Robustness Through SelfMonitoring in Konark, A Network Monitoring System - PowerPoint PPT Presentation

Loading...

PPT – Robustness Through SelfMonitoring in Konark, A Network Monitoring System PowerPoint presentation | free to view - id: d7ce9-ZDc1Z



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Robustness Through SelfMonitoring in Konark, A Network Monitoring System

Description:

Robustness Through Self-Monitoring in Konark, A Network Monitoring System ... dburl = jdbc:mysql://archimedes.cs.umn.edu:10000/test; dbuser = mobile_agent; ... – PowerPoint PPT presentation

Number of Views:30
Avg rating:3.0/5.0
Slides: 30
Provided by: htal
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Robustness Through SelfMonitoring in Konark, A Network Monitoring System


1
Robustness Through Self-Monitoring in Konark, A
Network Monitoring System
  • Masters Plan B Presentation
  • Harsha Talkad
  • Decemeber 2004
  • Advisor Prof. Anand Tripathi
  • University of Minnesota

2
Outline
  • Goal of Project
  • Konark
  • Ajanta
  • Architecture, Working
  • Robustness in Konark
  • Robustness Examples
  • Conclusions and Future Work

3
Goal of Project
  • Achieving robustness through self-monitoring in
    Konark, mobile agent based network monitoring
    tool, using the existing capabilities of the
    system and without changing/complicating existing
    design.

4
Konark
  • Framework for network event monitoring using
    Mobile Agents, implemented using Ajanta.
  • Ajanta, secure Java based system for distributed
    programming with mobile agents.
  • Agent, Agent Server and Name Registry.

5
Konark Issues
  • Network Monitoring Issues
  • Size of Network
  • Diversity in Components
  • Distributed monitoring
  • Single point of control
  • Responding quickly to alerts
  • Response against attacks
  • Response against misconfigurations/failures
  • Robustness and Security of system

6
Konark Why Mobile Agents?
  • Mobile-Agent based network monitoring
  • Object capable of migration
  • First-class objects can be altered remotely
  • Script based detection techniques
  • Tedious to install, debug and modify
  • Coarse-grained protection

7
Konark Goals
  • Goals
  • Dynamically Extensible
  • Addition of new monitoring components
  • Modifications of existing monitoring policies
  • Integration of tools
  • Active Monitoring
  • Modification of policies in response to events
  • Online Monitoring
  • Event Monitoring in real-time

8
Konark Goals
  • Resilience by diverse monitoring sources
  • Secure
  • System itself has to be secure
  • Robust
  • Automated recovery of failed components
  • Scalable
  • Acceptable System Performance

9
Konark Concepts, Components and Definitions
  • Event
  • Detector
  • Trigger Dependency
  • Monitoring Agent
  • Itinerary Agent
  • System Management Agent (SMA)
  • Configuration and Event Database

10
Konark Overview
  • Publish-Subscribe network monitoring system
  • Monitoring agents equipped with detectors
  • Publisher-Subscriber relationship is dynamic
  • Event model for information flow
  • Automated agent and detector recovery
    (Robustness)
  • Authenticated inter-agent communication (RMI)
  • Challenge-response protocol

11
Konark Agent Architecture
12
Konark Architecture
13
Konark Capabilities
  • System log monitoring
  • Process monitoring runaway, malicious
  • File integrity checking (itinerary)
  • User tracking, monitoring - root logins, login
    failures
  • System health monitoring temp space, disk space
  • Integrated with snort, kismet blacklist,
    portscan, MAC spoofing

14
Robustness Types of Failures
  • Host failure
  • Service failure
  • Agent Server failure
  • Agent failure
  • Detector failure

15
Robustness Goals
  • Minimizing the time for which a resource remains
    un-monitored
  • Getting things up and running rather than
    worrying what went wrong
  • Less overhead on the system
  • Ease of management

16
Robustness Concepts, Components and Definitions
  • AgentAlive Detector, AgentAlive Event(hear beat)
  • FailureEvent Detector, Failure Event
  • Failure Detection Agent (FDA)
  • Recovery Agent (RA)
  • SMA Recovery Agent (SRA)
  • Soft state
  • Check pointing

17
Robustness Recovery Architecture
18
Robustness Recovery Process
  • AgentAlive Event
  • Heart beat
  • Configurable interval
  • Failure Agents
  • Subscribe to all AgentAlive Events
  • No heart beats or mis-match
  • Callbacks through Admin GUI for check pointing
  • Cooperative recovery
  • Configuration Number

19
Recovery Trigger Dependency
20
Recovery Process Sequence of events
  • Heart beat stops
  • Failure Event generated
  • Recovery Process Initiated
  • Subscribers notified
  • Restoration of failed Agent
  • Subscription restoration

21
Recovery Process Normal Agent fails
22
Recovery Process SMA Fails
23
Recovery Process
  • Assumptions
  • Minimum requirement
  • Different hosts
  • Pair of FDA
  • At any instance at least
  • One FDA and one RA
  • One FDA and one SMA-RA

24
Configuration file, example
25
Configuration file, example
26
Conclusions
  • Simple design, architecture
  • Framework for building Robust Distributed
    applications
  • Demonstrates Self-monitoring concept, cooperative
    recovery

27
Future Work
  • Simplifying configuration
  • Policies
  • Broker architecture
  • Building other distributed application where
    failure rate is high

28
Questions?
29
(No Transcript)
About PowerShow.com