Академический Документы
Профессиональный Документы
Культура Документы
AbstractPacket classification is the process of distributing packets into flows in an internet router. Router processes all packets which
belong to predefined rule sets in similar manner& classify them to decide upon what all services packet should receive. It plays an important role
in both edge and core routers to provideadvanced network service such as quality of service, firewalls and intrusion detection. These services
require the ability to categorize & isolate packet traffic in different flows for proper processing. Packet classification remains a classical
problem, even though lots of researcher working on the problem. Existing algorithms such asHyperCuts,boundary cutting and HiCuts have
achieved an efficient performance by representing rules in geometrical method in a classifier and searching for a geometric subspace to which
each inputpacket belongs. Some fixed interval-based cutting not relating to the actual space that eachrule covers is ineffective and results in a
huge storage requirement. However, the memoryconsumption of these algorithms remains quite high when high throughput is required.Hence in
this paper we are proposing a new efficient splitting criterion which is memory andtime efficient as compared to other mentioned techniques.
Our proposed approach known as (ABC) Adaptive Binary Cuttingproducesa set of different-sized cuts at each decision step, with the goal to
balance the distribution offilters and to reduce the filter duplication effect. The proposed algorithmuses stronger andmore straightforward criteria
for decision treeconstruction. Experimental results will showthe effectiveness of proposed algorithm as compared to existing algorithm using
differentparameters such as time & memory. In this paper, no symmetrical size cut at each decision node, with aim to make a distribution of
filters balanced and also to reduce redundancy in filter.
Keywords HiCuts, HyperCuts, Boundary Cutting, Adaptive Binary Cutting, access control, firewalls, intrusion detection, policy based routing
and traffic engineering.
__________________________________________________*****_________________________________________________
171
IJRITCC | July 2016, Available @ http://www.ijritcc.org
_______________________________________________________________________________________
International Journal on Recent and Innovation Trends in Computing and Communication ISSN: 2321-8169
Volume: 4 Issue: 7 169 - 173
____________________________________________________________________________________________________________________
S={P,R, DT, Sr, CP} B. Result Analysis
Where, 1) Time complexity Graph:
S= System
P = Packet
DT = Decision tree
Sr = Searching
Input: A rule set R = {r1, r2,...,rn}
Where r1, r2are the rules which we used for packet
classification.
2-D plane shows the areas that each rule covers in aprefix
plane for a given 2-D example rule set. As given, arule
with(i,j) lengths in F1andF2 fields covers the area of 2W-i * 2W-
j
, whereW is the maximum length of the field(W is 32 in IPv4).
Processes:
1. DT={R, F,binth} As shown in the above time complexity graph, x-axis
Where, represents the different methods for time calculation and y-
DT is decision tree set which contains following parameter. axis represents the time in milliseconds. Boundary cutting is
R is the rule set which we are going to use for building the existing method which takes 130 milliseconds where ABC
decision tree. algorithm takes only 30 milliseconds. Hence it proves that
F is the field set which contains f1, f2,...,fd fields. ABC is more time efficient.
Binth is the threshold value
If No of rules matching >binth for particular field 2) Memory Efficiency Graph
Then apply cut
Else
Current node = leaf node.
2. Sr = {P, F, R}
Where Sr is the searching set which contains,
P = {Source
ip,Destination_ip,source_port,Dest_port,protocol}
Where, P is the packet which contains source ip address,
destination ip address, source port no and destination port no.
F is the field set which contains all header fields.
R is rule set.
Packet Pmatches rule Rk, for k= 1,, N, if all the headerfields
Fd, for d= 1,,D, of the packet match the correspondingfields
in Rk, whereN is the number of rules andDis the number of
fields.
Output: CP = {P, R} As shown in the above graph, x-axis represents the different
Where, methods for memory consumption calculation and y-axis
CP is the classified set. represents the memory. Boundary cutting is the existing
Here P is the packet which is classified for the particular rule method which takes 32.5 where ABC which is our proposed
set R. algorithm takes only 16 which in turn show that ABC is more
This result is based on the searching result for matching rule. efficient and takes less energy for packet classification.
172
IJRITCC | July 2016, Available @ http://www.ijritcc.org
_______________________________________________________________________________________
International Journal on Recent and Innovation Trends in Computing and Communication ISSN: 2321-8169
Volume: 4 Issue: 7 169 - 173
____________________________________________________________________________________________________________________
ACKNOWLEDGMENT [10] P. Gupta and N. Mckeown, Algorithms for packet
classification, IEEE Netw., vol. 15, no. 2, pp. 2432,
I express many thanks to Prof. Ganesh Bandal for his great Mar.Apr. 2001.
effort of supervising and leading me, to accomplish thisfine [11] B. Vamanan, G. Voskuilen, and T. N. Vijaykumar,
work. Also to college and department staff, they were agreat EffiCuts: Optimizing packet classification for memory and
source of support and encouragement. To my friends throughput, in Proc.ACM SIGCOMM, 2010, pp. 207218.
[12] H. Song, M. Kodialam, F. Hao, and T. V. Lakshman,
andfamily, for their warm, kind encouragement and love. To Efficient trie braiding in scalable virtual routers,
everyperson gave us something too light my pathway, I thanks IEEE/ACM Trans. Netw., vol. 20, no. 5, pp. 14891500,
forBELIEVING IN ME. Oct. 2012.
[13] J. Treurniet, A network activity classification schema and
REFERENCES its application to scan detection, IEEE/ACM Trans. Netw.,
[1] Nara Lee, GeumdanJin, Jungwon Lee, Youngju Choi and vol. 19, no. 5, pp. 13961404, Oct. 2011.
ChanghoonYim, Boundary Cutting for Packet [14] L. Choi, H. Kim, S. Ki, and M. H. Kim, Scalable packet
Classification, IEEE/ACM TRANSACTIONS ON classification through rule base partitioning using the
NETWORKING,vol. 22, no. 2,April.2014 maximum entropy hashing, IEEE/ACM Trans. Netw., vol.
[2] A. X. Liu, C.R.Meiners, andE.Torng, TCAMrazor: A 17, no. 6, pp. 19261935, Dec. 2009.
systematic approach towards minimizing packet classifiers [15] P. Tsuchiya. A search algorithm for table entries with non-
in TCAMs, IEEE/ACM Trans. Netw., vol. 18, no. 2, pp. contiguous wildcarding, unpublished report, Bellcore.
490500, Apr. 2010. [16] Florin Baboescu and George, Scalable packet
[3] C. R. Meiners, A. X. Liu, and E. Torng, Topological classification, IEEE ACM transactions on networking, Vol
transformation approaches to TCAM-based packet 13, No 1, February 2005, pp 2-14
classification, IEEE/ACM Trans. Netw., vol. 19, no. 1, pp. [17] Pankaj Gupta and Nick McKeown, Algorithms for packet
237250, Feb. 2011. classification, pp 1- 29.
[4] F. Yu and T. V. Lakshnam, Efficient multimatch packet [18] Hyesook Lim, Nara Lee, GeumdanJin, Jungwon Lee,
classification and lookup with TCAM, IEEE Micro, vol. Youngju Choi and ChanghoonYim, Boundry cutting for
25, no. 1, pp. 5059, Jan. Feb. 2005. packet classification, IEEE/ACM transactions on
[5] F. Yu, T. V. Lakshman, M. A. Motoyama, and R. H. Katz, networking, vol.. 22, no. 2, April 2014.
Efficient multimatch packet classification for network [19] BalajeeVamanan*, Gwendolyn Voskuilen* and T. N.
security applications, IEEE J. Sel. Areas Commun., vol. Vijaykumar, EffiCuts: Optimizing Packet Classification
24, no. 10, pp. 18051816, Oct. 2006. for Memory and Throughput, SIGCOMM 2010, August
[6] H. Yu and R. Mahapatra, A memory-efficient hashing by 30-September 3, 2010.
multi-predicate bloom filters for packet classification, in [20] Yaxuan Qi, Lianghong Xu and Baohua Yang and YiboXue
Proc. IEEE INFOCOM, 2008, pp. 24672475. and Jun Li, Packet Classification Algorithms: From
[7] H. Song and J. W. Lockwood, Efficient packet Theory to Practice, IEEE INFOCOM 2009.
classification for network intrusion detection using FPGA, [21] Ammar YahyaDaeef Al-Nejadiand Nasir Shaikh- Husin,
in Proc. ACM SIGDA FPGA,2005, pp. 238245. Survey on Multi Field Packet Classification Techniques,
[8] P. Gupta and N. Mckeown, Classification using Research Journal of Recent Sciences ISSN 2277-2502Vol.
hierarchical intelligent cuttings, IEEE Micro, vol. 20, no. 4(2), 98-106, February (2015).
1, pp. 3441, Jan.Feb. 2000. [22] http://www.arl.wustl.edu/~hs1/PClassEval.html.
[9] S. Singh, F. Baboescu, G. Varghese, and J. Wang, Packet
classification using multidimensional cutting, in Proc.
SIGCOMM, 2003, pp. 213224.
173
IJRITCC | July 2016, Available @ http://www.ijritcc.org
_______________________________________________________________________________________