MultiLayer processing - an execution model for parallel stateful packet processing
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
A Multi-dimensional Progressive Perfect Hashing for High-Speed String Matching
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
Detection and classification of peer-to-peer traffic: A survey
ACM Computing Surveys (CSUR)
| Hi-index | 0.00 |
In this dissertation, we developed high speed packet processing algorithms for new services such as network intrusion detection, high speed firewalls, Network Address Translation (NAT), Hypertext Transfer Protocol (HTTP) load balancing, Extensible Markup Language (XML) processing, and Transmission Control Protocol (TCP) offloading. These new services have stringent requirements for speed, extensibility, scalability, and cost-effectiveness. For example, some services require rapid scanning of packets against thousands of known patterns. Traditional packet handling techniques, such as next hop forwarding, focus on packet headers only and fail to support these demanding requirements. This thesis research aims to provide fast and efficient deep packet inspection techniques that can function on the entire packet content rather than just the header. To keep up with high speed packet processing in existing networks, we proposed deep packet inspection schemes that are optimized for new technologies such as Ternary Content Addressable Memory (TCAM) and multi-core processors. We propose algorithms that work both on packet headers and packet payload. Our techniques form a cohesive architecture that can perform Gigbit rate packet scanning against thousands of sophisticated patterns.