Seminar - Efficient Network Packet Classification in Software and Hardware
Speaker: Prof. Dr. Björn Scheuermann
Time: Monday 4th February 2019 at 11:00 AM - 12:00 PM
Location: Cotton Club, Cotton 350
High-performance network firewalls are faced with the challenge to process network packets at very high rates, and to check each packet against a potentially large number of decision rules. In this talk, we consider stateless packet filtering and look at both software-based and hardware-based approaches to speed up firewalls. First, we show how transformations of a rule set can lead to drastically faster decisions in existing software firewall engines, without changing the semantics of the rule set, and without any modifications to the firewall software. Subsequently, we turn towards FPGA-based packet processing. We show how on-demand auto-generated circuits, tailored to the specific firewall rule set, can be used to process network packets at very high rates.
Björn Scheuermann is Professor of Computer Engineering at Humboldt University of Berlin, Germany, and a research director at the Humboldt Institute for Internet and Society (HIIG). He holds a B.Sc. in Mathematics and Computer Science, a Diploma degree (German M.Sc. equivalent) and a PhD in Computer Science. After professorships at the universities of Düsseldorf, Würzburg and Bonn he joined Humboldt University in October 2012. The focus of his scientific work is on performance, design, and security aspects of computer networks.