Consistency analysis of network traffic repositories

Elmer Lastdrager, E.E.H. Lastdrager, Aiko Pras

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    18 Downloads (Pure)


    Traffic repositories with TCP/IP header information are very important for network analysis. Researchers often assume that such repositories reliably represent all traffic that has been flowing over the network; little thoughts are made regarding the consistency of these repositories. Still, for various reasons, the traffic capturing process may have missed packets. For certain kinds of analysis, for example loss measurements, such inconsistencies may lead to the wrong conclusions. This paper proposes an algorithm to detect such inconsistencies, using the idea of “fake gaps��?. A prototype has been developed, and used to test two well-known repositories: the WIDE and Simpleweb repositories. The paper shows that both repositories contain several inconsistencies.
    Original languageUndefined
    Title of host publicationThe Internet of the Future, 15th Open European Summer School and IFIP TC6.6 Workshop, EUNICE 2009
    Place of PublicationLondon
    Number of pages10
    ISBN (Print)978-3-642-03699-6
    Publication statusPublished - Sep 2009
    Event15th Open European Summer School and IFIP TC6.6 Workshop 2009 - Barcelona, Spain
    Duration: 7 Sep 20099 Sep 2009
    Conference number: 15

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349


    Workshop15th Open European Summer School and IFIP TC6.6 Workshop 2009
    Abbreviated titleEUNICE 2009
    Internet address


    • IR-69816
    • EWI-17351
    • METIS-264516

    Cite this