{"title":"ip流量测量的分布式实时工具","authors":"Y. Kitatsuji, K. Yamazaki","doi":"10.1109/SAINT.2004.1266103","DOIUrl":null,"url":null,"abstract":"It is getting more difficult to monitor multiple services as well as to detect and/or to trace denial of service attacks with only tools showing graphs of the whole IP layer traffic like MRTG or by checking counters of router interfaces. In this paper, we discuss the specification of a software-based real-time measurement tool for flow which consists of multiple capture devices, a manager device and user interface devices, enabling flexible flow definition on demand without stopping system and working with IPv4 and/or IPv6, while also enabling high performance. With this discussion, we propose its architecture, bit-pattern-based flow definition method and data structure. Then we report on the performance evaluation of a prototype of proposed real-time flow measurement tools developed on PC-UNIXs and show that the number of bit-pattern composing flow definitions impact on the performance. Lastly we show an example of measuring flows in a real world environment and confirm that the flow extraction is simplified.","PeriodicalId":340968,"journal":{"name":"2004 International Symposium on Applications and the Internet. Proceedings.","volume":"45 4","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":"{\"title\":\"A distributed real-time tool for IP-flow measurement\",\"authors\":\"Y. Kitatsuji, K. Yamazaki\",\"doi\":\"10.1109/SAINT.2004.1266103\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"It is getting more difficult to monitor multiple services as well as to detect and/or to trace denial of service attacks with only tools showing graphs of the whole IP layer traffic like MRTG or by checking counters of router interfaces. In this paper, we discuss the specification of a software-based real-time measurement tool for flow which consists of multiple capture devices, a manager device and user interface devices, enabling flexible flow definition on demand without stopping system and working with IPv4 and/or IPv6, while also enabling high performance. With this discussion, we propose its architecture, bit-pattern-based flow definition method and data structure. Then we report on the performance evaluation of a prototype of proposed real-time flow measurement tools developed on PC-UNIXs and show that the number of bit-pattern composing flow definitions impact on the performance. Lastly we show an example of measuring flows in a real world environment and confirm that the flow extraction is simplified.\",\"PeriodicalId\":340968,\"journal\":{\"name\":\"2004 International Symposium on Applications and the Internet. Proceedings.\",\"volume\":\"45 4\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2004-08-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"19\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2004 International Symposium on Applications and the Internet. Proceedings.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SAINT.2004.1266103\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2004 International Symposium on Applications and the Internet. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SAINT.2004.1266103","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A distributed real-time tool for IP-flow measurement
It is getting more difficult to monitor multiple services as well as to detect and/or to trace denial of service attacks with only tools showing graphs of the whole IP layer traffic like MRTG or by checking counters of router interfaces. In this paper, we discuss the specification of a software-based real-time measurement tool for flow which consists of multiple capture devices, a manager device and user interface devices, enabling flexible flow definition on demand without stopping system and working with IPv4 and/or IPv6, while also enabling high performance. With this discussion, we propose its architecture, bit-pattern-based flow definition method and data structure. Then we report on the performance evaluation of a prototype of proposed real-time flow measurement tools developed on PC-UNIXs and show that the number of bit-pattern composing flow definitions impact on the performance. Lastly we show an example of measuring flows in a real world environment and confirm that the flow extraction is simplified.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
