Abstract | ||
---|---|---|
The growing needs of network security and contentaware networking increasingly introduce content processing into the network devices as opposed to the network endpoints. The component of a network device responsible for content inspection is called Content Inspection Engine (CIE). As other components of a network device, the CIE needs to operate at wire-speed, posing a need to look for an appropriate speed-evaluation criterion for CIEs. For processes with constant or at most well-bounded per-packet analyzes (e.g., routing, multi-field packet classification), and processes with flat per-byte processing time (e.g., checksum calculation, encryption/decryption), operation speed is traditionally evaluated in terms of the number of packets or bits processed per second. Such metrics cannot be used for processes in which the processing time of a packet varies widely, depending on its content. We propose to define worst-case throughput as a criterion for evaluating the wire-speed processing capabilities of CIEs. We argue that one may build simple model of a CIE, whether hardware or software based, in the form of a directed graph with edges annotated by the length and processing time of the segments of input data. It is then possible to transform the problem of finding the worst-case throughput of a CIE to the minimum cost to time ratio problem, for which many efficient algorithms exist. |
Year | DOI | Venue |
---|---|---|
2006 | 10.1109/ICNICONSMCL.2006.8 | ICN/ICONS/MCL |
Keywords | Field | DocType |
time ratio problem,flat per-byte processing time,contentaware network,processing time,network endpoint,worst-case throughput,network device,speed evaluation,wire-speed processing capability,network security,content processing,content inspection engines,computer security,routing,process capability,throughput,directed graph,inspection,payloads,engines,computer networks | Deep content inspection,Checksum,Computer science,Network security,Networking hardware,Network packet,Directed graph,Computer network,Encryption,Throughput,Distributed computing | Conference |
ISBN | Citations | PageRank |
0-7695-2552-0 | 1 | 0.39 |
References | Authors | |
8 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Mohammadreza Yazdani | 1 | 5 | 1.49 |
Wojciech Fraczak | 2 | 104 | 11.66 |
Feliks J. Welfeld | 3 | 4 | 1.13 |
Ioannis Lambadaris | 4 | 502 | 78.37 |