AutoMon

Automatisiertes Performance-Monitoring

Motivation

Outages and disruptions of IT business applications in enterprise networks can cause severe economic damages. Therefore corporations and public institutions invest heavily in their IT infrastructure to prevent outages and to faster detect their root causes. Monitoring systems are deployed which control the functionality of IT systems on different layers, such as networks, servers, and applications. These controls are mostly done locally and are not interconnected with each other. Issues such as overloading of routers can nowadays be detected on a subsystem level. However, the correlation with a root causes such as starting a software update during business hours which slows down other network applications remains unknown. The root cause analysis is mostly a manual process where monitoring data from different subsystems is linked together manually. This analysis is only done when the use is already affected and annoyed by the respective issue.

Goals and approach

The goal of the AutoMon project is to increase the robustness of IT infrastructures through a continuous, proactive, and cross-system function and performance monitoring as well as an automated root cause analysis. To this end we develop processes to automatically link monitoring data on a cross-system basis. These processes will then be implemented on distributed network systems. This allows administrators to receive visually enhanced and meaningful analyses of outages and disruptions. Issues can then be tackled more swiftly and the maintenance cost is reduced. Furthermore we develop a business intelligence solution which balances cost and gain of outage analyses. AutoMon delivers a founded information base to improve organizational and economical decisions in an enterprise. The system will be tested and evaluated in practice within the project partners' networks.

Innovations und perspectives

The potential for innovation in the AutoMon project lies especially in the economical use of system resources due to a automated self-configuration and self-optimization. Functions developed within the project will promptly be integrated into monitoring and data analysis solutions offered by both SME partners to increase their competitiveness with these unique unique selling points.

Partners

  • IsarNet Software Solutions GmbH
  • Sandstorm Media GmbH
  • IBM Deutschland Aviation Industry Services GmbH
  • DB Systel GmbH (IKT-Organisation der Deutschen Bahn)

Related publications

2017.05 Oliver Gasser, Quirin Scheitle, Carl Denis, Nadja Schricker, Georg Carle, “Security Implications of Publicly Reachable Building Automation Systems,” in Proc. 2nd Int. Workshop on Traffic Measurements for Cybersecurity, San Jose, CA, USA, May 2017. [Pdf] [Bib]
2017.02 Oliver Gasser, Quirin Scheitle, Carl Denis, Nadja Schricker, Georg Carle, “Öffentlich erreichbare Gebäudeautomatisierung: Amplification-Anfälligkeit von BACnet und Deployment-Analyse im Internet und DFN,” in 24. DFN-Konferenz Sicherheit in vernetzten Systemen, Hamburg, Germany, Feb. 2017. [Pdf] [Bib]

Finished student theses

Author Title Type Advisors Links
Nadja Schricker Active Security Evaluation with Network Scans BA Oliver Gasser, Quirin Scheitle

Open and running student theses

Author Title Type Advisors Links
open Collecting Flow Data at High Rates MA, IDP Oliver Gasser Pdf
open Advanced Flow Functions for Traffic Anomaly Detection IDP, MA Oliver Gasser, Johannes Naab Pdf
open Continuous Development of Open Source C++ Flow Toolkit HiWi Oliver Gasser Pdf