Asee peer logo

Practical Data Mining and Analysis for System Administration

Download Paper |

Conference

2015 ASEE Annual Conference & Exposition

Location

Seattle, Washington

Publication Date

June 14, 2015

Start Date

June 14, 2015

End Date

June 17, 2015

ISBN

978-0-692-50180-1

ISSN

2153-5965

Conference Session

Topics in Computing and Information Technologies I

Tagged Division

Computing & Information Technology

Page Count

24

Page Numbers

26.1233.1 - 26.1233.24

DOI

10.18260/p.24570

Permanent URL

https://peer.asee.org/24570

Download Count

142

Request a correction

Paper Authors

biography

Tanner Lund Brigham Young University

visit author page

Tanner Lund is a research assistant at Brigham Young University studying Information Technology. His fields of study include system administration and network management, with a specialization in distributed computing and log analysis. He has a strong interest in machine learning and applying its principles to network management.

visit author page

author page

Hayden Panike

author page

Samuel Moses Brigham Young University

biography

Dale C Rowe Brigham Young University

visit author page

Dr. Rowe has worked for nearly two decades in security and network architecture with a variety of industries in international companies. He has provided secure enterprise architecture on both military and commercial satellite communications systems. He has also advised and trained both national and international governments on cyber-security.
Since joining Brigham Young University in 2010, he has designed a variety of courses on information assurance, cybersecurity, penetration testing, cyber forensics, malware analysis and systems administration and published over a dozen papers in cyber-security.

visit author page

biography

Joseph J Ekstrom Brigham Young University

visit author page

Dr. Ekstrom spent more than 30 years in industry as a software developer, technical manager, and entrepreneur. In 2001 he helped initiate the IT program at BYU. He was the Program Chair of the Information Technology program from 2007-2013. His research interests include network and systems management, distributed computing, system modeling and architecture, system development, Cyber security and IT curriculum development.

visit author page

Download Paper |

Abstract

Practical Data Mining and Analysis for System AdministrationModern networks are both complex and important, requiring vigilant system administration.System administrators employ many tools to aid them in their work, but still securityvulnerabilities, misconfigurations, and unanticipated device failures can occur regularly. Theconstant and repetitive work put into fixing these problems often leads to wasted money, time,and effort. We have developed a system to greatly reduce this waste. By implementing apractical data mining infrastructure, we are able to analyze device data and logs as part ofgeneral administrative tasks. This allows us to track security risks and identify configurationproblems far more quickly and efficiently than conventional systems could by themselves. Thisapproach gives system administrators much more knowledge about and power over theirsystems, saving them resources and time.The system is practical because it is more straightforward and easier to deploy than traditionaldata mining architectures. Generally, data analysis infrastructure is large, expensive, and used forother purposes than system administration. This has often kept administrators from applying thetechnology to analysis of their networks. In contrast to this we propose a system designed toovercome these problems. We propose a lightweight, easily configurable solution that can be setup and maintained by the system administrators themselves, saving work hours and resources inthe long run.One advantage to using data mining is that we can exploit behavioral analysis to help answerquestions about points of failure, analyze an extremely large number of device logs, and identifymany device failures before they happen. Indexing the logs and parsing out the informationenables system administrators to query and search for specific items, narrowing down points offailure to resolve them faster. Consequently, network and system downtime is decreased.In summary, we have found in our tests that the system increases security response timesignificantly. We have also found that the system identifies configuration problems that had goneon unnoticed for months or even years; problems that could be causing many other issues withinthe network. This system's ability to identify struggling devices by early warning signs beforethey go down has proven invaluable. We feel that the benefits and simplicity of this system aresignificant enough to make it worth implementing in almost any professional computer network.

Lund, T., & Panike, H., & Moses, S., & Rowe, D. C., & Ekstrom, J. J. (2015, June), Practical Data Mining and Analysis for System Administration Paper presented at 2015 ASEE Annual Conference & Exposition, Seattle, Washington. 10.18260/p.24570

ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2015 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015