McHale et al., 2014 - Google Patents
Stochastic pre-classification for SDN data plane matchingMcHale et al., 2014
View PDF- Document ID
- 7774280554110083712
- Author
- McHale L
- Casey J
- Gratz P
- Sprintson A
- Publication year
- Publication venue
- 2014 IEEE 22nd International Conference on Network Protocols
External Links
Snippet
The Software Defined Networking (SDN) approach has numerous advantages, including the ability to program the network through simple abstractions, provide a centralized view of network state, and respond to changing network conditions. One of the main challenges in …
- 230000000694 effects 0 abstract description 9
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup or address filtering
- H04L45/7453—Address table lookup or address filtering using hashing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic regulation in packet switching networks
- H04L47/10—Flow control or congestion control
- H04L47/24—Flow control or congestion control depending on the type of traffic, e.g. priority or quality of service [QoS]
- H04L47/2441—Flow classification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup or address filtering
- H04L45/7457—Address table lookup or address filtering using content-addressable memories [CAM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/30—Peripheral units, e.g. input or output ports
- H04L49/3009—Header conversion, routing tables or routing tags
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/02—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
- H04L43/026—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Daly et al. | Tuplemerge: Fast software packet processing for online packet classification | |
| US11811660B2 (en) | Flow classification apparatus, methods, and systems | |
| Basat et al. | Designing heavy-hitter detection algorithms for programmable switches | |
| Lu et al. | A memory-efficient parallel string matching architecture for high-speed intrusion detection | |
| US8599859B2 (en) | Iterative parsing and classification | |
| US10491521B2 (en) | Field checking based caching of ACL lookups to ease ACL lookup search | |
| Banerjee et al. | Tag-in-tag: Efficient flow table management in sdn switches | |
| US20060221956A1 (en) | Methods for performing packet classification via prefix pair bit vectors | |
| US20060221967A1 (en) | Methods for performing packet classification | |
| CN104509063B (en) | Method and device for improving hardware utilization of two-way access control lists in low-latency high-throughput networks | |
| McHale et al. | Stochastic pre-classification for SDN data plane matching | |
| WO2014041451A1 (en) | Using special-case hardware units for facilitating access control lists on networking element | |
| Dharmapurikar et al. | Design and implementation of a string matching system for network intrusion detection using FPGA-based bloom filters | |
| Nallusamy et al. | Decision Tree‐Based Entries Reduction scheme using multi‐match attributes to prevent flow table overflow in SDN environment | |
| CN101714948B (en) | A kind of sorting technique of net bag of multiple domain and device | |
| Puš et al. | Fast and scalable packet classification using perfect hash functions | |
| Li et al. | Taming the wildcards: Towards dependency-free rule caching with freecache | |
| Shen et al. | Optimizing multi-dimensional packet classification for multi-core systems | |
| Shen et al. | RVH: Range-vector hash for fast online packet classification | |
| Antichi et al. | Design and development of an openflow compliant smart gigabit switch | |
| Artan et al. | A 10-Gbps high-speed single-chip network intrusion detection and prevention system | |
| Yamaki et al. | Line replacement algorithm for L1-scale packet processing cache | |
| Ghoshal et al. | Stochastic pre-classification for software defined firewalls | |
| Shankar et al. | Deep packet inspection in residential gateways and routers: Issues and challenges | |
| Sun et al. | Openflow accelerator: A decomposition-based hashing approach for flow processing |