Dependency graph to improve notifications’ semantic on anomaly detection

Author

Zarpelao, Bruno Bogaz ; Mendes, Leonardo DeSouza ; Proenca, Mario Lemes, Jr.

Author_Institution

Sch. of Electr. & Comput. Eng. (FEEC), State Univ. of Campinas (UNICAMP), Campinas

fYear

2008

fDate

7-11 April 2008

Firstpage

726

Lastpage

729

Abstract

Besides identifying anomalies, detection systems must offer additional information about the occurrence, aiming to help the network administrator in order to build an accurate diagnostic. This paper presents a lightweight approach to detect anomalies, improving the semantic power of notifications sent to network administrator. The key point of the proposed anomaly detection system is a correlation system based on a directed graph which represents the possible paths of anomaly propagation through the SNMP objects in a network element. The results obtained from initial tests were encouraging and showed that our system is able to detect anomalies on the monitored network element, avoiding the high false alarms rate.

Keywords

computer network management; graph theory; security of data; telecommunication traffic; anomaly detection; dependency graph; directed graph; network administrator; notification semantic; Character generation; Computer crime; Event detection; Information management; Monitoring; Object detection; Optical propagation; Protocols; Telecommunication traffic; Web server; Alarm systems; Anomaly detection; Computer network management; Traffic characterization;

fLanguage

English

Publisher

ieee

Conference_Titel

Network Operations and Management Symposium, 2008. NOMS 2008. IEEE

Conference_Location

Salvador, Bahia

ISSN

1542-1201

Print_ISBN

978-1-4244-2065-0

Electronic_ISBN

1542-1201

Type

conf

DOI

10.1109/NOMS.2008.4575199

Filename

4575199