In order to maintain networks, defend against attacks, monitor service quality, and track usage patterns, the masive amounts of traffic must be processed to extract the necessary information. With data of this scale and speed, even basic analysis tasks become difficult. Most prior research has focused on questions on the “forward distribution” f(x), such as “what is the median connection duration?”. I will discuss a new set of challenges that come from studying the “inverse distribution” f-1(i), such as “what is the median number of connections made by each user?” Tracking the inverse distribution has a variety of applications in network monitoring, and requires some new techniques based on drawing an effective sample from the inverse distribution. I will talk about how to do this for a centralized monitoring point, for a pair of monitoring points, and finally for a general distributed monitoring architecture.
This file was generated by bibtex2html 1.92.