Identifikation von Business Prozessen in Datennetzwerken durch Teilsequenzen-Musterung

- Masterarbeit -


We depend on network services in many aspects of our daily lives (e.g., email, smart homes, medical services, electricity supply, water supply). Network services operate on distributed sets of clients and servers and rely on supporting network services, such as Kerberos, Domain Name System (DNS), and Active Directory. Hence, network services need to interact with each other in order to function correctly. Since, engineers use the divide-and-conquer approach to implement a new task, they are able to reuse network services and do not need to re-implement complex customized ones. Unfortunately, implementation and dependency details are often not documented, and are difficult to discover by referring to human expert knowledge, for obvious reasons. Business analysts analyze tasks and verbalize them as business processes (BPs) and try to identify all network services in the chain of a process. By relying on human knowledge, they try to develop BPs for all areas of operation in an enterprise network. As tasks to be executed rely on increasingly distributed network services with implementation details often not properly documented, this process is tedious and expensive. Also, the accuracy of the identified business processes needs to be audited regularly. Business processes specify a task's network perimeters in a distributed system by listing all involved network services. In the context of this work, we identify network traffic patterns between hosts and correlate them to derive network dependencies between network services. Based on a known port list and a network’s topology, we derive business processes automatically.

Kenntnisse der Netzwerktechnik (OSI-Schichtenmodell)
Kenntnisse im Maschinellen Lernen / Data-Mining
Kenntnisse der IT-Sicherheit (Intrusion Detection System, Risiko Analyse)

Felix Kuhr

