DOI QR코드

DOI QR Code

Application-Level Traffic Monitoring and an Analysis on IP Networks

  • Received : 2004.04.08
  • Published : 2005.02.28

Abstract

Traditional traffic identification methods based on wellknown port numbers are not appropriate for the identification of new types of Internet applications. This paper proposes a new method to identify current Internet traffic, which is a preliminary but essential step toward traffic characterization. We categorized most current network-based applications into several classes according to their traffic patterns. Then, using this categorization, we developed a flow grouping method that determines the application name of traffic flows. We have incorporated our method into NG-MON, a traffic analysis system, to analyze Internet traffic between our enterprise network and the Internet, and characterized all the traffic according to their application types.

Keywords

References

  1. DSOM 2002 The Architecture of NG-MON: A Passive Network Monitoring System, LNCS 2506 Han, Se-Hee;Kim, Myung-Sup;Ju, Hong-Taek;Hong, James W.
  2. Proc. of 2002 Asia-Pacific Network Operations and Management Symp. (APNOMS 2002) Design of Next Generation High-Speed IP Network Traffic Monitoring and Analysis System Han, Se-Hee;Ju, Hong-Taek;Kim, Myung-Sup;Hong, James W.
  3. Multiprotocol Label Switching Architecture, RFC3031 Rosen, E.;Viswanathan, A.;Callon, R.
  4. Passive and Active Measurement Workshop An Infrastructure for Passive Network Monitoring of Application Data Streams Agarwal, Deb;Gonzalez, Jose Maria;Jin, Goujun;Tierney, Brian
  5. Passive and Active Measurement Workshop Passively Monitoring Networks at Gigabit Speeds Using Commodity Hardware and Open Source Software Deri, Luca
  6. Lecture Notes in Computer Science 2867;14th IFIP/IEEE Int’l Workshop on Distributed Systems: Operations and Management (DSOM 2003) Towards Peer-to-Peer Traffic Analysis Using Flows Kim, Myung-Sup;Kang, Hun-Jeong;Hong, James W.;Brunner, Marcus(ed.);Keller, Alexander(ed.)
  7. Lecture Notes in Computer Science 2867;14th IFIP/IEEE Int’l Workshop on Distributed Systems: Operations and Management (DSOM 2003) A Method on Multimedia Service Traffic Monitoring and Analysis Kang, Hun-Jeong;Kim, Myung-Sup;Hong, James Won-Ki;Brunner, Marcus(ed.);Keller, Alexander(ed.)
  8. Proc. of 2002 Asia-Pacific Network Operations and Management Symp. (APNOMS 2002) Towards Streaming Media Traffic Monitoring and Analysis Kang, Hun-Jeong;Ju, Hong-Taek;Kim, Myung-Sup;Hong, James W.
  9. Internet2
  10. Proc. of the second ACM SIGCOMM Workshop on Internet Measurement Workshop Analyzing Peer-to-Peer Traffic across Large Networks Sen, Subhabrata;Wang, Jia
  11. National Cable & Telecommunications Association (NCTA) 2003 National Show P2P The Gorilla in the Cable Gerber, Alexandre;Houle, Joseph;Nguyen, Han;Roughan, Matthew;Sen, Subhabrata
  12. Proc. of the Fifth Symp. on Operating Systems Design and Implementation (OSDI 2002) An Analysis of Internet Content Delivery Systems Saroiu, Stefan;Gummadi, Krishna P.;Dunn, Richard J.;Gribble, Steven D.;Levy, Henry M.
  13. 3rd IEEE Workshop on Internet Applications (WIAPP'03) Deconstructing the KaZaA Network Leibowitz, Nathaniel;Ripeanu, Matei;Wierzbicki, Adam
  14. 7th Int’l Workshop on Web Content Caching and Distribution (WCW) Are File Swapping Networks Cacheable? Leibowitz, Nathaniel;Bergman, Aviv;Ben-Shaul, Roy;Shavit, Aviv
  15. IANA
  16. Windows Media Technology Microsoft
  17. ACM Computer Communication Review v.30 no.4 mmdump- A Tool for Monitoring Internet Multimedia Traffic Merwe, Jacobus van der;Caceres, Ramon;Chu, Yang-hua;Sreenan, Cormac
  18. Proc. of 2003 Asia-Pacific Network Operations and Management Symp.(APNOMS 2003) Rate-Based Internet Accounting System Using Application-Aware Traffic Measurement Choi, T.S.;Kim, C.H.;Yoon, S.H.;Park, J.S.;Chung, H.S.;Lee, B.J.;Kim, H.H.;Jeong, T.S.
  19. Argus
  20. Proc. of the Passive and Active Measurement Workshop (PAM2002) Analysing Campus Traffic Using the meter-MIB Poortinga, Remco;van de Meent, Remco;Pras, Aiko
  21. IEEE Network Packet-Level Traffic Measurements from the Sprint IP Backbone Fraleigh, Chuck;Moon, Sue;Lyles, Bryan;Cotton, Chase;Khan, Mujahid;Moll, Deb;Rockell, Rob;Seely, Ted;Diot, Christophe
  22. Proc. of Workshop on Passive and Active Measurements (PAM2001) Integrating IP Traffic Flow Measurement Quittek, Juergen;Pias, Marcelo;Brunner, Marcus
  23. The Impact of BGP Dynamics on Intra-Domain Traffic, Sprint ATL Research Report Nr. RR03-ATL-111377 Agarwal, Sharad;Chuah, Chen-Nee;Bhattacharyya, Supratik;Diot, Christophe
  24. Proc. of the 2nd Int’l Workshop on Peer-to-Peer Systems (IPTPS '03) Understanding Availability Bhagwan, Ranjita;Savage, Stefan;Voelker, Geoffrey
  25. ACM SIGCOMM Internet Measurement Workshop Early Measurements of a Cluster-Based Architecture for P2P Systems Krishnamurthy, B.;Wang, J.;Xie, Y.
  26. Proc. of the 19th ACM Symp. on Operating Systems Principles (SOSP-19) Measurement, Modeling, and Analysis of a Peer-to-Peer File-Sharing Workload Gummadi, Krishna P.;Dunn, Richard J.;Saroiu, Stefan;Gribble, Steven D.;Levys, Henry M.;Zahorjan, John
  27. Proc. of Int’l Conf. on Distributed Computing Systems A Measurement Study of Peer-to-Peer File Sharing Systems Saroiu, S.;Gummadi, P.;Gribble, S.D.
  28. A Measurement Study of Napster and Gnutella as Examples of Peer-to-Peer File Sharing Systems Gummadi, Krishna P.;Saroiu, Stefan;Gribble, Steven
  29. Proc. of ITCom: Scalability and Traffic Control in IP Networks Availability and Locality Measurements of Peer-to-Peer File Systems Chu, J.;Labonte, K.;Levine, B.
  30. 2nd IEEE/ACM Int’l Symp. on Cluster Computing and the Grid Tracing a Large-Scale Peer-to-Peer System: an Hour in the Life of Gnutella Markatos, E.P.
  31. FlowScan Plonka, Dave

Cited by

  1. Game Traffic Classification Using Statistical Characteristics at the Transport Layer vol.32, pp.1, 2005, https://doi.org/10.4218/etrij.10.0109.0236
  2. 고정 IP-port 기반 응용 레벨 인터넷 트래픽 분석에 관한 연구 vol.c17, pp.2, 2005, https://doi.org/10.3745/kipstc.2010.17c.2.205
  3. 통계 시그니쳐 기반 트래픽 분석 시스템의 성능 향상 vol.c18, pp.4, 2011, https://doi.org/10.3745/kipstc.2011.18c.4.243
  4. 멀티 코어 환경에서 실시간 트래픽 분석 시스템 처리속도 향상 vol.b37, pp.5, 2005, https://doi.org/10.7840/kics.2012.37b.5.348
  5. Libpcap를 이용한 Cacti기반 네트워크 트래픽 모니터링 시스템 vol.16, pp.8, 2005, https://doi.org/10.6109/jkiice.2012.16.8.1613
  6. HTTP Host를 이용한 웹 어플리케이션 인식에 관한 연구 vol.2, pp.8, 2005, https://doi.org/10.3745/ktccs.2013.2.8.327
  7. 통계 정보 기반 트래픽 분석 방법론의 성능 향상 vol.2, pp.8, 2005, https://doi.org/10.3745/ktccs.2013.2.8.335
  8. An Integrated Method for Application-level Internet Traffic Classification vol.8, pp.3, 2005, https://doi.org/10.3837/tiis.2014.03.007
  9. Software Design for High-Speed Data Capture vol.536, pp.None, 2005, https://doi.org/10.4028/www.scientific.net/amm.536-537.536
  10. Application Traffic Classification using PSS Signature vol.8, pp.7, 2005, https://doi.org/10.3837/tiis.2014.07.004
  11. A Scalable Carrier-Grade DPI System Architecture Using Synchronization of Flow Information vol.32, pp.10, 2014, https://doi.org/10.1109/jsac.2014.2358836
  12. Cognitive optical network testbed: EU project CHRON vol.7, pp.2, 2015, https://doi.org/10.1364/jocn.7.00a344
  13. 최신 네트워크 응용 분류를 위한 자동화 페이로드 시그니쳐 업데이트 시스템 vol.42, pp.1, 2005, https://doi.org/10.7840/kics.2017.42.1.98
  14. The Research Of Address Message Of An Unknown Single Protocol Data Frame vol.24, pp.1, 2005, https://doi.org/10.1080/10798587.2016.1267445
  15. Traffic identification method based on multiple probabilistic neural network model vol.31, pp.2, 2005, https://doi.org/10.1007/s00521-017-3081-x