Schemes for fault identification in communication networks
IEEE/ACM Transactions on Networking (TON)
Alarm Reduction and Correlation in Defence of IP Networks
WETICE '04 Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Anomaly Detection for Network Servers Using Digital Signature of Network Segment
AICT-SAPIR-ELETE '05 Proceedings of the Advanced Industrial Conference on Telecommunications/Service Assurance with Partial and Intermittent Resources Conference/E-Learning on Telecommunications Workshop
Adaptive anomaly detection with evolving connectionist systems
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
Towards a formal model for the network alarm correlation problem
SMO'06 Proceedings of the 6th WSEAS International Conference on Simulation, Modelling and Optimization
Intrusion detection alarms reduction using root cause analysis and clustering
Computer Communications
Beyond Shannon: Characterizing Internet Traffic with Generalized Entropy Metrics
PAM '09 Proceedings of the 10th International Conference on Passive and Active Network Measurement
Network fault detection with Wiener filter-based agent
Journal of Network and Computer Applications
Decentralized multi-dimensional alert correlation for collaborative intrusion detection
Journal of Network and Computer Applications
Journal of Network and Computer Applications
An Intelligent Alarm Management System for Large-Scale Telecommunication Companies
EPIA '09 Proceedings of the 14th Portuguese Conference on Artificial Intelligence: Progress in Artificial Intelligence
Alarm clustering for intrusion detection systems in computer networks
Engineering Applications of Artificial Intelligence
Fusion Based Approach for Distributed Alarm Correlation in Computer Networks
ICCSN '10 Proceedings of the 2010 Second International Conference on Communication Software and Networks
Parameterized anomaly detection system with automatic configuration
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Information Sciences: an International Journal
Monitoring abnormal network traffic based on blind source separation approach
Journal of Network and Computer Applications
Anomaly detection in IP networks
IEEE Transactions on Signal Processing
IEEE Transactions on Network and Service Management
IEEE Transactions on Network and Service Management
| Hi-index | 0.00 |
Many solutions have been proposed for network alarm correlation. However, they mainly have focused on alarm reduction and on root cause analysis. This paper presents an automated alarm correlation system composed of three layers, which obtains raw alarms and presents to network administrator a wide view of the scenario affected by the volume anomaly. In the preprocessing layer, it is performed the alarm compression using their spatial and temporal attributes, which are reduced into a unique alarm named Device Level Alarm (DLA). The correlation layer aims to infer the anomaly propagation path and its origin and destination using DLAs and network topology information. The presentation layer provides the visualization of the path and network elements affected by the anomaly propagation. Moreover, it is presented the Anomaly Propagation View (APV), a graphic tool developed to provide a wide visualization of the network status. In order to evaluate the effectiveness of the proposed solution, it was used real traffic data from State University of Londrina.