Exploring Flow Characteristics in IPv6: A Comparative Measurement Study with IPv4 for Traffic Monitoring |
Li, Qiang
(Tsinghua National Laboratory for Information Science and Technology, Tsinghua University)
Qin, Tao (MOE Key Lab for Intelligent Networks and Network Security, Xi'an Jiaotong University) Guan, Xiaohong (Tsinghua National Laboratory for Information Science and Technology, Tsinghua University) Zheng, Qinghua (MOE Key Lab for Intelligent Networks and Network Security, Xi'an Jiaotong University) |
1 | N. Muraleedharan, "Analysis of TCP flow data for traffic anomaly and scan detection," in Proc. of 16th IEEE International Conference on Networks (ICON'08), pp. 1-4, 2008. |
2 | T. Qin, X. Guan, W. Li, P.Wang, M. Zhu, "A new connection degree calculation and measurement method for large scale network monitoring," Journal of Network and Computer Applications, 2013. |
3 | Q. Li, T. Qin, X. Guan, Q. Zheng, "Empirical Analysis and Comparison of IPv4-IPv6 Traffic: A Case Study on the Campus Network," in Proc. of Proceedings of 18th IEEE International Conference on Networks (ICON'12), Singapore, pp. 395-399, 2012. |
4 | B. Li, J. Springer, G. Bebis, M. Hadi Gunes, "A survey of network flow applications, Journal of Network and Computer Applications," 36 (2013) 567-581. DOI ScienceOn |
5 | A. Lakhina, M. Crovella, C. Diot, "Mining anomalies using traffic feature distributions," in Proc. of Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications, ACM, Philadelphia, Pennsylvania, USA, pp. 217-228, 2005. |
6 | P. Casas, S. Vaton, L. Fillatre, I. Nikiforov, "Optimal volume anomaly detection and isolation in large-scale IP networks using coarse-grained measurements," Computer Networks, 54 (2010) 1750-1766. DOI ScienceOn |
7 | H. Jiang, Z. Ge, S. Jin, J. Wang, "Network prefix-level traffic profiling: Characterizing, modeling, and evaluation," Computer Networks, 54 (2010) 3327-3340. DOI ScienceOn |
8 | E.F. Harrington, "Measuring Network Change: Renyi cross entropy and the second order degree distribution," in Proc. of Proceedings of passive and active measurement conference, 2006. |
9 | N. Ye, S. Vilbert, Q. Chen, "Computer intrusion detection through EWMA for autocorrelated and uncorrelated data," IEEE Transactions on Reliability, 52 (2003) 75-82. DOI ScienceOn |
10 | G. Nychis, V. Sekar, D.G. Andersen, H. Kim, H. Zhang, "An empirical evaluation of entropy-based traffic anomaly detection," in Proc. of Proceedings of the 8th ACM SIGCOMM conference on Internet measurement, ACM, pp. 151-156, 2008. |
11 | P. Haag, "Watch your Flows with NfSen and NFDUMP," in Proc. of 50th RIPE Meeting, 2005. |
12 | C. Estan, G. Varghese, "New directions in traffic measurement and accounting: Focusing on the elephants, ignoring the mice," ACM Trans. Comput. Syst., 21 (2003) 270-313. DOI ScienceOn |
13 | T. Liu, X. Guan, Q. Zheng, Y. Qu, "A new worm exploiting IPv6 and IPv4-IPv6 dual-stack networks: experiment, modeling, simulation, and defense," IEEE Network, 23 (2009) 22-29. |
14 | C. Ciflikli, A. Gezer, A. Tuncay Ozsahin, O. Ozkasap, "BitTorrent packet traffic features over IPv6 and IPv4," Simulation Modelling Practice and Theory, 18 (2010) 1214-1224. DOI ScienceOn |
15 | C. Ciflikli, A. Gezer, A.T. Ozsahin, "Packet traffic features of IPv6 and IPv4 protocol traffic," Turkish Journal of Electrical Engineering & Computer Sciences, 20 (2012) 727-749. |
16 | F. Li, C. An, J. Yang, J. Wu, H. Zhang, "A study of traffic from the perspective of a large pure IPv6 ISP," Computer Communications, 2013. |
17 | R. Pang, V. Yegneswaran, P. Barford, V. Paxson, L. Peterson, "Characteristics of internet background radiation," in Proc. of Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, ACM, Taormina, Sicily, Italy, pp. 27-40, 2004. |
18 | Q. Wang, Z. Chen, C. Chen, "Darknet-Based Inference of Internet Worm Temporal Characteristics," IEEE Transactions on Information Forensics and Security, 6 (2011) 1382-1393. DOI ScienceOn |
19 | N. Brownlee, "One-Way Traffic Monitoring with iatmon," in Proc. of Passive and Active Measurement, Springer Berlin Heidelberg, pp. 179-188, 2012. |
20 | E. Glatz, X. Dimitropoulos, "Classifying Internet One-way Traffic," Perform. Eval. Rev., 40 (2012) 417-418. DOI |
21 | M. Ford, J. Stevens, J. Ronan, "Initial Results from an IPv6 Darknet," in Proc. of International Conference on Internet Surveillance and Protection (ICISP'06), pp. 13-13, 2006. |
22 | E. Kohler, J. Li, V. Paxson, S. Shenker, "Observed Structure of Addresses in IP Traffic," IEEE/ACM Transactions on Networking, 14 (2006) 1207-1218. DOI ScienceOn |
23 | A. Lakhina, K. Papagiannaki, M. Crovella, C. Diot, E.D. Kolaczyk, N. Taft, "Structural analysis of network traffic flows," in Proc. of Proceedings of the joint international conference on Measurement and modeling of computer systems, ACM, New York, NY, USA, pp. 61-72, 2004. |
24 | X. Guan, T. Qin, W. Li, P. Wang, "Dynamic feature analysis and measurement for large-scale network traffic monitoring," Trans. Info. For. Sec., 5 (2010) 905-919. |
25 | L. Yuk-Nam, L. Man-Chiu, T. Wee Lum, L. Wing Cheong, "Empirical Performance of IPv6 vs. IPv4 under a Dual-Stack Environment," in Proc. of IEEE International Conference on Communications (ICC'08), pp. 5924-5929, 2008. |
26 | F. Huici, A.d. Pietro, B. Trammell, J.M.G. Hidalgo, D.M. Ruiz, N. d'Heureuse, "Blockmon: a high-performance composable network traffic measurement system," in Proc. of Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication, ACM, Helsinki, Finland, pp. 79-80, 2012. |
27 | E. Damergi, E. Mohamed, B. Ammar, "Network performance evaluation using traffic measurements," in Proc. of First International Symposium on Control, Communications and Signal Processing, pp. 523-526, 2004. |
28 | M. Thottan, C. Ji, "Anomaly detection in IP networks," IEEE Transactions on Signal Processing, 51 (2003) 2191-2204. DOI ScienceOn |
29 | K. Cho, K. Fukuda, H. Esaki, A. Kato, "The impact and implications of the growth in residential user-to-user traffic," SIGCOMM Comput. Commun. Rev., 36 (2006) 207-218. DOI |
30 | A. Dhamdhere, M. Luckie, B. Huffaker, k. claffy, A. Elmokashfi, E. Aben, "Measuring the deployment of IPv6: topology, routing and performance," in Proc. of Proceedings of the 2012 ACM conference on Internet measurement conference, ACM, Boston, Massachusetts, USA, pp. 537-550, 2012. |
31 | J. Wu, J.H. Wang, J. Yang, "CNGI-CERNET2: an IPv6 deployment in China," SIGCOMM Comput. Commun. Rev., 41 (2011) 48-52. DOI |
32 | Y. Wang, S. Ye, X. Li, "Understanding current IPv6 performance: a measurement study," in Proc. of 10th IEEE Symposium on Computers and Communications (ISCC 2005), pp. 71-76, 2005. |
33 | L. Zhang, H. Wang, S. Zhong, "A measurement study on BitTorrent traffic behaviors over IPv6," in Proc. of 2012 IEEE International Conference on Computer Science and Automation Engineering (CSAE), pp. 354-357, 2012. |
34 | W. Shen, Y. Chen, Q. Zhang, Y. Chen, B. Deng, X. Li, G. Lv, "Observations of IPv6 traffic, in: ISECS International Colloquium on Computing, Communication."Control, and Management (CCCM 2009), pp. 278-282, 2009. |
35 | N. Ao, C. Chen, "Understanding IPv6 user performance on private BT system," in Proc. of 4th IET International Conference on Wireless, Mobile & Multimedia Networks (ICWMMN 2011), IET, pp. 288-293, 2011. |
36 | W.-L. Shiau, Y.-F. Li, H.-C. Chao, P.-Y. Hsu, "Evaluating IPv6 on a large-scale network," Computer Communications, 29 (2006) 3113-3121. DOI ScienceOn |
37 | T.M. Raste, D.B. Kulkarni, "Design and implementation scheme for deploying IPv4 over IPv6 tunnel," Journal of Network and Computer Applications, 31 (2008) 66-72. DOI ScienceOn |
38 | E. Gamess, R. Suros, "An upper bound model for TCP and UDP throughput in IPv4 and IPv6," Journal of Network and Computer Applications, 31 (2008) 585-602. Article (CrossRef Link). DOI ScienceOn |