Recent advances in network monitoring have increasingly focused on obtaining per-flow information, such as flow state. Tracking the state of network flows opens up a new dimension of information gathering for network operators, allowing previously unattainable data to be captured. This paper presents a time efficient novel method - Binned Duration Flow Tracking (BDFT) - of tracking perflow state by grouping valid flows into "bins". BDFT is intended for high-speed routers where CPU time is crucial. BDFT is time efficient by adopting Bloom filters as the primary data structures. Simulation results show that BDFT can achieve over 99% accuracy on traces of real network traffic.

Additional Metadata
Keywords Bloom filter, Flow tracking, High-speed networks, Terms-network monitoring
Persistent URL dx.doi.org/10.4304/jnw.7.1.37-51
Journal Journal of Networks
Citation
Whitehead, B. (Brad), Lung, C.H, & Rabinovitch, P. (Peter). (2012). Tracking per-flow state - Binned duration flow tracking. Journal of Networks, 7(1), 37–51. doi:10.4304/jnw.7.1.37-51