CDF-based Flow Detection for Network Flow Sampling and Packet Capturing

CDF-based Flow Detection for Network Flow Sampling and Packet Capturing

Providing an appropriate level of flow collection, relying on packet capturing or flow sampling method, is extremely hard due to various practical limitations and resources requirements. To address this challenge, this paper investigated a CDF (Cumulative Distribution Function)-based flow detection...

Full description

Bibliographic Details
Main Authors: Aris Cahyadi Risdianto, Nuryani -
Format: Article
Language:English
Published: Indonesian Institute of Sciences 2019-08-01
Series:Jurnal Elektronika dan Telekomunikasi
Subjects:
flow detection
cumulative distribution function
flow sampling
packet capturing
Online Access:https://www.jurnalet.com/jet/article/view/265
Description
Summary:Providing an appropriate level of flow collection, relying on packet capturing or flow sampling method, is extremely hard due to various practical limitations and resources requirements. To address this challenge, this paper investigated a CDF (Cumulative Distribution Function)-based flow detection to decide between “known” and “unknown” flows. Therefore, a combined flow collection can be achieved to improve the collection’s efficiency by sampling only the known flows and capturing the remaining unknown flows. As a preliminary experiment, detecting known and unknown flows was conducted over a long period by calculating the empirical CDF distance between each flow’s rate and overall packet’s rate distribution, called as FPR (Flow-to-Packet Ratio), with a threshold (FPRmin) based on a significant level of observed data. The result shows that unknown flow is detected for most of the recommended significant level values.
ISSN:1411-8289
2527-9955

Similar Items