Architecture of a Network Monitor

@inproceedings{Moore2003ArchitectureOA,
  title={Architecture of a Network Monitor},
  author={Andrew W. Moore and James Hall and Christian Kreibich and E. W. Harris and Ian Pratt},
  year={2003}
}
This paper describes a system for simultaneously monitoring multiple protocols. It performs full linerate capture and implements on-line analysis and compression to record interesting data without loss of information. We accept that the balance must be maintained in such a system between disk-bandwidth, CPU-capacity and datareduction in order to perform monitoring at full line-rate. We present the architecture in detail and measure the performance of our sample implementation, Nprobe. 
Highly Cited
This paper has 156 citations. REVIEW CITATIONS

From This Paper

Figures, tables, and topics from this paper.

Citations

Publications citing this paper.
Showing 1-10 of 84 extracted citations

On the monitoring of contractual service level agreements

Proceedings. First IEEE International Workshop on Electronic Contracting, 2004. • 2004
View 6 Excerpts
Highly Influenced

Flowbased dynamic load balancing for passive network monitoring.

Communications and Computer Networks • 2005
View 4 Excerpts
Highly Influenced

Network traffic classification via neural networks

Ang Kun Joo Michael, Emma Valla, Natinael Solomon Neggatu, Andrew W. Moore
2017
View 1 Excerpt

A scalable architecture for performance measurement in broadband networks

2015 IEEE Conference on Standards for Communications and Networking (CSCN) • 2015
View 1 Excerpt

156 Citations

0102030'03'06'10'14'18
Citations per Year
Semantic Scholar estimates that this publication has 156 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-10 of 13 references

SNORT: The Open Source Network Intrusion Detection System 1.9.1

Martin Roesch, Chris Green
Nov. 2002, http://www.snort.org/. • 2002
View 4 Excerpts
Highly Influenced

BLT: Bi-Layer Tracing of HTTP and TCP/IP

Computer Networks • 2000
View 6 Excerpts
Highly Influenced

TCP Stack Measurements

L. Cottrell
2003, http://wwwiepm.slac.stanford.edu/monitoring/bulk/fast/. • 2003
View 2 Excerpts

The Effect of Early Packet Loss on Web Page Download Times

J. Hall, I. L. Ian Pratt, A. Moore
Passive & Active Measurement Workshop 2003 (PAM2003), Apr. 2003. • 2003
View 1 Excerpt

Using loss pairs to discover network properties

Internet Measurement Workshop • 2001
View 1 Excerpt

Similar Papers

Loading similar papers…