June 14, 2015
June 14, 2015
June 17, 2015
Computing & Information Technology
26.1233.1 - 26.1233.24
Practical Data Mining and Analysis for System AdministrationModern networks are both complex and important, requiring vigilant system administration.System administrators employ many tools to aid them in their work, but still securityvulnerabilities, misconfigurations, and unanticipated device failures can occur regularly. Theconstant and repetitive work put into fixing these problems often leads to wasted money, time,and effort. We have developed a system to greatly reduce this waste. By implementing apractical data mining infrastructure, we are able to analyze device data and logs as part ofgeneral administrative tasks. This allows us to track security risks and identify configurationproblems far more quickly and efficiently than conventional systems could by themselves. Thisapproach gives system administrators much more knowledge about and power over theirsystems, saving them resources and time.The system is practical because it is more straightforward and easier to deploy than traditionaldata mining architectures. Generally, data analysis infrastructure is large, expensive, and used forother purposes than system administration. This has often kept administrators from applying thetechnology to analysis of their networks. In contrast to this we propose a system designed toovercome these problems. We propose a lightweight, easily configurable solution that can be setup and maintained by the system administrators themselves, saving work hours and resources inthe long run.One advantage to using data mining is that we can exploit behavioral analysis to help answerquestions about points of failure, analyze an extremely large number of device logs, and identifymany device failures before they happen. Indexing the logs and parsing out the informationenables system administrators to query and search for specific items, narrowing down points offailure to resolve them faster. Consequently, network and system downtime is decreased.In summary, we have found in our tests that the system increases security response timesignificantly. We have also found that the system identifies configuration problems that had goneon unnoticed for months or even years; problems that could be causing many other issues withinthe network. This system's ability to identify struggling devices by early warning signs beforethey go down has proven invaluable. We feel that the benefits and simplicity of this system aresignificant enough to make it worth implementing in almost any professional computer network.
Lund, T., & Panike, H., & Moses, S., & Rowe, D. C., & Ekstrom, J. J. (2015, June), Practical Data Mining and Analysis for System Administration Paper presented at 2015 ASEE Annual Conference & Exposition, Seattle, Washington. 10.18260/p.24570
ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2015 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015