Architecture of a network monitor

@inproceedings{Moore2003ArchitectureOA,
  title={Architecture of a network monitor},
  author={Andrew W. Moore and Jacqueline A. Hall and Christian Kreibich and Evan P. Harris and Ian A. Pratt},
  year={2003}
}
This paper describes a system for simultaneously monitoring multiple protocols. It performs full linerate capture and implements on-line analysis and compression to record interesting data without loss of information. We accept that the balance must be maintained in such a system between disk-bandwidth, CPU-capacity and datareduction in order to perform monitoring at full line-rate. We present the architecture in detail and measure the performance of our sample implementation, Nprobe. 

Similar Papers

Figures, Tables, and Topics from this paper.

Citations

Publications citing this paper.
SHOWING 1-10 OF 93 CITATIONS

On the monitoring of contractual service level agreements

  • Proceedings. First IEEE International Workshop on Electronic Contracting, 2004.
  • 2004
VIEW 6 EXCERPTS
CITES METHODS
HIGHLY INFLUENCED

A Survey of Clustering Algorithms for Big Data: Taxonomy and Empirical Analysis

  • IEEE Transactions on Emerging Topics in Computing
  • 2014
VIEW 3 EXCERPTS
CITES METHODS
HIGHLY INFLUENCED

Flowbased dynamic load balancing for passive network monitoring

  • Communications and Computer Networks
  • 2005
VIEW 4 EXCERPTS
CITES METHODS & BACKGROUND
HIGHLY INFLUENCED

A scalable architecture for performance measurement in broadband networks

  • 2015 IEEE Conference on Standards for Communications and Networking (CSCN)
  • 2015
VIEW 1 EXCERPT
CITES BACKGROUND

FILTER CITATIONS BY YEAR

2003
2017

CITATION STATISTICS

  • 6 Highly Influenced Citations

References

Publications referenced by this paper.
SHOWING 1-10 OF 13 REFERENCES

BLT: Bi-Layer Tracing of HTTP and TCP/IP

  • Computer Networks
  • 2000
VIEW 6 EXCERPTS
HIGHLY INFLUENTIAL

TCP Stack Measurements

L. Cottrell
  • 2003, http://wwwiepm.slac.stanford.edu/monitoring/bulk/fast/.
  • 2003
VIEW 2 EXCERPTS

The Effect of Early Packet Loss on Web Page Download Times

J. Hall, I. L. Ian Pratt, A. Moore
  • Passive & Active Measurement Workshop 2003 (PAM2003), Apr. 2003.
  • 2003
VIEW 1 EXCERPT

Analysis of measured single-hop delay from an operational backbone network

  • Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies
  • 2002
VIEW 1 EXCERPT

Non-intrusive estimation of Web server delays

  • Proceedings LCN 2001. 26th Annual IEEE Conference on Local Computer Networks
  • 2001
VIEW 2 EXCERPTS

Using loss pairs to discover network properties

  • Internet Measurement Workshop
  • 2001
VIEW 1 EXCERPT

A comparative study of high speed networks

  • Proceedings. IEEE INFOCOM '98, the Conference on Computer Communications. Seventeenth Annual Joint Conference of the IEEE Computer and Communications Societies. Gateway to the 21st Century (Cat. No.98
  • 1998
VIEW 1 EXCERPT