Skip to main content
Springer Nature Link
Log in

Aguri: An Aggregation-Based Traffic Profiler

  • Conference paper
  • First Online:
Quality of Future Internet Services (QofIS 2001)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2156))

Included in the following conference series:

Abstract

Aguri is an aggregation-based traffic profiler targeted for near real-time, long-term, and wide-area traffic monitoring. Aguri adapts itself to spatial traffic distribution by aggregating small volume flows into aggregates, and achieves temporal aggregation by creating a summary of summaries applying the same algorithm to its outputs. A set of scripts are used for archiving and visualizing summaries in different time scales. Aguri does not need a predefined rule set and is capable of detecting an unexpected increase of unknown protocols or DoS attacks, which considerably simplifies the task of network monitoring.

Once aggregates are identified and profiled, it becomes possible to make use of the profile records to control the aggregates in best-effort traffic. As a possible solution, we propose a technique to preferentially drop packets from aggregates whose volume is more than the fairshare. Our prototype implementation demonstrates its ability to protect the network from DoS attacks and to provide rough fairness among aggregates.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. S. Blake, D. Black, M. Carlson, E. Davies, Z. Wang, and W. Weiss. An architecture for differentiated services. RFC 2475, Internet Engineering Task Force, December 1998.

    Google Scholar 

  2. N. Brownlee. Traffic flow measurement: Experiences with NeTraMet. Request for Comments 2123, Internet Engineering Task Force, March 1997.

    Google Scholar 

  3. N. Brownlee, C. Mills, and G. Ruth. Traffic flow measurement: Architecture. Request for Comments 2722, Internet Engineering Task Force, October 1999.

    Google Scholar 

  4. Kenjiro Cho. Tele Traffic Tapper. http://www.csl.sony.co. jp/~kjc/software.html, 1996.

  5. Kenjiro Cho. A Framework for Alternate Queueing: Towards Traffic Management by PC-UNIX Based Routers. In USENIX 1998 Annual Technical Conference, pages 247–258, June 1998.

    Google Scholar 

  6. Kenjiro Cho. Flow-valve: Embedding a safety-valve in red. In Global Internet Symposium, Globecom, pages 1753–1762, December 1999.

    Google Scholar 

  7. Kenjiro Cho. The Design and Implementation of the ALTQ Traffic Management System. PhD thesis, Keio University, January 2001.

    Google Scholar 

  8. Kenjiro Cho, Koshiro Mitsuya, and Akira Kato. Traffic data repository at the WIDE project. In USENIX 2000 Annual Technical Conference: FREENIX Track, pages 263–270, June 2000.

    Google Scholar 

  9. Kimberly C. Claffy, Hans-Werner Braun, and George C. Polyzos. A parameteriz-able methodology for internet traffic flow profiling. IEEE Journal of Selected Areas in Communications, 13(8):1481–1494, 1995.

    Article  Google Scholar 

  10. D. Clark and W. Fang. Explicit allocation of best effort packet delivery service. IEEE/ACM Transactions on Networking, 6(4), August 1998.

    Google Scholar 

  11. Sally Floyd and Kevin Fall. Promoting the use of end-to-end congestion control in the internet. IEEE/ACM Transaction on Networking, 7(4):458–472, August 1999.

    Google Scholar 

  12. J. Heinanen, F. Baker, W. Weiss, and J. Wroclawski. Assured Forwarding PHB Group. RFC 2597, Internet Engineering Task Force, June 1999.

    Google Scholar 

  13. J. Heinanen and R. Guerin. A two rate three color marker. RFC 2698, Internet Engineering Task Force, September 1999.

    Google Scholar 

  14. V. Jacobson, C. Leres, and S. McCanne. tcpdump. ftp://ftp.ee.lbl.gov/, 1989.

  15. V. Jacobson, C. Leres, and S. McCanne. libpcap. ftp://ftp.ee.lbl.gov/, 1994.

  16. Ken Keys, David Moore, Ryan Koga, Edouard Lagache, Michael Tesch, and K. Claffy. The architecture of the CoralReef internet traffic monitoring software suite. In PAM 2001, Amsterdam, The Netherlands, April 2001.

    Google Scholar 

  17. Ratul Mahajan, Steven M. Bellovin, Sally Floyd, John Ioannidis, Vern Paxson, and Scott Shenker. Controlling high bandwidth aggregates in the network. draft paper, February 2001.

    Google Scholar 

  18. Robert Morris, Eddie Kohler, John Jannotti, and M. Frans Kaashoek. The Click moduler router. In Proceedings of SOSP’99, pages 217–231, Kiawah Island Resort, SC, December 1999.

    Google Scholar 

  19. Tobias Oetiker. RRDtool: Round Robin Database Tool. http://eestaff.ethz.ch/~oetiker/webtools/rrdtool/.

  20. Tobias Oetiker. MRTG: The multi router traffic grapher. In USENIX LISA Conference, pages 141–147, Boston, MA, December 1998.

    Google Scholar 

  21. Dave Ponka. FlowScan: A network traffic flow reporting and visualization tool. In USENIX LISA Conference, New Orleans, LA, December 2000.

    Google Scholar 

  22. John T. Robinson and Murthy V. Devarakonda. Data cache management using frequency-based replacement. In SIGMETRICS Conference on Measurement and Modeling of Computer Systems, pages 134–142, May 1990.

    Google Scholar 

  23. Keith Sklower. A tree-based packet routing table for berkeley UNIX. In USENIX Winter Conference, Dallas, Texas, January 1991.

    Google Scholar 

  24. S. Waldbusser. Remote network monitoring management information base. Request for Comments 1757, Internet Engineering Task Force, February 1995.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Sony Computer Science Labs, Inc., Tokyo, 1410022, Japan

    Kenjiro Cho

  2. Keio University, Fujisawa, 2528520, Japan

    Ryo Kaizaki

  3. The University of Tokyo, Tokyo, 1138658, Japan

    Akira Kato

Authors
  1. Kenjiro Cho
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ryo Kaizaki
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Akira Kato
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Kaiserin-Augusta Allee 31, GMD FOKUS, 10589, Berlin, Germany

    Mikhail I. Smirnov

  2. Department of Computer Science, University College London, Gower Street, London, WC1E 6BT, UK

    Jon Crowcroft

  3. France Telecom R&D, 38 rue de Général Leclerc, 92794, Issy-Moulineaux, Cedex 9, France

    James Roberts

  4. Departamento de Engenharia Informática, Universidade de Coimbra, Pólo II, 3030-290, Coimbra, Portugal

    Fernando Boavida

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cho, K., Kaizaki, R., Kato, A. (2001). Aguri: An Aggregation-Based Traffic Profiler. In: Smirnov, M.I., Crowcroft, J., Roberts, J., Boavida, F. (eds) Quality of Future Internet Services. QofIS 2001. Lecture Notes in Computer Science, vol 2156. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45412-8_16

Download citation

  • DOI: https://doi.org/10.1007/3-540-45412-8_16

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42602-8

  • Online ISBN: 978-3-540-45412-0

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics