Database techniques for resilient network monitoring and inspection

Network connection logs have long been recognized as integral to proper network security, maintenance, and performance management. This paper provides a development of distributed systems and write optimized databases: However, even a somewhat sizable network will generate large amounts of logs at very high rates. This paper explains why many storage methods are insufficient for providing real-time analysis on sizable datasets and examines database techniques attempt to address this challenge. We argue that sufficient methods include distributing storage, computation, and write optimized datastructures (WOD). Diventi, a project developed by Sandia National Laboratories, is here used to evaluate the potential of WODs to manage large datasets of network connection logs. It can ingest billions of connection logs at rates over 100,000 events per second while allowing most queries to complete in under one second. Storage and computation distribution are then evaluated using Elastic-search, an open-source distributed search and analytics engine. Then, to provide an example application of these databases, we develop a simple analytic which collects statistical information and classifies IP addresses based upon behavior. Finally, we examine the results of running the proposed analytic in real-time upon broconn (now Zeek) flow data collected by Diventi at IEEE/ACM Supercomputing 2019

Reactive protocols for unified user profiling for anomaly detection in mobile Ad Hoc networks

The Next Generation mobile network expected to be fully automated to meet the growing need for data rates and quality in communication. These prodigious demands have also increased the amount of data being handled in these wireless networks. The cellular networks can leverage vital data about the user and the network conditions providing all-inclusive visibility and intelligence in communication. Emerging analytic technologies such as big data and neural networks have been used to unearth vital insight from network traffic to assist intelligent models in routing packets. Reactive protocols are an emerging model in the intelligent routing of traffic in ad-hoc networks. In this paper, we first utilize the reactive protocols to route traffic in a wireless network while analyzing anomalous behavior. In the case of anomaly detection in wireless communication, combined performance indicators to identify outliers. The detected outliers been compared with the ground data and routes created using the reactive protocols. The combination of reactive protocols and the key performance indicators in network performance uncovered anomalies leading to segregation of these traffic in routing. From the results, it is evident that an abrupt surge in the traffic indicated an anomaly and identify the areas of interest in a network especially for resource and path allocation and fault avoidance. A MATLAB GUI was used to simulate the reactive protocols for routing of traffic and generation of data sets that analyze in Microsoft Excel to characterize the key performance indicators of the network