We propose in this paper an on-line algorithm based on Bloom filters for identifying large flows in IP traffic (a.k.a. elephants). Because of the large number of small flows, hash tables of these algorithms have to be regularly refreshed. Recognizing that the periodic erasure scheme usually used in the technical literature turns out to be quite inefficient when using real traffic traces over a long period of time, we introduce a simple adaptive scheme that closely follows the variations of traffic. When tested against real traffic traces, the proposed on-line algorithm performs well in the sense that the detection ratio of long flows by the algorithm over a long time period is quite high. Beyond the identification of elephants, this same cl...
In this chapter, we present flow-based network traffic monitoring of large scale networks. Continuou...
The 7th ACM International Workshop on Performance Monitoring, Measurement and Evaluation of Heteroge...
Encrypted traffic accounts for 95% of the total traffic in the backbone network environment with Tbp...
International audienceThe paper deals with the problem of catching the elephants in the Internet tra...
This thesis is a contribution to the field of Internet traffic analysis at the flow level. For traff...
International audienceWe propose in this paper an on-line algorithm based on Bloom filters to detect...
Traffic on the Internet today is routed on the shortest path to the destination. This is considered ...
In order to provide high quality network management, traffic scheduling and network security, we nee...
Several studies of Internet traffic have shown that it is a small percentage of the flows that domin...
Many attacks that threaten service providers and legitimate users are anomalous behaviors out of spe...
We focus in this paper on Internet flows, consider their contributions to the overall traffic per ti...
In this paper, we present the design and implementation of a new approach for anomaly detection and ...
Many networking and security applications can benefit from exact detection of large flows over arbit...
Detecting and understanding anomalies in IP networks is an open and ill-defined problem. Toward this...
The second problem that is addressed in the thesis is about traffic analysis and classification. Acc...
In this chapter, we present flow-based network traffic monitoring of large scale networks. Continuou...
The 7th ACM International Workshop on Performance Monitoring, Measurement and Evaluation of Heteroge...
Encrypted traffic accounts for 95% of the total traffic in the backbone network environment with Tbp...
International audienceThe paper deals with the problem of catching the elephants in the Internet tra...
This thesis is a contribution to the field of Internet traffic analysis at the flow level. For traff...
International audienceWe propose in this paper an on-line algorithm based on Bloom filters to detect...
Traffic on the Internet today is routed on the shortest path to the destination. This is considered ...
In order to provide high quality network management, traffic scheduling and network security, we nee...
Several studies of Internet traffic have shown that it is a small percentage of the flows that domin...
Many attacks that threaten service providers and legitimate users are anomalous behaviors out of spe...
We focus in this paper on Internet flows, consider their contributions to the overall traffic per ti...
In this paper, we present the design and implementation of a new approach for anomaly detection and ...
Many networking and security applications can benefit from exact detection of large flows over arbit...
Detecting and understanding anomalies in IP networks is an open and ill-defined problem. Toward this...
The second problem that is addressed in the thesis is about traffic analysis and classification. Acc...
In this chapter, we present flow-based network traffic monitoring of large scale networks. Continuou...
The 7th ACM International Workshop on Performance Monitoring, Measurement and Evaluation of Heteroge...
Encrypted traffic accounts for 95% of the total traffic in the backbone network environment with Tbp...