Failure Prediction Based on Multi-Scale Frequent Anomalous Behavior Identification in Support of Autonomic Networks

In this paper, we present a novel algorithm that extracts frequent anomalous behaviors based on multi-scale trend analysis of individual network parameters. The proposed Frequent Anomalous Behavior Mining (FABM) algorithm utilizes multiple levels of time-scale analysis to reveal the frequent anomalous behaviors. This makes the proposed algorithm robust to unreliable, redundant, incomplete and contradictory information. FABM is simple, has low order polynomial computational complexity of O(n2), the patterns identified by FABM require space complexity of O(n) to be stored in the knowledge base of the prediction engine, provides quick and accurate response and can be easily adapted to a distributed environment. Moreover, the empirical results gathered show that using FABM an efficient prediction engine can be realized with high true positive and true negative rates.

[1]  Isabelle Rouvellou,et al.  Automatic alarm correlation for fault identification , 1995, Proceedings of INFOCOM'95.

[2]  Takashi Okuda,et al.  Computational intelligence for distributed fault management in networks using fuzzy cognitive maps , 1996, Proceedings of ICC/SUPERCOMM '96 - International Conference on Communications.

[3]  Frank Feather,et al.  Fault detection in an Ethernet network using anomaly signature matching , 1993, SIGCOMM '93.

[4]  B. Sikdar,et al.  Network Management and Control Using Collaborative On-line Simulation , 2001 .

[5]  Carlos Becker Westphall,et al.  Performance evaluation for proactive network management , 1996, Proceedings of ICC/SUPERCOMM '96 - International Conference on Communications.

[6]  Lundy M. Lewis,et al.  A case-based reasoning approach to the management of faults in communication networks , 1993, IEEE INFOCOM '93 The Conference on Computer Communications, Proceedings.

[7]  Mischa Schwartz,et al.  Schemes for fault identification in communication networks , 1995, TNET.

[8]  Marina Thottan,et al.  Anomaly detection in IP networks , 2003, IEEE Trans. Signal Process..

[9]  Kang G. Shin,et al.  Detecting SYN flooding attacks , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[10]  Symeon Papavassiliou,et al.  Implementing enhanced network maintenance for transaction access services: tools and applications , 2000, 2000 IEEE International Conference on Communications. ICC 2000. Global Convergence Through Communications. Conference Record.