Network Measurement

As part of a collaborative effort, we have developed a prototype system that uses Intel IXP2400 network processors to monitor Internet links. The network processor collects packet headers, anonymizes the IP addresses, and sends the data to a storage node. We have extended this problem to developing a general "online measurement node" that can be programmed dynamically to collect relevant statistics from the packet stream. The key to a scalable design that supports thousands of concurrent user queries is to decompose measurement queries into individual statistics that can be implemented with little processing effort and can be reused across different queries.

In the process, we have also developed a cryptographically strong, yet computationally simple, IP address anonymization algorithm that maintains the IP prefix relationships between addresses. This algorithm reduces the per-packet processing cost by a factor of 100 compared to previous solutions and can easily be implemented in any embedded network system.

Publications

• Tilman Wolf, Ramaswamy Ramaswamy, Siddhartha Bunga, and Ning Yang, "An architecture for distributed real-time passive network measurement," in Proc. of 14th Annual Meeting of the IEEE/ACM International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS), Monterey, CA, Sept. 2006, pp. 335-344.
• Ramaswamy Ramaswamy and Tilman Wolf, "High-speed prefix-preserving IP address anonymization for passive measurement systems," IEEE/ACM Transactions on Networking, vol. 15, no. 1, Feb. 2007, pp. 26-39.
• For more publications see the publications page.