By Topic

A scalable high performance network monitoring agent for CERNET

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Zhang Hui ; CERNET Network Res. Center, Tsinghua Univ., Beijing, China ; Li Xing ; Li Zimu

In a cost-effective way, collecting and analyzing data from such a nationwide operational network as China Education and Research Network (CERNET) is an increasingly challenging task. We present experience gained in designing and implementing a passive monitoring agent applicable to CERNET, which helps to cooperate not only with network intrusion detection system (IDS), network management system (NMS) for detecting and identifying signs of malicious activities, nonmalicious failures and other exceptional events in real-time, but provides anomaly information to accounting and billing system (ABS) so as to make it healthy. This agent is characterized by a high performance data collecting facility and a methodology of real-time data correlation and analysis. A customized agent can be deployed on a particular link of CERNET for monitoring network dynamically. We discuss how to conflate, correlate, associate and refine measurement data to discriminate anomalies such as DoS from normal traffic, and how to respond to the anomalies for the purpose of operational network's health. It concludes with experiences learned from the development and deployment of the agent and ongoing research work.

Published in:

Parallel and Distributed Computing, Applications and Technologies, 2003. PDCAT'2003. Proceedings of the Fourth International Conference on

Date of Conference:

27-29 Aug. 2003