Difference between revisions of "Cloud Monitoring"

From SimpleWiki
Jump to navigationJump to search
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
This page will soon contain all software presented in the following paper:
+
This page links software presented in the following paper:
  
* "Measuring Cloud Service Health Using NetFlow/IPFIX: The WikiLeaks Case" by Idilio Drago, Rick Hofstede, Ramin Sadre, Anna Sperotto, Aiko Pras in the Journal of Network and Systems Management.
+
* [http://link.springer.com/article/10.1007%2Fs10922-013-9278-0 "Measuring Cloud Service Health Using NetFlow/IPFIX: The WikiLeaks Case"] by Idilio Drago, Rick Hofstede, Ramin Sadre, Anna Sperotto, Aiko Pras in the Journal of Network and Systems Management.
  
Some final checks for privacy sensitive information in the code and usage examples are still needed. Please, contact us if you are interested in the code in the meanwhile.
+
== Source Code ==
 +
 
 +
The paper presents a tool to post-process nfdump output and to aggregate flow statistics. The statistics can be filtered by the owner of remote IP addresses. A Nfsen plugin is available for data visualization: it shows statistics about the number of flows that failed/succeed toward a selected list of IPs.  
 +
 
 +
The latest version of the source code is available at: [http://sourceforge.net/projects/flow2conn/ the sourceforge]
  
 
== Acceptable Use Policy ==
 
== Acceptable Use Policy ==
Line 9: Line 13:
 
* When writing a paper using this software, please cite:
 
* When writing a paper using this software, please cite:
  
{
+
  @article{drago2015_jnsm,
  author    = {Drago, Idilio and Hofstede, Rick and Sadre, Ramin and Sperotto, Anna and Pras, Aiko},
+
    author    = {Drago, Idilio and Hofstede, Rick and Sadre, Ramin and Sperotto, Anna and Pras, Aiko},
  title    = {Measuring Cloud Service Health Using NetFlow/IPFIX: The WikiLeaks Case},
+
    title    = {Measuring Cloud Service Health Using NetFlow/IPFIX: The WikiLeaks Case},
  journal  = {Journal of Network and Systems Management},
+
    journal  = {Journal of Network and Systems Management},
  publisher = {Springer US},
+
    publisher = {Springer US},
  doi      = {10.1007/s10922-013-9278-0},
+
    doi      = {10.1007/s10922-013-9278-0},
  issn      = {1064-7570},
+
    volume    = {23},
  year      = {2013},
+
    number    = {1},
  url      = { http://dx.doi.org/10.1007/s10922-013-9278-0 },
+
    issn      = {58-88},
}
+
    year      = {2015},
 +
    url      = {http://dx.doi.org/10.1007/s10922-013-9278-0},
 +
  }
  
 
== Paper abstract ==
 
== Paper abstract ==
  
 
The increasing trend of outsourcing services to cloud providers is changing the way computing power is delivered to enterprises and end users. Although cloud services offer several advantages, they also make cloud consumers strongly dependent on providers. Hence, consumers have a vital interest to be immediately informed about any problems in their services. This paper aims at a first step toward a network-based approach to monitor cloud services. We focus on severe problems that affect most services, such as outages or extreme server overload, and propose a method to monitor these problems that relies solely on the traffic exchanged between users and cloud providers. Our proposal is entirely based on NetFlow/IPFIX data and, therefore, explicitly targets high-speed networks. By combining a methodology to reassemble and classify flow records with stochastic estimations, our proposal has the distinct characteristic of being applicable to both sampled and non-sampled data. We validate our proposal and show its applicability using data collected at both the University of Twente and an international backbone during the WikiLeaks Cablegate. Our results show that, in contrast to Anonymous’ claims, the users of the targeted services have been only marginally affected by the attacks.
 
The increasing trend of outsourcing services to cloud providers is changing the way computing power is delivered to enterprises and end users. Although cloud services offer several advantages, they also make cloud consumers strongly dependent on providers. Hence, consumers have a vital interest to be immediately informed about any problems in their services. This paper aims at a first step toward a network-based approach to monitor cloud services. We focus on severe problems that affect most services, such as outages or extreme server overload, and propose a method to monitor these problems that relies solely on the traffic exchanged between users and cloud providers. Our proposal is entirely based on NetFlow/IPFIX data and, therefore, explicitly targets high-speed networks. By combining a methodology to reassemble and classify flow records with stochastic estimations, our proposal has the distinct characteristic of being applicable to both sampled and non-sampled data. We validate our proposal and show its applicability using data collected at both the University of Twente and an international backbone during the WikiLeaks Cablegate. Our results show that, in contrast to Anonymous’ claims, the users of the targeted services have been only marginally affected by the attacks.

Latest revision as of 14:57, 20 May 2015

This page links software presented in the following paper:

Source Code

The paper presents a tool to post-process nfdump output and to aggregate flow statistics. The statistics can be filtered by the owner of remote IP addresses. A Nfsen plugin is available for data visualization: it shows statistics about the number of flows that failed/succeed toward a selected list of IPs.

The latest version of the source code is available at: the sourceforge

Acceptable Use Policy

  • When writing a paper using this software, please cite:
 @article{drago2015_jnsm,
   author    = {Drago, Idilio and Hofstede, Rick and Sadre, Ramin and Sperotto, Anna and Pras, Aiko},
   title     = {Measuring Cloud Service Health Using NetFlow/IPFIX: The WikiLeaks Case},
   journal   = {Journal of Network and Systems Management},
   publisher = {Springer US},
   doi       = {10.1007/s10922-013-9278-0},
   volume    = {23},
   number    = {1},
   issn      = {58-88},
   year      = {2015},
   url       = {http://dx.doi.org/10.1007/s10922-013-9278-0},
 }

Paper abstract

The increasing trend of outsourcing services to cloud providers is changing the way computing power is delivered to enterprises and end users. Although cloud services offer several advantages, they also make cloud consumers strongly dependent on providers. Hence, consumers have a vital interest to be immediately informed about any problems in their services. This paper aims at a first step toward a network-based approach to monitor cloud services. We focus on severe problems that affect most services, such as outages or extreme server overload, and propose a method to monitor these problems that relies solely on the traffic exchanged between users and cloud providers. Our proposal is entirely based on NetFlow/IPFIX data and, therefore, explicitly targets high-speed networks. By combining a methodology to reassemble and classify flow records with stochastic estimations, our proposal has the distinct characteristic of being applicable to both sampled and non-sampled data. We validate our proposal and show its applicability using data collected at both the University of Twente and an international backbone during the WikiLeaks Cablegate. Our results show that, in contrast to Anonymous’ claims, the users of the targeted services have been only marginally affected by the attacks.