Deutsch
 
Hilfe Datenschutzhinweis Impressum
  DetailsucheBrowse

Datensatz

 
 
DownloadE-Mail
  Exploring Network-Wide Flow Data with Flowyager

Saidi, S. J., Maghsoudlou, A., Foucard, D., Smaragdakis, G., Poese, I., & Feldmann, A. (2020). Exploring Network-Wide Flow Data with Flowyager. Retrieved from https://arxiv.org/abs/2010.13120.

Item is

Basisdaten

einblenden: ausblenden:
Genre: Forschungspapier

Dateien

einblenden: Dateien
ausblenden: Dateien
:
arXiv:2010.13120.pdf (Preprint), 4MB
Name:
arXiv:2010.13120.pdf
Beschreibung:
File downloaded from arXiv at 2020-12-07 09:49 accepted at IEEE TNSM Journal
OA-Status:
Sichtbarkeit:
Öffentlich
MIME-Typ / Prüfsumme:
application/pdf / [MD5]
Technische Metadaten:
Copyright Datum:
-
Copyright Info:
-

Externe Referenzen

einblenden:

Urheber

einblenden:
ausblenden:
 Urheber:
Saidi, Said Jawad1, Autor           
Maghsoudlou, Aniss1, Autor           
Foucard, Damien2, Autor
Smaragdakis, Georgios1, Autor           
Poese, Ingmar2, Autor
Feldmann, Anja1, Autor           
Affiliations:
1Internet Architecture, MPI for Informatics, Max Planck Society, ou_2489697              
2External Organizations, ou_persistent22              

Inhalt

einblenden:
ausblenden:
Schlagwörter: Computer Science, Networking and Internet Architecture, cs.NI
 Zusammenfassung: Many network operations, ranging from attack investigation and mitigation to
traffic management, require answering network-wide flow queries in seconds.
Although flow records are collected at each router, using available traffic
capture utilities, querying the resulting datasets from hundreds of routers
across sites and over time, remains a significant challenge due to the sheer
traffic volume and distributed nature of flow records.
In this paper, we investigate how to improve the response time for a priori
unknown network-wide queries. We present Flowyager, a system that is built on
top of existing traffic capture utilities. Flowyager generates and analyzes
tree data structures, that we call Flowtrees, which are succinct summaries of
the raw flow data available by capture utilities. Flowtrees are self-adjusted
data structures that drastically reduce space and transfer requirements, by 75%
to 95%, compared to raw flow records. Flowyager manages the storage and
transfers of Flowtrees, supports Flowtree operators, and provides a structured
query language for answering flow queries across sites and time periods. By
deploying a Flowyager prototype at both a large Internet Exchange Point and a
Tier-1 Internet Service Provider, we showcase its capabilities for networks
with hundreds of router interfaces. Our results show that the query response
time can be reduced by an order of magnitude when compared with alternative
data analytics platforms. Thus, Flowyager enables interactive network-wide
queries and offers unprecedented drill-down capabilities to, e.g., identify
DDoS culprits, pinpoint the involved sites, and determine the length of the
attack.

Details

einblenden:
ausblenden:
Sprache(n): eng - English
 Datum: 2020-10-252020-10-272020
 Publikationsstatus: Online veröffentlicht
 Seiten: 19 p.
 Ort, Verlag, Ausgabe: -
 Inhaltsverzeichnis: -
 Art der Begutachtung: -
 Identifikatoren: arXiv: 2010.13120
BibTex Citekey: Saidi_arXiv2010.13120
URI: https://arxiv.org/abs/2010.13120
 Art des Abschluß: -

Veranstaltung

einblenden:

Entscheidung

einblenden:

Projektinformation

einblenden:

Quelle

einblenden: