The goal of this research area is to enhance support for packet payload inspection, processing and caching in network equipment, paving way for the future content and application aware networks that can provide unparalleled levels of performance and end-user experience, and enable application- and subscriber-specific data forwarding.
Overview
Modern networks are increasingly becoming content aware, either to
improve data delivery via classifying and controlling messages in
terms of content, application and individual subscribers, or to
improve network security via content-based monitoring and
filtering. Content aware networks require new levels of support in
network equipment in the form of the ability to store, comprehend,
and transform inter-application messages, using network-wide
policies. While realizing these features at current data rates is
challenging and is an important research topic in itself, it also
opens up new frontiers in the development of innovative
applications that leverage the network-wide support for caching and
processing content.
Description
Sub-areas of interest include, but are not limited to:
Protocol Classification and Description Languages
An integral component of content aware networks is a system that
can accurately classify and recognize traffic based on application
and protocol. This sub-area has the following key goals:
Investigate of novel techniques for flexible packet classification
at very high speed, focusing on the protocol description and
recognition components. Develop languages available to customers
for protocol description and packet classification, with focus on
customer-facing languages that provide easier customization and
greater flexibility to adapt to new protocols and applications.
Address trade-offs among flexibility, speed, and cost related to
protocol description languages for high-speed packet classification
used by engineers to create stronger integration of applications
with network devices. Compare of "stateful" and "stateless"
techniques, "signature-based" and "behavioral" strategies for
in-depth (L7) packet analysis.
High Performance Pattern Matching and Flexible Structured Query
Mechanisms
At the heart of content aware network equipment is a fast pattern
matching engine that can parse packet payloads and recognize
predefined sets of patterns. This sub-are focuses on high
performance pattern matching, and has the following key goals:
Develop high performance architectures, algorithms and
implementations of pattern matching (exact match, regular
expressions, etc), data mining, and content inspection subsystems
involving critical tradeoffs and issues, such as memory size,
bandwidth, parsing performance, cost, power, etc.
Develop new
applications that can be enabled with content inspection;
specifically those that require characterization of network data
flows by parsing and analyzing payload contents, and recognizing
patterns of interest in network messages.
Popular intrusion and anomaly detection systems utilize content
signatures to describe security threats such as worm outbreaks and
propagation of spam. Implementation of these content systems at
high speed is challenging; this sub-area focuses on the following
goals:
Investigate trade-offs involved in signature based traffic
filtering and intrusion detection such as detection accuracy versus
false-positives, and cost versus performance. Extend current
exact-match string and regular expression based signatures to
enable more robust and reliable detection such as using inexact
patterns, or allowing use of non-regular languages.
Develop
algorithms and methods for automatic detection of security threats.
Detection of intrusion and misuse by monitoring network-wide
traffic, identifying anomalous behavior, and automatically
deploying corresponding signatures.
Network-wide Support for Content Caching, and Processing
It is now economically and technologically feasible for network
devices to store large amounts of data. Intelligent and targeted
caching of traffic at selected nodes of the network can help
engineer traffic by reducing load and avoiding hot spots, cut
end-to-end latency, and enhance the end-user experience. This
sub-area concentrates on the following goals:
Investigate
network-wide support for intelligent content storage, and
applications that can benefit from such capability, such as usage-
and location-based content caching and buffering, distribution of
real-time streams like video, and network traffic compression.
Explore architectures and algorithms for implementation of high
performance network-wide content caching and processing capability.
Create methods to provide a unified view and set of tools to
applications and users to leverage this capability.
Other Content Aware Networks Topics
Other Content Aware Networks topics of interest include:
Algorithms to handle and classify encrypted data.
Architecture
for anonymous distribution of contents.
Content aware network
coding.
Control protocols for content aware data delivery.
If your research topic doesn't directly address any of the RFPs listed above, please submit it as a generic proposal for this area.
If you have comments, questions or feedback related to this area please don't hesitate to contact us at research-content-aware@cisco.com
