Ontology/Data Engineering Based Distributed Simulation Over Service Oriented Architecture For Network Behavior Analysis

Persistent Link:
http://hdl.handle.net/10150/193678
Title:
Ontology/Data Engineering Based Distributed Simulation Over Service Oriented Architecture For Network Behavior Analysis
Author:
Kim, Taekyu
Issue Date:
2008
Publisher:
The University of Arizona.
Rights:
Copyright © is held by the author. Digital access to this material is made possible by the University Libraries, University of Arizona. Further transmission, reproduction or presentation (such as public display or performance) of protected items is prohibited except with permission of the author.
Abstract:
As network uses increase rapidly and high quality-of-service (QoS) is required, efficient network managing methods become important. Many previous studies and commercial tools of network management systems such as tcpdump, Ethereal, and other applications have weaknesses: limited size of files, command line execution, and large memory and huge computational power requirement. Researchers struggle to find fast and effective analyzing methods to save maintenance budgets and recover from systematic problems caused by the rapid increment of network traffic or intrusions. The main objective of this study is to propose an approach to deal with a large amount of network behaviors being quickly and efficiently analyzed. We study an ontology/data engineering methodology based network analysis system. We design a behavior, which represents network traffic activity and network packet information such as IP addresses, protocols, and packet length, based on the System Entity Structure (SES) methodology. A significant characteristic of SES, a hierarchical tree structure, enables systems to access network packet information quickly and efficiently. Also, presenting an automated system design is the secondary purpose of this study. Our approach shows adaptive awareness of pragmatic frames (contexts) and makes a network traffic analysis system with high throughput and a fast response time that is ready to respond to user applications. We build models and run simulations to evaluate specific purposes, i.e., analyzing network protocols use, evaluating network throughput, and examining intrusion detection algorithms, based on Discrete Event System Specification (DEVS) formalism. To study speed up, we apply a web-based distributed simulation methodology. DEVS/Service Oriented Architecture (DEVS/SOA) facilitates deploying workloads into multi-servers and consequently increasing overall system performance. In addition to the scalability limitations, both tcpdump and Ethereal have a security issue. As well as basic network traffic information, captured files by these tools contain secure information: user identification numbers and passwords. Therefore, captured files should not allow to be leaked out. However, network analyses need to be performed outside target networks in some cases. The distributed simulation--allocating distributing models inside networks and assigning analyzing models outside networks--also allows analysis of network behaviors out of networks while keeping important information secured.
Type:
text; Electronic Dissertation
Keywords:
Ontology; SOA; SES; DEVS; Network; IDS
Degree Name:
PhD
Degree Level:
doctoral
Degree Program:
Electrical & Computer Engineering; Graduate College
Degree Grantor:
University of Arizona
Advisor:
Zeigler, Bernard P
Committee Chair:
Zeigler, Bernard P

Full metadata record

DC FieldValue Language
dc.language.isoENen_US
dc.titleOntology/Data Engineering Based Distributed Simulation Over Service Oriented Architecture For Network Behavior Analysisen_US
dc.creatorKim, Taekyuen_US
dc.contributor.authorKim, Taekyuen_US
dc.date.issued2008en_US
dc.publisherThe University of Arizona.en_US
dc.rightsCopyright © is held by the author. Digital access to this material is made possible by the University Libraries, University of Arizona. Further transmission, reproduction or presentation (such as public display or performance) of protected items is prohibited except with permission of the author.en_US
dc.description.abstractAs network uses increase rapidly and high quality-of-service (QoS) is required, efficient network managing methods become important. Many previous studies and commercial tools of network management systems such as tcpdump, Ethereal, and other applications have weaknesses: limited size of files, command line execution, and large memory and huge computational power requirement. Researchers struggle to find fast and effective analyzing methods to save maintenance budgets and recover from systematic problems caused by the rapid increment of network traffic or intrusions. The main objective of this study is to propose an approach to deal with a large amount of network behaviors being quickly and efficiently analyzed. We study an ontology/data engineering methodology based network analysis system. We design a behavior, which represents network traffic activity and network packet information such as IP addresses, protocols, and packet length, based on the System Entity Structure (SES) methodology. A significant characteristic of SES, a hierarchical tree structure, enables systems to access network packet information quickly and efficiently. Also, presenting an automated system design is the secondary purpose of this study. Our approach shows adaptive awareness of pragmatic frames (contexts) and makes a network traffic analysis system with high throughput and a fast response time that is ready to respond to user applications. We build models and run simulations to evaluate specific purposes, i.e., analyzing network protocols use, evaluating network throughput, and examining intrusion detection algorithms, based on Discrete Event System Specification (DEVS) formalism. To study speed up, we apply a web-based distributed simulation methodology. DEVS/Service Oriented Architecture (DEVS/SOA) facilitates deploying workloads into multi-servers and consequently increasing overall system performance. In addition to the scalability limitations, both tcpdump and Ethereal have a security issue. As well as basic network traffic information, captured files by these tools contain secure information: user identification numbers and passwords. Therefore, captured files should not allow to be leaked out. However, network analyses need to be performed outside target networks in some cases. The distributed simulation--allocating distributing models inside networks and assigning analyzing models outside networks--also allows analysis of network behaviors out of networks while keeping important information secured.en_US
dc.typetexten_US
dc.typeElectronic Dissertationen_US
dc.subjectOntologyen_US
dc.subjectSOAen_US
dc.subjectSESen_US
dc.subjectDEVSen_US
dc.subjectNetworken_US
dc.subjectIDSen_US
thesis.degree.namePhDen_US
thesis.degree.leveldoctoralen_US
thesis.degree.disciplineElectrical & Computer Engineeringen_US
thesis.degree.disciplineGraduate Collegeen_US
thesis.degree.grantorUniversity of Arizonaen_US
dc.contributor.advisorZeigler, Bernard Pen_US
dc.contributor.chairZeigler, Bernard Pen_US
dc.contributor.committeememberZeigler, Bernard P.en_US
dc.contributor.committeememberHariri, Salimen_US
dc.contributor.committeememberLysecky, Romanen_US
dc.identifier.proquest2610en_US
dc.identifier.oclc659748534en_US
All Items in UA Campus Repository are protected by copyright, with all rights reserved, unless otherwise indicated.