Realtime Capture of High-Speed Traffic on Multi-Core Platform
-
摘要: 随着互联网上应用的丰富和网络带宽的增长,带来的安全问题也与日剧增,除了传统的垃圾邮件、病毒传播、DDoS攻击外,还出现了新型的隐蔽性强的攻击方式.网络探针工具是一种部署在局域网出口处的旁路设备,能够收集当前进出网关的全部流量并进行分析,而网络探针工具中最重要的模块就是数据包的捕获.传统的Linux网络协议栈在捕获数据包时有诸多性能瓶颈,无法满足高速网络环境的要求.介绍了基于零拷贝、多核并行化等技术的多种新型的数据包捕获引擎,并基于Intel DPDK平台设计并实现了一个可扩展的数据包捕获系统,它能够利用接收端扩展(receiver-side scaling, RSS)技术实现多核并行化的数据包捕获、模块化的上层处理流程.除此之外,还讨论了更有效、更公平的将数据包分发到不同的接收队列所应使用的Hash函数.经过初步的实验验证,该系统能够实现接近线速的收包并且多个CPU核心间实现负载均衡.Abstract: With the development of Internet application and the increase of network bandwidth, security issues become increasingly serious. In addition to the spread of the virus, spams and DDoS attacks, there have been lots of strongly hidden attack methods. Network probe tools which are deployed as a bypass device at the gateway of the intranet, can collect all the traffic of the current network and analyze them. The most important module of the network probe is packet capture. In Linux network protocol stack, there are many performance bottlenecks in the procedure of packets processing which cannot meet the demand of high speed network environment. In this paper, we introduce several new packet capture engines based on zero-copy and multi-core technology. Further, we design and implement a scalable high performance packet capture framework based on Intel DPDK, which uses RSS (receiver-side scaling) to make packet capture parallelization and customize the packet processing. Additionally, this paper also discusses more effective and fair Hash function by which data packet can be deliveried to different receiving queues. In evaluation, we can see that the system can capture and process the packets in nearly line-speed and balance the load between CPU cores.
-
Keywords:
- packet capture /
- receiver-side scaling (RSS) /
- multi-core /
- DPDK platform /
- Hash function
-
-
期刊类型引用(12)
1. 武家辉,李科研,陈丽新,张家诺,刘帅兵,逯鹏. 神经架构搜索技术研究综述. 计算机应用研究. 2025(01): 11-18 . 
百度学术
2. 刘倩男,闫佳,刘诚. 基于改进MobileNetV3的岩石薄片分类研究. 电脑知识与技术. 2025(07): 26-28 . 百度学术
3. 吴艳灵,汤宝平,邓蕾,付豪. 低通筛选优化神经架构搜索的风电齿轮箱边缘侧故障诊断方法. 机械工程学报. 2025(07): 361-372 . 百度学术
4. 宋玉红,沙行勉,诸葛晴凤,许瑞,王寒. RR-SC:边缘设备中基于随机计算神经网络的运行时可重配置框架. 计算机研究与发展. 2024(04): 840-855 . 本站查看
5. 蒋鹏程,薛羽. 基于排序得分预测的演化神经架构搜索方法. 计算机学报. 2024(11): 2522-2535 . 百度学术
6. 刘威,郭直清,王东,刘光伟,姜丰,牛英杰,马灵潇. 改进鲸鱼算法及其在浅层神经网络搜索中的权值阈值优化. 控制与决策. 2023(04): 1144-1152 . 百度学术
7. 鞠翰文,邓扬,李爱群. 桥梁结构挠度-温度-车辆荷载监测数据相关性模型. 振动与冲击. 2023(06): 79-89 . 百度学术
8. 丁熠,郑伟,耿技,邱泸谊,秦志光. 基于多层级并行神经网络的多模态脑肿瘤图像分割框架. 中国图象图形学报. 2023(07): 2182-2194 . 百度学术
9. 王上,唐欢容. 一种基于混合粒子群优化算法的深度卷积神经网络架构搜索方法. 计算机应用研究. 2023(07): 2019-2024 . 百度学术
10. 朱光辉,祁加豪,朱振南,袁春风,黄宜华. 渐进式深度集成架构搜索算法研究. 计算机学报. 2023(10): 2041-2065 . 百度学术
11. 钟运琴,朱月琴,焦守涛. 边缘大数据分析预测建模方法研究. 高技术通讯. 2022(10): 1067-1075 . 百度学术
12. 包振山,秘博闻,张文博. 基于人工经验网络架构为初始化的NAS算法. 北京工业大学学报. 2021(08): 854-862 . 百度学术
其他类型引用(51)
计量
- 文章访问数: 1357
- HTML全文浏览量: 6
- PDF下载量: 1040
- 被引次数: 63
下载:
