Beyond folklore: observations on fragmented traffic
IEEE/ACM Transactions on Networking (TON)
More Netflow Tools for Performance and Security
LISA '04 Proceedings of the 18th USENIX conference on System administration
The slab allocator: an object-caching kernel memory allocator
USTC'94 Proceedings of the USENIX Summer 1994 Technical Conference on USENIX Summer 1994 Technical Conference - Volume 1
NAF: the NetSA aggregated flow tool suite
LISA '06 Proceedings of the 20th conference on Large Installation System Administration
New directions in privacy-preserving anomaly detection for network traffic
Proceedings of the 1st ACM workshop on Network data anonymization
A Real-Time Algorithm for Skype Traffic Detection and Classification
NEW2AN '09 and ruSMART '09 Proceedings of the 9th International Conference on Smart Spaces and Next Generation Wired/Wireless Networking and Second Conference on Smart Spaces
Effective traffic measurement using ntop
IEEE Communications Magazine
Identifying skype traffic in a large-scale flow data repository
TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
Towards bandwidth estimation using flow-level measurements
AIMS'12 Proceedings of the 6th IFIP WG 6.6 international autonomous infrastructure, management, and security conference on Dependable Networks and Services
Classifying internet one-way traffic
Proceedings of the 2012 ACM conference on Internet measurement conference
Wire-speed statistical classification of network traffic on commodity hardware
Proceedings of the 2012 ACM conference on Internet measurement conference
Scap: stream-oriented network traffic capture and analysis for high-speed networks
Proceedings of the 2013 conference on Internet measurement conference
Protocol misidentification made easy with format-transforming encryption
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
A flow meter generates flow data - which contains information about each connection observed on a network - from a stream of observed packets. Flow meters can be implemented in standalone measurement devices or inline on packet forwarding devices, such as routers. YAF (Yet Another Flowmeter) was created as a reference implementation of an IPFIX Metering and Exporting Process, and to provide a platform for experimentation and rapid deployment of new flow meter capabilities. Significant engineering effort has also gone into ensuring that YAF is a high performance, flexible, stable, and capable flow collector. This paper describes the some of the issues we encountered in designing and implementing YAF, along with some background on some of the technologies that we chose for implementation. In addition we will describe some of our experiences in deploying and operating YAF in large-scale networks.