TY - GEN
T1 - Efficient Dynamic Flow Tracking for Packet Analyzers
AU - Emmerich, Paul
AU - Pudelko, Maximilian
AU - Scheitle, Quirin
AU - Carle, Georg
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/11/27
Y1 - 2018/11/27
N2 - Analyzing large amounts of traffic at the packet or flow level is an important part of managing and monitoring cloud network infrastructure. Common scenarios that require low-level packet analysis are troubleshooting problems, accounting traffic, and security applications such as intrusion detection systems or firewalls. Moreover, researchers often analyze traffic for scientific purposes. For such low-level traffic analyses, tracking flows is a feature required for both commercial and scientific purposes. However, there is no good shared library available to implement this functionality in an efficient, configurable, and dynamic way that is suitable for real-time analysis. We implement a high-performant generic flow tracker that can track millions of simultaenous flows based on arbitrarily complex definitions of a flow. We make this implementation available as open source in our traffic analysis tool FlowScope. The highly efficient realtime tracking of flows by arbitrarily complex user-defined flow criteria and filters is enabled by just-in-time (JIT) compilation of flow tracking rules. The code and evaluation scripts are available as free and open source at.
AB - Analyzing large amounts of traffic at the packet or flow level is an important part of managing and monitoring cloud network infrastructure. Common scenarios that require low-level packet analysis are troubleshooting problems, accounting traffic, and security applications such as intrusion detection systems or firewalls. Moreover, researchers often analyze traffic for scientific purposes. For such low-level traffic analyses, tracking flows is a feature required for both commercial and scientific purposes. However, there is no good shared library available to implement this functionality in an efficient, configurable, and dynamic way that is suitable for real-time analysis. We implement a high-performant generic flow tracker that can track millions of simultaenous flows based on arbitrarily complex definitions of a flow. We make this implementation available as open source in our traffic analysis tool FlowScope. The highly efficient realtime tracking of flows by arbitrarily complex user-defined flow criteria and filters is enabled by just-in-time (JIT) compilation of flow tracking rules. The code and evaluation scripts are available as free and open source at.
KW - DPDK
KW - flows
KW - traffic analysis
UR - http://www.scopus.com/inward/record.url?scp=85060191737&partnerID=8YFLogxK
U2 - 10.1109/CloudNet.2018.8549214
DO - 10.1109/CloudNet.2018.8549214
M3 - Conference contribution
AN - SCOPUS:85060191737
T3 - Proceedings of the 2018 IEEE 7th International Conference on Cloud Networking, CloudNet 2018
BT - Proceedings of the 2018 IEEE 7th International Conference on Cloud Networking, CloudNet 2018
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 7th IEEE International Conference on Cloud Networking, CloudNet 2018
Y2 - 22 October 2018 through 24 October 2018
ER -