This paper explores the problem of processing the immense volume of measurement data arising during network traffic monitoring. Due to the ever-increasing demands of current networks, observing accurate information about every single flow is virtually infeasible. In many cases the existing methods for the reduction of flow records are still not sufficient enough. Since the accurate knowledge of flows termed as "heavy-hitters" suffices to fulfill most of the monitoring purposes, we decided to aggregate the flow records pertaining to non-heavy-hitters. However, due to the ever-changing nature of traffic, their identification is a challenge. To overcome this challenge, our proposed approach - the adaptive aggregation of flow records - automatically adjusts its operation to the actual traffic load and to the monitoring requirements. Preliminary experiments in existing network topologies showed that adaptive aggregation efficiently reduces the number of flow records, while a significant proportion of traffic details is preserved.
Publié le : 2018-05-09
Classification:
Computer Architectures and Networking; Computing and Informatics,
Network traffic monitoring, IPFIX, exporter, flow record, data reduction, adaptive aggregation, heavy-hitter, resource utilization,
68M10; 68M12; 90B18; 90B20
@article{cai2018_1_142,
author = {Adri\'an Pek\'ar; Institute of Computer Technology, Technical University of Ko\v sice and Martin Chovanec; Institute of Computer Technology, Technical University of Ko\v sice and Liberios Vokorokos; Department of Computers and Informatics Faculty of Electrical Engineering and Informatics, Technical University of Ko\v sice and Eva Chovancov\'a; Department of Computers and Informatics Faculty of Electrical Engineering and Informatics, Technical University of Ko\v sice and Peter Feci\v lak; Department of Computers and Informatics Faculty of Electrical Engineering and Informatics, Technical University of Ko\v sice and Miroslav Michalko; Department of Computers and Informatics Faculty of Electrical Engineering and Informatics, Technical University of Ko\v sice},
title = {Adaptive Aggregation of Flow Records},
journal = {Computing and Informatics},
volume = {36},
number = {6},
year = {2018},
language = {en},
url = {http://dml.mathdoc.fr/item/cai2018_1_142}
}
Adrián Pekár; Institute of Computer Technology, Technical University of Košice; Martin Chovanec; Institute of Computer Technology, Technical University of Košice; Liberios Vokorokos; Department of Computers and Informatics Faculty of Electrical Engineering and Informatics, Technical University of Košice; Eva Chovancová; Department of Computers and Informatics Faculty of Electrical Engineering and Informatics, Technical University of Košice; Peter Feciľak; Department of Computers and Informatics Faculty of Electrical Engineering and Informatics, Technical University of Košice; Miroslav Michalko; Department of Computers and Informatics Faculty of Electrical Engineering and Informatics, Technical University of Košice. Adaptive Aggregation of Flow Records. Computing and Informatics, Tome 36 (2018) no. 6, . http://gdmltest.u-ga.fr/item/cai2018_1_142/