Software-defined networking (SDN) separates the network control plane from the packet forwarding plane, which provides comprehensive network-state visibility for better network management and resilience. Traffic classification, particularly for elephant flow detection, can lead to improved flow control and resource provisioning in SDN networks. Existing elephant flow detection techniques use pre-set thresholds that cannot scale with the changes in the traffic concept and distribution. This paper proposes a flow-aware elephant flow detection applied to SDN. The proposed technique employs two classifiers, each respectively on SDN switches and controller, to achieve accurate elephant flow detection efficiently. Moreover, this technique allows sharing the elephant flow classification tasks between the controller and switches. Hence, most mice flows can be filtered in the switches, thus avoiding the need to send large numbers of classification requests and signaling messages to the controller. Experimental findings reveal that the proposed technique outperforms contemporary methods in terms of the running time, accuracy, F-measure, and recall. INDEX TERMS Software-defined networking, flow classification, elephant flow detection.
This paper proposes a distributed layer-3 e-mail classification for spam control. E-mail packets are inferred in transit and tagged with an intra-packet spam score to indicate whether the packet forms a legitimate or spam e-mail. During e-mail packet reassembly, tags for an e-mail are aggregated to give an inter-packet spam score. The naïve Bayes inference technique is used to evaluate the performance of the proposed approach compared to the full e-mail classification approach. Our simulation results show that the proposed approach exhibits a comparable spam precision (and confidence) to the full e-mail classification approach. Spam recall increases from 63% to 85% depending to the maximum transmission unit size, approaching the 87% of the full e-mail classification. For 67% spam-to-legitimate ratio, we obtain reduction of end servers's workload by 42% to 57% (across all maximum transmission unit sizes tested) of the total e-mail traffic. Thus, the proposed approach can complement existing anti-spam systems by pre-processing e-mail packets on upstream nodes. Layer-3 e-mail processing requires reduced processing complexity as compared to layer-7 processing and is viable for high throughput hardware-based implementations.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.