and an Analysis on IP Networks

A major problem with current Internet traffic monitoring and analysis concerns the large number of newly emerging network-based applications possessing more complicated communication structures and traffic patterns than traditional applications. The amount of traffic generated by these applications, such as peer-to-peer (P2P), streaming media, games, etc., is reported to be well over half of the total traffic. The dynamic use of port numbers, the use of multiple sessions, and other features of these applications complicate the characterization of current Internet traffic. Applicationlevel traffic identification is a preliminary but essential step toward traffic characterization, which this paper mainly addresses. Traditional traffic identification methods based on well-known port numbers are not appropriate for the identification of P2P, streaming, and other new types of applications. This paper proposes a new method to identify current Internet traffic. First, we categorized most current network-based applications into several classes according to their traffic patterns. Using this categorization, we developed a flow grouping method that determines the application name of traffic flows. We have incorporated our method into NG-MON, a traffic analysis system, to analyze Internet traffic between our enterprise network and the Internet.

[1]  Eric C. Rosen,et al.  Multiprotocol Label Switching Architecture , 2001, RFC.

[2]  Cormac J. Sreenan,et al.  mmdump: a tool for monitoring internet multimedia traffic , 2000, CCRV.

[3]  Matthew Roughan,et al.  P2P the gorilla in the cable , 2003 .

[4]  Evangelos P. Markatos,et al.  Tracing a Large-Scale Peer to Peer System: An Hour in the Life of Gnutella , 2002, 2nd IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGRID'02).

[5]  Krishna P. Gummadi,et al.  An analysis of Internet content delivery systems , 2002, OPSR.

[6]  Adam Wierzbicki,et al.  Deconstructing the Kazaa network , 2003, Proceedings the Third IEEE Workshop on Internet Applications. WIAPP 2003.

[7]  Jia Wang,et al.  Analyzing peer-to-peer traffic across large networks , 2004, IEEE/ACM Trans. Netw..

[8]  Henry Shu-hung Chung,et al.  Rate-based internet accounting system using application-aware traffic measurement APNOMS 2003 , 2003 .

[9]  Krishna P. Gummadi,et al.  A measurement study of Napster and Gnutella as examples of peer-to-peer file sharing systems , 2002, CCRV.

[10]  James Won-Ki Hong,et al.  Towards Peer-to-Peer Traffic Analysis Using Flows , 2003, DSOM.

[11]  James Won-Ki Hong,et al.  A Method on Multimedia Service Traffic Monitoring and Analysis , 2003, DSOM.

[12]  Jacky C. Chu,et al.  Availability and locality measurements of peer-to-peer file systems , 2002, SPIE ITCom.

[13]  Chase Cotton,et al.  Packet-level traffic measurements from the Sprint IP backbone , 2003, IEEE Netw..

[14]  Aiko Pras,et al.  Analysing campus traffic using the meter-MIB , 2002 .

[15]  Krishna P. Gummadi,et al.  Measurement, modeling, and analysis of a peer-to-peer file-sharing workload , 2003, SOSP '03.

[16]  Balachander Krishnamurthy,et al.  Early measurements of a cluster-based architecture for P2P systems , 2001, IMW '01.

[17]  Nathaniel Leibowitz,et al.  ARE FILE SWAPPING NETWORKS CACHEABLE , 2002 .

[18]  홍원기 The Architecture of NG-MON: A Passive Network Monitoring System , 2002 .

[19]  Stefan Saroiu,et al.  A Measurement Study of Peer-to-Peer File Sharing Systems , 2001 .