Communications networks increasingly rely on robust, accurate monitoring systems to help network operators detect disruptions, misconfigurations, and failures. Accurate monitoring techniques detect disruptions when they occur (with a negligible number of false alarms), and identify the source of the disruption, for example, the faulty network element, the source of unwanted traffic. Robust monitoring detects disruptions when measurements may be noisy, incomplete, or when attackers are actively trying to disguise their presence. Network monitoring is most accurate when distributed; that is, when it draws upon observations from a large number of vantage points. Monitoring is more robust when it is network-level; that is, when it can rely on properties of the network traffic, rather than on other features such as traffic content. The researchers are developing techniques for distributed, network-level monitoring and incorporating these techniques into a distributed data management system for detecting network disruptions in two areas: internal network faults and failures, and external threats and unwanted traffic.

The research has three themes: (1) Online, distributed, detection algorithms; (2) Informed actuation that uses passive measurements as a baseline, judiciously choosing active measurements to issue in support of the passive measurements, (3) Incorporating these techniques into real-world systems to evaluate the practicality of the schemes and their applicability in realistic network monitoring settings. We will evaluate our algorithms in two settings: detection of internal network disruptions (e.g., failures, faults and misconfigurations within a single network, such as a campus or enterprise network); and fast detection of global threats (e.g. spam, botnets).

Agency
National Science Foundation (NSF)
Institute
Division of Computer and Network Systems (CNS)
Application #
0721581
Program Officer
Darleen L. Fisher
Project Start
Project End
Budget Start
2008-01-01
Budget End
2010-12-31
Support Year
Fiscal Year
2007
Total Cost
$279,000
Indirect Cost
Name
Georgia Tech Research Corporation
Department
Type
DUNS #
City
Atlanta
State
GA
Country
United States
Zip Code
30332