Network traffic collection in the MOC

HTTP proxy data collection for the MOC analytics-based security service

Project logistics

Preferred past experience

Project Overview

The MOC is deploying the monitoring infrastructure that collects a number of different metrics from several layers of the cloud. Datasets from multiple sources (Ceilometer, Sensu, LogStash) are integrated into a time-series database (InfluxDB) that will provide various analytics services to the cloud provider and selected researchers. This project will augment the monitoring infrastructure to:

 

- Keep historical performance metrics into InfluxDB and allow queries based on different attributes (time interval, VM identifier, physical machine identifier, etc.).

- Augment the monitoring infrastructure with a proxy VM that will intercept network traffic of users opting in to this service. The proxy will collect finer-grained data on users’ network connections, including HTTP header information.

- Time-permitting, the team will simulate one or several attacks (e.g., VM performing a DoS attack, or visiting a malicious web site) and deploy some statistical techniques to detect them.

 

This project will create the necessary infrastructure for the analytics-based security service planned to be deployed in the MOC.

Some Technologies you will learn/use: