Global ETD Search

31	Distributed on-line network monitoring for trust assessment / Monitorage en-ligne et distribué de réseaux pour l'évaluation de la confiance López, Jorge 02 December 2015 (has links) Les systèmes collaboratifs sont aujourd’hui devenus très populaires et sont de plus en plus utilisés dans de nombreux domaines divers. De fait, les interactions de confiance des differents systèmes sont devenus une priorité. La confiance, en tant que concept informatique, a été étudiée très récemment. Cependant, dans la littérature, très peu d’attention a été portée pour évaluer l’exactitude des interactions entre entités communicantes; même si la plupart des approches se sont basées sur les mesures cumulées de ces valeurs. Pour déterminer, de façon générale, l’exactitude de ces interactions, une approche nommée Monitorage des Réseaux En-Ligne et Distribué (MRED) a été proposée. De plus, des outils prototypes ont été développés pour tester automatiquement les propriétés de confiance entre entités dans des systèmes communicants. MRED est une forme de test passif; elle analyse les réponses des systèmes et teste l’exactitude des interactions en utilisant des traces de réseaux. Comme elle dépend des propriétés à tester, une nouvelle approche a été proposée pour faire l’extraction automatique de propriétés pertinentes que l’ont pourrait, in fine, tester dans un système sous test. Notre approche repose sur le fonctionnement des systèmes de monitorage online. Nous proposons de nouvelles méthodes afin d’améliorer les techniques fournies dans l’état de l’art pour: a) évaluer efficacement les propriétés avec une complexité en temps O($n$), ce en utilisant un Automate Fini Déterministe Prolongée (AFDP); et b) élargir l’expressivité du langage proposé pour exprimer correctement les contraintes systèmes, comme les délais d’attente pour éviter le manque de ressources. Finalement, nous proposons un nouveau cadre flexible utilisable dans de très nombreux domaines, qui permet la définition de caractéristiques de confiance afin d’évaluer les entités dans des contextes différents. De surcroît, avec les évaluations des caractéristiques de confiance, nous proposons un modèle de confiance basé sur l’apprentissage automatique, en résolvant spécifiquement un problème de classification multi-classes et utilisant des Machine à vecteurs de support (SVM). A partir de ces modèles, des expérimentations ont été effectuées en simulant des caractéristiques de confiance pour estimer le niveau de confiance; une précision de plus de 96% a été obtenue / Collaborative systems are growing in use and in popularity. The need to boost the methods concerning the interoperability is growing as well; therefore, trustworthy interactions of the different systems are a priority. Trust as a computer science concept has been studied in the recent years. Nevertheless, in the literature, very little focus is placed on how to assess the correctness of the interactions between the entities; even if most approaches rely on the estimation of trust based on the accumulated measures of these values. To broadly determine the correctness of interactions without targeting a specific domain or application, an approach using Distributed On-line Network Monitoring (DONM) was proposed. Furthermore, a prototype tool-set was developed to automatically test the trust properties. DONM is a form passive testing; it analyzes systems' responses and test the correctness of the interactions via network traces. Since it relies on the stated properties to test, a novel approach was proposed to automatically extract relevant properties to test. Our approach deeply relies on the operation of On-line Monitoring Systems. That is the reason why we propose new methods to enhance the state of the art techniques to: a) efficiently evaluate properties in O(n) time complexity using an Extended Finite State Automata (EFSA) auxiliary data structure; and b) to expand the language expressiveness to properly express the constraints of such systems, such as, timeouts in order to avoid resource starvation. Finally, using the evaluation of the entities' interactions provided by our approach, trust management engines will help trustors to decide with whom and how to interact with other users or applications. We propose a new framework that is flexible for any domain, allowing trustors to define the trust features used to evaluate trustees in different contexts. Furthermore, with the evaluations of the trust features, we propose a trust model which achieves close-to-human inference of the trust assessment, by using a machine learning based trust model, namely solving a multi-class classification problem using Support Vector Machines (SVM). Using the SVM-based trust model, experiments were performed with simulated trust features to estimate trust level; an accuracy of more than 96% was achieved Confiance Monitorage de réseaux distribués Systèmes en-ligne Trust Distributed network monitoring On-line systems
32	Hardwarová akcelerace identifikace protokolů / Hardware Acceleration of Protocol Identification Kobierský, Petr January 2008 (has links) Dynamic growth of computer networks encourages rapid development of network applications and services. To provide sufficient network service quality, it is important to limit some network flows based on their application protocol type. This thesis deals with the methods of network protocol identification and discusses their accuracy and suitability for multigigabit networks. Based on the analysis, a protocol identification model was created and evaluated. The model was used for the design of hardware architecture accelerating computationally intensive operations of protocol identification. The proposed solution is able to work on 10 Gb/s networks and export protocol information using NetFlow protocol.
33	Designing a Scalable Network Analysis and Monitoring Tool with MPI Support Augustine, Albert Mathews 28 December 2016 (has links) No description available. Computer Engineering Computer Science OSU INAM InfiniBand MPI MVAPICH2 Omni-Path Network Monitoring Exascale
34	KEEPING TRACK OF NETWORK FLOWS: AN INEXPENSIVE AND FLEXIBLE SOLUTION Fedyukin, Alexander V. January 2005 (has links) No description available. stream database dynamic query optimization network traffic network flow network monitoring open source database
35	Efficient traffic monitoring in 5G Core Network Girondi, Massimo January 2020 (has links) 5G is an enabler to several new use cases. To support all of them, the network infrastructure must be flexible and it should adapt to the different situations. This feature is powered by SDN, NFV, and Automation, three of the main pillars on which the 5G network is built.Traditional network management approaches may not be suitable for the 5G Core Network User Plane, which holds strict requirements in terms of latency and throughput. Therefore, Artificial Intelligence agents have been proposed to manage the 5G in a more efficient manner, delivering a more optimized allocation of the resources. This approach requires real-time monitoring of the data passing by the Core Network, a feature not standardized by the current protocols. In this thesis, the design of a monitoring protocol for the 5G Core Network User Plane has been studied, focusing on precise measurement of latencies. Then, a In-band Network Telemetry (INT) framework has been implemented on top of a User Plane Function prototype. The prototype is built on top of a novel User Plane implementation, based on chaining of atomic functions called micro-UPFs (µUPFs).While the main focus of this work has been latency measurement, packet counters, byte counters and Inter Packet Gap values can be collected from the framework, proving the main KPIs of a 5G User Plane. The INT framework has been implemented through two new µUPFs, one for updating the INT metadata and one for collecting them. These metadata are attached to the user packets as GTP-U extended header, maintaining compatibility with the standard protocol. Moreover, the implemented framework allows high flexibility through dynamic tuning of the parameters, providing mechanisms to reduce the amount of telemetry data generated and, thus, the system overhead.The framework has been tested on a physical setup of four server machines, abstracting a Core Network User Plane, connected with 10 Gbps NICs. In all the tests performed, the performances of the User Plane are affected by the new functionalities only when INT metadata are inserted very frequently. The results show that is possible to monitor the three main KPIs of a 5G User Plane without heavily limiting the system performances. / 5G är en möjliggörare för flera nya användningsfall: för att stödja dem alla måste nätverksinfrastrukturen vara flexibel och den ska anpassa sig till de olika situationerna. Denna funktion drivs av SDN, NFV och Automation, tre av de viktigaste pelarna som 5G-nätverket är byggt på.Traditionella nätverkshanteringsstrategier kanske inte passar för 5G Core Network, som har strikta krav när det gäller latens och genomströmning. Därför har Artificial Intelligence-agenter föreslagits att hantera 5G på ett mer effektivt sätt, vilket ger en mer optimerad fördelning av resurserna. Detta tillvägagångssätt kräver realtidsövervakning av data som passerar via Core Network, en funktion som inte standardiseras med de aktuella protokollen.I denna avhandling har utformningen av ett övervakningsprotokoll för 5G Core Network User Plane studerats med fokus på exakt mätning av latenser. Sedan har ett in-band Network Telemetry (INT) -ramverk implementerats ovanpå en prototyp för User Plane Function. Denna prototyp utnyttjade Chain Controllerarkitekturen, en ny användarplan-implementering baserad på kedjan av atomfunktioner som kallas µUPF.Medan huvudfokuset för detta arbete har varit latensmätning, kan paketräknare, byttäknare och Inter Packet Gap-värden samlas in från ramverket, vilket bevisar de viktigaste KPI: erna i ett 5G-nätverk. INT-ramverket har implementerats genom två nya µUPF, en för att uppdatera INT-metadata och en för att samla dem. Dessa metadata är anslutna till användarpaketen som GTP-U utökad rubrik, bibehållande kompatibilitet med standardprotokollet. Dessutom tillåter det implementerade ramverket hög flexibilitet som tillåter dynamisk inställning av parametrarna, tillhandahåller mekanismer för att minska mängden telemetri-data som genereras och därmed systemomkostnaderna.Ramverket har testats på en fysisk installation av fyra servermaskiner som abstraherar ett Core Network User Plane, anslutet med 10 Gbps NIC. I samtliga tester påverkas testbäddens prestationer av de nya funktionerna först när INT-metadata sätts in mycket ofta. Resultaten visar att det är möjligt att övervaka de tre huvudsakliga KPI: erna i ett 5G-nätverk utan att starkt begränsa systemprestanda. 5G Core Network Network Monitoring In-band Network Telemetry Latency measurement Computer and Information Sciences Data- och informationsvetenskap
36	Security Enhanced Communications in Cognitive Networks Yan, Qiben 08 August 2014 (has links) With the advent of ubiquitous computing and Internet of Things (IoT), potentially billions of devices will create a broad range of data services and applications, which will require the communication networks to efficiently manage the increasing complexity. Cognitive network has been envisioned as a new paradigm to address this challenge, which has the capability of reasoning, planning and learning by incorporating cutting edge technologies including knowledge representation, context awareness, network optimization and machine learning. Cognitive network spans over the entire communication system including the core network and wireless links across the entire protocol stack. Cognitive Radio Network (CRN) is a part of cognitive network over wireless links, which endeavors to better utilize the spectrum resources. Core network provides a reliable backend infrastructure to the entire communication system. However, the CR communication and core network infrastructure have attracted various security threats, which become increasingly severe in pace with the growing complexity and adversity of the modern Internet. The focus of this dissertation is to exploit the security vulnerabilities of the state-of-the-art cognitive communication systems, and to provide detection, mitigation and protection mechanisms to allow security enhanced cognitive communications including wireless communications in CRNs and wired communications in core networks. In order to provide secure and reliable communications in CRNs: emph{first}, we incorporate security mechanisms into fundamental CRN functions, such as secure spectrum sensing techniques that will ensure trustworthy reporting of spectrum reading. emph{Second}, as no security mechanism can completely prevent all potential threats from entering CRNs, we design a systematic passive monitoring framework, emph{SpecMonitor}, based on unsupervised machine learning methods to strategically monitor the network traffic and operations in order to detect abnormal and malicious behaviors. emph{Third}, highly capable cognitive radios allow more sophisticated reactive jamming attack, which imposes a serious threat to CR communications. By exploiting MIMO interference cancellation techniques, we propose jamming resilient CR communication mechanisms to survive in the presence of reactive jammers. Finally, we focus on protecting the core network from botnet threats by applying cognitive technologies to detect network-wide Peer-to-Peer (P2P) botnets, which leads to the design of a data-driven botnet detection system, called emph{PeerClean}. In all the four research thrusts, we present thorough security analysis, extensive simulations and testbed evaluations based on real-world implementations. Our results demonstrate that the proposed defense mechanisms can effectively and efficiently counteract sophisticated yet powerful attacks. / Ph. D. Cognitive radio networks security Cognitive radio networks reactive jamming attack network monitoring botnet detection
37	Detection and localization of link-level network anomalies using end-to-end path monitoring Salhi, Emna 13 February 2013 (has links) (PDF) The aim of this thesis is to come up with cost-efficient, accurate and fast schemes for link-level network anomaly detection and localization. It has been established that for detecting all potential link-level anomalies, a set of paths that cover all links of the network must be monitored, whereas for localizing all potential link-level anomalies, a set of paths that can distinguish between all links of the network pairwise must be monitored. Either end-node of each path monitored must be equipped with a monitoring device. Most existing link-level anomaly detection and localization schemes are two-step. The first step selects a minimal set of monitor locations that can detect/localize any link-level anomaly. The second step selects a minimal set of monitoring paths between the selected monitor locations such that all links of the network are covered/distinguishable pairwise. However, such stepwise schemes do not consider the interplay between the conflicting optimization objectives of the two steps, which results in suboptimal consumption of the network resources and biased monitoring measurements. One of the objectives of this thesis is to evaluate and reduce this interplay. To this end, one-step anomaly detection and localization schemes that select monitor locations and paths that are to be monitored jointly are proposed. Furthermore, we demonstrate that the already established condition for anomaly localization is sufficient but not necessary. A necessary and sufficient condition that minimizes the localization cost drastically is established. The problems are demonstrated to be NP-Hard. Scalable and near-optimal heuristic algorithms are proposed. [INFO:INFO_OH] Computer Science/Other Network monitoring Anomaly detection Anomaly localization End-to-end path monitoring Link-level network anomalies
38	Processing and Extending Flow-Based Network Traffic Measurements / Verarbeitung und Erweiterung der Flow-basierten Messungen von Netzwerkverkehr Anderson, Sven 20 April 2009 (has links) No description available. 004 Informatik Mathematics and Computer Science Netzwerküberwachung Netzwerkmanagement Network-Management Network-Monitoring Flows IPFIX 54.32
39	Server hardware health status monitoring : Examining the reliability of a centralized monitoring architecture Jarlow, Victor January 2018 (has links) Monitoring of servers over the network is important to detect anomalies in servers in adatacenter. Systems management software exist which can receive messages from servers on which such anomalies occur. Network monitoring software are often used to periodically poll servers for their hardware health status. A centralized approach to network monitoring ispresented in this thesis, in which a systems management software receives messages from servers, and is polled by a network monitoring software. This thesis examines the reliabilityof a centralized monitoring approach in terms of how accurate its response is, as well as the time it took to respond with the correct hardware health status when polled, when it is affected by varying degrees of traffic through conducting an experiment. The results of the experiment show that the monitoring architecture is accurate when exposed to a level of load which is in line with scalability guidelines as offered by the company developing the systems management software, and that the time it takes for a hardware health status to be poll-able for the majority of the measurements lie within the interval 0 to 15 seconds. network monitoring hardware health status monitoring centralized distributed accuracy scalability presentation-time Computer and Information Sciences Data- och informationsvetenskap
40	Situation-aware routing for wireless mesh networks with mobile nodes Kobo, Hlabishi January 2012 (has links) Magister Scientiae - MSc / This thesis demonstrates that a situation-aware algorithm improves quality of service on small mesh networks running BATMAN-adv with some mobile nodes. BATMAN-adv is a proactive mesh routing protocol that counts beacons as a link quality metric. BATMAN-adv was modi ed to give more recently received beacons more weight, thereby calculating a more precise indication of the current state of a link that BATMAN-adv can use to forward packets. BATMAN-adv `original' was compared with a situation-aware version in two laboratory test beds with the same voice traffic profile on actual hardware with a realistic voice traffic profile; with controlled transmission rates and buffer sizes to simulate congestion. The second test bed included mesh potatoes, PCs and laptops as mobile nodes. BATMAN-adv achieved better jitter and packet loss than the situation-aware version in the initial, smaller test bed, and average throughput for both versions was almost identical. However, in the second slightly larger test bed, with additional mobile nodes, the situation-aware algorithm performed better than the original BATMAN-adv algorithm for all quality of service metrics, including throughput. Thus the thesis concludes that a situation-aware protocol offers a promising solution to address issues pertaining to mobility, congestion and scalability for voice traffic in mesh networks with mobile nodes. / South Africa Routing protocols/Wireless mesh network Network monitoring/Public networks Performance measures

Search results