CANDID:通过确定重要性和依赖关系将网络资产进行分类
CANDID: Classifying Assets in Networks by Determining Importance and Dependencies
关键词:网络故障;复杂网络关系;依赖性;重要性
摘 要:This thesis introduces CANDID, a passive NetFlow-based network traffic analysis platform targeted at inferring relationships and dependencies among services running on hosts in enterprise networks. These networks present challenges of great scale, complexity, and nonstop dynamism, which hinder the ability for network administrators to maintain insight into the complex relationships that exist in these networks. Consequently, administrators do not always know how best to proceed if a network failure occurs. CANDID strives to empower administrators by illuminating these relationships, such that they will be prepared to remedy complex service failures.The solutions presented here take the rst steps towards understanding these complex in-network relationships, with a special focus on inferring one class of dependencies and detecting load balanced services. The focal point of this thesis is two radically di erent, yet complementary, strategies for inferring the presence of load balancing for pairs of systems.