CLEF: Limiting the Damage Caused by Large Flows in the Internet Core (Technical Report)
Hao Wu, Hsu-Chun Hsiao, Daniele E. Asoni, Simon Scherrer, Adrian, Perrig, Yih-Chun Hu
TL;DR
CLEF is a new large-flow detection scheme designed for high-capacity core routers that achieves high accuracy with low memory, outperforming previous methods especially under limited memory conditions.
Contribution
CLEF introduces a novel large-flow detection approach optimized for core routers with strict memory constraints, maintaining high accuracy and outperforming prior schemes.
Findings
CLEF outperforms previous systems in limited-memory scenarios.
Theoretical analysis confirms CLEF's efficiency and accuracy.
Evaluation shows robustness against worst-case attack traffic.
Abstract
The detection of network flows that send excessive amounts of traffic is of increasing importance to enforce QoS and to counter DDoS attacks. Large-flow detection has been previously explored, but the proposed approaches can be used on high-capacity core routers only at the cost of significantly reduced accuracy, due to their otherwise too high memory and processing overhead. We propose CLEF, a new large-flow detection scheme with low memory requirements, which maintains high accuracy under the strict conditions of high-capacity core routers. We compare our scheme with previous proposals through extensive theoretical analysis, and with an evaluation based on worst-case-scenario attack traffic. We show that CLEF outperforms previously proposed systems in settings with limited memory.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Internet Traffic Analysis and Secure E-voting · Network Packet Processing and Optimization