how many ways can you slice a classifier
play

How many ways can you slice a classifier? Exploring HPC - PowerPoint PPT Presentation

Jul 04, 2023 •273 likes •619 views

Lawrence Livermore National Laboratory How many ways can you slice a classifier? Exploring HPC architectures and programming models for data analytics Maya B. Gokhale Lawrence Livermore National Laboratory This work performed under the

  1. Lawrence Livermore National Laboratory How many ways can you slice a classifier? Exploring HPC architectures and programming models for data analytics Maya B. Gokhale Lawrence Livermore National Laboratory This work performed under the auspices of the U.S. Department of Energy by Lawrence Livermore National Laboratory under Contract DE-AC52-07NA27344.

  2. HPC architectures: simulation vs. analytics TLCC SU compute node Yahoo terabyte sort cluster node dual socket, quad core Xeon dual socket, quad core Xeon 8GB RAM 8GB RAM 4x DDR IB (peak 16Gb/s) 1 Gb Ethernet no local storage 4 SATA disks/node I/O node connects to 47GB/s Lustre storage Lawrence Livermore National Laboratory 2

  3. HPC Programming models: simulation vs. analytics HPC simulations HPC analytics  primarily SPMD programming  SPMD for analysis with model supported by MPI Map/Reduce state is held in memory across streaming for data ingest,   all the nodes processing  nodes participate in periodic • tightly coupled pipelines message exchange and data flow graphs  I/O to load parameters and to  I/O is integral to computation write checkpoint files  widespread use of commercial  favored by DOE community databases and business intelligence products Lawrence Livermore National Laboratory 3

  4. Hardware assist for streaming analytics  FPGA hardware captures signal, • network packet analytics pipeline is • customized to the application many configurations • − PCI-E, GigE, A/D Tilera 8 x 8 custom processors local cache, shared memory mesh interconnection network many configurations PCI-E, GigE Lawrence Livermore National Laboratory 4

  5. Case study: background  Cybersecurity research • advanced analytic processing of streaming data • forensic analysis of pcap files  Classifier to detect malicious HTTP get requests  Algorithm: Brian Gallagher, Tina Eliassi-Rad  Hadoop: Tamara Dahlgren  Tilera: Phil Top  FPGA: Craig Ulmer (Sandia) Lawrence Livermore National Laboratory 5

  6. Malicious HTTP request classifier  HTTP is the universal conduit for web traffic • Simple, plain-text formatting • Gateway to databases, files, executables  Malicious users also use these interfaces • Query a DB, invoke commands • Obfuscate commands, game network filters  Can we detect attacks forensically?  Can we detect attacks on the wire? Lawrence Livermore National Laboratory 6

  7. ECML/PKDD 2007 Discovery Challenge  HTTP Traffic Classification • Apply machine learning to identify malicious activity in HTTP Hand-labeled datasets of HTTP flows  • Training: 50K inputs, 30% attacks • Competition: 70K inputs, 40% attacks • 7 Attack Types XSS, SQL/LDAP/XPATH injection, path traversal, command execution, and SSI Flow Example GET /eH/first_str/2hFnull6/oixsotcwrseamgit2/38PrR_Lkmmzo.htm Host: www.a215Een.st:15 drop table connect Connection: close odbc Accept: */* statement Accept-Charset: *;q=0.4 Accept-Encoding: * Accept-Language: boHEor-sen0, gte-htmse4 oS, 3TeoUsHn-asrao;q=0.2, paly-wreihi, 78iiqths-ar;q=0.3 Cache-Control: no-store Client-ip: 200.91.18.159 Cookie: uciy2kleicl=%3C%21--+%23odbc++++++++++++++connect%3D%226at8h%2CHcteil%2CeHnNa%22+++++statement%3D%22drop+table+elkbO… Lawrence Livermore National Laboratory 7

  8. Gallagher/Eliassi-Rad approach  All HTTP requests of a particular attack type constitute a single document  In training phase, compute a TF/IDF vector for all the terms of each attack “document”  On the testing data set of HTTP requests, compute the TF/IDF of each request “document”  Classify the test data HTTP request according to the closest match to attack TFIDFs Lawrence Livermore National Laboratory 8

  9. TF/IDF  Well-know information retrieval metric  Term-Frequency, Inverse Document Frequency • TF: How often does each term appear in a document? • IDF: How specific is the term to the document?  Cosine Similarity • Vector dot product to estimate angle between input and attack Salton, Gerard and Buckley, C. (1988). "Term-weighting approaches in automatic text retrieval". Information Processing & Management , 24 (5): 513–523. Lawrence Livermore National Laboratory 9

  10. LLNL Approach Achieved 95% Accuracy  Brian Gallagher and Tina Eliassi-Rad LLNL-PRES-408823 HTTP  Vector approach TF-IDF Traces Training • Tokenize input (50K) • Assign weights to tokens via TF-IDF • Cosine similarity for vector TF-IDF comparison Dictionary  Relies on a data dictionary • Generate term statistics during HTTP training HTTP Traces Classifier (70K) • Reference statistics at runtime Top 3 SSI Classifier Terms Top 3 OS Commanding Classifier Terms Term IDF Weight Term IDF Weight odbc 2.079 0.0134 .. 1.386 0.0057 statement 2.079 0.0134 dir 2.079 0.0053 -- 0.988 0.0126 /c 2.079 0.0051 Lawrence Livermore National Laboratory 10

  11. Data intensive parallel architectures for TFIDF  Hadoop cluster • data parallel programming environment with structured compute-scatter/gather phases • suitable for retrospective analysis  Tilera chip • 64-core chip derived from MIT RAW architecture supporting linux/C environment • supports streaming computation, particularly for network packets  FPGA • versatile programmable logic chip • supports a variety of data flow patterns, especially streaming • complex tool chain - hardware is ultimately generated Lawrence Livermore National Laboratory 11

  12. Hadoop Distributed File System (HDFS) Design Emphasis: • Centralized Namenode for metadata operations • Fault tolerance: data redundancy • Write once, Read many for large files split across Data Nodes • “Moving Computation is Cheaper than Moving Data” [ http://lucene.apache.org/hadoop/ ] Lawrence Livermore National Laboratory 12

  13. TFIDF on Hadoop cluster Java implementation • wrapped in map/reduce framework • each mapper processes an input split • 19 worker nodes, 1 namenode •Two Intel Xeon 2.40GHz CPUs,4GB RAM and 1 local hard disk at 80GB • original Java program runs at ~1MB/s. • Tammy Dahlgren, LLNL Lawrence Livermore National Laboratory 13

  14. Tilera 8x8 array of 700 MHz custom 32-bit integer processors, runs Linux Custom 2D on-chip switched mesh interconnect with 5 communication networks 4 dynamic, 1 static user controlled communication Memory, cache  Chip includes 10 Gb ethernet port, PCI express operations ports, DDR2 memory controller IO operations  Card has 6 1Gb ethernet ports Lawrence Livermore National Laboratory 14

  15. Tilera TFIDF mapping  Goals: fit classifier dictionary in 64KB L2 cache of each tile; stream the data Approach  Use an array to hold a state machine: no tokenizing! • − input character code is row index, current state is column index − array value contains next state and a key − when token terminator is read, the key associated with current state is incremented − Unknown token will hopefully fall off the paths and go into a waiting column. Strength: linear in size of document, fits in memory • Weaknesses • − increase false positive rate (255 strings per map) − Fairly complex array generator − Uses random number generation to generate the next index Philip Top, LLNL Lawrence Livermore National Laboratory 15

  16. Layout  Place a processing block for a single attack type in a single processor  Use multiple processing blocks for parallel processing  Each block processes all the different categories in parallel  Run the data through in a streaming fashion  Use as co-processor in conjunction with host CPU initially  Stream packets off wire in production mode Lawrence Livermore National Laboratory 16

  17. Overall Layout Proc
1 CPU Proc
2 Aggregator\analyzer Proc
3 or Proc
4 GigE Proc
5 Proc
6 Lawrence Livermore National Laboratory 17

  18. Processing layout Splitter Splitter Splitter Collector Splitter Splitter Splitter Type
N Lawrence Livermore National Laboratory 18

  19. Example Simple state machine with four terms • Select • Drop • Odbc • Statement The rows representing letters contain the next column to examine Lawrence Livermore National Laboratory 19

  20. Lawrence Livermore National Laboratory 20

  21. Tilera Implementation  Packets are transmitted from the CPU to the Tilera through the PCI bus using the zero copy transfer mechanisms.  The CPU process is multithreaded on both transmit and receive.  The Tilera ingest blocks receive the data from the CPU then transmit the data using broadcast messages to the individual processing blocks.  Each processing block has a dedicated tile Lawrence Livermore National Laboratory 21

  22. Processing Blocks  Blocks loop through the characters in the packet  The tokens are counted, and at the end of the packet the score is computed for each type according to the formula. • The scores computation is fast due the fact that most of the matching tokens have 0 matches, so there are a lot of zeros which is fast even in a core without hardware floating point. Lawrence Livermore National Laboratory 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Slices Chapter 10 SL1 Program slice What is a program slice? SL2 Program slice

Slices Chapter 10 SL1 Program slice What is a program slice? SL2 Program slice

Slices Chapter 10 SL1 Program slice What is a program slice? SL2 Program slice Informally What is a program slice? A program slice is a set of program statements that contributes to or affects the value of a variable at

517 views • 18 slides
The Time Slice Axiom in Perturbative Quantum Field Theory Klaus Fredenhagen 1 II. Institut f

The Time Slice Axiom in Perturbative Quantum Field Theory Klaus Fredenhagen 1 II. Institut f

Introduction Time slice axiom for a free scalar field The algebra of Wick polynomials Time slice axiom for Wick polynomials Time slice axiom for interacting field theories Conclusions and Outlook The Time Slice Axiom in Perturbative Quantum

228 views • 18 slides
1 Multi-Slice CT Multi-Slice CT Wider beam widths Thinner slices and more of them Z -

1 Multi-Slice CT Multi-Slice CT Wider beam widths Thinner slices and more of them Z -

Multi-Slice CT Image quality and capability increasing The impact of MDCT on optimisation and 2006 quality assurance of CT scanners < 0.4s rotation 64 x 0.5 mm slices Dose S. Edyvean Imaging Performance Assessment

605 views • 14 slides
Maximum Entropy Classifier Ensembling using Ge- netic Algorithm for NER in Bengali Asif Ekbal 1

Maximum Entropy Classifier Ensembling using Ge- netic Algorithm for NER in Bengali Asif Ekbal 1

Outline Background and Motivation Classifier Ensembling Genetic Algorithms Proposed Method of Classifier Ensemble Feature Set Used Experimental Results Conclusions Future Works Maximum Entropy Classifier Ensembling using Ge- netic

749 views • 36 slides
How Should I Slice My Network? Hailiang ZHAO @ ZJU-CS htp://hliangzhao.me December 22, 2019 This

How Should I Slice My Network? Hailiang ZHAO @ ZJU-CS htp://hliangzhao.me December 22, 2019 This

How Should I Slice My Network? Hailiang ZHAO @ ZJU-CS htp://hliangzhao.me December 22, 2019 This slide is a report on paper How Should I Slice My Network? A Multi-Service Empirical Evaluation of Resource Sharing Efficiency , published on

973 views • 44 slides
Classifier Classifier Systems Systems

Classifier Classifier Systems Systems

Classifier Classifier Systems Systems Christian Jacob Christian Jacob jacob@cpsc.ucalgary.ca Department of Computer Science University of Calgary

289 views • 28 slides
{ output 1 if a q . y = 0 if a < q w n x n 3 1 9/27/2016 Training a classifier

{ output 1 if a q . y = 0 if a < q w n x n 3 1 9/27/2016 Training a classifier

9/27/2016 Classification INF3490 - Biologically inspired computing Lecture 28th September 2016 DOG Trained Classifier Multi-Layer Neural Networks Kai Olav Ellefsen Perceptron Training a classifier (supervised learning) inputs x 1

592 views • 18 slides
Autonomic Slice Networking draft-galis-anima-autonomic-slice-networking-01 V1.0 10 th November

Autonomic Slice Networking draft-galis-anima-autonomic-slice-networking-01 V1.0 10 th November

Autonomic Slice Networking draft-galis-anima-autonomic-slice-networking-01 V1.0 10 th November 2016 Prof. Alex Galis Kiran Makhijani Delei Yu a.gais@ucl.ac.uk; http://www.ee.ucl.ac.uk/~agalis/ yudelei@huawei.com kiran.makhijani@huawei.com

379 views • 13 slides
Slice sampling Dr. Jarad Niemi STAT 615 - Iowa State University November 14, 2017 Jarad Niemi

Slice sampling Dr. Jarad Niemi STAT 615 - Iowa State University November 14, 2017 Jarad Niemi

Slice sampling Dr. Jarad Niemi STAT 615 - Iowa State University November 14, 2017 Jarad Niemi (STAT615@ISU) Slice sampling November 14, 2017 1 / 26 Slice sampling Slice sampling Suppose the target distribution is p ( | y ) with scalar

1.13k views • 26 slides
Lazy Associative Classification Decision Tree Classifier (Eager) Associative Classifier By

Lazy Associative Classification Decision Tree Classifier (Eager) Associative Classifier By

Contents: Classification Lazy Associative Classification Decision Tree Classifier (Eager) Associative Classifier By Adriano Veloso,Wagner Meira Jr. , Mohammad J. Zaki Comparison between Decision Tree and Associative Classifier

105 views • 7 slides
Linear Classification w T x i is the classifier score for the instance x i The score can be used

Linear Classification w T x i is the classifier score for the instance x i The score can be used

Linear Classification w T x i is the classifier score for the instance x i The score can be used in different ways to make a classification. Perceptron: output positive class if score is at least 0, otherwise output negative class Today:

679 views • 30 slides
Classifier Selection Nicholas Ver Hoeve Craig Martek Ben Gardner Classifier Ensembles Assume

Classifier Selection Nicholas Ver Hoeve Craig Martek Ben Gardner Classifier Ensembles Assume

Classifier Selection Nicholas Ver Hoeve Craig Martek Ben Gardner Classifier Ensembles Assume we have an ensemble of classifiers with a well-chosen feature set. We want to optimize the competence of this system. Simple enhancements include:

512 views • 27 slides
1 How Distribution of Classifier Values Stratified Trial Design: Affect Classifier Performance

1 How Distribution of Classifier Values Stratified Trial Design: Affect Classifier Performance

Trial Designs Assessing Application of Impact of Sensitivity and Biomarkers in Clinical Practice Specificity on Sample Size for Discovery Research Hypothesis: there is a Biomarker Trial Design validated biomarker classifier that accurately

501 views • 3 slides
Pr Proto toDUNE-SP SP HV HVS Vertical Slice Test FRP Current Kevin Wood May 29, 2018 HV

Pr Proto toDUNE-SP SP HV HVS Vertical Slice Test FRP Current Kevin Wood May 29, 2018 HV

Pr Proto toDUNE-SP SP HV HVS Vertical Slice Test FRP Current Kevin Wood May 29, 2018 HV HV Deliv eliver ery Chain ain Tes est t (I) I) Vertical slice test before installing at 38.2 mm Cable NP04 Power supply, cables,

508 views • 5 slides
-Present status and ongoing preparations- Markus Moritz, 2nd Physics Institute PANDA CM, Nov.

-Present status and ongoing preparations- Markus Moritz, 2nd Physics Institute PANDA CM, Nov.

Barrel slice assembly -Present status and ongoing preparations- Markus Moritz, 2nd Physics Institute PANDA CM, Nov. 2016 Outline Module Assembly Slice Coordinate System Slice Assembly Workspace & Tools Light Pulser Fiber

565 views • 23 slides
The time slice axiom in perturbative QFT on globally hyperbolic spacetimes Bruno Chilian June 7

The time slice axiom in perturbative QFT on globally hyperbolic spacetimes Bruno Chilian June 7

The time slice axiom in perturbative QFT on globally hyperbolic spacetimes Bruno Chilian June 7 2008 Overview Introduction: The time slice axiom in AQFT Outline of the proof First step: Wick-Polynomials Second step: Perturbation Theory

439 views • 25 slides
Relevance Feedback for Association Rules by Leveraging Concepts from Information Retrieval Georg

Relevance Feedback for Association Rules by Leveraging Concepts from Information Retrieval Georg

Relevance Feedback for Association Rules by Leveraging Concepts from Information Retrieval Georg Ru, russ@iws.cs.uni-magdeburg.de Mirko Bttcher, mail@mirkoboettcher.de Prof. Dr. Rudolf Kruse, kruse@iws.cs.uni-magdeburg.de December 12th,

179 views • 14 slides
Data Mining in Bioinformatics Day 4: Text Mining Karsten Borgwardt February 21 to March 4, 2011

Data Mining in Bioinformatics Day 4: Text Mining Karsten Borgwardt February 21 to March 4, 2011

Data Mining in Bioinformatics Day 4: Text Mining Karsten Borgwardt February 21 to March 4, 2011 Machine Learning & Computational Biology Research Group MPIs Tbingen .: Data Mining in Bioinformatics, Page 1 What is text mining?

813 views • 31 slides
Harmony Assumptions: Extending Probability Theory for Information Retrieval (IR) and for

Harmony Assumptions: Extending Probability Theory for Information Retrieval (IR) and for

Harmony Assumptions: Extending Probability Theory Harmony Assumptions: Extending Probability Theory for Information Retrieval (IR) and for Databases (DB) and for Knowledge Management (KM) and for Machine Learning (ML) and for Artificial

394 views • 25 slides
Scoring (Vector Space Model) CE-324: Modern Information Retrieval Sharif University of Technology

Scoring (Vector Space Model) CE-324: Modern Information Retrieval Sharif University of Technology

Scoring (Vector Space Model) CE-324: Modern Information Retrieval Sharif University of Technology M. Soleymani Spring 2020 Most slides have been adapted from: Profs. Manning, Nayak & Raghavan (CS-276, Stanford) Outline } Ranked retrieval

497 views • 49 slides
Recommending Remedial Learning Materials to the Students by Filling their Knowledge Gaps Konstantin

Recommending Remedial Learning Materials to the Students by Filling their Knowledge Gaps Konstantin

Recommending Remedial Learning Materials to the Students by Filling their Knowledge Gaps Konstantin Bauman Stern School of Business, New York University (joint work with Alexander Tuzhilin) EdRecSys October 13, 2016 Outline of the Talk

745 views • 46 slides
Text Classification Contd + Document Representations Prof. Sameer Singh CS 295: STATISTICAL NLP

Text Classification Contd + Document Representations Prof. Sameer Singh CS 295: STATISTICAL NLP

Text Classification Contd + Document Representations Prof. Sameer Singh CS 295: STATISTICAL NLP WINTER 2017 January 17, 2017 Based on slides from Nathan Schneider, Noah Smith, Dan Klein and everyone else they copied from. Outline Logistic

1.04k views • 35 slides
A Labeled Data Set For Flow-based Intrusion Detection Anna Sperotto, Ramin Sadre, Frank van

A Labeled Data Set For Flow-based Intrusion Detection Anna Sperotto, Ramin Sadre, Frank van

A Labeled Data Set For Flow-based Intrusion Detection Anna Sperotto, Ramin Sadre, Frank van Vliet, Aiko Pras Design and Analysis of Communication Systems University of Twente, The Netherlands NMRG Workshop on Netflow/IPFIX Usage in Network

592 views • 21 slides
Type Checking Grammar Rule Semantic Rule var-decl id : type-exp Insert (id.name, type-exp .

Type Checking Grammar Rule Semantic Rule var-decl id : type-exp Insert (id.name, type-exp .

Type Checking Grammar Rule Semantic Rule var-decl id : type-exp Insert (id.name, type-exp . type ) type-exp int type-exp . type := integer type-exp bool type-exp . type := boolean type-exp 1 array type-exp 1 . type := [num] of

613 views • 7 slides

More recommend