Project Description

Network measurement through packet trace collection is an important technique for understanding the fundamental behavior of increasingly complex computer networks. This project aims at exploring a next generation of distributed and high-performance passive measurement infrastructure.

The challenges of such systems lie in the large amounts of measurement data that are generated through monitoring of Gigabit links and the need for complex processing to extract relevant information. To alleviate these problems, we have developed a network processor based packet capture system that can preprocess packet traces on the measurement node before storing the trace in a database. The network processor implements several important functions:

• Variable-length protocol header parsing,
• prefix-preserving address anonymization, and
• online statistics collection.

To support online anonymization at Gigabit link speed, we have developed a new algorithm that outperforms existing solutions by two orders of magnitude. This anonymization algorithm employs top-hashing and subtree replication to replace online cryptographic computations with simple lookup operations.

We have implemented a prototype packet capture node on the Intel IXP2400 network processor and demonstrated its operation at an aggregate data rate of 2 Gbps in hardware.

Publications

• Tilman Wolf, Ramaswamy Ramaswamy, Siddhartha Bunga, and Ning Yang. An architecture for distributed real-time passive network measurement. In Proc. of 14th Annual Meeting of the IEEE/ACM International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS), Monterey, CA, September 2006.
• Ramaswamy Ramaswamy and Tilman Wolf. High-speed prefix-preserving IP address anonymization for passive measurement systems. To appear in ACM/IEEE Transactions on Networking.
• Ramaswamy Ramaswamy, Ning Weng, and Tilman Wolf, “A network processor based passive measurement node,” In Proc. of Passive and Active Measurement Workshop (PAM), Mar. 2005. (Extended Abstract).
• Ramaswamy Ramaswamy, Ning Weng, and Tilman Wolf, “An IXA-based network measurement node,” in Proc. of Intel IXA University Summit, Hudson, MA, Sept. 2004.

For a complete list of NSL publications, see the publications page.