Consistency of Network Traffic Repositories: An Overview


Share/Save/Bookmark

Lastdrager, E. and Pras, A. (2009) Consistency of Network Traffic Repositories: An Overview. In: Proceedings of the Third International Conference on Autonomous Infrastructure, Management and Security (AIMS 2009), 30 Jun - 02 Jul 2009, Enschede, The Netherlands.

[img]PDF
Restricted to UT campus only
: Request a copy
134Kb
Abstract:Traffc repositories with TCP/IP header information are very important for network analysis. Researchers often assume that such repositories reliably represent all traffc that has been flowing over the network; little thoughts are made regarding the consistency of these repositories.
Still, for various reasons, the trafc capturing process may have missed packets. For certain kinds of analysis, for example loss measurements, such inconsistencies may lead to the wrong conclusions. This paper proposes an algorithm to detect such inconsistencies, using the idea of “fake gaps”. A prototype has been developed, and used to test two well-known repositories: the WIDE and Simpleweb repositories. The paper shows that both repositories contain several inconsistencies.
Item Type:Conference or Workshop Item
Faculty:
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:http://purl.utwente.nl/publications/67813
Official URL:http://dx.doi.org/10.1007/978-3-642-02627-0_15
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page