论文信息 - RAIN: Towards Real-Time Core Devices Anomaly Detection Through Session Data in Cloud Network

RAIN: Towards Real-Time Core Devices Anomaly Detection Through Session Data in Cloud Network

Core devices form the critical components of the cloud network and provide service to multiple tenants simultaneously. The anomalies that happened in core devices impact network availability of a large number of users, meanwhile, lead to the degradation of cloud providers’ profits. However, direct monitoring of core devices needs to deploy massive heartbeat checking tools on numerous related components, which will be extremely laborious. In this paper, we deploy RAIN to reduce the number of devices that need to be detailed investigated for anomalies. The session traffic data among core devices and served virtual machines are utilized to conduct the analyzing. To guarantee near real-time monitoring, RAIN is designed as a two-step structure and incorporating four feature-based detection methods. RAIN has been deployed in Alibaba’s production cloud network for over 6 months and is analyzing terabytes of traffic flow metrics per day.

[1] Vanish Talwar,et al. Online detection of utility cloud anomalies using metric distributions , 2010, 2010 IEEE Network Operations and Management Symposium - NOMS 2010.

[2] Nan Hua,et al. Andromeda: Performance, Isolation, and Velocity at Scale in Cloud Network Virtualization , 2018, NSDI.

[3] Jun Wei,et al. FD4C: Automatic Fault Diagnosis Framework for Web Applications in Cloud Computing , 2016, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[4] Ramesh Govindan,et al. ASTUTE: detecting a different class of traffic anomalies , 2010, SIGCOMM '10.

[5] Mark Crovella,et al. Diagnosing network-wide traffic anomalies , 2004, SIGCOMM '04.

[6] Ramesh Govindan,et al. Trumpet: Timely and Precise Triggers in Data Centers , 2016, SIGCOMM.

[7] Marcin Szpyrka,et al. An Entropy-Based Network Anomaly Detection Method , 2015, Entropy.

[8] Shenglin Zhang,et al. PreFix: Switch Failure Prediction in Datacenter Networks , 2018, Proc. ACM Meas. Anal. Comput. Syst..

[9] Behnaz Arzani,et al. Taking the Blame Game out of Data Centers Operations with NetPoirot , 2016, SIGCOMM.

[10] Shenglin Zhang,et al. Device-Agnostic Log Anomaly Classification with Partial Labels , 2018, 2018 IEEE/ACM 26th International Symposium on Quality of Service (IWQoS).

[11] Carlo Contavalli,et al. Maglev: A Fast and Reliable Software Network Load Balancer , 2016, NSDI.