Matrix/array analysis of networks can provide significant insight into their behavior and aid in their operation and protection. Prior work has demonstrated the analytic, performance, and compression capabilities of GraphBLAS (graphblas.org) hypersparse matrices and D4M (d4m.mit.edu) associative arrays (a mathematical superset of matrices). Obtaining the benefits of these capabilities requires integrating them into operational systems, which comes with its own unique challenges. This paper describes two examples of real-time operational implementations. First, is an operational GraphBLAS implementation that constructs anonymized hypersparse matrices on a high-bandwidth network tap. Second, is an operational D4M implementation that analyzes daily cloud gateway logs. The architectures of these implementations are presented. Detailed measurements of the resources and the performance are collected and analyzed. The implementations are capable of meeting their operational requirements using modest computational resources (a couple of processing cores). GraphBLAS is well-suited for low-level analysis of high-bandwidth connections with relatively structured network data. D4M is well-suited for higher-level analysis of more unstructured data. This work demonstrates that these technologies can be implemented in operational settings.

翻译：网络的矩阵/数组分析可显著揭示其行为特征，并有助于网络运维与防护。已有研究验证了GraphBLAS（graphblas.org）超稀疏矩阵与D4M（d4m.mit.edu）关联数组（矩阵的数学超集）在分析、性能及压缩方面的能力。要将这些能力转化为实际效益，需将其集成至运行系统，而这会面临独特挑战。本文阐述了两种实时运维实现的案例：其一为基于GraphBLAS的运维实现，在高带宽网络流量采集点上构建匿名化超稀疏矩阵；其二为基于D4M的运维实现，对每日云网关日志进行分析。文中给出了这些实现的架构设计，收集并分析了详细的资源占用与性能指标。采用中等计算资源（仅需数个处理核心）即可满足运维需求。GraphBLAS适用于结构相对规整的高带宽网络连接底层分析，而D4M则更擅长处理非结构化数据的深层分析。本研究证明这些技术可成功部署于实际运维环境。