摘要
基于深包检测技术的流量分类方法可以达到95%以上的识别率和准确率.然而,由于计算复杂性高、存储消耗大等原因,主流软件方法只能提供百兆(线速率)处理能力,而且不能处理大量流并发的情况.文中提出一个基于深包检测技术的芯片级流量分类架构RocketTC,通过对应用层协议特征、匹配引擎和流管理策略进行优化,使其支持万兆级数据吞吐率.RocketTC具有两个核心模块:基于FPGA的流管理器和动态可重构的分类引擎阵列,前者实现万兆吞吐率下的流表管理,后者快速检测流量特征并支持动态协议特征更新特性.文中提出的分类方法使用轻量级DPI方法,通过缩小检测范围和特征长度进一步减少计算复杂度和存储消耗.我们使用Xilinx Virtex-5FPGA对上述设计进行实现与在线流量测试,结果表明RocketTC可以对92种网络协议进行识别,准确率达到97%,而且稳定提供20Gbps线速处理能力.
Deep packet inspection (DPI) based traffic classification methods could achieve more than 95% accuracy and recognition rate. However, due to considerable computation and storage expenditures, existing software - based solutions could not offer sufficient processing capability for widely deployed high speed networks and massive concurrent flows. This paper proposes Rock- etTC, a high performance FPGA-based architecture for traffic classification with optimized DPI method, flexible and scalable classification engines and flow management scheme. Specifically, RocketTC architecture introduces two key elements to achieve high performance: an efficient flow management scheme using only on-chip BRAMs for storing the flow table, and a parallel and pipelined classification engine array supporting partial dynamic reconfiguration (PDR). We implemented RocketTC on a Virtex-5 FPGA based platform to evaluate its actual performance. Experimental results show that the prototype could offer a sustained throughput of over 20Gbps and achieve high accuracy above 97% for classifying 92 popular applications while regarding L7-filter as the ground truth. Additionally, it is easy for RocketTC to update for the purpose of classifying more applications.
出处
《计算机学报》
EI
CSCD
北大核心
2014年第2期414-422,共9页
Chinese Journal of Computers
基金
国家自然科学基金(61272510
60803002
61070198
61379145)资助~~
