BIRCH: an efficient data clustering method for very large databases
SIGMOD '96 Proceedings of the 1996 ACM SIGMOD international conference on Management of data
CURE: an efficient clustering algorithm for large databases
SIGMOD '98 Proceedings of the 1998 ACM SIGMOD international conference on Management of data
C2P: Clustering based on Closest Pairs
Proceedings of the 27th International Conference on Very Large Data Bases
Time Series Segmentation for Context Recognition in Mobile Devices
ICDM '01 Proceedings of the 2001 IEEE International Conference on Data Mining
Clustering intrusion detection alarms to support root cause analysis
ACM Transactions on Information and System Security (TISSEC)
Clustering in Dynamic Spatial Databases
Journal of Intelligent Information Systems
Dynamic syslog mining for network failure monitoring
Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining
An integrated framework on mining logs files for computing system management
Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining
l-DBSCAN: A Fast Hybrid Density Based Clustering Method
ICPR '06 Proceedings of the 18th International Conference on Pattern Recognition - Volume 01
Behavioural proximity approach for alarm correlation in telecommunication networks
MICAI'06 Proceedings of the 5th Mexican international conference on Artificial Intelligence
High speed and robust event correlation
IEEE Communications Magazine
Clustering event logs using iterative partitioning
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining
Behavioural Proximity Discovery: an adaptive approach for root cause analysis
International Journal of Business Intelligence and Data Mining
The semantics of alarm definitions: enabling systematic reasoning about alarms
International Journal of Network Management
| Hi-index | 0.00 |
In this paper we introduce an efficient clustering algorithm embedded in a novel approach for solving the problem of faults identification in large telecommunication networks. Our algorithm is especially designed for the event correlation problem taking into account comprehensive information about the system behaviour. Although alarms are usually useful for identifying faults in such systems, their large number overloads the current management systems, making it extremely difficult to provide an answer within a reasonable response time. The alarm flow presents some interesting characteristics like alarm storm and alarm cascade. For instance, a single fault may result in a large number of alarms, and it is often very difficult to isolate the true cause of the fault. One way of overcoming this problem is to analyze, interpret and reduce the number of these alarms before trying to localize the faults. In this paper, we present a new original algorithm, and compare it with some available clustering algorithms by experimenting them with some samples of both simulated and real data from Ericsson's network.