real time network measurements
play

Real-time Network Measurements Ran Ben Basat, Technion Joint work - PowerPoint PPT Presentation

Aug 15, 2023 •321 likes •532 views

Real-time Network Measurements Ran Ben Basat, Technion Joint work with Gil Einziger, Erez Waisbard (Nokia Bell Labs) Roy Friedman (Technion) and Marcello Luzieli (UFGRS) ACC Annual Workshop & Feder Prize Ceremony Network Measurements ACC

  1. Real-time Network Measurements Ran Ben Basat, Technion Joint work with Gil Einziger, Erez Waisbard (Nokia Bell Labs) Roy Friedman (Technion) and Marcello Luzieli (UFGRS) ACC Annual Workshop & Feder Prize Ceremony

  2. Network Measurements ACC Annual Workshop & Feder Prize Ceremony

  3. Network Measurements Counting Distinct Elements Elephant Flows Detection Sliding Windows Statistics DDoS Identification Load Balancing Worm Propagation Traffic Engineering Link-based SEO Link Utilization Caching Trend Detection Computing Quantiles Estimating the fraction of rare flows Data Log Analysis Customer Satisfaction Network Health Monitoring DDoS Detection ACC Annual Workshop & Feder Prize Ceremony

  4. Heavy Hitters How many packets has sent? Which flows are larger than 𝑈 ? Traditionally – must fit in the SRAM Year 2012 2014 2016 7 (SilkRoad, SIGCOMM 2017) SRAM (MB) 10-20 30-60 50-100 Can ’ t allocate a counter for each flow! ACC Annual Workshop & Feder Prize Ceremony

  5. Distributed Denial of Service ACC Annual Workshop & Feder Prize Ceremony

  6. Hierarchical Heavy Hitters (HHH) Hierarchical Heavy Hitters identify traffic clusters. They are at the core of numerous DDoS mitigation systems … DDoS attack (Aug. 2014) DREAM: dynamic resource allocation for software-defined Counting . ACM SIGCOMM 2014 LADS: Large-scale Automated DDoS Detection System. USENIX ATC 2006 Automatically Inferring Patterns of Resource Consumption in Network Traffic. ACM SIGCOMM 2003 ACC Annual Workshop & Feder Prize Ceremony

  7. DDoS Mitigation 181.7.20.1 Can we block only the 181.7.20.2 attacking devices? … 181.7.21.1 181.7.21.2 … ACC Annual Workshop & Feder Prize Ceremony

  8. Hierarchical Heavy Hitters Hierarchical Heavy Hitters identifies frequent: Flows ( heavy hitters) • Source networks. • Source-Destination pairs. • 181.7.∗.∗ 181.7.20.∗ 220.7.16.∗ 220.7.16.9 181.7.20.13 ACC Annual Workshop & Feder Prize Ceremony

  9. State of the art “ Count each prefix independently. ” Level0 Counting Level0 Counting Level1 Counting Level1 Counting 181.7.20.6 1.7.20.6 181.7.20.* Compute all Level2 Counting Level2 Counting 181.7.*.* prefixes 181.*.*.* *.*.*.* Level3 Counting Level3 Counting Level4 Counting Level4 Counting Mitzenmacher et al., Hierarchical Heavy Hitters with the Space Saving Algorithm, ALENEX 2012 ACC Annual Workshop & Feder Prize Ceremony

  10. Randomized HHH (Our work) “ Select a prefix at random and count it ” Level0 Counting Level1 Counting Level1 Counting 1.7.20.6 Compute a Level2 Counting 181.7.20.* random prefix Level3 Counting Level4 Counting ACC Annual Workshop & Feder Prize Ceremony

  11. Additional Speedup Level0 Counting Level1 Counting Level1 Counting With Compute a 181.7.20.* probability random 181.7.20.2 181.7.20.3 181.7.20.6 188.3.12.3 188.67.7.1 92.67.7.81 Level2 Counting 90% prefix Level3 Counting Level4 Counting Ignore packet ACC Annual Workshop & Feder Prize Ceremony

  12. We did the math Accuracy and convergence guarantees . After enough packets there are: 1. No false negatives. 2. No counting errors. 3. Only a few false positives. ACC Annual Workshop & Feder Prize Ceremony

  13. How much traffic is needed for convergence? “ Accuracy improves with the number of packets ” Counting Errors False Negatives 128M 128M packets packets 32M 32M packets packets One prefix One prefix per packet 10 packets ACC Annual Workshop & Feder Prize Ceremony

  14. Comparison with other HHH algorithms “ Accuracy improves with the number of packets ” One prefix per 10 packets One prefix per packet Mitzenmacher et al. Cormode et al., Finding hierarchical heavy hitters in streaming data, TKDD 2008 ACC Annual Workshop & Feder Prize Ceremony

  15. Virtual Switching DRAM is cheap  VM1 VM2 VM3 VM4 APP APP APP APP VMK OS OS OS OS Virtual NIC vSwitch Physical NIC The new bottleneck: CPU Physical switch ACC Annual Workshop & Feder Prize Ceremony

  16. Open vSwitch Implementation Server A: Traffic Generator – We send min-sized packets with headers from Internet traces. Server B: DPDK enabled Open vSwitch – Performs HHH Counting in data plane Traffic Generator Open vSwitch ACC Annual Workshop & Feder Prize Ceremony

  17. Comparing Implementation Overhead Highlights: Only - 4% overheads for HHH in the OVS data plane! + 250% throughput improvement compared to previous work. OVS One prefix per packet One prefix per 10 packets Mitzenmacher et al. ACC Annual Workshop & Feder Prize Ceremony

  18. Takeaways Real time hierarchical heavy hitters • measurement in networking devices. • Provable accuracy guarantees. • Open source code: https://github.com/ranbenbasat/RHHH ACC Annual Workshop & Feder Prize Ceremony ow to detect the maximal-prefix networks?

  19. Limitations and current projects Support for weights Support for sliding windows – No convergence time! Allowing time-based queries – “ What are the HHH for Jan 20 th 2018, 4PM-5PM? ” ACC Annual Workshop & Feder Prize Ceremony

  20. Any Questions ACC Annual Workshop & Feder Prize Ceremony

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Using Video-Based Measurements to Generate a Real-Time

Using Video-Based Measurements to Generate a Real-Time

Using Video-Based Measurements to Generate a Real-Time Network Traffic Map Yi Sun, Junchen Jiang, Vyas Sekar, Hui Zhang, Fuyuan Lin, Nanshu

364 views • 18 slides
Fieldbus : : Fieldbus Industrial Network Industrial Network Real Time Network Real Time

Fieldbus : : Fieldbus Industrial Network Industrial Network Real Time Network Real Time

Fieldbus : : Fieldbus Industrial Network Industrial Network Real Time Network Real Time Network Jean-Pierre Thomesse Institut National Polytechnique de Lorraine Nancy, France ETR 2005 - Fieldbus - Industrial Network - Real Time Network

1.4k views • 71 slides
Real-Time Handpiece measurements For the first time, it is now possible to digitally measure and

Real-Time Handpiece measurements For the first time, it is now possible to digitally measure and

ApexNRG RIDER A new concept in accuracy and reliability Real-Time Handpiece measurements For the first time, it is now possible to digitally measure and read the position of the file with the handpiece in Real-time. The Rider is a Digital

246 views • 21 slides
Modelling of the London Bus Network The Data London Open Transport API Real-time bus

Modelling of the London Bus Network The Data London Open Transport API Real-time bus

Alex Gubbay Real Time Graph Modelling of the London Bus Network The Data London Open Transport API Real-time bus arrivals at every stop 130,000 data points a minute Also provided: Real-time traffic incidents Real-time

173 views • 5 slides
RAP Tight integration with the physical world Location aware Communication patterns:

RAP Tight integration with the physical world Location aware Communication patterns:

Real-time Systems Speed/RAP/CODA Speed/RAP/CODA Many wireless sensor network applications require real-time support Surveillance and tracking Border patrol Fire fighting Real-time systems: Hard real-time: guarantee

476 views • 9 slides
Connecting to a Real Time GNSS Connecting to a Real Time GNSS Network with TopSURV Network with

Connecting to a Real Time GNSS Connecting to a Real Time GNSS Network with TopSURV Network with

Connecting to a Real Time GNSS Connecting to a Real Time GNSS Network with TopSURV Network with TopSURV July 2009 Connecting to a Real Time GNSS Network with TopSURV Training Agenda Training Agenda Two methods for Internet connection

986 views • 31 slides
The future of MSE: Towards real-time measurements and current profile control in ITER and KSTAR

The future of MSE: Towards real-time measurements and current profile control in ITER and KSTAR

The future of MSE: Towards real-time measurements and current profile control in ITER and KSTAR M. F. M. de Bock a,b , D. U. B. Aussems a , R. Barnsley b , J. Chung c , G. Hommen a , J. A. van Hooft a , R. T. Huijgen a , J. Ko c , D. Johnson d ,

509 views • 34 slides
Real time and comunications 1 Examples of use and data capture Network time Basic

Real time and comunications 1 Examples of use and data capture Network time Basic

Real time and comunications 1 Examples of use and data capture Network time Basic protocol for real-time traffic Protocol for the management of data flow Secure version of the protocol 2 What is real-time (time of

629 views • 33 slides
Applications - Real-time vs. near real-time Markus Peuhkuri 2004-08-18 Lecture Topics What

Applications - Real-time vs. near real-time Markus Peuhkuri 2004-08-18 Lecture Topics What

Applications - Real-time vs. near real-time Markus Peuhkuri 2004-08-18 Lecture Topics What network requirements Components for network Requirements by application Requirements for elastic flows (or look-alike)

210 views • 9 slides
Real- Real -Time Systems Time Systems Real- -Time Systems Time Systems Real

Real- Real -Time Systems Time Systems Real- -Time Systems Time Systems Real

EDA222/DIT160 Real-Time Systems, Chalmers/GU, 2008/2009 Lecture #15 Updated 2009-03-03 Dependable Distributed Dependable Distributed Real- Real -Time Systems Time Systems Real- -Time Systems Time Systems Real Aircraft/automotive

501 views • 9 slides
RTOS Real-Time Operating Systems Chenyang Lu OS Support for Real-Time Real-Time OS

RTOS Real-Time Operating Systems Chenyang Lu OS Support for Real-Time Real-Time OS

RTOS Real-Time Operating Systems Chenyang Lu OS Support for Real-Time Real-Time OS Real-time extensions to general-purpose OS Chenyang Lu 2 RTOS: Features for Efficiency Small Minimal set of functionality Fast context switch

504 views • 16 slides
Survivable Real-Time Network Services David L. Mills University of Delaware

Survivable Real-Time Network Services David L. Mills University of Delaware

Survivable Real-Time Network Services David L. Mills University of Delaware http://www.eecis.udel.edu/~mills mailto:mills@udel.edu Sir John Tenniel; Alices Adventures in Wonderland, Lewis Carroll 10-Jan-03 1 Distributed, real-time sensor

566 views • 19 slides
Intelligent real-time reactive network management Intelligent Network Management Framework Final

Intelligent real-time reactive network management Intelligent Network Management Framework Final

Intelligent real-time reactive network management Intelligent Network Management Framework Final project studies Guillaume Andreys April/August 2004 Introduction Motivation Presentation Introduction A lot of tools to collect network

444 views • 18 slides
Real Real- -Time Systems Time Systems Designing a real- Designing a real -time system time

Real Real- -Time Systems Time Systems Designing a real- Designing a real -time system time

EDA222/DIT160 Real-Time Systems, Chalmers/GU, 2008/2009 Lecture #10 Updated 2009-02-15 Real Real- -Time Systems Time Systems Designing a real- Designing a real -time system time system Logical function What should be done &

500 views • 8 slides
Securing Networks Applications Layer Monitoring/Logging/Intrusion Detection Where to put the

Securing Networks Applications Layer Monitoring/Logging/Intrusion Detection Where to put the

Real-Time Communication Security: SSL/TLS Guevara Noubir noubir@ccs.neu.edu Network Security Reading Assignment: chapters 16, 19 Network Security SSL TLS 1 Some Issues with Real-time Communication Session key establishment

312 views • 8 slides
Real-time raise alerts Real-Time Real-time with historical Dashboard Correlate

Real-time raise alerts Real-Time Real-time with historical Dashboard Correlate

Real-time raise alerts Real-Time Real-time with historical Dashboard Correlate Engine + Fabric Offline Develop initial monitoring query Back-test Progressive Non-temporal analysis Interactive Query Authoring

383 views • 15 slides
Multi-Cloud Federated Kubernetes at CERN Clenimar Filemon @clenimar clenimar@lsd.ufcg.edu.br

Multi-Cloud Federated Kubernetes at CERN Clenimar Filemon @clenimar clenimar@lsd.ufcg.edu.br

Multi-Cloud Federated Kubernetes at CERN Clenimar Filemon @clenimar clenimar@lsd.ufcg.edu.br Ricardo Rocha @ahcorporto ricardo.rocha@cern.ch Fundamental Science Founded in 1954 What is 96% of the universe made of? What was the state of matter

665 views • 25 slides
Networking Named Content Van Jacobson, Diana K. Smetters, James D. Thornton, Michael Plass, Nick

Networking Named Content Van Jacobson, Diana K. Smetters, James D. Thornton, Michael Plass, Nick

Networking Named Content Van Jacobson, Diana K. Smetters, James D. Thornton, Michael Plass, Nick Briggs, and Rebecca Braynard Presented by Ross Lagerwall University of Cambridge January 27, 2013 Jacobson et al. Networking Named Content

512 views • 17 slides
D E M A N D D R I V E N A R C H I T E C T U R E K O VA S B O G U TA & D A V I D N O L E

D E M A N D D R I V E N A R C H I T E C T U R E K O VA S B O G U TA & D A V I D N O L E

D E M A N D D R I V E N A R C H I T E C T U R E K O VA S B O G U TA & D A V I D N O L E N , Q C O N N E W Y O R K 2 0 1 5 C L I E N T S More and more clients everyday Internet of Things How to serve N clients with 1

701 views • 37 slides
Photonic Many-Core Architecture Study Nadya Bliss 1 , Krste Asanovi 2 , Keren Bergman 3 , Luca

Photonic Many-Core Architecture Study Nadya Bliss 1 , Krste Asanovi 2 , Keren Bergman 3 , Luca

Photonic Many-Core Architecture Study Nadya Bliss 1 , Krste Asanovi 2 , Keren Bergman 3 , Luca Carloni 3 , Jeremy Kepner 1 , Sanjeev Mohindra 1 , Vladimir Stojanovi 4 1 MIT Lincoln Laboratory, 2 University of California Berkeley, 3 Columbia

890 views • 22 slides
In fi nite Parallel Universes: State at the Edge Peter Bourgon Fastly In fi nite Parallel

In fi nite Parallel Universes: State at the Edge Peter Bourgon Fastly In fi nite Parallel

In fi nite Parallel Universes: State at the Edge Peter Bourgon Fastly In fi nite Parallel Universes: State at the Edge Peter Bourgon Fastly @ peterbourgon Fastly In fi nite Parallel Universes Context Architecture Protocol

692 views • 58 slides
Is 2.44 trillion unknowns the largest finite element system that can be solved today? U. Rde

Is 2.44 trillion unknowns the largest finite element system that can be solved today? U. Rde

Is 2.44 trillion unknowns the largest finite element system that can be solved today? U. Rde (LSS Erlangen, ruede@cs.fau.de) Lehrstuhl fr Informatik 10 (Systemsimulation) Universitt Erlangen-Nrnberg www10.informatik.uni-erlangen.de

731 views • 57 slides
Project PIZZARO - Image Restoration Module - Report I Michal Sorel, Filip Sroubek,

Project PIZZARO - Image Restoration Module - Report I Michal Sorel, Filip Sroubek,

Project PIZZARO - Image Restoration Module - Report I Michal Sorel, Filip Sroubek, Michal Barto s and Jan Flusser April 26, 2011 Abstract This document describes the outcomes of the first six months of the project PIZZARO

623 views • 15 slides
Results of Just-In-Time Browsing for Digital Microfilm Douglas J. Kennard and William A.

Results of Just-In-Time Browsing for Digital Microfilm Douglas J. Kennard and William A.

Results of Just-In-Time Browsing for Digital Microfilm Douglas J. Kennard and William A. Barrett Residential Internet Access End of 2001: 498 million people with Internet Access at home About 40% of them in the U.S. September 2001:

902 views • 23 slides

More recommend