정보처리학회논문지:컴퓨터 및 통신 시스템 (KIPS Transactions on Computer and Communication Systems)

  • 제2권10호
  • /
  • Pages.421-426
  • /
  • 2013
  • /
  • 2287-5891(pISSN)
  • /
  • 2734-049X(eISSN)
한국정보처리학회 (Korea Information Processing Society)
권호 표지
DOI QR코드

DOI QR Code

대량 트래픽 전송자의 실시간 탐지를 위한 플로우 라벨링 방법

Flow Labeling Method for Realtime Detection of Heavy Traffic Sources

  • 이경희 (수원대학교 전기공학과) ;
  • 양대헌 (인하대학교 컴퓨터정보공학과)
  • 투고 : 2013.08.16
  • 심사 : 2013.09.26
  • 발행 : 2013.10.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

인터넷을 통해 전송되는 트래픽의 양이 점점 더 많아지고 있고, 이에 따라 트래픽의 양을 알아내는 것이 중요해지고 있다. 트래픽을 측정하는 기법에 대한 많은 연구가 있었으며, 주로 적은 양의 메모리를 사용해서 측정의 정확도를 높이는 방향으로 연구가 진행되고 있다. 이 논문에서는 기존 기법들에서는 제공하지 않는 플로우 라벨링 기법을 제안한다. 이 기법을 통해서 관리자는 특정 값 이상의 트래픽을 생성한 플로우의 라벨을 실시간으로 알아낼 수 있으며, 기존의 기법이 가지는 카운팅의 상한선을 확장시킬 수 있다. 가장 최근에 발표된 CSM (Counter Sharing Method)에 이 기법을 적용하고, CAIDA 데이터셋을 이용해서 성능을 분석해 본다.

As a greater amount of traffic have been generated on the Internet, it becomes more important to know the size of each flow. Many research studies have been conducted on the traffic measurement, and mostly they have focused on how to increase the measurement accuracy with a limited amount of memory. In this paper, we propose an explicit flow labeling technique that can be used to find out the names of the top flows and to increase the counting upper bound of the existing scheme. The labeling technique is applied to CSM (Counter Sharing Method), the most recent traffic measurement algorithm, and the performance is evaluated using the CAIDA dataset.

키워드

참고문헌

  1. Wikipedia, "Internet Traffic," http://en.wikipedia.org/wiki/ Internet_traffic
  2. Cisco whitepaper: "Cisco Visual Networking Index: Forecast and Methodology, 2012-2017," http://www.cisco.com/en/US/ solutions/collateral/ns341/ns525/ns537/ns705/ns827 /white_paper_c11-481360_ns827_Networking_Solutions_Whit e_Paper.html
  3. Cisco, "NetFlow Systems," http://www.cisco.com/en/US/ products/ps6601/ products_ios_protocol_group_home.html
  4. InMon Corp, "sFlow Accuracy & Billing," http://www.sflow.org/sFlowOverview.pdf
  5. "The Cooperative Association for Internet Data Analysis," http://www.caida.org
  6. P. Flajolet and G. Nigel Martin, "Probabilistic Counting Algorithms for Database Applications," Journal of Computer System Science, Vol.31, pp 182-209, 1985. https://doi.org/10.1016/0022-0000(85)90041-8
  7. K.Y. Whang, B. Vander-Zanden and H. Taylor, "A linear-time probabilistic counting algorithm for database applications," ACM Transactions on Database Systems, Vol.15, 2, pp. 208-229, 1990. https://doi.org/10.1145/78922.78925
  8. C. Estan and G. Varghese, "New Directions in Traffic Measurement and Accounting," Proc. of ACM SIGCOMM, August, 2002.
  9. S. Cohen and Y. Matias, "Spectral bloom filters," Proc. ACM SIGMOD Conference on Management of Data, 2003.
  10. R. Karp, S. Shenker, and C. Papadimitriou, "A Simple Algorithm for Finding Frequent Elements in Streams and Bags," ACM Transactions on Database Systems, Vol.28, No.1, pp.51-55, 2003. https://doi.org/10.1145/762471.762473
  11. A. Kumar, J. JimXu, and J. Wang, "Space-Code Bloom Filter for Efficient Per-Flow Trafc Measurement," Proc. of IEEE INFOCOM, March, 2004.
  12. N. Kamiyama and T. Mori, "Simple and Accurate Identification of High- rate Flows by Packet Sampling," Proc. of IEEE INFOCOM, April, 2006.
  13. X. Dimitropoulos, P. Hurley, and A. Kind, "Probabilistic Lossy Counting: An Efficient Algorithm for Finding Heavy Hitters," ACM SIGCOMM Computer Communication Review, Vol.38, No.1, pp.7-16, 2008.
  14. Y. Lu, A. Montanari, B. Prabhakar, S. Dharmapurikar, and A. Kabbani, "Counter Braids: A Novel Counter Architecture for Per-Flow Measurement," Proc. of ACM SIGMETRICS, June, 2008.
  15. Y. Lu and B. Prabhakar, "Robust Counting Via Counter Braids: An Error- Resilient Network Measurement Architecture," Proc. of IEEE INFOCOM, April, 2009.
  16. P. Lieven and B. Scheuermann, "High-Speed Per-Flow Trafc Measurement with Probabilistic Multiplicity Counting," Proc. of IEEE INFOCOM, April, 2010.
  17. T. Li, S. Chen and Y. Ling, "Fast and Compact Per-Flow Traffic Measurement through Randomized Counter Sharing," Proc. of IEEE INFOCOM, April, 2011.