Network anomalies can seriously influence the performance of networks and cause huge financial losses. Existing studies modeled the round-trip time (RTT) time series of each link and identified their abnormal patterns independently to detect the network anomalies. However, they rarely investigated the correlation among links, and they rarely considered the goodness of fit and complexity in model selection, which led to low timeliness and accuracy of detection. They failed to understand the impact of network anomalies. In this work, we propose the RTS detection approach to address these challenges. Specifically, we, firstly, propose a link clustering method to cluster the links into different classes based on the topological location of pairwise links and the similarity between their RTT time series. Then, for each class of links, we consider the goodness of fit and complexity in model selection and select the suitable model to analyze their RTT time series. Finally, we propose a detection method to detect the network anomalies by observing the deviation between the probability density distribution of the current RTT values and the reference value. We perform experiments with data from public measurement infrastructures like RIPE Atlas to evaluate the performance of our approach. The results show that our approach can not only reduce the detection time and improve the accuracy of detection effectively but also can roughly evaluate the impact of network anomalies.
Monitoring the states of network links is essential to detect network outages and improve Internet reliability. Currently, existing work detects network outages by monitoring all the links, which requires thousands of probes and large-scale measurements, resulting in high resource occupancy and cost. To solve this problem, this paper proposes the KL-Dection approach, which detects network outages via key links instead of all links. Firstly, we recognize the key links based on flow density, degree centrality, and probe-distance centrality. Next, based on the recognized key links, we give the critical value of their Round-Trip Time (RTT). Then, we detect the network outages by observing whether the RTT of the key link exceeds the critical value. Finally, we leverage two historical events to evaluate our approach, and the results demonstrate that our approach can detect the network outages effectively by only monitoring less than 0.06% of the links in detection area.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.