Presentation is loading. Please wait.

Presentation is loading. Please wait.

POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 1.Introduction.

Published byMelissa Campbell Modified over 8 years ago

Similar presentations

Presentation on theme: "POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 1.Introduction."— Presentation transcript:

1 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 1.Introduction

2 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (2) 1. Introduction - Evolving IP Network Environment  WAN: SONET/SDH (OC3, OC12, OC48, OC192), ATM, WDM/DWDM  LAN: 10/100 Mbps to 1 Gbps to 10 Gbps Ethernet  Broadband Internet Access: Cable Modem, ADSL, VDSL  Wireless Access: WLAN (IEEE 802.11), Wireless Internet  Wired/Wireless Convergence: Softswitch, Media Gateway, NGCN

3 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (3) 1. Introduction – Growth of Internet Use The number of Internet users is growing Source : Nua Inc. Internet traffic has increased dramatically Source: America’s Network  Internet usage is growing rapidly!

4 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (4) 1. Introduction – Reliance on Internet The Internet generated revenue has been increasing rapidly! Source : Active Media.  Internet’s importance and reliance are increasing!

5 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (5)  Stand-alone applications can now utilize networking  Cooperative editing: MS Word  Use of FTP: EditPlus, UltraEdit,…  Web page or HTML format  New network applications  Online games, shopping, banking, stock trading, network storage  VOD, EOD, VOIP 1. Introduction – Internet Applications Online gameVoIPVOD

6 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (6)  Peer-to-Peer (P2P)  New concept between file sharing and transferring  Generates high volume of traffic 1. Introduction – Structure of Applications  Structures of applications are changing!  Client-Server  Traditional structure client server peerdiscovery, content, transfer query peer

7 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (7)  Bursty data transfer vs. Streaming data transfer 1. Introduction – Types of Traffic  Static sessions vs. Dynamic sessions packet networkpacket  Types of traffic are various and increasing! Negotiate & allocate connect disconnect use dynamic protocol, port data connect disconnect control use static protocol, port network

8 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (8) 1.Introduction – Internet Protocol Distribution  Transport Protocol Distribution  The amount of UDP flows is increasing by P2P application  The amount of ICMP flows is increasing by Internet worm protocolFlowsPacketsBytes TCP 32,51514.4%1,797,17686.3%1,339,396,63096.8% UDP 54,56124.2%141,7696.8%27,812,5862.0% ICMP 138,25361.3%141,2476.7%15,720,4101.1% Others 1250.0%4740.0%32,1600.0% 2003.09.16 – 19:36 POSTECH Internet Junction Traffic 2003.09.16 – 19:36 POSTECH Internet Junction Traffic

9 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (9) 1.Introduction – Port number usage in TCP/UDP  Port Number Distribution in bytes TCP Server Listening Port Number Distribution UDP Port Number Distribution  Proportion of Internet Applications 2003.09.16 – 19:36 POSTECH Internet Junction Traffic 2003.09.16 – 19:36 POSTECH Internet Junction Traffic ? ? ?  Which applications generate this large amount of traffic?

10 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (10) 1. Introduction – Motivation  Needs of Service Providers  Understand the behavior of their networks  Provide fast, high-quality, reliable service to satisfy customers and thus reduce churn rate  Plan for network deployment and expansion  SLA monitoring, Network security  Increase Revenue!  Usage-based billing for network users (like telephone calls)  Marketing using CRM data  Needs of Customers  Want to get their money’s worth  Fast, reliable, high-quality, secure, virus-free Internet access To Satisfy Service Providers’ Needs to Satisfy Their Customers!

11 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (11) 1. Introduction – Application Areas  Network Problem Determination and Analysis  Traffic Report Generation  Intrusion & Hacking Attack (e.g., DoS, DDoS) Detection  Service Level Monitoring (SLM)  Network Planning  Usage-based Billing  Customer Relationship Management (CRM)  Marketing

12 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (12) 1. Introduction – Issues in Traffic Monitoring  Choices  Single-point vs. Multi-point monitoring  Number of probing or test packet generation point  In-service vs. Out-of-service monitoring  Whether monitoring should be executed during service or not  Continuous vs. On-demand monitoring  Monitoring executes continuously or by on-demand.  Packet vs. Flow-based monitoring  Collect packets or flows from network devices.  One-way vs. Bi-directional monitoring  Monitor forward path only / forward and return path  Trade-offs  Network bandwidth  Processing overhead  Accuracy  Cost

13 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (13) 1. Introduction – Problems  Capturing Packets  High-speed networks (Mbps  Gbps  Tbps)  High-volume traffic  Streaming media (Windows Media, Real Media, Quicktime)  P2P traffic  Network Security Attacks  Flow Generation & Storage  What packet information to save to perform various analysis?  How to minimize storage requirements?  Analysis  How to analyze and generate data needed quickly?  What kinds of info needs to be generated?  Depends on applications

14 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (14) 1. Introduction – R&D Goals  Develop methods to  Capture all packets  Generate flows  Store flows efficiently  Analyze data efficiently  Generate various reports or information that are suitable for various application areas  Develop a flexible, scalable traffic monitoring and analysis system for high-speed, high-volume, rich media IP networks

Download ppt "POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 1.Introduction."

Similar presentations

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Module CSY3021 Network Planning and Programming RD-CSY3021-08/09 1.

Module CSY3021 Network Planning and Programming RD-CSY /09 1.
CSE 190: Internet E-Commerce Lecture 16: Performance.

CSE 190: Internet E-Commerce Lecture 16: Performance.
1 Chapter 19 Networks. 2 What’s Inside and on the CD? In this chapter you’ll learn: –Basic network terminology –To identify network components –About.

1 Chapter 19 Networks. 2 What’s Inside and on the CD? In this chapter you’ll learn: –Basic network terminology –To identify network components –About.
Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Communications and Networks Chapter 8.

Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Communications and Networks Chapter 8.
1 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall.

1 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall.
Wireless Audio Conferencing System (WACS) Mehmet Ali Abbasoğlu Furkan Çimen Aylin Deveci Kübra Gümüş.

Wireless Audio Conferencing System (WACS) Mehmet Ali Abbasoğlu Furkan Çimen Aylin Deveci Kübra Gümüş.
Introduction To Networking

Introduction To Networking
Introduction to Management Information Systems Chapter 5 Data Communications and Internet Technology HTM 304 Fall 07.

Introduction to Management Information Systems Chapter 5 Data Communications and Internet Technology HTM 304 Fall 07.
11 Networks The Great Information Exchange. 2 Networking Fundamentals Computer network: Two or more computers connected together Each is a Node Benefits.

11 Networks The Great Information Exchange. 2 Networking Fundamentals Computer network: Two or more computers connected together Each is a Node Benefits.
Passive traffic measurement Capturing actual Internet packets in order to measure: –Packet sizes –Traffic volumes –Application utilisation –Resource utilisation.

Passive traffic measurement Capturing actual Internet packets in order to measure: –Packet sizes –Traffic volumes –Application utilisation –Resource utilisation.
N ETWORK M ONITORING. D EFINITIONS Network monitoring describes the use of a system that constantly monitors a computer network for slow or failing systems.

N ETWORK M ONITORING. D EFINITIONS Network monitoring describes the use of a system that constantly monitors a computer network for slow or failing systems.
TCP/IP Reference Model Host To Network Layer Transport Layer Application Layer Internet Layer.

TCP/IP Reference Model Host To Network Layer Transport Layer Application Layer Internet Layer.
Module – 7 network-attached storage (NAS)

Module – 7 network-attached storage (NAS)
1.  A protocol is a set of rules that governs the communications between computers on a network.  Functions of protocols:  Addressing  Data Packet.

1.  A protocol is a set of rules that governs the communications between computers on a network.  Functions of protocols:  Addressing  Data Packet.
1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Public IP Telephony Introduction to VoIP Cisco Networking Academy Program.

1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Public IP Telephony Introduction to VoIP Cisco Networking Academy Program.
4 Network Hardware & Software Network Operating systems: software controlling traffic on the network 2 types of s.ware: server software &client software.

4 Network Hardware & Software Network Operating systems: software controlling traffic on the network 2 types of s.ware: server software &client software.
Mobile commerce Yuri kang.

Mobile commerce Yuri kang.
In The Name Of Allah Whose Blessings Are Uncountable.

In The Name Of Allah Whose Blessings Are Uncountable.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Similar presentations

Ads by Google