Many‐field packet classification with decomposition and reinforcement learning

Abstract

Scalable packet classification is a key requirement to support scalable network applications such as firewalls, intrusion detection, and differentiated services. With the ever increasing line-rate in core networks, it becomes a great challenge to design a scalable packet classification solution using hand-tuned heuristic approaches. The authors present a scalable learning-based packet classification engine by building an efficient data structure for different rulesets with many fields. This method consists of the decomposition of fields into subsets and building separate decision trees on those subsets using a deep reinforcement learning procedure. To decompose given fields of a ruleset, the authors consider different grouping metrics such as standard deviation of individual fields and introduce a novel metric called diversity index (DI). The authors examine different decomposition schemes and construct decision trees for each scheme using deep reinforcement learning and compare the results. The results show that the SD decomposition metrics results in 11.5% faster than DI metrics, 25% faster than random 2 and 40% faster than random 1. Furthermore, the authors’ learning-based selection method can be applied to varying rulesets due to its ruleset independence.