Title :
Anomaly Detection Using DSNS and a Dependency Graph for SNMP Objects
Author :
Zarpelao, B.B. ; de Souza Mendes, Leonardo ; Proenca, Mario L.
Author_Institution :
Sch. of Electr. & Comput. Eng., State Univ. of Campinas, Campinas
Abstract :
This paper addresses the problem of detecting anomalies in computer networks. Anomalies are significant changes in traffic levels, which can cause grave consequences to the execution of services offered by the network. The main characteristics of the anomaly detection system proposed in this work are: (i) application of the DSNS (digital signature of network segment), in order to detect the traffic behavior deviations, (ii) application of a dependency graph that represents the relations between the SNMP objects, in order to correlate the alarms generated for different objects. The results obtained from initial tests performed in a real environment were encouraging. They showed that our system is able to detect anomalies on the monitored network elements, avoiding the high false alarms rate.
Keywords :
alarm systems; computer networks; telecommunication services; telecommunication traffic; DSNS; SNMP objects; anomaly detection system; digital signature of network segment; Alarm systems; Application software; Character generation; Computer crime; Computer networks; Computer science; Digital signatures; Object detection; Telecommunication computing; Telecommunication traffic; MIB-II; SNMP; anomaly detection; computer network management;
Conference_Titel :
Telecommunications, 2008. AICT '08. Fourth Advanced International Conference on
Conference_Location :
Athens
Print_ISBN :
978-0-7695-3162-5
Electronic_ISBN :
978-0-7695-3162-5
DOI :
10.1109/AICT.2008.22
