Proposal of a new information-theory based technique and analysis of traffic anomaly detection

The change-point detection theory is used to identify abrupt changes in the network traffic. The literature has focused on longitudinal traffic analysis, namely, detecting sudden peak changes, rather than analyzing the traffic pattern on a 24h typical day. As traffic varies throughout the day, it is essential to consider the concrete traffic period in which the anomaly occurs, which is useful for checking interconnection agreements amongst operators, something not possible with traditional sudden peak changes techniques. As we introduce in this paper, no author to date has devised to detect changing points inside a typical day traffic pattern, which constitutes an innovative information-theory based technique. The aim of this paper is to present this new technique and to analyze how the different algorithms behave in detecting changing points inside a typical day profile. We conclude that a combination of the algorithms provides better results than the use of a single one. In low traffic periods the tests of goodness-of-fit best detect changing conditions, while in normal traffic periods (daytime) entropy-based algorithms best detect traffic increases; besides, the Statistical Control Charts complements both of them when detecting very abrupt changes regardless the traffic load.