Query:
学者姓名:胡成臣
Refining:
Year
Type
Indexed by
Source
Complex
Co-Author
Language
Clean All
Abstract :
Network programming languages (NPLs) empower operators to program network data planes (NDPs) with unprecedented efficiency. Currently, various NPLs and NDPs coexist and no one can prevail over others in the short future. Such diversity is raising many problems including: (1) programs written with different NPLs can hardly interoperate in the same network, (2) most NPLs are bound to specific NDPs, hindering their independent evolution, and (3) compilation techniques cannot be readily reused, resulting in much wasteful work. These problems are mostly owing to the lack of modularity in the compilers, where the missing part is an intermediate representation (IR) for NPLs. To this end, we propose Network Transaction Automaton (NTA), a highly-expressive and language-independent IR, and show it can express semantics of 7 mainstream NPLs. Then, we design CODER, a modular compiler based on NTA, which currently supports 2 NPLs and 3 NDPs. Experiments with real and synthetic programs show CODER can correctly compile those programs for real networks within moderate time.
Keyword :
Automata Bandwidth Costs hybrid data plane intermediate representation Network programming language Program processors Semantics software defined networks Switches Topology
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Li, Hao , Zhang, Peng , Sun, Guangda et al. Compiling Cross-Language Network Programs Into Hybrid Data Plane [J]. | IEEE-ACM TRANSACTIONS ON NETWORKING , 2021 , 30 (3) : 1088-1103 . |
MLA | Li, Hao et al. "Compiling Cross-Language Network Programs Into Hybrid Data Plane" . | IEEE-ACM TRANSACTIONS ON NETWORKING 30 . 3 (2021) : 1088-1103 . |
APA | Li, Hao , Zhang, Peng , Sun, Guangda , Cao, Wanyue , Hu, Chengchen , Shan, Danfeng et al. Compiling Cross-Language Network Programs Into Hybrid Data Plane . | IEEE-ACM TRANSACTIONS ON NETWORKING , 2021 , 30 (3) , 1088-1103 . |
Export to | NoteExpress RIS BibTex |
Abstract :
A crucial requirement for Software Defined Network (SDN) is that data plane forwarding behaviors should always agree with control plane policies. Such requirement cannot be met when there are forwarding anomalies, where packets deviate from the paths specified by the controller. Most anomaly detection methods for SDN install dedicated rules to collect statistics of each flow, and check whether the statistics conform to the 'flow conservation principle'. We find these methods have a limited detection scope: they look at one flow each time, thus can only check a small number of flows simultaneously. In addition, dedicated rules for statistics collection can impose a large overhead on flow tables of SDN switches. To this end, this paper presents FOCES, a network-wide forwarding anomaly detection and localization method in SDN. Different from previous methods, FOCES applies a new kind of flow conservation principle at network wide, and can check forwarding behaviors of all flows in the network simultaneously, without installing any dedicated rules. Finally, FOCES applies a voting-based method to localize malicious switches when anomalies are detected. Experiments with four network topologies show that FOCES can achieve a detection precision higher than 90%, when the packet loss rate is no larger than 10%, and a localization accuracy of around 80% when the packet loss rate is no larger than 5%. © 1993-2012 IEEE.
Keyword :
Anomaly detection Packet loss Software defined networking
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Zhang, Peng , Zhang, Fangzheng , Xu, Shimin et al. Network-Wide Forwarding Anomaly Detection and Localization in Software Defined Networks [J]. | ACM Transactions on Networking , 2021 , 29 (1) : 332-345 . |
MLA | Zhang, Peng et al. "Network-Wide Forwarding Anomaly Detection and Localization in Software Defined Networks" . | ACM Transactions on Networking 29 . 1 (2021) : 332-345 . |
APA | Zhang, Peng , Zhang, Fangzheng , Xu, Shimin , Yang, Zuoru , Li, Hao , Li, Qi et al. Network-Wide Forwarding Anomaly Detection and Localization in Software Defined Networks . | ACM Transactions on Networking , 2021 , 29 (1) , 332-345 . |
Export to | NoteExpress RIS BibTex |
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Sun, Xiuwen , Li, Hao , Zhao, Dan et al. COIN: A fast packet inspection method over compressed traffic (vol 127, pg 122, 2019) [J]. | JOURNAL OF NETWORK AND COMPUTER APPLICATIONS , 2020 , 153 . |
MLA | Sun, Xiuwen et al. "COIN: A fast packet inspection method over compressed traffic (vol 127, pg 122, 2019)" . | JOURNAL OF NETWORK AND COMPUTER APPLICATIONS 153 (2020) . |
APA | Sun, Xiuwen , Li, Hao , Zhao, Dan , Lu, Xingxing , Hou, Kaiyu , Hu, Chengchen . COIN: A fast packet inspection method over compressed traffic (vol 127, pg 122, 2019) . | JOURNAL OF NETWORK AND COMPUTER APPLICATIONS , 2020 , 153 . |
Export to | NoteExpress RIS BibTex |
Abstract :
Programmable data planes, PDPs, enable an unprecedented level of flexibility and have emerged as a promising alternative to existing data planes. Despite the rapid development and prototyping cycles that PDPs promote, the existing PDP ecosystem lacks appropriate abstractions and algorithms to support these rapid testing and deployment life-cycles. In this paper, we propose P4Visor, a lightweight virtualization abstraction that provides testing primitives as a first-order citizen of the PDP ecosystem. P4Visor can efficiently support multiple PDP programs through a combination of compiler optimizations and program analysis-based algorithms. P4Visor's algorithm improves over state-of-the-art techniques by significantly reducing the resource overheads associated with embedding numerous versions of a PDP program into hardware. To demonstrate the efficiency and viability of P4Visor, we implemented and evaluated P4Visor on both a software switch and an FPGA-based hardware switch using fourteen of different PDP programs. Our results demonstrate that P4Visor introduces minimal overheads and is one order of magnitude more efficient than existing PDPs primitives for concurrently supporting multiple programs.
Keyword :
code merge Ecosystems fault tolerance Hardware Merging Programmable data plane Software Switches testing Testing Virtualization
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Zheng, Peng , Benson, Theophilus A. , Hu, Chengchen . Building and Testing Modular Programs for Programmable Data Planes [C] . 2020 : 1432-1447 . |
MLA | Zheng, Peng et al. "Building and Testing Modular Programs for Programmable Data Planes" . (2020) : 1432-1447 . |
APA | Zheng, Peng , Benson, Theophilus A. , Hu, Chengchen . Building and Testing Modular Programs for Programmable Data Planes . (2020) : 1432-1447 . |
Export to | NoteExpress RIS BibTex |
Abstract :
One major research challenge for Software-Defined Networking is to properly deploy and efficiently utilize multiple controllers to improve resource utilization and maintain high network performance. While addressing this Controller Placement Problem (CPP), many existing studies overlooked the importance and influence of the Controller Scheduling Problem (CSP) with the central focus on proper distribution of requests from all switches among all controllers. In this paper, we define a new Controller Placement and Scheduling Problem (CPSP), emphasizing on the necessity and importance of tackling both CPP and CSP simultaneously in a coherent framework. To solve CPSP, we must seek a combination of solutions to both problems. Particularly, CSP is addressed based on a given solution to CPP and a Gradient-Descent-based (GD-based) scheduling algorithm is developed to optimize the probabilistic distribution of requests among all controllers. Built on the GD-based approach for controller scheduling, a Clustering-based Genetic Algorithm with Cooperative Clusters (CGA-CC) is further proposed to address CPP. In comparison to the majority of heuristic methods developed in the past, CGA-CC has two unique strengths. Specifically, it partitions a large network to substantially reduce the search space of the Genetic Algorithm (GA), resulting in fast identification of high-quality CPP solutions. Moreover, a greedy load re-distribution mechanism is developed to handle unexpected demand variations by dynamically forwarding bursting requests to neighboring sub-networks. Extensive simulations showed that our algorithms can significantly outperform several existing algorithms, including a recently proposed approach called Multi-controller Selection and Placement Algorithm (MSPA), in terms of both response time and controller utilization. © 2019 IEEE.
Keyword :
Clustering algorithms Controllers Genetic algorithms Gradient methods Heuristic methods Probability distributions Scheduling Scheduling algorithms Software defined networking
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Huang, Victoria , Chen, Gang , Zhang, Peng et al. A Scalable Approach to SDN Control Plane Management: High Utilization Comes with Low Latency [J]. | IEEE Transactions on Network and Service Management , 2020 , 17 (2) : 682-695 . |
MLA | Huang, Victoria et al. "A Scalable Approach to SDN Control Plane Management: High Utilization Comes with Low Latency" . | IEEE Transactions on Network and Service Management 17 . 2 (2020) : 682-695 . |
APA | Huang, Victoria , Chen, Gang , Zhang, Peng , Li, Hao , Hu, Chengchen , Pan, Tian et al. A Scalable Approach to SDN Control Plane Management: High Utilization Comes with Low Latency . | IEEE Transactions on Network and Service Management , 2020 , 17 (2) , 682-695 . |
Export to | NoteExpress RIS BibTex |
Abstract :
Extracting fields from layer 7 protocols such as HTTP, known as L7 parsing, is the key to many critical network applications. However, existing L7 parsing techniques center around protocol specifications, thereby incurring large human efforts in specifying data format and high computational/memory costs that poorly scale with the explosive number of L7 protocols. To this end, this paper introduces a new framework named content-based L7 parsing, where the content instead of the format becomes the first class citizen. Under this framework, users only need to label what content they are interested in, and the parser learns an extraction model from the users' labeling behaviors. Since the parser is specification-independent, both the human effort and computational/memory costs can be dramatically reduced. To realize content-based L7 parsing, we propose REPLAY which builds on recurrent neural network (RNN) and addresses a series of technical challenges like large labeling overhead and slow parsing speed. We prototype REPLAY on GPUs, and show it can achieve a precision of 98% and a recall of 97%, with a throughput as high as 12Gbps for diverse extraction tasks.
Keyword :
Application layer protocol Data mining Data models deep packet inspection Labeling Payloads protocol parsing Protocols Recurrent neural networks recurrent neural networks (RNNs) Task analysis
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Li, Hao , Bian, Zhengda , Zhang, Peng et al. Application-Oblivious L7 Parsing Using Recurrent Neural Networks [J]. | IEEE-ACM TRANSACTIONS ON NETWORKING , 2020 , 28 (5) : 2009-2022 . |
MLA | Li, Hao et al. "Application-Oblivious L7 Parsing Using Recurrent Neural Networks" . | IEEE-ACM TRANSACTIONS ON NETWORKING 28 . 5 (2020) : 2009-2022 . |
APA | Li, Hao , Bian, Zhengda , Zhang, Peng , Sun, Zhun , Hu, Chengchen , Fu, Qiang et al. Application-Oblivious L7 Parsing Using Recurrent Neural Networks . | IEEE-ACM TRANSACTIONS ON NETWORKING , 2020 , 28 (5) , 2009-2022 . |
Export to | NoteExpress RIS BibTex |
Abstract :
Nowadays, regular expression matching becomes a critical component of the network traffic detection applications, which describes the fine-grained signature of traffic. Web services tend to compress their traffic for less data transmission, which is a great challenge for regular expression matching to achieve wire-speed processing. In this paper, we propose Twins, an efficient regular expression matching method over compressed traffic, which leverages the returned states encoding in the compression to skip repeated scanning. We also present an evaluation model to elaborate the factors that influence the performance of compressed traffic matching methods. Our evaluations demonstrate that Twins could skip similar to 90% compression data and can achieve 1.2 Gbps throughput with a single CPU core. It gains 2.2-3.0 times performance boost than the state-of-the-art works. With a parallel implementation using multiple CPU cores, the throughput could be up to 10 Gbps. (C) 2019 Published by Elsevier B.V.
Keyword :
Compressed traffic matching Deep packet inspection Pattern matching Regular expression matching
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Sun, Xiuwen , Li, Hao , Zhao, Dan et al. Efficient regular expression matching over compressed traffic [J]. | COMPUTER NETWORKS , 2020 , 168 . |
MLA | Sun, Xiuwen et al. "Efficient regular expression matching over compressed traffic" . | COMPUTER NETWORKS 168 (2020) . |
APA | Sun, Xiuwen , Li, Hao , Zhao, Dan , Lu, Xingxing , Peng, Zheng , Hu, Chengchen . Efficient regular expression matching over compressed traffic . | COMPUTER NETWORKS , 2020 , 168 . |
Export to | NoteExpress RIS BibTex |
Abstract :
A key feature of software-defined networking (SDN) is the decoupling of control pane and data plane. Although delivering huge benefits, such a decoupling also brings a new risk: the data plane states (i.e., flow tables) may deviate from the control plane policies. Existing data plane testing tools such as RuleScope check the correctness of flow tables by injecting probes. However, they are limited in four aspects: 1) are slow in generating probes due to solving SAT problems; 2) may raise false negatives when there are multiple missing rules; 3) cannot test cascaded flow tables used by OpenFlow switches; and 4) either does not support incremental update or has a slow update speed. To overcome these limitations, we present RuleChecker, a fast data plane testing tool for SDN. In contrast to previous tools that generate each probe by solving an SAT problem, the RuleChecker takes the flow table as whole and generates all probes through an iteration of simple set operations. By leveraging binary decision diagram to encode sets, we make the RuleChecker extremely fast: nearly 20x faster than the RuleScope, and can update probes in less than 2 ms for 90% of the cases, based on the Stanford backbone rule set.
Keyword :
binary decision diagram data plane faults probe generation Software defined network
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Zhang, Peng , Zhang, Cheng , Hu, Chengchen . Fast Data Plane Testing for Software-Defined Networks With RuleChecker [J]. | IEEE-ACM TRANSACTIONS ON NETWORKING , 2019 , 27 (1) : 173-186 . |
MLA | Zhang, Peng et al. "Fast Data Plane Testing for Software-Defined Networks With RuleChecker" . | IEEE-ACM TRANSACTIONS ON NETWORKING 27 . 1 (2019) : 173-186 . |
APA | Zhang, Peng , Zhang, Cheng , Hu, Chengchen . Fast Data Plane Testing for Software-Defined Networks With RuleChecker . | IEEE-ACM TRANSACTIONS ON NETWORKING , 2019 , 27 (1) , 173-186 . |
Export to | NoteExpress RIS BibTex |
Abstract :
Matching multiple patterns simultaneously is a key technique in Deep Packet Inspection systems, such as firewall, Intrusion Detection Systems, etc. However, most web services nowadays tend to compress their traffic for less data transferring and better user experience, which has challenged the original multi-pattern matching method that work on raw content only. The straightforward solutions directly match decompressed data which multiply the data to be matched. The state-of-the-art works skip scanning some data in compressed segments, but still exist the redundant checking, which are not efficient enough. In this paper, we propose COmpression INspection (COIN) method for multi-pattern matching over compressed traffic. COIN does not recheck the patterns within compressed segment if it has been matched before, so as to further improve the performance of matching, we have collected real traffic data from Alexa top sites and performed the experiments. The evaluation results show that COIN achieves 20.3% and 17.0% in the average of improvement than the state-of-the-art approaches on the string and regular expression matching with real traffic and rule sets. © 2018 Elsevier Ltd
Keyword :
Data transferring Deep packet inspection Evaluation results Intrusion Detection Systems Multi-pattern matching Packet inspection Regular-expression matching State-of-the-art approach
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Sun, Xiuwen , Li, Hao , Zhao, Dan et al. COIN: A fast packet inspection method over compressed traffic [J]. | Journal of Network and Computer Applications , 2019 , 127 : 122-134 . |
MLA | Sun, Xiuwen et al. "COIN: A fast packet inspection method over compressed traffic" . | Journal of Network and Computer Applications 127 (2019) : 122-134 . |
APA | Sun, Xiuwen , Li, Hao , Zhao, Dan , Lu, Xingxing , Hou, Kaiyu , Hu, Chengchen . COIN: A fast packet inspection method over compressed traffic . | Journal of Network and Computer Applications , 2019 , 127 , 122-134 . |
Export to | NoteExpress RIS BibTex |
Abstract :
In network measurement, many statistics counters need maintaining on the switch and thus consuming a lot of very precious on-chip memory. In fact, most network flows in the Internet are small flows that don't need large-width counters. In this paper, we present DIAL, a distributed counting approach, which duplicates the counting rules to leverage global memory resources, maximizing the counting efficiency, which is complementary to existing counter solutions. We pose and formulate the problem of finding the optimal placement for duplicated counting rules. After proving its NP hardness, we give some heuristics to fast generate a near-optimal placement. After describing the feasibility of implementation, we carry out some evaluation for DIAL. Our simulated results with Internet traffic and topologies show that DIAL can significantly decrease the memory cost and increase the memory efficiency for both fixed-width and variable-width counter architecture, with acceptable extra overheads, which is a great save of the precious high-speed memory in the switch.
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Peng, Zheng , Li, Hao , Hu, Chengchen . DIAL: Distributed Elephant Flow Counting on SDN [C] . 2018 . |
MLA | Peng, Zheng et al. "DIAL: Distributed Elephant Flow Counting on SDN" . (2018) . |
APA | Peng, Zheng , Li, Hao , Hu, Chengchen . DIAL: Distributed Elephant Flow Counting on SDN . (2018) . |
Export to | NoteExpress RIS BibTex |
Export
Results: |
Selected to |
Format: |