Network Monitoring with Real-Time Properties: A Step Forward

In passive monitoring, faults are detected while the System Under Test (SUT) is observed during its normal operation. Usually traces produced by SUT are recorded and compared with those of the specification. In certain contexts, such as network management and intrusion detection for security, passive monitoring is the most applicable methodology for assuring correctness of the systems behavior. This approach can provide valuable insights into systems behavior in actual environments of use. Key challenges of passive monitoring are: (a) the fault detection process cannot influence the execution of the system by providing particular inputs to the system; (b) observations are obtained mid-stream, from an unknown state in the middle of the execution of the system; (c) real-time behavioral properties should be considered during the process; (d) the monitoring is carrying out on the fly. In this paper, we present an approach to passively monitoring a network system with real-time properties. We represent timing information in the form of time-intervals between successive occurrence of events (i.e., packets/messages exchanged among peers).

[1]  Jianping Wu,et al.  An enhanced passive testing tool for network protocols , 2003, 2003 International Conference on Computer Networks and Mobile Computing, 2003. ICCNMC 2003..

[2]  Ana R. Cavalli,et al.  New approaches for passive testing using an Extended Finite State Machine specification , 2003, Inf. Softw. Technol..

[3]  David Lee,et al.  Passive testing and applications to network management , 1997, Proceedings 1997 International Conference on Network Protocols.

[4]  David Lee,et al.  Network protocol system monitoring: a formal approach with passive testing , 2006, TNET.

[5]  Ana R. Cavalli,et al.  An Enhanced Passive Testing Approach for Network Protocols , 2006, International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL'06).

[6]  Ana R. Cavalli,et al.  Fast Testing of Critical Properties through Passive Testing , 2003, TestCom.

[7]  Jianping Wu,et al.  OnLine Test System, an application of passive testing in routing protocols test , 2001, Proceedings. Ninth IEEE International Conference on Networks, ICON 2001..

[8]  Raymond E. Miller,et al.  Fault Coverage in Networks by Passive Testing , 2001, International Conference on Internet Computing.

[9]  Katalin Tarnay,et al.  Testing of Communicating Systems , 1999, IFIP — The International Federation for Information Processing.

[10]  Ramesh Viswanathan,et al.  Passive mid-stream monitoring of real-time properties , 2005, EMSOFT.

[11]  Ana R. Cavalli,et al.  A passive testing approach based on invariants: application to the WAP , 2005, Comput. Networks.

[12]  Jianping Wu,et al.  From Active to Passive: Progress in Testing of Internet Routing Protocols , 2001 .

[13]  R. E. Miller,et al.  Passive testing of networks using a CFSM specification , 1998, 1998 IEEE International Performance, Computing and Communications Conference. Proceedings (Cat. No.98CH36191).

[14]  Zhi Xu,et al.  An EFSM-Based Passive Fault Detection Approach , 2007, TestCom/FATES.

[15]  David Lee,et al.  A formal approach for passive testing of protocol data portions , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[16]  Khaled A. Arisha,et al.  On Fault Identification in Networks Using a CFSM Model by Passive Testing , 2001 .

[17]  Alexandre Petrenko,et al.  Testing of Software and Communicating Systems , 2007, Lecture Notes in Computer Science.

[18]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.