A Framework For Maximizing Traffic Monitoring Utility In Network V.Architha #1, Y.Nagendar *2



Similar documents
LEISURE: A Framework for Load-Balanced Network-Wide Traffic Measurement

Solutions for Finding Network Traffic Measurements and Analysis

Exploring Resource Provisioning Cost Models in Cloud Computing

Reformulating the monitor placement problem: Optimal Network-wide wide Sampling

Measurement-aware Monitor Placement and Routing

Accessing Private Network via Firewall Based On Preset Threshold Value

Multi-Commodity Flow Traffic Engineering with Hybrid MPLS/OSPF Routing

International Journal of Advanced Research in Computer Science and Software Engineering

Research on Errors of Utilized Bandwidth Measured by NetFlow

Echidna: Efficient Clustering of Hierarchical Data for Network Traffic Analysis

Automating Network Monitoring on Experimental Testbeds

Load Distribution in Large Scale Network Monitoring Infrastructures

A Catechistic Method for Traffic Pattern Discovery in MANET

QUALITY OF SERVICE METRICS FOR DATA TRANSMISSION IN MESH TOPOLOGIES

ISSN Index Terms Cloud computing, outsourcing data, cloud storage security, public auditability

Revisiting the Issues On Netflow Sample and Export Performance

An Efficient Algorithm for Measuring Medium- to Large-sized Flows in Network Traffic

ICND2 NetFlow. Question 1. What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring. B.

DESIGN OF CLUSTER OF SIP SERVER BY LOAD BALANCER

Disjoint Path Algorithm for Load Balancing in MPLS network

Firewall Policy Anomalies- Detection and Resolution

Traffic Engineering approaches using Multicriteria Optimization Techniques

Two Approaches to Internet Traffic Engineering for End-to-End Quality of Service Provisioning

Dynamics of Prefix Usage at an Edge Router

Bandwidth Sharing with Primary Paths for Protection Routing in an MPLS Network

TOPOLOGIES NETWORK SECURITY SERVICES

2004 Networks UK Publishers. Reprinted with permission.

Accurate Anomaly Detection using Adaptive Monitoring and Fast Switching in SDN

A Network Recovery Scheme for Node or Link Failures using Multiple Routing Configurations

Towards Accurate Online Traffic Matrix Estimation in Software-Defined Networks

Traffic Engineering in SDN/OSPF Hybrid Network

Analysis of Effect of Handoff on Audio Streaming in VOIP Networks

Network congestion control using NetFlow

Network-Wide Class of Service (CoS) Management with Route Analytics. Integrated Traffic and Routing Visibility for Effective CoS Delivery

How To Monitor Network Traffic With Sflow Vswitch On A Vswitch

Packet Sampling and Network Monitoring

CREATING MINIMIZED DATA SETS BY USING HORIZONTAL AGGREGATIONS IN SQL FOR DATA MINING ANALYSIS

Content Distribution Scheme for Efficient and Interactive Video Streaming Using Cloud

Scheduling Allowance Adaptability in Load Balancing technique for Distributed Systems

Path Selection Methods for Localized Quality of Service Routing

Probability-Model based Network Traffic Matrix Estimation

Load Balancing Mechanisms in Data Center Networks

Stability of QOS. Avinash Varadarajan, Subhransu Maji

AN EFFICIENT STRATEGY OF AGGREGATE SECURE DATA TRANSMISSION

A Topology-Aware Relay Lookup Scheme for P2P VoIP System

Measuring the Shared Fate of IGP Engineering and Interdomain Traffic

Cisco IOS Flexible NetFlow Technology

IMPACT OF DISTRIBUTED SYSTEMS IN MANAGING CLOUD APPLICATION

Efficiently Managing Firewall Conflicting Policies

EFFECTIVE DATA RECOVERY FOR CONSTRUCTIVE CLOUD PLATFORM

Simulation of Heuristic Usage for Load Balancing In Routing Efficiency

Analysis of Internet Topologies

Characteristics of Network Traffic Flow Anomalies

CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks

MAXIMIZING RESTORABLE THROUGHPUT IN MPLS NETWORKS

Quality of Service Routing Network and Performance Evaluation*

Introduction. The Inherent Unpredictability of IP Networks # $# #

An Adaptive MT-BGP Traffic Engineering Based on Virtual Routing Topologies

Self-Compressive Approach for Distributed System Monitoring

International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE) ISSN: Volume 8 Issue 1 APRIL 2014.

Detecting MAC Layer Misbehavior in Wifi Networks By Co-ordinated Sampling of Network Monitoring

Analysis of Internet Topologies: A Historical View

A Passive Method for Estimating End-to-End TCP Packet Loss

Review of UNIVMON and Its Advantages

Bisecting K-Means for Clustering Web Log data

ENHANCED PROVISIONING ALGORITHM FOR VIRTUAL PRIVATE NETWORK IN HOSE MODEL WITH QUALITY OF SERVICE SUPPORT USING WAXMAN MODEL

Efficient Parallel Distributed Load Balancing in Content Delivery Networks

G.Vijaya kumar et al, Int. J. Comp. Tech. Appl., Vol 2 (5),

An Architecture for the Self-management of Lambda-Connections in Hybrid Networks

A Novel Distributed Denial of Service (DDoS) Attacks Discriminating Detection in Flash Crowds

A Study of Network Security Systems

Transcription:

A Framework For Maximizing Traffic Monitoring Utility In Network V.Architha #1, Y.Nagendar *2 #1 M.Tech, CSE, SR Engineering College, Warangal, Andhra Pradesh, India *2 Assistant Professor, Department of CSE, SR Engineering College, Warangal, Andhra Pradesh, India Abstract--Monitoring network traffic has many important utilities that will help network personnel to safeguard interest of network. Monitoring will help in traffic engineering, forensics, troubleshooting, debugging and traffic accounting. Existing solutions to the problem of traffic monitoring focused on the placement of monitors across the network in order to maximize the utility of traffic monitoring. The monitors thus placed can provide optimal performance. However, the network experiences dynamic flows and measuring objectives might change from time to time. This will make the placement of same monitors suboptimal. Recently Raza et al. addressed this problem by using the concept of fixed monitors for routing traffic sub populations. This achieves efficient use of bandwidth, and improves Quality of Service (QoS) besides compliance with traffic engineering objectives. In this paper we implement a custom simulator to demonstrate the proof of concept. The empirical results revealed that the traffic monitoring approach is effective and can be used in real world networking applicaitons. Index Terms Routing, traffic monitoring, heterogeneous flows, traffic engineering I. INTRODUCTION In all kinds of networks monitoring is essential to analyze traffic flows and protect the network from attacks. Many works towards it are found in the literature. They focused on placement and configurations decisions of network monitors. Network has many measurement objectives and network exhibits certain characteristics. The optimal placement of network monitors plays an important role in achieving the best traffic engineering. The network monitors that observe traffic flows for long time may prove suboptimal as the measurement objectives and traffic characteristic might change over time thus making the monitors sub optimal. Traffic engineering concepts taking input as network flows and investigates monitor placement based on the traffic analysis were explored in [1], [2] and [3]. Similar to these a novel approach for network monitoring was proposed by Raza et al. [4]. Their solution to the problem is named MeasuRouting. This will forward network flows, which are dynamic in nature, to various routes where the traffic can be monitored in a best way. In other words, the MeasuRouting takes dynamic flows as input and considers monitoring activities based on the traffic flows keeping traffic characteristics and changing monitoring objectives in mind. MeasuRouting faces challenges like working in the given constraints and meeting the requirements of QoS. MeasuRouting can be used in various scenarios. For instance, it can be used when routers have uniform sampling implementation and the network operator has interest in traffic monitoring, the MeasuRouting can be used effectively. In this paper we implement the traffic monitoring framework proposed by Raza et al. [4]. We build a custom simulator prototype that can demonstrate the proof of concept. The empirical results are encouraging. The remainder of the paper is organized as follows. Section II reviews literature. Section III provides overview of the traffic monitoring framework. Section IV presents prototype implementation. Section V presents experimental results while section VI concludes the paper. II. PRIOR WORKS The prior work on network traffic monitoring is found in the literature. It focused on three aspects. First, observation of characteristics of actual traffic from sampled traffic. Second, investigating the effects of oblivious sampling on the monitoring abilities of network. Third, strategic placement of network monitors for optimal results. Various sampling approaches were explored in [5] at both time-based and packet-based granularities. More research was made on estimation of heavy-hitter traffic, traffic matrices and traffic, flow-size distributions and traffic volume[6], [7], [8], [9], [1], [11], [12], and [13]. Conventional sampling techniques were explored in [14] and anomaly detection algorithms were explored in [15]. Specific traffic sub populations [16] are the main focus of all these researches. Defining traffic sub population in flexible manner is done in [17] and [18]. All these ISSN: 2231-283 http://www.ijcttjournal.org Page356

works focused on monitoring at one monitor while the work done by Raza et al. [4] focused on best use of all monitors and strategic deployment of monitors. The close researches to [4] include [19] and [2] as they strive to achieve coordination among multiple monitors to maximize the monitoring activity across the network. There are three problems solved by the proposed solutions. The first problem is known as Least TE Disruption Routing (LTD) which is formulated as follows. III. OVERVIEW OF PROPOSED FRAMEWORK The proposed approach is based on the work done in [4].The traffic monitoring needs Traffic Engineering (TE) policies. Within the confines of the policy, the proposed approach improves traffic monitoring utility in three different ways. 1. For aggregated flows generally TE policy is defined. For placement of traffic common intra-domain protocols such as IS-IS [21], OSPF 22] are used. Routing fine grained traffic sub populations without causing problems to aggregate routing. This concept is illustrated in fig. 1 (a) with four traffic flows. 2. The second way is influenced by TE objectives as they are oblivious to aggregate traffic and considers maximization summary metrics. This will violate the traffic characteristics and monitoring objectives. Fig. 1 (b) illustrates this approach. 3. In this approach it is allows to support violations to the specified level. There will be tradeoff between the TE policy and advantages. This concept is illustrated in Fig. 1 (c). The second problem is No Routing Loops Routing () where routing loops are not desirable for routing implementations in the real world. By restricting a set of links the loops are avoided. This is achieved using LTD with additional constraint as formulated below. The algorithm presented infig. 2 is used to find feasible routing for each flowset. Fig. 1 Three ways of enhancing traffic monitoring utility ISSN: 2231-283 http://www.ijcttjournal.org Page3561

Fig.2- Algorithm to demonstrate multiple ways of constructing feasible routing (excerpt from [4]) The third problem is Relaxed Sticky Routes Routing (RSR). No routing loops are there in. However, it may not be feasible based on exact forwarding mechanisms. The RSR approach uses micro flowsets that are to be routed across a link which is not in the list of shorted paths. Thus RSR ensures that the micro flowset routing does not allow macro flowset traffic. This is achieved using LTD with some additional constraint as shown below. The three routing problems such as LTD, and RSR work with restrictions with different degrees. The LTD is flexible. However, it may result in loops. NLR does not allow loops but violation of routing semantics may take place. RSR overcomes the drawbacks of NLR and LTD. More information about these problems can be found in [4]. IV. PROTOTYPE IMPLEMENTATION We have implemented a prototype application which is nothing but our Customer Simulator to demonstrate the routing assisted traffic monitoring concept as proposed in [4]. We used Java platform for building the prototype. The environment used for the application development is a PC with 4GB RAM and Core 2 dual processing running Windows XP operating system. We used Net Beans IDE for rapid prototype building. V. EXPERIMENTAL RESUTLS For experiments certain parameters are considered. They are presented in table 1. We evaluated the proposed framework in terms of per flow performance gain with LTD,, and RSR. Experiments are also made with micro-flowsets and macro flowsets. Table 1 Experimental parameters (excerpt from [4]) As seen in table 1, four parameters are considered for experiments. They include flows for micro-flowset, micro-flowsets per macro-flowset, violation threshold of TE and micro-flowset sampling utility. The experimental results are presented below as a series of graphs plotted. F(x) Fig. 3 Illustrates per flow performance gain using LTD As can be seen in fig. 3, the cumulative distribution function of the per flow performance gain is presented. F(X) Fig. 4 Illustrates per flow performance gain using 1.2 1.8.6.4.2 1.2 1.8.6.4.2 5 1 1.5 2 Per Flow Performance Gain(%).5 1 1.5 2 2.5 Per Flow Performance Gain(%) As can be seen in fig. 4, the cumulative distribution function of the per flow performance gain is presented. ISSN: 2231-283 http://www.ijcttjournal.org Page3562

=Overall Performance Gain(%) Fig. 5 Performance of RSR and for different k As can be seen in fig. 5, the performance gain of RSR and for different k is almost same. The same trend is shown for all k values. = overall Performance gain(%) Fig. 6 Performance for different As can be seen infig. 6, performance of RSR and are increased as is increased. The horizontal axis represented value while the vertical axis represents overall performance gain. =Overall Performance Gain (%) 1.5 1 9.5 1.5 6 5 4 3 2 1 9.5 8.5 1 9 8 9 1 15 2 25 3 K RSR.5.1.15.2 Axis Title RSR NLR.5.1.15 AS1239.2 Axis Title RSR AS1221 NLR AS1221 RSR AS1239 Fig. 7 Performance for different networks As can be seen in fig. 7, performance proposed routing for different networks is presented. The overall performance gain is visualized for four different networks. The performance gains are more in case of AS1239. 6 4 2 Fig. 8 Performance for different micro-flowset assignments As can be seen in fig. 9, the performance gain of various micro-flowset assignments is presented. The reduced diversity in the sampling of micro-flowsets decreased the performance. VI. CONCLUSION In this paper we implement the network monitoring approach proposed by Raza et al. [4] for routing the network flows intelligently. This is achieved by placing monitors over network strategically. The proposed routing framework is governed by traffic characteristics of the network and monitoring objectives. Diversity in the network flows can be handled by the proposed framework. We built a custom simulator prototype to demonstrate the concept of routing assisted traffic monitoring. By intelligently placing monitors over network it will improve the routingperformance besides improving throughput and QoS. The experimental results revealed that the proposed framework is effective and can be used in real time network monitoring applications. REFERENCES RSR Ordered NLR Ordered RSR Random NLR Random.5.1.15.2 [1] G. R. Cantieni, G. Iannaccone, C. Barakat, C. Diot, and P. Thiran, Reformulating the monitor placement problem: Optimal network-wide sampling, in Proceedings of ACM CoNEXT, 26. ISSN: 2231-283 http://www.ijcttjournal.org Page3563

[2] K. Suh and Y. Guo and J. Kurose and D. Towsley, Locating network monitors: Complexity, heuristics and coverage, in Proceedings of IEEEINFOCOM, March 25. [3] C. Chaudet, E. Fleury, I. G. Lassous, H. Rivano, and M.-E. Voge, Optimal positioning of active and passive monitoring devices, in Proceedings of ACM CoNEXT, 25, pp. 71 82. [4] Saqib Raza, Guanyao Huang, Chen-Nee Chuah, Srini Seetharaman and Jatinder Pal Singh, MeasuRouting: A Framework for Routing Assisted Traffic Monitoring, IEEE INFOCOM 21. [5] K. C. Claffy, G. C. Polyzos, and H.-W. Braun, Application of sampling methodologies to network traffic characterization, in Proceedings ofacm SIGCOMM, 1993. [6] B.-Y. Choi and S. Bhattacharyya, On the Accuracy and Overhead of Cisco Sampled NetFlow, in Proceedings of ACM SIGMETRICSWorkshop on Large Scale Network Inference (LSNI), June 25. [7] N. Duffield, C. Lund, and M. Thorup, Predicting Resource Usage and Estimation Accuracy in an IP Flow Measurement Collection Infrastructure, in Proceedings of ACM SIGCOMM, 23, pp. 179 191. [17] H. V. Madhyastha and B. Krishnamurthy, A Generic Language forapplication-specific Flow Sampling, ACM Computer CommunicationReview, vol. 38, no. 2, April 28. [18] L. Yuan, C.-N. Chuah, and P. Mohapatra, ProgME: Towards ProgrammableNetwork MEasurement, in Proceedings of ACM SIGCOMM,27. [19] M. R. Sharma and J. W. Byers, Scalable Coordination Techniques fordistributed Network Monitoring, in Proceedings of Passive and Activenetwork Measurement (PAM) workshop, April 25. [2] V. Sekar, M. K. Reiter, W. Willinger, H. Zhang, R. R. Kompella,and D. G. Andersen, CSAMP: A System for Network- Wide FlowMonitoring, in Proceedings of USENIX NSDI, 28. [21] OSPF, http://tools.ietf.org/html/rfc2328, April 1998. [22] IS-IS, http://tools.ietf.org/html/rfc1142, February 199. AUTHORS [8] C. Estan, K. Keys, D. Moore, and G. Varghese, Building a Better NetFlow, in Proceedings of ACM SIGCOMM, 24. [9] C. Estan and G. Varghese, New directions in traffic measurement and accounting: Focusing on the elephants, ignoring the mice, ACMTransactions on Computer Systems, vol. 21, no. 3, pp. 27 313, August 23. [1] N. Hohn and D. Veitch, Inverting sampled traffic, in Proceedings of ACM SIGCOMM, 23. [11] R. Kompella and C. Estan, The Power of Slicing in Internet Flow Measurement, in Proceedings of ACM SIGCOMM, 25. V.Architha, She is pursuing M.Tech (CSE) in SR Engineering College, Warangal, AP, INDIA. She has received B.Tech degree in Information Technology. Her main research interest includes Networking [12] A. Kumar, M. Sung, J. Xu, and J. Wang, Data streaming algorithms for efficient and accurate estimation of flow size distribution, inproceedings of ACM SIGMETRICS, 24, pp. 177 188. [13] Y. Zhang, M. Roughan, C. Lund, and D. Donoho, An Information-Theoretic Approach to Traffic Matrix Estimation, in Proceedings ofacm SIGCOMM, 23, pp. 31 312. [14] X. Li, F. Bian, M. Crovella, C. Diot, R. Govindan, G. Iannaccone, and A. Lakhina, Detection and Identification of Network AnomaliesUsing Sketch Subspaces, in Proceedings of ACM Internet MeasurementConference, 26. [15] J. Mai, C.-N. Chuah, A. Sridharan, T. Ye, and H. Zang, Is sampled datasufficient for anomaly detection? in Proceedings of ACM IMC, 26. [16] A. Ramachandran, S. Seetharaman, N. Feamster, and V. Vazirani, FastMonitoring of Traffic Subpopulations, in Proceedings of ACM InternetMeasurement Conference, 28. Nagendar Yamsani received Master s degree in Computer Science and Engineering in 29 from Jawaharlal Nehru Technological University, Hyderabad, India. He is an Assistant Professor at the S R Engineering College, Warangal from 29 to till date. His research areas include Networks Security, Automata and Data Mining. ISSN: 2231-283 http://www.ijcttjournal.org Page3564

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information