Design of an IP Flow Record Query Language

Authors:
Vladislav Marinov;Jürgen Schönwälder
Affiliations:
Computer Science, Jacobs University Bremen, Germany;Computer Science, Jacobs University Bremen, Germany
Venue:
AIMS '08 Proceedings of the 2nd international conference on Autonomous Infrastructure, Management and Security: Resilient Networks and Services
Year:
2008

Citing 9
Cited 3

Models and issues in data stream systems

Proceedings of the twenty-first ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Automatically inferring patterns of resource consumption in network traffic

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Gigascope: a stream database for network applications

Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Combining Cisco NetFlow Exports with Relational Database Technology for Usage Statistics, Intrusion Detection, and Network Forensics

LISA '00 Proceedings of the 14th USENIX conference on System administration
FlowScan: A Network Traffic Flow Reporting and Visualization Tool

LISA '00 Proceedings of the 14th USENIX conference on System administration
The CoralReef Software Suite as a Tool for System and Network Administrators

LISA '01 Proceedings of the 15th USENIX conference on System administration
Building a time machine for efficient recording and retrieval of high-volume network traffic

IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
The BSD packet filter: a new architecture for user-level packet capture

USENIX'93 Proceedings of the USENIX Winter 1993 Conference Proceedings on USENIX Winter 1993 Conference Proceedings
Tribeca: a system for managing large databases of network traffic

ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference

Design of a Stream-Based IP Flow Record Query Language

DSOM '09 Proceedings of the 20th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Integrated Management of Systems, Services, Processes and People in IT
Implementation of a stream-based IP flow record query language

AIMS'10 Proceedings of the Mechanisms for autonomous management of networks and services, and 4th international conference on Autonomous infrastructure, management and security
Collection and exploration of large data monitoring sets using bitmap databases

TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis

Quantified Score

Hi-index	0.00

Visualization

Abstract

Internet traffic is often summarized by collecting NetFlow/IPFIX flow records. Several tools exist to filter or to search for specific flows in a collection of flow records. However, there is a need for a framework (filter language) which allows certain types of traffic patterns to be defined and matched in a collection of flow records. The goal of this project is to research the various filter/query languages used by tools or proposed in the literature and to extract a common basis for a new orthogonal flow record query language. We present research motivation and state of the art in this paper.