SMART: Scalable Monitoring, Analysis, and Response Toolkit for the Internet

A central problem in network management is how to monitor, analyze, and react to changing network conditions due to various reasons such as failures, misconfigurations, routing instability, flash crowds, distributed denial-of-service (DDoS) attacks, and computer worms. Manually tracking and reacting to such changes is labor-intensive, error-prone, and in many cases infeasible (e.g. modern worms can cause catastrophic damages within minutes -- too small a timescale for human to respond manually). It is therefore an important and urgent research challenge to develop tools and techniques to fully automate the process of network monitoring, analysis, and response.

The research addresses the above challenge by developing a Scalable Monitoring, Aalysis, and Response Toolkit (SMART). SMART allows applications to perform network-wide traffic monitoring, identify anomalies and changes in the network state, diagnose the causes for the changes, and dynamically control the network traffic -- all in an automated fashion. By integrating practical network domain knowledge and engineering experience with solid theoretical foundations in algorithms, statistics, data mining, and machine learning, SMART is scalable, accurate, robust, and easy-to-deploy. It can significantly simplify the development and deployment of large-scale network management and security applications. To demonstrate the practical values of SMART, the research develops two significant real-world security applications using the toolkit: automated worm fingerprinting, and network-based DDoS defense.

People

• Faculty
• Yin Zhang
• Students
• Ajay A. Mahimkar (on DDoS defense)
• TaeWon Cho (on worms)
• Umamaheswararao Karyampudi (on worms)
• Yi Li (on SmartTunnel)

Papers

• Ajay Mahimkar, Jasraj Dange, Vitaly Shmatikov, Harrick Vin and Yin Zhang, dFence: Transparent Network-based Denial of Service Mitigation, to appear in Proceedings of the 4th USENIX Symposium on Networked System Design and Implementation (NSDI 2007), Cambridge, Massachusetts, April 2007. (ps.gz) (HTML)
• Yi Li, Yin Zhang, Lili Qiu and Simon Lam, SmartTunnel: Achieving Reliability in the Internet, to appear in Proceedings of the 26th Annual IEEE Conference on Computer Communications (Infocom 2007), Anchorage, Alaska, USA, May 2007. (ps.gz)
• Hao Wang, Haiyong Xie, Lili Qiu, Yang Richard Yang, Yin Zhang and Albert Greenberg, COPE: Traffic Engineering in Dynamic Networks, in Proceedings of the ACM SIGCOMM Conference, Pisa, Italy, September 2006. (ps.gz)
• Matthew Roughan and Yin Zhang, Privacy-Preserving Performance Measurements, in Proceedings of ACM SIGCOMM Workshop on Mining Network Data (MineNet 2006), Pisa, Italy, September 2006. (ps.gz)
• Robert Schweller, Zhichun Li, Yan Chen, Yan Gao, Ashish Gupta, Elliot Parsons, Yin Zhang, Peter Dinda, Ming-Yang Kao and Gokhan Memik, "Reversible Sketches: Enabling Monitoring and Analysis over High-speed Data Streams", to appear in ACM/IEEE Transactions on Networking. (Coming soon!)

Funding

• SMART is supported by an NSF Career Award.