Tuesday, July 3, 2012

How to Build DPI Products? (Part XVI - Pattern Matching with Multi-Core Computers)

Prof. Yehuda Afek, Computer Science, Tel Aviv University - Multicore Packet Scattering to Disentangle Performance Bottlenecks (here and video below) - lecture given at Technion Computer Engineering International Conference on June 7, 2012.


"We take advantage of the emerging Multicore computers to design a general architecture to mitigate different network based complexity attacks. In complexity attacks an attacker carefully crafts messages such that each consumes substantially more resources than a normal average message. It then sends enough such heavy messages to bring the system to a crawl at best. In our architecture cores quickly identify messages suspicious heavy and divert them to a fraction of the cores that under attack are dedicated to handle all the heavy messages keeping the rest of the cores relatively unaffected and free to give the normal legitimate traffic the good service it is suppose to get. We demonstrate the effectiveness of our scheme in mitigating complexity attacks on Deep Packet Inspection (DPI) engines in security".

Related posts: "DPI for Compress HTTP w/o Decompression" (here) and "A DPI Algorithm is Waiting for Commercialization" (here).

No comments:

Post a Comment