Abstract
Observing network traffic is necessary for achieving different purposes such as system performance, network debugging and/or information security. Observations, as such, are obtained from low-level monitors that may record a large volume of relevant and irrelevant events. Thus adequate filters are needed to pass interesting information only.
This work presents a filtering mechanism that acquirs the intersting packets from the underlying network due to the user specifications. The packets are acquired according to specific grammar rules, and they are preserved in an observation file called log-file.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35586-3_46
Chapter PDF
Similar content being viewed by others
References
Kevin Thompson, Gregory J. Miller, and Rick Wilder, “Wide-Area Internet Traffic patterns and characteristics”, IEEE Network, November/December 1997.
K. Claffy and Trace Monk, “What’s Next for Internet Data Analysis? Status and Challenges Facing the Community.”, Proceedings of the IEEE, October 1997.
Sameh Rabie, Drew Rau-Chaplin, and Taro Shibahara, “DAD: A Real-Time Expert System for Monitoring of Data Packet Networks”, IEEE Network, September 1996.
Biswanath Mukherjee, L. Todd Heberlein, and Karl N. Levitt, “Network Intrusion Detection” IEEE Network, May/June 1994.
Ehab S. Al-Shaer, “High-Performance Event Filtering for Distributed Dynamic MultiPoint Application: Survey and Evaluation”, Old Dominion University, Norfolk, VA,USA,Oct. 1997.
Ehab Al-Shaer, “ Event Filtering Framework : Key Criteria and Design Trade-Offs”, The 21st IEEE International Conference on Computer Software and Applications, Pages 88–93, Washington, D.C., August 1997.
Douglas C. Schmit, “High-Performance Event iltering for Dynamic Multi-Point Applications”, In 1st Workshop on High Performance Protocol Architectures (HIPPARCH), Sophia Antipolis, France, December 1994, INRIA.
William Stallings, SNMP, SNMPv2, and RMON: Practical Network Management, Addison-Wesly, 1996.
Mahesh Jayaram, and Ron K. Cytron, “ Efficient Demultiplexing of Network Packets by Automatic Parsing”, National Science Foundation Grant NCR-9405444, july 19, 1995.
Matt Blaze, “NFS Tracing by passive Network Monitoring”, Princeton University ,1992.
Steven M. Bellovin, “ Packets Found on an Internet”, Computer Communications Review, July 1993.
Masoud Mansouri-Samani and Morris Sloman, “ Monitoring Distributed System”, IEEE Network, November 1993.
Guru Parulkar, Douglas, Eileen Kraemer, Jonathan Turner, And Anshul Kantawala, “An Architecture for Monitoring, Visualization, and control of Gigabit Networks”, IEEE Network, September/October 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Osman, G., Darwish, M.G., Zaki, M. (2002). Formal Design of Packet Filtering Systems. In: Ghonaimy, M.A., El-Hadidi, M.T., Aslan, H.K. (eds) Security in the Information Society. IFIP Advances in Information and Communication Technology, vol 86. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35586-3_24
Download citation
DOI: https://doi.org/10.1007/978-0-387-35586-3_24
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-1026-7
Online ISBN: 978-0-387-35586-3
eBook Packages: Springer Book Archive