Paredes-Oliva I.,Polytechnic University of Catalonia |
Dimitropoulos X.,ETH Zurich |
Molina M.,DANTE |
Barlet-Ros P.,Polytechnic University of Catalonia |
Brauckhoff D.,ETH Zurich
SIGCOMM'10 - Proceedings of the SIGCOMM 2010 Conference | Year: 2010
Finding the root-cause of a network security anomaly is essential for network operators. In our recent work, we introduced a generic technique that uses frequent itemset mining to automatically extract and summarize the traffic flows causing an anomaly. Our evaluation using two different anomaly detectors (including a commercial one) showed that our approach works surprisingly well extracting the anomalous flows in most studied cases using sampled and unsampled NetFlow traces from two networks. In this demonstration, we will showcase an open-source anomaly-extraction system based on our technique, which we integrated with a commercial anomaly detector and use in the NOC of the GÉANT network since late 2009. We will report a number of detected security anomalies and will illustrate how an operator can use our system to automatically extract and summarize anomalous flows.
DRCN 2014 - Proceedings, 10th International Conference on Design of Reliable Communication Networks | Year: 2014
This paper considers the importance of Network Operations in ensuring network reliability and resilience. It analyses the structures of Network Operations and explains how, in addition to resolving faults, excellence in Network Operations contributes to, improved performance, greater security and long-term maintenance of network reliability. © 2014 IEEE.
Yu H.,Technical University of Denmark |
Liu F.,Bavarian Academy of science and Humanities |
Naegele-Jackson S.,University of Ulm |
Coulouarn T.,Technical University of Denmark |
And 4 more authors.
IEEE Communications Magazine | Year: 2014
Global research collaborations today require reliable and secure dedicated network connections to facilitate data communications between collaborating partners. To deal with the deluge of data, dedicated connections are needed to transport data in a highly efficient manner. Managing such links, which often cross multiple administrative domains with heterogeneous infrastructure, poses many compelling research challenges, one of which is interdomain network monitoring. In this article, a multidomain circuit monitoring system, CMon, is introduced. Using some services of GÉANT perfSONAR MDM, CMon is able to provide end-to-end circuit monitoring services with great flexibility, extensibility, and vendor independence, regardless of the underlying circuit provisioning systems. The architecture of CMon, by using measurement federations, can adapt to either changes in the circuit provisioning system or expansion of network size. © 2014 IEEE.
Cullen J.,University of Manchester |
Hughes-Jones R.,DANTE |
Spencer R.,University of Manchester
2012 IEEE 8th International Conference on E-Science, e-Science 2012 | Year: 2012
We describe our experiences in creating multigigabit links using the GÉANT Bandwidth on Demand (BoD) Client Portal and report measurement and analysis of the performance of connections using both FPGA and PC based network testing tools. This research was performed as part of a work package for the EC funded NEXPReS project. ©2012 IEEE.
Journal of Physics: Conference Series | Year: 2012
The Large Hadron Collider (LHC) is currently running at CERN in Geneva, Switzerland. Physicists are using LHC to recreate the conditions just after the Big Bang, by colliding two beams of particles and heavy ions head-on at very high energy. The project is generating more than 15 TB of raw data per year, plus 10 TB of "event summary data". This data is sent out from CERN to eleven Tier 1 research centres in Europe, Asia, and North America using a multi-gigabits Optical Private Network (OPN), the LHCOPN. Tier 1 sites are then connected to 100+ academic and research institutions in the world (the Tier 2s) through a Multipoint to Multipoint network, the LHC Open Network Environment (LHCONE). Network monitoring on such complex network architecture to ensure robust and reliable operation is of crucial importance. The chosen approach for monitoring the OPN and ONE is based on the perfSONAR framework, which is designed for multi-domain monitoring environments. perfSONAR (www.perfsonar.net) is an infrastructure for performance monitoring data exchange between networks, making it easier to solve performance problems occurring between network measurement points interconnected through several network domains.