Many Field Packet Classification with Decomposition and Reinforcement Learning

Scalable packet classification is a key requirement to support scalable network applications like firewalls, intrusion detection, and differentiated services. With ever increasing in the line-rate in core networks, it becomes a great challenge to design a scalable packet classification solution using hand-tuned heuristics approaches. In this paper, we present a scalable learning-based packet classification engine by building an efficient data structure for different ruleset with many fields. Our method consists of the decomposition of fields into subsets and building separate decision trees on those subsets using a deep reinforcement learning procedure. To decompose given fields of a ruleset, we consider different grouping metrics like standard deviation of individual fields and introduce a novel metric called diversity index (DI). We examine different decomposition schemes and construct decision trees for each scheme using deep reinforcement learning and compare the results. The results show that the SD decomposition metrics results in 11.5% faster than DI metrics, 25% faster than random 2 and 40% faster than random 1. Furthermore, our learning-based selection method can be applied to varying rulesets due to its ruleset independence.