ACM Digital Library home
ACM home
Advanced Search
article

A protocol-adaptive monitoring tree for efficient design of traffic monitoring probes

Authors Info & Claims
Computer Networks: The International Journal of Computer and Telecommunications NetworkingVolume 42Issue 415 July 2003 pp 461–479https://doi.org/10.1016/S1389-1286(03)00196-8
Online:15 July 2003Publication History
  • 0citation
  • 0
    • Downloads
Metrics
Total Citations0
Total Downloads0
Last 12 Months0
Last 6 weeks0

Abstract

This paper presents a novel protocol-adaptive monitoring tree (PAM-Tree) algorithm. PAM-Tree is a filtering algorithm that fulfills the needs of a general-purpose traffic monitoring system. PAM-Tree is aimed at overcoming the inefficiencies of existing stream-oriented traffic probes in traffic monitoring scenarios where large numbers of filters change dynamically. Both analytical and experimental performance evaluations show that PAM-Tree has a great potential to be an efficient filtering engine for high-speed loss-less monitoring systems.

References

  1. {1} K.R. Apt, J. Brunekreef, V. Partington, A. Schaerf, Alma- 0: An imperative language that supports declarative programming, ACM Transactions on Programming Languages and Systems 5 (20) (1998) 1014-1066.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. {2} M.L. Bailey, B. Gopal, M.A. Pagels, L.L. Peterson, PathFinder: A pattern-based packet classifier, in: Proceedings of the First Symposium on Operating Systems Design and Implementation, Usenix Association, November 1994.]]Google ScholarGoogle Scholar
  3. {3} A. Begel, S. McCanne, S.L. Graham, BPF+: Exploiting global data-flow optimization in a generalized packet filter architecture, in: Proceedings of ACM SIGCOMM'99, Cambridge, MA, September 1999.]] Google ScholarGoogle Scholar
  4. {4} K. Berman, J. Paul, Fundamentals of Sequential and Parallel Algorithms, PWS Publishing Company, Boston, 1997.]] Google ScholarGoogle Scholar
  5. {5} D.R. Engler, M.F. Kaashoek, DPF: Fast, flexible message demultiplexing using dynamic code generation, in: Proceedings of ACM SIGCOMM Symposium on Communications Architectures and Protocols, Standford, CA, August 1996.]] Google ScholarGoogle Scholar
  6. {6} V. Fuller, T. Li, J. Yu, K. Varadhan, Classless interdomain routing (CIDR): An address assignment and aggregation strategy, RFC 1519, Internet Engineering Task Force, September 1993.]] Google ScholarGoogle Scholar
  7. {7} P. Gupta, N. McKcown, Packet classification on multiple fields, in: Proceedings of ACM SIGCOMM'99, Cambridge, MA, August 1999, pp. 147-160.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. {8} IANA. Assigned Internet Protocol Numbers. http:// www.iana.org/assignments/protocol-numbers.]]Google ScholarGoogle Scholar
  9. {9} V. Jacobson, C. Leres, S. McCanne, The tcpdump manual, University of California, Berkeley, June 1997.]]Google ScholarGoogle Scholar
  10. {10} T.V. Lakshman, D. Stiliadis, High-speed policy-based packet forwarding using efficient multi-dimensional range matching, in: Proceedings of ACM SIGCOMM'98, Vancouver, BC, September 1998, pp. 203-214.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. {11} N.A. Lynch, M.R. Tuttle, An introduction to input/output automata, CWI Quarterly, September 1989.]]Google ScholarGoogle Scholar
  12. {12} E. Magaña, Efficient filtering techniques for traffic monitoring in communication networks, Ph.D. Thesis, Public University of Navarra. Pamplona, Spain, 2001 (in Spanish).]]Google ScholarGoogle Scholar
  13. {13} E. Magaña, J. Aracil, J. Villadangos, PROMIS: A reliable real-time network management tool for wide area networks, in: Proceedings of IEEE Euromicro 98, Volume II, Vasteras, Sweden, August 1998]] Google ScholarGoogle ScholarCross RefCross Ref
  14. {14} S. McCanne, C. Leres. V. Jacobson, Libpcap 0.4, June 1997. ftp://ftp.ee.lbl.gov/libpcap.tar.Z.]]Google ScholarGoogle Scholar
  15. {15} S. McCanne, V. Jacobson, The BSD packet filter: A new architecture for user-level packet capture, in: Proceedings of the 1993 Winter USENIX Conference, San Diego, CA, January 1993, pp. 259-269.]] Google ScholarGoogle Scholar
  16. {16} J.C. Mogul, R.F. Rashid, M.J. Accetta, The packet filter: An efficient mechanism for user-level network code, in: Proceedings of ACM Symposium on Operating Systems Principles, Austin, TX, November 1987, pp. 39-51.]] Google ScholarGoogle Scholar
  17. {17} D.C. Montgomery, G.C. Runger, Applied Statistics and Probability for Engineers, second ed., Wiley, New York, 1999.]]Google ScholarGoogle Scholar
  18. {18} G.R. Ryan, The new generation of network monitoring systems, ATG's Communications & Networking Technology Guide Series, 1997.]]Google ScholarGoogle Scholar
  19. {19} Silicon Graphics, IRIX Device Driver Programmer's Guide, IRIX 6.5.3., 1999.]]Google ScholarGoogle Scholar
  20. {20} V. Srinivasan, G. Varghese, S. Suri, M. Waldvogel, Fast and scalable layer four switching, in: Proceedings of ACM SIGCOMM'98, Vancouver, BC, September 1998, pp. 191-202.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. {21} W. Stallings, SNMP, SNMPv2, SNMPv3 and RMON 1 and 2, third ed., Addison-Wesley, Reading, MA, 1999.]] Google ScholarGoogle Scholar
  22. {22} R. Subramanyan, J.M. Alonso, J.A.B. Fortes, A scalable SNMP-based distributed monitoring system for heterogeneous network computing, in: Proceedings of Supercomputing 2000, Santa Fe, NM, May 2000.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. {23} UNIX International OSI Work Group Revision, Data link provider interface specification, Revision 2.0.0 edition, August 1991.]]Google ScholarGoogle Scholar
  24. {24} S. Waldbusser, Remote network monitoring management information base version 2 using SMI v2, Internet Engineering Task Force, RFC 2021, January 1997.]] Google ScholarGoogle Scholar
  25. {25} K. Yaghmour, M.R. Dagenais, Measuring and characterizing system behavior using kernel-level event logging, in: Proceedings of the 2000 USENIX Annual Technical Conference, June 2000.]] Google ScholarGoogle Scholar
  26. {26} M. Yuhara, B.N. Bershad, C. Maeda, J.E.B. Moss, Efficient packet demultiplexing for multiple endpoints and large messages, in: Proceedings of the 1994 Winter USENIX Conference, San Francisco, CA, January 1994, pp. 153-165.]] Google ScholarGoogle Scholar

Index Terms

  1. A protocol-adaptive monitoring tree for efficient design of traffic monitoring probes

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          Get this Article

          • Published in

            Computer Networks: The International Journal of Computer and Telecommunications Networking cover image
            Computer Networks: The International Journal of Computer and Telecommunications Networking  Volume 42, Issue 4
            15 July 2003
            130 pages
            ISSN:1389-1286
            Issue’s Table of Contents

            Publisher

            Elsevier North-Holland, Inc.

            United States

            Publication History

            • Online: 15 July 2003
            • Published: 15 July 2003

            Author Tags

            Qualifiers

            • article

          • Article Metrics

            • Downloads (Last 12 months)0
            • Downloads (Last 6 weeks)0

            Other Metrics

            View Author Metrics
          View Issue’s Table of Contents
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!