An information-theoretic approach to network monitoring and measurement

Yong Liu, Don Towsley, Tao Ye, Jean Bolot

Research output: Contribution to conferencePaperpeer-review

Abstract

Network engineers and operators are faced with a number of challenges that arise in the context of network monitoring and measurement. These include: i) how much information is included in measurement traces and by how much can we compress those traces?, ii) how much information is captured by different monitoring paradigms and tools ranging from full packet header captures to flow-level captures (such as with NetFlow) to packet and byte counts (such as with SNMP)? and iii) how much joint information is included in traces collected at different points and can we take advantage of this joint information? In this paper we develop a network model and an information theoretic framework within which to address these questions. We use the model and the framework to first determine the benefits of compressing traces captured at a single monitoring point, and we outline approaches to achieve those benefits. We next consider the benefits of joint coding, or equivalently of joint compression of traces captured a different monitoring points. Finally, we examine the difference in information content when measurements are made at either the flow level or the packet/byte count level. In all of these cases, the effect of temporal and spatial correlation on the answers to the above questions is examined. Both our model and its predictions are validated against measurements taken from a large operational network.

Original languageEnglish (US)
Pages159-172
Number of pages14
StatePublished - 2005
Event5th ACM SIGCOMM Conference on Internet Measurement, IMC 2005 - Berkeley, CA, United States
Duration: Oct 19 2005Oct 21 2005

Other

Other5th ACM SIGCOMM Conference on Internet Measurement, IMC 2005
CountryUnited States
CityBerkeley, CA
Period10/19/0510/21/05

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'An information-theoretic approach to network monitoring and measurement'. Together they form a unique fingerprint.

Cite this