Literature Database Entry

japes2004implementierung


Christian Japes, "Implementierung eines Analysepakets zur Auswertung von gesammelten Netflow- bzw. Packet Sampling-Daten," Master's Thesis (Diplomarbeit), Department of Computer Sciences, University of Erlangen-Nuremberg, November 2004. (Advisor: Falko Dressler)

Abstract

The main objective of this thesis was to develop an analysis environment which makes it possible to collect and visualize information about the traffic having passed a network. All the analyses will be based on the IPFIX format which is currently undergoing standardization and helps in observing high speed network traffic. First of all a state-of-the-art examination took place by having a look at ntop, NetFlow Monitor and FlowScan. These tools are able to process the NetFlow format which is a predecessor of IPFIX. This was supposed to give an insight into the topic and show problems and possible solutions for the work to come. After studying the architecture and the information model of IPFIX, a closer look was taken at the PSAMP format. The reason for inventing another format is that information about network traffic can also be gained by examining only part of all the traffic, leading to some interesting new possibilities not available with IPFIX. Thereafter a concept for a new analysis environment was invented that not only allows the collection of data but also their interpretation and visualization by the means of charts. The result was a three-tier-architecture consisting of datakeeping, analysis and visualization. The data is kept in a MySQL database and filled with records by a data collection engine which - independent of the three layers - interacts with the database in a client-server fashion. For best possible platform independence and the applicability of one language for all parts of the program Java was the language of choice. A standalone program is responsible for the collection of data while the analysis was realized using the Java Servlet technology and visualization is based on the JavaServer Pages. Due to the separation of different tasks the resulting nasty environment (network analysis and statistics yielding) is well prepared for further development and addition of new functionality. With nasty a network administrator has a tool at hand to examine current as well as historical network traffic. Charts give an overview about the volume of traffic while tables help to take a closer look at certain events. By consistently separating different components nasty can be deployed in distributed environments and is therefore well suited for future requirements concerning performance.

Quick access

BibTeX BibTeX

Contact

Christian Japes

BibTeX reference

@phdthesis{japes2004implementierung,
    author = {Japes, Christian},
    advisor = {Dressler, Falko},
    title = {{Implementierung eines Analysepakets zur Auswertung von gesammelten Netflow- bzw. Packet Sampling-Daten}},
    institution = {Department of Computer Sciences},
    year = {2004},
    month = {November},
    school = {University of Erlangen-Nuremberg},
    type = {Master's Thesis (Diplomarbeit)},
   }
   
   

Copyright notice

Links to final or draft versions of papers are presented here to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted or distributed for commercial purposes without the explicit permission of the copyright holder.

The following applies to all papers listed above that have IEEE copyrights: Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

The following applies to all papers listed above that are in submission to IEEE conference/workshop proceedings or journals: This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessible.

The following applies to all papers listed above that have ACM copyrights: ACM COPYRIGHT NOTICE. Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept., ACM, Inc., fax +1 (212) 869-0481, or permissions@acm.org.

The following applies to all SpringerLink papers listed above that have Springer Science+Business Media copyrights: The original publication is available at www.springerlink.com.

This page was automatically generated using BibDB and bib2web.