Parameterized anomaly detection system with automatic configuration
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
| Hi-index | 0.00 |
This paper investigates the efficiency of diagnosing network anomalies using concepts of statistical analysis and evidential reasoning. A bi-cycle of auto-regression is first applied to model increments in the values of network monitoring variables to accurately detect network anomalies. To classify the rootcause of the detected anomalies, concepts of evidential reasoning of Dempster-Shafer theory are employed; the root-cause of a network failure is inferred by gathering pieces of evidence concerning different groups of candidate failures obtained from a training set of detected anomalies and their corresponding root-causes. These groups are then refined to infer the exact cause of failure when evidence accumulates using the Dempster rule of combinations. To handle cases of imbalanced training sets, two new approaches for assigning belief values to different anomaly classes are also proposed. Performance analysis and results demonstrate the accuracy of the proposed scheme in detecting anomalies using real data.