Title :
Parameterized Anomaly Detection System with Automatic Configuration
Author :
Zarpelão, Bruno B. ; Mendes, Leonardo S. ; Proença, Mario L., Jr. ; Rodrigues, Joel J P C
Author_Institution :
Sch. of Electr. & Comp. Eng., Univ. of Campinas (UNICAMP), Campinas, Brazil
Abstract :
This work proposes a parameterized anomaly detection system, based on the method known as profile based. The analysis of network elements is performed in two levels: (i) analysis of simple network management protocol (SNMP) objects data using a hysteresis-based algorithm to detect behavior deviations; (ii) analysis of alerts generated in the first level using a dependency graph, which represents the relationships between the SNMP objects. The proposed system is also able to configure its own parameters automatically, aiming to meet the network administrator needs. Tests were performed in a real network environment and great results were obtained.
Keywords :
graph theory; hysteresis; telecommunication network management; telecommunication security; automatic configuration; dependency graph; hysteresis-based algorithm; parameterized anomaly detection system; simple network management protocol; Algorithm design and analysis; Computer crime; Hysteresis; Object detection; Performance analysis; Performance evaluation; Protocols; Quality of service; Telecommunication traffic; Testing;
Conference_Titel :
Global Telecommunications Conference, 2009. GLOBECOM 2009. IEEE
Conference_Location :
Honolulu, HI
Print_ISBN :
978-1-4244-4148-8
DOI :
10.1109/GLOCOM.2009.5426189
