Trajectory sampling for direct traffic observation
IEEE/ACM Transactions on Networking (TON)
Cluster-based online monitoring system of web traffic
Proceedings of the 3rd international workshop on Web information and data management
New directions in traffic measurement and accounting
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
The Architecture of NG-MON: A Passive Network Monitoring System for High-Speed IP Networks
DSOM '02 Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications
| Hi-index | 0.00 |
Current high-speed links become a challenge to traditional real-time analysis of IP traffic. Major research was done in finding sampling methods for IP packets and IP flows in order to reduce the amount of data that needs to be processed while keeping a high level of result accuracy. Although sampling proves to be a promising approach, there may be application sce-narios foreseen, in which decisions may not be based on sampled data, e.g.,usage based charging or intrusion detection systems. This paper proposes a distributed architecture for collecting, analysing and storing of IP traffic data. This approach aims to provide a high level of automation, self-configuration, and self-healing so that new nodes may be easily added or removed to/from the analysis network. The proposed solution makes use of unused processing power existing in the network (such as customer's PCs of an ISP) to achieve real-time analysis of IP traffic for high-speed network links.