Abstract:
Flow-based traffic monitoring has received strong attention from the traffic measurement research communities. Despite the value provided by flow measurement, its usage h...Show MoreMetadata
Abstract:
Flow-based traffic monitoring has received strong attention from the traffic measurement research communities. Despite the value provided by flow measurement, its usage has limited for relatively lower speed traffic mainly due to the performance impact it introduces. Recent traffic measurement research has tried to overcome such a limitation of simple flow-based monitoring by utilizing payload inspection for applications signatures or/and by identifying target application group based on common traffic characteristics. Such improvement, however, requires much higher analysis performance, particularly when it comes to the monitoring of high-speed links like 2.5 Gbps or higher. Thus, the traditional approach which consists of traffic capture in a dedicated hardware and traffic analysis on a server with database may be unable to meet such harsh requirements. Although a dedicated hardware is used for traffic measurement, the generation of application flows is normally done in the software. In this paper, we propose our novel traffic measurement methodology which pushes application flow generation functionality into the network processor (NP) based hardware to meet such requirements. We have embedded packet capturing capability without loss, deep packet inspection, and flow generation into the hardware. We describe major features, design concepts, implementation, and performance evaluation result.
Date of Conference: 07-11 April 2008
Date Added to IEEE Xplore: 26 August 2008
ISBN Information: