Article

Sampling time-dependent parameters in high-speed network monitoring

Authors:

PM2HW2N '06: Proceedings of the ACM international workshop on Performance monitoring, measurement, and evaluation of heterogeneous wireless and wired networks

Pages 13 - 17

https://doi.org/10.1145/1163653.1163657

Published: 02 October 2006 Publication History

Get Access

Abstract

Nowadays network bandwidth is increasing continuously for end-users and network providers. Network monitoring tools have to be able to support these high-speed networks, processing a high number of packets per second. For this reason, network monitoring tools have to be improved using software or hardware techniques. In this paper we use sampling techniques, as a software technique that can provide the capacity of monitoring networks with high bandwidth, keeping a low-cost hardware platform. A new technique called mixed sampling is proposed and compared with other techniques proposed in the literature. We focus on time-dependent statistics not studied before with sampling. These statistics will require applying estimation techniques for better results

References

[1]

Endace Measurement Systems. http://www.endace.com

Google Scholar

[2]

A Scaleable Monitoring Platform for the Internet (SCAMPI). IST European Project. http://www.ist-scampi.org/

Google Scholar

[3]

A. Begel, S. McCanne and S.L. Graham. BPF+: Exploiting Global Data-flow Optimization in a Generalized Packet Filter Architecture. In Proceedings of ACM SIGCOMMM Symposium on Communications Architectures and Protocols, Harvard University, Cambridge, Massachusetts, September 1999.

Digital Library

Google Scholar

[4]

I. Kim, J. Moon, and H. Y. Yeom, Timer-Based Interrupt Mitigation for High Performance Packet Processing, Proceedings of 5th International Conference on High-Performance Computing in the Asia-Pacific Region, 2001.

Google Scholar

[5]

Lucas Deri. Improving Passive Packet Capture: Beyond Device Polling. 15th NMRG, Bremen, Germany, January 2004.

Google Scholar

[6]

K. Claffy, G. Polyzos, and H-W. Braun. Application of Sampling Methodologies to Network Traffic Characterization. Proceedings of SIGCOMM '93, pp. 194--203, San Francisco, September 1993.

Digital Library

Google Scholar

[7]

N.G. Duffield, C. Lund, M. Thorup. Estimating flow distributions from sampled flow statistics. ACM Sigcomm 2003, Karlsruhe, Germany, August 25-29, 2003.

Digital Library

Google Scholar

[8]

C. Estan and K. Keys and D. Moore and G. Varghese. Building a Better NetFlow. Proceedings of ACM SIGCOMM 2004.

Digital Library

Google Scholar

[9]

Nick Duffield, Carsten Lund, Mikkel Thorup. Flow Sampling under Hard Resource Constraints. Proceedings the ACM IFIP Conference on Measurement and Modeling of Computer Systems SIGMETRICS/Performance 2004, pp.85--96, June 2004.

Digital Library

Google Scholar

[10]

N. Hohn, D. Veitch. Inverting Sampled Traffic. ACM SIGCOMM Internet Measurement Conference 2003, Miami Beach, October 27-29, 2003.

Digital Library

Google Scholar

[11]

Kedar Dhandhere, Hyang-Ah Kim and Tim Jia-Yu Pan. The Application and Effect of Sampling Methods on Collecting Network Traffic Statistics. Technical Report Carnegie Mellon, April 28, 2001.

Google Scholar

[12]

F. Yegenoglu, F. Faris, O. Qadan. A model for representing wide area Internet packet behavior. Proceeding of the IEEE InternationalPerformance, Computing, and Communications Conference, 2000. IPCCC '00. pp.167--173, Feb 2000.

Google Scholar

Cited By

View all

Hakimi ZFaez KBarati M(2013)An efficient architecture for distributed intrusion detection system2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)10.1109/ISCISC.2013.6767356(1-5)Online publication date: Aug-2013
https://doi.org/10.1109/ISCISC.2013.6767356
Sperotto ASchaffrath GSadre RMorariu CPras AStiller B(2010)An Overview of IP Flow-Based Intrusion DetectionIEEE Communications Surveys & Tutorials10.1109/SURV.2010.032210.0005412:3(343-356)Online publication date: 1-Jul-2010
https://dl.acm.org/doi/10.1109/SURV.2010.032210.00054
Sperotto ASadre RPras A(2008)Anomaly Characterization in Flow-Based Traffic Time SeriesProceedings of the 8th IEEE international workshop on IP Operations and Management10.1007/978-3-540-87357-0_2(15-27)Online publication date: 22-Sep-2008
https://dl.acm.org/doi/10.1007/978-3-540-87357-0_2

Index Terms

Sampling time-dependent parameters in high-speed network monitoring
1. Hardware
  1. Communication hardware, interfaces and storage
2. Networks
  1. Network services
    1. Network monitoring

Recommendations

A Passive Network Appliance for Real-Time Network Monitoring
ANCS '11: Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems

Network administrators lack the tools they need to understand and react to their changing networks. This makes it difficult for them to make informed, timely decisions regarding network management, capacity planning, and security. These challenges will ...
Research of Network Monitoring Based on SNMP
IMCCC '13: Proceedings of the 2013 Third International Conference on Instrumentation, Measurement, Computer, Communication and Control

Network monitoring system is a collection about consisting of a set of tools for network monitoring and control, a combination of organic is used to manage networks and ensure the normal operation of the network software and hardware. It is not only to ...
A new structure-preserving method of sampling for predicting self-similar traffic

The paper presents a structure-preserving method of sampling self-similar traffic with an application to network monitoring and resource provisioning. Based on the observation of the self-similarity of Internet traffic, we propose a new sampling ...

Comments

Information & Contributors

Information

Published In

PM2HW2N '06: Proceedings of the ACM international workshop on Performance monitoring, measurement, and evaluation of heterogeneous wireless and wired networks

October 2006

114 pages

ISBN:1595935029

DOI:10.1145/1163653

Program Chairs:
M. Ould-Khaoua
University of Glasgow, UK
,
B. Caminero
University of Castilla-La Mancha Albacete, Spain

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 October 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

MSWiM06

Sponsor:

MSWiM06: 9th International Symposium on Modeling, Analysis and Simulation of Wireless and Mobile Systems 2006

October 2, 2006

Terromolinos, Spain

Acceptance Rates

PM2HW2N '06 Paper Acceptance Rate 16 of 30 submissions, 53%;

Overall Acceptance Rate 74 of 226 submissions, 33%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
324
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)2

Reflects downloads up to 27 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hakimi ZFaez KBarati M(2013)An efficient architecture for distributed intrusion detection system2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)10.1109/ISCISC.2013.6767356(1-5)Online publication date: Aug-2013
https://doi.org/10.1109/ISCISC.2013.6767356
Sperotto ASchaffrath GSadre RMorariu CPras AStiller B(2010)An Overview of IP Flow-Based Intrusion DetectionIEEE Communications Surveys & Tutorials10.1109/SURV.2010.032210.0005412:3(343-356)Online publication date: 1-Jul-2010
https://dl.acm.org/doi/10.1109/SURV.2010.032210.00054
Sperotto ASadre RPras A(2008)Anomaly Characterization in Flow-Based Traffic Time SeriesProceedings of the 8th IEEE international workshop on IP Operations and Management10.1007/978-3-540-87357-0_2(15-27)Online publication date: 22-Sep-2008
https://dl.acm.org/doi/10.1007/978-3-540-87357-0_2

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

A Passive Network Appliance for Real-Time Network Monitoring

Research of Network Monitoring Based on SNMP

A new structure-preserving method of sampling for predicting self-similar traffic

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations