I am a second-year computer science engineering student studying at RVCE, Bangalore. My interests revolve around studying computer networks, machine learning, and computer hardware. My research interests involve a strong emphasis on developing innovative solutions for real-time data analysis and performance optimization. I have a passion for problem-solving and enjoy leveraging programming to develop creative and efficient solutions. I also have a strong interest in combining hardware and software to leverage interesting projects. I like to play table tennis as a hobby and a method to stay active. I am eager to continue exploring and contributing to advancements in computer science through my studies and projects.

Poster Abstract

The use of Extended Berkeley Packet Filter(eBPF) has gained immense popularity in the recent years due to the optimized hardware-level implementation of its architecture. It has made the tool highly scalable and efficient for data analysis. eBPF allows the creation of data structures like BPF maps which are highly useful for transferring data directly to the user space, thereby bypassing the kernel. For packet-level data analysis, this involves attaching BPF programs to network interfaces, collecting relevant data from incoming traffic, and accessing it via BPF maps for analysis. The flexibility of eBPF allows for targeted data collection using appropriate structures.

The whole idea of my project is to implement BPF programs for collecting packet data for real time traffic analysis and making decisions based on the incoming traffic by implementing sequential models in C rather than using python library based models to avoid latency and for more scalability. The first stage of my project will involve collecting data from the network interfaces and transfer them to HPCC Systems. The second stage will involve in training sequential models on the HPCC cluster, based on the data collected. The third stage will involve deployment of the model in a low level language(C) , so as to make it more compatible and scalable with various systems. Initially, the focus will be on anomaly detection. Future plans include deep packet analysis and routing tasks. Additionally, incorporating detailed metrics from the kernel via kprobes using eBPF can provide a more granular view of the system, enhancing overall analysis and performance.

Presentation

In this Video Recording, Eshaan provides a tour and explanation of his poster content.

Real-Time Packet Data Analysis using eBPF and HPCC Systems:

Click on the poster for a larger image.