Abstract
Packet drops caused by congestion are a fundamental problem in network operation. Yet, it is difficult to detect where drops are happening, let alone which flows are most affected. Detecting the small-timescale drops caused by short bursts of traffic is even more challenging, and traditional monitoring techniques can easily miss them. To uncover packet drops as they occur inside a switch, the analysis must be real-time, fine-grained, and efficient. However, modern switches have distributed packet-processing pipelines that see either the arriving or departing traffic, but not the packet drops. Additionally, they do not have enough memory to store per-flow state. Our MIDST system addresses these challenges through a distributed compact data structure with lightweight coordination between ingress and egress pipelines. MIDST identifies the flows experiencing loss, as well as the bursty flows responsible, across different burst durations. Our evaluation with real-world traces and TCP connections shows that MIDST uses little memory (e.g., 320KB) while providing high accuracy (95% to 98%) under varying loss rates and burst durations. We evaluate a low-rate DDoS attack and demonstrate the potential use of our measurement results for attack detection and mitigation.
Original language | English |
---|---|
Title of host publication | SOSR 2022 - Proceedings of the 2022 Symposium on SDN Research |
Publisher | Association for Computing Machinery, Inc |
Pages | 25-32 |
Number of pages | 8 |
ISBN (Electronic) | 9781450398923 |
DOIs | |
State | Published - 19 Oct 2022 |
Event | 2002 ACM SIGCOMM Symposium on SDN Research, SOSR 2022 - Virtual, Online, United States Duration: 20 Oct 2022 → … |
Publication series
Name | SOSR 2022 - Proceedings of the 2022 Symposium on SDN Research |
---|
Conference
Conference | 2002 ACM SIGCOMM Symposium on SDN Research, SOSR 2022 |
---|---|
Country/Territory | United States |
City | Virtual, Online |
Period | 20/10/22 → … |
Bibliographical note
Funding Information:We thank the anonymous SOSR reviewers and our shepherd Fernando Ramos for their valuable feedback. This work is supported in part by the Israel Science Foundation under grant No. 980/21, and NSF grants CNS-2106946, CNS-2107239, and CNS-1704077.
Publisher Copyright:
© 2022 ACM.
Keywords
- network monitoring
- programmable devices
- sketches