ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Gigascope: high performance network monitoring with an SQL interface
Full text PdfPdf (108 KB)
Source International Conference on Management of Data archive
Proceedings of the 2002 ACM SIGMOD international conference on Management of data table of contents
Madison, Wisconsin
DEMONSTRATION SESSION: Networks applications table of contents
Pages: 623 - 623  
Year of Publication: 2002
ISBN:1-58113-497-5
Authors
Chuck Cranor  AT&T Labs - Research
Yuan Gao  AT&T Labs - Research
Theodore Johnson  AT&T Labs - Research
Vlaidslav Shkapenyuk  AT&T Labs - Research
Oliver Spatscheck  AT&T Labs - Research
Sponsor
SIGMOD: ACM Special Interest Group on Management of Data
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 8,   Downloads (12 Months): 92,   Citation Count: 24
Additional Information:

abstract   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/564691.564777
What is a DOI?

ABSTRACT

Operators of large networks and providers of network services need to monitor and analyze the network traffic flowing through their systems. Monitoring requirements range from the long term (e.g., monitoring link utilizations, computing traffic matrices) to the ad-hoc (e.g. detecting network intrusions, debugging performance problems). Many of the applications are complex (e.g., reconstruct TCP/IP sessions), query layer-7 data (find streaming media connections), operate over huge volumes of data (Gigabit and higher speed links), and have real-time reporting requirements (e.g., to raise performance or intrusion alerts).We have found that existing network monitoring technologies have severe limitations. One option is to use TCPdump to monitor a network port and a user-level application program to process the data. While this approach is very flexible, it is not fast enough to handle gigabit speeds on inexpensive equipment. Another approach is to use network monitoring devices. While these devices are capable of high speed monitoring, they are inflexible as the set of monitoring tasks is pre-defined. Adding new functionality is expensive and has long lead times. A similar approach is to use monitoring tools built into routers, such as SNMP, RMON, or NetFlow. These tools have similar characteristics --- fast but inflexible.A further problem with all of these tools is their lack of a query interface. The data from the monitors are dumped to a file or piped through a file stream without an association to the semantics of the data. The burden of managing and interpreting the data is left to the analyst. Due to the volume and complexity of the data, the burden can be severe. These problems make developing new applications needlessly slow and difficult. Also, many mistakes are made leading to incorrect analyses.


CITED BY  24
Lukasz Golab , M. Tamer Özsu, Issues in data stream management, ACM SIGMOD Record, v.32 n.2, p.5-14, June 2003
Chuck Cranor , Theodore Johnson , Oliver Spataschek , Vladislav Shkapenyuk, Gigascope: a stream database for network applications, Proceedings of the 2003 ACM SIGMOD international conference on Management of data, June 09-12, 2003, San Diego, California
Lukasz Golab , David DeHaan , Erik D. Demaine , Alejandro Lopez-Ortiz , J. Ian Munro, Identifying frequent items in sliding windows over on-line packet streams, Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement, October 27-29, 2003, Miami Beach, FL, USA
Graham Cormode , Theodore Johnson , Flip Korn , S. Muthukrishnan , Oliver Spatscheck , Divesh Srivastava, Holistic UDAFs at streaming speeds, Proceedings of the 2004 ACM SIGMOD international conference on Management of data, June 13-18, 2004, Paris, France
Abhinandan Das , Johannes Gehrke , Mirek Riedewald, Semantic Approximation of Data Stream Joins, IEEE Transactions on Knowledge and Data Engineering, v.17 n.1, p.44-59, January 2005
Graham Cormode , Mayur Datar , Piotr Indyk , S. Muthukrishnan, Comparing Data Streams Using Hamming Norms (How to Zero In), IEEE Transactions on Knowledge and Data Engineering, v.15 n.3, p.529-540, March 2003
Kathleen Fisher , Robert Gruber, PADS: a domain-specific language for processing ad hoc data, ACM SIGPLAN Notices, v.40 n.6, June 2005
Utkarsh Srivastava , Kamesh Munagala , Jennifer Widom, Operator placement for in-network stream query processing, Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, June 13-15, 2005, Baltimore, Maryland
Theodore Johnson , S. Muthukrishnan , Vladislav Shkapenyuk , Oliver Spatscheck, A heartbeat mechanism and its application in gigascope, Proceedings of the 31st international conference on Very large data bases, August 30-September 02, 2005, Trondheim, Norway
Lukasz Golab , Theodore Johnson , Oliver Spatscheck, Prefilter: predicate pushdown at streaming speeds, Proceedings of the 2nd international workshop on Scalable stream processing system, March 29-29, 2008, Nantes, France
Mark Daly , Yitzhak Mandelbaum , David Walker , Mary Fernández , Kathleen Fisher , Robert Gruber , Xuan Zheng, PADS: an end-to-end system for processing ad hoc data, Proceedings of the 2006 ACM SIGMOD international conference on Management of data, June 27-29, 2006, Chicago, IL, USA
Damianos Chatziantoniou , Kenneth A. Ross, Partitioned optimization of complex queries, Information Systems, v.32 n.2, p.248-282, April, 2007
S. Muthukrishnan, Data streams: algorithms and applications, Foundations and Trends® in Theoretical Computer Science, v.1 n.2, p.117-236, August 2005
Craig Milo Rogers, ANQL: an active networks query language, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.50 n.14, p.2564-2576, 5 October 2006
Hua-Gang Li , Songting Chen , Junichi Tatemura , Divyakant Agrawal , K. Selçuk Candan , Wang-Pin Hsiung, Safety guarantee of continuous join queries over punctuated data streams, Proceedings of the 32nd international conference on Very large data bases, September 12-15, 2006, Seoul, Korea
Frederick Reiss , Minos Garofalakis , Joseph M. Hellerstein, Compact histograms for hierarchical identifiers, Proceedings of the 32nd international conference on Very large data bases, September 12-15, 2006, Seoul, Korea
Yijian Bai , Hetal Thakkar , Haixun Wang , Chang Luo , Carlo Zaniolo, A data stream language and system designed for power and extensibility, Proceedings of the 15th ACM international conference on Information and knowledge management, November 06-11, 2006, Arlington, Virginia, USA
Ramaswamy Ramaswamy , Tilman Wolf, High-speed prefix-preserving IP address anonymization for passive measurement systems, IEEE/ACM Transactions on Networking (TON), v.15 n.1, p.26-39, February 2007
Alberto Lerner , Dennis Shasha, AQuery: query language for ordered data, optimization techniques, and experiments, Proceedings of the 29th international conference on Very large data bases, p.345-356, September 09-12, 2003, Berlin, Germany
Graham Cormode , Flip Korn , S. Muthukrishnan , Divesh Srivastava, Finding hierarchical heavy hitters in data streams, Proceedings of the 29th international conference on Very large data bases, p.464-475, September 09-12, 2003, Berlin, Germany
Graham Cormode , Mayur Datar , Piotr Indyk , S. Muthukrishnan, Comparing data streams using Hamming norms (how to zero in), Proceedings of the 28th international conference on Very Large Data Bases, p.335-345, August 20-23, 2002, Hong Kong, China
Abhijit Pol , Christopher Jermaine , Subramanian Arumugam, Maintaining very large random samples using the geometric file, The VLDB Journal — The International Journal on Very Large Data Bases, v.17 n.5, p.997-1018, August 2008
Kathleen Fisher, We need more than one: why students need a sophisticated understanding of programming languages, ACM SIGPLAN Notices, v.43 n.11, November 2008
Fusheng Wang , Shaorong Liu , Peiya Liu, Complex RFID event processing, The VLDB Journal — The International Journal on Very Large Data Bases, v.18 n.4, p.913-931, August 2009

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.3 Network Operations
          Subjects: Network management

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.3 Network Operations
          Subjects: Network monitoring
  C.4 PERFORMANCE OF SYSTEMS
      Subjects: Performance attributes

  H. Information Systems
  H.2 DATABASE MANAGEMENT
      H.2.3 Languages

          Nouns: SQL
      H.2.7 Database Administration
          Subjects: Logging and recovery


General Terms:
Algorithms, Documentation, Management, Measurement, Performance, Theory

Collaborative Colleagues:
Chuck Cranor: colleagues
Yuan Gao: colleagues
Theodore Johnson: colleagues
Vlaidslav Shkapenyuk: colleagues
Oliver Spatscheck: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player