The search functionality is under construction.
The search functionality is under construction.

A Traffic Decomposition and Prediction Method for Detecting and Tracing Network-Wide Anomalies

Ping DU, Shunji ABE, Yusheng JI, Seisho SATO, Makio ISHIGURO

  • Full Text Views

    0

  • Cite this

Summary :

Traffic volume anomalies refer to apparently abrupt changes in the time series of traffic volume, which can propagate through the network. Detecting and tracing these anomalies is a critical and difficult task for network operators. In this paper, we first propose a traffic decomposition method, which decomposes the traffic into three components: the trend component, the autoregressive (AR) component, and the noise component. A traffic volume anomaly is detected when the AR component is outside the prediction band for multiple links simultaneously. Then, the anomaly is traced using the projection of the detection result matrices for the observed links which are selected by a shortest-path-first algorithm. Finally, we validate our detection and tracing method by using the real traffic data from the third-generation Science Information Network (SINET3) and show the detected and traced results.

Publication
IEICE TRANSACTIONS on Information Vol.E92-D No.5 pp.929-936
Publication Date
2009/05/01
Publicized
Online ISSN
1745-1361
DOI
10.1587/transinf.E92.D.929
Type of Manuscript
Special Section PAPER (Special Section on Information and Communication System Security)
Category
Internet Security

Authors

Keyword