Cloud Monitoring

From SimpleWiki
Revision as of 12:41, 20 May 2015 by Idiliod (talk | contribs)
Jump to navigationJump to search

This page links software presented in the following paper:

Source Code

The paper presents a tool to post-process nfdump output and to aggregate flow statistics. The statistics can be filtered by the owner of remote IP addresses. A Nfsen plugin is available for data visualization: it shows statistics of the number of flows toward a selected list of IPs that failed/succeed.

The latest version of the source code is available at: the sourceforge

Acceptable Use Policy

  • When writing a paper using this software, please cite:
   author    = {Drago, Idilio and Hofstede, Rick and Sadre, Ramin and Sperotto, Anna and Pras, Aiko},
   title     = {Measuring Cloud Service Health Using NetFlow/IPFIX: The WikiLeaks Case},
   journal   = {Journal of Network and Systems Management},
   publisher = {Springer US},
   doi       = {10.1007/s10922-013-9278-0},
   volume    = {23},
   number    = {1},
   issn      = {58-88},
   year      = {2015},
   url       = {},

Paper abstract

The increasing trend of outsourcing services to cloud providers is changing the way computing power is delivered to enterprises and end users. Although cloud services offer several advantages, they also make cloud consumers strongly dependent on providers. Hence, consumers have a vital interest to be immediately informed about any problems in their services. This paper aims at a first step toward a network-based approach to monitor cloud services. We focus on severe problems that affect most services, such as outages or extreme server overload, and propose a method to monitor these problems that relies solely on the traffic exchanged between users and cloud providers. Our proposal is entirely based on NetFlow/IPFIX data and, therefore, explicitly targets high-speed networks. By combining a methodology to reassemble and classify flow records with stochastic estimations, our proposal has the distinct characteristic of being applicable to both sampled and non-sampled data. We validate our proposal and show its applicability using data collected at both the University of Twente and an international backbone during the WikiLeaks Cablegate. Our results show that, in contrast to Anonymous’ claims, the users of the targeted services have been only marginally affected by the attacks.