• PDF / 1,425,510 Bytes
• 12 Pages / 595.276 x 790.866 pts Page_size
• 86 Downloads / 262 Views

DOWNLOAD

REPORT

(0123456789().,-volV)(0123456789(). ,- volV)

S.I.: DATA FUSION IN THE ERA OF DATA SCIENCE

SwitchTree: in-network computing and traffic analyses with Random Forests Jong-Hyouk Lee1 • Kamal Singh2 Received: 1 July 2020 / Accepted: 10 October 2020  Springer-Verlag London Ltd., part of Springer Nature 2020

Abstract The success of machine learning in different domains is also finding applications in networking. However, this may need real-time analyses of network data which is challenging. The challenge is caused by the big data size and the need for bandwidth to transfer network data to a central location hosting the analyses server. In order to address that challenge, the in-network computing paradigm is gaining popularity with the advances in programmable data plane solutions. In this paper, we perform in-network analysis of the network data by exploiting the power of programmable data plane. We propose SwitchTree which embeds Random Forest algorithm inside a programmable switch such that the Random Forest is configurable and re-configurable at runtime. We show how some flow level stateful features can be estimated, such as the round-trip time and bitrate of each flow. We evaluate the performance of SwitchTree using system level experiments and network traces. Results show that SwitchTree is able to detect network attacks at line speed with high accuracy. Keywords In-network computing  Network traffic analyses  Programmable data plane  P4  Random Forests  Detection of attacks

1 Introduction Demands of analysing network traffic in order to detect anomalies and security attacks are ever-growing. For example, for network management, data centres and network service providers require to analyse lot of network traffic at very high speed. Their goals are to improve the performance of their network and detect problems in real time to be able to solve them. This topic of data analyses and anomaly detection takes us to the topic of machine learning. Recently, machine learning approaches have been successfully applied in several domains and have shown significant breakthroughs. & Kamal Singh [email protected] Jong-Hyouk Lee [email protected] 1

Department of Computer and Information Security & Convergence Engineering for Intelligent Drone, Sejong University, Seoul, Republic of Korea

2

Univ Lyon, UJM-Saint-Etienne, CNRS, Laboratory Hubert Curien UMR 5516, F-42023 Saint-Etienne, France

One advantage of machine learning is that it can deal with complicated problems. Therefore, it is intuitive to exploit machine learning to solve the problems in networking where we are faced with complex problems [22]. Exploiting machine learning for networks or making networks more intelligent has been made possible by some recent advances in the domain of networking. For example, there has been the arrival of virtualisation, which has brought flexibility enabling smarter solutions and techniques. There has also been the idea of decoupling control and data planes, which was pushed by Software Defined Networking (SDN

Recommend Documents

Random Forests with R

276 68 2MB

Random Forests

207 21 2MB

Random Forests

185 0 1012KB

Random Forests and Homogeneous Granulation

161 22 47MB

Introduction to Random Forests with R

218 103 2MB

Bagging Trees and Random Forests

179 12 6MB

Random Spanning Forests and Hyperbolic Symmetry

176 89 592KB

Fundamentals of Random and Traffic Processes

165 92 7MB

Oblique Random Forests on Residual Network Features

183 83 68MB

Software Fault Prediction Using Random Forests

186 90 27MB

Embedding Decision Trees and Random Forests in Constraint Programming

211 89 285KB

VARF: Verifying and Analyzing Robustness of Random Forests

187 10 12MB