基于离群点检测的链路流量细粒度监测

doi:10.11871/jfdc.10-1649.2021.06.011

数据与计算发展前沿 ›› 2021, Vol. 3 ›› Issue (6): 142-150.

doi: 10.11871/jfdc.10-1649.2021.06.011

基于离群点检测的链路流量细粒度监测

李菁菁^1,^2,^*(),杨校林^1,²(),李俊^1,²(),何群辉¹()

1. 中国科学院计算机网络信息中心,北京 100083
2. 中国科学院大学,北京 100049

收稿日期:2021-05-11 出版日期:2021-12-20 发布日期:2022-01-26
通讯作者: 李菁菁
作者简介:李菁菁,中国科学院计算机网络信息中心,高级工程师,硕士生导师,主要研究领域为未来网络体系结构,大规模云基础设施智能监测感知,智能网络运管分析技术等。
本文中负责思路解析和总体统稿。
LI Jingjing is a senior engineer and master tutor of Computer Network Information Center of Chinese Academy of Sciences. His main research areas are future network architecture, large-scale cloud infrastructure intelligent monitoring and perception, and intelligent network operation and management analysis technology.
In this paper, he is responsible for the idea analysis and overall draft. E-mail: jjli@cnic.cn;|杨校林,中国科学院计算机网络信息中心,在读硕士研究生,主要研究领域为聚类与异常点检测,智能网络运管分析技术等。
本文中承担的任务是算法设计、实验设计。
YANG Xiaolin is a graduate student in Computer Network Information Center of Chinese Academy of Sciences. His main research areas are clustering and anomaly detection, and intelligent network operation and management analysis technology.
In this paper, he is responsible for the design of the algorithm and experiments.E-mail: xlyang@cnic.cn;|李俊,中国科学院计算机网络信息中心,研究员,博士生导师,中国科学院特聘研究员,主要研究领域为人工智能和大数据应用、互联网体系结构等。
本文中负责研究指导。
LI Jun is a research fellow and PhD supervisor at Computer Network Information Center of Chinese Academy of Sciences, specially appointed researcher of Chinese Academy of Scie-nces. His main research interests are artificial intelligence and big data technical applications and future Internet architecture.
In this paper, he is responsible for research guidance. E-mail: jlee@cstnet.cn;|何群辉,中国科学院计算机网络信息中心,高级工程师,长期从事科技网网络运维管理、网络基础监测工作,在网络运维管理和域名管理方面具有丰富的经验,参与了多项发改委、科技部的重点课题和中国科学院信息化专项工程建设项目。现在主要负责网络运维管理、互联网地址域名系统管理以及合规管理工作。
本文中负责数据整理。
HE Qunhui is a senior engineer in Computer Network Informa-tion Center, Chinese Academy of Sciences. She has long been engaged in network operation and maintenance management, network basic monitoring of the science and technology network. She has rich experience in network operation and maintenance management and domain name management. She has participated in a number of key projects of the National Development and Reform Commission, the Ministry of Science and Technology, and the Chinese Academy of Sciences informatization special project construction project. Now she is mainly responsible for network operation and maintenance management, Internet address domain name system management and compliance management.
In this paper, she is responsible for data collection.E-mail: hqh@cstnet.cn

Subtle Aberration Monitoring of Link Traffic Based on Outlier Detection

LI Jingjing^1,^2,^*(),YANG Xiaolin^1,²(),LI Jun^1,²(),HE Qunhui¹()

1. Computer Network Information Center, Chinese Academy of Sciences, Beijing 100083, China
2. University of Chinese Academy of Sciences, Beijing 100049, China

Received:2021-05-11 Online:2021-12-20 Published:2022-01-26
Contact: LI Jingjing

摘要/Abstract

摘要：

【目的】科研网络链路局部流量尖峰和细粒度传输异常对精密联合科学观测的影响较大,科研网络当前采用的固定阈值链路流量监测方法仅能有效监测链路资源消耗,无法实时监测链路汇聚流量中的细粒度异常。【方法】因此,本文基于改进的局部离群点检测方法面向科研网络需求设计了一种新型链路流量细粒度监测预警模型,通过在滑动时间窗口内对观测流量与动态基线进行快速计算实现链路流量细粒度异常的快速监测预警。【结论】在中国科技网生产环境中的实网验证表明,预警触发点与实际生产工单数据中的异常记录点全部吻合,具备工程应用的可行性。

关键词: 离群点检测, 链路流量, 细粒度监测, 动态基线

Abstract:

[Objective] The subtle aberration of network traffic has a harmful influence on scientific research precision joint observation. The fixed threshold network traffic monitoring currently used can only effectively warn the link resource consumption, but cannot monitor the subtle aberration of branch line traffic.[Methods] Therefore, we propose a new link traffic warning model which can monitor subtle aberration and trigger alarm based on the improved outlier detection method in this study to support the network management of CSTNet. The model can implement fast monitoring and early warning of subtle aberration of the link traffic by fast calculation of deviation between the observed traffic value and dynamic baseline in sliding time window. [Conclusions] Experiments in the real operation of CSTNet demonstrate that the warning trigger points are all consistent with the abnormal record points in the network operation and diagnostic record, which has the feasibility of engineering application.

Key words: outlier detection, link traffic, monitoring model, dynamic baseline

李菁菁,杨校林,李俊,何群辉. 基于离群点检测的链路流量细粒度监测[J]. 数据与计算发展前沿, 2021, 3(6): 142-150.

LI Jingjing,YANG Xiaolin,LI Jun,HE Qunhui. Subtle Aberration Monitoring of Link Traffic Based on Outlier Detection[J]. Frontiers of Data and Computing, 2021, 3(6): 142-150.

图/表 10

图1

图2

图3

图4

图5

图6

图7

表1

图8

图9

参考文献 11

[1]	陈中, 郑为民, 陈肖. 中国e-VLBI网的建立及应用[J]. 中国科学院上海天文台年刊, 2015,36:136-147.
[2]	Hawkins D. Identification of Outliers[M]. London: Chapman and Hall, 1980: 188.
[3]	王宏鼎, 童云海, 谭少华, 等. 异常点挖掘研究进展[J]. 智能系统学报, 2006,1(1):67-73.
[4]	孙哲南, 张兆翔, 王威, 刘菲, 谭铁牛. 2019年人工智能新态势与新进展[J]. 数据与计算发展前沿, 2019,1(06):1-16.
[5]	Hung W L, Yang M S. An omission approach for detec-ting outliers in fuzzy regression models[J]. Fuzzy sets and systems, 2006,157(23):3109-3122.
[6]	Liu X, Cheng G, Wu J X. Analyzing outliers cautiously[J]. IEEE Transactions on Knowledge and Data Enginee-ring, 2002,14(2):432-437.
[7]	Breunig M M, Kriegel H P, Ng R T, et al. LOF: identi-fying density-based local outliers[C]. Proceedings of the 2000 ACM SIGMOD international conference on Mana-gement of data. 2000: 93-104.
[8]	Jin W Tung AK H, Han J, et al. Ranking outliers using symmetric neighborhood relationship[C]. Pacific-Asia Conference on Knowledge Discovery and Data Mining. Springer, Berlin, Heidelberg, 2006: 577-593.
[9]	杨校林, 李菁菁, 李易. FINFLO:快速局部异常点检测算法. 数据与计算发展前沿, 2020,2(6):82-89.
[10]	苏冰, 王超, 刘岩. 基于固定阈值法的声纳信号检测性能研究[J]. 数字技术与应用, 2012,000(009):85-86.
[11]	郭炜. 基于动态基线的业务运营支撑网异常流量检测研究[C]// 2011年通信与信息技术新进展—第八届中国通信学会学术年会论文集. 2011.

		Actual class
		Positive Class	Negative Class
Fixed class	Positive Class	TP=4	FP=2
Fixed class	Negative Class	FN=1	TN=1433

基于离群点检测的链路流量细粒度监测

Subtle Aberration Monitoring of Link Traffic Based on Outlier Detection

RichHTML

PDF

可视化

摘要/Abstract

引用本文

使用本文

图/表 10

参考文献 11

相关文章 0

编辑推荐

Metrics

本文评价