Consistency analysis of network traffic repositories

Elmer Lastdrager, E.E.H. Lastdrager, Aiko Pras

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    18 Downloads (Pure)

    Abstract

    Traffic repositories with TCP/IP header information are very important for network analysis. Researchers often assume that such repositories reliably represent all traffic that has been flowing over the network; little thoughts are made regarding the consistency of these repositories. Still, for various reasons, the traffic capturing process may have missed packets. For certain kinds of analysis, for example loss measurements, such inconsistencies may lead to the wrong conclusions. This paper proposes an algorithm to detect such inconsistencies, using the idea of “fake gaps��?. A prototype has been developed, and used to test two well-known repositories: the WIDE and Simpleweb repositories. The paper shows that both repositories contain several inconsistencies.
    Original languageUndefined
    Title of host publicationThe Internet of the Future, 15th Open European Summer School and IFIP TC6.6 Workshop, EUNICE 2009
    Place of PublicationLondon
    PublisherSpringer
    Pages217-226
    Number of pages10
    ISBN (Print)978-3-642-03699-6
    DOIs
    Publication statusPublished - Sep 2009
    Event15th Open European Summer School and IFIP TC6.6 Workshop 2009 - Barcelona, Spain
    Duration: 7 Sep 20099 Sep 2009
    Conference number: 15
    http://www.nets.upf.edu/pages/eunice09/

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    Volume5733
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Workshop

    Workshop15th Open European Summer School and IFIP TC6.6 Workshop 2009
    Abbreviated titleEUNICE 2009
    CountrySpain
    CityBarcelona
    Period7/09/099/09/09
    Internet address

    Keywords

    • IR-69816
    • EWI-17351
    • METIS-264516

    Cite this