Design and Implementation of a Distributed Platform for Sharing IP Flow Records
暂无分享,去创建一个
Experiments using real traffic traces are of key importance in many network management research fields, such as traffic characterization, intrusion detection, and accounting. Access to such traces is often restricted due to privacy issues; research institutions typically have to sign non-disclosure agreements before accessing such traces from a network operator. Having such restrictions, researchers rarely have more than one source of traffic traces on which to run and validate their experiments.
Therefore, this paper develops a Distributed Platform for Sharing IP Flows (DipSIF) based on NetFlow records between multiple institutions. It is assumed that NetFlow traces collected by each participant are archived on separate storage hosts within their premises and then made available to others using a server that acts as a gateway to the storage. Due to privacy reasons the platform presented here uses a prefix-preserving, cryptography-based, and consistent anonymization algorithm in order to comply to different regulations determining the exchange of traffic traces data.
[1] Benoit Claise,et al. Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information , 2008, RFC.
[2] Evangelos P. Markatos,et al. A Generic Anonymization Framework for Network Traffic , 2006, 2006 IEEE International Conference on Communications.
[3] Mostafa H. Ammar,et al. On the design and performance of prefix-preserving IP traffic trace anonymization , 2001, IMW '01.
[4] David Plonka,et al. FlowScan: A Network Traffic Flow Reporting and Visualization Tool , 2000, LISA.