We’d like to solve the problems that limit the performance and
scalability of Deep Packet Inspection (DPI). DPI plays an important
role in a wide range of applications such as traffic monitoring,
message proxying, and intrusion detection. However, the increasing
line rates and computation complexity make DPI a challenging
task. Traditionally DPI is performed with a centralized processor
after packets are brought into the system through network interfaces.
This approach has a number of problems that limit the overall
performance: 1) waste of PCI bandwidth: complete packets (including
both header and payload) are received through the already-loaded PCI
bus whereas they should be examined as soon as possible; 2) network
protocol latency: a packet has to travel through the protocol stack to
the application level, which imposes high latency on the critical path
of the packet; and 3) the main processor can be easily overloaded due
to the complexity of pattern matching algorithms and the increasing
line rate. We plan to address the problems by exploiting the
distributed computation resources on IXP based network interfaces and
aggregate the inspection results on an EIA processor based appliance.
- Yan Luo
- Piti Piyachon (PhD)
- Sourav Maity (MS)