Automation of network anomaly detection and mitigation with the use of IBN: A deployment case on KOREN

Network ecosystems have grown to encompass multiple application domains. SDN and NFV technologies have helped pave the road for the evolution of the core and edge networking systems, allowing for numerous services to be served by the same physical infrastructure. Guaranteeing the operability of the network has become an ever-increasing requirement in order to sustain the underlying services deployed on the network. For this, Intent-Based Networking (IBN) aims to abstract network management by introducing high-level rules/policies that are translated to network configurations per service requirements. By following this principle, we proposed an anomaly detection and mitigation mechanism that exploits the characteristics of IBN for collecting and analyzing flows, using Machine Learning for interpreting traffic patterns, and automatic deployment of high-level policies for corrective actions related to anomalous traffic occurrences. The complete system is deployed on the Korea Advanced Research Network (KOREN), where the abstraction provided by IBN for network anomaly detection and mitigation is a key factor in closing the gap to achieve complete network automation.