To search, Click below search items. |
| All Published Papers Search Service |
|
|
|
Title |
Graph-based Correlation of SNMP Objects for Anomaly Detection |
|
Author |
Bruno Bogaz Zarpel?o, Leonardo de Souza Mendes, Mario Lemes Proen?a Jr |
| Citation |
Vol. 6 No. 5 pp. 194-202 |
|
Abstract |
Anomaly detection is essential, because it allows a rapid reaction to the problems and helps assuring performance and security in computer networks. This paper presents an anomaly detection system based on: (i) the traffic characterization performed by the BLGBA model, which is responsible for the DSNS generation; (ii) an alarm system that compares the DSNS and the real movement obtained in SNMP objects, sending the alarms to a correlation system when a behavior deviation is detected; (iii) a correlation system based on a directed graph which represents the possible paths of anomaly propagation through the SNMP objects in a network element. Three years of data collected from the State University of Londrina network were used to evaluate this anomaly detection system. The results were encouraging and confirmed that our system is able to detect anomalies on the monitored network elements, avoiding the high false alarms rate. |
|
Keywords |
Anomaly Detection, SNMP, DSNS, Correlation, Directed Graph |
|
URL |
