Automating Rapid Network Anomaly Detection With In-Band Network Telemetry

Automating Rapid Network Anomaly Detection With In-Band Network Telemetry

Network anomaly detection plays a significant role in Operation Administration and Maintenance (OAM). In this letter, we propose INT-detector, an automated and rapid network anomaly detection system, by combining In-band Network Telemetry (INT) and Deep Learning (DL). First, we build an INT-based te...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE networking letters 2022-03, Vol.4 (1), p.39-42
Hauptverfasser: Zhang, Yan, Pan, Tian, Zheng, Yan, Gao, Minglan, Wang, Houtian, Huang, Tao, Liu, Yunjie
Format: Artikel
Sprache:eng
Schlagworte:
Anomalies
Anomaly detection
Automation
Deep learning
Human performance
In-band network telemetry
Low pass filters
Metadata
Monitoring
network anomaly detection
Real-time systems
Switches
Telemetry
Training
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Network anomaly detection plays a significant role in Operation Administration and Maintenance (OAM). In this letter, we propose INT-detector, an automated and rapid network anomaly detection system, by combining In-band Network Telemetry (INT) and Deep Learning (DL). First, we build an INT-based telemetry prototype, enabling fine-grained monitoring by acquiring hop-by-hop device states. Then, we leverage Generative Adversarial Active Learning (GAAL) to detect anomalies without overreliance on the human intervention. Besides, we perform data preprocessing with low-pass filtering to eliminate transient traffic jitters for detecting more persistent anomalies. INT-detector is accurate and achieves 0.979 AUC on the collected INT dataset.
ISSN:2576-3156
2576-3156
DOI:10.1109/LNET.2021.3130573