תקציר
Packet drops caused by congestion are a fundamental problem in network operation. Yet, it is difficult to detect where drops are happening, let alone which flows are most affected. Detecting the small-timescale drops caused by short bursts of traffic is even more challenging, and traditional monitoring techniques can easily miss them. To uncover packet drops as they occur inside a switch, the analysis must be real-time, fine-grained, and efficient. However, modern switches have distributed packet-processing pipelines that see either the arriving or departing traffic, but not the packet drops. Additionally, they do not have enough memory to store per-flow state. Our MIDST system addresses these challenges through a distributed compact data structure with lightweight coordination between ingress and egress pipelines. MIDST identifies the flows experiencing loss, as well as the bursty flows responsible, across different burst durations. Our evaluation with real-world traces and TCP connections shows that MIDST uses little memory (e.g., 320KB) while providing high accuracy (95% to 98%) under varying loss rates and burst durations. We evaluate a low-rate DDoS attack and demonstrate the potential use of our measurement results for attack detection and mitigation.
שפה מקורית | אנגלית |
---|---|
כותר פרסום המארח | SOSR 2022 - Proceedings of the 2022 Symposium on SDN Research |
מוציא לאור | Association for Computing Machinery, Inc |
עמודים | 25-32 |
מספר עמודים | 8 |
מסת"ב (אלקטרוני) | 9781450398923 |
מזהי עצם דיגיטלי (DOIs) | |
סטטוס פרסום | פורסם - 19 אוק׳ 2022 |
אירוע | 2002 ACM SIGCOMM Symposium on SDN Research, SOSR 2022 - Virtual, Online, ארצות הברית משך הזמן: 20 אוק׳ 2022 → … |
סדרות פרסומים
שם | SOSR 2022 - Proceedings of the 2022 Symposium on SDN Research |
---|
כנס
כנס | 2002 ACM SIGCOMM Symposium on SDN Research, SOSR 2022 |
---|---|
מדינה/אזור | ארצות הברית |
עיר | Virtual, Online |
תקופה | 20/10/22 → … |
הערה ביבליוגרפית
Publisher Copyright:© 2022 ACM.