Scherrer et al., 2021 - Google Patents
Low-rate overuse flow tracer (loft): An efficient and scalable algorithm for detecting overuse flowsScherrer et al., 2021
View PDF- Document ID
- 18198637424043965212
- Author
- Scherrer S
- Wu C
- Chiang Y
- Rothenberger B
- Asoni D
- Sateesan A
- Vliegen J
- Mentens N
- Hsiao H
- Perrig A
- Publication year
- Publication venue
- 2021 40th International Symposium on Reliable Distributed Systems (SRDS)
External Links
Snippet
Current probabilistic flow-size monitoring can only detect heavy hitters (eg, flows utilizing 10 times their permitted bandwidth), but cannot detect smaller overuse (eg, flows utilizing 50- 100% more than their permitted bandwidth). Thus, these systems lack accuracy in the …
- 239000000700 tracer 0 title description 2
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic regulation in packet switching networks
- H04L47/10—Flow control or congestion control
- H04L47/24—Flow control or congestion control depending on the type of traffic, e.g. priority or quality of service [QoS]
- H04L47/2441—Flow classification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/02—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
- H04L43/026—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/08—Monitoring based on specific metrics
- H04L43/0823—Errors
- H04L43/0829—Packet loss
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup or address filtering
- H04L45/7453—Address table lookup or address filtering using hashing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic regulation in packet switching networks
- H04L47/10—Flow control or congestion control
- H04L47/32—Packet discarding or delaying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic regulation in packet switching networks
- H04L47/10—Flow control or congestion control
- H04L47/22—Traffic shaping
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/16—Arrangements for monitoring or testing packet switching networks using threshold monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/06—Report generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/10—Arrangements for monitoring or testing packet switching networks using active monitoring, e.g. heartbeat protocols, polling, ping, trace-route
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
- H04L12/56—Packet switching systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/50—Network service management, i.e. ensuring proper service fulfillment according to an agreement or contract between two parties, e.g. between an IT-provider and a customer
- H04L41/5003—Managing service level agreement [SLA] or interaction between SLA and quality of service [QoS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Estan et al. | New directions in traffic measurement and accounting | |
Venkataraman et al. | New streaming algorithms for fast detection of superspreaders. | |
Estan et al. | New directions in traffic measurement and accounting: Focusing on the elephants, ignoring the mice | |
Scherrer et al. | Low-rate overuse flow tracer (loft): An efficient and scalable algorithm for detecting overuse flows | |
Basat et al. | Memento: Making sliding windows efficient for heavy hitters | |
US9306794B2 (en) | Algorithm for long-lived large flow identification | |
US20040215976A1 (en) | Method and apparatus for rate based denial of service attack detection and prevention | |
Xu et al. | ELDA: Towards efficient and lightweight detection of cache pollution attacks in NDN | |
Zhou et al. | Hypersight: Towards scalable, high-coverage, and dynamic network monitoring queries | |
Zeng et al. | A survey on sliding window sketch for network measurement | |
US12113821B2 (en) | Computer networking with security features | |
Zheng et al. | Unbiased delay measurement in the data plane | |
Li et al. | Scan detection in high-speed networks based on optimal dynamic bit sharing | |
Hu et al. | Adaptive flow aggregation-a new solution for robust flow monitoring under security attacks | |
Kim et al. | Counting network flows in real time | |
Turkovic et al. | Detecting heavy hitters in the data-plane | |
Hu et al. | Entropy based adaptive flow aggregation | |
Braun et al. | Packet sampling for worm and botnet detection in TCP connections | |
Lee et al. | RelSamp: Preserving application structure in sampled flow measurements | |
Zhang et al. | Identifying heavy hitters in high-speed network monitoring | |
Dai et al. | DAmpADF: A framework for DNS amplification attack defense based on Bloom filters and NAmpKeeper | |
Liu et al. | A hash-based algorithm for measuring cardinality distribution in network traffic | |
Scherrer et al. | ALBUS: a Probabilistic Monitoring Algorithm to Counter Burst-Flood Attacks | |
Xiong et al. | Cuckooflow: achieving fast packet classification for virtual openflow switching by exploiting network traffic locality | |
Zhou et al. | Identification of heavy hitters for network data streams with probabilistic sketch |