Abstract:
Flow-based traffic monitoring and analysis is widely used in usage-accounting, QoS monitoring, attack detection and network traffic engineering. Accurate and efficient sampling technology is required by implementation of high-speed network traffic analysis based on flow. The packets dealing ability of the monitoring system is a necessary parameter needed to be considered due to the limitation of hardware and software designation. In this paper, one best-effort adaptive sampling method is proposed according to the characteristics of traffic flow and stratified sampling technology. The goal of the method is to take as more as sampled points within the process ability of the monitoring system. The experiments show that the method can adjust the sampling probability very well.