GAMPAL: Anomaly Detection for Internet Backbone Traffic by Flow Prediction with LSTM-RNN

研究成果: Conference contribution

抄録

This paper proposes a general-purpose anomaly detection mechanism for Internet backbone traffic named GAMPAL (General-purpose Anomaly detection Mechanism using Path Aggregate without Labeled data). GAMPAL does not require labeled data to achieve a general-purpose anomaly detection. For scalability to the number of entries in the BGP RIB (Routing Information Base), GAMPAL introduces path aggregates. The BGP RIB entries are classified into the path aggregates, each of which is identified with the first three AS numbers in the AS_PATH attribute. GAMPAL establishes a prediction model of traffic throughput based on past traffic throughput. It adopts the LSTM-RNN (Long Short-Term Memory Recurrent Neural Network) model focusing on periodicity in weekly scale of the Internet traffic pattern. The validity of GAMPAL is evaluated using the real traffic information and the BGP RIB exported from the WIDE backbone network (AS2500), a nation-wide backbone network for research and educational organizations in Japan. As a result, GAMPAL successfully detects traffic increases due to events and DDoS attacks targeted to a stub organization.

本文言語English
ホスト出版物のタイトルMachine Learning for Networking - 2nd IFIP TC 6 International Conference, MLN 2019, Revised Selected Papers
編集者Selma Boumerdassi, Éric Renault, Paul Mühlethaler
出版社Springer
ページ196-211
ページ数16
ISBN(印刷版)9783030457778
DOI
出版ステータスPublished - 2020
イベント2nd International Conference on Machine Learning for Networking, MLN 2019 - Paris, France
継続期間: 2019 12 32019 12 5

出版物シリーズ

名前Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
12081 LNCS
ISSN(印刷版)0302-9743
ISSN(電子版)1611-3349

Conference

Conference2nd International Conference on Machine Learning for Networking, MLN 2019
CountryFrance
CityParis
Period19/12/319/12/5

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

フィンガープリント 「GAMPAL: Anomaly Detection for Internet Backbone Traffic by Flow Prediction with LSTM-RNN」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル