DOI QR코드

DOI QR Code

Software Engineering Meets Network Engineering: Conceptual Model for Events Monitoring and Logging

  • Received : 2021.12.05
  • Published : 2021.12.30

Abstract

Abstraction applied in computer networking hides network details behind a well-defined representation by building a model that captures an essential aspect of the network system. Two current methods of representation are available, one based on graph theory, where a network node is reduced to a point in a graph, and the other the use of non-methodological iconic depictions such as human heads, walls, towers or computer racks. In this paper, we adopt an abstract representation methodology, the thinging machine (TM), proposed in software engineering to model computer networks. TM defines a single coherent network architecture and topology that is constituted from only five generic actions with two types of arrows. Without loss of generality, this paper applies TM to model the area of network monitoring in packet-mode transmission. Complex network documents are difficult to maintain and are not guaranteed to mirror actual situations. Network monitoring is constant monitoring for and alerting of malfunctions, failures, stoppages or suspicious activities in a network system. Current monitoring systems are built on ad hoc descriptions that lack systemization. The TM model of monitoring presents a theoretical foundation integrated with events and behavior descriptions. To investigate TM modeling's feasibility, we apply it to an existing computer network in a Kuwaiti enterprise to create an integrated network system that includes hardware, software and communication facilities. The final specifications point to TM modeling's viability in the computer networking field.

Keywords

References

  1. Al-Fedaghi, S., Behbehani, B.: How to Document Computer Networks. Journal of Computer Science 16(6), 723-734 (2020). DOI:10.3844/jcssp.2020.723.434
  2. Wolf, T., Griffioen, J., Calvert, K. L., Dutta, R., Rouskas, G. N., Baldine, I., Nagurney, A.: Choice as a Principle in Network Architecture. In: Proc. of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (2012)
  3. Umhlaba Development Services: Introduction to Monitoring and Evaluation Using the Logical Framework Approach. Noswal Hall, Braamfontein, Johannesburg, South Africa (2017) https://eeas.europa.eu/archives/delegations/ethiopia/documents/eu_ethiopia/ressources/m_e_manual_en.pdf
  4. Svoboda, J., Ghafir, I., Prenosil, V.: Network Monitoring Approaches: An Overview. Int J Adv Comput Netw Secur 5(2), 88-93 (2015). DOI: 10.15224/978-1-63248-061-3-72
  5. Kay, R. Event Correlation. In: Computerworld (2003). https://www.computerworld.com/article/2572180/eventcorrelation.html
  6. Kent, K., Souppaya, M.: Guide to Computer Security Log Management. NIST special publication 92, 1-72 (2006)
  7. O'Brien, C.: 5 IPOs That Show the Importance of Data in 2020. In: VentureBeat (2020). https://venturebeat.com/2020/12/28/5-ipos-that-show-theimportance-of-data-in-2020/
  8. Network Monitoring Software. In: ManageEngine (2021). https://www.manageengine.com/networkmonitoring/Eventlog_Tutorial_Part_II.html
  9. Leskiw, A. C.: Syslog: Servers, Messages & Security-Tutorial & Guide to this System Logs! In: Network Management Software (2020). https://www.networkmanagementsoftware.com/what-issyslog/
  10. Al-Fedaghi, S.: Modeling in Systems Engineering: Conceptual Time Representation. International Journal of Computer Science and Network Security 21(3), 153-164 (2021) https://doi.org/10.22937/IJCSNS.2021.21.3.21
  11. Bar-Sinai, M., Weiss, G., Marron, A.: Defining Semantic Variations of Diagrammatic Languages Using Behavioral Programming and Queries. In: EXE@ MoDELS, pp. 5-11 (2016)
  12. Heidegger, M.: The Thing. In: Hofstadter, A. (Trans.) Poetry, Language, Thought, pp. 161-184. Harper and Row (1975)
  13. Santos, O., Kampanakis, P., Woland, A.: Introduction to and Design of Cisco ASA with FirePOWER Services. Cisco Press (2016). https://www.ciscopress.com/articles/printerfriendly/2730336
  14. Zafeiroudis, M., Klauzova, V., Gasimov, I.: Clarify Firepower Threat Defense Access Control Policy Rule Actions. Cisco (2020). https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/212321-clarify-the-firepower-threat-defenseacc.html
  15. Campbell, C., Hoecke, B., Novakovic, D., Acs, G., Duernberger, S.: Firewall Innovation and Transformation-A Closer Look at ASA and Firepower. Ciscolive (2017). https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2017/pdf/TECSEC-2600.pdf