Modeling network traffic for traffic matrix estimation and anomaly detection based on Bayesian network in cloud computing networks

With the rapid development of a cloud computing network, the network security has been a terrible problem when it provides much more services and applications. Network traffic modeling and analysis is significantly crucial to detect some lawless activities such as DDoS, virus and worms, and so on. Meanwhile, it is a common approach for acquiring a traffic matrix, which can be used by network operators to carry out network management and planning. Although a great number of methods have been proposed to model and analyze the network traffic, it is still a remarkable challenge since the network traffic characterization has been tremendously changed, in particular, for a cloud computing network. Motivated by that, we analyze and model the statistical features of network traffic based on the Bayesian network in this paper. Furthermore, we propose an accurate network traffic estimation approach and an efficient anomaly detection approach, respectively. In detail, we design a Bayesian network structure to model the causal relationships between network traffic entries. Based on this Bayesian network model, we obtain a joint probability distribution of network traffic by the maximum a posteriori approach. Then, we estimate the network traffic in terms of a regularized optimization model. Meanwhile, we also perform anomaly detection based on the proposed Bayesian network structure. We finally discuss the effectiveness of the proposed method for traffic matrix estimation and anomaly detection by applying it to the Abilene and GÉANT networks.

[1]  Y. Vardi,et al.  Network Tomography: Estimating Source-Destination Traffic Intensities from Link Data , 1996 .

[2]  Cheng Yao,et al.  Multi‐scale anomaly detection for high‐speed network traffic , 2015, Trans. Emerg. Telecommun. Technol..

[3]  Marco Listanti,et al.  Traffic matrix estimation enhanced by SDNs nodes in real network topology , 2015, 2015 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[4]  Maurizio Naldi,et al.  Estimation of Traffic Matrices for LRD Traffic , 2013 .

[5]  Faïez Gargouri,et al.  Improving algorithms for structure learning in Bayesian Networks using a new implicit score , 2010, Expert Syst. Appl..

[6]  Shiliang Sun,et al.  A bayesian network approach to traffic flow forecasting , 2006, IEEE Transactions on Intelligent Transportation Systems.

[7]  WillingerWalter,et al.  Spatio-temporal compressive sensing and internet traffic matrices , 2009 .

[8]  Peng Zhang,et al.  A transform domain-based anomaly detection approach to network-wide traffic , 2014, J. Netw. Comput. Appl..

[9]  Dingde Jiang,et al.  Joint time-frequency sparse estimation of large-scale network traffic , 2011, Comput. Networks.

[10]  Maurizio Naldi,et al.  Blind Maximum-Likelihood Estimation of Traffic Matrices in Long Range Dependent Traffic , 2009, FITraMEn.

[11]  Moises Goldszmidt Bayesian Network Classifiers , 2011 .

[12]  Peng Zhang,et al.  A traffic anomaly detection approach in communication networks for applications of multimedia medical devices , 2016, Multimedia Tools and Applications.

[13]  Matthew Roughan,et al.  Spatiotemporal Traffic Matrix Synthesis , 2015, Comput. Commun. Rev..

[14]  David Maxwell Chickering,et al.  Large-Sample Learning of Bayesian Networks is NP-Hard , 2002, J. Mach. Learn. Res..

[15]  Hui Tian,et al.  Study on a New Model for Network Traffic Matrix Estimation , 2014, 2014 Sixth International Symposium on Parallel Architectures, Algorithms and Programming.

[16]  Konstantina Papagiannaki,et al.  Traffic matrices: balancing measurements, inference and modeling , 2005, SIGMETRICS '05.

[17]  Dingde Jiang,et al.  How to reconstruct end-to-end traffic based on time-frequency analysis and artificial neural network , 2014 .

[18]  Flávio Henrique Teles Vieira,et al.  Adaptive wavelet-based multifractal model applied to the effective bandwidth estimation of network traffic flows , 2009 .

[19]  Dingde Jiang,et al.  A novel hybrid prediction algorithm to network traffic , 2015, annals of telecommunications - annales des télécommunications.

[20]  Walter Willinger,et al.  Spatio-Temporal Compressive Sensing and Internet Traffic Matrices (Extended Version) , 2012, IEEE/ACM Transactions on Networking.

[21]  Albert G. Greenberg,et al.  Fast accurate computation of large-scale IP traffic matrices from link loads , 2003, SIGMETRICS '03.

[22]  Bing Yu,et al.  Time-Varying Network Tomography: Router Link Data , 2000 .