Grouper: A Packet Classification Algorithm Allowing Time-Space Tradeoffs

Author

Joshua Adam Kuhn, University of South FloridaFollow

Graduation Year

2011

Document Type

Thesis

Degree

M.S.C.S.

Degree Granting Department

Engineering Computer Science

Major Professor

Jay Ligatti, Ph.D.

Committee Member

Adriana Iamnitchi, Ph.D.

Committee Member

Ken Christensen, Ph.D.

Keywords

: Network Algorithms, Security, Network Security, Computer Networks, Algorithms

Abstract

This thesis presents an algorithm for classifying packets according to arbitrary (including noncontiguous) bitmask rules. As its principal novelty, the algorithm is parameterized by the amount of memory available and can customize its data structures to optimize classification time without exceeding the given memory bound. The algorithm thus automatically trades time for space efficiency as needed. The two extremes of this time-space tradeoff (linear search through the rules versus a single table that maps every possible packet to its class number) are special cases of the general algorithm we present. Additional features of the algorithm include its simplicity, its open-source prototype implementation, its good performance even with worstcase rule sets, and its extendability to handle range rules and dynamic updates to rule sets. The contributions of this thesis first appeared in [1].

Scholar Commons Citation

Kuhn, Joshua Adam, "Grouper: A Packet Classification Algorithm Allowing Time-Space Tradeoffs" (2011). USF Tampa Graduate Theses and Dissertations.
https://digitalcommons.usf.edu/etd/3192