Salvi, Dario and Mazzariello, Claudio and Oliviero, Francesco and D'Antonio, Salvatore (2005) A Distributed multi-purpose IP flow monitor. In: 3° International Workshop on Internet Performance, Simulation, Monitoring and Measurement IPS-MoMe, 14-15 March 2005, Warsaw, Poland.

Il contenuto (Full text) non è disponibile all'interno di questo archivio.
Tipologia del documento: Contributo a Convegno o Workshop (Comunicazione)
Titolo: A Distributed multi-purpose IP flow monitor
Data: 2005
Tipo di data: Pubblicazione
Numero di pagine: 9
URL ufficiale:
Tipo di evento: Workshop
Titolo dell'evento: 3° International Workshop on Internet Performance, Simulation, Monitoring and Measurement IPS-MoMe
Luogo dell'evento: Warsaw, Poland
Data dell'evento: 14-15 March 2005
Data: 2005
Numero di pagine: 9
Parole chiave: traffic measurements, IP flow monitoring, Last Recently Used caching, Traffic profiling, Intrusion detection
Riferimenti bibliografici: N. Brownlee and C. Mills and G. Ruth: RFC 2063 Traffic Flow Measurement: Architecture Ganesh Sadasivan and Nevil Brownlee and B. Claise and J. Quittek: IPFIX Working Group Internet Draft, Architecture Model for IP Flow Information Export Yun Mao and Kang Chen and Dongsheng Wang and Weimin Zheng: Cluster-based Online Monitoring System of Web Traffic Yoshinori Kitatsuji and Katsuyuki Yamazaki: A Distributed Real-time Tool for IP-Flow Measurement Se-Hee Han and Myung-Sup Kim and Hong-Taek Ju and James Won-Ki Hong: The Architecture of NG-MON: A Passive Network Monitoring System for High-Speed IP Networks P. Barford and D. Plonka: Characteristics of Network Traffic Flow Anomalies Kimberly C. Claffy and Hans-Werner Braun and George C. Polyzos: A Parameterizable Methodology for Internet Traffic Flow Profiling Rebecca Gurley Bace: Intrusion Detection
Settori scientifico-disciplinari del MIUR: Area 01 - Scienze matematiche e informatiche > INF/01 - Informatica
Area 09 - Ingegneria industriale e dell'informazione > ING-INF/03 - Telecomunicazioni
Depositato il: 19 Feb 2007
Ultima modifica: 30 Apr 2014 19:22


Traffic monitoring is a research field whose results can be exploited for several purposes, such as network resource management, security and accounting. An effective monitor needs to be capable of analyzing the traffic flowing through the monitored network by losing as few packets as possible since packet loss may result in a non accurate measurement of the required metrics. Such a monitor captures the packets from the network, associates each packet to a flow by evaluating its characteristics, performs some flow measurements, and exports the results of data analysis. In high speed networks such tasks might be hard to accomplish in an efficient way, as the number of analyzed flows is very high. For this reason, we decided to design and implement a distributed monitoring system comprising several components each responsible for a different task. Such a distributed approach helps overcome the problem of an overloaded monitoring system. Furthermore, distributed systems need an appropriate protocol, that defines the kind as well as the sequence of messages exchanged between system components. In this paper we present both the monitoring architecture and the corresponding management protocol. Finally, in order for the monitoring system to support different kinds of applications, we developed an open framework allowing a user to define a customized set of metrics.

Actions (login required)

Modifica documento Modifica documento