of Electrical and Computer Engineering
Accelerating network security services with fast packet classification
Computer Communications
Ordered lookup with bypass matching for scalable per-flow classification in layer 4 routers
Computer Communications
A new hierarchical packet classification algorithm
Computer Networks: The International Journal of Computer and Telecommunications Networking
Towards systematic roadmaps for networked systems
Proceedings of the 11th ACM Workshop on Hot Topics in Networks
Firewall packet filtering optimization using statistical traffic awareness test
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Hint-based cache design for reducing miss penalty in HBS packet classification algorithm
Journal of Parallel and Distributed Computing
Hardware accelerators targeting a novel group based packet classification algorithm
International Journal of Reconfigurable Computing
| Hi-index | 0.01 |
Routers must perform packet classification at high speeds to efficiently implement functions such as firewalls and QoS routing. Packet classification requires matching each packet against a database of filters (or rules), and forwarding the packet according to the highest priority filter. Existing filter schemes with fast lookup time do not scale to large filter databases. Other more scalable schemes work for 2-dimensional filters, but their lookup times degrade quickly with each additional dimension. While there exist good hardware solutions, our new schemes are geared towards software implementation.We introduce a generic packet classification algorithm, called Tuple Space Search (TSS). Because real databases typically use only a small number of distinct field lengths, by mapping filters to tuples even a simple linear search of the tuple space can provide significant speedup over naive linear search over the filters. Each tuple is maintained as a hash table that can be searched in one memory access. We then introduce techniques for further refining the search of the tuple space, and demonstrate their effectiveness on some firewall databases. For example, a real database of 278 filters had a tuple space of 41 which our algorithm prunes to 11 tuples. Even as we increased the filter database size from 1K to 100K (using a random two-dimensional filter generation model), the number of tuples grew from 53 to only 186, and the pruned tuples only grew from 1 to 4. Our Pruned Tuple Space search is also the only scheme known to us that allows fast updates and fast search times. We also show a lower bound on the general tuple space search problem, and describe an optimal algorithm, called Rectangle Search, for two-dimensional filters.