FI:PV210 Internet Traffic Analysis - Course Information
PV210 Quantitative Analysis of Internet TrafficFaculty of Informatics
- Extent and Intensity
- 2/0/1. 3 credit(s) (plus extra credits for completion). Type of Completion: zk (examination).
- Ing. Ladislav Lhotka, CSc. (lecturer), doc. RNDr. Eva Hladká, Ph.D. (deputy)
- Guaranteed by
- prof. RNDr. Václav Matyáš, M.Sc., Ph.D.
Department of Computer Systems and Communications - Faculty of Informatics
Contact Person: doc. RNDr. Eva Hladká, Ph.D.
- Mon 12:00–15:50 B411
- basic calculus, probability and statistics
- Course Enrolment Limitations
- The course is also offered to the students of the fields other than those the course is directly associated with.
- fields of study / plans the course is directly associated with
- there are 37 fields of study the course is directly associated with, display
- Course objectives
- The lecture deals with aggregated characteristics of TCP/IP data
traffic in high-speed networks and with mathematical and visualisation
methods for their analysis. Apart from traffic volume quantities
(byte, packet and flow counts), the primary focus will be on IP
traffic flows with emphasis on detection of anomalies such as network
failures and massive attacks. The studied methods will be illustrated
on traffic samples from the CESNET2 backbone network.
After finishing the course, the students should be able to:
understand the structure of data on backbone lines;
utilize basic methods for analysis of aggregated data about Internet traffic;
- Fundamentals of TCP/IP communication and main quantitative characteristics of data traffic.
- IP data flows, measurement methods, tools for their analysis and visualisation.
- Characteristic features of major application protocols (HTTP, FTP, SSH, P2P, XMPP etc.)
- Traffic volume quantities (byte and packet counts), time-series analysis, prediction methods
- Distribution of key items of IP flows (addresses and ports) in traffic samples: entropy and principal component analysis
- Quantitative characteristics of multidimensional samples: fractal and correlation dimension, multifractal measures
- Quittek J. et al. Requirements for IP Flow Information Export (IPFIX). RFC 3917, IETF, 2004.
- Cook D., Swayne D. F.: Interactive and Dynamic Graphics for Data Analysis. Springer, 2007.
- Kohler E. et al. Observed structure of addresses in IP traffic. IEEE/ACM Trans. Networking 14(6):1400-1412, 2006.
- Peitgen H.-O., Jürgens H., Saupe D.: Chaos and Fractals: New Frontiers of Science. Springer, 1992.
- Venables W. N., Ripley B. D.: Modern Applied Statistics with S. Springer, 2002.
- Lakhina A., Crovella M., Diot C. Mining anomalies using traffic feature distributions. In: Proc. ACM SIGCOMM'05, p. 217-228, 2005.
- Wei W. W. S. Time Series Analysis, Second Edition. Pearson, 2006.
- Assessment methods
- Standard lecture with homeworks during the semester, written exam.
- Language of instruction
- Further Comments
- Study Materials
The course is taught annually.