Live traffic monitoring with tstat: capabilities and experiences
作者: A. Finamore , M. Mellia , M. Meo , M. M. Munafò , D. Rossi
DOI: 10.1007/978-3-642-13315-2_24
关键词:
摘要: Network monitoring has always played a key role in understanding telecommunication networks since the pioneering time of Internet. Today, traffic become element to characterize network usage and users’ activities, understand how complex applications work, identify anomalous or malicious behaviors, etc. In this paper we present our experience engineering deploying Tstat, passive tool that been developed past ten years. Started as scalable continuously monitor packets flow on link, Tstat evolved into application gives researchers operators possibility derive extended measurements. offers capability track flows, it integrates advanced behavioral classifiers generated flow, automatically derives performance indexes allow easily both activity. After describing capabilities internal design, some examples measurements collected at edge campus for
springer.com
core.ac.uk
acm.org 
sci-hub.st 参考文章(11)
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
Edouard Lagache, Ken Keys, K. C. Claffy, David Moore, Ryan Koga, The CoralReef Software Suite as a Tool for System and Network Administrators usenix large installation systems administration conference. pp. 133- 144 ,(2001)
Dario Rossi, Silvio Valenti, Paolo Veglia, Dario Bonfiglio, Marco Mellia, Michela Meo, Pictures from the Skype ACM SIGMETRICS Performance Evaluation Review. ,vol. 36, pp. 83- 86 ,(2008) , 10.1145/1453175.1453191
Rohit Kapoor, Ling-Jyh Chen, Li Lao, Mario Gerla, M. Y. Sanadidi, CapProbe Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '04. ,vol. 34, pp. 67- 78 ,(2004) , 10.1145/1015467.1015476
Dario Rossi, Marco Mellia, Real-Time TCP/IP Analysis with Common Hardware international conference on communications. ,vol. 2, pp. 729- 735 ,(2006) , 10.1109/ICC.2006.254794
Luigi Rizzo, Dummynet: a simple approach to the evaluation of network protocols acm special interest group on data communication. ,vol. 27, pp. 31- 41 ,(1997) , 10.1145/251007.251012
Marco Mellia, Michela Meo, Luca Muscariello, Dario Rossi, Passive analysis of TCP anomalies Computer Networks. ,vol. 52, pp. 2663- 2676 ,(2008) , 10.1016/J.COMNET.2008.05.010
D. Rossi, M. Mellia, C. Casetti, User patience and the Web: a hands-on investigation global communications conference. ,vol. 7, pp. 4163- 4168 ,(2003) , 10.1109/GLOCOM.2003.1259011
Dario Bonfiglio, Marco Mellia, Michela Meo, Dario Rossi, Paolo Tofanelli, Revealing skype traffic: when randomness plays with you acm special interest group on data communication. ,vol. 37, pp. 37- 48 ,(2007) , 10.1145/1282380.1282386
Allen B. Downey, Using pathchar to estimate Internet link characteristics acm special interest group on data communication. ,vol. 29, pp. 241- 250 ,(1999) , 10.1145/316188.316228