GCASR 2016‎ > ‎Presentations‎ > ‎

Application-Oriented Network Traffic Analysis based on GPUs

Application-Oriented Network Traffic Analysis based on GPUs

Wenji Wu (Fermilab)

Large-scale science typically involves global collaborations running long-lived experiments on highly complex, very expensive scientific instruments. High performance network services have become an essential element for success within these collaborations, not just for collaborative communication, but also for distributed processing, storage, and/or analysis of experiment data. The sheer volume of this data movement often necessitates physically separate or logically-partitioned quasi-static network infrastructure allocated specifically for the experiment. The emergence of Software-Defined Networking (SDN) technologies now provides a new tool for logical isolation of large-scale science data flows, on a dynamic level. Conceptually, SDN enables customization of forwarding through network infrastructure on a per-flow basis. With SDN, high impact science data flows can be allocated a “slice” of the network infrastructure. However, having the capability to partition the network into customized “slices” is not the same thing as having a structured process to actually do it in an efficient, well-managed way. Currently, the traditional ways to use SDN to accommodate specific traffic flows are via manual reconfiguration, and adapting data transfer applications to do it. There are limitations/challenges in either approach.

We believe the network needs an application-awareness capability as well. With such a capability, traffic identified as “special” by the network could be provided with a custom network “slice” without manual intervention or modification to applications. To facilitate this capability, we are currently developing a network traffic analysis tool, Application-Oriented Network Traffic Analysis based on GPUs, to identify specific types of network traffic in real-time. We make use of GPU technology to parallelize the processing and analysis of the network traffic. The traffic analysis uses basic five-tuple packet header information, as well as key traffic flow characteristics, to develop the traffic pattern signatures necessary for classification and/or identification. Because per-packet analysis is particularly effective for detailed traffic characterization studies, our analysis tool uses mirrored packet data from routers and switches.

Our GPU-based network traffic analysis tool runs in user mode on a dedicated system, to take advantage of the friendly GPU programming framework (e.g., CUDA). It consists of four logical entities:

o Traffic Capture - captures network traffic and moves it from wire to the CPU domain. Traffic capture aims to capture packets without loss, even at high packet rates.

o Preprocessing - processes the captured network traffic and copies the packets from the CPU domain to the GPU domain.

o Monitoring & Analysis - performs network traffic pattern identification with GPUs. 

o Traffic Pattern Output - network traffic patterns are outputted to SDN controller(s), which could then dynamically reconfigure SDN-enabled routers/switches. 

The current state of our project is a functional prototype with 10GE NICs, using our WireCAP technology for packet capture, and a complete set of GPU libraries for traffic pattern identification. We anticipate supporting 40GE NICs very shortly. Our project is funded by the Fermilab Laboratory-Directed Research & Development (LDRD) program, an internal funding program for R&D activities at the Laboratory.

Dr. Wenji Wu is a Principal Network Research Investigator at Core Computing Division, Fermilab, where he has worked on high-speed networking, and bulk data transfer. His research focus is to utilize multicore and manycore to address performance challenges in high-speed networks. Dr. Wu is now responsible for two DOE network research projects, the MDTM project (http://mdtm.fnal.gov) and the BigData Express project (http://bigdataexpress.fnal.gov). He is also working on the WireCAP project (http://wirecap.fnal.gov). Dr. Wu earned his PhD in computer engineering from University of Arizona.