Large-Throughput Anomaly Prevention Mechanism Implemented in Dynamic Reconfigurable Processor(<Special Section>Networking Technologies for Overlay Networks)
スポンサーリンク
概要
- 論文の詳細を見る
Large-throughput anomaly prevention mechanism in the upstream side of high-speed (over 10-Gbps) networks is required to prevent various anomalies such as distributed denial of service (DDoS) from causing various network problems. This mechanism requests the processors achieving not only high-speed response for analyzing many packets in a short time but also the flexibility to update the anomaly prevention algorithm. In this research, I assumed a dynamic reconfigurable processor (DRP) was most effective in achieving this anomaly prevention mechanism, for processors used in nodes with the mechanism, and I designed an anomaly prevention mechanism using DRPs. The mechanism can shorten anomaly prevention time in high-speed (10Gbps) lines using an all-packet analysis. Through a simulation, I achieved the goal of the mechanism achieving a throughput of 83-M packets per second using three DRPs (432 execution elements used). Moreover, with the prototype, it was confirmed that the proposed mechanism prevented anomalies in a short time (constant 0.01 second), which was 3000 times faster than that of a legacy mechanism using a packet sampling method. I also proposed integrated prevention, which was able to reduce the number of execution elements comprising anomaly prevention algorithm against various kinds of anomalies. It was achieved with a simulation that the proposed integrated prevention against three kinds of anomalies (DDoS, worm, and peer to peer (P2P)) reduced the number of execution elements by 24% compared to legacy prevention. In addition, non-stop update was proposed to maintain throughput when updating an anomaly prevention algorithm without packet loss. It was confirmed with a simulation that there was enough time for non-stop update in 10Gbps×4 lines.
- 2006-09-01
著者
関連論文
- Large-Throughput Anomaly Prevention Mechanism Implemented in Dynamic Reconfigurable Processor(Networking Technologies for Overlay Networks)
- Query-Transaction Acceleration Using a DRP Enabling High-Speed Stateful Packet-by-Packet Self-Reconfiguration(Reconfigurable System and Applications,Reconfigurable Systems)
- BS-7-48 QoS Control Technology for Multi"-"Site Communication with WAN Accelerator