Grace Huang

NetPo

Over the summer, I was hired to make network troubleshooting easier. Working in technical support, around one third of the calls were network related. When the problem was network related, we had a difficult time in 1) convincing them that it was a networking issue because it is difficult to pinpoint network problems and in 2) troubleshooting and fixing the network problem. I personally saw my coworkers get frustrated and work on an issue for days. Because of time constraints (2 month internship), I was unable to create a network troubleshooting tool.

Not only did network problems affect those customers, but it also affects us as well. Our phones, laptops, and servers are important to us and they lie on top of the network. In order for our devices to work, the network has to function as well. Due to the complexity and the number of components in a network, network troubleshooting as witnessed from personal experience, can be time consuming and frustrating.

My senior design project, NetPo, which stands for Network Police, aims to fix this problem by making network troubleshooting faster and easier. It sits on top of openNetVM, a research platform that allows users to design network processing software. One can easily install openNetVM on a machine and observe traffic going through the network, and with NetPo, determine whether their current traffic is normal or not. Normal is anything that deviates from the norm. Instead of hard coding what is normal, I use a machine learning algorithm: Support Vector Machines, so the network can learn what is normal for it. The specific SVM library I use is SVMlight. SVMlight has two functionalities: svm_learn and svm_classify. Svm_learn takes in a labeled dataset and trains itself with it. The output of svm_learn is a model which along with another dataset, is input to svm_classify. Svm_classify uses the model to classify each flow in the test dataset. NetPo then takes this information and displays it to the user in a much friendly way. The user can see the number of abnormal flows in their test dataset, a Sankey graph that displays from which source address and port is traffic coming from, and which destination address and port is traffic going to, and a table that displays the top abnormal IPs (categorized by the IPs with the most number of flows), the number of flows for that IP, and the average number of bytes for each flow.

Bio:
Hello! I’m Grace Huang, and I’m New Jersey. I’m a senior at George Washington University currently pursuing a Bachelor of Degree in Computer Science with a concentration in Computer Security and Information Assurance. When I was younger, I wanted to be a teacher because I love to help others and I yearn to make a difference. Throughout my four years at GWU, I learned that I could make a difference and that I could help others in the field of Computer Science. I’ve gained a passion for cyber security and for public speaking, my career goal is to work in management in the field of cyber security. After graduation, I will move to Connecticut to work for United Technologies Corporation. I will be joining as an Information Technology Leadership Associate, which is a rotational program, and my first assignment will be with Pratt & Whitney and I’ll be working in IT Security.

Presentation Screencast

Proudly powered by WordPress
Unless otherwise indicated, the content and opinions expressed on this web site are those of the author(s). They are not endorsed by and do not necessarily reflect the views of the George Washington University.
Viewing Message: 1 of 1.
 Notice

This site uses cookies to offer you a better browsing experience. Visit GW’s Website Privacy Notice to learn more about how GW uses cookies.