TrustSketch: Trustworthy Sketch-based Telemetry on Cloud Hosts
Zhuo Cheng
Network and Distributed System Security (NDSS) Symposium 2024 · Day 3 · Network Infrastructure
In the dynamic landscape of cloud computing, network telemetry forms the backbone of critical management functions such as anomaly detection, precise billing, and efficient traffic engineering. While traditionally performed on specialized network hardware, the shift towards software-based monitoring on end-host hypervisors offers unparalleled flexibility and ease of deployment. At the forefront of this evolution are **sketches**, approximate data structures renowned for their ability to provide high-fidelity network statistics—like identifying heavy hitters, counting distinct flows, and measuring entropy—with a remarkably low resource footprint. These compact structures, exemplified by tools like NitroSketch in Intel DPDK, are increasingly integrated into virtual network stacks.