Research Article
Distributed Flow Detection over Multi Path Sessions
@INPROCEEDINGS{10.1145/1460877.1460881, author={Eyal Felstaine and Eldad Chai and Avi Elisha and Niv Gilboa}, title={Distributed Flow Detection over Multi Path Sessions}, proceedings={4th International ICST Conference on Security and Privacy in Communication Networks}, publisher={ACM}, proceedings_a={SECURECOMM}, year={2008}, month={9}, keywords={Networks Inspection Multi-Path Intrusion Detection Per- formance}, doi={10.1145/1460877.1460881} }- Eyal Felstaine
Eldad Chai
Avi Elisha
Niv Gilboa
Year: 2008
Distributed Flow Detection over Multi Path Sessions
SECURECOMM
ACM
DOI: 10.1145/1460877.1460881
Abstract
Recently, there has been a growing interest in performing flow inspection within devices in the core network. Frequently, a session passing through the core network is routed through several paths either due to network architecture or due to malicious intent. This paper present a re-routing layer that enables, for the first time, multi-path-flow inspection. At any point in time, each session is inspected by a single inspection device using existing single-path flow inspection algorithms. Session packets that arrive at other devices are forwarded to the designated device. Our scheme takes into account the packet arrival history among the collaborating devices for optimized re-routing. We show that the mechanism is highly effcient in terms of the storage and communications overhead imposed on the network due to packet re-routing. The per-packet computation overhead at the devices is shown to be minimal and in the order of O(1).