Consistency of Network Traffic Repositories: An Overview

E. Lastdrager, E.E.H. Lastdrager, Aiko Pras

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    13 Downloads (Pure)

    Abstract

    Traffc repositories with TCP/IP header information are very important for network analysis. Researchers often assume that such repositories reliably represent all traffc that has been flowing over the network; little thoughts are made regarding the consistency of these repositories. Still, for various reasons, the trafc capturing process may have missed packets. For certain kinds of analysis, for example loss measurements, such inconsistencies may lead to the wrong conclusions. This paper proposes an algorithm to detect such inconsistencies, using the idea of “fake gaps��?. A prototype has been developed, and used to test two well-known repositories: the WIDE and Simpleweb repositories. The paper shows that both repositories contain several inconsistencies.
    Original languageUndefined
    Title of host publicationProceedings of the Third International Conference on Autonomous Infrastructure, Management and Security (AIMS 2009)
    Place of PublicationHeidelberg
    PublisherSpringer
    Pages173-178
    Number of pages6
    ISBN (Print)978-3-642-02626-3
    DOIs
    Publication statusPublished - 1 Jul 2009
    Event3rd International Conference on Autonomous Infrastructure, Management and Security, AIMS 2009 - Enschede, Netherlands
    Duration: 30 Jun 20092 Jul 2009
    Conference number: 3

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    Volume5637
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Conference

    Conference3rd International Conference on Autonomous Infrastructure, Management and Security, AIMS 2009
    Abbreviated titleAIMS 2009
    CountryNetherlands
    CityEnschede
    Period30/06/092/07/09

    Keywords

    • METIS-263927
    • EWI-15720
    • IR-67813

    Cite this

    Lastdrager, E., Lastdrager, E. E. H., & Pras, A. (2009). Consistency of Network Traffic Repositories: An Overview. In Proceedings of the Third International Conference on Autonomous Infrastructure, Management and Security (AIMS 2009) (pp. 173-178). [10.1007/978-3-642-02627-0_15] (Lecture Notes in Computer Science; Vol. 5637). Heidelberg: Springer. https://doi.org/10.1007/978-3-642-02627-0_15