Pub Date : 2016-04-25DOI: 10.1109/NOMS.2016.7502994
Bahman Rashidi, Carol J. Fung
RecDroid is a smartphone permission management system which provides users with a fine-grained real-time app permission control and a recommendation system regarding whether to grant the permission or not based on expert users' responses in the network. However, in such a system, malware owners may create multiple bot users to misguide the recommendation system by providing untruthful responses on the malicious app. Threshold-based detection method can detect malicious users which are dishonest on many apps, but it cannot detect malicious users that target on some specific apps. In this work, we present a clustering-based method called BotTracer to finding groups of bot users controlled by the same masters, which can be used to detect bot users with high reputation scores. The key part of the proposed method is to map the users into a graph based on their similarity and apply a clustering algorithm to group users together. We evaluate our method using a set of simulated users' profiles, including malicious users and regular ones. Our experimental results demonstrate high accuracy in terms of detecting malicious users. Finally, we discuss several clustering features and their impact on the clustering results.
{"title":"BotTracer: Bot user detection using clustering method in RecDroid","authors":"Bahman Rashidi, Carol J. Fung","doi":"10.1109/NOMS.2016.7502994","DOIUrl":"https://doi.org/10.1109/NOMS.2016.7502994","url":null,"abstract":"RecDroid is a smartphone permission management system which provides users with a fine-grained real-time app permission control and a recommendation system regarding whether to grant the permission or not based on expert users' responses in the network. However, in such a system, malware owners may create multiple bot users to misguide the recommendation system by providing untruthful responses on the malicious app. Threshold-based detection method can detect malicious users which are dishonest on many apps, but it cannot detect malicious users that target on some specific apps. In this work, we present a clustering-based method called BotTracer to finding groups of bot users controlled by the same masters, which can be used to detect bot users with high reputation scores. The key part of the proposed method is to map the users into a graph based on their similarity and apply a clustering algorithm to group users together. We evaluate our method using a set of simulated users' profiles, including malicious users and regular ones. Our experimental results demonstrate high accuracy in terms of detecting malicious users. Finally, we discuss several clustering features and their impact on the clustering results.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126094463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-04-25DOI: 10.1109/NOMS.2016.7502893
Roberto di Lallo, Gabriele Lospoto, M. Rimondini, G. Battista
Federated networking is a promising approach to resource sharing that supports cost-effective services involving multiple parties. Research in this field largely focused on architectures and cost models, making limited progress on the technological side. On the other hand, the widely adopted Software-Defined Networking (SDN) model found its most successful application in data centers, exhibiting very little penetration in other scenarios. We leverage the unexplored potential of SDN on the edge of a network to introduce an approach that supports end-to-end connectivity among different federated partners. Our approach is based on simple Network Address and Port Translation (NAPT), making it applicable in standard IP networks. It is also very flexible, because it exploits SDN, and scalable, because address translations are performed on Customer Premises Equipment, where SDN is being progressively supported by device vendors. We define various alternative NAPT strategies and evaluate their effectiveness with simulations as well as emulated scenarios.
{"title":"Supporting end-to-end connectivity in federated networks using SDN","authors":"Roberto di Lallo, Gabriele Lospoto, M. Rimondini, G. Battista","doi":"10.1109/NOMS.2016.7502893","DOIUrl":"https://doi.org/10.1109/NOMS.2016.7502893","url":null,"abstract":"Federated networking is a promising approach to resource sharing that supports cost-effective services involving multiple parties. Research in this field largely focused on architectures and cost models, making limited progress on the technological side. On the other hand, the widely adopted Software-Defined Networking (SDN) model found its most successful application in data centers, exhibiting very little penetration in other scenarios. We leverage the unexplored potential of SDN on the edge of a network to introduce an approach that supports end-to-end connectivity among different federated partners. Our approach is based on simple Network Address and Port Translation (NAPT), making it applicable in standard IP networks. It is also very flexible, because it exploits SDN, and scalable, because address translations are performed on Customer Premises Equipment, where SDN is being progressively supported by device vendors. We define various alternative NAPT strategies and evaluate their effectiveness with simulations as well as emulated scenarios.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126747188","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-04-25DOI: 10.1109/NOMS.2016.7502961
G. Moura, M. Müller, M. Wullink, Cristian Hesselman
We present nDEWS, a Hadoop-based automatic early warning system of malicious domains for domain name registry operators, such as top-level domain (TLD) registries. By monitoring an entire DNS zone, nDEWS is able to single out newly added suspicious domains by analyzing both domain registration and global DNS lookup patterns of a TLD. nDEWS is capable to detect several types of domain abuse, such as malware, phishing, and allegedly fraudulent web shops. To act on this data, we have established a pilot study with two major .nl registrars, and provide them with daily feeds of their respective suspicious domains. Moreover, nDEWS can also be implemented by other TLD operators/registries.
{"title":"nDEWS: A new domains early warning system for TLDs","authors":"G. Moura, M. Müller, M. Wullink, Cristian Hesselman","doi":"10.1109/NOMS.2016.7502961","DOIUrl":"https://doi.org/10.1109/NOMS.2016.7502961","url":null,"abstract":"We present nDEWS, a Hadoop-based automatic early warning system of malicious domains for domain name registry operators, such as top-level domain (TLD) registries. By monitoring an entire DNS zone, nDEWS is able to single out newly added suspicious domains by analyzing both domain registration and global DNS lookup patterns of a TLD. nDEWS is capable to detect several types of domain abuse, such as malware, phishing, and allegedly fraudulent web shops. To act on this data, we have established a pilot study with two major .nl registrars, and provide them with daily feeds of their respective suspicious domains. Moreover, nDEWS can also be implemented by other TLD operators/registries.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121502088","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-04-25DOI: 10.1109/NOMS.2016.7502914
Ahmad AlEroud, I. Alsmadi
The recent emerge of Software Defined Networking (SDN) promotes both supporters and opponents to further explore this network architecture. One of the main attributes that characterize SDN is the significant role of software to manage and control the architecture. There are four major concerns for such software dominant role, security, performance, reliability, and fault tolerance. Among them security is considered a major concern. SDNs security concerns include attacks on the control plane layer such as DoS attacks. This paper presents an inference-relation context based technique for the detection of DoS attacks on SDNs. The proposed technique utilizes contextual similarity with existing attack patterns to identify DoS in an OpenFlow infrastructure. A validation of the proposed technique has been performed using a several benchmark datasets yielding promising results.
{"title":"Identifying DoS attacks on software defined networks: A relation context approach","authors":"Ahmad AlEroud, I. Alsmadi","doi":"10.1109/NOMS.2016.7502914","DOIUrl":"https://doi.org/10.1109/NOMS.2016.7502914","url":null,"abstract":"The recent emerge of Software Defined Networking (SDN) promotes both supporters and opponents to further explore this network architecture. One of the main attributes that characterize SDN is the significant role of software to manage and control the architecture. There are four major concerns for such software dominant role, security, performance, reliability, and fault tolerance. Among them security is considered a major concern. SDNs security concerns include attacks on the control plane layer such as DoS attacks. This paper presents an inference-relation context based technique for the detection of DoS attacks on SDNs. The proposed technique utilizes contextual similarity with existing attack patterns to identify DoS in an OpenFlow infrastructure. A validation of the proposed technique has been performed using a several benchmark datasets yielding promising results.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127639221","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-04-25DOI: 10.1109/NOMS.2016.7502886
Shahram Mollahasani, E. Onur
Designing data center network topologies with the objective of minimizing cost, increasing bisection bandwidth and decreasing latency is a difficult problem. The solutions in the literature mainly concentrate on wired networks and minimizing wiring costs thereof. Only a few proposals address the benefit of employing wireless communications in data centers due to spectrum and bandwidth limitations of current wireless communication technologies. By using terahertz communication in a data center as a complementary technology, the performance of the data center can be enhanced and substantial savings in cabling costs can be achieved without any throughput concession. Terahertz (THz) band can overcome bandwidth limitations and satisfy a wide range of applications from classical networking to board-to-board communication. In this paper, we evaluate the terahertz channel in data centers by considering atmospheric absorption. Based on the results, we recommend employing 190-310 GHz range with a bandwidth of 120 GHz. Keeping the relative humidity level at 40% will reduce atmospheric absorption while proving a healthy environmental regime for the equipment in a data center.
{"title":"Evaluation of terahertz channel in data centers","authors":"Shahram Mollahasani, E. Onur","doi":"10.1109/NOMS.2016.7502886","DOIUrl":"https://doi.org/10.1109/NOMS.2016.7502886","url":null,"abstract":"Designing data center network topologies with the objective of minimizing cost, increasing bisection bandwidth and decreasing latency is a difficult problem. The solutions in the literature mainly concentrate on wired networks and minimizing wiring costs thereof. Only a few proposals address the benefit of employing wireless communications in data centers due to spectrum and bandwidth limitations of current wireless communication technologies. By using terahertz communication in a data center as a complementary technology, the performance of the data center can be enhanced and substantial savings in cabling costs can be achieved without any throughput concession. Terahertz (THz) band can overcome bandwidth limitations and satisfy a wide range of applications from classical networking to board-to-board communication. In this paper, we evaluate the terahertz channel in data centers by considering atmospheric absorption. Based on the results, we recommend employing 190-310 GHz range with a bandwidth of 120 GHz. Keeping the relative humidity level at 40% will reduce atmospheric absorption while proving a healthy environmental regime for the equipment in a data center.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"466 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117008200","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-04-25DOI: 10.1109/NOMS.2016.7502930
A. Bosneag, S. Handurukande, James O'Sullivan, Mingxue Wang
Much work has been done in the area of telecommunications transmission parameters and, in particular, Channel Quality Indicators, to analyse the best ways to improve the performance and quality of communications. However, there is a gap in published papers when it comes to real-world experiences with CQI reports and network-side analysis of transmission parameters that can provide information about user equipment and network elements behaviour. In this paper, we present our experiences with a real-world analysis of dense LTE networks, focusing on two main aspects - what information can CQI reports give us about the behaviour of user equipment in the network, and what information do they provide in relation to the individual network elements. We show what insights can be derived from a network wide statistical analysis of CQI reports and how these insights can be further used by operators to understand potential problems in their network.
{"title":"Real-world experiences with CQI-based analyses for dense LTE networks","authors":"A. Bosneag, S. Handurukande, James O'Sullivan, Mingxue Wang","doi":"10.1109/NOMS.2016.7502930","DOIUrl":"https://doi.org/10.1109/NOMS.2016.7502930","url":null,"abstract":"Much work has been done in the area of telecommunications transmission parameters and, in particular, Channel Quality Indicators, to analyse the best ways to improve the performance and quality of communications. However, there is a gap in published papers when it comes to real-world experiences with CQI reports and network-side analysis of transmission parameters that can provide information about user equipment and network elements behaviour. In this paper, we present our experiences with a real-world analysis of dense LTE networks, focusing on two main aspects - what information can CQI reports give us about the behaviour of user equipment in the network, and what information do they provide in relation to the individual network elements. We show what insights can be derived from a network wide statistical analysis of CQI reports and how these insights can be further used by operators to understand potential problems in their network.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132735656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-04-25DOI: 10.1109/NOMS.2016.7503008
Fabio Pianese, Massimo Gallo, A. Conte, Diego Perino
The upcoming 5G architecture is expected to heavily rely on network functions implemented by software deployed on commodity hardware architectures. Multiple standardization efforts are underway to specify interfaces between virtualized and real infrastructure, and procedures for interoperability among functions. However, the practical feasibility of function implementation in such abstract and disembodied conditions is scarcely covered in the latest literature. In this paper, we argue for a Network Function Virtualization (NFV) framework that provides 5G network functions built around a modular software router model, rather than following the traditional VM-container approaches. We illustrate its advantages in enabling support for efficient processing on heterogeneous hardware and in ensuring consistency of flow/session semantics across distributed 5G data planes. Finally, we report on the state of Programmable Data Plane, our architecture to implement 5G network functions as modular pipelines orchestrated across multiple devices.
{"title":"Orchestrating 5G virtual network functions as a modular Programmable Data Plane","authors":"Fabio Pianese, Massimo Gallo, A. Conte, Diego Perino","doi":"10.1109/NOMS.2016.7503008","DOIUrl":"https://doi.org/10.1109/NOMS.2016.7503008","url":null,"abstract":"The upcoming 5G architecture is expected to heavily rely on network functions implemented by software deployed on commodity hardware architectures. Multiple standardization efforts are underway to specify interfaces between virtualized and real infrastructure, and procedures for interoperability among functions. However, the practical feasibility of function implementation in such abstract and disembodied conditions is scarcely covered in the latest literature. In this paper, we argue for a Network Function Virtualization (NFV) framework that provides 5G network functions built around a modular software router model, rather than following the traditional VM-container approaches. We illustrate its advantages in enabling support for efficient processing on heterogeneous hardware and in ensuring consistency of flow/session semantics across distributed 5G data planes. Finally, we report on the state of Programmable Data Plane, our architecture to implement 5G network functions as modular pipelines orchestrated across multiple devices.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131632635","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-04-25DOI: 10.1109/NOMS.2016.7502867
Janne Ali-Tolppa, T. Tsvetkov
In a mobile Self-Organizing Network (SON), the SON coordinator has been introduced to control the application of Configuration Management (CM) changes, in order to prevent conflicts between independent SON function instances running in parallel. However, there is always a trade-off between stability and efficiency. On one hand we need to avoid conflicts, on the other we want fast, parallelized execution of SON function instances. Additionally, the concept of SON verification has been developed to automatically detect and correct degradations that arise from unexpected side-effects of (parallel) CM changes made by SON functions or human operators. However, as the number of function instances increases in the future networks, the performance of the SON coordinator becomes critical, i.e. excessive serialization is no longer possible. In this paper, we show how both, SON coordination and verification, can work together and how the cooperation enables a more efficient SON without having to compromise on its stability. This can be achieved by extending the SON function execution coordination to SON verification and by dynamically adjusting the coordination policies between more relaxed and more strict concurrency control strategies based on the feedback from the verification.
{"title":"Optimistic concurrency control in self-organizing networks using automatic coordination and verification","authors":"Janne Ali-Tolppa, T. Tsvetkov","doi":"10.1109/NOMS.2016.7502867","DOIUrl":"https://doi.org/10.1109/NOMS.2016.7502867","url":null,"abstract":"In a mobile Self-Organizing Network (SON), the SON coordinator has been introduced to control the application of Configuration Management (CM) changes, in order to prevent conflicts between independent SON function instances running in parallel. However, there is always a trade-off between stability and efficiency. On one hand we need to avoid conflicts, on the other we want fast, parallelized execution of SON function instances. Additionally, the concept of SON verification has been developed to automatically detect and correct degradations that arise from unexpected side-effects of (parallel) CM changes made by SON functions or human operators. However, as the number of function instances increases in the future networks, the performance of the SON coordinator becomes critical, i.e. excessive serialization is no longer possible. In this paper, we show how both, SON coordination and verification, can work together and how the cooperation enables a more efficient SON without having to compromise on its stability. This can be achieved by extending the SON function execution coordination to SON verification and by dynamically adjusting the coordination policies between more relaxed and more strict concurrency control strategies based on the feedback from the verification.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"58 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132090977","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-04-25DOI: 10.1109/NOMS.2016.7502996
G. Biczók, Balázs Sonkoly, Nikolett Bereczky, C. Boyd
Flexible service delivery is a key requirement for 5G network architectures. This includes the support for collaborative service delivery by multiple operators, when an individual operator lacks the geographical footprint or the available network, compute or storage resources to provide the requested service to its customer. Network Function Virtualisation is a key enabler of such service delivery, as network functions (VNFs) can be outsourced to other operators. Owing to the (partial lack of) contractual relationships and co-opetition in the ecosystem, the privacy of user data, operator policy and even VNF code could be compromised. In this paper, we present a case for privacy in a VNF-enabled collaborative service delivery architecture. Specifically, we show the promise of homomorphic encryption (HE) in this context and its performance limitations through a proof of concept implementation of an image transcoder network function. Furthermore, inspired by application-specific encryption techniques, we propose a way forward for private, payload-intensive VNFs.
{"title":"Private VNFs for collaborative multi-operator service delivery: An architectural case","authors":"G. Biczók, Balázs Sonkoly, Nikolett Bereczky, C. Boyd","doi":"10.1109/NOMS.2016.7502996","DOIUrl":"https://doi.org/10.1109/NOMS.2016.7502996","url":null,"abstract":"Flexible service delivery is a key requirement for 5G network architectures. This includes the support for collaborative service delivery by multiple operators, when an individual operator lacks the geographical footprint or the available network, compute or storage resources to provide the requested service to its customer. Network Function Virtualisation is a key enabler of such service delivery, as network functions (VNFs) can be outsourced to other operators. Owing to the (partial lack of) contractual relationships and co-opetition in the ecosystem, the privacy of user data, operator policy and even VNF code could be compromised. In this paper, we present a case for privacy in a VNF-enabled collaborative service delivery architecture. Specifically, we show the promise of homomorphic encryption (HE) in this context and its performance limitations through a proof of concept implementation of an image transcoder network function. Furthermore, inspired by application-specific encryption techniques, we propose a way forward for private, payload-intensive VNFs.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127723621","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-04-25DOI: 10.1109/NOMS.2016.7502940
M. Hoogesteger, R. Schmidt, A. Pras
Motivated by the fact that comprehensive and long term Internet traffic measurements can be hard to obtain, we have proposed and developed the Internet Traffic Statistics Archive (ITSA). Since 2013, ITSA concentrates reports on highlevel statistics of Internet traffic worldwide. Examples of statistics are shares of traffic per port, protocols and distribution of packets and bytes. Such information can be of great help to those that need to support claims and assumptions on what Internet traffic actually looks like. The reports containing traffic statistics are generated on a weekly basis from NetFlow data, and publicly published on the ITSA website. In this demo we will present the ITSA architecture, how it can be used, and how the available data can help to visualize and understand trends in Internet traffic.
{"title":"ITSA: Internet traffic statistics archive","authors":"M. Hoogesteger, R. Schmidt, A. Pras","doi":"10.1109/NOMS.2016.7502940","DOIUrl":"https://doi.org/10.1109/NOMS.2016.7502940","url":null,"abstract":"Motivated by the fact that comprehensive and long term Internet traffic measurements can be hard to obtain, we have proposed and developed the Internet Traffic Statistics Archive (ITSA). Since 2013, ITSA concentrates reports on highlevel statistics of Internet traffic worldwide. Examples of statistics are shares of traffic per port, protocols and distribution of packets and bytes. Such information can be of great help to those that need to support claims and assumptions on what Internet traffic actually looks like. The reports containing traffic statistics are generated on a weekly basis from NetFlow data, and publicly published on the ITSA website. In this demo we will present the ITSA architecture, how it can be used, and how the available data can help to visualize and understand trends in Internet traffic.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127877810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: