• español
    • English
  • Login
  • English 
    • español
    • English

UniversidaddeCádiz

Área de Biblioteca, Archivo y Publicaciones
Communities and Collections
View Item 
  •   RODIN Home
  • Producción Científica
  • Tesis
  • View Item
  •   RODIN Home
  • Producción Científica
  • Tesis
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Event-driven Principles and Complex Event Processing for Self-adaptive Network Analysis and Surveillance Systems

Thumbnail
Identificadores

URI: http://hdl.handle.net/10498/17858

Files
Tesis Doctoral (3.873Mb)
Presentación de Tesis Doctoral (1.253Mb)
Book Cover Outside Tesis Doctoral (3.532Mb)
Book Cover Inside Tesis Doctoral (211.6Kb)
Statistics
View statistics
Share
Export
Export reference to MendeleyRefworksEndNoteBibTexRIS
Metadata
Show full item record
Author/s
Gad, Ruediger
Date
2015-11-04
Advisor
Medina Bulo, María InmaculadaAuthority UCA; Kappes, Martin
Department
Ingeniería Informática
Abstract
Event-driven approaches and Complex Event Processing (CEP) have the potential to aid in tackling the complex requirements and challenges of monitoring contemporary computer networks. The applicability of such methods, however, depends on, e.g., architectural considerations, data processing performance, or usability. In this thesis, we study the applicability of event-driven principles and CEP for analyzing and surveying computer networks and present ways for improving the applicability of these paradigms. The main contributions that are presented and discussed in this thesis are: an analysis of important properties of network analysis and surveillance, the introduction of a corresponding Event-driven Architecture (EDA) for addressing these requirements, the empirical evaluation of the proposed EDA using a prototype implementation, the development of cooperative and self-adaptive methods for addressing performance and usability issues, and the development of techniques for improving the integration of components implemented in different languages in event-driven systems. Assuring and maintaining the proper operation of computer networks is as crucial as assuring the proper operation of the Information Technology (IT) systems they connect. However, collecting and analyzing information about computer networks, which is required for assuring their proper operation, is increasingly challenging because of, e.g., the growing logical and spatial extent of computer networks, accelerated changes in computer network structures and network traffic, or near real-time requirements. Furthermore, a wide variety of methods for network analysis and surveillance exists and for acquiring comprehensive information at optimal resource requirements these various methods have to be combined with a converging approach. Based on the results of an analysis of important properties and requirements for network analysis and surveillance, we propose an approach which leverages event-driven paradigms such as EDA and CEP for addressing the complex mix of requirements in this field and for enabling convergence of the various existing methods. We evaluate our proposed approach with a case study and performance benchmarks using a prototype. Our results show that our approach is a good fit for addressing the complex mix of requirements and that it is feasible from a performance perspective. In contrast to other related recent research, which is limited to specific use cases, we propose a generic and versatile event-driven approach for universal network analysis and surveillance. Moreover, we present techniques for further improving network analysis and surveillance. While our general approach already constitutes an important improvement, we also propose and investigate further innovations. Based on the evaluation of our approach, we consider distributed operation, usability, performance in distributed deployments and of sensors, integration of data sources, and the interoperation of implementations in different programming languages in event-driven systems as most important aspects for further improvement. For improving the operation, usability, and performance in distributed contexts, we develop an approach for cooperative and self-adaptive data acquisition using the example of packet capturing. In order to research ways for advancing the operation of sensors and integration of data sources, we use the example of packet capturing with the Java Virtual Machine (JVM), for which we develop and analyze various improvements at various abstraction levels such as data extraction via a Domain Specific Language (DSL) or self-adaptive adjustments based on performance constraints. Even though packet capturing with the JVM was already employed in other research, these studies only consider the overall systems such that neither the specific implications of JVM-based packet capturing nor methods for improving the performance in this scenario were discussed in detail yet. Furthermore, we analyze the impact of programming language barriers in event-driven systems and present a batch-based approach for increasing the data exchange throughput. In conclusion, we improve the state-of-the-art of network analysis and surveillance. Our work aims on taking the next step towards holistic network analysis and surveillance by addressing distribution, convergence, usability, and performance aspects. We demonstrate the benefits and evaluate the applicability of event-driven data processing paradigms and show how self-adaptivity and cooperation can further improve the capabilities.
Subjects
Computer Networks; Network Monitoring; Network Analysis and Surveillance; Event-driven Architecture; Complex Event Processing; Self-adaptive; Network Traffic; Distributed Systems
Collections
  • Tesis [336]
  • Tesis Ing. Inf. [17]
Atribución-CompartirIgual 4.0 Internacional
This work is under a Creative Commons License Atribución-CompartirIgual 4.0 Internacional

Related items

Showing items related by title, author, creator and subject.

  • A Wearable Fall Detection System Based on Body Area Networks 

    La Blunda, Luigi; Gutiérrez Madroñal, LorenaAuthority UCA; Wagner, Matthias F.; Medina Bulo, María InmaculadaAuthority UCA (IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC,, 2020)
  • Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches 

    Magán-Carrión, Roberto; Urda, Daniel; Díaz-Cano, Ignacio; Dorronsoro Díaz, BernabéAuthority UCA (MDPI, 2020-03)
  • Multivariate Statistical Network Monitoring-Sensor: An effective tool for real-time monitoring and anomaly detection in complex networks and systems 

    Magán Carrión, Roberto; Camacho, José; Maciá Fernández, Gabriel; Ruiz Zafra, ÁngelAuthority UCA (SAGE PUBLICATIONS INC, 2020-05)

Browse

All of RODINCommunities and CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

My Account

LoginRegister

Statistics

View Usage Statistics

Información adicional

AboutDeposit in RODINPoliciesGuidelinesRightsLinksStatisticsNewsFrequently Asked Questions

RODIN is available through

OpenAIREOAIsterRecolectaHispanaEuropeanaBaseDARTOATDGoogle Academic

Related links

Sherpa/RomeoDulcineaROAROpenDOARCreative CommonsORCID

RODIN está gestionado por el Área de Biblioteca, Archivo y Publicaciones de la Universidad de Cádiz

Contact informationSuggestionsUser Support