Title :
Fast and accurate flow counting algorithm for the management of IP networks
Author :
Zhu, Shan ; Ohta, Satoru
Author_Institution :
Dept. of Inf. Syst. Eng., Toyama Prefectural Univ., Imizu, Japan
Abstract :
For the management of IP (Internet Protocol) networks, flow counting is significant because of various applications such as denial-of-service (DoS) attack detection, etc. Although several flow counting algorithms have been proposed in literature, they have disadvantages in computational time and accuracy. This paper proposes a flow counting algorithm that eliminates these disadvantages. The proposed method improves the computational time through two techniques: packet sampling and a new data structure based on multiple counters. For the accuracy, the existing flow counting methods is often degraded by regarding the terminated flows as existing and thus overestimating the number of flows. The paper examines a method that avoids such overestimation by utilizing TCP FIN messages. The effectiveness of the proposed method was evaluated and compared with an existing method experimentally.
Keywords :
IP networks; computer network management; computer network security; data structures; transport protocols; Internet protocol network management; TCP FIN messages; data structure; denial-of-service attack detection; flow counting algorithm; packet sampling; Computer network management; Counting circuits; Data structures; Engineering management; IP networks; Management information systems; Protocols; Sampling methods; TCPIP; TV; IP networks; TCP; flow; sampling;
Conference_Titel :
Network Operations and Management Symposium (NOMS), 2010 IEEE
Conference_Location :
Osaka
Print_ISBN :
978-1-4244-5366-5
Electronic_ISBN :
1542-1201
DOI :
10.1109/NOMS.2010.5488339
