Abstract
A promising way to capture the characteristics of changing traffic is to extract significant flow clusters in traffic. However, clustering flows by 5-tuple requires flow matching in huge flow attribute spaces, and thus, is difficult to perform on the fly. We propose an efficient yet flexible flow aggregation technique for monitoring the dynamics of network traffic. Our scheme employs two-stage flow-aggregation. The primary aggregation stage is for efficiently processing a huge volume of raw traffic records. It first aggregates each attribute of 5-tuple separately, and then, produces multi-dimensional flows by matching each attribute of a flow to the resulted aggregated attributes. The secondary aggregation stage is for providing flexible views to operators. It performs multi-dimensional aggregation with the R-tree algorithm to produce concise summaries for operators. We report our prototype implementation and preliminary results using traffic traces from backbone networks.
| Original language | English |
|---|---|
| Number of pages | 7 |
| Publication status | Published - 12 Oct 2012 |
| Event | 2012 Workshop on Managing Systems Automaticall and Dynamically - Hollywood, United States Duration: 7 Oct 2012 → 7 Oct 2012 https://www.usenix.org/conference/mad12 |
Workshop
| Workshop | 2012 Workshop on Managing Systems Automaticall and Dynamically |
|---|---|
| Abbreviated title | MAD '12 |
| Country/Territory | United States |
| City | Hollywood |
| Period | 7/10/12 → 7/10/12 |
| Internet address |