"bmpcount": A Library of bitmap Algorithms for Counting Active Flows on High Speed Links
Software Overview: bmpcount implements a family of bitmap algorithms that count active flows at high speeds. Due to its modular structure it can be adapted to any instance of the isomorphic problem of counting the number of distinct elements in a multiset, with small per-element processing. Various members of the family are specialized to take advantage of specific particularities of the application: virtual bitmap is suited when the accuracy of counts is important only in a narrow range (e.g. triggers), multi resolution bitmap when it is important over a wide range and adaptive bitmap when repeated measurements are expected to give similar counts.
For more information see: http://ial.ucsd.edu/bitmaps
Practical Applications-Having an accurate count of active flows on high speed links has several important advantages:
• Aid in the detection of port/ IP scans
• Identify denial of service DoS attacks
• Estimate the spreading rate of worms
• Facilitate packet scheduling
Commerical Use: bmpcount is available for licensing from The Regents of the University of California.
Case No: SD2004-810
Inquiries To: invent@ucsd.edu
Official Web site of the University of California, San Diego
Copyright ©2009 Regents of the University of California. All rights reserved.