Distributed flow detection over multi-path sessions

Eyal Felstaine, Eldad Chai, Niv Gilboa, Avi Elisha

Research output: Contribution to journalArticlepeer-review

Abstract

Recently, there has been great interest in performing flow inspection within devices in the network. Frequently, a session passing through the network is routed through several paths either due to network architecture or due to malicious intent. This paper presents a re-routing layer that enables, for the first time, multi-path flow inspection. At any point in time, each session is inspected by a single inspection device using existing single-path flow inspection algorithms. Session packets that arrive at other devices are forwarded to the designated device. Our scheme takes into account the history of packet arrival among all collaborating devices for optimized re-routing. We show that the proposed mechanism is highly efficient in terms of the storage and communication overhead imposed on the network due to packet re-routing. The per-packet computation overhead at the devices is shown to be minimal and in the order of O (1).

Original languageEnglish
Pages (from-to)816-827
Number of pages12
JournalComputer Communications
Volume33
Issue number7
DOIs
StatePublished - 3 May 2010

Keywords

  • Inspection
  • Intrusion Detection
  • Multi-path
  • Networks

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Distributed flow detection over multi-path sessions'. Together they form a unique fingerprint.

Cite this