Please use this identifier to cite or link to this item: https://hdl.handle.net/2440/70703
Citations
Scopus Web of ScienceĀ® Altmetric
?
?
Full metadata record
DC FieldValueLanguage
dc.contributor.authorSommers, J.-
dc.contributor.authorBowden, R.-
dc.contributor.authorEriksson, B.-
dc.contributor.authorBarford, P.-
dc.contributor.authorRoughan, M.-
dc.contributor.authorDuffield, N.-
dc.date.issued2011-
dc.identifier.citationProceedings of IEEE INFOCOM 2011 Conference, 2011; pp.2363-2371-
dc.identifier.isbn9781424499199-
dc.identifier.issn0743-166X-
dc.identifier.urihttp://hdl.handle.net/2440/70703-
dc.description.abstractExperiments on diverse topics such as network measurement, management and security are routinely conducted using empirical flow export traces. However, the availability of empirical flow traces from operational networks is limited and frequently comes with significant restrictions. Furthermore, empirical traces typically lack critical meta-data (e.g., labeled anomalies) which reduce their utility in certain contexts. In this paper, we describe fs: a first-of-its-kind tool for automatically generating representative flow export records as well as basic SNMP-like router interface counts. fs generates measurements for a target network topology with specified traffic characteristics. The resulting records for each router in the topology have byte, packet and flow characteristics that are representative of what would be seen in a live network. fs also includes the ability to inject different types of anomalous events that have precisely defined characteristics, thereby enabling evaluation of proposed attack and anomaly detection methods. We validate fs by comparing it with the ns-2 simulator, which targets accurate recreation of packet-level dynamics in small network topologies. We show that data generated by fs are virtually identical to what are generated by ns-2, except over small time scales (below 1 second). We also show that fs is highly efficient, thus enabling test sets to be created for large topologies. Finally, we demonstrate the utility of fs through an assessment of anomaly detection algorithms, highlighting the need for flexible, scalable generation of network-wide measurement data with known ground truth.-
dc.description.statementofresponsibilityJoel Sommers, Rhys Bowden, Brian Eriksson, Paul Barford, Matthew Roughan and Nick Duffield-
dc.language.isoen-
dc.publisherIEEE-
dc.relation.ispartofseriesIEEE INFOCOM-
dc.source.urihttp://dx.doi.org/10.1109/infcom.2011.5935055-
dc.titleEfficient network-wide flow record generation-
dc.typeConference paper-
dc.contributor.conferenceIEEE INFOCOM Conference (2011 : Shanghai, China)-
dc.identifier.doi10.1109/INFCOM.2011.5935055-
dc.publisher.placeUSA-
dc.relation.granthttp://purl.org/au-research/grants/arc/DP110103505-
pubs.publication-statusPublished-
dc.identifier.orcidRoughan, M. [0000-0002-7882-7329]-
Appears in Collections:Aurora harvest
Mathematical Sciences publications

Files in This Item:
There are no files associated with this item.


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.