Distributing data analytics for efficient multiple traffic anomalies detection
Visualitza/Obre
10.1016/j.comcom.2017.03.008
Inclou dades d'ús des de 2022
Cita com:
hdl:2117/106657
Tipus de documentArticle
Data publicació2017-03-22
Condicions d'accésAccés obert
Llevat que s'hi indiqui el contrari, els
continguts d'aquesta obra estan subjectes a la llicència de Creative Commons
:
Reconeixement-NoComercial-SenseObraDerivada 3.0 Espanya
Abstract
Traffic anomalies can create network congestion, so its prompt and accurate detection would allow network operators to make decisions to guarantee the network performance avoiding services to experience any perturbation. In this paper, we focus on origin–destination (OD) traffic anomalies; to efficiently detect those, we study two different anomaly detection methods based on data analytics and combine them with three monitoring strategies. In view of the short monitoring period needed to reduce anomaly detection, which entails large amount of monitoring data to be collected and analyzed in a centralized repository, we propose bringing data analytics to the network nodes to efficiently detect traffic anomalies, while keeping traffic estimation centralized. Once an OD traffic anomaly is detected, a network reconfiguration can be triggered to adapt the network to the new traffic conditions. However, an external event might cause multiple related traffic anomalies. In the case of triggering a network reconfiguration just after one traffic anomaly is detected, some Key Performance Indicators (KPI) such as the number of network reconfigurations and the total reconfiguration time would be unnecessarily high. In light of that, we propose the Anomaly and Network Reconfiguration (ALCOR) method to anticipate whether other ODs are anomalous after detecting one anomalous OD pair. Exhaustive simulation results on a realistic network scenario show that the monitoring period should be as low as possible (e.g., 1 min) to keep anomaly detection times low, which clearly motivates to place traffic anomaly detection function in the network nodes. In the case of multiple anomalies, results show that ALCOR can significantly improve KPIs such as the number of network reconfigurations, total reconfiguration time, as well as traffic losses.
CitacióP. Vela, Alba, Ruiz, M., Velasco, L. Distributing data analytics for efficient multiple traffic anomalies detection. "Computer communications", 22 Març 2017, vol. 107, p. 1-12.
ISSN0140-3664
Versió de l'editorhttp://www.sciencedirect.com/science/article/pii/S0140366416303218
Fitxers | Descripció | Mida | Format | Visualitza |
---|---|---|---|---|
[COMCOM-rev1]+Anomalias.pdf | 681,7Kb | Visualitza/Obre |