Aplicação de mashups no gerenciamento de redes / Application of mashups in network management

Bezerra, Rafael Santos

January 2012

Mashups são aplicaçõesWeb criadas a partir da composição de recursos heterogêneos disponíveis na Web. Eles são considerados uma das principais tecnologias da Web 2.0, baseando-se nos princípios de criação de conteúdo pelo usuário final, cooperação e reuso. Esses princípios são aplicados através de sistemas de mashups, que consistem em aplicações que permitem que um usuário final realize composições de recursos sem a necessidade de habilidade em desenvolvimento de software. A aplicação de tecnologias da Web 2.0, em especial dos mashups, no gerenciamento de redes é potencialmente vantajosa, principalmente em cenários onde um administrador deve lidar com múltiplas ferramentas de gerenciamento de forma integrada. Entretanto, não há nenhuma investigação prévia da aplicação dessas tecnologias no gerenciamento. Essa investigação é o trabalho desenvolvido na presente dissertação. Para tal, uma arquitetura para um sistema de mashups de gerenciamento de redes é proposta. Com base nessa arquitetura, um protótipo desse sistema é descrito. Esse protótipo é utilizado na criação de mashups para dois cenários reais de gerenciamento de redes. A criação desses mashups permitiu a avaliação tanto da arquitetura quanto do protótipo. Nessa avaliação, é realizada uma comparação entre a criação dos mashups utilizando o protótipo e o desenvolvimento ad hoc (i.e., sem o uso de sistemas de mashups) dos mesmos. Além disso, é realizada uma avaliação qualitativa dos mashups criados, baseada em critérios como facilidade de implementação e utilização, extensibilidade, flexibilidade e confiabilidade. Os resultados das avaliações realizadas indicam que a tecnologia de mashups é tanto aplicável quanto vantajosa no contexto de gerenciamento de redes, ainda que a maioria das vantagens dessa aplicação dependam da existência de um sistema de mashups que permita que administradores criem suas próprias composições. / Mashups are Web applications created through the integration of external resources available on the Web. They have been considered a hallmark of Web 2.0 technologies, allowing end users to develop their own applications and encouraging cooperation and reuse. However, their usage in the network management field remains unexploited. In this context, we look at Web 2.0 as a feasible mechanism able to integrate heterogeneous management information. In this dissertation, we propose an architecture and a system prototype that allows network administrators to design their own management applications through the composition of external resources. The creation of mashups for two network management scenarios allowed us to evaluate both our architecture and our prototype. In this evaluation, we compare the development of network management mashups using our prototype and in an ad hoc fashion. We also perform a qualitative analysis of our mashups, based on characteristics such as ease-of-implementation, ease-of-use, extensibility, flexibility and reliability. The results of our evaluation indicate that mashups are, indeed, both applicable and advantageous in the context of network management, but the advantages of such application largely depend on a mashup system that enables administrators to create their own mashups.

Redes : Computadores

Gerencia : Redes : Computadores

Network management

Mashups

Web 2.0

Threats and Defenses in SDN Control Plane

January 2018

abstract: Network Management is a critical process for an enterprise to configure and monitor the network devices using cost effective methods. It is imperative for it to be robust and free from adversarial or accidental security flaws. With the advent of cloud computing and increasing demands for centralized network control, conventional management protocols like Simple Network Management Protocol (SNMP) appear inadequate and newer techniques like Network Management Datastore Architecture (NMDA) design and Network Configuration (NETCONF) have been invented. However, unlike SNMP which underwent improvements concentrating on security, the new data management and storage techniques have not been scrutinized for the inherent security flaws. In this thesis, I identify several vulnerabilities in the widely used critical infrastructures which leverage the NMDA design. Software Defined Networking (SDN), a proponent of NMDA, heavily relies on its datastores to program and manage the network. I base my research on the security challenges put forth by the existing datastore’s design as implemented by the SDN controllers. The vulnerabilities identified in this work have a direct impact on the controllers like OpenDayLight, Open Network Operating System and their proprietary implementations (by CISCO, Ericsson, RedHat, Brocade, Juniper, etc). Using the threat detection methodology, I demonstrate how the NMDA-based implementations are vulnerable to attacks which compromise availability, integrity, and confidentiality of the network. I finally propose defense measures to address the security threats in the existing design and discuss the challenges faced while employing these countermeasures. / Dissertation/Thesis / Masters Thesis Computer Science 2018

Computer science

Attacks

Network Management

NMDA

Security

Software Defined Network

Uso de técnicas de visualização de informação para o estudo de tráfegos de gerenciamento de redes / Information visualizaton techniques applied in the study of network management traffics

Barbosa, Paulo Eduardo de Castro Teles

January 2010

Em 2008, o IRTF lançou a RFC “SNMP Traffic Measurements and Trace Exchange Formats”, que apresenta uma metodologia para coleta e análise de tráfego SNMP, com o objetivo de identificar características e padrões de uso desse protocolo nas redes em produção. Uma das limitações desta metodologia é a não especificação de um processo de visualização dos dados gerados, o que dificulta o estudo dos resultados obtidos através da aplicação da mesma. Existem alguns trabalhos no âmbito de redes de computadores que investigam a aplicação de técnicas de visualização de informação no estudo de tráfegos. No entanto, tais trabalhos disponibilizam apenas visualizações estáticas, com pouca ou nenhuma possibilidade de interação com o usuário, i.e., elas não permitem que o mesmo explore e retrabalhe a maneira que os dados são visualizados. Esta dissertação de mestrado descreve e avalia técnicas de visualização de informação interativas adaptadas para o estudo de tráfegos gerados pelo SNMP, levando em conta as características peculiares do protocolo. Quatro protótipos de visualização de tráfegos SNMP foram implementos, integrados à ferramenta Management Traffic Analyzer e validados com base em um modelo aninhado para o projeto e análise de visualizações. / In 2008 IRTF released RFC “SNMP Traffic Measurements and Trace Exchange Formats”, which proposes a methodology for capturing and analysis of SNMP traffic traces, in order to identify the behavior and usage patterns of the protocol in production networks. One of the limitations of such methodology is the lack of a process definition to visualize the results of the gathered data, which makes the understanding of its results more difficult. There is some work in the computer network area dealing with the applicantion of information visualization techniques in the study of network traces. Nevertheless, such work only provide static visualization techniques, with little or none user interaction possibilities. That is, they do not allow the user to explore and rebuild the way data is visualized. This masters dissertation presents and evaluates interactive information visualization techniques, adapted for the study of SNMP traces and its unique features. Four visualization prototypes were implemented, integrated in the tool Management Traffic Analyzer, and validated following a nested model for the project and evaluation of visualization techniques.

Gerencia : Redes : Computadores

Redes : Computadores

Network management

SNMP

Information visualization

Aplicação de mashups no gerenciamento de redes / Application of mashups in network management

Bezerra, Rafael Santos

January 2012

Mashups são aplicaçõesWeb criadas a partir da composição de recursos heterogêneos disponíveis na Web. Eles são considerados uma das principais tecnologias da Web 2.0, baseando-se nos princípios de criação de conteúdo pelo usuário final, cooperação e reuso. Esses princípios são aplicados através de sistemas de mashups, que consistem em aplicações que permitem que um usuário final realize composições de recursos sem a necessidade de habilidade em desenvolvimento de software. A aplicação de tecnologias da Web 2.0, em especial dos mashups, no gerenciamento de redes é potencialmente vantajosa, principalmente em cenários onde um administrador deve lidar com múltiplas ferramentas de gerenciamento de forma integrada. Entretanto, não há nenhuma investigação prévia da aplicação dessas tecnologias no gerenciamento. Essa investigação é o trabalho desenvolvido na presente dissertação. Para tal, uma arquitetura para um sistema de mashups de gerenciamento de redes é proposta. Com base nessa arquitetura, um protótipo desse sistema é descrito. Esse protótipo é utilizado na criação de mashups para dois cenários reais de gerenciamento de redes. A criação desses mashups permitiu a avaliação tanto da arquitetura quanto do protótipo. Nessa avaliação, é realizada uma comparação entre a criação dos mashups utilizando o protótipo e o desenvolvimento ad hoc (i.e., sem o uso de sistemas de mashups) dos mesmos. Além disso, é realizada uma avaliação qualitativa dos mashups criados, baseada em critérios como facilidade de implementação e utilização, extensibilidade, flexibilidade e confiabilidade. Os resultados das avaliações realizadas indicam que a tecnologia de mashups é tanto aplicável quanto vantajosa no contexto de gerenciamento de redes, ainda que a maioria das vantagens dessa aplicação dependam da existência de um sistema de mashups que permita que administradores criem suas próprias composições. / Mashups are Web applications created through the integration of external resources available on the Web. They have been considered a hallmark of Web 2.0 technologies, allowing end users to develop their own applications and encouraging cooperation and reuse. However, their usage in the network management field remains unexploited. In this context, we look at Web 2.0 as a feasible mechanism able to integrate heterogeneous management information. In this dissertation, we propose an architecture and a system prototype that allows network administrators to design their own management applications through the composition of external resources. The creation of mashups for two network management scenarios allowed us to evaluate both our architecture and our prototype. In this evaluation, we compare the development of network management mashups using our prototype and in an ad hoc fashion. We also perform a qualitative analysis of our mashups, based on characteristics such as ease-of-implementation, ease-of-use, extensibility, flexibility and reliability. The results of our evaluation indicate that mashups are, indeed, both applicable and advantageous in the context of network management, but the advantages of such application largely depend on a mashup system that enables administrators to create their own mashups.

Redes : Computadores

Gerencia : Redes : Computadores

Network management

Mashups

Web 2.0

Uma proposta para gerenciamento de QoS em redes IEEE802.16 / A proposal for QoS management in IEEE802.16 networks

Argenton, Alexandre Bortolin

January 2008

O padrão IEEE802.16 define uma tecnologia para acesso sem fio em banda larga que deve tornar-se bastante popular nos próximos anos. A tecnologia pode resolver o problema de comunicação em áreas de difícil penetração e prover conectividade com Qualidade de Serviço (QoS), mais agilidade e menor custo em muitas outras situações. Não basta, entretanto, a tecnologia de rede oferecer recursos para Qualidade de Serviço. É necessário que se possa gerenciá-los de maneira simples e eficaz. Sem um estudo que permita desenvolver sistemas de gerenciamento adequados para uma dada tecnologia, o gerenciamento acaba ocorrendo através de ferramentas rudimentares. Este trabalho propõe e avalia uma forma de gerenciar QoS em redes IEEE802.16. Através do estudo destas redes e de modelos de gerenciamento existentes, foram levantados requisitos relevantes ao gerenciamento deste tipo de rede, e foi proposto o gerenciamento baseado em políticas como possível solução. A solução proposta engloba recomendações quanto ao que se deveria poder expressar através das políticas, uma reflexão sobre o mapeamento destas políticas na rede e a escolha da arquitetura de gerenciamento baseado em políticas do IETF (Internet Engineering Task Force) para implementação. Questões práticas, como o uso do processo de ranging para disparar a configuração das políticas, são abordadas e tratadas no momento em que a arquitetura é apresentada, viabilizando a implementação da solução. Tendo em vista a escolha do protocolo SNMP para a configuração dos dispositivos, uma MIB de gerenciamento foi proposta para viabilizar o acesso aos parâmetros de configuração necessários. A MIB foi construída sobre outra MIB já existente, adicionando-lhe os objetos e capacidades faltantes. A forma de operação da MIB é apresentada com maiores detalhes para facilitar o entendimento. Visando validar a solução proposta, o sistema de gerenciamento baseado em políticas QAME foi estendido para permitir o gerenciamento de redes IEEE802.16 dentro da abordagem proposta. A extensão incluiu a implementação de um novo PDP, específico para redes IEEE802.16. Através da emulação de uma rede IEEE802.16 e do uso do sistema de gerenciamento QAME adaptado, a solução proposta foi avaliada. Pôde-se obter conclusões quanto ao uso de gerenciamento baseado em políticas no gerenciamento de QoS de redes IEEE802.16 e também quanto aos limites de aplicabilidade da arquitetura de gerenciamento proposta. / The IEEE802.16 standard defines a broadband wireless access technology that should become very popular in the next years. The technology may solve the communication problem in hard access areas and provide connectivity with Quality of Service (QoS), greater agility and lower costs in many other situations. Offering QoS capabilities is not sufficient to a given network technology. A simple and effective way to manage its capabilities is also required. Without a study that allows the development of adequate management systems, only rudimentary tools will be used for the management task. This work proposes and evaluates a way to manage QoS on IEEE802.16 networks. By studying IEEE802.16 networks and existing management models, the relevant requirements to manage this kind of network have been gathered and the Policy-Based Network Management (PBNM) model has been proposed as a possible solution. The proposed solution includes recommendations on what should be possible to express with policies, a thought on how to map the policies on the network, and the choice of the IETF (Internet Engineering Task Force) PBNM architecture. Some practical matters, such as the use of the ranging process to trigger the policy configuration, are considered when the architecture is presented. Since SNMP has been chosen to configure the devices, a MIB has been proposed to allow access to the required configuration parameters. The MIB has been constructed over a previously existing one by adding the lacking objects and capabilities. The MIB operation is also presented in more details. In order to validate the proposed solution, the QAME PBNM system has been extended to allow IEEE802.16 network management. The extension included a new PDP, developed specifically to manage IEEE802.16 networks. By means of an emulated IEEE802.16 network and the use of the adapted QAME management system, the proposed solution has been evaluated. Conclusions have been taken on the use of PBNM to manage QoS for IEEE802.16 networks and on the applicability limits of the proposed architecture.

Redes : Computadores

Gerencia : Redes : Computadores

IEEE802.16

QoS

Network management

Simulation-Assisted QoS-Aware VHO in Wireless Heterogeneous Networks

Al Ridhawi, Ismaeel

January 2014

The main goal of today’s wireless Service Providers (SPs) is to provide optimum and ubiquitous service for roaming users while maximizing the SPs own monetary profits. The fundamental objective is to support such requirements by providing solutions that are adaptive to varying conditions in highly mobile and heterogeneous, as well as dynamically changing wireless network infrastructures. This can only be achieved through well-designed management systems. Most techniques fail to utilize the knowledge gained from previously tested reconfiguration strategies on system and network behaviour. This dissertation presents a novel framework that automates the cooperation among a number of wireless SPs facing the challenge of meeting strict service demands for a large number of mobile users. The proposed work employs a novel policy-based system configuration model to automate the process of adapting new network policies. The proposed framework relies on the assistance of a real-time simulator that runs as a constant background process in order to continuously find optimal policy configurations for the SPs’ networks. To minimize the computational time needed to find these configurations, a modified tabu-search scheme is proposed. An objective is to efficiently explore the space of network configurations in order to find optimal network decisions and provide a service performance that adheres to contracted service level agreements. This framework also relies on a distributed Quality of Service (QoS) monitoring scheme. The proposed scheme relies on the efficient identification of candidate QoS monitoring users that can efficiently submit QoS related measurements on behalf of their neighbors. These candidate users are chosen according to their devices’ residual power and transmission capabilities and their estimated remaining service lifetime. Service monitoring users are then selected from these candidates using a novel user-to-user semantic similarity matching algorithm. This step ensures that the monitoring users are reporting on behalf of other users that are highly similar to them in terms of their mobility, used services and device profiles. Experimental results demonstrate the significant gains achieved in terms of the reduced traffic overhead and overall consumed users’ devices power while achieving a high monitoring accuracy, adaptation time speedup, base station load balancing, and individual providers’ payoffs.

wireless networks

vertical handover

policy-based network management

QoS monitoring

Návrh managementu monitorovacího centra on-line her / Design of Network Management Center for on-line Games

Káčer, Andrej

January 2019

The thesis focuses on the management and functionality of the Network Operations Center, whose function is to maintain optimal network operations on various platforms, media and communication channels. The department is in a company that develops AAA game titles. The first part defines the theoretical basis. The next section introduces the company together with the analysis of the functioning of the department and communication. The last part is devoted to the design of the organizational structure, which includes the process of creating a new job. The process involves the division of activities, the recruitment process and the economic appreciation itself.

Efficient Publish/Subscribe System over Mobile Ad-Hoc Network

Liu, Chao

January 2012

Information dissemination is an important issue for mobile ad-hoc communities. This issue is very challenging due to the dynamic and fragile nature of the mobile ad-hoc networks, in which participants have limited computing resources and battery, intermittent network connections, and mobile tasks. To address the aforementioned issue, this thesis proposes an efficient semantics-based publish/subscribe strategy. In our proposed publish/subscribe system, distributed mobile participants are organized into clusters based on their location proximity. A compact semantics-based indexing scheme is provided to guide information flow. Intra- and inter- cluster routings are proposed to assist efficient propagation of event notifications. A comprehensive set of simulation experiments prove the effectiveness of the proposed scheme.

Semantics.

Wireless communication systems.

Routing (Computer network management)

Network Performance Management Using Application-centric Key Performance Indicators

McGill, Susan

01 January 2007

The Internet and intranets are viewed as capable of supplying "Anything, Anywhere, Anytime" and e-commerce, e-government, e-community, and military C4I are now deploying many and varied applications to serve their needs. Network management is currently centralized in operations centers. To assure customer satisfaction with the network performance they typically plan, configure and monitor the network devices to insure an excess of bandwidth, that is overprovision. If this proves uneconomical or if complex and poorly understood interactions of equipment, protocols and application traffic degrade performance creating customer dissatisfaction, another more application-centric, way of managing the network will be needed. This research investigates a new qualitative class of network performance measures derived from the current quantitative metrics known as quality of service (QOS) parameters. The proposed class of qualitative indicators focuses on utilizing current network performance measures (QOS values) to derive abstract quality of experience (QOE) indicators by application class. These measures may provide a more user or application-centric means of assessing network performance even when some individual QOS parameters approach or exceed specified levels. The mathematics of functional analysis suggests treating QOS performance values as a vector, and, by mapping the degradation of the application performance to a characteristic lp-norm curve, a qualitative QOE value (good/poor) can be calculated for each application class. A similar procedure could calculate a QOE node value (satisfactory/unsatisfactory) to represent the service level of the switch or router for the current mix of application traffic. To demonstrate the utility of this approach a discrete event simulation (DES) test-bed, in the OPNET telecommunications simulation environment, was created modeling the topology and traffic of three semi-autonomous networks connected by a backbone. Scenarios, designed to degrade performance by under-provisioning links or nodes, are run to evaluate QOE for an access network. The application classes and traffic load are held constant. Future research would include refinement of the mathematics, many additional simulations and scenarios varying other independent variables. Finally collaboration with researchers in areas as diverse as human computer interaction (HCI), software engineering, teletraffic engineering, and network management will enhance the concepts modeled.

telecommunications

network management

simulation

network performance

performance indicators

OPNET

Engineering

Biologically-inspired Network Memory System for Smarter Networking

Mokhtar, Bassem Mahmoud Mohamed Ali

24 February 2014

Current and emerging large-scale networks, for example the current Internet and the future Internet of Things, target supporting billions of networked entities to provide a wide variety of services and resources. Such complexity results in network-data from different sources with special characteristics, such as widely diverse users and services, multiple media (e.g., text, audio, video, etc.), high-dimensionality (i.e., large sets of attributes) and various dynamic concerns (e.g., time-sensitive data). With huge amounts of network data with such characteristics, there are significant challenges to a) recognize emergent and anomalous behavior in network traffic and b) make intelligent decisions for efficient and effective network operations. Fortunately, numerous analyses of Internet traffic have demonstrated that network traffic data exhibit multi-dimensional patterns that can be learned in order to enable discovery of data semantics. We claim that extracting and managing network semantics from traffic patterns and building conceptual models to be accessed on-demand would help in mitigating the aforementioned challenges. The current Internet, contemporary networking architectures and current tools for managing large network-data largely lack capabilities to 1) represent, manage and utilize the wealth of multi-dimensional traffic data patterns; 2) extract network semantics to support Internet intelligence through efficiently building conceptual models of Internet entities at different levels of granularity; and 3) predict future events (e.g., attacks) and behaviors (e.g., QoS of unfamiliar services) based on learned semantics. We depict the limited utilization of traffic semantics in networking operations as the “Internet Semantics Gap (ISG)”. We hypothesize that endowing the Internet and next generation networks with a “memory” system that provides data and semantics management would help resolve the ISG and enable “Internet Intelligence”. We seek to enable networked entities, at runtime and on-demand, to systematically: 1) learn and retrieve network semantics at different levels of granularity related to various Internet elements (e.g., services, protocols, resources, etc.); and 2) utilize extracted semantics to improve network operations and services in various aspects ranging from performance, to quality of service, to security and resilience. In this dissertation, we propose a distributed network memory management system, termed NetMem, for Internet intelligence. NetMem design is inspired by the functionalities of human memory to efficiently store Internet data and extract and utilize traffic data semantics in matching and prediction processes, and building dynamic network-concept ontology (DNCO) at different levels of granularity. The DNCO provides dynamic behavior models for various Internet elements. Analogous to human memory functionalities, NetMem has a memory system structure comprising short-term memory (StM) and long-term memory (LtM). StM maintains highly dynamic network data or data semantics with lower levels of abstraction for short time, while LtM keeps for long time slower varying semantics with higher levels of abstraction. Maintained data in NetMem can be accessed and learned at runtime and on-demand. From a system’s perspective, NetMem can be viewed as an overlay network of distributed “memory” agents, called NMemAgents, located at multiple levels targeting different levels of data abstraction and scalable operation. Our main contributions are as follows: • Biologically-inspired customizable application-agnostic distributed network memory management system with efficient processes for extracting and classifying high-level features and reasoning about rich semantics in order to resolve the ISG and target Internet intelligence. • Systematic methodology using monolithic and hybrid intelligence techniques for efficiently managing data semantics and building runtime-accessible dynamic ontology of correlated concept classes related to various Internet elements and at different levels of abstraction and granularity that would facilitate: ▪ Predicting future events and learning about new services; ▪ Recognizing and detecting of normal/abnormal and dynamic/emergent behavior of various Internet elements; ▪ Satisfying QoS requirements with better utilization of resources. We have evaluated the NetMem’s efficiency and effectiveness employing different semantics reasoning algorithms. We have evaluated NetMem operations over real Internet traffic data with and without using data dimensionality reduction techniques. We have demonstrated the scalability and efficiency of NetMem as a distributed multi-agent system using an analytical model. The effectiveness of NetMem has been evaluated through simulation using real offline data sets and also via the implementation of a small practical test-bed. Our results show the success of NetMem in learning and using data semantics for anomaly detection and enhancement of QoS satisfaction of running services. / Ph. D.

Network Semantics

Biologically-inspired Networking

Network Intelligence

Network Management

Memory