On the characteristics and reasons of long-lived internet flows

Quan, Lin; Heidemann, John

doi:10.1145/1879141.1879198

Cited by 21 publications

(6 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…At the flow level, a GEANT router receives roughly 10 5 new flow records per second [26], and this is at a sampling rate of 1/1000. Previous studies also found that flows expire quickly ( [14] reports that 45% flows expire within two seconds, and 98% within 15 minutes), and that longer flows are more likely to be computer-tocomputer protocols that do not involve end users [54], which are presumably not as sensitive. At the user level, the IP-to-user mapping also changes over time, as users change ISPs or move to a different workplace.…”

Section: Can the Budget Be Replenished?mentioning

confidence: 93%

Prism

2017

Prism and Ken

View full text Add to dashboard Cite

The Internet is producing a wealth of data about its own operation, in the form of NetFlow records, routing table entries, traffic statistics, etc. Several previous works-including, for instance, Clark's "knowledge plane"have considered the idea of building a giant distributed database that (at least conceptually) contains all of this information. Such a database could have many attractive uses, including distributed troubleshooting, attack mitigation, or traffic management. However, so far the idea has not been realized, and it is likely that privacy concerns have played a role. In this paper, we ask whether differential privacy could provide the strong privacy guarantees that would be needed to put this idea into practice. We discuss some key concerns that have been raised about differential privacy, such as its limited scalability and its finite "privacy budget", and we point out several characteristics of the Internet that could mitigate these concerns. We also sketch the design of PRISM, a system for differentially private queries on NetFlow records that could form the basis of a potential "knowledge plane".

show abstract

Section: Can the Budget Be Replenished?mentioning

confidence: 93%

Prism

2017

Prism and Ken

View full text Add to dashboard Cite

show abstract

“…The day-night pattern is best observed in flows per second since it expresses the number of connections. Using bytes or packets per second distorts the pattern since there are heavier flows during the day than at the night [12]. It is possible to use the number of hosts to show the day-night pattern but the results are very strongly correlated, therefore we decided to use flows per second.…”

Section: A Day-night Patternmentioning

confidence: 99%

Network traffic characterisation using flow-based statistics

Velan

Medková

Jirsík

et al. 2016

NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium

View full text Add to dashboard Cite

Abstract-Performing research on live network traffic requires the traffic to be well documented and described. The results of such research are heavily dependent on the particular network. This paper presents a study of network characteristics, which can be used to describe the behaviour of a network. We propose a number of characteristics that can be collected from the networks and evaluate them on five different networks of Masaryk University. The proposed characteristics cover IP, transport and application layers of the network traffic. Moreover, they reflect strong day-night and weekday patterns that are present in most of the networks. Variation in the characteristics between the networks indicates that they can be used for the description and differentiation of the networks. Furthermore, a weak correlation between the chosen characteristics implies their independence and contribution to network description.

show abstract

“…The length of data flows impacts the relative latency introduced at the controller and, furthermore, the number of active flows has implications for the size of the forwarding tables maintained at each Open Flow forwarding device. For example, a characterization of university campus network traffic [13] established that 21.4% of the traffic was carried by flows longer than 10 minutes, 12.6% by flows longer than 20 minutes, and nearly 2% was carried by flows longer than 100 minutes. Short flows are bursty and have flow speeds ranging from 1 Bps to over 10 kBps, while longer flows are slower, around 50 Bps for 40 min flows, [13].…”

Section: Network Trafficmentioning

confidence: 99%

Reducing Latency in African NRENS Using Performance-Based LISP/SDN Traffic Engineering

Chavula

Densmore

Suleman

2015

Computer Science &Amp; Information Technology ( CS &Amp; IT )

View full text Add to dashboard Cite

Active topology measurements on the African Internet have showed that over 75% of the intra-Africa traffic destined for Africa's National Research and Education Networks (NRENs) uses intercontinental links, resulting in high latencies and data transmission costs. The goal of this work is to investigate how latency-based path selection using Locator/Identifier Separation Protocol (LISP) and Software Defined Networking (SDN) in NRENs can be used to reduce inter-NREN latencies. We present aspects of an experimental prototype implementation for realtime topology probes to discover lower-latency remote gateways and dynamic configuration of end-to-end Internet paths. Simulation results indicate that ranking remote ingress gateways, and dynamic configuration of end-to-end paths between gateways can lower the average latency for inter-NREN traffic exchange.

show abstract

On the characteristics and reasons of long-lived internet flows

Cited by 21 publications

References 27 publications

Prism

Prism

Network traffic characterisation using flow-based statistics

Reducing Latency in African NRENS Using Performance-Based LISP/SDN Traffic Engineering

Contact Info

Product

Resources

About