Smart Real-Time Internet-of-Things Network Monitoring System

Introduction

In today’s world, not only computers are connected to the Internet, other devices such as smartphones, smart cars, sensors, home appliances, and so on, are also connected to the Internet. This, so called Internet of Things, makes the network traffics become more complex and vulnerable. Computer networks provide the shared resources, accounting, e-mail, Internet and Intranet that is used within organizations. It helps business to reduce cost, streamlines processes, and facilitates the sharing of information and the same time opens new vulnerabilities.

Most computer networks provide a lot of features that can be used to help the running of a business however, if a problem occurs within the network itself, the productivity of the company is severely affected. Therefore, it is important to find the cause of the problem as soon as possible. Such a task can normally be very tedious in a complex network.

Many commercial network monitoring tools and software are available today, vary from as simple as only monitoring segments of network up to systems with sophisticated capabilities such as visualization of nodes activities, IDS and intelligent engine to analyze the traffic as well as to predict requirements for future system development.

The traffic on the network may be generated by thousands of devices and thousands of software drivers and applications. Without the proper tools that can interpret, analyze and display network traffic and any related problems, a network administrator is limited to the time-consuming trial and error method to try to identify a problem. With a network analyzer application, such problems can be immediately detected and resolved. Nonetheless, a simple network analyzer application is no longer enough. To keep a network performs at top-notch condition, a network administrator needs a tool that has ability to

• •

  Have intelligence built in.

• •

  Even of tracking and resolving some of the problems on its own.

• •

  Detect network viruses and provide the early warning needed.

• •

  Point out the sources of the virus, and close it if possible.

• •

  Provide intrusion detection and warning.

• •

  Work in all IP platforms, including IPv4 and IPv6.

• •

  Cross platform that support any Operating systems.

• •

  Capture and monitor traffic from devices attached to Internet.

Autonomous intrusion agents, commonly referred to as `worms', are fast becoming a popular method of network and system compromise. The most famous start to the history of network worms is the Morris worm, which quickly crippled a substantial portion of the 1988 Internet. Worms have been a persistent security threat on the Internet, though for most of this history they focused on Windows hosts.

A real-time smart network monitoring and security platform will be implemented as a product named InstaMon.

InstaMon performs real time data collection of network traffic that flows on a local area network (LAN) segment and analyzes the data that is decoded, performs statistical calculation and displays the analyzed data. The objective is to create an intelligent tool to assist network and system administrators by anticipating and giving intelligent information for preventive measures to be taken so that damages as a result of system or network down time that can be very costly is minimized. Real-time network analysis helps to detect and resolve network faults and performance problems quickly. It even has the power to analyze multi-topology, multi-protocol networks—automatically.

Background

With the additional traffic generated by the Internet of Things, computer networks traffic are growing at a drastic rate and thus network administrators can no longer monitor network problems by only relying on the traditional method such as Simple Network Management Protocol (SNMP) and Remote Monitoring (RMON). What network administrators need is the latest passive monitoring approach. Because as the number of hosts increase number of SNMP agents increase as well, which will result in a massive amount of traffic pumped to the network due to the fact that SNMP based tools are active in nature.