Monitoring and Securing Virtualized Networks and Services 8th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2014 Brno, Czech Republic, June 30-July 3, 2014
1Masaryk University (Kamenice 5, Brno CZ-62500, Czech Republic
- Czech Republic)
Abstract : Deep packet inspection (DPI) and IP flow monitoring are frequently used network monitoring approaches. Although the DPI provides application visibility, detailed examination of every packet is computationally intensive. The IP flow monitoring achieves high performance by processing only packet headers, but provides less details about the traffic itself. Application-aware flow monitoring is proposed as an attempt to combine DPI accuracy and IP flow monitoring performance. However, the impacts, benefits and disadvantages of application flow monitoring have not been studied in detail yet. The work proposed in this paper attempts to rectify this lack of research. We also propose a next generation flow measurement for application monitoring. The flows will represent events within the application protocol, e.g., web page download, instead of packet stream. Finally, we will investigate the performance of different approaches to application classification and application parsing with a computational complexity in mind.
https://hal.inria.fr/hal-01401303
Contributor : Hal Ifip
<>
Submitted on : Wednesday, November 23, 2016 - 10:26:58 AM
Last modification on : Wednesday, November 23, 2016 - 10:37:15 AM
Long-term archiving on : Monday, March 20, 2017 - 10:27:05 PM
Petr Velan, Pavel Čeleda. Next Generation Application-Aware Flow Monitoring. 8th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2014, Brno, Czech Republic. pp.173-178, ⟨10.1007/978-3-662-43862-6_20⟩. ⟨hal-01401303⟩