InTraBase: integrated traffic analysis based on a database management system

Siekkinen, Matti; Biersack, Ernst W; Urvoy-Keller, Guillaume; Goebel, Vera; Plagemann, Thomas
E2EMON 2005, Workshop on End-to-End Monitoring Techniques and Services, 9th IFIP/IEEE International Symposium on Integrated Network Management, May 15-19, 2005, Nice, France

Internet traffic analysis as a research area has attracted lots of interest over the last decade. The traffic data collected for analysis are usually stored in plain files and the analysis tools consist of customized scripts each tailored for a specific task. As data are often collected over a longer period of time or from different vantage points, it is important to keep metadata that describe the data collected. The use of separate files to store the data, the metadata, and the analysis scripts provides an abstraction that is much too primitive: The information that "glues" these different files together is not made explicit but is solely in the heads of the people involved in the activity. As a consequence, manipulating the data is very cumbersome, does not scale, and severely limits the way these data can be analyzed. We propose to use a database management system (DBMS) that provides the infrastructure for the analysis and management of data from measurements, related metadata, and obtained results.We discuss the problems and limitations with today's approaches, describe our ideas, and demonstrate how our DBMS-based solution, called InTraBase, addresses these problems and limitations.We present the first version of our prototype and preliminary performance analysis results.

Digital Security
Eurecom Ref:
© 2005 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
See also: