Ordonez, Carlos2022-06-182022-06-18August 2022021-08August 202Portions of this document appear in: Quangtri Thai, Carlos Ordonez, and Omprakash Gnawali. 2020. Monitoring Networks with Insightful Queries. In Proceedings of the 14th International Workshop on Wireless Network Testbeds, Experimental evaluation & Characterization (WiNTECH'20). Association for Computing Machinery, New York, NY, USA, 122–123. DOI: https://doi.org/10.1145/3411276.3414695; and in: Q. Thai, C. Ordonez and O. Gnawali, "Monitoring Networks with Queries Evaluated by Edge Computing," 2020 IEEE International Conference on Big Data (Big Data), 2020, pp. 2223-2231, doi: 10.1109/BigData50022.2020.9377998.https://hdl.handle.net/10657/9373Monitoring networks requires two things, efficiently detecting abnormal events and summarizing connection information in big volumes of packet-level data. Some of these tasks can be accomplished with network and operating system utilities, but the questions should be relatively simple and each tool is designed to provide specific analysis. Being able to process data both in a centralized and decentralized manner, given the diversity in instrumentation and vantage points is also another requirement to monitoring the network. On the other hand, database systems can answer complex questions phrased as queries, provided data is in the right format and is quickly loaded. Having such motivation in mind, we propose to monitor a network with queries, running on a traditional DBMS (i.e. not a custom-built system programmed in C or C++). Thus, queries can be processed in a central manner in a traditional database server or in a distributed fashion, with edge computing. Our experimental evaluation shows queries can indeed be used to monitor the network with low latency and reasonable delay on a low-resource device like the Raspberry Pi. We explain some interesting findings in a local network. In addition, we show queries can be efficiently evaluated in a small computing device capturing local traffic.application/pdfengThe author of this work is the copyright owner. UH Libraries and the Texas Digital Library have their permission to store and provide access to this work. UH Libraries has secured permission to reproduce any and all previously published materials contained in the work. Further transmission, reproduction, or presentation of this work is prohibited except with permission of the author(s).EdgeNetworkStreamsSQL2022-06-18Thesisborn digital