( , *) one-to-many: e.g., scanning (*, ) many-to-one: e.g., DDoS ( /24, /28) subnet-to-subnet
|
|
- Poppy French
- 5 years ago
- Views:
Transcription
1
2 ( , *) one-to-many: e.g., scanning (*, ) many-to-one: e.g., DDoS ( /24, /28) subnet-to-subnet 2
3 c φn φ: N: / /0 10.1/ / / / / / / / / /
4 src: dst: [ /32, /16] [ /24, /24] [ /16, /32] sum of prefix lengths ,0 24,8 8,24 32,8 8,0 32,24 8,8 0,8 16,8 8,16 24,16 24,24 16,24 24,32 0,24 8,32 [ /32, /24] [ /24, /32] [ /32, /32] Lattice for IPv4 prefix length pair with 8-bit granularity 4
5 5
6 6
7 ci = j cj where { j child(i) cj < φn } 7
8 8
9 child(i) child(i) [16, 16] [16, 16] (1.2/16, 5.6/16) [24, 16] [16, 16] [24, 24] [16, 24] [24, 16] (1.2.0/24, 5.6/16) (1.2.1/24, 5.6/16) (1.2.3/24, 5.6/16)... [16, 24] (1.2/16, 5.6.0/24) (1.2/16, 5.6.1/24) (1.2/16, 5.6.3/24)... bottom-up aggregation top-down space partitioning 9
10 (l0, l1) 8,0 0,8 8,8 24,0 24,8 16,8 8,16 8,24 0,24 32,8 24,16 16,24 8,32 24,24 32,24 24,32 0,8 8,0 8,8 (I) upper sub-area 0,24 8,16 8,24 (II) right sub-area 16,8 24,0 24,8 (III) left sub-area 16,24 24,16 24,24 (IV) lower sub-area 8,32 24,32 (V) right bottom edge 32,8 32,24 (VI) left bottom edge 10
11 8,0 0,8 8,8 24,0 (I) 16,8 8,16 0,24 24,8 8,24 32,8 (III) 24,16 16,24 (II) 8,32 24,24 (VI) 32,24 (IV) 24,32 (V) 11
12 12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36 4 HHHs extracted
37 14
38 15
39 16
40 17
41 18
42 aggregated by (src,dst) region no src dst c /N (%) VI (1) / / V III II I (2) / / (3) / / (4) * / (5) /23 * 5.0 (6) /20 * 6.8 (7) * / (8) * / (9) * / (10) / / (11) /12 * 6.7 (12) * /7 7.6 () /4 * 5.0 (14) /2 * 6.0 (15) * / * * I aggregated by (dst,src) (1)-(12) identical to (src,dst) () / /2 5.7 (14) * /3 5.3 (15) /1 * * *
43 aggregated by (src,dst) region no src dst c /N (%) VI (1) / / V III II I (2) / / (3) / / (4) * / (5) /23 * 5.0 (6) /20 * 6.8 (7) * / (8) * / (9) * / (10) / / (11) /12 * 6.7 (12) * /7 7.6 () /4 * 5.0 (14) /2 * 6.0 (15) * / * * no RLS(%) SS(%) missing SS HHHs with their c /N (%) (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) (96/3, /16):5.4 (0/2, /16):5.6 (112/4, /12):5.2 (64/2, /12):9.0 (11) (12) (0/1, /20):6.0 (128/2, /16):5.5 (192/4,202/8):5.1 (*, /12):25.5 (16/4,202/7):5.4 (128/1, /9):10.6 (64/2,202/7):15.5 (128/1,202/7):17.7 () (14) ( //1):6.0 (144/4,128/1):5.3 (128/2,96/3):5.0 (128/3,0/1):5.3 (160/3,128/1):7.0 (128/2,0/2):5.7 (128/2,0/1):11.4 (15) (128/1,160/6):5.0 (192/4,128/2):5.2 (0/1,128/2):22.7 (*,128/3): (202/7,0/2):5.4 (192/8,128/1):5.6 (202/8,0/1):5.7 (202/7,128/1):6.0 (192/3,200/5):10.5 (128/1,112/6):5.1 (112/5,128/1):21.8 (200/5,*):17.0 (192/4,128/1):.6 (128/1,16/4):6.2 (*,200/5):42.4 (64/3,128/1):6.0 (96/3,128/1):29.7 (128/1,64/2):10.4 (0/1,128/1):46.7 (128/1,*):53.3 (*,128/1):
44 CPU time (sec) RLS 5x5 RLS 33x33 SS 5x5 SS 33x input N (million packets) 21
45 Memory usage (MB) RLS 5x5 RLS 33x33 SS 5x5 SS 33x input N (million packets) 22
MAD 12 Monitoring the Dynamics of Network Traffic by Recursive Multi-dimensional Aggregation. Midori Kato, Kenjiro Cho, Michio Honda, Hideyuki Tokuda
MAD 12 Monitoring the Dynamics of Network Traffic by Recursive Multi-dimensional Aggregation Midori Kato, Kenjiro Cho, Michio Honda, Hideyuki Tokuda 1 Background Traffic monitoring is important to detect
More informationFlexible NetFlow - Top N Talkers Support
This document contains information about and instructions for using the Flexible NetFlow - Top N Talkers Support feature. The feature helps you analyze the large amount of data that Flexible NetFlow captures
More informationUsing Flexible NetFlow Top N Talkers to Analyze Network Traffic
Using Flexible NetFlow Top N Talkers to Analyze Network Traffic Last Updated: September 4, 2012 This document contains information about and instructions for using the Flexible NetFlow--Top N Talkers Support
More informationChapter 8: Subnetting IP networks. Introduction to Networks v5.1
Chapter 8: Subnetting IP networks Introduction to Networks v5.1 8.0 Introduction 8.1 Subnetting an IPv4 Network 8.2 Addressing Schemes 8.3 Design Considerations for IPv6 8.4 Summary 2013 Cisco and/or its
More informationDecision Forest: A Scalable Architecture for Flexible Flow Matching on FPGA
Decision Forest: A Scalable Architecture for Flexible Flow Matching on FPGA Weirong Jiang, Viktor K. Prasanna University of Southern California Norio Yamagaki NEC Corporation September 1, 2010 Outline
More informationUnderstanding And Using Custom Queries
Purpose This document describes how to use the full flexibility of Nagios to get the most out of your network flow data. Target Audience Network admins performing forensic analysis on a network's flow
More informationStateless automatic IPv4 over IPv6 Tunneling (SA46T)
Stateless automatic over IPv6 Tunneling () draft-matsuhira-sa46t-spec-01.txt Naoki Matsuhira Fujitsu Limited matsuhira@jp.fujitsu.com Maastricht, July 2010 1 Configuration Backbone : Stateless Automatic
More informationTable of Contents 1 ARP Configuration Guide 1-1
Table of Contents 1 ARP Configuration Guide 1-1 Configuring ARP Basics 1-1 Network Diagram 1-1 Networking and Configuration Requirements 1-1 Applicable Product Matrix 1-1 Configuration Procedure 1-1 Complete
More informationVLSM and CIDR. Routing Protocols and Concepts Chapter 6. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1
VLSM and CIDR Routing Protocols and Concepts Chapter 6 Version 4.0 1 Objectives Compare and contrast classful and classless IP addressing. Review VLSM and explain the benefits of classless IP addressing.
More informationINTRODUCTION...2 SOLUTION DETAILS...3 NOTES...3 HOW IT WORKS...4
TESTING & INTEGRATION GROUP TECHNICAL DOCUMENT DefensePro out of path with Cisco router INTRODUCTION...2 SOLUTION DETAILS...3 NOTES...3 HOW IT WORKS...4 CONFIGURATION... 4 TRAFFIC FLOW... 4 SOFTWARE AND
More informationARP attack protection commands
Contents ARP attack protection commands 1 Unresolvable IP attack protection commands 1 arp resolving-route enable 1 arp source-suppression enable 1 arp source-suppression limit 2 display arp source-suppression
More informationTutorial 9. SOLUTION Since the number of supported interfaces is different for each subnet, this is a Variable- Length Subnet Masking (VLSM) problem.
Tutorial 9 1 Router Architecture Consider a router with a switch fabric, 2 input ports (A and B) and 2 output ports (C and D). Suppose the switch fabric operates at 1.5 times the line speed. a. If, for
More informationIP/ICMP Translation Algorithm (IIT) Xing Li, Congxiao Bao, Fred Baker
IP/ICMP Translation Algorithm (IIT) Xing Li, Congxiao Bao, Fred Baker 2008-11-17 Abstract This document specifies an update to the Stateless IP/ICMP Translation Algorithm described in RFC 2765. The algorithm
More informationDetection of DNS Traffic Anomalies in Large Networks
Detection of Traffic Anomalies in Large Networks Milan Čermák, Pavel Čeleda, Jan Vykopal {cermak celeda vykopal}@ics.muni.cz 20th Eunice Open European Summer School and Conference 2014 1-5 September 2014,
More informationConfiguring Logging for Access Lists
CHAPTER 17 This chapter describes how to configure access list logging for extended access lists and Webytpe access lists, and it describes how to manage deny flows. This section includes the following
More informationAlloc8 How to Guide: Adaptive Response
Alloc8 How to Guide: Adaptive Response Adaptive Response Rules Adaptive Response allows administrators to specify rules based on data transfer which dynamically populate Network Objects. These Dynamic
More informationSource-specific routing. implementation. on Linux
Source-specific routing implementation on Linux Matthieu Boutier, joint work with Juliusz Chroboczek IRIF (ex Laboratoire PPS) - Université Paris Diderot boutier@pps.univ-paris-diderot.fr jch@pps.univ-paris-diderot.fr
More informationConfiguring Logging for Access Lists
CHAPTER 20 This chapter describes how to configure access list logging for extended access lists and Webytpe access lists, and it describes how to manage deny flows. This chapter includes the following
More informationLecture 17: Network Layer Addressing, Control Plane, and Routing
Lecture 17: Network Layer Addressing, Control Plane, and Routing COMP 332, Spring 2018 Victoria Manfredi Acknowledgements: materials adapted from Computer Networking: A Top Down Approach 7 th edition:
More informationIdentifying Operating System Using Flow-based Traffic Fingerprinting
Identifying Operating System Using Flow-based Traffic Fingerprinting Tomáš Jirsík, Pavel Čeleda {jirsik celeda}@ics.muni.cz Institute of Computer Science, Masaryk University EUNICE 2014 September, 1. 5.,
More informationEfficient Computation of Data Cubes. Network Database Lab
Efficient Computation of Data Cubes Network Database Lab Outlines Introduction Some CUBE Algorithms ArrayCube PartitionedCube and MemoryCube Bottom-Up Cube (BUC) Conclusions References Network Database
More informationModule 4. Planning the Addressing Structure
Module 4 Planning the Addressing Structure Name 4.1.1 1. How many bits are in an IP address? 2. What is dotted decimal notation? 3. What is the parent part of an IP address? 4. What is the child part of
More informationCustomer IPv6 Delivery
Customer IPv6 Delivery The Nextgen Experience Chris Chaundy, Nextgen Networks October 2011 Agenda Nextgen Network s strategy Just get a prefix and turn it on!?!? Scope of the project Hardware considerations
More informationECE697AA Lecture 20. Forwarding Tables
ECE697AA Lecture 20 Routers: Prefix Lookup Algorithms Tilman Wolf Department of Electrical and Computer Engineering 11/14/08 Forwarding Tables Routing protocols involve a lot of information Path choices,
More informationDW Performance Optimization (II)
DW Performance Optimization (II) Overview Data Cube in ROLAP and MOLAP ROLAP Technique(s) Efficient Data Cube Computation MOLAP Technique(s) Prefix Sum Array Multiway Augmented Tree Aalborg University
More informationEstimating Quantiles from the Union of Historical and Streaming Data
Estimating Quantiles from the Union of Historical and Streaming Data Sneha Aman Singh, Iowa State University Divesh Srivastava, AT&T Labs - Research Srikanta Tirthapura, Iowa State University Quantiles
More informationIMPLEMENTING NETWORK SECURITY. RouterOS. with IP FIREWALL. ADVANCED and EXTRA CONDITIONS
IMPLEMENTING NETWORK SECURITY with RouterOS IP FIREWALL ADVANCED and EXTRA CONDITIONS @uxville tycoonux UXVILLE G. UNABIA Inquirinity Corporation - Philippines MikroTik Certified Trainer MikroTik Academy
More informationSCREAM: Sketch Resource Allocation for Software-defined Measurement
SCREAM: Sketch Resource Allocation for Software-defined Measurement (CoNEXT 15) Masoud Moshref, Minlan Yu, Ramesh Govindan, Amin Vahdat Measurement is Crucial for Network Management Network Management
More informationMultipath Transport, Resource Pooling, and implications for Routing
Multipath Transport, Resource Pooling, and implications for Routing Mark Handley, UCL and XORP, Inc Also: Damon Wischik, UCL Marcelo Bagnulo Braun, UC3M The members of Trilogy project: www.trilogy-project.org
More informationHybrid Information-Centric Networking
Hybrid Information-Centric Networking ICN inside the Internet Protocol Luca Muscariello, Principal Engineer Giovanna Carofiglio, Distinguished Engineer Jordan Augé, Michele Papalini, Mauro Sardara, Alberto
More informationAnalyzing Dshield Logs Using Fully Automatic Cross-Associations
Analyzing Dshield Logs Using Fully Automatic Cross-Associations Anh Le 1 1 Donald Bren School of Information and Computer Sciences University of California, Irvine Irvine, CA, 92697, USA anh.le@uci.edu
More informationJuniper Netscreen Security Device. How to Enable IPv6 Page-51
Juniper Netscreen Security Device Page-51 Netscreen Firewall - Interfaces Below is a screen shot for a Netscreen Firewall interface. All interfaces have an IPv6 address except ethernet0/0. We will step
More informationOpenFlow Ronald van der Pol
OpenFlow Ronald van der Pol Outline! Goal of this project! Why OpenFlow?! Basics of OpenFlow! Short Demo OpenFlow Overview! Initiative of Stanford University! Run network research experiments
More informationhttps://spoofer.caida.org/
Software Systems for Surveying Spoofing Susceptibility Matthew Luckie, Ken Keys, Ryan Koga, Bradley Huffaker, Robert Beverly, kc claffy https://spoofer.caida.org/ DDoS PI meeting, March 9 2017 www.caida.o
More informationSoftware-Defined Networking (Continued)
Software-Defined Networking (Continued) CS640, 2015-04-23 Announcements Assign #5 released due Thursday, May 7 at 11pm Outline Recap SDN Stack Layer 2 Learning Switch Control Application Design Considerations
More informationCS 43: Computer Networks. 21: The Network Layer & IP November 7, 2018
CS 43: Computer Networks 21: The Network Layer & IP November 7, 2018 The Network Layer! Application: the application (e.g., the Web, Email) Transport: end-to-end connections, reliability Network: routing
More informationEXAM TCP/IP NETWORKING Duration: 3 hours With Solutions
SCIPER: First name: Family name: EXAM TCP/IP NETWORKING Duration: 3 hours With Solutions Jean-Yves Le Boudec January 2013 INSTRUCTIONS 1. Write your solution into this document and return it to us (you
More informationOverview of nicter - R&D project against Cyber Attacks in Japan -
Overview of nicter - R&D project against Cyber Attacks in Japan - Daisuke INOUE Cybersecurity Laboratory Network Security Research Institute (NSRI) National Institute of Information and Communications
More informationInternet Protocol Addressing and Routing. Redes TCP/IP
Internet Protocol Addressing and Routing Redes TCP/IP Internet Topology Internet - WAN Gateway or router Physical Network (LAN) internet LAN LAN LAN Dotted Decimal Notation 2 7 2 6 2 5 2 4 2 3 2 2 2 1
More informationConfiguring Dynamic ARP Inspection
21 CHAPTER This chapter describes how to configure dynamic Address Resolution Protocol inspection (dynamic ARP inspection) on the Catalyst 3560 switch. This feature helps prevent malicious attacks on the
More informationPacket Expert Report
Packet Expert Report Hardware Ethernet Test Tool PacketExpert Start Date : Start Time : 2/4/14 18:34:18 End Date : End Time : Test Report : RECORD_ONLY User Comments : RecordOnly www.gl.com Port1 Interface
More informationb. Suppose the two packets are to be forwarded to two different output ports. Is it
Problem-1:[15] Suppose two packets arrive to two different input ports of a router at exactly the same time. Also suppose there are no other packets anywhere in the router. a. Suppose the two packets are
More informationMonitoring Agent for Unix OS Version Reference IBM
Monitoring Agent for Unix OS Version 6.3.5 Reference IBM Monitoring Agent for Unix OS Version 6.3.5 Reference IBM Note Before using this information and the product it supports, read the information in
More informationExpansible and Cost-Effective Network Structures for Data Centers Using Dual-Port Servers
1 Expansible and Cost-Effective Network Structures for Data Centers Using Dual-Port Servers Deke Guo, Member, IEEE, Tao Chen, Member, IEEE, Dan Li, Member, IEEE, Yunhao Liu, Senior Member, IEEE Guihai
More informationNETWORK PROBLEM SET Solution
NETWORK PROBLEM SET Solution Problem 1 Consider a packet-switched network of N nodes connected by the following topologies: 1. For a packet-switched network of N nodes, the number of hops is one less than
More informationExample: Using NSM to Enable and View Application Volume Tracking
Example: Using NSM to Enable and View Application Volume Tracking You can use NSM to enable application volume tracking (AVT) and to view AVT logs and reports. To enable AVT: 1. From NSM Device Manager,
More informationEXAM TCP/IP NETWORKING Duration: 3 hours With Solutions
SCIPER: First name: Family name: EXAM TCP/IP NETWORKING Duration: 3 hours With Solutions Jean-Yves Le Boudec January 2016 INSTRUCTIONS 1. Write your solution into this document and return it to us (you
More informationOPERATING SYSTEMS & Network OVERVIEW. 1: OS & Network Overview
OPERATING SYSTEMS & Network OVERVIEW 1: OS & Network Overview 1 OPERATING SYSTEM OVERVIEW WHAT IS AN OPERATING SYSTEM? An interface between users and hardware - an environment "architecture Allows convenient
More informationBorder Gateway Protocol - BGP
BGP Fundamentals Border Gateway Protocol - BGP Runs over TCP (port 179) TCP connection required before BGP session Need to be reachable! Path vector routing protocol Best path selection based on path attributes
More informationConfiguring Dynamic ARP Inspection
Finding Feature Information, page 1 Restrictions for Dynamic ARP Inspection, page 1 Understanding Dynamic ARP Inspection, page 3 Default Dynamic ARP Inspection Configuration, page 6 Relative Priority of
More informationRouting Protocols of IGP. Koji OKAMURA Kyushu University, Japan
Routing Protocols of IGP Koji OKAMURA Kyushu University, Japan Routing Protocol AS (Autonomous System) Is operated autonomous in the organization. 6bit IGP (Interior Gateway Protocol) Routing Control inside
More informationRIPE76 - Rebuilding a network data pipeline. Louis Poinsignon
RIPE76 - Rebuilding a network data pipeline Louis Poinsignon Who am I Louis Poinsignon Network Engineer @ Cloudflare. Building tools for data analysis and traffic engineering. What is Cloudflare? Content
More informationTowards High-performance Flow-level level Packet Processing on Multi-core Network Processors
Towards High-performance Flow-level level Packet Processing on Multi-core Network Processors Yaxuan Qi (presenter), Bo Xu, Fei He, Baohua Yang, Jianming Yu and Jun Li ANCS 2007, Orlando, USA Outline Introduction
More informationDetecting Anomalies in Netflow Record Time Series by Using a Kernel Function
Detecting Anomalies in Netflow Record Time Series by Using a Kernel Function Cynthia Wagner, Thomas Engel To cite this version: Cynthia Wagner, Thomas Engel. Detecting Anomalies in Netflow Record Time
More informationLesson 3. IPv4 and IPv6 Protocols. Chapter-4 L03: "Internet of Things ", Raj Kamal, Publs.: McGraw-Hill Education
Lesson 3 IPv4 and IPv6 Protocols Publs.: McGraw-Hill Education 1 Internet layer Receives and forwards data to next stage Uses IP version 4 (IPv4), Uses IP version 6 (IPv6) protocol or [IPv6 Routing Protocol
More informationIPv4. Christian Grothoff.
IPv4 christian@grothoff.org http://grothoff.org/christian/ Sites need to be able to interact in one single, universal space. Tim Berners-Lee 1 The Network Layer Transports datagrams from sending to receiving
More informationCubro Packetmaster EX12
Cubro Packetmaster EX12 PRODUCT OVERVIEW Network Packet Broker (NPB) At a glance Definition The Packetmaster EX12 is a network packet broker and network controller switch that aggregates, filters and load
More informationRouting in the Internet
Routing in the Internet Daniel Zappala CS 460 Computer Networking Brigham Young University Scaling Routing for the Internet 2/29 scale 200 million destinations - can t store all destinations or all prefixes
More information5.7 K E Y TE R M S 5.8 SUM M A R Y
C H A P T E R 5 I P V 4 A D D RE SSE S 153 5.7 K E Y TE R M S address aggregation address space binary notation block of addresses class A address class B address class C address class D address class
More informationConfiguring NetFlow BGP Next Hop Support for Accounting and Analysis
Configuring NetFlow BGP Next Hop Support for Accounting and Analysis This document provides information about and instructions for configuring NetFlow Border Gateway Protocol (BGP) next hop support. This
More informationImplementation of Mobile PPC Realizing Mobility of Mobile Nodes
Implementation of Mobile PPC Realizing Mobility of Mobile Nodes Masaki SEJIMO, Akira WATANABE Graduate School of Science and Technology, Meijo University 1-501 Shiogamaguchi, Tenpaku-ku, Nagoya-shi, Aichi,
More informationCommunication Networks
Communication Networks Prof. Laurent Vanbever Exercises week 6 VLAN, Internet Protocol & Forwarding VLAN The network below consists of 9 switches and hosts in two different VLANs (blue and red). Compute
More informationIngo Brenckmann Jochen Kirsten Storage Technology Strategists SAS EMEA Copyright 2003, SAS Institute Inc. All rights reserved.
Intelligent Storage Results from real life testing Ingo Brenckmann Jochen Kirsten Storage Technology Strategists SAS EMEA SAS Intelligent Storage components! OLAP Server! Scalable Performance Data Server!
More informationNetwork Management & Monitoring
Network Management & Monitoring NfSen These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/) What is NfSen
More informationConfigure Routing Resources on the Switch
Configure Routing Resources on the Switch Objective On your switch, all of the routing information is stored in special high-speed memory called Ternary Content Addressable Memory (TCAM) which mainly functions
More informationCSC 4900 Computer Networks: Network Layer
CSC 4900 Computer Networks: Network Layer Professor Henry Carter Fall 2017 Chapter 4: Network Layer 4. 1 Introduction 4.2 What s inside a router 4.3 IP: Internet Protocol Datagram format 4.4 Generalized
More informationUDP NAT Traversal. CSCI-4220 Network Programming Spring 2015
UDP NAT Traversal CSCI-4220 Network Programming Spring 2015 What is NAT Traversal? NAT traversal means establishing a connection between two hosts when one or both is behind NAT. Many of today s network
More informationEffect of IPv6 Prefix with Referrals. X. Li, C. Bao
Effect of IPv6 Prefix with Referrals. Li, C. Bao 2009-07-26 Outline Introduction Referral model Stateless translation and address representation Prefix selection Examples and discussions Remarks Recommendations
More informationKNOM Tutorial Internet Traffic Matrix Measurement and Analysis. Sue Bok Moon Dept. of Computer Science
KNOM Tutorial 2003 Internet Traffic Matrix Measurement and Analysis Sue Bok Moon Dept. of Computer Science Overview Definition of Traffic Matrix 4Traffic demand, delay, loss Applications of Traffic Matrix
More informationjumbo6 v1.2 manual pages
jumbo6 v1.2 manual pages Description This tool allows the assessment of IPv6 implementations with respect to attack vectors based on IPv6 jumbograms. This tool is part of the IPv6 Toolkit v1.2: a security
More informationConfiguring ARP attack protection 1
Contents Configuring ARP attack protection 1 ARP attack protection configuration task list 1 Configuring unresolvable IP attack protection 1 Configuring ARP source suppression 2 Configuring ARP blackhole
More informationNetwork Layer: Control/data plane, addressing, routers
Network Layer: Control/data plane, addressing, routers CS 352, Lecture 10 http://www.cs.rutgers.edu/~sn624/352-s19 Srinivas Narayana (heavily adapted from slides by Prof. Badri Nath and the textbook authors)
More informationIntroduction to Netflow
Introduction to Netflow Campus Network Design & Operations Workshop These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International license (http://creativecommons.org/licenses/by-nc/4.0/)
More informationOff by Default! Hitesh Ballani, Yatin Chawathe, Sylvia Ratnasamy, Timothy Roscoe, Scott Shenker. HotNets-IV, 2005
Off by Default! Hitesh Ballani, Yatin Chawathe, Sylvia Ratnasamy, Timothy Roscoe, Scott Shenker HotNets-IV, 2005 Internet, then and now Internet, circa 1975 Trust in the ends Universal reachability Routability
More informationEstimating Persistent Spread in High-speed Networks Qingjun Xiao, Yan Qiao, Zhen Mo, Shigang Chen
Estimating Persistent Spread in High-speed Networks Qingjun Xiao, Yan Qiao, Zhen Mo, Shigang Chen Southeast University of China University of Florida Motivation for Persistent Stealthy Spreaders Imagine
More informationIntroduction to sflow
More From Your Network Introduction to sflow Holger Hasenaug, Technical Consultant HP ProCurve Networking CCIE#6343 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject
More informationSIGCOMM 17 Preview Session: Network Monitoring
SIGCOMM 17 Preview Session: Network Monitoring Ying Zhang Software Engineer, Facebook Network monitoring is important! Performance Diagnose long delay/loss problems Utilization Traffic engineering Availability
More informationE : Internet Routing
E6998-02: Internet Routing Lecture 18 Overlay Networks John Ioannidis AT&T Labs Research ji+ir@cs.columbia.edu Copyright 2002 by John Ioannidis. All Rights Reserved. Announcements Lectures 1-18 are available.
More informationNetwork Management and Monitoring
Network Management and Monitoring Introduction to Netflow These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/)
More informationSoftware Systems for Surveying Spoofing Susceptibility
Software Systems for Surveying Spoofing Susceptibility Matthew Luckie, Ken Keys, Ryan Koga, Bradley Huffaker, Robert Beverly, kc claffy https://spoofer.caida.org/ AusNOG 2016, September 2nd 2016 www.caida.o
More informationRIPE75 - Network monitoring at scale. Louis Poinsignon
RIPE75 - Network monitoring at scale Louis Poinsignon Why monitoring and what to monitor? Why do we monitor? Billing Reducing costs Traffic engineering Where should we peer? Where should we set-up a new
More informationLast time. Network layer. Introduction. Virtual circuit vs. datagram details. IP: the Internet Protocol. forwarding vs. routing
Last time Network layer Introduction forwarding vs. routing Virtual circuit vs. datagram details connection setup, teardown VC# switching forwarding tables, longest prefix matching IP: the Internet Protocol
More informationConfiguring ARP attack protection 1
Contents Configuring ARP attack protection 1 ARP attack protection configuration task list 1 Configuring unresolvable IP attack protection 1 Configuring ARP source suppression 2 Configuring ARP blackhole
More informationdraft-ietf-v6ops-tunnel-loops - Update and Status
draft-ietf-v6ops-tunnel-loops - Update and Status IETF V6OPS WG - March 31, 2011 Fred L. Templin Boeing Research & Technology fred.l.templin@boeing.com BOEING is a trademark of Boeing Management Company.
More informationECPE / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition
ECPE / COMP 177 Fall 2016 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Course Organization Top-Down! Starting with Applications / App programming Then Transport Layer (TCP/UDP) Then
More informationInitial motivation: 32-bit address space soon to be completely allocated. Additional motivation:
IPv6 Initial motivation: 32-bit address space soon to be completely allocated. Additional motivation: header format helps speed processing/forwarding header changes to facilitate QoS IPv6 datagram format:
More informationLab 8 (IP Addressing)
Islamic University of Gaza Faculty of engineering Computer Department. Computer Network Lab ECOM 4121 Prepared by : Eng. Eman Al- Kurdi Lab 8 (IP Addressing) Introduction: Each device on a network must
More informationTroubleshooting Addressing Services
: Troubleshooting Addressing Services CCNP TSHOOT: Maintaining and Troubleshooting IP Networks TSHOOT v6 1 Reviewing DHCP Operation 2 DHCP Overview DHCP is a client-server protocol. The DHCP client acquires
More informationIntroduction to FastFlow programming
Introduction to FastFlow programming SPM lecture, November 2016 Massimo Torquati Computer Science Department, University of Pisa - Italy Data Parallel Computations In data parallel
More informationEE 457 Unit 6a. Basic Pipelining Techniques
EE 47 Unit 6a Basic Pipelining Techniques 2 Pipelining Introduction Consider a drink bottling plant Filling the bottle = 3 sec. Placing the cap = 3 sec. Labeling = 3 sec. Would you want Machine = Does
More informationObjectives. Note: An IP address is a 32-bit address. The IP addresses are unique. The address space of IPv4 is 2 32 or 4,294,967,296.
Chapter 4 Objectives Upon completion you will be able to: Understand IPv4 addresses and classes Identify the class of an IP address Find the network address given an IP address Understand masks and how
More informationKUPF: 2-Phase Selection Model of Classification Records
KUPF: 2-Phase Selection Model of Classification Records KAKIUCHI Masatoshi Nara Institute of Science and Technology Background Many Internet services classify the data to be handled according to rules
More informationEnhancing Network Security: Host Trustworthiness Estimation
Enhancing Network Security: Host Trustworthiness Estimation Tomáš Jirsík, Pavel Čeleda {jirsik celeda}@ics.muni.cz Institute of Computer Science, Masaryk University Goal 25,739% Tomáš Jirsík, Pavel Čeleda
More informationCubro Packetmaster EX32100
Cubro Packetmaster EX32100 PRODUCT OVERVIEW Network Packet Broker (NPB) At a glance The Packetmaster EX32100 is a network packet broker and network controller switch that aggregates, filters and load balances
More informationRAPTOR: Routing Attacks on Privacy in Tor. Yixin Sun. Princeton University. Acknowledgment for Slides. Joint work with
RAPTOR: Routing Attacks on Privacy in Tor Yixin Sun Princeton University Joint work with Annie Edmundson, Laurent Vanbever, Oscar Li, Jennifer Rexford, Mung Chiang, Prateek Mittal Acknowledgment for Slides
More informationIPv6 Stateless Autoconfiguration
The IPv6 stateless autoconfiguration feature can be used to manage link, subnet, and site addressing changes. Information About, page 1 How to Configure, page 2 Configuration Examples for, page 3 Additional
More informationMapping of Address and Port using Translation (MAP-T) E. Jordan Gottlieb Network Engineering and Architecture
Mapping of Address and Port using Translation (MAP-T) E. Jordan Gottlieb Network Engineering and Architecture jordan.gottlieb@charter.com. What is MAP-T? One of two transport modes of MAP Mapping of Address
More informationChapter 6. Variable Length Subnet Masking (VLSM) Classless Inter-Domain Routing (CIDR) CCNA2-1 Chapter 6
Chapter 6 Variable Length Subnet Masking (VLSM) Classless Inter-Domain Routing (CIDR) CCNA2-1 Chapter 6 VLSM and CIDR Classful and Classless Addressing CCNA2-2 Chapter 6 Classful and Classless Routing
More informationMID-TERM EXAM TCP/IP NETWORKING Duration: 2 hours With Solutions
MID-TERM EXAM TCP/IP NETWORKING Duration: 2 hours With Solutions Jean-Yves Le Boudec 2005 December 8 Do not forget to put your names on all sheets of your solution. If you need to make assumptions in order
More informationDevoFlow: Scaling Flow Management for High-Performance Networks
DevoFlow: Scaling Flow Management for High-Performance Networks Andy Curtis Jeff Mogul Jean Tourrilhes Praveen Yalagandula Puneet Sharma Sujata Banerjee Software-defined networking Software-defined networking
More information