Conference Agenda

Session
Session 4: HW Design for Communication Networks
Time:
Friday, 26/Apr/2019:
9:00am - 10:30am

Session Chair: Dominik Macko, Faculty of Informatics and Information Technologies, Slovak University of Technology in Bratislava
Location: Doubletree by Hilton City Plaza

Presentations

Modular Data Link Layer Processing for THz Communication

Lukasz Lopacinski1, Mohamed Hussein Eissa1, Goran Panic1, Alireza Hasani1,2, Rolf Kraemer1,2

1IHP – Leibniz-Institut für innovative Mikroelektronik, Germany; 2Brandenburgische Technische Universität Cottbus - Senftenberg

In this paper, we demonstrate a modular baseband and modular data link layer processors for wireless communication, which has been designed for a 200 GHz frontend. Although the individual system elements are well known, we combine the performance of parallel baseband and data link layer cores to cover a larger bandwidth. We combine three cores and achieve a single 1.5 GHz channel (3×500 MHz). This paper is focused on the digital elements of the demonstrator, especially on the data link layer aspects and field-programmable gate array (FPGA) processing.



Hash-based Pattern Matching for High Speed Networks

Tomáš Fukač, Jan Kořenek

Faculty of Information Technology Brno University of Technology, Czech Republic

Regular expression matching is a complex task which is widely used in network security monitoring applications. With the growing speed of network links and the number of regular expressions, pattern matching architectures have to be improved to retain wire-speed processing. Multi-striding is a well-known technique to increase processing speed but it requires a lot of FPGA resources. Therefore, we focus on the design of new hardware architecture for fast pre-filtering of network traffic. The proposed pre-filter performs fast hash-based matching of short strings, which are specific for matched regular expressions. As the proposed pre-filter significantly reduces input traffic, exact pattern matching can operate on significantly lower speeds. Than exact pattern match can be done by CPU or by a slow automaton with a few hardware resources.. The paper provides analyses false-positive detection of the pre-filter with respect to the length of matching strings. The number of false-positives are low, even if the length of selected strings is short.

Therefore input traffic can be significantly reduced. For 100 Gb links, the pre-filter reduced the input data to 1.83 Gbps using four-symbol strings.



Acceleration of Feature Extraction for Real-Time Analysis of Encrypted Network Traffic

Roman Vrána, Jan Kořenek, David Novák

Faculty of Information Technology, Brno University of Technology, Czech Republic

With the growing amount of encrypted network traffic, it is important to have tools for analysis and classification of encrypted network data. Encrypted network traffic is usually analysed by statistical methods, because Deep Packet Inspection or pattern matching is not applicable. However, the statistical methods are usually designed to work offline on already captured network traffic. For real-time analysis, hardware acceleration is needed to achieve wire-speed 10 Gbps throughput. Therefore, we focus on real-time monitoring of encrypted network traffic and propose new acceleration method to extract features from encrypted network data. Approximate computing is used to speed up computation of entropy for the input data stream and to reduce FPGA logic utilization. As can be seen in the results, the precision of classification has decreased only by 0.1 to 0.2%. Moreover, proposed hardware architecture has very low FPGA logic utilization and can operate at high frequency.