| dc.contributor.advisor | 廖峻鋒 | zh_TW |
| dc.contributor.advisor | Liao, Chun-Feng | en_US |
| dc.contributor.author (Authors) | 賴玠忠 | zh_TW |
| dc.contributor.author (Authors) | Lai, Jie-Zhong | en_US |
| dc.creator (作者) | 賴玠忠 | zh_TW |
| dc.creator (作者) | Lai, Jie-Zhong | en_US |
| dc.date (日期) | 2022 | en_US |
| dc.date.accessioned | 5-Oct-2022 09:14:24 (UTC+8) | - |
| dc.date.available | 5-Oct-2022 09:14:24 (UTC+8) | - |
| dc.date.issued (上傳時間) | 5-Oct-2022 09:14:24 (UTC+8) | - |
| dc.identifier (Other Identifiers) | G0109753101 | en_US |
| dc.identifier.uri (URI) | http://nccur.lib.nccu.edu.tw/handle/140.119/142121 | - |
| dc.description (描述) | 碩士 | zh_TW |
| dc.description (描述) | 國立政治大學 | zh_TW |
| dc.description (描述) | 資訊科學系 | zh_TW |
| dc.description (描述) | 109753101 | zh_TW |
| dc.description.abstract (摘要) | 隨著物聯網(Internet Of Things, IoT)裝置的普及,大量的裝置要能即時管理,勢必需要對於各裝置能集中監控,因此在過去誕生了像 SNMP 的監控協定可用於管理,一直到現在都還是屬於穩定的商用監控協定之一,然而近年來邊緣運算(Edge computing)概念的興起,從過去資料中心集中運算到如今只要具有一定數量的物聯網裝置都能形成一定規模的分散式運算架構,大幅度的改善了在利用網路服務時的延遲與可用性,SNMP 協定在現今架構下雖然還是具有廣泛低門檻的優點,但是經過整理後發現會有對於 OS kernel 層面的監控細節較無法取得、取得監控資訊的手段與過程耗費過多資源、主從溝通過程過於複雜的三個缺點,因此本研究將提出基於 eBPF 的監控解決方案,針對上述缺失進行改善與評估,預期能夠降低在進行監控時所耗費的系統資源,對於物聯網在進行監控時能有更好的解決方案。 | zh_TW |
| dc.description.abstract (摘要) | With the wide spread of the Internet of Things (IoT) technologies, real-time distributed observability and management mechanisms for a large number of connected things are critical. SNMP has been the de facto standard of distributed observability in traditional networked environments. While SNMP was proven reliable and effective, it suffers from various issues in IoT environments. As the kernel-level information is important for ensuring the reliability of IoT devices, obtaining this type of information via SNMP takes too many system resources, whereas system resources are valuable in resource-constrained IoT devices. What is more, SNMP forces a client-server communication model, namely, polling instead of callback, to lead to a significant waste of networking resources. This thesis proposes an eBPF-based solution to deal with the issues mentioned above. Specifically, based on eBPF, this research proposes a reference architecture and system design to realize comprehensive monitoring of an IoT system in an efficient way. Experiments show that the approach is able to reduce the system resources consumed in monitoring and provide better performance for the Internet of Things observability. | en_US |
| dc.description.tableofcontents | 摘要 i圖目錄 v表目錄 vii第1章 緒論 1第2章 相關研究與技術背景 42.1 系統監控協定 42.1.1 SNMP 42.1.2 WMI 62.2 核心除錯或追蹤技術 72.2.1 Berkeley Packet Filter (BPF) 72.2.2 Linux Extended BPF (eBPF) 82.2.3 ftrace 112.2.4 perf_event 122.2.5 kprobe 132.3 相關研究 15第3章 系統設計 173.1 eBPF獲取裝置資訊機制 173.2 代理人監控資訊轉送機制 213.3 自主回報監控資訊機制 23第4章 系統實作 254.1 Manager Node(監控端) 254.2 Worker Node(被監控端) 26第5章 實驗與討論 285.1 實驗總覽 285.2 取得監控資料方式比較 285.3 系統監控效能損耗 295.4 資料過濾方式造成之效能影響 345.5 封包交通量測試 375.6 討論 38第6章 結論 40參考文獻 41 | zh_TW |
| dc.format.extent | 1990129 bytes | - |
| dc.format.mimetype | application/pdf | - |
| dc.source.uri (資料來源) | http://thesis.lib.nccu.edu.tw/record/#G0109753101 | en_US |
| dc.subject (關鍵詞) | eBPF | zh_TW |
| dc.subject (關鍵詞) | SNMP | zh_TW |
| dc.subject (關鍵詞) | Observability | zh_TW |
| dc.subject (關鍵詞) | eBPF | en_US |
| dc.subject (關鍵詞) | SNMP | en_US |
| dc.subject (關鍵詞) | Observability | en_US |
| dc.title (題名) | 基於 eBPF 之物聯網輕量監控機制的設計與實現 | zh_TW |
| dc.title (題名) | The Design and Implementation of an eBPF-based Lightweight Monitoring System for IoT Devices | en_US |
| dc.type (資料類型) | thesis | en_US |
| dc.relation.reference (參考文獻) | [1] Ericson, "Cellular networks for massive IoT," p. 2. [Online]. Available: https://www.ericsson.com/assets/local/publications/white-papers/wp_iot.pdf[2] I. C. Education. "Observability." https://www.ibm.com/cloud/learn/observability (accessed.[3] R. S. Carl Lebsack, "SNMP is dead," p. 5. [Online]. Available: https://research.google/pubs/pub47773/[4] "Net-SNMP." http://www.net-snmp.org/ (accessed.[5] "Windows Management Instrumentation." https://docs.microsoft.com/zh-tw/windows/win32/wmisdk/about-wmi (accessed.[6] "Common Information Model." https://www.dmtf.org/standards/cim (accessed.[7] S. McCanne and V. Jacobson, "The BSD Packet Filter: A New Architecture for User-level Packet Capture," in USENIX winter, 1993, vol. 46.[8] "Extending extended BPF." https://lwn.net/Articles/603983/ (accessed.[9] "ftrace - Function Tracer." https://www.kernel.org/doc/Documentation/trace/ftrace.txt (accessed.[10] "Kernel Probes (Kprobes)." https://docs.kernel.org/trace/kprobes.html (accessed.[11] M. Bertrone, S. Miano, F. Risso, and M. Tumolo, "Accelerating Linux Security with eBPF iptables," presented at the Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos, Budapest, Hungary, 2018. [Online]. Available: https://doi.org/10.1145/3234200.3234228.[12] S. Tesliuk, "Monitoring network traffic and detecting attacks using eBPF," 2021.[13] G. Fournier, "Monitoring and protecting SSH sessions with eBPF."[14] C. Cassagnes, L. Trestioreanu, C. Joly, and R. State, "The rise of eBPF for non-intrusive performance monitoring," in NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium, 20-24 April 2020 2020, pp. 1-7, doi: 10.1109/NOMS47738.2020.9110434.[15] C. Liu, Z. Cai, B. Wang, Z. Tang, and J. Liu, "A protocol-independent container network observability analysis system based on eBPF," in 2020 IEEE 26th International Conference on Parallel and Distributed Systems (ICPADS), 2-4 Dec. 2020 2020, pp. 697-702, doi: 10.1109/ICPADS51040.2020.00099.[16] T. Shiraishi, M. Noro, R. Kondo, Y. Takano, and N. Oguchi, "Real-time monitoring system for container networks in the era of microservices," in 2020 21st Asia-Pacific Network Operations and Management Symposium (APNOMS), 2020: IEEE, pp. 161-166. | zh_TW |
| dc.identifier.doi (DOI) | 10.6814/NCCU202201517 | en_US |
