Abstract
Cloud operators require timely identification of Heavy Hitters (HH) and Hierarchical Heavy Hitters (HHH) for applications such as load balancing, traffic engineering, and attack mitigation. However, existing techniques are slow in detecting new heavy hitters. In this paper, we present the case for identifying heavy hitters through sliding windows. Sliding windows are quicker and more accurate to detect new heavy hitters than current interval-based methods, but to date had no practical algorithms. Accordingly, we introduce, design, and analyze the Memento family of sliding window algorithms for the HH and HHH problems in the single-device and network-wide settings. We use extensive evaluations to show that our single-device solutions are orders of magnitude faster than existing sliding window techniques and comparable in speed to state-of-the-art non-windowed sampling based technique. Furthermore, we exemplify our network-wide HHH detection capabilities on a realistic testbed. To that end, we implemented Memento as an open-source extension to the popular HAProxy cloud load-balancer. In our evaluations, using an HTTP flood by 50 subnets, our network-wide approach detected the new subnets faster and reduced the number of undetected flood requests by up to $37\times $ compared to the alternatives.
Original language | English |
---|---|
Pages (from-to) | 1440-1453 |
Number of pages | 14 |
Journal | IEEE/ACM Transactions on Networking |
Volume | 30 |
Issue number | 4 |
DOIs | |
State | Published - 1 Aug 2022 |
Externally published | Yes |
Bibliographical note
Publisher Copyright:© 1993-2012 IEEE.
Funding
This work was supported in part by the Israel Science Foundation under Grant 1119/19, in part by the Hasso Plattner Institute Research School, in part by the Technion Hiroshi Fujiwara Cyber Security Research Center, in part by the Israel Cyber Bureau, and in part by the Cyber Security Research Center at Ben-Gurion University
Funders | Funder number |
---|---|
Hasso Plattner Institute Research School | |
Israel Cyber Bureau | |
Israel Science Foundation | 1119/19 |
Ben-Gurion University of the Negev | |
Technion Hiroshi Fujiwara Cyber Security Research Center |
Keywords
- Communication technology
- communication systems
- computer networks
- internet