High-speed analysis of SMB2 file sharing traffic without TCP stream reconstruction
Fecha
2019Autor
Versión
Acceso abierto / Sarbide irekia
Tipo
Contribución a congreso / Biltzarrerako ekarpena
Versión
Versión aceptada / Onetsi den bertsioa
Impacto
|
10.1109/IWMN.2019.8805033
Resumen
This paper presents a file sharing traffic analysis methodology for Server Message Block (SMB), a common protocol in the corporate environment. The design is focused on improving the traffic analysis rate that can be obtained per CPU core in the analysis machine. SMB is most commonly transported over Transmission Control Protocol (TCP) and therefore its analysis requires TCP stream reconstruction ...
[++]
This paper presents a file sharing traffic analysis methodology for Server Message Block (SMB), a common protocol in the corporate environment. The design is focused on improving the traffic analysis rate that can be obtained per CPU core in the analysis machine. SMB is most commonly transported over Transmission Control Protocol (TCP) and therefore its analysis requires TCP stream reconstruction. We evaluate a traffic analysis design which does not require stream reconstruction. We compare the results obtained to a reference full reconstruction analysis, both in accuracy of the measurements and maximum rate per CPU core. We achieve an increment of 30% in the traffic processing rate, at the expense of a small loss in accuracy computing the probability distribution function for the protocol response times. [--]
Materias
File sharing,
Traffic analysis,
Response time
Editor
IEEE
Publicado en
2019 IEEE International Symposium on Measurements and Networking (M&N): Catania, Italy, July 8-10, 2019: symposium proceedings
Notas
Trabajo presentado a la 5th IEEE International Symposium on Measurements and Networking (M&N) 2019. Italia, 2019
Departamento
Universidad Pública de Navarra. Departamento de Ingeniería Eléctrica, Electrónica y de Comunicación /
Nafarroako Unibertsitate Publikoa. Ingeniaritza Elektrikoa, Elektronikoa eta Telekomunikazio Ingeniaritza Saila /
Universidad Pública de Navarra/Nafarroako Unibertsitate Publikoa. Institute of Smart Cities - ISC
Versión del editor
Entidades Financiadoras
This work was supported by Spanish MINECO through project PIT (TEC2015-69417-C2-2-R).