Packet size distribution tendencies in computer network flows

Abstract

Network flows are easy to get and simple to store network activity data. The challenge is to interpret them efficiently from security and network engineering standpoint as payload and application layer protocol specific information is missing. The article presents the statistical analysis of network flows with the emphasis on packet size distribution. Existing packet size distribution researches were reviewed. Packet size distribution Cumulative Distribution Functions (CDFs) were produced from existing academic computer network data. The CDFs for protocols TCP, UDP, ICMP and popular application layer protocols (HTTP, DNS) were analysed. Network traffic statistics were further visualized using radar graph. Article provides reusable statistical analysis steps and statistical trends for academic computer network.