Design and Setup of a Distributed Storage Repository for IP Netflow Records [Abstract]


The key aim of this project is the design and prototypical implementation of a distributed netflow sharing platform integrated within EmanicsLab, a research network that is funded by the European Network of Excellence for the Management of Internet Technologies and Complex Services (EMANICS). It is assumed that network flow traces collected by each participant are archived on separate storage hosts within their premise. EmanicsLab nodes serve as intermediate switching points for allowing client-to-storage communication with integrated access control. The platform is equipped with a client-side library offering an Application Programing Interface (API) against which applications can be developed for the purpose of supplying researchers with netflow records without the need of attending the searching and retrieval processes. Since it is assumed that the network connection between clients and servers is untrustworthy and unreliable a connection-oriented and cryptographic secured protocol is used for communication. Due to privacy reasons many communities and administrators are reluctant to share exported netflow data. A prefix-preserving, cryptography-based, and consistent anonymization algorithm for veiling IP addresses is used in order to overcome these

[go back]

Latest update on Friday the 6th of February 2009.