CLEF: Limiting the damage caused by large flows in the internet core

Hao Wu, Hsu Chun Hsiao, Daniele E. Asoni, Simon Scherrer, Adrian Perrig, Yih Chun Hu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The detection of network flows that send excessive amounts of traffic is of increasing importance to enforce QoS and to counter DDoS attacks. Large-flow detection has been previously explored, but the proposed approaches can be used on high-capacity core routers only at the cost of significantly reduced accuracy, due to their otherwise too high memory and processing overhead. We propose CLEF, a new large-flow detection scheme with low memory requirements, which maintains high accuracy under the strict conditions of high-capacity core routers. We compare our scheme with previous proposals through extensive theoretical analysis, and with an evaluation based on worst-case-scenario attack traffic. We show that CLEF outperforms previously proposed systems in settings with limited memory.

Original languageEnglish (US)
Title of host publicationCryptology and Network Security - 17th International Conference, CANS 2018, Proceedings
EditorsPanos Papadimitratos, Jan Camenisch
PublisherSpringer
Pages89-108
Number of pages20
ISBN (Print)9783030004330
DOIs
StatePublished - 2018
Event17th International Conference on Cryptology and Network Security, CANS 2018 - Naples, Italy
Duration: Sep 30 2018Oct 3 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11124 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other17th International Conference on Cryptology and Network Security, CANS 2018
Country/TerritoryItaly
CityNaples
Period9/30/1810/3/18

Keywords

  • Damage metric
  • Large-flow detection
  • Memory and computation efficiency

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'CLEF: Limiting the damage caused by large flows in the internet core'. Together they form a unique fingerprint.

Cite this