Mining semantic relations using NetFlow

14 years 1 months ago
Mining semantic relations using NetFlow
—Knowing the dependencies among computing assets and services provides insights into the computing and business landscape, therefore, facilitating low-risk timely changes in support of a business-driven IT management. In general, the results of a dependency analysis can be used for infrastructure reengineering, show evidence of policy and process compliance, and support assessments of business resilience. Current passive discovery approaches using network monitoring analyze only direct communication between assets and provide just a singlelink mesh view. This work introduces a new algorithm based on NetFlow data preprocessed by the Aurora system developed at IBM Research to create a dependency model of the network. The algorithm uses time-based event correlation and the data mining concept of association rules to detect and classify dependencies that span two or more components. The advantages of the algorithm is that no access credentials are required and no packet payload inspectio...
Alexandru Caracas, Andreas Kind, Dieter Gantenbein
Added 29 May 2010
Updated 29 May 2010
Type Conference
Year 2008
Where BDIM
Authors Alexandru Caracas, Andreas Kind, Dieter Gantenbein, Stefan Fussenegger, Dimitrios Dechouniotis
Comments (0)