TELKOMNIKA Telecommunication, Computing, Electronics and Control
Database techniques for resilient network monitoring and inspection

Dublin Core

Title

TELKOMNIKA Telecommunication, Computing, Electronics and Control
Database techniques for resilient network monitoring and inspection

Subject

Database techniques, Elasticsearch, Monitoring, Network, Query optimization, Write optimized database

Description

Network connection logs have long been recognized as integral to proper network security, maintenance, and performance management. This paper provides a development of distributed systems and write optimized databases: However, even a somewhat sizable network will generate large amounts of logs at very high rates. This paper explains why many storage methods are insufficient for providing real-time analysis on sizable datasets and examines database techniques attempt to address this challenge. We argue that sufficient methods include distributing storage, computation, and write optimized datastructures (WOD). Diventi, a project developed by Sandia National Laboratories, is here used to evaluate the potential of WODs to manage large datasets of network connection logs. It can ingest billions of connection logs at rates over 100,000 events per second while allowing most queries to complete in under one second. Storage and computation distribution are then evaluated using Elastic-search, an open-source distributed search and analytics engine. Then, to provide an example application of these databases, we develop a simple analytic which collects statistical information and classifies IP addresses based upon behavior. Finally, we examine the results of running the proposed analytic in real-time upon broconn (now Zeek) flow data collected by Diventi at IEEE/ACM Supercomputing 2019.

Creator

Zahraa A. Jaaz, Suha Sahib Oleiwi, Seba Aziz Sahy, Israa Albarazanchi

Source

DOI: 10.12928/TELKOMNIKA.v18i5.14305

Publisher

Universitas Ahmad Dahlan

Date

October 2020

Contributor

Sri Wahyuni

Rights

ISSN: 1693-6930

Relation

http://journal.uad.ac.id/index.php/TELKOMNIKA

Format

PDF

Language

English

Type

Text

Coverage

TELKOMNIKA Telecommunication, Computing, Electronics and Control

Files

Collection

Vol. 18, No. 5 2020

Tags

,Repository, Repository Horizon University Indonesia, Repository Universitas Horizon Indonesia, Horizon.ac.id, Horizon University Indonesia, Universitas Horizon Indonesia, HorizonU, Repo Horizon , ,Repository, Repository Horizon University Indonesia, Repository Universitas Horizon Indonesia, Horizon.ac.id, Horizon University Indonesia, Universitas Horizon Indonesia, HorizonU, Repo Horizon , ,Repository, Repository Horizon University Indonesia, Repository Universitas Horizon Indonesia, Horizon.ac.id, Horizon University Indonesia, Universitas Horizon Indonesia, HorizonU, Repo Horizon , ,Repository, Repository Horizon University Indonesia, Repository Universitas Horizon Indonesia, Horizon.ac.id, Horizon University Indonesia, Universitas Horizon Indonesia, HorizonU, Repo Horizon , ,Repository, Repository Horizon University Indonesia, Repository Universitas Horizon Indonesia, Horizon.ac.id, Horizon University Indonesia, Universitas Horizon Indonesia, HorizonU, Repo Horizon , ,Repository, Repository Horizon University Indonesia, Repository Universitas Horizon Indonesia, Horizon.ac.id, Horizon University Indonesia, Universitas Horizon Indonesia, HorizonU, Repo Horizon ,

Citation

Zahraa A. Jaaz, Suha Sahib Oleiwi, Seba Aziz Sahy, Israa Albarazanchi, “TELKOMNIKA Telecommunication, Computing, Electronics and Control
Database techniques for resilient network monitoring and inspection,” Repository Horizon University Indonesia, accessed November 22, 2024, https://repository.horizon.ac.id/items/show/4063.