Distributed network analysis using TOPAS and Wireshark

Gerhard Münz; Georg Carle

doi:10.1109/NOMSW.2007.27

Distributed network analysis using TOPAS and Wireshark

Gerhard Münz, Georg Carle

University of Tübingen

Publikation: Beitrag in Buch/Bericht/Konferenzband › Konferenzbeitrag › Begutachtung

18 Zitate (Scopus)

Abstract

Distributed network analysis deals with the inspection of traffic observed at various locations in the network. The conventional approach is to deploy a full-fledged network analyzer at every observation point, which allows exhaustive examinations, but at the same time is a very costly solution. In this paper, we present an alternative approach using packet data exported by PSAMP and Flexible Netflow devices, such as routers, switches, and monitoring probes. Exported packet records are received by the real-time network analysis framework TOPAS and examined by the open-source network analyzer Wireshark. Monitoring devices are configured with a Monitor Manager in order to export only data needed to achieve the analysis goal. Apart from an architectural description, this paper contains the results of experimental performance evaluations and a discussion on the advantages and limitations of our approach.

Originalsprache	Englisch
Titel	2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08
Seiten	161-164
Seitenumfang	4
DOIs	https://doi.org/10.1109/NOMSW.2007.27
Publikationsstatus	Veröffentlicht - 2008
Extern publiziert	Ja
Veranstaltung	2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08 - Salvador da Bahia, Brasilien Dauer: 7 Apr. 2008 → 11 Apr. 2008

Publikationsreihe

Name	2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08

Konferenz

Konferenz	2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08
Land/Gebiet	Brasilien
Ort	Salvador da Bahia
Zeitraum	7/04/08 → 11/04/08

Zugriff auf Dokument

10.1109/NOMSW.2007.27

Andere Dateien und Links

Verknüpfung zur Publikation in Scopus

Dieses zitieren

@inproceedings{79e865445a42429da4138439d4714fd0,

title = "Distributed network analysis using TOPAS and Wireshark",

abstract = "Distributed network analysis deals with the inspection of traffic observed at various locations in the network. The conventional approach is to deploy a full-fledged network analyzer at every observation point, which allows exhaustive examinations, but at the same time is a very costly solution. In this paper, we present an alternative approach using packet data exported by PSAMP and Flexible Netflow devices, such as routers, switches, and monitoring probes. Exported packet records are received by the real-time network analysis framework TOPAS and examined by the open-source network analyzer Wireshark. Monitoring devices are configured with a Monitor Manager in order to export only data needed to achieve the analysis goal. Apart from an architectural description, this paper contains the results of experimental performance evaluations and a discussion on the advantages and limitations of our approach.",

author = "Gerhard M{\"u}nz and Georg Carle",

year = "2008",

doi = "10.1109/NOMSW.2007.27",

language = "English",

isbn = "9781424420674",

series = "2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08",

pages = "161--164",

booktitle = "2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08",

note = "2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08 ; Conference date: 07-04-2008 Through 11-04-2008",

}

Münz, G & Carle, G 2008, Distributed network analysis using TOPAS and Wireshark. in 2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08., 4509943, 2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08, S. 161-164, 2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08, Salvador da Bahia, Brasilien, 7/04/08. https://doi.org/10.1109/NOMSW.2007.27

TY - GEN

T1 - Distributed network analysis using TOPAS and Wireshark

AU - Münz, Gerhard

AU - Carle, Georg

PY - 2008

Y1 - 2008

N2 - Distributed network analysis deals with the inspection of traffic observed at various locations in the network. The conventional approach is to deploy a full-fledged network analyzer at every observation point, which allows exhaustive examinations, but at the same time is a very costly solution. In this paper, we present an alternative approach using packet data exported by PSAMP and Flexible Netflow devices, such as routers, switches, and monitoring probes. Exported packet records are received by the real-time network analysis framework TOPAS and examined by the open-source network analyzer Wireshark. Monitoring devices are configured with a Monitor Manager in order to export only data needed to achieve the analysis goal. Apart from an architectural description, this paper contains the results of experimental performance evaluations and a discussion on the advantages and limitations of our approach.

AB - Distributed network analysis deals with the inspection of traffic observed at various locations in the network. The conventional approach is to deploy a full-fledged network analyzer at every observation point, which allows exhaustive examinations, but at the same time is a very costly solution. In this paper, we present an alternative approach using packet data exported by PSAMP and Flexible Netflow devices, such as routers, switches, and monitoring probes. Exported packet records are received by the real-time network analysis framework TOPAS and examined by the open-source network analyzer Wireshark. Monitoring devices are configured with a Monitor Manager in order to export only data needed to achieve the analysis goal. Apart from an architectural description, this paper contains the results of experimental performance evaluations and a discussion on the advantages and limitations of our approach.

UR - http://www.scopus.com/inward/record.url?scp=51149107168&partnerID=8YFLogxK

U2 - 10.1109/NOMSW.2007.27

DO - 10.1109/NOMSW.2007.27

M3 - Conference contribution

AN - SCOPUS:51149107168

SN - 9781424420674

T3 - 2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08

SP - 161

EP - 164

BT - 2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08

T2 - 2008 IEEE Network Operations and Management Symposium Workshops - NOMS 08

Y2 - 7 April 2008 through 11 April 2008

ER -

Distributed network analysis using TOPAS and Wireshark

Abstract

Publikationsreihe

Konferenz

Zugriff auf Dokument

Andere Dateien und Links

Fingerprint

Dieses zitieren