Salvi, Dario and Mazzariello, Claudio and Oliviero, Francesco and D'Antonio, Salvatore (2005) A Distributed multi-purpose IP flow monitor. In: 3° International Workshop on Internet Performance, Simulation, Monitoring and Measurement IPS-MoMe, 14-15 March 2005, Warsaw, Poland.

Full text not available from this repository. [error in script] [error in script]
Item Type: Conference or Workshop Item (Lecture)
Title: A Distributed multi-purpose IP flow monitor
Date: 2005
Date Type: Publication
Number of Pages: 9
Official URL:
Event Type: Workshop
Event Title: 3° International Workshop on Internet Performance, Simulation, Monitoring and Measurement IPS-MoMe
Event Location: Warsaw, Poland
Event Dates: 14-15 March 2005
Date: 2005
Number of Pages: 9
Uncontrolled Keywords: traffic measurements, IP flow monitoring, Last Recently Used caching, Traffic profiling, Intrusion detection
References: N. Brownlee and C. Mills and G. Ruth: RFC 2063 Traffic Flow Measurement: Architecture Ganesh Sadasivan and Nevil Brownlee and B. Claise and J. Quittek: IPFIX Working Group Internet Draft, Architecture Model for IP Flow Information Export Yun Mao and Kang Chen and Dongsheng Wang and Weimin Zheng: Cluster-based Online Monitoring System of Web Traffic Yoshinori Kitatsuji and Katsuyuki Yamazaki: A Distributed Real-time Tool for IP-Flow Measurement Se-Hee Han and Myung-Sup Kim and Hong-Taek Ju and James Won-Ki Hong: The Architecture of NG-MON: A Passive Network Monitoring System for High-Speed IP Networks P. Barford and D. Plonka: Characteristics of Network Traffic Flow Anomalies Kimberly C. Claffy and Hans-Werner Braun and George C. Polyzos: A Parameterizable Methodology for Internet Traffic Flow Profiling Rebecca Gurley Bace: Intrusion Detection
Settori scientifico-disciplinari del MIUR: Area 01 - Scienze matematiche e informatiche > INF/01 - Informatica
Area 09 - Ingegneria industriale e dell'informazione > ING-INF/03 - Telecomunicazioni
Date Deposited: 19 Feb 2007
Last Modified: 30 Apr 2014 19:22


Traffic monitoring is a research field whose results can be exploited for several purposes, such as network resource management, security and accounting. An effective monitor needs to be capable of analyzing the traffic flowing through the monitored network by losing as few packets as possible since packet loss may result in a non accurate measurement of the required metrics. Such a monitor captures the packets from the network, associates each packet to a flow by evaluating its characteristics, performs some flow measurements, and exports the results of data analysis. In high speed networks such tasks might be hard to accomplish in an efficient way, as the number of analyzed flows is very high. For this reason, we decided to design and implement a distributed monitoring system comprising several components each responsible for a different task. Such a distributed approach helps overcome the problem of an overloaded monitoring system. Furthermore, distributed systems need an appropriate protocol, that defines the kind as well as the sequence of messages exchanged between system components. In this paper we present both the monitoring architecture and the corresponding management protocol. Finally, in order for the monitoring system to support different kinds of applications, we developed an open framework allowing a user to define a customized set of metrics.


Downloads per month over past year

Actions (login required)

View Item View Item