D. Antoniades scite author profile

Abstract-In this paper, we present a novel approach for improving the performance of a large class of CPU and memory intensive passive network monitoring applications, such as intrusion detection systems, traffic characterization applications, and NetFlow export probes. Our approach, called locality buffering, reorders the captured packets by clustering packets with the same destination port, before they are delivered to the monitoring application, resulting to improved code and data locality, and consequently to an overall increase in the packet processing throughput and to a decrease in the packet loss rate. We have implemented locality buffering within the widely used libpcap packet capturing library, which allows existing monitoring applications to transparently benefit from the reordered packet stream without the need to change application code. Our experimental evaluation shows that locality buffering improves significantly the performance of popular applications, such as the Snort IDS, which exhibits a 40% increase in the packet processing throughput and a 60% improvement in packet loss rate.

show abstract

ABW--Short-Timescale Passive Bandwidth Monitoring

Ubik

Antoniades

Oslebo

2007

View full text Add to dashboard Cite

Bandwidth usage monitoring is important for network troubleshooting and planning. Traditionally, used bandwidth is computed from router interface byte counters read by SNMP. This method only allows to check long-term averages of the total used bandwidth without information about short-term dynamics and without knowledge of what applications are consuming most bandwidth.We describe the architecture of a novel passive bandwidth usage monitoring application. This application uses packet capture and advanced processing to continuously provide real-time information about bandwidth usage. The produced characteristics include information about short-term peaks and about the percentage of bandwidth used by different protocols in different layers of the OSI model hierarchy, including detection of application protocols that use dynamic ports.

show abstract

Monitoring three National Research Networks for Eight Weeks: Observations and Implications

Antoniades

Polychronakis

Nikiforakis

et al. 2008

View full text Add to dashboard Cite

Abstract-With the advent of dynamic and elusive distributed applications such as peer-to-peer file sharing systems, network administrators find it increasingly difficult to understand the types of applications running in their networks and the amount of traffic each application produces.In this paper, we present measurement results from the deployment of an accurate traffic characterization application in three National Research and Education Networks for a period of two months. Our observations go beyond traffic distribution; we explore the application usage in terms of active IP addresses, the existence of IP addresses generating massive amounts of traffic, the asymmetry of incoming and outgoing traffic, and the existence of SPAM-sending mail servers.

show abstract

What SNMP Data Can Tell Us about Edge-to-Edge Network Performance

Antoniades

Sim

et al. 2013

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

D. Antoniades

Estimating and Forecasting Network Traffic Performance Based on Statistical Patterns Observed in SNMP Data

Improving the Performance of Passive Network Monitoring Applications using Locality Buffering

ABW--Short-Timescale Passive Bandwidth Monitoring

Monitoring three National Research Networks for Eight Weeks: Observations and Implications

What SNMP Data Can Tell Us about Edge-to-Edge Network Performance

Contact Info

Product

Resources

About