Diagnosing network-wide traffic anomalies
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
ORBIT Measurements Framework and Library (OML): Motivations, Design, Implementation, and Features
TRIDENTCOM '05 Proceedings of the First International Conference on Testbeds and Research Infrastructures for the DEvelopment of NeTworks and COMmunities
An integrated experimental environment for distributed systems and networks
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Optimal positioning of active and passive monitoring devices
CoNEXT '05 Proceedings of the 2005 ACM conference on Emerging network experiment and technology
Is sampled data sufficient for anomaly detection?
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
The power of slicing in internet flow measurement
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
LADS: large-scale automated DDOS detection system
ATEC '06 Proceedings of the annual conference on USENIX '06 Annual Technical Conference
SEER: a security experimentation EnviRonment for DETER
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
Very large scale cooperative experiments in Emulab-derived systems
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
Reformulating the monitor placement problem: optimal network-wide sampling
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
CSAMP: a system for network-wide flow monitoring
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Scalable coordination techniques for distributed network monitoring
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Hi-index | 0.00 |
Despite experimental testbeds' rapid growth and continued strong demand by researchers, the power of testbeds can be further increased by providing additional tools to help experimenters instrument their experiments. Experimenters with improved instrumentation support can deepen their understanding of experiment operation, and have an easier task of generating high quality datasets to share with the community. We introduce a prototype tool that automatically deploys an instrumentation overlay on an existing testbed experiment. Netflowize modifies instantiated experiments to collect experiment-wide flow statistics. The resources consumed by the flow collection process are specified by the experimenter. NetFlow records are widely used by the networking and security research communities for tasks ranging from traffic engineering to detecting anomalous behaviors associated with zero-day attacks. We discuss tool design and implementation, present usage examples, and highlight the many challenges of auto-deploying an experiment-wide monitoring infrastructure.