Showing papers on "Network management published in 2005"

Methods and systems for use in network management of content

Abstract: The present embodiments provide methods, systems and apparatuses for use in managing content on at least a local network. Some embodiments provide a method for use in managing content that detects there is a change to content on a local network, determines whether the change is additional content on a first client device, determines whether the additional content can be identified, determines whether there is a predictive distribution scheme when the additional content is identified, distributes the additional content over the local network according the predictive distribution scheme when a predictive distribution scheme applies to the additional content, determines whether a new predictive distribution scheme can be defined when a predictive distribution scheme does not apply to the additional content, and saving the new predictive distribution scheme when a new predictive scheme can be defined.

A clean slate 4D approach to network control and management

Abstract: Today's data networks are surprisingly fragile and difficult to manage. We argue that the root of these problems lies in the complexity of the control and management planes--the software and protocols coordinating network elements--and particularly the way the decision logic and the distributed-systems issues are inexorably intertwined. We advocate a complete refactoring of the functionality and propose three key principles--network-level objectives, network-wide views, and direct control--that we believe should underlie a new architecture. Following these principles, we identify an extreme design point that we call "4D," after the architecture's four planes: decision, dissemination, discovery, and data. The 4D architecture completely separates an AS's decision logic from pro-tocols that govern the interaction among network elements. The AS-level objectives are specified in the decision plane, and en-forced through direct configuration of the state that drives how the data plane forwards packets. In the 4D architecture, the routers and switches simply forward packets at the behest of the decision plane, and collect measurement data to aid the decision plane in controlling the network. Although 4D would involve substantial changes to today's control and management planes, the format of data packets does not need to change; this eases the deployment path for the 4D architecture, while still enabling substantial innovation in network control and management. We hope that exploring an extreme design point will help focus the attention of the research and industrial communities on this crucially important and intellectually challenging area.

Overview of the ORBIT radio grid testbed for evaluation of next-generation wireless network protocols

Abstract: This paper presents an overview of the ORBIT (open access research testbed for next-generation wireless networks) radio grid testbed, that is currently being developed for scalable and reproducible evaluation of next-generation wireless network protocols. The ORBIT testbed consists of an indoor radio grid emulator for controlled experimentation and an outdoor field trial network for end-user evaluations in real-world settings. The radio grid system architecture is described in further detail, including an identification of key hardware and software components. Software design considerations are discussed for the open-access radio node, and for the system-level controller that handles management and control. The process of specifying and running experiments on the ORBIT testbed is explained using simple examples. Experimental scripts and sample results are also provided.

Automated traffic classification and application identification using machine learning

Abstract: The dynamic classification and identification of network applications responsible for network traffic flows offers substantial benefits to a number of key areas in IP network engineering, management and surveillance. Currently such classifications rely on selected packet header fields (e.g. port numbers) or application layer protocol decoding. These methods have a number of shortfalls e.g. many applications can use unpredictable port numbers and protocol decoding requires a high amount of computing resources or is simply infeasible in case protocols are unknown or encrypted. We propose a novel method for traffic classification and application identification using an unsupervised machine learning technique. Flows are automatically classified based on statistical flow characteristics. We evaluate the efficiency of our approach using data from several traffic traces collected at different locations of the Internet. We use feature selection to find an optimal feature set and determine the influence of different features

Self configuring network management system

Abstract: Systems, software, and methods for managing networks of connected electronic devices are described. In one example, network management policy and network management applications are downloaded automatically upon detection and identification of a new device on the network. In another example, information related to at least one aspect of the network is obtained by a network management device, and at least one applicable management policy is identified by the device; and the identified policy is used to manage at least one aspect of the network's operation.

System and method of characterizing and managing electronic traffic

Abstract: A system and method for monitoring and dynamically managing all user traffic at point of log-in and throughout a user's network experience. Rules may be enforced based on observed traffic of users at and after log-in and up until log off. The system automatically detects network traffic and dynamically responds to potential attacks with extremely high speed and efficiency. Rich Traffic Analysis (RTA) offers greater network traffic characterization accuracy, detection speed, network management options and intrusion prevention capabilities. The system has ability to view all network traffic in the full context of users, applications, data and system access which offers strong, verifiable and accurate protection of networked assets. The system employs several traffic sensor devices communicating with a central manager device ena~ ing the high-speed characterization of each network packets traversing the network. This provides a more solid basis for legitimately taking action and enforcing rules on the observed traffic.

Dynamic syslog mining for network failure monitoring

Abstract: Syslog monitoring technologies have recently received vast attentions in the areas of network management and network monitoring They are used to address a wide range of important issues including network failure symptom detection and event correlation discovery Syslogs are intrinsically dynamic in the sense that they form a time series and that their behavior may change over time This paper proposes a new methodology of dynamic syslog mining in order to detect failure symptoms with higher confidence and to discover sequential alarm patterns among computer devices The key ideas of dynamic syslog mining are 1) to represent syslog behavior using a mixture of Hidden Markov Models, 2) to adaptively learn the model using an on-line discounting learning algorithm in combination with dynamic selection of the optimal number of mixture components, and 3) to give anomaly scores using universal test statistics with a dynamically optimized threshold Using real syslog data we demonstrate the validity of our methodology in the scenarios of failure symptom detection, emerging pattern identification, and correlation discovery

Radio Frequency Identification (RFID) Network System and Method

Abstract: A bidirectional radio frequency identification (RFID) network system and method are presented. The system allows users to configure, monitor, and manage different sensor devices by using a graphical user interface real-time. The reconfiguration is done through a network management computer at the top system level that receives user input, generates code images according to the user input, and appropriately routes the code images to sensor routers that directly control the sensors. If the system is multi-layered, some code images are also sent to the intermediate-level network management computers. The system allows users to not only monitor a business flow but react to problematic situations quickly by adjusting the workflow. The aspect-oriented nature of the system allows users to reconfigure the system based only the Functionality aspects without worrying about the Partitioning aspects (e.g., how the network and the sensors are physically connected).

MiNT: a miniaturized network testbed for mobile wireless research

Abstract: Most mobile wireless networking research today relies on simulations. However, fidelity of simulation results has always been a concern, especially when the protocols being studied are affected by the propagation and interference characteristics of the radio channels. Inherent difficulty in faithfully modeling the wireless channel characteristics has encouraged several researchers to build wireless network testbeds. A full-fledged wireless testbed is spread over a large physical space because of the wide coverage area of radio signals. This makes a large-scale testbed difficult and expensive to set up, configure, and manage. This paper describes a miniaturized 802.11b-based, multi-hop wireless network testbed called MiNT. MiNT occupies a significantly small space, and dramatically reduces the efforts required in setting up a multi-hop wireless network used for wireless application/protocol testing and evaluation. MiNT is also a hybrid simulation platform that can execute ns-2 simulation scripts with the link, MAC and physical layer in the simulator replaced by real hardware. We demonstrate the fidelity of MiNT by comparing experimental results on it with similar experiments conducted on a non-miniaturized testbed. We also compare the results of experiments conducted using hybrid simulation on MiNT with those obtained using pure simulation. Finally, using a case study we show the usefulness of MiNT in wireless application testing and evaluation.

Ontology mapping for the interoperability problem in network management

Abstract: Interoperability between different network management domains, heterogeneous devices, and various management systems is one of the main requirements for managing complex enterprise services. While substantial advances have been made in low-level device and data interoperability using common data formats and specifications such as simple network management protocol's (SNMP's) SMI and TMF's SID, various interoperability issues including semantic interoperability offer interesting research challenges. While semantic interoperability is a difficult problem in its own right, the semantic web that incorporates intelligent agents necessitates an interoperability solution requiring agents to communicate unambiguously and reason intelligently to perform cooperative management tasks. Agents need a formal representation of knowledge; an ontology is capable of modeling the rich semantics of the managed environment (and especially, relationships between managed entities) so that agents can act on them. This paper presents an ontology-driven approach for solving the semantic interoperability problem in the management of enterprise services, illustrated here with a router configuration management application.

Spatial-temporal modeling of malware propagation in networks

Abstract: Network security is an important task of network management. One threat to network security is malware (malicious software) propagation. One type of malware is called topological scanning that spreads based on topology information. The focus of this work is on modeling the spread of topological malwares, which is important for understanding their potential damages, and for developing countermeasures to protect the network infrastructure. Our model is motivated by probabilistic graphs, which have been widely investigated in machine learning. We first use a graphical representation to abstract the propagation of malwares that employ different scanning methods. We then use a spatial-temporal random process to describe the statistical dependence of malware propagation in arbitrary topologies. As the spatial dependence is particularly difficult to characterize, the problem becomes how to use simple (i.e., biased) models to approximate the spatially dependent process. In particular, we propose the independent model and the Markov model as simple approximations. We conduct both theoretical analysis and extensive simulations on large networks using both real measurements and synthesized topologies to test the performance of the proposed models. Our results show that the independent model can capture temporal dependence and detailed topology information and, thus, outperforms the previous models, whereas the Markov model incorporates a certain spatial dependence and, thus, achieves a greater accuracy in characterizing both transient and equilibrium behaviors of malware propagation.

System and method for proxying network management protocol commands to enable cluster wide management of data backups

Abstract: A system and method enables cluster-wide management of backup operations issued by one or more backup managers to nodes of a cluster using a network management protocol, such as NDMP. An NDMP daemon executing on each node is extended to include a processing module and a backup module. The processing module interfaces with a backup manager to interpret the backup operation and, if necessary, forward (proxy) that operation to another NDMP daemon on another node of the cluster for processing in accordance with cluster's unified namespace.

A method and a system relating to network management

Abstract: The present invention relates to a method for network management comprising configuration of control protocols between network elements in a network represented through a current, static, network element object model comprising a number of managed objects with attributes and instances and representing resources. It comprises the steps of : transforming the current network element object model to a machine readable and executable formal network element object model; identifying configuration tasks needed for the configuration of the relevant control protocols; modelling a formal configuration task model using information about the configuration tasks and the formal network element object model; building a formal configuration workflow model using the formal network element object model and the formal configuration task model, said formal configuration workflow model defining the relationships between different configuration tasks required for performing or completing a number of given actions or to achieve a number of given goals.

Self-Learning IP traffic classification based on statistical flow characteristics

Abstract: A number of key areas in IP network engineering, management and surveillance greatly benefit from the ability to dynamically identify traffic flows according to the applications responsible for their creation. Currently such classifications rely on selected packet header fields (e.g. destination port) or application layer protocol decoding. These methods have a number of shortfalls e.g. many applications can use unpredictable port numbers and protocol decoding requires high resource usage or is simply infeasible in case protocols are unknown or encrypted. We propose a framework for application classification using an unsupervised machine learning (ML) technique. Flows are automatically classified based on their statistical characteristics. We also propose a systematic approach to identify an optimal set of flow attributes to use and evaluate the effectiveness of our approach using captured traffic traces.

Method and apparatus for determining and managing congestion in a wireless communications system

Abstract: An improved method of network management, particularly in the context of standards IEEE802.11 and IEEE802.11k, through two new MAC measurements, with attendant advantages. The two new measurements include WTRU uplink traffic loading measurement, and an AP service loading measurement and is generally applicable at least to layers 1 and 2 as applied to a least 802.11k in the context of OFDM and CDMA 2000 systems, but is applicable to other scenarios as well. A Method for determining and advertising congestion is also provided for a Wireless Local Area Network (WLAN) system. The present invention also introduces a method for managing congestion when congestion is detected. This aspect of the present invention applies primarily to wireless systems that use the Carrier Sense Multiple Access/ Collision Avoidance (CSMA/CA) mechanism. The methods are advantageously implemented in selectively configured WTRUs of various forms.

Method and apparatus for locating rogue access point switch ports in a wireless network related patent applications

Abstract: Methods and apparatus are disclosed for locating and disabling the switch port of a rogue wireless access point. In one embodiment, a network management device is configured to detect the presence of a rogue access point on a managed wireless network. Once detected, the management device may then instruct a special client, such as a scanning AP, to associate with the rogue access point and send a discovery packet through the rogue access point to network management device. The network management device upon receiving the discovery packet may thereby determine that the rogue access point is connected to a network managed by said network device. The network device may then utilize information contained in the discovery packet to locate the switch port to which the rogue access point is connected, and ultimately disable the switch port to which the rogue access point is connected.

Systems and methods for network management

Abstract: An network management system (NMS) architecture is disclosed that takes advantage of intelligence capable network devices for network monitoring and control. NMS functions may be distributed where possible to intelligent devices where local storage and processing may be performed. Local collection and processing of monitoring information may reduce NMS-related network traffic, permit continuing local control and operation during times of network communication disruption with the central NMS, and permit greater reliability in data collection and execution of network functions such as the enforcement of security policy at the respective intelligent devices.

WinRFID: A Middleware for the Enablement of Radiofrequency Identification (RFID)Based Applications

Abstract: Radio Frequency Identification (RFID) middleware is a new class of software which facilitates data and information communication between automatic identification physical layer and enterprise applications. It provides a distributed environment to process the data from tags read by the readers, translates the data where necessary, and routes it to a variety of backend applications using suitable technologies such as Web, Remote and Windows Services. This paper reports different challenges and the corresponding research approach in developing a RFID middleware to provide a seamless environment from the edge of the enterprise network; moving data from the point of transaction to the enterprise systems. Key features of the RFID middleware architecture are encapsulation of communication details, large-scale network management, intelligent data processing and routing, hardware and software interoperability, system integration and system extendibility. To deal with high volume data, WinRFID middleware is supported by novel algorithms and data representation schemes capable of processing large amounts of data, rectifying errors in real-time, identifying patterns, correlating events, reorganizing and scrubbing data and recovering from faults and exceptions. Interoperability involves simultaneous distributed working of receivers/readers and transponders/tags at different frequencies using different protocols, with read/write capabilities, different read rates, and other characteristics as a layer transparent to the applications. Network management involves deployment, initialization and control of receivers and transponders, which can be organized into a hierarchical structure with operational syntax and semantics attached to each or a group of receivers, transponders and concentrators or even the edge computers.

System and method for consolidating, securing and automating out-of-band access to nodes in a data network

Abstract: A system and method for out-of-band network management (28) is provided wherein one or more different management interfaces (30) are converted into a common format management. The system may encrypt the common format management data. The system may also authenticate each user (22) that attempts to access the management interfaces (30).

Efficient fault-diagnosis algorithms for all-optical WDM networks with probabilistic link failures

Abstract: This paper investigates the fault-diagnosis problem for all-optical wavelength-division-multiplexing (WDM) networks. A family of failure-localization algorithms that exploit the unique properties of all-optical networks is proposed. Optical probe signals are sequentially sent along a set of designed lightpaths, and the network state is inferred from the result of this set of end-to-end measurements. The design objective is to minimize the diagnosis effort (e.g., the average number of probes) to locate failures. By establishing a mathematical equivalence between the fault-diagnosis problem and the source-coding problem in information theory, we obtain a tight lower bound for the minimum average number of probes per edge (of the network modeled as a graph) as H/sub b/(p), the entropy of the individual edges. Using the rich set of results from coding theory to solve the fault-diagnosis problem, it is shown that the "2/sup m/-splitting" probing scheme is optimum for the special case of single failure over a linear network. A class of near-optimum run-length probing schemes that have low computation complexity is then developed. Analytical and numerical results suggest that the average number of probes per edge for the run-length probing scheme is uniformly bounded above by (1+/spl epsiv/)H/sub b/(p) and converges to the entropy lower bound as the failure probability decreases. From an information-theoretic perspective, it is shown that the run-length probing scheme outperforms the greedy probing scheme of the same computational complexity. The investigation reveals a guideline for efficient fault-diagnosis schemes: Each probe should provide approximately 1 bit of information, and the total number of probes required is approximately equal to the entropy of the state of the network. This result provides an insightful guideline to reduce the overhead cost of fault management for all-optical networks and can further the understanding of the relationship between information entropy and network management. Several practical issues are also addressed in the implementation of run-length probing schemes over all-optical WDM networks.

Method and apparatus for steering idle mobile stations

Abstract: Idle mobile stations are steered to a particular cell or service area to accommodate subscriber preferences or restrictions, subscription services, or network operator preferences or restrictions and/or to accomplish load redistribution or other network management functions. Multiple idle mobile station steering factors are considered. Steering may be accomplished using a variety of techniques such as rejecting registration attempts in certain cells and accepting those attempts in others and adjusting cell broadcast parameters.

Energy-Efficient connected coverage of discrete targets in wireless sensor networks

Abstract: A major concern in wireless sensor networks is to maximize network lifetime (in terms of rounds) while maintaining a high quality of services (QoS) at each round such as target coverage and network connectivity. Due to the power scarcity of sensors, a mechanism that can efficiently utilize energy has a great impact on extending network lifetime. Most existing works concentrate on scheduling sensors between sleep and active modes to maximize network lifetime while maintaining target/area coverage and network connectivity. This paper generalizes the sleep/active mode by adjusting sensing range to maximize total number of rounds and presents a distributed heuristic to address this problem.

Management Tenure and Network Time: How Experience Affects Bureaucratic Dynamics

Abstract: Meier and O’Toole have developed an empirical model that allows scholars to test for the impact of managers on a system and its outputs. In this article I attempt to add to management theory and analysis by examining the impact of time in the system and management tenure. I use ordinary least squares to replicate and expand upon Meier and O’Toole’s results, using school superintendent survey responses along with outcome measures from school districts in Texas. The most interesting results suggest that (1) networking has a much larger impact when one controls for experience with the system; (2) experience with the system has independent effects on outcomes; (3) management tenure interacts with networking, resulting in greater outcomes; and (4) new managers may find alternative (possibly deceitful) ways of affecting outcomes other than working their networks. The public management field is in the midst of a theoretical and empirical upheaval concerning the role played by networks in the delivery of public services. The rise of public/private cooperation in the public sphere has cast doubt on the picture of the modern bureaucracy as a hierarchical system of inefficiency. I continue the process of examining management effects through public/private networks by exploring the frequently discussed but infrequently tested idea of time within a network. Much of the management literature treats networking as a one-shot phenomenon, ignoring ‘‘managerial experience’’ differences across organizations, but this study treats the relationships formed over time as a critical element of network management success. The article is fairly straightforward in that it adds a number of new components to a previously developed model of management, to look separately at ‘‘new’’ and ‘‘established’’ managers in their respective networks. There are two overriding themes: First, what effects do new managers have in their networks? Do they find it easy to operate, or do they need time to develop relationships and build trust? The converse is asked about established managers: Do they make outcome production inefficient because they are

Statistical analysis of network traffic for adaptive faults detection

Abstract: This paper addresses the problem of normal operation baselining for automatic detection of network anomalies. A model of network traffic is presented in which studied variables are viewed as sampled from a finite mixture model. Based on the stochastic approximation of the maximum likelihood function, we propose baselining network normal operation, using the asymptotic distribution of the difference between successive estimates of model parameters. The baseline random variable is shown to be stationary, with mean zero under normal operation. Anomalous events are shown to induce an abrupt jump in the mean. Detection is formulated as an online change point problem, where the task is to process the baseline random variable realizations, sequentially, and raise alarms as soon as anomalies occur. An analytical expression of false alarm rate allows us to choose the design threshold, automatically. Extensive experimental results on a real network showed that our monitoring agent is able to detect unusual changes in the characteristics of network traffic, adapt to diurnal traffic patterns, while maintaining a low alarm rate. Despite large fluctuations in network traffic, this work proves that tailoring traffic modeling to specific goals can be efficiently achieved.

Network configuration management via model finding

Abstract: Complex, end-to-end network services are set up via the configuration method: each component has a finite number of configuration parameters each of which is set to a definite value. End-to-end network service requirements can be on connectivity, security, performance and fault-tolerance. However, there is a large conceptual gap between end-to-end requirements and detailed component configurations. To bridge this gap, a number of subsidiary requirements are created that constrain, for example, the protocols to be used, and the logical structures and associated policies to be set up at different protocol layers. By performing different types of reasoning with these requirements, different configuration tasks are accomplished. These include configuration synthesis, configuration error diagnosis, configuration error fixing, reconfiguration as requirements or components are added and deleted, and requirement verification. However, such reasoning is currently ad hoc. Network requirements are not even precisely specified hence automation of reasoning is impossible. This is a major reason for the high cost of network management and total cost of ownership. This paper shows how to formalize and automate such reasoning using a new logical system called Alloy. Alloy is based on the concept of model finding. Given a first-order logic formula and a domain of interpretation, Alloy tries to find whether the formula is satisfiable in that domain, i.e., whether it has a model. Alloy is used to build a Requirement Solver that takes as input a set of network components and requirements upon their configurations and determines component configurations satisfying those requirements. This Solver is used in different ways to accomplish the above reasoning tasks. The Solver is illustrated in depth by carrying out a variety of these tasks in the context of a realistic fault-tolerant virtual private network with remote access. Alloy uses modern satisfiability solvers that solve millions of constraints in millions of variables in seconds. However, poor requirements can easily nullify such speeds. The paper outlines approaches for writing efficient requirements. Finally, it outlines directions for future research.

Advanced analysis methods for 3G cellular networks

Abstract: The operation and maintenance of the third generation (3G) mobile networks will be challenging. These networks will be strongly service driven, and this approach differs significantly from the traditional speech dominated in the second generation (2G) approach. Compared to 2G, in 3G, the mobile cells interact and interfere with each other more, they have hundreds of adjustable parameters, and they monitor and record data related to several hundreds of different variables in each cell. This paper shows that a neural network algorithm called the self-organizing map, together with a conventional clustering method like the k-means, can effectively be used to simplify and focus network analysis. It is shown that these algorithms help in visualizing and grouping similarly behaving cells. Thus, it is easier for a human expert to discern different states of the network. This makes it possible to perform faster and more efficient troubleshooting and optimization of the parameters of the cells. The presented methods are applicable for different radio access network technologies.

Fabric network management and diagnostic tool

Abstract: The invention relates to a maintenance and diagnostic tool for embedded fabric (EF) networks providing an interactive graphical user interface for displaying, monitoring and managing processing elements, such as microprocessors, switches, bridges and memory, within the EF network.

An approach to understanding policy based on autonomy and voluntary cooperation

Abstract: Presently, there is no satisfactory model for dealing with political autonomy of agents in policy based management. A theory of atomic policy units called ‘promises' is therefore discussed. Using promises, a global authority is not required to build conventional management abstractions, but work is needed to bind peers into a traditional authoritative structure. The construction of promises is precise, if tedious, but can be simplified graphically to reason about the distributed effect of autonomous policy. Immediate applications include resolving the problem of policy conflicts in autonomous networks.