Distributed flow detection over multi path sessions

Eyal Felstaine, Eldad Chai, Niv Gilboa, Avi Elisha

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

Recently, there has been a growing interest in performing flow inspection within devices in the core network. Frequently, a session passing through the core network is routed through several paths either due to network architecture or due to malicious intent. This paper present a re-routing layer that enables, for the first time, multi-path-flow inspection. At any point in time, each session is inspected by a single inspection device using existing single-path flow inspection algorithms. Session packets that arrive at other devices are forwarded to the designated device. Our scheme takes into account the packet arrival history among the collaborating devices for optimized re-routing. We show that the mechanism is highly efficient in terms of the storage and communications overhead imposed on the network due to packet re-routing. The per-packet computation overhead at the devices is shown to be minimal and in the order of O(1).

Original languageEnglish
Title of host publicationProceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08
DOIs
StatePublished - 1 Dec 2008
Event4th International Conference on Security and Privacy in Communication Networks, SecureComm'08 - Istanbul, Turkey
Duration: 22 Sep 200825 Sep 2008

Publication series

NameProceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08

Conference

Conference4th International Conference on Security and Privacy in Communication Networks, SecureComm'08
Country/TerritoryTurkey
CityIstanbul
Period22/09/0825/09/08

Keywords

  • Inspection
  • Intrusion detection
  • Multi-path
  • Networks
  • Performance

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Fingerprint

Dive into the research topics of 'Distributed flow detection over multi path sessions'. Together they form a unique fingerprint.

Cite this