Abstract:
Anomaly detection is a non-trivial task, which is becoming more and more mature as we are stepping in the high-speed networks links. Existing network monitoring tools and algorithms may not match the needs of high-performance network path anomaly detection. This project is implemention and design of algorithms that detects significant events on an Internet path by monitoring the available bandwidth. Evaluating a comprehensive dataset of diverse bandwidth measurements reveals that significant noisy traffic spikes are generally observed on Internet paths. To extract normal path characteristics from these noisy real-time measurements, it is found that low-pass filter the bandwidth estimates and shows that the distribution of normal path bandwidths approaches Gaussianity irrespective of the path being monitored. This Gaussian baseline model is then leveraged in a decision-theoretic framework to detect path events. We show that the proposed detector provides highly accurate performance and easily surpasses the accuracy of existing techniques.
