10 Gbit line rate packet-to-disk using n2disk

Author

Deri, Luca ; Cardigliano, Alfredo ; Fusco, F.

Author_Institution

IIT, Pisa, Italy

fYear

2013

fDate

14-19 April 2013

Firstpage

441

Lastpage

446

Abstract

Capturing packets to disk at line rate and with high precision packet timestamping is required whenever an evidence of network communications has to be provided. Typical applications of long-term network traffic repositories are network troubleshooting, analysis of security violations, and analysis of high-frequency trading communications. Appliances for 10 Gbit packet capture to disk are often based on dedicated network adapters, and therefore very expensive, making them usable only in specific domains. This paper covers the design and implementation of n2disk, a packet capture to disk application, capable of dumping 10 Gbit traffic to disk using commodity hardware and open-source software. In addition to packet capture, n2disk is able to index the traffic at line-rate during capture, enabling users to efficiently search specific packets in network traffic dump files.

Keywords

computer network security; public domain software; telecommunication traffic; commodity hardware; line rate packet-to-disk; n2disk; network adapter; network communication; network traffic dump file; network traffic repository; network troubleshooting; open-source software; packet capture to disk application; packet searching; packet timestamping; security violation; trading communication; traffic indexing; Band-pass filters; Indexing; Instruction sets; Matched filters; Monitoring; 10 Gbit Traffic Monitoring; Packet Capture; Traffic Dump to Disk;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Communications Workshops (INFOCOM WKSHPS), 2013 IEEE Conference on

Conference_Location

Turin

Print_ISBN

978-1-4799-0055-8

Type

conf

DOI

10.1109/INFCOMW.2013.6562903

Filename

6562903