AdaFlow: Efficient In-Network Traffic Classification using Programmable Switches

In-network ML-based traffic classification using programmable switches has enabled faster decisions and reduced security infrastructure's cost and management overheads. However, due to constraints on per-packet operations and limited stateful memory in the switch data plane, there is a fundamental tradeoff between classification accuracy and memory requirements. The existing work falls short of accurately classifying traffic with diverse flow characteristics while keeping the memory footprint low. In this paper, we propose AdaFlow system that aims to address this gap by incorporating traffic-specific heuristics while designing the in-network classifier. We evaluate AdaFlow prototype via simulations and also on a testbed with an Intel Barefoot Tofino switch. Compared to the state-of-the-art, AdaFlow improves accuracy while keeping the memory overheads similar to or lower than the existing systems.