Nick Duffield

ABSTRACT Estimating Flow Distributions from Sampled Flow Statistics (2008)

This paper describes a measurement infrastructure used to collect detailed IP traffic measurements from an IP backbone. Usage, i.e, bytes transmitted, is determined from raw NetFlow records generated...

Performance Monitoring (2008)

Passive traffic measurement increasingly employs sampling at the packet level. Many high-end routers form flow statistics from a sampled substream of packets. Sampling is necessary in order to...

Lee Breslau, Chris Chase, Nick Duffield, Bill Fenner, Yanhua Mao, Subhabrata Sen

The growth of one-to-many applications in enterprise networks is fueling the demand for VPNs to support multicast applications. The deployment of such a Multicast VPN service creates the need for...

ABSTRACT GRE Encapsulated Multicast Probing: A Scalable Technique for Measuring One-Way Loss [Extended Abstract] (2008)

Yu Gu, Lee Breslau, Nick Duffield, Subhabrata Sen

We develop techniques for estimating one-way loss from a measurement host to network routers which exploit commonly implemented features on commercial routers and do not require any new router...

Storage and Retrieval (2008)

Noga Alon, Nick Duffield, Carsten Lund, Mikkel Thorup

Suppose we have a large table T of items i, each with a weight wi, e.g., people and their salary. In a general preprocessing step for estimating arbitrary subset sums, we assign each item a random...

Abstract Optimal Combination of Sampled Network Measurements (2008)

ABSTRACT Estimating Flow Distributions from Sampled Flow Statistics (2008)

IP network traffic is commonly measured at multiple points in order that all traffic passes at least one observation point. The resulting measurements are subsequently joined for network analysis....

Variance optimal sampling based estimation of subset sums (2008)

Passive traffic measurement increasingly employs sampling at the packet level. Many high-end routers form flow statistics from a sampled substream of packets. Sampling is necessary in order to...

Cohen, Edith, Duffield, Nick, Kaplan, Haim, Lund, Carsten, Thorup, Mikkel

From a high volume stream of weighted items, we want to maintain a generic sample of a certain limited size $k$ that we can later use to estimate the total weight of arbitrary subsets. This is the...

ABSTRACT Improving Accuracy in End-to-end Packet Loss Measurement (2008)

Network Loss Tomography Using Striped Unicast Probes (2008)

Measurement and estimation of packet loss characteristics are challenging due to the relatively rare occurrence and typically short duration of packet loss episodes. While active probe tools are...

Nick Duffield, Francesco Lo Presti, Vern Paxson, Don Towsley

Abstract — In this paper we explore the use of end-to-end unicast traffic as measurement probes to infer link-level loss rates. We leverage off of earlier work that produced efficient estimates for...

Online Identification of Hierarchical Heavy Hitters: Algorithms, Evaluation, and Applications (2008)

Yin Zhang, Sumeet Singh, Subhabrata Sen, Nick Duffield, Carsten Lund

In traffic monitoring, accounting, and network anomaly detection, it is often important to be able to detect high-volume traffic clusters in near real-time. Such heavy-hitter traffic clusters are...

A geometric approach to improving active packet loss measurement (2008)

Joel Sommers, Paul Barford, Nick Duffield, Amos Ron

Measurement and estimation of packet loss characteristics are challenging due to the relatively rare occurrence and typically short duration of packet loss episodes. While active probe tools are...

On Unbiased Sampling for Unstructured Peer-to-Peer Networks (2008)

Daniel Stutzbach, Reza Rejaie, Nick Duffield, Subhabrata Sen, Walter Willinger

Abstract — This paper presents a detailed examination of how the dynamic and heterogeneous nature of real-world peer-to-peer systems can introduce bias into the selection of representative samples...

Resume (2007)

Ramon Caceres, Nick Duffield, Sue B. Moon, Sue B. Moon

Computer Science, Vol. 1245, pp. 108-122, Springer-Verlag, 1997. Sue B. Moon, Cheolki Kim, Youngho Kim, Chongsang Kim. "Design and Implementation of a Heterogeneous Distributed File System Using...

E-mail: (2007)

Learn More, Sample Less: Control of Volume and Variance in Network Measurement (2007)

Abstract---IP flows have heavy-tailed packet and byte size distributions. This make them poor candidates for uniform sampling---i.e. selecting

x (2007)

Nick Duffield, Joseph Horowitz, Don Towsley, Wei Wei, Timur Friedman

Network tomography using multicast probes enables inference of loss characteristics of internal network links from reports of end-to-end loss seen at multicast receivers. In this paper we develop...

Accurate and Efficient SLA Compliance Monitoring (2007)

objects 289-43596 . We wish to estimate the sums !#" %$ &('*)+& , of the sizes of objects of a given color , from a sampled subset of objects. How should the sampling distribution...

Accurate and Efficient SLA Compliance Monitoring (2007)

Service level agreements (SLAs) define performance guarantees made by service providers, e.g, in terms of packet loss, delay, delay variation, and network availability. In this paper, we describe a...

A Framework for Multi-objective SLA Compliance Monitoring (2007)

Service level agreements (SLAs) define performance guarantees made by service providers, e.g, in terms of packet loss, delay, delay variation, and network availability. In this paper, we describe a...

Joel Sommers, Paul Barford, Nick Duffield, Amos Ron

Service level agreements (SLAs) specify performance guarantees made by service providers, typically in terms of packet loss, delay, delay variation, and network availability. While many tools have...

Accurate and Efficient SLA Compliance Monitoring (2007)

LADS: Large-scale Automated DDoS detection System (2006)

Service level agreements (SLAs) define performance guarantees made by service providers, e.g, in terms of packet loss, delay, delay variation, and network availability. In this paper, we describe a...

Vyas Sekar, Nick Duffield, Oliver Spatscheck, Hui Zhang

Many Denial of Service attacks use brute-force bandwidth flooding of intended victims. Such volume-based attacks aggregate at a target's access router, suggesting that (i) detection and...

Network Tomography of Binary Network Performance Characteristics (2006)

On Unbiased Sampling for Unstructured Peer-to-Peer Networks (2006)

In network performance tomography, characteristics of the network interior, such as link loss and packet latency, are inferred from correlated end-to-end measurements. Most work to date is based on...

Daniel Stutzbach, Reza Rejaie, Nick Duffield, Subhabrata Sen, Walter Willinger

Abstract — This paper presents a detailed examination of how the dynamic and heterogeneous nature of real-world peer-to-peer systems can introduce bias into the selection of representative samples...

Sampling to estimate arbitrary subset sums (2005)

Duffield, Nick, Lund, Carsten, Thorup, Mikkel

Starting with a set of weighted items, we want to create a generic sample of a certain size that we can later use to estimate the total weight of arbitrary subsets. For this purpose, we propose...

Adaptive defense against various network attacks (2005)

Cliff C. Zou, Nick Duffield, Don Towsley, Weibo Gong

Abstract—In defending against various network attacks, such as distributed denial-of-service (DDoS) attacks or worm attacks, a defense system needs to deal with various network conditions and...

Estimating arbitrary subset sums with few probes (2005)

Noga Alon, Nick Duffield, Carsten Lund, Mikkel Thorup

Suppose we have a large table T of items i, each with a weight wi, e.g., people and their salary. In a general preprocessing step for estimating arbitrary subset sums, we assign each item a random...

Adaptive Defense Against Various Network Attacks (2005)

Cliff Zou Nick, Nick Duffield, Don Towsley, Weibo Gong

In defending against various network attacks, such as Distributed Denial-of-Service (DDoS) attacks or worm attacks, a defense system needs to deal with various network conditions and dynamically...

Traffic Matrix Reloaded: Impact of Routing Changes (2005)

Renata Teixeira, Nick Duffield, Jennifer Rexford, Matt Roughan

this paper, we investigate the causes of the traffic matrix variations. Identifying the reasons for these disruptions is an essential step toward predicting and planning for their occurrence,...

Optimal Combination of Sampled Network Measurements (2005)

Traffic Matrix Reloaded: Impact of Routing Changes (2005)

IP network traffic is commonly measured at multiple points in order that all traffic passes at least one observation point. The resulting measurements are subsequently joined for network analysis....

Renata Teixeira, Nick Duffield, Jennifer Rexford, Matthew Roughan

A traffic matrix represents the load from each ingress point to each egress point in an IP network. Although networks are engineered to tolerate some variation in the traffic matrix, large changes...

Stress Testing Traffic to Infer Its Legitimacy (2005)

Nick Duffield, Er Krishnamurthy

Adaptation in the face of performance degradation is the hallmark of well-behaved network traffic. For sufficiently robust applications, we propose distinguishing good from bad traffic on the basis...

Traffic matrix reloaded: impact of routing changes (2005)

Renata Teixeira, Nick Duffield, Jennifer Rexford, Matthew Roughan, U. California–san Diego

Abstract. A traffic matrix represents the load from each ingress point to each egress point in an IP network. Although networks are engineered to tolerate some variation in the traffic matrix, large...

Learn more, sample less: Control of volume and variance in network measurement (2005)

Sampling for Passive Internet Measurement: A Review (2004)

Abstract — This paper deals with sampling objects from a large stream. Each object possesses a size, and the aim is to be able to estimate the total size of an arbitrary subset of objects whose...

Duffield, Nick

Sampling has become an integral part of passive network measurement. This role is driven by the need to control the consumption of resources in the measurement infrastructure under increasing traffic...

Class-of-service mapping for QoS: A statistical signature-based approach to IP traffic classification (2004)

Matthew Roughan, Subhabrata Sen, Oliver Spatscheck, Nick Duffield

The ability to provide different Quality of Service (QoS) guarantees to traffic from different applications is a highly desired feature for many IP network operators, particularly for enterprise...

Trajectory Sampling with Unreliable Reporting (2004)

Nick Duffield Att, Nick Duffield, Matthias Grossglauser

We define and evaluate methods to perform robust network monitoring using trajectory sampling in the presence of report loss. The first challenge is to reconstruct an unambiguous set of packet...

Trajectory Sampling with Unreliable Reporting (2004)

Class-of-Service Mapping for QoS: A statistical (2004)

We define and evaluate methods to perform robust network monitoring using trajectory sampling in the presence of report loss. The first challenge is to reconstruct an unambiguous set of packet...

Matthew Roughan, Subhabrata Sen, Oliver Spatscheck, Nick Duffield

The ability to provide different Quality of Service (QoS) guarantees to traffic from different applications is a highly desired feature for many IP network operators, particularly for enterprise...

Trajectory sampling with unreliable reporting (2004)

Trajectory sampling with unreliable reporting (2004)

Abstract — We define and evaluate methods to perform robust network monitoring using trajectory sampling in the presence of report loss. The first challenge is to reconstruct an unambiguous set of...

Trajectory sampling with unreliable reporting (2004)

Abstract — We define and evaluate methods to perform robust network monitoring using trajectory sampling in the presence of report loss. The first challenge is to reconstruct an unambiguous set of...

Sampling for Passive Internet Measurement: A Review (2004)

Abstract — We define and evaluate methods to perform robust network monitoring using trajectory sampling in the presence of report loss. The first challenge is to reconstruct an unambiguous set of...

Trajectory sampling with unreliable reporting (2004)

Abstract. Sampling has become an integral part of passive network measurement. This role is driven by the need to control the consumption of resources in the measurement infrastructure under...

Trajectory sampling with unreliable reporting (2004)

Abstract — We define and evaluate methods to perform robust network monitoring using trajectory sampling in the presence of report loss. The first challenge is to reconstruct an unambiguous set of...

Fast accurate computation of large-scale IP traffic matrices from link loads (2003)

Abstract—We define and evaluate methods to perform robust network monitoring using trajectory sampling in the presence of report loss. The first challenge is to reconstruct an unambiguous set of...

Zhang, Yin, Roughan, Matthew, Duffield, Nick, Greenberg, Albert

A matrix giving the traffic volumes between origin and destination in a network has tremendously potential utility for network capacity planning and management. Unfortunately, traffic matrices are...

Fast accurate computation of large-scale IP traffic matrices from link loads (2003)

Zhang, Yin, Roughan, Matthew, Duffield, Nick, Greenberg, Albert

A matrix giving the traffic volumes between origin and destination in a network has tremendously potential utility for network capacity planning and management. Unfortunately, traffic matrices are...

Fast Accurate Computation of Large-Scale IP Traffic Matrices from Link Loads (2003)

Yin Zhang, Matthew Roughan, Nick Duffield, Albert Greenberg

A fundamental obstacle to developing sound methods for network and traffic engineering in operational IP networks today is the inability of network operators to measure the traffic matrix. A traffic...

Fast Accurate Computation of Large-Scale IP Traffic Matrices from Link Loads (2003)

Yin Zhang, Matthew Roughan, Nick Duffield, Albert Greenberg

A fundamental obstacle to developing sound methods for network and traffic engineering in operational IP networks today is the inability of network operators to measure the traffic matrix. A traffic...

Fast Accurate Computation of Large-Scale IP Traffic Matrices from Link Loads (2003)

Yin Zhang, Matthew Roughan, Nick Duffield, Albert Greenberg

A matrix giving the traffic volumes between origin and destination in a network has tremendously potential utility for network capacity planning and management. Unfortunately, traffic matrices are...

NEC Europe Ltd. (2003)

M. Molina, F. Raspall, Nick Duffield

This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. October2003 Internet-Drafts are working documents of the Internet Engineering Task Force...

Fast Accurate Computation of Large-Scale IP Traffic Matrices from Link Loads (2003)

Yin Zhang, Matthew Roughan, Nick Duffield, Albert Greenberg

A matrix giving the traffic volumes between origin and destination in a network has tremendously potential utility for network capacity planning and management. Unfortunately, traffic matrices are...

Fast Accurate Computation of Large-Scale IP Traffic Matrices from Link Loads (2003)

Yin Zhang, Matthew Roughan, Nick Duffield, Albert Greenberg

A matrix giving the traffic volumes between origin and destination in a network has tremendously potential utility for network capacity planning and management. Unfortunately, traffic matrices are...

Fast Accurate Computation of Large-Scale IP Traffic Matrices from Link Loads (2003)

Yin Zhang, Matthew Roughan, Nick Duffield, Albert Greenberg

A fundamental obstacle to developing sound methods for network and traffic engineering in operational IP networks today is the inability of network operators to measure the traffic matrix. A traffic...

1 Executive Summary Trajectory Sampling: White Paper Draft (2003)

Trajectory Sampling: White Paper (2003)

Trajectory Sampling (TS) is a novel method to measure network traffic in potentially large network domains [7]. It is designed to provide detailed views of network traffic that can drive a wide...

Predicting Resource Usage and Estimation Accuracy in an IP Flow Measurement Collection Infrastructure (2003)

e, TS is flexible in the sense that it is possible to customize various parameters (such as the set of links where sampling is enabled, the sampling rate, information extracted from packets, etc.) to...

Nick Duffield, Carsten Lund

This paper describes a measurement infrastructure used to collect detailed IP traffic measurements from an IP backbone. Usage, i.e, bytes transmitted, is determined from raw NetFlow records generated...

Impromptu measurement infrastructures using RTP (2002)

Ramón Cáceres, Nick Duffield, Timur Friedman

Abstract — Dedicated infrastructures for end-to-end measurements are complex to deploy and manage. Equipment cost, the requirements for reporting bandwidth, and the administrative diversity of the...

Properties and prediction of flow statistics from sampled packet streams (2002)

Impromptu measurement infrastructures using RTP (2002)

Abstract--- Many routers can generate and export statistics on flows of packets that traverse them. Increasingly, high end routers form flow statistics from only a sampled packet stream in order to...

Ramón Cáceres, Nick Duffield, Timur Friedman

Abstract—Dedicated infrastructures for end-to-end measurements are complex to deploy and manage. Equipment cost, the requirements for reporting bandwidth, and the administrative diversity of the...

Properties and Prediction of Flow Statistics from Sampled Packet Streams (2002)