Publication:

A passive traffic algorithm for detecting unavailable periods in TCP services

This paper presents a simple passive algorithm to monitor service availability. The algorithm is based on packet counting over a passive traffic trace of a population of clients accessing servers of interest. The major advantage of the algorithm is that it is passive and thus not invasive while usual monitor systems that can be found on Internet are active probing agents. The proposed system does not communicate to actual servers. It is easy to build as an online monitoring system with no big constraints in software or hardware. It does not relay on a distributed number of network placements for probing agents but works on a single network observing point near network edge. Initial proof of work of the algorithm is presented by studying the influence of different kinds of disruptions on packet level traffic and analyzing unavailability problems for popular servers at an academic network at Public University of Navarre.