Automating Rapid Network Anomaly Detection With In-Band Network Telemetry

Network anomaly detection plays a significant role in Operation Administration and Maintenance (OAM). In this letter, we propose INT-detector, an automated and rapid network anomaly detection system, by combining In-band Network Telemetry (INT) and Deep Learning (DL). First, we build an INT-based te...

Full description

Saved in:
Bibliographic Details
Published in:IEEE networking letters 2022-03, Vol.4 (1), p.39-42
Main Authors: Zhang, Yan, Pan, Tian, Zheng, Yan, Gao, Minglan, Wang, Houtian, Huang, Tao, Liu, Yunjie
Format: Article
Language:English
Subjects:
Anomalies
Anomaly detection
Automation
Deep learning
Human performance
In-band network telemetry
Low pass filters
Metadata
Monitoring
network anomaly detection
Real-time systems
Switches
Telemetry
Training
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Network anomaly detection plays a significant role in Operation Administration and Maintenance (OAM). In this letter, we propose INT-detector, an automated and rapid network anomaly detection system, by combining In-band Network Telemetry (INT) and Deep Learning (DL). First, we build an INT-based telemetry prototype, enabling fine-grained monitoring by acquiring hop-by-hop device states. Then, we leverage Generative Adversarial Active Learning (GAAL) to detect anomalies without overreliance on the human intervention. Besides, we perform data preprocessing with low-pass filtering to eliminate transient traffic jitters for detecting more persistent anomalies. INT-detector is accurate and achieves 0.979 AUC on the collected INT dataset.
ISSN:2576-3156
2576-3156
DOI:10.1109/LNET.2021.3130573