Marco Caninis's Publications

NetFlow: information loss or win?
Zitatschlüssel SF-NILW-02
Autor Sommer, Robin and Feldmann, Anja
Jahr 2002
Institution Universität des Saarlandes, Saarbrücken, Germany
Zusammenfassung Operating a network without accurate traffic statistics is not desirable. Commonly used data sources are SNMP, flow-level data, e.g., Cisco's NetFlow, or packet level data. The first data source provides low volume, coarse-grained, non-application specific data. The latter one provides high volumne, fine-grain data and application specific information. NetFlow lies somewhere in between in terms of both: volume and level of detail. In this paper we ask the question how and how accurately can one infer information from NetFlow. More specifically we are interested in TCP connection summaries and accurately aggregated packet and byte counts. The same techniques apply to application specific (per port) summaries.
Typ der Publikation Technical Report
