Measuring cloud service health using NetFlow/IPFIX: the WikiLeaks case

Idilio Drago, R.J. Hofstede, R. Sadre, Anna Sperotto, Aiko Pras

    Research output: Contribution to journalArticleAcademicpeer-review

    42 Downloads (Pure)


    The increasing trend of outsourcing services to cloud providers is changing the way computing power is delivered to enterprises and end users. Although cloud services offer several advantages, they also make cloud consumers strongly dependent on providers. Hence, consumers have a vital interest to be immediately informed about any problems in their services. This paper aims at a first step toward a network-based approach to monitor cloud services. We focus on severe problems that affect most services, such as outages or extreme server overload, and propose a method to monitor these problems that relies solely on the traffic exchanged between users and cloud providers. Our proposal is entirely based on NetFlow/IPFIX data and, therefore, explicitly targets high-speed networks. By combining a methodology to reassemble and classify flow records with stochastic estimations, our proposal has the distinct characteristic of being applicable to both sampled and non-sampled data. We validate our proposal and show its applicability using data collected at both the University of Twente and an international backbone during the WikiLeaks Cablegate. Our results show that, in contrast to Anonymous’ claims, the users of the targeted services have been only marginally affected by the attacks.
    Original languageEnglish
    Pages (from-to)58-88
    Number of pages31
    JournalJournal of network and systems management
    Issue number1
    Publication statusPublished - Jan 2015


    • EWI-23673
    • IR-87379
    • METIS-300000
    • 2023 OA procedure


    Dive into the research topics of 'Measuring cloud service health using NetFlow/IPFIX: the WikiLeaks case'. Together they form a unique fingerprint.

    Cite this