Packet Classification with Hierarchical Cross-Producting

Packet classification has become one of the most important application techniques in network security since the last decade. The technique involves a traffic descriptor or user-defined criteria to categorize packets to a specific forwarding class which will be accessible for future security handling. To achieve fast packet classification, we propose a new scheme, Hierarchical Cross-Producting. This approach simplifies the classification procedure and decreases the distinct combinations of fields by hierarchically decomposing the multi-dimensional space based on the concept of telescopic search. Analogous to the use of telescopes with different powers**, a multiple-step process is used to search for targets. In our scheme, the multi-dimensional space is endowed with a hierarchical property which self-divides into several smaller subspaces, whereas the procedure of packet classification is translated into recursive searching for matching subspaces. The required storage of our scheme could be significantly reduced since the distinct field specifications of subspaces is manageable. The performance are evaluated based on both real and synthetic filter databases. The experimental results demonstrate the effectiveness and scalability of the proposed scheme.

[1]  Huan Liu,et al.  Subspace clustering for high dimensional data: a review , 2004, SKDD.

[2]  T. V. Lakshman,et al.  Beyond best effort: router architectures for the differentiated services of tomorrow's Internet , 1998, IEEE Commun. Mag..

[3]  T. V. Lakshman,et al.  High-speed policy-based packet forwarding using efficient multi-dimensional range matching , 1998, SIGCOMM '98.

[4]  Thomas Y. C. Woo A modular approach to packet classification: algorithms and results , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[5]  T. V. Lakshman,et al.  Efficient multimatch packet classification and lookup with TCAM , 2005, IEEE Micro.

[6]  George Varghese,et al.  Fast and scalable layer four switching , 1998, SIGCOMM '98.

[7]  Danny Hendler,et al.  Layered Interval Codes for TCAM-Based Classification , 2009, INFOCOM.

[8]  Marios Hadjieleftheriou,et al.  R-Trees - A Dynamic Index Structure for Spatial Searching , 2008, ACM SIGSPATIAL International Workshop on Advances in Geographic Information Systems.

[9]  Venkatachary Srinivasan,et al.  Packet classification using tuple space search , 1999, SIGCOMM '99.

[10]  Venkatachary Srinivasan,et al.  A packet classification and filter management system , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[11]  David E. Taylor Survey and taxonomy of packet classification techniques , 2005, CSUR.

[12]  Jonathan S. Turner,et al.  ClassBench: a packet classification benchmark , 2005, INFOCOM 2005.

[13]  George Varghese,et al.  Packet classification using multidimensional cutting , 2003, SIGCOMM '03.

[14]  Haoyu Song,et al.  Efficient packet classification for network intrusion detection using FPGA , 2005, FPGA '05.

[15]  Bernhard Plattner,et al.  Scalable high speed IP routing lookups , 1997, SIGCOMM '97.

[16]  George Varghese,et al.  Scalable packet classification , 2001, SIGCOMM 2001.

[17]  Nick McKeown,et al.  Packet classification on multiple fields , 1999, SIGCOMM '99.

[18]  George Varghese,et al.  Packet classification for core routers: is there an alternative to CAMs? , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[19]  Chia-Tai Chan,et al.  (IEEE Transactions on Multimedia,06(6): 925-935)High-Speed Packet Classification for Differentiated Services in NGNs , 2004 .

[20]  Anand Rangarajan,et al.  Algorithms for advanced packet classification with ternary CAMs , 2005, SIGCOMM '05.

[21]  Yasuaki Nakamura,et al.  Spatial data structures for version management of engineering drawings in CAD database , 2003, 12th International Conference on Image Analysis and Processing, 2003.Proceedings..

[22]  Danny Hendler,et al.  Space-Efficient TCAM-Based Classification Using Gray Coding , 2007, IEEE Transactions on Computers.

[23]  Haoyu Song,et al.  Design and evaluation of packet classification systems , 2006 .

[24]  Pankaj Gupta,et al.  Packet Classification using Hierarchical Intelligent Cuttings , 1999 .

[25]  Chia-Tai Chan,et al.  High-speed packet classification for differentiated services in next-generation networks , 2004, IEEE Transactions on Multimedia.