Change search
ReferencesLink to record
Permanent link

Direct link
Evaluation of packet capturing systems for passive monitoring
Halmstad University, School of Information Science, Computer and Electrical Engineering (IDE).
Halmstad University, School of Information Science, Computer and Electrical Engineering (IDE).
2013 (English)Independent thesis Advanced level (degree of Master (One Year)), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Computer Network monitoring is a part of network managements. There are active and passive monitoring techniques. Evaluation and comparison of both techniques have been done in previous works. Only one previous work was focusing on passive monitoring such as TAP and Port mirroring, specifically on Port-mirroring technique. This motivated us to repeat the experiment, which was primary done by J. Zhiang and A. Moore, and evaluate existing passive monitoring techniques TAP and Port- mirroring in more detail. We have done a qualitative experiment in the laboratory and we noted that Port-mirror used a significant amount of the Central Processor Unit (CPU) during the process. White papers introduced Port-mirroring as a passive network monitoring method without affecting the performance, but our results showed it does have an effect. Also, can confirm, that Port-mirroring was reordering packets, had process delay and in case of congestion it dropped packets.

TAP operated without packet loss. The packets sequence does not change, so saves operating time and is fully passive. Captured packets contain such information as the source address, destination address, and different protocols information. It was also possible to get the information about connected resources. 

Place, publisher, year, edition, pages
2013. , 29 p.
National Category
Computer Engineering
URN: urn:nbn:se:hh:diva-23451Local ID: IDE1315OAI: diva2:644287
Subject / course
Computer Network Engineering
2013-05-14, E3, Halmstad university, Halmstad, 10:00 (English)
Available from: 2013-09-03 Created: 2013-08-29 Last updated: 2013-09-03Bibliographically approved

Open Access in DiVA

fulltext(2294 kB)175 downloads
File information
File name FULLTEXT02.pdfFile size 2294 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
School of Information Science, Computer and Electrical Engineering (IDE)
Computer Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 175 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 158 hits
ReferencesLink to record
Permanent link

Direct link