2FA Sketch: Two-Factor Armor Sketch for Accurate and Efficient Heavy Hitter Detection in Data Streams

TL;DR

The paper presents the 2FA Sketch, a new data structure that significantly improves the accuracy and efficiency of heavy hitter detection in data streams by enhancing existing sketch-based methods.

Contribution

It introduces the 2FA Sketch with dual-layer protection and optimized voting strategies, advancing heavy hitter detection techniques in high-throughput data streams.

Findings

Reduces error rates by up to 19.7 times compared to Elastic Sketch.

Increases processing speed by approximately 3%.

Provides a theoretically optimal parameter and conflict indicator for improved detection.

Abstract

Detecting heavy hitters, which are flows exceeding a specified threshold, is crucial for network measurement, but it faces challenges due to increasing throughput and memory constraints. Existing sketch-based solutions, particularly those using Comparative Counter Voting, have limitations in efficiently identifying heavy hitters. This paper introduces the Two-Factor Armor (2FA) Sketch, a novel data structure designed to enhance heavy hitter detection in data streams. 2FA Sketch implements dual-layer protection through an improved $\mathtt{Arbitration}$ strategy for in-bucket competition and a cross-bucket conflict $\mathtt{Avoidance}$ hashing scheme. By theoretically deriving an optimal $\lambda$ parameter and redesigning $vote^+_{new}$ as a conflict indicator, it optimizes the Comparative Counter Voting strategy. Experimental results show that 2FA Sketch outperforms the standard Elastic Sketch, reducing error rates by 2.5 to 19.7 times and increasing processing speed by 1.03 times.