NetADHICT: A Tool for Understanding Network Traffic
نویسندگان
چکیده
Computer and network administrators are often confused or uncertain about the behavior of their networks. Traditional analysis using IP ports, addresses, and protocols are insufficient to understand modern computer networks. Here we describe NetADHICT, a tool for better understanding the behavior of network traffic. The key innovation of NetADHICT is that it can identify and present a hierarchical decomposition of traffic that is based upon the learned structure of both packet headers and payloads. In particular, it decomposes traffic without the use of protocol dissectors or other application-specific knowledge. Through an AJAX-based web interface, NetADHICT allows administrators to see the high-level structure of network traffic, monitor how traffic within that structure changes over time, and analyze the significance of those changes. NetADHICT allows administrators to observe global patterns of behavior and then focus on the specific packets associated with that behavior, acting as a bridge from higher level tools to the lower level ones. From experiments we believe that NetADHICT can assist in the identification of flash crowds, rapidly propagating worms, and P2P applications.
منابع مشابه
Lightweight Hierarchical Network Traffic Clustering
We summarize our work with ADHIC (Approximate Divisive HIerarchical Clusterer), a lightweight, online, divisive hierarchical clustering algorithm tailored to the domain of network traffic clustering. We then briefly describe our implementation of ADHIC, NetADHICT, which serves as a tool to system administrators. The key innovation is that it can identify and present a hierarchical decomposition...
متن کاملOptimal Choice of Random Variables in D-ITG Traffic Generating Tool using Evolutionary Algorithms
Impressive development of computer networks has been required precise evaluation of efficiency of these networks for users and especially internet service providers. Considering the extent of these networks, there has been numerous factors affecting their performance and thoroughly investigation of these networks needs evaluation of the effective parameters by using suitable tools. There are se...
متن کاملLiterature Review of Traffic Assignment: Static and Dynamic
Rapid urban growth is resulting into increase in travel demand and private vehicle ownership in urban areas. In the present scenario the existing infrastructure has failed to match the demand that leads to traffic congestion, vehicular pollution and accidents. With traffic congestion augmentation on the road, delay of commuters has increased and reliability of road network has decreased. Four s...
متن کاملBehavioral Analysis of Traffic Flow for an Effective Network Traffic Identification
Fast and accurate network traffic identification is becoming essential for network management, high quality of service control and early detection of network traffic abnormalities. Techniques based on statistical features of packet flows have recently become popular for network classification due to the limitations of traditional port and payload based methods. In this paper, we propose a metho...
متن کاملClassification of encrypted traffic for applications based on statistical features
Traffic classification plays an important role in many aspects of network management such as identifying type of the transferred data, detection of malware applications, applying policies to restrict network accesses and so on. Basic methods in this field were using some obvious traffic features like port number and protocol type to classify the traffic type. However, recent changes in applicat...
متن کامل