웹 기반의 실시간 인터넷 트래픽 흐름 측정 및 분석 - KNOM

WWW (World-Wide
Web)
.
.
.
.
.
,
.
.
1.
.
.
, 1969
ARPANET[1]
,
.
.
MRTG[2], Etherfind[3],
, WWW
TCPdump[4], WebTrafMon[5]
(World-Wide Web) WWW
.
.
MIB SNMP
agent
SNMP manager
.
.
,
, SNMP agent SNMP manager

, NT
.
.
.
manager
. ,
[8]
,
.
.
.
WebTrafMon[5]
MRTG[2]WebTrafMon[5] ,
.
.
.
.
2.
MRTG[2]
WebTrafMon[5] .
2.1 MRTG
II In/Out octet PNG
,
.
MRTG
, , , 1
.
2.2 WebTrafMon
,
,
.
WebTrafMon
.
.
.
MRTG(Multi-Router Traffic Grapher)[2]
,
SNMP MIB
.
.
WebTrafMon
(probe)
HTML
(viewer) .
,
. MRTG SNMP
Perl SNMP
.
C
.

(attribute)
.
3.
(Real-time
Traffic Flow Measurement)[6,13]
.
meter manager , meter
(rule set)
SRL(Simple Ruleset Language)[8]
.
3.1
[6,13]IETF
,
(traffic flow)
.
,
. 1991 RFC 1272[14]
, 1997 meter
. [9] ,
.
( 1)
[7] 1
meter, meter reader, manager, analysis application
. meter PME(Packet Matching Engine) . PME
(metering point)
, meter
reader meter .
manager
meter meter reader
,
meter meter reader
, analysis application
. meter
,
(entity)
.
,
,
. manager
meter .
meter manager
. meter
meter MIB
SNMP agent
,
manager
meter MIB SNMP manager .
3.2 meter
meter[7]
.
meter
.
meter
,
(flow table) .
meter
.
meter
,
, , .
2meter .
,
(virtual machine)

Specified Rule Set, Set High Water Mark, Set Flow
Termination Parameters, Set Inactivity Timeout
[7] meter
.
3.4 meter MIB
( 2) meter
,
. flowData
(flow key)
.
meter reader[7]
,
, ,
. meter
.
. flowRules
,
.
flowData
,
. PeerType
.
(rule) , IPv4Ipv6, 3CLNS, 11 IPX, 11 appletalk,
meter
. 13 DECnet . TransType Tranport
SRL(Simple Ruleset Language) , Address , 6 tcp,
SRL 3.5 17 udp, 1 icmp .
.
meter
SourceTransAddress DestTransAddress
.
.
3.3 manager
manager[7]meter meter reader
. meter
.
.
,
manager
. SRL(Simple Ruleset Lanauage)[8]
manager meter
. Download Rule Set, Switch to
meter MIB[10]1995 12 IETF
David Perkins SNMPv2 MIB
, 1996
.
flowMIB[10] flowControl,
flowData, flowRules, flowMIBConformance
. flowControl , ,
manager ,
, ,
.
,
PeerAddress . 1 2
.
3.5 SRL
meter
. meter
manager
meter PME
.

. SRL meter
.
,
.
. SRL IF
SRL
, SAVE
. , COUNT SNMP Agent meter
.
SRL
meter MIB[10]
.
- ‘#’ .
- .
- (;) .
- (identifier) , manager nm_rc[11] ,
, ‘_’ .
-
.
3 SRL
.
IP,
EtherTalk, IPX, DECnet
tcp, udp, icmp .
,
.
4.1
4 .
NeTraMet[9]
. NeTraMet meterSNMPv2
SNMP agent . meter MIB
RFC 2064[10] .
SNMP manager NeTraMet
CGI
.
( 4)
( 3) SRL
nm_rc
manager
meter reader NeMac[11]
fd_filter[11]
. NeMac
meter
, meter
SNMP
.
.

4.2
SNMP agent SNMP manager
.
manager
.
agent manager
.
manager
agent
.
, , ,
,
, ,
,
. ,
.
.
meter IP
manager
. Linux Kernel 2.0.32
.
, meter
Intel Pentium 133MHz, 64MB
.
meter manager
.
Libpcap 0.4a6[4] ,
.
,
SRL
. Apache
.
Web Server 1.2.5 CGI
Perl
.
.
,
,
,
,
. ,
.
, agent manager
.
5.
.
5.1
Intel Pentium 100MHz, 64MB
meter New Zealand University of Auckland
Nevil Brownlee NeTraMet[11]
, . manager
5.004_01, HTML
.
4.3
5.2
manager
meter
.
(%), ,
Linux Unix
.
meter manager

.
meter
NeTraMet
NetFlowMet[9] NeTraMet
Libpcap[4]
.
5.3
.
5.3.1
5
.
,
, , , Monitoring”
, , “Traffic History”1
.
( 6)
“Real-time Monitoring”“Traffic
History”
. “Real-time
.
5.3.2
, “Real-time Monitoring”
. 7
, IP ,
,
.
10 , 10
( 5)
. IP
meter
.
6
.
,
“Introduction”
.

( 7)
( 9)
8
.
IP ,
,
. 8
.
11 8
, ,
, ,
.
10 8
.
.
. IANA[12]
.
( 8)
9 8
. IP 71%
.
.
( 10)

13 12
.
,
IP
, ,
.
.
,
.
( 11)
5.3.3
.
12
. , ,
,
.
( 13)
14 12
.
( 12)
14.
13

IP , ,
.
. meter manager
.
udp manager meter
.
15 12
. IP ,
,
.
,
.
.
IANA[12]
meter
.
. meter manager
,
manager meter
. manager
. ,
.
.
[]
15.
6.
,
.
[5] J. Won-Ki Hong, Soon-Sun Kwon and Jae-Young
AOD(Audio On Demand), VOD(Video On Demand)
.
[1] Michael Hauben, “History of ARPANET,”
http://www.dei.isep.ipp.pt/docs/arpa-Contents.html.
[2] Tobias Oetiker and Dave Rand, “MRTG: Multi
Router Traffic Grapher,” httpd://ee-
staff.ethz.ch/~oetiker/webtools/mrtg/mrtg.html.
[3] Craig Hunt, TCP/IP Network Administration,
O’Reilly and Associates, Inc., 1992.
[4] Lawrence Berkley National Laboratory,
"tcpdump 3.4a6", ftp://ftp.ee.lbl.gov.
Kim, "WebTrafMon: Web-based Internet/Intranet
Network Traffic Monitoring and Analysis System",
Computer Communications, Elsevier Science, Vol.
22, No. 14, September 1999, pp. 1333-1342.

[6] S. Handelman, S. Stibler, N. Brownlee and G. Ruth,
“RTFM : New Attributes for Traffic Flow
Measurement,” RFC 2724, October, 1999.
[7] N. Brownlee, C. Mills, and G. Ruth, “Traffic Flow
Measurement : Architecture,” RFC2722, October
1999.
[8] N. Brownlee, “SRL : A Language for Describing
Traffic Flows and Specifying Actions for Flow
Groups,” August 1999.
[9] N. Brownlee, “Traffic Flow Measurement :
Experiences with NeTraMet,” RFC 2123, March
1997.
[10] N. Brownlee, “Traffic Flow Measurement : Meter
MIB,” RFC 2720, October 1999.
[11] N. Brownlee, NeTraMet home page,”
http://www.auckland.ac.nz/net/ NeTraMet.
[12] IANA, “Protocol Numbers,”
ftp://ftp.isi.edu/iana/assignments/protocol-numbers .
[13] N. Brownlee, “RTFM : Applicability Statement,”
RFC 2721, October 1999.
[14] C. Mills , D. Hirsh, G. Ruth, “Internet Accounting :
Background”, RFC 1272, November 1991.
1996
,
1998
,
1999-
:
1994
,
1996
,
1996-1998
1998-
:
,
, CORBA,
1983 Univ. of Western Ontario,
1985 Univ. of Western Ontario,
1985-1986 Univ. of Western Ontario,
1986-1991 Univ. of Waterloo,
1991-1992 Univ. of Waterloo, Post-Doc fellow
1992-1995 Univ. of Western Ontario,
1995-
: ,
, CORBA, Internet .