Autonomic diagnosis of anomalous network traffic

Network traffic abnormalities pose one of the greatest threats for networked environments. Autonomic communications offer a solution: it should be possible to design network mechanisms that behave adaptively and respond to any anomalous phenomenon that threatens normal network behaviour. In this paper we present the design of an adaptive anomaly detection component that has been built as part of an autonomic network system. We have implemented an entropy estimator to predict the onset of anomalous traffic behaviour within an autonomic resilience framework, and a Supervised Naive Bayesian classifier which synergistically empower the core properties of self-adaptation, self-learning and self-protection for next generation networks. Being part of an always-on, automated measurement and control infrastructure, such mechanism enforces the adaptive system reaction to suboptimal network operation and its subsequent restoration, while requiring minimal static (re)configuration and operator intervention.