CLEF: Limiting the damage caused by large flows in the internet core

Hao Wu, Hsu Chun Hsiao, Daniele E. Asoni, Simon Scherrer, Adrian Perrig, Yih Chun Hu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The detection of network flows that send excessive amounts of traffic is of increasing importance to enforce QoS and to counter DDoS attacks. Large-flow detection has been previously explored, but the proposed approaches can be used on high-capacity core routers only at the cost of significantly reduced accuracy, due to their otherwise too high memory and processing overhead. We propose CLEF, a new large-flow detection scheme with low memory requirements, which maintains high accuracy under the strict conditions of high-capacity core routers. We compare our scheme with previous proposals through extensive theoretical analysis, and with an evaluation based on worst-case-scenario attack traffic. We show that CLEF outperforms previously proposed systems in settings with limited memory.

Original languageEnglish (US)
Title of host publicationCryptology and Network Security - 17th International Conference, CANS 2018, Proceedings
EditorsPanos Papadimitratos, Jan Camenisch
PublisherSpringer-Verlag Berlin Heidelberg
Pages89-108
Number of pages20
ISBN (Print)9783030004330
DOIs
StatePublished - Jan 1 2018
Event17th International Conference on Cryptology and Network Security, CANS 2018 - Naples, Italy
Duration: Sep 30 2018Oct 3 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11124 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other17th International Conference on Cryptology and Network Security, CANS 2018
CountryItaly
CityNaples
Period9/30/1810/3/18

Keywords

  • Damage metric
  • Large-flow detection
  • Memory and computation efficiency

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'CLEF: Limiting the damage caused by large flows in the internet core'. Together they form a unique fingerprint.

  • Cite this

    Wu, H., Hsiao, H. C., Asoni, D. E., Scherrer, S., Perrig, A., & Hu, Y. C. (2018). CLEF: Limiting the damage caused by large flows in the internet core. In P. Papadimitratos, & J. Camenisch (Eds.), Cryptology and Network Security - 17th International Conference, CANS 2018, Proceedings (pp. 89-108). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11124 LNCS). Springer-Verlag Berlin Heidelberg. https://doi.org/10.1007/978-3-030-00434-7_5