Efficient Dynamic Flow Tracking for Packet Analyzers

Paul Emmerich, Maximilian Pudelko, Quirin Scheitle, Georg Carle

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Scopus citations

Abstract

Analyzing large amounts of traffic at the packet or flow level is an important part of managing and monitoring cloud network infrastructure. Common scenarios that require low-level packet analysis are troubleshooting problems, accounting traffic, and security applications such as intrusion detection systems or firewalls. Moreover, researchers often analyze traffic for scientific purposes. For such low-level traffic analyses, tracking flows is a feature required for both commercial and scientific purposes. However, there is no good shared library available to implement this functionality in an efficient, configurable, and dynamic way that is suitable for real-time analysis. We implement a high-performant generic flow tracker that can track millions of simultaenous flows based on arbitrarily complex definitions of a flow. We make this implementation available as open source in our traffic analysis tool FlowScope. The highly efficient realtime tracking of flows by arbitrarily complex user-defined flow criteria and filters is enabled by just-in-time (JIT) compilation of flow tracking rules. The code and evaluation scripts are available as free and open source at.

Original languageEnglish
Title of host publicationProceedings of the 2018 IEEE 7th International Conference on Cloud Networking, CloudNet 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781538668313
DOIs
StatePublished - 27 Nov 2018
Event7th IEEE International Conference on Cloud Networking, CloudNet 2018 - Tokyo, Japan
Duration: 22 Oct 201824 Oct 2018

Publication series

NameProceedings of the 2018 IEEE 7th International Conference on Cloud Networking, CloudNet 2018

Conference

Conference7th IEEE International Conference on Cloud Networking, CloudNet 2018
Country/TerritoryJapan
CityTokyo
Period22/10/1824/10/18

Keywords

  • DPDK
  • flows
  • traffic analysis

Fingerprint

Dive into the research topics of 'Efficient Dynamic Flow Tracking for Packet Analyzers'. Together they form a unique fingerprint.

Cite this