A Seven-Dimensional Flow Analysis to Help Autonomous Network Management
Assis, M. A.
; Proença, M. P.
Rodrigues, J. R.
Information Sciences Vol. 278, Nº ., pp. 900 - 913, September, 2014.
ISSN (print): 0020-0255
Journal Impact Factor: 3,095 (in 2008)
Digital Object Identifier: 10.1016/j.ins.2014.03.102
Download Full text PDF ( 2 MBs)
Due to the increasing need of more agility in information exchange, computer networks are continuously expanding both in magnitude and complexity of the management processes. An essential component of these processes is the anomaly detection and identification. Although there are several studies in this area, simple and efficient anomaly detection mechanisms are still required due to the lack of suitable approaches for large-scale network environments. In this paper, we present an anomaly detection system using a seven-dimensional flow analysis. The core of this system is composed by the Holt-Winters for Digital Signature (HWDS) method, an improvement of the traditional Holt-Winters, which characterizes the traffic of each one of the analyzed dimensions in order to generate profiles able to describe the network’s normal behavior, here called Digital Signature of Network Segment using Flow analysis (DSNSF). The low complexity of the presented approach enables fast anomaly detection, mitigating the impact on final users. The system not only warns the network administrator about the problem, but also provides the necessary information to identify and solve it. To measure the efficiency and accuracy of the system, we use real data collected from a large-scale network environment.