Distributed Architecture for Real-time Traffic Analysis

Abstract : Traditional real-time IP traffic analysis applied on todays' high-speed network links suffers from the lack of scalability. Although sampling proves to be a promising approach, there are application scenarios foreseen, in which decisions cannot be based on sampled data, e.g., for usage- based charging or intrusion detection systems. Moreover, traditional traffic analysis mechanisms do not map the traffic observed in the network to a particular user, but rather to a particular end-node, which may have been shared by several users. Thus, DARTA (Distributed Architecture for Real-time Traffic Analysis) develops a model for distributed IP traffic analysis and introduces new mechanisms for three different aspects in IP traffic monitoring: (a) a framework enabling the development of distributed traffic analysis applications, (b) a distributed packet capture mechanism, (c) an user-based IP traffic accounting for mapping IP traffic to individual users.
Document type :
Conference papers
Complete list of metadatas

Cited literature [3 references]  Display  Hide  Download

https://hal.inria.fr/hal-01056630
Contributor : Hal Ifip <>
Submitted on : Wednesday, August 20, 2014 - 12:23:24 PM
Last modification on : Friday, August 11, 2017 - 4:20:23 PM
Long-term archiving on : Thursday, November 27, 2014 - 11:36:34 AM

File

61550171.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Cristian Morariu, Burkhard Stiller. Distributed Architecture for Real-time Traffic Analysis. 4th International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2010, Zurich, Switzerland. pp.171-174, ⟨10.1007/978-3-642-13986-4_25⟩. ⟨hal-01056630⟩

Share

Metrics

Record views

175

Files downloads

311