An extensible probe architecture for network protocol performance measurement
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
Automatically inferring patterns of resource consumption in network traffic
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Distributed management by delegation
ICDCS '95 Proceedings of the 15th International Conference on Distributed Computing Systems
Accurate, scalable in-network identification of p2p traffic using application signatures
Proceedings of the 13th international conference on World Wide Web
LISA '94 Proceedings of the 8th USENIX conference on System administration
Transport layer identification of P2P traffic
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
VisFlowConnect: netflow visualizations of link relationships for security situational awareness
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
NVisionIP: netflow visualizations of system state for security situational awareness
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
PortVis: a tool for port-based detection of security events
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
MRTG - The Multi Router Traffic Grapher
LISA '98 Proceedings of the 12th USENIX conference on System administration
MRTG - The Multi Router Traffic Grapher
LISA '98 Proceedings of the 12th USENIX conference on System administration
FlowScan: A Network Traffic Flow Reporting and Visualization Tool
LISA '00 Proceedings of the 14th USENIX conference on System administration
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Visual Correlation of Host Processes and Network Traffic
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Visual Correlation of Host Processes and Network Traffic
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Traffic classification on the fly
ACM SIGCOMM Computer Communication Review
Identifying Known and Unknown Peer-to-Peer Traffic
NCA '06 Proceedings of the Fifth IEEE International Symposium on Network Computing and Applications
Traffic classification through simple statistical fingerprinting
ACM SIGCOMM Computer Communication Review
LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
FFPF: fairly fast packet filters
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
The BSD packet filter: a new architecture for user-level packet capture
USENIX'93 Proceedings of the USENIX Winter 1993 Conference Proceedings on USENIX Winter 1993 Conference Proceedings
Bridging the host-network divide: survey, taxonomy, and solution
LISA '06 Proceedings of the 20th conference on Large Installation System Administration
Characterizing residential broadband networks
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
NetADHICT: a tool for understanding network traffic
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Traffic classification using a statistical approach
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Effective traffic measurement using ntop
IEEE Communications Magazine
Hi-index | 0.02 |
System administrators regularly use the top utility for understanding the resource consumption of the processes running on UNIX computers. Top provides an accurate and real-time display of the computing and memory capacity of the system among the running processes, but it provides no information about the network traffic sent and received by the processes running on the system. Although we've seen a proliferation of network monitoring tools that help system administrators understand the traffic flowing through their networks, most of these tools have been designed for network deployment and can not easily, if at all, provide real-time attribution of network resources to individual processes running on end hosts. In this paper, we describe the design and implementation of Topnet, an extension of the top UNIX utility that provides a process-centric approach to traffic monitoring. Topnet presents users with an intuitive real-time attribution of network resources to individual processes. Our evaluation suggests that Topnet through (i) the familiar user interface of top and (ii) a reasonable performance overhead, provides an accurate way to attribute network traffic to individual processes, enabling users to have a more comprehensive process-aware understanding of network resource consumption in their systems.