Abstract
One crucial challenge in network flow monitoring is how to accurately and efficiently monitor the large volume of network flows. Several approaches proposed to address this challenge either lack flexibility adapting to greatly varying network traffic (e.g. sNetFlow), or require intensive computing resources (e.g. ANF). In this paper, we propose a novel double-sampling and hold approach for net work flow monitoring to tackle this challenge. We take a coarse-grained packet sampling to initially reduce the total number of monitored packets; then, an enhanced fine-grained sample and hold algorithm (ESHA) is adopted to selectively add packets into flow cache. By optimally adjusting the ESHA sampling rate and taking Early Removal flow cache management scheme, the flow information can be maximized with given limited system resources. Extensive simulation and experiment studies show that our approach can significantly improve both the accuracy and efficiency in network flow monitoring than other methods.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
