CDF-based Flow Detection for Network Flow Sampling and Packet Capturing

CDF-based Flow Detection for Network Flow Sampling and Packet Capturing

Providing an appropriate level of flow collection, relying on packet capturing or flow sampling method, is extremely hard due to various practical limitations and resources requirements. To address this challenge, this paper investigated a CDF (Cumulative Distribution Function)-based flow detection...

Full description

Bibliographic Details
Main Authors: Aris Cahyadi Risdianto, Nuryani -
Format: Article
Language:English
Published: Indonesian Institute of Sciences 2019-08-01
Series:Jurnal Elektronika dan Telekomunikasi
Subjects:
flow detection
cumulative distribution function
flow sampling
packet capturing
Online Access:https://www.jurnalet.com/jet/article/view/265
id doaj-19a672bed465475ba97f975fbd6f71a6
record_format Article
spelling doaj-19a672bed465475ba97f975fbd6f71a62020-11-25T02:30:41ZengIndonesian Institute of SciencesJurnal Elektronika dan Telekomunikasi1411-82892527-99552019-08-01191263110.14203/jet.v19.26-31156CDF-based Flow Detection for Network Flow Sampling and Packet CapturingAris Cahyadi Risdianto0Nuryani -1School of Electrical Engineering and Computer Science, Gwangju Institute of Science and TechnologyResearch Center for Informatics, Indonesian Institute of Sciences (LIPI)Providing an appropriate level of flow collection, relying on packet capturing or flow sampling method, is extremely hard due to various practical limitations and resources requirements. To address this challenge, this paper investigated a CDF (Cumulative Distribution Function)-based flow detection to decide between “known” and “unknown” flows. Therefore, a combined flow collection can be achieved to improve the collection’s efficiency by sampling only the known flows and capturing the remaining unknown flows. As a preliminary experiment, detecting known and unknown flows was conducted over a long period by calculating the empirical CDF distance between each flow’s rate and overall packet’s rate distribution, called as FPR (Flow-to-Packet Ratio), with a threshold (FPRmin) based on a significant level of observed data. The result shows that unknown flow is detected for most of the recommended significant level values.https://www.jurnalet.com/jet/article/view/265flow detectioncumulative distribution functionflow samplingpacket capturing
collection DOAJ
language English
format Article
sources DOAJ
author Aris Cahyadi Risdianto
Nuryani -
spellingShingle Aris Cahyadi Risdianto
Nuryani -
CDF-based Flow Detection for Network Flow Sampling and Packet Capturing
Jurnal Elektronika dan Telekomunikasi
flow detection
cumulative distribution function
flow sampling
packet capturing
author_facet Aris Cahyadi Risdianto
Nuryani -
author_sort Aris Cahyadi Risdianto
title CDF-based Flow Detection for Network Flow Sampling and Packet Capturing
title_short CDF-based Flow Detection for Network Flow Sampling and Packet Capturing
title_full CDF-based Flow Detection for Network Flow Sampling and Packet Capturing
title_fullStr CDF-based Flow Detection for Network Flow Sampling and Packet Capturing
title_full_unstemmed CDF-based Flow Detection for Network Flow Sampling and Packet Capturing
title_sort cdf-based flow detection for network flow sampling and packet capturing
publisher Indonesian Institute of Sciences
series Jurnal Elektronika dan Telekomunikasi
issn 1411-8289
2527-9955
publishDate 2019-08-01
description Providing an appropriate level of flow collection, relying on packet capturing or flow sampling method, is extremely hard due to various practical limitations and resources requirements. To address this challenge, this paper investigated a CDF (Cumulative Distribution Function)-based flow detection to decide between “known” and “unknown” flows. Therefore, a combined flow collection can be achieved to improve the collection’s efficiency by sampling only the known flows and capturing the remaining unknown flows. As a preliminary experiment, detecting known and unknown flows was conducted over a long period by calculating the empirical CDF distance between each flow’s rate and overall packet’s rate distribution, called as FPR (Flow-to-Packet Ratio), with a threshold (FPRmin) based on a significant level of observed data. The result shows that unknown flow is detected for most of the recommended significant level values.
topic flow detection
cumulative distribution function
flow sampling
packet capturing
url https://www.jurnalet.com/jet/article/view/265
work_keys_str_mv AT ariscahyadirisdianto cdfbasedflowdetectionfornetworkflowsamplingandpacketcapturing
AT nuryani cdfbasedflowdetectionfornetworkflowsamplingandpacketcapturing
_version_ 1724828602269171712

Similar Items