Internet Traffic Monitoring and Analysis : Methods and Applications - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

Internet Traffic Monitoring and Analysis : Methods and Applications

Description:

WAN: SONET/SDH (OC3, OC12, OC48, OC192), ATM, WDM/DWDM. LAN: 10/100 Mbps to 1 Gbps to 10 Gbps Ethernet. Broadband Internet Access: Cable Modem, ADSL, VDSL ... – PowerPoint PPT presentation

Number of Views:74
Avg rating:3.0/5.0
Slides: 15
Provided by: jameswo6
Category:

less

Transcript and Presenter's Notes

Title: Internet Traffic Monitoring and Analysis : Methods and Applications


1
Introduction
2
1. Introduction - Evolving IP Network Environment
  • WAN SONET/SDH (OC3, OC12, OC48, OC192), ATM,
    WDM/DWDM
  • LAN 10/100 Mbps to 1 Gbps to 10 Gbps Ethernet
  • Broadband Internet Access Cable Modem, ADSL,
    VDSL
  • Wireless Access WLAN (IEEE 802.11), Wireless
    Internet
  • Wired/Wireless Convergence Softswitch, Media
    Gateway, NGCN

3
1. Introduction Growth of Internet Use
  • The number of Internet users is growing

Source Nua Inc.
Internet traffic has increased dramatically
Source Americas Network
  • Internet usage is growing rapidly!

4
1. Introduction Reliance on Internet
  • The Internet generated revenue has been
    increasing rapidly!

Source Active Media.
  • Internets importance and reliance are increasing!

5
1. Introduction Internet Applications
  • Stand-alone applications can now utilize
    networking
  • Cooperative editing MS Word
  • Use of FTP EditPlus, UltraEdit,
  • Web page or HTML format
  • New network applications
  • Online games, shopping, banking, stock trading,
    network storage
  • VOD, EOD, VOIP

6
1. Introduction Structure of Applications
  • Client-Server
  • Traditional structure

server
client
  • Peer-to-Peer (P2P)
  • New concept between file sharing and transferring
  • Generates high volume of traffic

peer
discovery, content, transfer query
peer
peer
  • Structures of applications are changing!

7
1. Introduction Types of Traffic
  • Static sessions vs. Dynamic sessions

connect
connect
Negotiate allocate
use static protocol, port
use dynamic protocol, port
disconnect
disconnect
control
data
  • Bursty data transfer vs. Streaming data transfer

packet
network
packet
network
  • Types of traffic are various and increasing!

8
Introduction Internet Protocol Distribution
2003.09.16 1936 POSTECH Internet Junction
Traffic
  • Transport Protocol Distribution
  • The amount of UDP flows is increasing by P2P
    application
  • The amount of ICMP flows is increasing by
    Internet worm

9
Introduction Port number usage in TCP/UDP
  • Port Number Distribution in bytes

?
?
UDP Port Number Distribution
TCP Server Listening Port Number Distribution
  • Proportion of Internet Applications

?
2003.09.16 1936 POSTECH Internet Junction
Traffic
  • Which applications generate this large amount of
    traffic?

10
1. Introduction Motivation
  • Needs of Service Providers
  • Understand the behavior of their networks
  • Provide fast, high-quality, reliable service to
    satisfy customers and thus reduce churn rate
  • Plan for network deployment and expansion
  • SLA monitoring, Network security
  • Increase Revenue!
  • Usage-based billing for network users (like
    telephone calls)
  • Marketing using CRM data
  • Needs of Customers
  • Want to get their moneys worth
  • Fast, reliable, high-quality, secure, virus-free
    Internet access
  • To Satisfy Service Providers Needs to Satisfy
    Their Customers!

11
1. Introduction Application Areas
  • Network Problem Determination and Analysis
  • Traffic Report Generation
  • Intrusion Hacking Attack (e.g., DoS, DDoS)
    Detection
  • Service Level Monitoring (SLM)
  • Network Planning
  • Usage-based Billing
  • Customer Relationship Management (CRM)
  • Marketing

12
1. Introduction Issues in Traffic Monitoring
  • Choices
  • Single-point vs. Multi-point monitoring
  • Number of probing or test packet generation point
  • In-service vs. Out-of-service monitoring
  • Whether monitoring should be executed during
    service or not
  • Continuous vs. On-demand monitoring
  • Monitoring executes continuously or by on-demand.
  • Packet vs. Flow-based monitoring
  • Collect packets or flows from network devices.
  • One-way vs. Bi-directional monitoring
  • Monitor forward path only / forward and return
    path
  • Trade-offs
  • Network bandwidth
  • Processing overhead
  • Accuracy
  • Cost

13
1. Introduction Problems
  • Capturing Packets
  • High-speed networks (Mbps ? Gbps ? Tbps)
  • High-volume traffic
  • Streaming media (Windows Media, Real Media,
    Quicktime)
  • P2P traffic
  • Network Security Attacks
  • Flow Generation Storage
  • What packet information to save to perform
    various analysis?
  • How to minimize storage requirements?
  • Analysis
  • How to analyze and generate data needed quickly?
  • What kinds of info needs to be generated? ?
    Depends on applications

14
1. Introduction RD Goals
  • Develop methods to
  • Capture all packets
  • Generate flows
  • Store flows efficiently
  • Analyze data efficiently
  • Generate various reports or information that are
    suitable for various application areas
  • Develop a flexible, scalable traffic monitoring
    and analysis system for high-speed, high-volume,
    rich media IP networks
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Internet Traffic Monitoring and Analysis : Methods and Applications" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!