Global ETD Search

21	Monitoring and control of distributed web services on cloud computing infrastructure / Παρακολούθηση και έλεγχος κατανεμημένων δικτυακών υπηρεσιών σε υπολογιστική αρχιτεκτονική νέφους Δεχουνιώτης, Δημήτριος 26 August 2014 (has links) This thesis concerns two main research areas of distributed web services deployed on cloud computing infrastructure. The first category is about monitoring of cloud computing infrastructure. In chapter 2 a novel general technique is used to infer relationships between different service components in a data center. This approach relies on a small set of fuzzy rules, produced by a hybrid genetic algorithm with high classification rate. Furthermore, the strength of detected dependencies is measured. Although we do not know the ground truth about relationships in a network, the proposed method mines realistic relationships without having any previous information about network topology and infrastructure. This approach can be a useful monitoring tool for administrators to obtain a clear view of what is happening in the underlying network. Finally, because of the simplicity of our algorithm and the flexibility of FIM, an online approach seems feasible. The second major problem, which is addressed in chapter 3, is the automated resource control of consolidated web applications on cloud computing infrastructure. ACRA is an innovative modeling and controlling technique of distributed services that are co-located on server cluster. The system dynamics are modeled by a group of linear state space models, which cover all the range of workload conditions. Because of the variant workload conditions, there are non-linear term and uncertainties which are modeled by an additive term in the local linear models. Due to the several types of service transactions with varying time and resources demands there are many desired candidate reference values of the SLOs during a day. Due to these requirements and the workload circumstances, we choose the appropriate model and we compute the closest feasible operating point according to several optimization criteria. Then using a set-theoretic technique a state feedback controller is designed that successfully leads and stabilize the system in the region of the equilibrium point. ACRA controller computes a positively invariant set on the state-space, which includes the target set and drives the system trajectories in it. Thus provide stability guarantee and high levels of robustness against system disturbances and nonlinearities. Furthermore we compare ACRA with an MPC and a PI controller and the results are very promising, since our solution outperforms the two other approaches. Secondly, a unified local level modeling and control framework for consolidated web services in a server cluster was presented, which can be a vital element of a holistic distributed control platform. Admission control and resource allocation were addressed as a common decision problem. Stability and constraint satisfaction was guaranteed. A real testbed was built and from a range of examples, in different operating conditions, we can conclude that both the identification scheme and controller provide high level of QoS. A novel component of this approach is the determination of a set of feasible operating (equilibrium) points which allows choosing the appropriate equilibrium point, depending only on what our objectives are, such as maximizing throughput, minimizing consumption or maximizing profit. Evaluation shows that our approach has high performance compared to well-known solutions, such as queuing models and measurement approach of equilibrium points. Both controllers succeed in their main targets respectively to the already proposed studies in literature. Firstly they satisfy the SLA requirements and the constraints of the underlying cloud computing infrastructure. To the best of our knowledge they are the only studies that calculate a set of feasible operating points that ensure system stability. Furthermore they adopt modern control theory and beyond the stability guarantee they introduce new control properties such as positively invariant sets , ultimate boundedness and e- contractive sets. / Στη παρούσα διδακτορική διατριβή δύο ερευνητικά θέματα επιλύονται. Αρχικά αναπτύσσεται μια τεχνική παρακολούθηση της δικτυακής κίνησης με σκοπό την εύρεση λειτουργικών σχέσεων μεταξύ των διάφορων μερών μιας δικτυακής εφαρμογής. Στο δεύτερο μέρος επιλύεται το πρόβλημα της αυτοματοποιημένη διανομής των πόρων σε δικτυακές εφαρμογές που μοιράζονται ένα κοινό περιβάλλον ΥΑΝ ( Υπολογιστική Αρχιτεκτονική Νέφους). Στόχος του πρώτου κεφαλαίου της διατριβής σε σχέση με την υπάρχουσα βιβλιογραφία είναι η δημιουργία ενός εργαλείου ανάλυσης της δικτυακής κίνησης έτσι ώστε να γίνονται κατανοητές οι λειτουργικές σχέσεις μεταξύ μερών των κατανεμημένων δικτυακών υπηρεσιών. Αυτός ο γράφος είναι πρωτεύον εργαλείο για πολλές εργασίες ενός διαχειριστή που εντάσσονται στο πεδίο της ανάλυσης της απόδοσης και της ανάλυσης των αρχικών αιτίων. Για παράδειγμα η ανίχνευση λανθασμένων εγκαταστάσεων ή διαδικτυακών επιθέσεων και ο σχεδιασμός για την επέκταση η μετατροπή των ΥΑΝ υποδομών. Το δεύτερο μέρος της παρούσας διατριβής ασχολείται με το θέμα της αυτοματοποιημένης κατανομής των υπολογιστικών πόρων ενός υπολογιστικού κέντρου ΥΑΝ σε ένα σύνολο εγκατεστημένων δικτυακών εφαρμογών. Η σύγχρονη τεχνολογία της εικονικοποίησης είναι ο κύριος παράγοντας για την «συστέγαση» πολλών κατανεμημένων υπηρεσιών σε υπολογιστικά κέντρα ΥΑΝ. Το ΕΑΚΠ (έλεγχος αποδοχής και κατανομή πόρων) είναι ένα αυτόνομο πλαίσιο μοντελοποίησης και ελέγχου, το οποίο παρέχει ακριβή μοντέλα και λύνει ενοποιημένα τα προβλήματα ΕΑ και ΚΠ των δικτυακών εφαρμογών που είναι συγκεντρωμένες σε υπολογιστικά κέντρα ΥΑΝ. Στόχος του ΕΑΚΠ είναι να μεγιστοποιεί την είσοδο των αιτήσεων των χρηστών στη παρεχόμενη υπηρεσία εκπληρώνοντας παράλληλα και τις προδιαγεγραμμένες απαιτήσεις ΠΥ (Ποιότητα Υπηρεσίας). Ο δεύτερος τοπικός ελεγκτής που παρουσιάζεται σε αυτή τη διατριβή είναι ένα αυτόνομο πλαίσιο μοντελοποίησης και ελέγχου κατανεμημένων δικτυακών εφαρμογών σε περιβάλλον ΥΑΝ, το οποίο λύνει συγχρόνως τα προβλήματα ΕΑ και ΚΠ με ενιαίο τρόπο. Cloud computing Network monitoring Control theory 004.678 2 Θεωρία ελέγχου
22	Ασφάλεια στην υλοποίηση πρωτοκόλλου διαδικτύου στις διαστημικές επικοινωνίες Σουφρίλας, Παναγιώτης 09 January 2012 (has links) Στην παρούσα διπλωματική εργασία παρουσιάζεται μια νέα αρχιτεκτονική δικτύων που ονομάζεται DTN,για δίκτυα τα οποία αντιμετωπίζουν δυσκολίες στην επικοινωνία και στη συνδεσιμότητα των κόμβων τους. Τα δίκτυα αυτά αντιμετωπίζουν τέτοιες δυσκολίες λόγω του δυσμενoύς περιβάλλοντος στο οποίο βρίσκονται,όπως για παράδειγμα ένα δίκτυο στο διάστημα. Έτσι προχωρήσαμε στο σχεδιασμό ενός δικού μας DTN δικτύου που ονομάζεται planet-ece επιλέγοντας την DTN2 υλοποίηση του πρωτοκόλλoυ bundle για τους κόμβους μας καθώς είναι ιδανικότερη για όποιον θέλει να πειραματιστεί. Η ανάπτυξη αυτού του δικτύου έγινε με σκοπό να ερευνηθούν θέματα όπως της διαχείρισης ενός τέτοιου δικτύου (network management) και της ασφάλειας του (security).Βασιζόμενοι τώρα στο εγκατεστημένο πια DTN δίκτυό μας planet-ece και αφού έχει ελεγχθεί η σωστή του λειτουργία, το επόμενο βήμα ήταν να υλοποιηθεί ένας μηχανισμός παρακολούθησης (moniroting), ο οποίος θα μας επιτρέπει να εποπτεύουμε την κατάσταση του δικτύου και της ανταλλασόμενης κίνησης σε επίπεδο DTN. Έπειτα προχωρήσαμε στην υλοποίηση ενός συστήματος παρακολούθησης έξυπνων καμερών μέσω του DTN δικτύου μας planet-ece. Σε αυτή την υλοποίηση λοιπόν, αξιολογούμε την ασφάλεια και τη συμπεριφορά του συστήματος, εστιάζοντας στην επικοινωνία μέσω του δικτύου DTN με σκοπό να εκτιμήσουμε πώς συμπεριφέρεται ένα τέτοιο δίκτυο σε διάφορες πιθανές καταστάσεις, από γεγονότα και δικτυακή διαθεσιμότητα, με ή χωρίς ασφάλεια και σε σύγκριση με υπάρχουσες μεθόδους επικοινωνίας. / This thesis presents a new network architecture called DTN, for networks with difficulties in communication and connectivity. These networks are facing such difficulties due to extreme environmental surroundings, such as a network in space. So we proceeded to design our own DTN network called planet-ece selecting DTN2 implementation of Bundle Protocol for our nodes because is ideal for anyone who wants to experiment. The development of this network was designed to investigate issues such as management of such a network and security. Based now to our installed DTN network named planet-ece and after having verified the correct function, the next step was to implement a monitoring mechanism, which will allow us to monitor the network status and traffic in a DTN level. Then we proceeded to implement a secure DTN-based smart camera surveillance system through our DTN network planet-ece. In this implementation, therefore, we evaluate the safety and behavior of the system, focusing on communication via the DTN network in order to appreciate how such a system behaves in different possible situations, events and network availability, with or without security and in comparison with existing methods of communication. Διαχείριση δικτύου Ασφάλεια δικτύου 004.6 Network monitoring Network security DTN Smart cameras
23	A Computational Framework for Quality of Service Measurement, Visualization and Prediction in Mission Critical Communication Networks January 2014 (has links) abstract: Network traffic analysis by means of Quality of Service (QoS) is a popular research and development area among researchers for a long time. It is becoming even more relevant recently due to ever increasing use of the Internet and other public and private communication networks. Fast and precise QoS analysis is a vital task in mission-critical communication networks (MCCNs), where providing a certain level of QoS is essential for national security, safety or economic vitality. In this thesis, the details of all aspects of a comprehensive computational framework for QoS analysis in MCCNs are provided. There are three main QoS analysis tasks in MCCNs; QoS measurement, QoS visualization and QoS prediction. Definitions of these tasks are provided and for each of those, complete solutions are suggested either by referring to an existing work or providing novel methods. A scalable and accurate passive one-way QoS measurement algorithm is proposed. It is shown that accurate QoS measurements are possible using network flow data. Requirements of a good QoS visualization platform are listed. Implementations of the capabilities of a complete visualization platform are presented. Steps of QoS prediction task in MCCNs are defined. The details of feature selection, class balancing through sampling and assessing classification algorithms for this task are outlined. Moreover, a novel tree based logistic regression method for knowledge discovery is introduced. Developed prediction framework is capable of making very accurate packet level QoS predictions and giving valuable insights to network administrators. / Dissertation/Thesis / Masters Thesis Industrial Engineering 2014 Industrial engineering Computer engineering Computer science network Network Monitoring QoS qos analysis Quality of service
24	Comparative Analysis of two Open Source Network Monitoring Systems : Nagios & OpenNMS Qadir, Muhammad, Adnan, Muhammad January 2010 (has links) Context: Extensive and rapid continuous growth in Internet Protocol (IP) based networks and as the result of increasing dependencies on these networks makes them extremely challenging to manage and keep them running all the time. 24/7 non-stop monitoring is important to minimize the down time of the network. For this reason dependency on automated network monitoring has been increased. Objectives: There are many tools and systems available for network monitoring. This includes expensive commercial solutions to open source products. Nagios and OpenNMS are two of the most popular systems and they are considered to be close competitors. Comparison discussions about them are very common at different forums on internet. But no empirical study for comparison analysis has been done. In this thesis the comparison study between Nagios and OpenNMS was conducted. Methods: Network monitoring functionalities are listed down from literature followed by industrial interviews with the networking professionals. Then taking these functionalities as a base, to evaluate, survey studies for both systems were conducted separately and comparison analysis of the results was performed. Usability evaluation of both systems was done by conducting usability testing and comparison analysis of the results was performed. Results: Besides providing the comparison of both systems this study also can help to findout the strengths and weaknesses of both systems separately. And in the end we suggested a list of functionalities and features which might help in selection of a monitoring system and also might be helpful for improvement of the monitoring systems. Network monitoring Nagios OpenNMS NMS Fault monitoring Performance monitoring Computer Sciences Datavetenskap (datalogi) Telecommunications Telekommunikation
25	Data reduction in modeled packet traffic Mehrabian, Maryam January 2012 (has links) Within Ericsson there is a continuous activity of traffic modeling. Traffic modeling is a practice to analyze traffic patterns and determine necessary resources to handle it optimally. This activity focuses on gathering and analyzing live network measurements, implementing and presenting traffic models. One example of concept in packet traffic modeling is transmission object log which is an aggregation of packet data traces from a measured network over a transmission period. These trace logs that are simple list of all transmission objects contain a vast number of data. When the amount of data increases in these logs several problems can occur such as expensive analysis time, costly data storage and even statistical analysis and data processing in software environments run out of memory. On the other hand, sophisticated and costly computing systems are required for analysis and storage of the data. Therefore, monitoring and analyzing these large traces motivate data reduction. The goal of this thesis is to reduce the number of traffic objects in large object trace logs while preserving the statistical characteristics of the original transmission objects. Sampling techniques are wildly used to cope with the issues of large amount of data in network monitoring. First, this thesis aims to assess the impact of two sampling techniques as a reduction method. Second, to analyze traffic characteristics and showing the effects of sampling, some statistical properties of both original and sampled datasets as well as their distribution plots will be discussed. The distortion introduced by sampling as the distance between the distribution of properties for sampled and unsampled traffic is also presented by a statistical metric. One of the issues in sampling technique is the sampling size. In order to estimate the sampling size and reduce the logs to a certain level, the concept of offline marginal utility as a complementary method to sampling is proposed in this report. The thesis also makes some suggestions as further works to reduce the logs by having less impact on the object characteristics. Traffic modeling network traffic reduction sampling network monitoring and measurements Computer and Information Sciences Data- och informationsvetenskap
26	Síťová sonda / Network Probe Tkáč, Peter Unknown Date (has links) he concern of the thesis is analysis and comparison of network probes. This thesis is dedicated to open-source solutions of network probes, which are available under public license. The first part of the thesis describes architecture and function principles of network probes. Next part describes each probe and its functions. Last part of the thesis contains the description of the solution of network probe and principles of its operation.
27	Link layer topology discovery in an uncooperative ethernet environment Delport, Johannes Petrus 27 August 2008 (has links) Knowledge of a network’s entities and the physical connections between them, a network’s physical topology, can be useful in a variety of network scenarios and applications. Administrators can use topology information for fault- finding, inventorying and network planning. Topology information can also be used during protocol and routing algorithm development, for performance prediction and as a basis for accurate network simulations. Specifically, from a network security perspective, threat detection, network monitoring, network access control and forensic investigations can benefit from accurate network topology information. The dynamic nature of large networks has led to the development of various automatic topology discovery techniques, but these techniques have mainly focused on cooperative network environments where network elements can be queried for topology related information. The primary objective of this study is to develop techniques for discovering the physical topology of an Ethernet network without the assistance of the network’s elements. This dissertation describes the experiments performed and the techniques developed in order to identify network nodes and the connections between these nodes. The product of the investigation was the formulation of an algorithm and heuristic that, in combination with measurement techniques, can be used for inferring the physical topology of a target network. / Dissertation (MSc)--University of Pretoria, 2008. / Computer Science / unrestricted Network management Ethernet Network security Network topology discovery Network mapping Network monitoring UCTD
28	Security monitoring for network protocols and applications / Monitorage des aspects sécuritaires pour les protocoles de réseaux et applications La, Vinh Hoa 21 October 2016 (has links) La sécurité informatique, aussi connue comme la cyber-sécurité, est toujours un sujet d'actualité dans la recherche en sciences informatiques. Comme les cyber-attaques grandissent de plus en plus en volume et en sophistication, la protection des systèmes ou réseaux d'information devient une tâche difficile. Les chercheurs dans la communauté de recherche prêtent une attention constante à la sécurité, en particulier ils s'orientent vers deux directions principales: (i) - la conception des infrastructures sécurisées avec des protocoles de communication sécurisés et (ii) - surveillance / supervision des systèmes ou des réseaux afin de trouver et de remédier des vulnérabilités. La dernière vérifie que tout ce qui a été conçu dans la première fonctionne correctement et en toute sécurité, ainsi détectant les violations de sécurité. Ceci étant le sujet principal de cette thèse.Cette dissertation présente un cadre de surveillance de la sécurité en tenant en compte des différents types de jeu de données d'audit y compris le trafic de réseaux et les messages échangés dans les applications. Nous proposons également des approches innovantes fondées sur l'apprentissage statistique, la théorie de l'information et de l'apprentissage automatique pour prétraiter et analyser l'entrée de données. Notre cadre est validé dans une large gamme des études de cas, y compris la surveillance des réseaux traditionnels TCP / IP (v4) (LAN, WAN, la surveillance de l'Internet), la supervision des réseaux de objets connectés utilisant la technologie 6LoWPAN (IPv6), et également, l’analyse des logs d'autres applications. Enfin, nous fournissons une étude sur la tolérance d’intrusion par conception et proposons une approche basée sur l’émulation pour détecter et tolérer l’intrusion simultanément.Dans chaque étude de cas, nous décrivons comment nous collectons les jeux de données d'audit, extrayons les attributs pertinents, traitons les données reçues et décodons leur signification de sécurité. Pour attendre ces objectifs, l'outil MMT est utilisé comme le cœur de notre approche. Nous évaluons également la performance de la solution et sa possibilité de marcher dans les systèmes “à plus grande échelle” avec des jeux de données plus volumineux / Computer security, also known as cyber-security or IT security, is always an emerging topic in computer science research. Because cyber attacks are growing in both volume and sophistication, protecting information systems or networks becomes a difficult task. Therefore, researchers in research community give an ongoing attention in security including two main directions: (i)-designing secured infrastructures with secured communication protocols and (ii)-monitoring/supervising the systems or networks in order to find and re-mediate vulnerabilities. The former assists the later by forming some additional monitoring-supporting modules. Whilst, the later verifies whether everything designed in the former is correctly and securely functioning as well as detecting security violations. This is the main topic of this thesis.This dissertation presents a security monitoring framework that takes into consideration different types of audit dataset including network traffic and application logs. We propose also some novel approaches based on supervised machine learning to pre-process and analyze the data input. Our framework is validated in a wide range of case studies including traditional TCP/IPv4 network monitoring (LAN, WAN, Internet monitoring), IoT/WSN using 6LoWPAN technology (IPv6), and other applications' logs. Last but not least, we provide a study regarding intrusion tolerance by design and propose an emulation-based approach to simultaneously detect and tolerate intrusion.In each case study, we describe how we collect the audit dataset, extract the relevant attributes, handle received data and decode their security meaning. For these goals, the tool Montimage Monitoring Tool (MMT) is used as the core of our approach. We assess also the solution's performance and its possibility to work in "larger scale" systems with more voluminous dataset Sécurité Détection d'intrusion Surveillance de sécurité Supervision de réseaux Security Intrusion detection Security monitoring Network monitoring
29	Diagnostika a monitorování transportních sítí / Diagnostics and monitoring of transport networks Maurerová, Lenka January 2016 (has links) Diploma thesis deals with monitoring and diagnostics of transport networks. It focuses on basic diagnostic and surveillance tools, and tools which are developed in the project of Internet2. It is focused on the evaluation of the measurements performed by these tools with a focus on external factors and substandard conditions and their impact on the measurement results.
30	Traffic Monitoring for Green Networking Sapountzis, Ioannis January 2014 (has links) The notion of the networked society is more than ever true nowadays. The Internet has a big impact on our daily lives. Network operators provide the underlying infrastructure and continuously deploy services in order to meet customer demands. The amount of data transported through operator networks is also increasing with the introduction of new high band width services and over the network content. That being said, operators, most often deploy or operate networks to meet these demands without any regard to energy-efficiency. As the price of electricity continues to grow, tends to become a problem with serious implications. To solve this problem a trend towards more energy efficient networks has emerged. In this thesis, we investigate a way to facilitate the introduction of new energy efficiency paradigms for fixed networks. Towards this end, we investigate the energy efficiency schemes proposed up to now and select one that we believe is more realistic to deploy. Furthermore, we specify the inputs required for the selected “green” routing approach. Moreover, we study existing and new protocols that can provide basic network monitoring functionality that enables the acquirement of these inputs. In the end, a Software Defined Networking (SDN) approach is proposed to facilitate the development of energy-efficient aware networks. The details of a basic SDN monitoring application are presented from an abstract architectural point of view and three designs stemming from this basic architecture are discussed. The three designs are namely All_Flow, First_Switch and Port_FlowRemoved. The first two were implemented as steps towards understanding the full capabilities of performing monitoring in SDN enabled networks and provided useful input towards realizing the third one as a proof of concept. Their usage and faults are discussed as they can provide useful insight for possible future implementations. The Port_FlowRemoved is the design and implementation that is suggested as providing the most fitting results for the monitoring purpose at hand. This purpose is to retrieve the identified inputs for the selected “green” networking approach. The differentiation factor among the three designs is how they collect the required inputs from the network. A fast-prototype is created as a proof of concept in order to validate the proposed architecture and thus empower the validity of the idea. Software Defined Networking Traffic Monitoring Network Monitoring Energy-Efficient Network Computer and Information Sciences Data- och informationsvetenskap

Search results