Title :
Fast traffic anomalies detection using SNMP MIB correlation analysis
Author :
Lee, Dong Cheul ; Park, Byungjoo ; Kim, Ki Eung ; Lee, Jae Jin
Author_Institution :
Network Technol. Lab., KT Co. Ltd., Daejeon
Abstract :
Internet service providers (ISPs) should detect and control abnormal traffic fast for stable network management. One of the ways to detect traffic anomalies fast is shortening traffic collecting cycle. However, performance degradation is inevitable if a centralized traffic collection server gathers all traffic data from equipments in a large ISP. This paper presents an enhanced traffic collection algorithm that can gather traffic data frequently without degrading the performance by analyzing SNMP MIB objects correlation. The algorithm estimates the values of interface group objects by using ip group objects, thus, it reduces the number of collections. We evaluated this algorithm on KORNET backbone network. The performance degradation was not found on the experiment, and the accuracy of the algorithm was fairly good.
Keywords :
Internet; computer network management; protocols; security of data; telecommunication traffic; Internet service providers; KORNET backbone network; SNMP MIB correlation analysis; SNMP MIB objects correlation; abnormal traffic; centralized traffic collection server; performance degradation; stable network management; traffic anomalies detection; traffic collecting cycle; traffic collection algorithm; traffic data; Communication system traffic control; Degradation; Detection algorithms; Filters; Frequency; Monitoring; Network servers; Telecommunication traffic; Traffic control; Web and internet services; SNMP MIB correlation; Traffic anomalies; detection algorithm;
Conference_Titel :
Advanced Communication Technology, 2009. ICACT 2009. 11th International Conference on
Conference_Location :
Phoenix Park
Print_ISBN :
978-89-5519-138-7
Electronic_ISBN :
1738-9445
