Publication Details
Software Defined Monitoring of Application Protocols
FPGA, Monitoring, Acceleration, Application protocols, L7
Current high-speed network monitoring systems focus more and more on the data
from the application layers. Flow data is usually enriched by the information
from HTTP, DNS and other protocols. The increasing speed of the network links,
together with the time consuming application protocol parsing, require a new way
of hardware acceleration. Therefore, we propose a new concept of hardware
acceleration for flexible flow-based application level monitoring, which we call
Software Defined Monitoring (SDM). The concept relies on smart monitoring tasks
implemented in the software in conjunction with a configurable hardware
accelerator. The hardware accelerator is an application-specific processor
tailored to stateful flow processing. The monitoring tasks reside in the software
and can easily control the level of detail retained by the hardware for each
flow. This way, the measurement of bulk/uninteresting traffic is offloaded to the
hardware, while the advanced monitoring over the interesting traffic is performed
in the software. The proposed concept allows one to create flexible monitoring
systems capable of deep packet inspection at high throughput. Our pilot
implementation in FPGA is able to perform a 100 Gb/s flow traffic measurement
augmented by a selected application-level protocol parsing.
@inproceedings{BUT111611,
author="Lukáš {Kekely} and Viktor {Puš} and Jan {Kořenek}",
title="Software Defined Monitoring of Application Protocols",
booktitle="Proceedings of IEEE INFOCOM 2014 - IEEE Conference on Computer Communications",
year="2014",
pages="1725--1733",
publisher="IEEE Computer Society",
address="Toronto",
doi="10.1109/INFOCOM.2014.6848110",
isbn="978-1-4799-3360-0",
url="https://www.fit.vut.cz/research/publication/10657/"
}