Abstract
Historical network traffic traces, both at the flow and packet level, play a significant role in many research and engineering areas, such as network security, traffic engineering and accounting. To retrieve the specific entries at a higher speed from large traces, each packet or flow should be indexed using multiple query fields during archiving. This brings challenges both in terms of archiving speed and storage consumption. We propose a network traffic indexing and querying method based on Index–Trie, to achieve fast archiving, low storage space of the indexes, and fast retrieval. We implemented a system for online trace archival and retrieval. Our experiments, performed both offline and online on backbone, campus and datacenter network traffic, demonstrate that our method outperforms the popular FastBit method. For packet traces, the Index–Trie based method can obtain an improvement up to 72% for the archiving rate, 56% lower storage consumption, and 14 times faster retrieving time. For flow traces, compared to FastBit, our system is up to 15 times faster in term of the archiving rate, 42% less storage, and 100 times faster retrieving speed. Furthermore, we extend the application of Index-Tries to log file indexing and retrieving.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
