Application-Aware Flow Monitoring

Investor logo

Warning

This publication doesn't include Faculty of Arts. It includes Institute of Computer Science. Official publication website can be found on muni.cz.
Authors

VELAN Petr ČELEDA Pavel

Year of publication 2019
Type Article in Proceedings
Conference 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)
MU Faculty or unit

Institute of Computer Science

Citation
Web
Keywords network; monitoring; measurement; flow; application flow; NetFlow; IPFIX; encryption; performance; 100 Gbps
Attached files
Description Network flow monitoring has been a part of network security for the last dozen years. It is constantly evolving to keep pace with changes in network operation and innovative network attacks. The thesis contributes to the continuous efforts by exploring the possibilities unlocked by extending the flow data with application-specific information. We show how the construction of flows is affected by processing of application data, present the benefits to traffic analysis, and assess the inevitable performance loss caused by additional data processing. To compensate for the lost performance, several novel optimisation techniques are proposed for the flow monitoring process. Recognising that the increasing deployment of encryption is going to limit the benefits of application flow monitoring, we perform a survey of methods for measurement of encrypted traffic. The thesis is concluded by an outlook towards future possibilities for flow monitoring advancement.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.