Paper Info
Title
Inference of network anomaly propagation using spatio-temporal correlation
Abstract
Many solutions have been proposed for network alarm correlation. However, they mainly have focused on alarm reduction and on root cause analysis. This paper presents an automated alarm correlation system composed of three layers, which obtains raw alarms and presents to network administrator a wide view of the scenario affected by the volume anomaly. In the preprocessing layer, it is performed the alarm compression using their spatial and temporal attributes, which are reduced into a unique alarm named Device Level Alarm (DLA). The correlation layer aims to infer the anomaly propagation path and its origin and destination using DLAs and network topology information. The presentation layer provides the visualization of the path and network elements affected by the anomaly propagation. Moreover, it is presented the Anomaly Propagation View (APV), a graphic tool developed to provide a wide visualization of the network status. In order to evaluate the effectiveness of the proposed solution, it was used real traffic data from State University of Londrina.
Year
DOI
Venue
2012
10.1016/j.jnca.2012.07.003
J. Network and Computer Applications
Keywords
DocType
Volume
alarm compression,raw alarm,unique alarm,network administrator,automated alarm correlation system,network status,alarm reduction,spatio-temporal correlation,network element,network topology information,network anomaly propagation,network alarm correlation
Journal
35
Issue
ISSN
Citations 
6
1084-8045
5
PageRank 
References 
Authors
0.50
27
5
Name
Order
Citations
PageRank
Alexandre Aguiar Amaral1100.90
Bruno Bogaz Zarpelão29810.59
Leonardo de Souza Mendes35311.44
JOEL J. P. C. RODRIGUES43484341.72
Mario Lemes ProençA, Junior5100.90