2002
DOI: 10.1007/3-540-36110-3_5
|View full text |Cite
|
Sign up to set email alerts
|

The Architecture of NG-MON: A Passive Network Monitoring System for High-Speed IP Networks1

Abstract: This paper presents the design of a next generation network traffic monitoring and analysis system, called NG-MON (Next Generation MONitoring), for high-speed networks such as 10 Gbps and above. Packet capturing and analysis on such high-speed networks is very difficult using traditional approaches. Using distributed, pipelining and parallel processing techniques, we have designed a flexible and scalable monitoring and analysis system, which can run on off-the-shelf, cost-effective computers. The monitoring an… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
34
0

Year Published

2003
2003
2012
2012

Publication Types

Select...
5
2

Relationship

3
4

Authors

Journals

citations
Cited by 31 publications
(34 citation statements)
references
References 5 publications
0
34
0
Order By: Relevance
“…Two critical problems exist in today's Internet traffic monitoring and analysis. The first problem is how to handle an increased and massive amount of traffic data generated from high-speed network links, such as 2.5 Gbps and higher, in a real-time manner [1]- [5]. The other problem is how to analyze sophisticated traffic data generated from various newly emerging network-based applications such as streaming media, peer-topeer (P2P), and game applications [6]- [8].…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…Two critical problems exist in today's Internet traffic monitoring and analysis. The first problem is how to handle an increased and massive amount of traffic data generated from high-speed network links, such as 2.5 Gbps and higher, in a real-time manner [1]- [5]. The other problem is how to analyze sophisticated traffic data generated from various newly emerging network-based applications such as streaming media, peer-topeer (P2P), and game applications [6]- [8].…”
Section: Introductionmentioning
confidence: 99%
“…The third step is the flow relationship map (FRM), which aggregates flows according to their inter-dependency and decides a corresponding application name to each flow. To validate the proposed algorithm, we have designed and implemented a traffic analysis system, called NG-MON [1]. NG-MON is currently deployed at the Internet junction of POSTECH and provides us with important characteristics of Internet traffic captured between our campus and the Internet.…”
Section: Introductionmentioning
confidence: 99%
“…Experimental systems therefore observe and analyse network traffic at a fixed location such as entry point, or gateway, to a Local Area Network (LAN) (Ranum et al, 1997;Snort, http://www.snort.org, ;Han et al, 2002). This choice is based on several assumptions: that anomalies represent threats to the system and that threats to the network come from outside the network rather than within.…”
Section: Introductionmentioning
confidence: 99%
“…Web Services technologies [10] consists of certain functional areas, XML messaging (e.g., SOAP), transport (e.g., HTTP, FTP and SMTP) and description of application interactions (e.g., WSDL) and discovery (e.g., UDDI). XML describes a class of data objects called XML documents.…”
Section: Web Services Technologiesmentioning
confidence: 99%