Monitoring Hot-IPs in high speed networks

Network monitoring system is an important task for network administrator to monitor states of the operation of network devices, servers, network services, or network traffics. This task is often solved by setting-up a monitoring server and implement agents at monitored objects. This paper presents a solution to monitor Hot-IPs in high speed network at ISP side. It does not need to specify which objects should be monitored and also does not need to establish connections between the network monitoring system and these monitored servers or setup agents in these servers. This solution can be applied at ISP networks to reduce some risks on Internet network and early alert to customers. In proposed solution, Hot-IPs will be fast detected using Non-adaptive group testing and then transfer to monitor mode. At this mode, Hot-IPs are monitored to determine what is a risk and what is not.

[1]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[2]  Rihards Olups,et al.  Zabbix 1.8 Network Monitoring , 2010 .

[3]  Tan Hanh,et al.  FAST DETECTION OF DDOS ATTACKS USING NON -ADAPTIVE GROUP TESTING , 2013 .

[4]  R. Dorfman The Detection of Defective Members of Large Populations , 1943 .

[5]  D. Du,et al.  Combinatorial Group Testing and Its Applications , 1993 .

[6]  Graham Cormode,et al.  What's hot and what's not: tracking most frequent items dynamically , 2003, TODS.

[7]  Tan Hanh,et al.  Early detection and limitation Hot-IPs using Non-Adaptive Group Testing and dynamic firewall rules , 2014, 2014 International Conference on Computing, Management and Telecommunications (ComManTel).

[8]  Richard C. Singleton,et al.  Nonrandom binary superimposed codes , 1964, IEEE Trans. Inf. Theory.

[9]  Ding-Zhu Du,et al.  A survey on combinatorial group testing algorithms with applications to DNA Library Screening , 1999, Discrete Mathematical Problems with Medical Applications.

[10]  G. David Forney,et al.  Concatenated codes , 2009, Scholarpedia.

[11]  Wojciech Kocjan Learning Nagios 3.0 , 2008 .

[12]  Atri Rudra,et al.  Efficiently decodable non-adaptive group testing , 2010, SODA '10.

[13]  Marios Hadjieleftheriou,et al.  Finding the frequent items in streams of data , 2009, CACM.

[14]  S. M. Ibrahim Lavlu,et al.  Cacti 0.8 Network Monitoring , 2009 .

[15]  Thach V. Bui,et al.  Early detection for networking anomalies using non-adaptive group testing , 2013, 2013 International Conference on ICT Convergence (ICTC).