The Journal of Korean Institute of Communications and Information Sciences (한국통신학회논문지)

The Korean Institute of Commucations and Information Sciences (한국통신학회)
권호 표지
DOI QR코드

DOI QR Code

Performance Improvement of a Real-time Traffic Identification System on a Multi-core CPU Environment

멀티 코어 환경에서 실시간 트래픽 분석 시스템 처리속도 향상

  • 윤성호 (고려대학교 컴퓨터정보학과) ;
  • 박준상 (고려대학교 컴퓨터정보학과) ;
  • 김명섭 (고려대학교 컴퓨터정보학과)
  • Received : 2011.10.21
  • Accepted : 2012.04.16
  • Published : 2012.05.30
Download PDF
⟨ Previous Next ⟩

Abstract

The application traffic analysis is getting more and more challenging due to the huge amount of traffic from high-speed network link and variety of applications running on wired and wireless Internet devices. Multi-level combination of various analysis methods is desired to achieve high completeness and accuracy of analysis results for a real-time analysis system, while requires much of processing burden on the contrary. This paper proposes a novel architecture for a real-time traffic analysis system which improves the processing performance on multi-core CPU environment. The main contribution of the proposed architecture is an efficient parallel processing mechanism with multiple threads of various analysis methods. The feasibility of the proposed architecture was proved by implementing and deploying it on our campus network.

오늘날 네트워크 환경은 응용 프로그램 및 서비스의 변화가 많아 응용탐지에 있어 기존의 단일 분석 알고리즘으로는 모든 트래픽의 응용을 정확하게 탐지하기 어렵다. 최근 이러한 단점을 보완하기 위해 여러 개별 알고리즘을 통합한 멀티 레벨의 트래픽 탐지 알고리즘에 대한 연구가 진행되고 있다. 이러한 멀티 레벨 탐지 알고리즘은 단일 알고리즘 구조에 비해 계산 복잡도가 높은 단점이 있다. 또한, 고속 네트워크에서 실시간으로 트래픽을 분류하기 위해서는 멀티코어 CPU의 장점인 병렬처리를 이용하여 높은 계산 복잡도를 해결해야 할 필요가 있다. 본 논문에서는 요즘 일반화된 멀티 코어 CPU환경에 적합한 실시간 응용 트래픽 탐지 시스템 구조를 제안한다. 먼저 멀티 레벨 트래픽 탐지 알고리즘이 멀티 코어 환경에서 실시간으로 동작하기 위한 고려 사항들을 살펴보고, 이를 통해 시스템을 설계하고 구현한 내용을 기술한다. 본 논문에서 구축한 시스템은 캠퍼스 네트워크와 기숙사 네트워크를 대상으로 구축하여 그 실효성을 검증하였다.

Keywords

References

  1. G. Zhang, G. Xie, J. Yang, Y. Min, Z. Zhou, X. Duan, "Accurate online traffic classification with multi-phases identification methodology," Proc. of CCNC2008, pp. 141-146, Jan. 2008.
  2. L. Jun, Z. Shunyi, L. Yanqing, Y. Junrong, "Hybrid Internet Traffic Classification Technique," Journal of Electronics, vol. 26 No. 1, pp. 101-112, Jan. 2009.
  3. Z. Chen, B. Yang, Y. Chen, A. Abraham, C. Grosan, and L. Peng, "Online hybrid traffic classifier for Peer-to-Peer systems based on network processors," Applied Soft Computing, vol. 9, pp. 685-694, Mar. 2009. https://doi.org/10.1016/j.asoc.2008.09.010
  4. C. Gu, S. Zhuang, Y. Sun, J. Yan, "Multi-levels traffic classification technique," Future Computer and Communication (ICFCC), pp. 448-452, May. 2010.
  5. Young-Suk Oh, Jun-Sang Park, Sung-Ho Yoon, Jin-Wan Park, Sang-Woo Lee, Myung-Sup Kim, "Multi-Level basd Application Traffic Classification Method", KICS Journal vol.35 no.8, pp.1170-1178, Aug. 2010.
  6. IANA port number list, IANA, http://www.iana.org/ assignments/port-numbers.
  7. Jian Zhang and Andrew Moore, "Traffic Trace Artifacts due to Monitoring Via Port Mirroring," Proc. of E2EMON2007, May. 21, 2007.
  8. Risso, F. Baldi, M. Morandi, O. Baldini, A. Monclus, P. Lightweight, "Payload-Based Traffic Classification: An Experimental Evaluation," Proc. of ICC2008, 2008.
  9. Jun-Sang Park, Sung-Ho Yoon, and Myung-Sup Kim, "Software Architecture for a Lightweight Payload Signature-based Traffic Classification System," Proc. of TMA 2011, LNCS6613, Vienna, Austria, Apr. 27, pp. 136-149, 2011.
  10. Subhabrata Sen, Oliver Spatscheck, Dongmei Wang, "Accurate, scalable in-network identification of p2p traffic using application signatures" World Wide Web 2004, May 17-20, 2004, New York, USA.
  11. Jeffrey Erman, Martin Arlitt, Anirban Mahanti, "Traffic Classification Using Clustering Algorithms," Proc. of SIGCOMM Workshop on Mining network data, Pisa, Italy, pp. 281-286, Sep. 2006.
  12. Andrew W. Moore and Denis Zuev, "Internet Traffic Classification Using Bayesian Analysis Techniques," Proc. of the ACM SIGMETRICS, Banff, Canada, Jun. 2005.
  13. Sung-Ho Yoon, Jin-Wan Park, Young-Seok Oh, Jun-Sang Park, and Myung-Sup Kim, "Internet Application Traffic Classification Using Fixed IP-port," Proc. of APNOMS 2009, LNCS5787, Jeju, Korea, Sep. 23-25, pp. 21-30, 2009.
  14. Jin-Wan Park, Sung-Ho Yoon, Jun-Sang Park, Sang-Woo Lee, Myung-Sup Kim, "Statistic Signature based Application Traffic Classification", KICS Journal vol.34 no.11, pp.1234-1244, Nov. 2009.
  15. Sang-Woo Lee, Jin-Wan Park, Sung-Ho Yoon, Hyun-Shin Lee, Myung-Sup Kim, "Research on Skype Traffic Classification using Behavior Analysis", Proc. of JCCI 2010, pp. 15, Apr. 28-30, 2010.
  16. Rentao Gu, Minhuo Hong, Hongxiang Wang, and Yuefeng Ji, "Fast Traffic Classification in High Speed Networks," Proc. of APNOMS2008, LNCS 5297, pp. 429-432, Beijing, China, Oct. 22-24, 2008.
  17. Myung-Sup Kim, Young J. Won, and James Won-Ki Hong, "Application-Level Traffic Monitoring and an Analysis on IP Networks," ETRI Journal, Vol.27, No.1, pp.22-42, Feb. 2005. https://doi.org/10.4218/etrij.05.0104.0040
  18. Thomas Karagiannis, Konstantina Papagiannaki, and Michalis Faloutsos. "BLINC: Multilevel Traffic Classification in the Dark," Proc. of SIGCOMM 2005, Philadelphia, PA, Aug. 22-26, 2005.