diff --git a/firewall/interception/ebpf/bandwidth/interface.go b/firewall/interception/ebpf/bandwidth/interface.go
index f23d4452..53d2406d 100644
--- a/firewall/interception/ebpf/bandwidth/interface.go
+++ b/firewall/interception/ebpf/bandwidth/interface.go
@@ -133,10 +133,10 @@ func reportBandwidth(ctx context.Context, objs bpfObjects, bandwidthUpdates chan
 			false,
 		)
 		update := &packet.BandwidthUpdate{
-			ConnID:    connID,
-			RecvBytes: skInfo.Rx,
-			SentBytes: skInfo.Tx,
-			Method:    packet.Absolute,
+			ConnID:        connID,
+			BytesReceived: skInfo.Rx,
+			BytesSent:     skInfo.Tx,
+			Method:        packet.Absolute,
 		}
 		select {
 		case bandwidthUpdates <- update:
diff --git a/firewall/interception/windowskext/bandwidth_stats.go b/firewall/interception/windowskext/bandwidth_stats.go
index 6e9dd05f..7147db97 100644
--- a/firewall/interception/windowskext/bandwidth_stats.go
+++ b/firewall/interception/windowskext/bandwidth_stats.go
@@ -63,10 +63,10 @@ func reportBandwidth(ctx context.Context, bandwidthUpdates chan *packet.Bandwidt
 			false,
 		)
 		update := &packet.BandwidthUpdate{
-			ConnID:    connID,
-			RecvBytes: stat.receivedBytes,
-			SentBytes: stat.transmittedBytes,
-			Method:    packet.Additive,
+			ConnID:        connID,
+			BytesReceived: stat.receivedBytes,
+			BytesSent:     stat.transmittedBytes,
+			Method:        packet.Additive,
 		}
 		select {
 		case bandwidthUpdates <- update:
diff --git a/firewall/packet_handler.go b/firewall/packet_handler.go
index 133e7dba..0e70bcb9 100644
--- a/firewall/packet_handler.go
+++ b/firewall/packet_handler.go
@@ -629,7 +629,7 @@ func bandwidthUpdateHandler(ctx context.Context) error {
 
 func updateBandwidth(ctx context.Context, bwUpdate *packet.BandwidthUpdate) {
 	// Check if update makes sense.
-	if bwUpdate.RecvBytes == 0 && bwUpdate.SentBytes == 0 {
+	if bwUpdate.BytesReceived == 0 && bwUpdate.BytesSent == 0 {
 		return
 	}
 
@@ -649,11 +649,11 @@ func updateBandwidth(ctx context.Context, bwUpdate *packet.BandwidthUpdate) {
 	// Update stats according to method.
 	switch bwUpdate.Method {
 	case packet.Absolute:
-		conn.RecvBytes = bwUpdate.RecvBytes
-		conn.SentBytes = bwUpdate.SentBytes
+		conn.BytesReceived = bwUpdate.BytesReceived
+		conn.BytesSent = bwUpdate.BytesSent
 	case packet.Additive:
-		conn.RecvBytes += bwUpdate.RecvBytes
-		conn.SentBytes += bwUpdate.SentBytes
+		conn.BytesReceived += bwUpdate.BytesReceived
+		conn.BytesSent += bwUpdate.BytesSent
 	default:
 		log.Warningf("filter: unsupported bandwidth update method: %d", bwUpdate.Method)
 	}
@@ -664,8 +664,8 @@ func updateBandwidth(ctx context.Context, bwUpdate *packet.BandwidthUpdate) {
 			conn.HistoryEnabled,
 			conn.Process().GetID(),
 			conn.ID,
-			&conn.RecvBytes,
-			&conn.SentBytes,
+			conn.BytesReceived,
+			conn.BytesSent,
 		); err != nil {
 			log.Errorf("firewall: failed to persist bandwidth data: %s", err)
 		}
diff --git a/netquery/database.go b/netquery/database.go
index a5ce6c01..27207680 100644
--- a/netquery/database.go
+++ b/netquery/database.go
@@ -399,14 +399,14 @@ func (db *Database) UpdateBandwidth(ctx context.Context, enableHistory bool, pro
 	}
 
 	parts := []string{}
-	if incoming != nil {
+	if bytesReceived != 0 {
 		parts = append(parts, "bytes_received = :bytes_received")
-		params[":bytes_received"] = *incoming
+		params[":bytes_received"] = bytesReceived
 	}
 
-	if outgoing != nil {
+	if bytesSent != 0 {
 		parts = append(parts, "bytes_sent = :bytes_sent")
-		params[":bytes_sent"] = *outgoing
+		params[":bytes_sent"] = bytesSent
 	}
 
 	updateSet := strings.Join(parts, ", ")
diff --git a/network/connection.go b/network/connection.go
index 3db4949d..dc32e43d 100644
--- a/network/connection.go
+++ b/network/connection.go
@@ -178,6 +178,11 @@ type Connection struct { //nolint:maligned // TODO: fix alignment
 	RecvBytes uint64
 	SentBytes uint64
 
+	// BytesReceived holds the observed received bytes of the connection.
+	BytesReceived uint64
+	// BytesSent holds the observed sent bytes of the connection.
+	BytesSent uint64
+
 	// pkgQueue is used to serialize packet handling for a single
 	// connection and is served by the connections packetHandler.
 	pktQueue chan packet.Packet
diff --git a/network/packet/bandwidth.go b/network/packet/bandwidth.go
index c65ac085..c2ce6a01 100644
--- a/network/packet/bandwidth.go
+++ b/network/packet/bandwidth.go
@@ -4,10 +4,10 @@ import "fmt"
 
 // BandwidthUpdate holds an update to the seen bandwidth of a connection.
 type BandwidthUpdate struct {
-	ConnID    string
-	RecvBytes uint64
-	SentBytes uint64
-	Method    BandwidthUpdateMethod
+	ConnID        string
+	BytesReceived uint64
+	BytesSent     uint64
+	Method        BandwidthUpdateMethod
 }
 
 // BandwidthUpdateMethod defines how the bandwidth data of a bandwidth update should be interpreted.
@@ -20,7 +20,7 @@ const (
 )
 
 func (bu *BandwidthUpdate) String() string {
-	return fmt.Sprintf("%s: %dB recv | %dB sent [%s]", bu.ConnID, bu.RecvBytes, bu.SentBytes, bu.Method)
+	return fmt.Sprintf("%s: %dB recv | %dB sent [%s]", bu.ConnID, bu.BytesReceived, bu.BytesSent, bu.Method)
 }
 
 func (bum BandwidthUpdateMethod) String() string {