Detail výsledku
Software Defined Monitoring of Application Protocols
Kučera Jan, Ing., Ph.D., FIT (FIT)
Puš Viktor, Ing., Ph.D.
Kořenek Jan, doc. Ing., Ph.D., UPSY (FIT)
Vasilakos Athanasios
With the ongoing shift of network services to the application layer also the monitoring systems focus more on the data from the application layer. The increasing speed of the network links, together with the increased complexity of application protocol processing, require a new way of hardware acceleration. We propose a new concept of hardware acceleration for flexible flow-based application level traffic monitoring which we call Software Defined Monitoring. Application layer processing is performed by monitoring tasks implemented in the software in conjunction with a configurable hardware accelerator. The accelerator is a high-speed application-specific processor tailored to stateful flow processing. The software monitoring tasks control the level of detail retained by the hardware for each flow in such a way that the usable information is always retained, while the remaining data is processed by simpler methods. Flexibility of the concept is provided by a plugin-based design of both hardware and software, which ensures adaptability in the evolving world of network monitoring. Our high-speed implementation using FPGA acceleration board in a commodity server is able to perform a 100 Gb/s flow traffic measurement augmented by a selected application-level protocol analysis.
Network Monitoring, Acceleration, Security, FPGA, L7
@article{BUT119889,
author="Lukáš {Kekely} and Jan {Kučera} and Viktor {Puš} and Jan {Kořenek} and Athanasios {Vasilakos}",
title="Software Defined Monitoring of Application Protocols",
journal="IEEE TRANSACTIONS ON COMPUTERS",
year="2015",
volume="65",
number="2",
pages="615--626",
doi="10.1109/TC.2015.2423668",
issn="0018-9340",
url="https://www.fit.vut.cz/research/publication/10942/"
}
Centrum excelence IT4Innovations, MŠMT, Operační program Výzkum a vývoj pro inovace, ED1.1.00/02.0070, zahájení: 2011-01-01, ukončení: 2015-12-31, ukončen
Výzkum informačních technologií z hlediska bezpečnosti, MŠMT, Institucionální prostředky SR ČR (např. VZ, VC), MSM0021630528, zahájení: 2007-01-01, ukončení: 2013-12-31, řešení