Network Analysis through Edge Computing using Queries



Journal Title

Journal ISSN

Volume Title



Monitoring networks requires two things, efficiently detecting abnormal events and summarizing connection information in big volumes of packet-level data. Some of these tasks can be accomplished with network and operating system utilities, but the questions should be relatively simple and each tool is designed to provide specific analysis. Being able to process data both in a centralized and decentralized manner, given the diversity in instrumentation and vantage points is also another requirement to monitoring the network. On the other hand, database systems can answer complex questions phrased as queries, provided data is in the right format and is quickly loaded. Having such motivation in mind, we propose to monitor a network with queries, running on a traditional DBMS (i.e. not a custom-built system programmed in C or C++). Thus, queries can be processed in a central manner in a traditional database server or in a distributed fashion, with edge computing. Our experimental evaluation shows queries can indeed be used to monitor the network with low latency and reasonable delay on a low-resource device like the Raspberry Pi. We explain some interesting findings in a local network. In addition, we show queries can be efficiently evaluated in a small computing device capturing local traffic.



Edge, Network, Streams, SQL


Portions of this document appear in: Quangtri Thai, Carlos Ordonez, and Omprakash Gnawali. 2020. Monitoring Networks with Insightful Queries. In Proceedings of the 14th International Workshop on Wireless Network Testbeds, Experimental evaluation & Characterization (WiNTECH'20). Association for Computing Machinery, New York, NY, USA, 122–123. DOI:; and in: Q. Thai, C. Ordonez and O. Gnawali, "Monitoring Networks with Queries Evaluated by Edge Computing," 2020 IEEE International Conference on Big Data (Big Data), 2020, pp. 2223-2231, doi: 10.1109/BigData50022.2020.9377998.