All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Stream-wise Aggregation of Flow Data

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F18%3A10133094" target="_blank" >RIV/63839172:_____/18:10133094 - isvavai.cz</a>

  • Result on the web

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Stream-wise Aggregation of Flow Data

  • Original language description

    Network monitoring, especially in large networks, uses so-called flow data analysis. Such analysis is based on aggregation of network packets into IP flows that represent unidirectional communication between pairs of IP addresses. Authors of [1] presented a unique approach to the analysis to handle high data volume of the flow data at near real-time. It is based on a continuous on-the-fly analysis, without permanent storage. Naturally, this approach requires a particular design of the analysis tools. NEMEA [2] is the existing open source detection system that was developed by CESNET, the operator of the Czech National Research and Education Network (NREN), in cooperation with Czech universities. NEMEA uses a UniRec data format that allows for a representation of fixed-sized and variable sized data fields. There are many NEMEA modules, but a universal aggregation module for the NEMEA system was missing. That is why this work focused on the development of a new NEMEA module that can fulfill the requirements. This presentation describes the design and implementation of the new NEMEA aggregation module. The design was optimized to create a high-performance processing module since it must process a high volume of flow data with a low delay. The presentation also describes several use cases of the developed module, i.e., connections to existing other NEMEA modules or tools. Finally, the functionality and the performance of the developed module were evaluated, and the presented results confirm that the module is suitable for deployment in monitoring systems of high-speed networks.

  • Czech name

  • Czech description

Classification

  • Type

    O - Miscellaneous

  • CEP classification

  • OECD FORD branch

    20202 - Communication engineering and systems

Result continuities

  • Project

    <a href="/en/project/LM2015042" target="_blank" >LM2015042: E-infrastructure CESNET</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2018

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Similar results(10)

NEMEA system to support encrypted traffic analysisNEMEA: A Framework for Network Traffic AnalysisNEMEA: A Framework for Network Traffic Analysis