Tyler Trigg,Chad Meiners,Sandeep Pisharody,Hayden Jananthan,Michael Jones,Adam Michaleas,Timothy Davis,Erik Welch,William Arcand,David Bestor,William Bergeron,Chansup Byun,Vijay Gadepally,Micheal Houle,Matthew Hubbell,Anna Klein,Peter Michaleas,Lauren Milechin,Julie Mullen,Andrew Prout,Albert Reuther,Antonio Rosa,Siddharth Samsi,Doug Stetson,Charles Yee,Jeremy Kepner

DOI: https://doi.org/10.48550/arXiv.2209.05725

2022-09-13

Abstract:Internet analysis is a major challenge due to the volume and rate of network traffic. In lieu of analyzing traffic as raw packets, network analysts often rely on compressed network flows (netflows) that contain the start time, stop time, source, destination, and number of packets in each direction. However, many traffic analyses benefit from temporal aggregation of multiple simultaneous netflows, which can be computationally challenging. To alleviate this concern, a novel netflow compression and resampling method has been developed leveraging GraphBLAS hyperspace traffic matrices that preserve anonymization while enabling subrange analysis. Standard multitemporal spatial analyses are then performed on each subrange to generate detailed statistical aggregates of the source packets, source fan-out, unique links, destination fan-in, and destination packets of each subrange which can then be used for background modeling and anomaly detection. A simple file format based on GraphBLAS sparse matrices is developed for storing these statistical aggregates. This method is scale tested on the MIT SuperCloud using a 50 trillion packet netflow corpus from several hundred sites collected over several months. The resulting compression achieved is significant (<0.1 bit per packet) enabling extremely large netflow analyses to be stored and transported. The single node parallel performance is analyzed in terms of both processors and threads showing that a single node can perform hundreds of simultaneous analyses at over a million packets/sec (roughly equivalent to a 10 Gigabit link).

Networking and Internet Architecture,Distributed, Parallel, and Cluster Computing

Michael Jones,Jeremy Kepner,Andrew Prout,Timothy Davis,William Arcand,David Bestor,William Bergeron,Chansup Byun,Vijay Gadepally,Micheal Houle,Matthew Hubbell,Hayden Jananthan,Anna Klein,Lauren Milechin,Guillermo Morales,Julie Mullen,Ritesh Patel,Sandeep Pisharody,Albert Reuther,Antonio Rosa,Siddharth Samsi,Charles Yee,Peter Michaleas

DOI: https://doi.org/10.1109/HPEC58863.2023.10363581

2023-12-09

Abstract:Matrix/array analysis of networks can provide significant insight into their behavior and aid in their operation and protection. Prior work has demonstrated the analytic, performance, and compression capabilities of GraphBLAS (<a class="link-external link-http" href="http://graphblas.org" rel="external noopener nofollow">this http URL</a>) hypersparse matrices and D4M (<a class="link-external link-http" href="http://d4m.mit.edu" rel="external noopener nofollow">this http URL</a>) associative arrays (a mathematical superset of matrices). Obtaining the benefits of these capabilities requires integrating them into operational systems, which comes with its own unique challenges. This paper describes two examples of real-time operational implementations. First, is an operational GraphBLAS implementation that constructs anonymized hypersparse matrices on a high-bandwidth network tap. Second, is an operational D4M implementation that analyzes daily cloud gateway logs. The architectures of these implementations are presented. Detailed measurements of the resources and the performance are collected and analyzed. The implementations are capable of meeting their operational requirements using modest computational resources (a couple of processing cores). GraphBLAS is well-suited for low-level analysis of high-bandwidth connections with relatively structured network data. D4M is well-suited for higher-level analysis of more unstructured data. This work demonstrates that these technologies can be implemented in operational settings.

Networking and Internet Architecture,Social and Information Networks

Michael Jones,Jeremy Kepner,Daniel Andersen,Aydin Buluc,Chansup Byun,K Claffy,Timothy Davis,William Arcand,Jonathan Bernays,David Bestor,William Bergeron,Vijay Gadepally,Micheal Houle,Matthew Hubbell,Hayden Jananthan,Anna Klein,Chad Meiners,Lauren Milechin,Julie Mullen,Sandeep Pisharody,Andrew Prout,Albert Reuther,Antonio Rosa,Siddharth Samsi,Jon Sreekanth,Doug Stetson,Charles Yee,Peter Michaleas

DOI: https://doi.org/10.48550/arXiv.2203.13934

2022-03-25

Networking and Internet Architecture

Abstract:Long range detection is a cornerstone of defense in many operating domains (land, sea, undersea, air, space, ..,). In the cyber domain, long range detection requires the analysis of significant network traffic from a variety of observatories and outposts. Construction of anonymized hypersparse traffic matrices on edge network devices can be a key enabler by providing significant data compression in a rapidly analyzable format that protects privacy. GraphBLAS is ideally suited for both constructing and analyzing anonymized hypersparse traffic matrices. The performance of GraphBLAS on an Accolade Technologies edge network device is demonstrated on a near worse case traffic scenario using a continuous stream of CAIDA Telescope darknet packets. The performance for varying numbers of traffic buffers, threads, and processor cores is explored. Anonymized hypersparse traffic matrices can be constructed at a rate of over 50,000,000 packets per second; exceeding a typical 400 Gigabit network link. This performance demonstrates that anonymized hypersparse traffic matrices are readily computable on edge network devices with minimal compute resources and can be a viable data product for such devices.

Jeremy Kepner,Tim Davis,Chansup Byun,William Arcand,David Bestor,William Bergeron,Vijay Gadepally,Matthew Hubbell,Michael Houle,Michael Jones,Anna Klein,Peter Michaleas,Lauren Milechin,Julie Mullen,Andrew Prout,Antonio Rosa,Siddharth Samsi,Charles Yee,Albert Reuther

DOI: https://doi.org/10.1109/IPDPSW50202.2020.00046

2020-03-17

Abstract:The SuiteSparse GraphBLAS C-library implements high performance hypersparse matrices with bindings to a variety of languages (Python, Julia, and Matlab/Octave). GraphBLAS provides a lightweight in-memory database implementation of hypersparse matrices that are ideal for analyzing many types of network data, while providing rigorous mathematical guarantees, such as linearity. Streaming updates of hypersparse matrices put enormous pressure on the memory hierarchy. This work benchmarks an implementation of hierarchical hypersparse matrices that reduces memory pressure and dramatically increases the update rate into a hypersparse matrices. The parameters of hierarchical hypersparse matrices rely on controlling the number of entries in each level in the hierarchy before an update is cascaded. The parameters are easily tunable to achieve optimal performance for a variety of applications. Hierarchical hypersparse matrices achieve over 1,000,000 updates per second in a single instance. Scaling to 31,000 instances of hierarchical hypersparse matrices arrays on 1,100 server nodes on the MIT SuperCloud achieved a sustained update rate of 75,000,000,000 updates per second. This capability allows the MIT SuperCloud to analyze extremely large streaming network data sets.

Distributed, Parallel, and Cluster Computing,Databases,Data Structures and Algorithms,Performance,Social and Information Networks

Jeremy Kepner,Michael Jones,Phil Dykstra,Chansup Byun,Timothy Davis,Hayden Jananthan,William Arcand,David Bestor,William Bergeron,Vijay Gadepally,Micheal Houle,Matthew Hubbell,Anna Klein,Lauren Milechin,Guillermo Morales,Julie Mullen,Ritesh Patel,Alex Pentland,Sandeep Pisharody,Andrew Prout,Albert Reuther,Antonio Rosa,Siddharth Samsi,Tyler Trigg,Charles Yee,Peter Michaleas

DOI: https://doi.org/10.1109/HPEC58863.2023.10363471

2023-09-05

Abstract:Defending community-owned cyber space requires community-based efforts. Large-scale network observations that uphold the highest regard for privacy are key to protecting our shared cyberspace. Deployment of the necessary network sensors requires careful sensor placement, focusing, and calibration with significant volumes of network observations. This paper demonstrates novel focusing and calibration procedures on a multi-billion packet dataset using high-performance GraphBLAS anonymized hypersparse matrices. The run-time performance on a real-world data set confirms previously observed real-time processing rates for high-bandwidth links while achieving significant data compression. The output of the analysis demonstrates the effectiveness of these procedures at focusing the traffic matrix and revealing the underlying stable heavy-tail statistical distributions that are necessary for anomaly detection. A simple model of the corresponding probability of detection ($p_{\rm d}$) and probability of false alarm ($p_{\rm fa}$) for these distributions highlights the criticality of network sensor focusing and calibration. Once a sensor is properly focused and calibrated it is then in a position to carry out two of the central tenets of good cybersecurity: (1) continuous observation of the network and (2) minimizing unbrokered network connections.

Networking and Internet Architecture,Social and Information Networks,Probability

Morteza Mardani,Gonzalo Mateos,Georgios B. Giannakis

DOI: https://doi.org/10.1109/TIT.2013.2257913

2012-04-30

Abstract:Given the superposition of a low-rank matrix plus the product of a known fat compression matrix times a sparse matrix, the goal of this paper is to establish deterministic conditions under which exact recovery of the low-rank and sparse components becomes possible. This fundamental identifiability issue arises with traffic anomaly detection in backbone networks, and subsumes compressed sensing as well as the timely low-rank plus sparse matrix recovery tasks encountered in matrix decomposition problems. Leveraging the ability of $\ell_1$- and nuclear norms to recover sparse and low-rank matrices, a convex program is formulated to estimate the unknowns. Analysis and simulations confirm that the said convex program can recover the unknowns for sufficiently low-rank and sparse enough components, along with a compression matrix possessing an isometry property when restricted to operate on sparse vectors. When the low-rank, sparse, and compression matrices are drawn from certain random ensembles, it is established that exact recovery is possible with high probability. First-order algorithms are developed to solve the nonsmooth convex optimization problem with provable iteration complexity guarantees. Insightful tests with synthetic and real network data corroborate the effectiveness of the novel approach in unveiling traffic anomalies across flows and time, and its ability to outperform existing alternatives.

Information Theory,Networking and Internet Architecture,Machine Learning

Jeremy Kepner,Tim Davis,Chansup Byun,William Arcand,David Bestor,William Bergeron,Vijay Gadepally,Matthew Hubbell,Michael Houle,Michael Jones,Anna Klein,Lauren Milechin,Julie Mullen,Andrew Prout,Albert Reuther,Antonio Rosa,Siddharth Samsi,Charles Yee,Peter Michaleas

DOI: https://doi.org/10.1109/HPEC49654.2021.9622802

2021-08-15

Abstract:Hypersparse matrices are a powerful enabler for a variety of network, health, finance, and social applications. Hierarchical hypersparse GraphBLAS matrices enable rapid streaming updates while preserving algebraic analytic power and convenience. In many contexts, the rate of these updates sets the bounds on performance. This paper explores hierarchical hypersparse update performance on a variety of hardware with identical software configurations. The high-level language bindings of the GraphBLAS readily enable performance experiments on simultaneous diverse hardware. The best single process performance measured was 4,000,000 updates per second. The best single node performance measured was 170,000,000 updates per second. The hardware used spans nearly a decade and allows a direct comparison of hardware improvements for this computation over this time range; showing a 2x increase in single-core performance, a 3x increase in single process performance, and a 5x increase in single node performance. Running on nearly 2,000 MIT SuperCloud nodes simultaneously achieved a sustained update rate of over 200,000,000,000 updates per second. Hierarchical hypersparse GraphBLAS allows the MIT SuperCloud to analyze extremely large streaming network data sets.

Distributed, Parallel, and Cluster Computing,Discrete Mathematics,Mathematical Software,Networking and Internet Architecture,Performance

Hayden Jananthan,Jeremy Kepner,Michael Jones,William Arcand,David Bestor,William Bergeron,Chansup Byun,Timothy Davis,Vijay Gadepally,Daniel Grant,Michael Houle,Matthew Hubbell,Anna Klein,Lauren Milechin,Guillermo Morales,Andrew Morris,Julie Mullen,Ritesh Patel,Alex Pentland,Sandeep Pisharody,Andrew Prout,Albert Reuther,Antonio Rosa,Siddharth Samsi,Tyler Trigg,Gabriel Wachman,Charles Yee,Peter Michaleas

2023-10-01

Abstract:Expanding the scientific tools available to protect computer networks can be aided by a deeper understanding of the underlying statistical distributions of network traffic and their potential geometric interpretations. Analyses of large scale network observations provide a unique window into studying those underlying statistics. Newly developed GraphBLAS hypersparse matrices and D4M associative array technologies enable the efficient anonymized analysis of network traffic on the scale of trillions of events. This work analyzes over 100,000,000,000 anonymized packets from the largest Internet telescope (CAIDA) and over 10,000,000 anonymized sources from the largest commercial honeyfarm (GreyNoise). Neither CAIDA nor GreyNoise actively emit Internet traffic and provide distinct observations of unsolicited Internet traffic (primarily botnets and scanners). Analysis of these observations confirms the previously observed Cauchy-like distributions describing temporal correlations between Internet sources. The Gull lighthouse problem is a well-known geometric characterization of the standard Cauchy distribution and motivates a potential geometric interpretation for Internet observations. This work generalizes the Gull lighthouse problem to accommodate larger classes of coastlines, deriving a closed-form solution for the resulting probability distributions, stating and examining the inverse problem of identifying an appropriate coastline given a continuous probability distribution, identifying a geometric heuristic for solving this problem computationally, and applying that heuristic to examine the temporal geometry of different subsets of network observations. Application of this method to the CAIDA and GreyNoise data reveals a several orders of magnitude difference between known benign and other traffic which can lead to potentially novel ways to protect networks.

Social and Information Networks

Dingde Jiang,Laisen Nie,Zhihan Lv,Houbing Song

DOI: https://doi.org/10.1109/access.2016.2573264

IF: 3.9

2016-01-01

IEEE Access

Abstract:A traffic matrix is generally used by several network management tasks in a data center network, such as traffic engineering and anomaly detection. It gives a flow-level view of the network traffic volume. Despite the explicit importance of the traffic matrix, it is significantly difficult to implement a large-scale measurement to build an absolute traffic matrix. Generally, the traffic matrix obtained by the operators is imperfect, i.e., some traffic data may be lost. Hence, we focus on the problems of recovering these missing traffic data in this paper. To recover these missing traffic data, we propose the spatio-temporal Kronecker compressive sensing method, which draws on Kronecker compressive sensing. In our method, we account for the spatial and temporal properties of the traffic matrix to construct a sparsifying basis that can sparsely represent the traffic matrix. Simultaneously, we consider the low-rank property of the traffic matrix and propose a novel recovery model. We finally assess the estimation error of the proposed method by recovering real traffic.

Jie Ying,Tiantian Zhu,Wenrui Cheng,Qixuan Yuan,Mingjun Ma,Chunlin Xiong,Tieming Chen,Mingqi Lv,Yan Chen

2024-05-04

Abstract:As the complexity and destructiveness of Advanced Persistent Threat (APT) increase, there is a growing tendency to identify a series of actions undertaken to achieve the attacker's target, called attack investigation. Currently, analysts construct the provenance graph to perform causality analysis on Point-Of-Interest (POI) event for capturing critical events (related to the attack). However, due to the vast size of the provenance graph and the rarity of critical events, existing attack investigation methods suffer from problems of high false positives, high overhead, and high latency. To this end, we propose SPARSE, an efficient and real-time system for constructing critical component graphs (i.e., consisting of critical events) from streaming logs. Our key observation is 1) Critical events exist in a suspicious semantic graph (SSG) composed of interaction flows between suspicious entities, and 2) Information flows that accomplish attacker's goal exist in the form of paths. Therefore, SPARSE uses a two-stage framework to implement attack investigation (i.e., constructing the SSG and performing path-level contextual analysis). First, SPARSE operates in a state-based mode where events are consumed as streams, allowing easy access to the SSG related to the POI event through semantic transfer rule and storage strategy. Then, SPARSE identifies all suspicious flow paths (SFPs) related to the POI event from the SSG, quantifies the influence of each path to filter irrelevant events. Our evaluation on a real large-scale attack dataset shows that SPARSE can generate a critical component graph (~ 113 edges) in 1.6 seconds, which is 2014 X smaller than the backtracking graph (~ 227,589 edges). SPARSE is 25 X more effective than other state-of-the-art techniques in filtering irrelevant edges.

Cryptography and Security

Hayden Jananthan,Michael Jones,William Arcand,David Bestor,William Bergeron,Daniel Burrill,Aydin Buluc,Chansup Byun,Timothy Davis,Vijay Gadepally,Daniel Grant,Michael Houle,Matthew Hubbell,Piotr Luszczek,Peter Michaleas,Lauren Milechin,Chasen Milner,Guillermo Morales,Andrew Morris,Julie Mullen,Ritesh Patel,Alex Pentland,Sandeep Pisharody,Andrew Prout,Albert Reuther,Antonio Rosa,Gabriel Wachman,Charles Yee,Jeremy Kepner

2024-09-12

Abstract:The MIT/IEEE/Amazon GraphChallenge encourages community approaches to developing new solutions for analyzing graphs and sparse data derived from social media, sensor feeds, and scientific data to discover relationships between events as they unfold in the field. The anonymized network sensing Graph Challenge seeks to enable large, open, community-based approaches to protecting networks. Many large-scale networking problems can only be solved with community access to very broad data sets with the highest regard for privacy and strong community buy-in. Such approaches often require community-based data sharing. In the broader networking community (commercial, federal, and academia) anonymized source-to-destination traffic matrices with standard data sharing agreements have emerged as a data product that can meet many of these requirements. This challenge provides an opportunity to highlight novel approaches for optimizing the construction and analysis of anonymized traffic matrices using over 100 billion network packets derived from the largest Internet telescope in the world (CAIDA). This challenge specifies the anonymization, construction, and analysis of these traffic matrices. A GraphBLAS reference implementation is provided, but the use of GraphBLAS is not required in this Graph Challenge. As with prior Graph Challenges the goal is to provide a well-defined context for demonstrating innovation. Graph Challenge participants are free to select (with accompanying explanation) the Graph Challenge elements that are appropriate for highlighting their innovations.

Networking and Internet Architecture,Discrete Mathematics,Performance,Software Engineering,Combinatorics

Christopher Howard,Hayden Jananthan,Jeremy Kepner

2023-11-07

Abstract:With the Internet a central component of modern society, entire industries and fields have developed both in support and against cybersecurity. For cyber operators to best understand their networks, they must conduct detailed traffic analyses. A growing recognition is the ubiquity of heavy-tailed characteristics in network traffic. However, a thorough analysis of cybersecurity programs suggests little statistics educational background, worsened by the observation that college-level statistics courses largely lack heavy-tailed content, meaning cyber operators are both ill-equipped to appropriately analyze their network traffic and unable to easily access resources that could help. In response, we developed an accessible Jupyter Notebook module that guides individuals--regardless of statistical background--through traffic matrix creation, heavy-tailed data identification, data visualization, and distribution fitting. Such content empowers cyber operators, improving analyses and design.

Social and Information Networks

Dingde Jiang,Zhengzheng Xu,Zhenhua Chen,Yang Han,Hongwei Xu

DOI: https://doi.org/10.1016/j.comnet.2011.06.027

IF: 5.493

2011-01-01

Computer Networks

Abstract:When 3G, WiFi, and WiMax technologies are successfully applied to access networks, current communication networks become more and more complex, more and more heterogeneous, and more difficult to manage. Moreover, network traffic exhibits the increasing diversities and concurrently shows many new characteristics. The real-time end-to-end demand urges network operators to learn and grasp traffic matrix covering their networks. However, unfortunately traffic matrix is significantly difficult directly to attain. Despite many studies made previously about traffic matrix estimation problem, it is a significant challenging to obtain its reliable and accurate solution. Here we propose a novel approach to solve this problem, based on joint time–frequency analysis in transform domain. Different from previous methods, we analyze the time–frequency characteristics about traffic matrix and build the time–frequency model describing it. Generally, traffic matrix can be divided into tendency terms and fluctuation terms. We find that traffic matrix in time–frequency domain owns the more obvious sparsity than in time domain. Obviously, its tendency terms and fluctuation terms also have the lower dimensions in time–frequency domain. This brings us into the field of compressive sensing that is a generic technique for data reconstruction. Additionally, we take into account updating time–frequency model presented with link loads to make our model adaptive. Finally, comparative analysis in two real backbone networks confirms that the accuracy, stability, and effectiveness of our approach.

Chuanpu Fu,Qi Li,Ke Xu

DOI: https://doi.org/10.48550/arXiv.2301.13686

2023-01-31

Abstract:In this paper, we propose HyperVision, a realtime unsupervised machine learning (ML) based malicious traffic detection system. Particularly, HyperVision is able to detect unknown patterns of encrypted malicious traffic by utilizing a compact inmemory graph built upon the traffic patterns. The graph captures flow interaction patterns represented by the graph structural features, instead of the features of specific known attacks. We develop an unsupervised graph learning method to detect abnormal interaction patterns by analyzing the connectivity, sparsity, and statistical features of the graph, which allows HyperVision to detect various encrypted attack traffic without requiring any labeled datasets of known attacks. Moreover, we establish an information theory model to demonstrate that the information preserved by the graph approaches the ideal theoretical bound. We show the performance of HyperVision by real-world experiments with 92 datasets including 48 attacks with encrypted malicious traffic. The experimental results illustrate that HyperVision achieves at least 0.92 AUC and 0.86 F1, which significantly outperform the state-of-the-art methods. In particular, more than 50% attacks in our experiments can evade all these methods. Moreover, HyperVision achieves at least 80.6 Gb/s detection throughput with the average detection latency of 0.83s.

Cryptography and Security

Hongbin Pei,Bo Yang,Jiming Liu,Kevin Chen-Chuan Chang

DOI: https://doi.org/10.1109/tpami.2020.3023092

IF: 23.6

2020-01-01

IEEE Transactions on Pattern Analysis and Machine Intelligence

Abstract:The key to the effective control of a diffusion system lies in how accurately we could predict its unfolding dynamics based on the observation of its current state. However, in the real-world applications, it is often infeasible to conduct a timely and yet comprehensive observation due to resource constraints. In view of such a practical challenge, the goal of this work is to develop a novel computational method for performing active observations, termed active surveillance, with limited resources. Specifically, we aim to predict the dynamics of a large spatio-temporal diffusion system based on the observations of some of its components. Towards this end, we introduce a novel measure, the γ value, that enables us to identify the key components by means of modeling a sentinel network with a row sparsity structure. Having obtained a theoretical understanding of the γ value, we design a backward-selection sentinel network mining algorithm (SNMA) for deriving the sentinel network via group sparse Bayesian learning. In order to be practically useful, we further address the issue of scalability in the computation of SNMA, and moreover, extend SNMA to the case of a non-linear dynamical system that could involve complex diffusion mechanisms. We show the effectiveness of SNMA by validating it using both synthetic datasets and five real-world datasets. The experimental results are appealing, which demonstrate that SNMA readily outperforms the state-of-the-art methods.

Vijay Gadepally,Jeremy Kepner,Lauren Milechin,William Arcand,David Bestor,Bill Bergeron,Chansup Byun,Matthew Hubbell,Micheal Houle,Micheal Jones,Peter Michaleas,Julie Mullen,Andrew Prout,Antonio Rosa,Charles Yee,Siddharth Samsi,Albert Reuther

DOI: https://doi.org/10.48550/arXiv.1808.08353

2018-08-25

Abstract:Detecting anomalous behavior in network traffic is a major challenge due to the volume and velocity of network traffic. For example, a 10 Gigabit Ethernet connection can generate over 50 MB/s of packet headers. For global network providers, this challenge can be amplified by many orders of magnitude. Development of novel computer network traffic analytics requires: high level programming environments, massive amount of packet capture (PCAP) data, and diverse data products for "at scale" algorithm pipeline development. D4M (Dynamic Distributed Dimensional Data Model) combines the power of sparse linear algebra, associative arrays, parallel processing, and distributed databases (such as SciDB and Apache Accumulo) to provide a scalable data and computation system that addresses the big data problems associated with network analytics development. Combining D4M with the MIT SuperCloud manycore processors and parallel storage system enables network analysts to interactively process massive amounts of data in minutes. To demonstrate these capabilities, we have implemented a representative analytics pipeline in D4M and benchmarked it on 96 hours of Gigabit PCAP data with MIT SuperCloud. The entire pipeline from uncompressing the raw files to database ingest was implemented in 135 lines of D4M code and achieved speedups of over 20,000.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

H. Harbrecht,M. Multerer,O. Schenk,Ch. Schwab

DOI: https://doi.org/10.1007/s00211-024-01409-8

IF: 2.5

2024-05-11

Numerische Mathematik

Abstract:We propose a sparse algebra for samplet compressed kernel matrices to enable efficient scattered data analysis. We show that the compression of kernel matrices by means of samplets produces optimally sparse matrices in a certain S -format. The compression can be performed in cost and memory that scale essentially linearly with the number of data points for kernels of finite differentiability. The same holds true for the addition and multiplication of S -formatted matrices. We prove that the inverse of a kernel matrix, given that it exists, is compressible in the S -format as well. The use of selected inversion allows to directly compute the entries in the corresponding sparsity pattern. Moreover, S -formatted matrix operations enable the efficient, approximate computation of more complicated matrix functions such as or of a matrix . The matrix algebra is justified mathematically by pseudo differential calculus. As an application, we consider Gaussian process learning algorithms for implicit surfaces. Numerical results are presented to illustrate and quantify our findings.

mathematics, applied

Timothy A. Davis,Yifan Hu

DOI: https://doi.org/10.1145/2049662.2049663

IF: 2.464

2011-11-01

ACM Transactions on Mathematical Software

Abstract:We describe the University of Florida Sparse Matrix Collection, a large and actively growing set of sparse matrices that arise in real applications. The Collection is widely used by the numerical linear algebra community for the development and performance evaluation of sparse matrix algorithms. It allows for robust and repeatable experiments: robust because performance results with artificially generated matrices can be misleading, and repeatable because matrices are curated and made publicly available in many formats. Its matrices cover a wide spectrum of domains, include those arising from problems with underlying 2D or 3D geometry (as structural engineering, computational fluid dynamics, model reduction, electromagnetics, semiconductor devices, thermodynamics, materials, acoustics, computer graphics/vision, robotics/kinematics, and other discretizations) and those that typically do not have such geometry (optimization, circuit simulation, economic and financial modeling, theoretical and quantum chemistry, chemical process simulation, mathematics and statistics, power networks, and other networks and graphs). We provide software for accessing and managing the Collection, from MATLABTM, MathematicaTM, Fortran, and C, as well as an online search capability. Graph visualization of the matrices is provided, and a new multilevel coarsening scheme is proposed to facilitate this task.

computer science, software engineering,mathematics, applied

Ahan Gupta,Yueming Yuan,Devansh Jain,Yuhao Ge,David Aponte,Yanqi Zhou,Charith Mendis

2024-07-24

Abstract:Multi-head-self-attention (MHSA) mechanisms achieve state-of-the-art (SOTA) performance across natural language processing and vision tasks. However, their quadratic dependence on sequence lengths has bottlenecked inference speeds. To circumvent this bottleneck, researchers have proposed various sparse-MHSA models, where a subset of full attention is computed. Despite their promise, current sparse libraries and compilers do not support high-performance implementations for diverse sparse-MHSA patterns due to the underlying sparse formats they operate on. These formats, which are typically designed for high-performance & scientific computing applications, are either curated for extreme amounts of random sparsity (<1% non-zero values), or specific sparsity patterns. However, the sparsity patterns in sparse-MHSA are moderately sparse (10-50% non-zero values) and varied, resulting in existing sparse-formats trading off generality for performance. We bridge this gap, achieving both generality and performance, by proposing a novel sparse format: affine-compressed-sparse-row (ACSR) and supporting code-generation scheme, SPLAT, that generates high-performance implementations for diverse sparse-MHSA patterns on GPUs. Core to our proposed format and code generation algorithm is the observation that common sparse-MHSA patterns have uniquely regular geometric properties. These properties, which can be analyzed just-in-time, expose novel optimizations and tiling strategies that SPLAT exploits to generate high-performance implementations for diverse patterns. To demonstrate SPLAT's efficacy, we use it to generate code for various sparse-MHSA models, achieving geomean speedups of 2.05x and 4.05x over hand-written kernels written in triton and TVM respectively on A100 GPUs. Moreover, its interfaces are intuitive and easy to use with existing implementations of MHSA in JAX.

Programming Languages,Machine Learning

Jeremy Kepner,Manoj Kumar,José Moreira,Pratap Pattnaik,Mauricio Serrano,Henry Tufo

DOI: https://doi.org/10.1109/HPEC.2017.8091098

2017-08-09

Abstract:Deep Neural Networks (DNNs) have emerged as a core tool for machine learning. The computations performed during DNN training and inference are dominated by operations on the weight matrices describing the DNN. As DNNs incorporate more stages and more nodes per stage, these weight matrices may be required to be sparse because of memory limitations. The <a class="link-external link-http" href="http://GraphBLAS.org" rel="external noopener nofollow">this http URL</a> math library standard was developed to provide high performance manipulation of sparse weight matrices and input/output vectors. For sufficiently sparse matrices, a sparse matrix library requires significantly less memory than the corresponding dense matrix implementation. This paper provides a brief description of the mathematics underlying the GraphBLAS. In addition, the equations of a typical DNN are rewritten in a form designed to use the GraphBLAS. An implementation of the DNN is given using a preliminary GraphBLAS C library. The performance of the GraphBLAS implementation is measured relative to a standard dense linear algebra library implementation. For various sizes of DNN weight matrices, it is shown that the GraphBLAS sparse implementation outperforms a BLAS dense implementation as the weight matrix becomes sparser.

Distributed, Parallel, and Cluster Computing,Machine Learning