Per-Packet Traffic Measurement in Storage, Computation and Bandwidth Limited Data Plane | IEEE Journals & Magazine | IEEE Xplore
Subscribe
ADVANCED SEARCH
Journals & Magazines >IEEE/ACM Transactions on Netw... >Volume: 32 Issue: 5

Per-Packet Traffic Measurement in Storage, Computation and Bandwidth Limited Data Plane

PDF
Yinchuan Cong; Kun Xie; Jigang Wen; Jiwei Zhang; Yansong Yin; Qingyi Zhang
All Authors

Abstract:

Packet level measurement in the data plane provides a microscopic view of the network’s state. Although advances in programmable switches and routers make it possible to ...Show More

Metadata

Abstract:

Packet level measurement in the data plane provides a microscopic view of the network’s state. Although advances in programmable switches and routers make it possible to measure the Sequence of Packet Lengths and Arrival Times (SPLT) in the data plane, collecting this information remains challenging due to limited storage, processing resources, and bandwidth. To address this issue, we propose MES, which Measures and Encodes Simultaneously the packet length and timestamp when each packet passes through the Network Processor (NP) in the switch/router. We design the packet length compression and timestamp compression algorithms to be lightweight and implement the designed algorithms using simple operations supported by the network processor, while taking into account the computation constraints of the NP. Through extensive experiments on five packet traces, we demonstrate that our MES achieves high precision SPLT measurements (up to 99.82% cosine similarity) while reducing storage and bandwidth overhead by up to 87%. Simulations conducted on the BMV2 P4 software switch demonstrate that our designed SPLT measurement mechanism imposes little impact on network throughput and delay.
Published in: IEEE/ACM Transactions on Networking ( Volume: 32, Issue: 5, October 2024)
Page(s): 3730 - 3742
Date of Publication: 28 May 2024

ISSN Information:

DOI: 10.1109/TNET.2024.3404011

Funding Agency:

References is not available for this document.
Contents

I. Introduction

Network measurement plays a crucial role in network operations and management tasks [7], [12], [42]. Packet-level measurement in the data plane provides a microscopic view of the network’s state. Monitoring the Sequence of Packet Lengths and Times (SPLT) has become increasingly important recently [15].

Select All
1.
N. K. Ahmed, J. Neville and R. Kompella, "Network sampling: From static to streaming graphs", ACM Trans. Knowl. Discov. Data, vol. 8, no. 2, pp. 1-56, 2013.
CrossRef Google Scholar
2.
B. Anderson and D. McGrew, "Machine learning for encrypted malware traffic classification: Accounting for noisy labels and non-stationarity", Proc. 23rd ACM SIGKDD Int. Conf. Knowl. Discovery Data Mining, pp. 1723-1732, Aug. 2017.
CrossRef Google Scholar
3.
P. Bosshart et al., "P4: Programming protocol-independent packet processors", ACM SIGCOMM Comput. Commun. Rev., vol. 44, no. 3, pp. 87-95, Jul. 2014.
CrossRef Google Scholar
4.
P. Bosshart et al., "Forwarding metamorphosis: Fast programmable match-action processing in hardware for SDN", Proc. ACM SIGCOMM Conf. SIGCOMM, pp. 99-110, Aug. 2013.
CrossRef Google Scholar
5.
M. Canini, D. Fay, D. J. Miller, A. W. Moore and R. Bolla, "Per flow packet sampling for high-speed network monitoring", Proc. 1st Int. Commun. Syst. Netw. Workshops, pp. 1-10, Jan. 2009.
View Article
Google Scholar
6.
W. Chen, Y. Tian, Z. Wei, J. Pan and X. Zhang, "Task scheduling for probabilistic in -Band network telemetry", IEEE/ACM Trans. Netw., vol. 30, no. 6, pp. 2858-2869, Dec. 2022.
View Article
Google Scholar
7.
X. Chen et al., "Fine-grained queue measurement in the data plane", Proc. 15th Int. Conf. Emerg. Netw. Exp. Technol., pp. 15-29, Dec. 2019.
CrossRef Google Scholar
8.
Z. Chen, G. Cheng, B. Jiang, S. Tang, S. Guo and Y. Zhou, "Length matters: Fast internet encrypted traffic service classification based on multi-PDU lengths", Proc. 16th Int. Conf. Mobility Sens. Netw. (MSN), pp. 531-538, Dec. 2020.
View Article
Google Scholar
9.
K. Cho, K. Mitsuya and A. Kato, "Traffic data repository at the WIDE project", Proc. USENIX Annu. Tech. Conf. (ATC), pp. 263-270, 2000.
Google Scholar
10.
B. Claise, "Cisco systems netflow services export version 9", RFC, vol. 3954, pp. 1-33, 2004, [online] Available: https://doi.org/10.17487/RFC3954.
Google Scholar
11.
Behavioral Model (BMV2), Jan. 2018, [online] Available: https://github.com/p4lang/behavioral-model.
Google Scholar
12.
Y. Du, H. Huang, Y.-E. Sun, S. Chen and G. Gao, "Self-adaptive sampling for network traffic measurement", Proc. IEEE INFOCOM Conf. Comput. Commun., pp. 1-10, May 2021.
View Article
Google Scholar
13.
J. Dugan, S. Elliott, B. A. Mah, J. Poskanzer and K. Prabhu, "iPerf—The ultimate speed test tool for TCP UDP and SCTP", 2021, [online] Available: https://iperf.fr/.
Google Scholar
14.
C. Estan and G. Varghese, "New directions in traffic measurement and accounting", Proc. Conf. Appl. Technol. Architectures Protocols Comput. Commun., pp. 323-336, 2002.
CrossRef Google Scholar
15.
Y. Fu, H. Xiong, X. Lu, J. Yang and C. Chen, "Service usage classification with encrypted internet traffic in mobile messaging apps", IEEE Trans. Mobile Comput., vol. 15, no. 11, pp. 2851-2864, Nov. 2016.
View Article
Google Scholar
16.
D. Hancock and J. van der Merwe, "HyPer4: Using P4 to virtualize the programmable data plane", Proc. 12th Int. Conf. Emerg. Netw. Exp. Technol., pp. 35-49, Dec. 2016.
CrossRef Google Scholar
17.
Y. Hou, A. Solin and J. Kannala, "Novel view synthesis via depth-guided skip connections", Proc. IEEE Winter Conf. Appl. Comput. Vis. (WACV), pp. 3118-3127, Jan. 2021.
View Article
Google Scholar
18.
Q. Huang et al., "Toward nearly-zero-error sketching via compressive sensing", Proc. 18th USENIX Symp. Networked Syst. Design Implement., pp. 1027-1044, 2021.
Google Scholar
19.
S. Jin, Z. Zhang, K. Chakrabarty and X. Gu, "Failure prediction based on anomaly detection for complex core routers", Proc. IEEE/ACM Int. Conf. Computer-Aided Design (ICCAD), pp. 1-6, Nov. 2018.
View Article
Google Scholar
20.
K. Kaur, J. Singh and N. S. Ghumman, "Mininet as software defined networking testing platform", Proc. Int. Conf. Commun. Comput. Syst. (ICCCS), pp. 42-139, 2014.
Google Scholar
21.
A. H. Lashkari, G. D. Gil, M. S. I. Mamun and A. A. Ghorbani, "Characterization of Tor traffic using time based features", Proc. 3rd Int. Conf. Inf. Syst. Secur. Privacy (ICISSP), pp. 253-262, Feb. 2017.
CrossRef Google Scholar
22.
Y. Lin et al., "NetView: Towards on-demand network-wide telemetry in the data center", Comput. Netw., vol. 180, Oct. 2020.
CrossRef Google Scholar
23.
H. Liu et al., "Escala: Timely elastic scaling of control channels in network measurement", Proc. IEEE INFOCOM Conf. Comput. Commun., pp. 1848-1857, May 2022.
View Article
Google Scholar
24.
A. S. Maiya and T. Y. Berger-Wolf, "Benefits of bias: Towards better characterization of network sampling", Proc. 17th ACM SIGKDD Int. Conf. Knowl. Discovery Data Mining, pp. 105-113, Aug. 2011.
CrossRef Google Scholar
25.
G. S. Manku and R. Motwani, "Approximate frequency counts over data streams", Proc. VLDB Endow., vol. 5, no. 12, pp. 1699, 2012.
CrossRef Google Scholar
26.
X.-J. Mao, C. Shen and Y.-B. Yang, "Image restoration using convolutional auto-encoders with symmetric skip connections", arXiv:1606.08921, 2016.
Google Scholar
27.
M. H. Mazhar and Z. Shafiq, "Characterizing smart home IoT traffic in the wild", Proc. IEEE/ACM 5th Int. Conf. Internet-Things Design Implement. (IoTDI), pp. 203-215, Sep. 2020.
View Article
Google Scholar
28.
Y. Mirsky, T. Doitshman, Y. Elovici and A. Shabtai, "Kitsune: An ensemble of autoencoders for online network intrusion detection", Proc. 25th Annu. Netw. Distrib. Syst. Secur. Symp., pp. 1-15, Feb. 2018.
CrossRef Google Scholar
29.
A. Moffat, "Huffman coding", ACM Comput. Surv., vol. 52, no. 4, pp. 1-35, 2019.
CrossRef Google Scholar
30.
N. Msadek, R. Soua and T. Engel, "IoT device fingerprinting: Machine learning based encrypted traffic analysis", Proc. IEEE Wireless Commun. Netw. Conf. (WCNC), pp. 1-8, Apr. 2019.
View Article
Google Scholar

Contact IEEE to Subscribe
More Like This
Telecom datawarehouse prototype for bandwidth and network throughput monitoring and analysis

2011 Colloquium in Information Science and Technology

Published: 2011

Lightweight monitoring of label switched paths for bandwidth management

Proceedings. ISCC 2004. Ninth International Symposium on Computers And Communications (IEEE Cat. No.04TH8769)

Published: 2004

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.