MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning

Abstract As the cloud services market grows, cloud management tools that detect network anomalies in a non-intrusive manner are critical to improve users’ experience of cloud services. However, some network anomalies, such as Microburst, in cloud systems are very discreet. Network monitoring methods...

Full description

Bibliographic Details
Main Authors: Yunfeng Duan, Chenxu Li, Guotao Bai, Guo Chen, Fanqin Zhou, Jiaxing Chen, Zehua Gao, Chun Zhang
Format: Article
Language:English
Published: SpringerOpen 2023-08-01
Series:Journal of Cloud Computing: Advances, Systems and Applications
Subjects:
Online Access:https://doi.org/10.1186/s13677-023-00492-w
_version_ 1797556435714834432
author Yunfeng Duan
Chenxu Li
Guotao Bai
Guo Chen
Fanqin Zhou
Jiaxing Chen
Zehua Gao
Chun Zhang
author_facet Yunfeng Duan
Chenxu Li
Guotao Bai
Guo Chen
Fanqin Zhou
Jiaxing Chen
Zehua Gao
Chun Zhang
author_sort Yunfeng Duan
collection DOAJ
description Abstract As the cloud services market grows, cloud management tools that detect network anomalies in a non-intrusive manner are critical to improve users’ experience of cloud services. However, some network anomalies, such as Microburst, in cloud systems are very discreet. Network monitoring methods, e.g., SNMP, Ping, are of coarse temporal granularity or low-dimension metrics, have difficulty to identify such anomalies quickly and accurately. Network telemetry is able to collect rich network metrics with fine temporal granularity, which can provide deep insight into network anomalies. However, the rich features in the telemetry data are insufficient exploited in existing research. This paper proposes a Multi-feature Fusion Graph Deep learning approach driven by the In-band Network Telemetry, shorted as MFGAD-INT, to efficiently extract and process the spatial-temporal correlation information in telemetry data and effectively identify the anomalies. The experimental results show that the accuracy performance of the proposed method improves about 10.56% compared to the anomaly detection method without network telemetry and about 9.73% compared to the network telemetry-based method.
first_indexed 2024-03-10T17:01:52Z
format Article
id doaj.art-648b61504d14488ba33382dfa4b4c99e
institution Directory Open Access Journal
issn 2192-113X
language English
last_indexed 2024-03-10T17:01:52Z
publishDate 2023-08-01
publisher SpringerOpen
record_format Article
series Journal of Cloud Computing: Advances, Systems and Applications
spelling doaj.art-648b61504d14488ba33382dfa4b4c99e2023-11-20T10:55:58ZengSpringerOpenJournal of Cloud Computing: Advances, Systems and Applications2192-113X2023-08-0112111610.1186/s13677-023-00492-wMFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learningYunfeng Duan0Chenxu Li1Guotao Bai2Guo Chen3Fanqin Zhou4Jiaxing Chen5Zehua Gao6Chun Zhang7China Mobile Information Technology Co., Ltd.State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and TelecommunicationsChina Mobile Information Technology Co., Ltd.China Mobile Information Technology Co., Ltd.State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and TelecommunicationsChina Mobile Information Technology Co., Ltd.School of Information and Communication Engineering, Beijing University of Posts and TelecommunicationsChina Mobile Information Technology Co., Ltd.Abstract As the cloud services market grows, cloud management tools that detect network anomalies in a non-intrusive manner are critical to improve users’ experience of cloud services. However, some network anomalies, such as Microburst, in cloud systems are very discreet. Network monitoring methods, e.g., SNMP, Ping, are of coarse temporal granularity or low-dimension metrics, have difficulty to identify such anomalies quickly and accurately. Network telemetry is able to collect rich network metrics with fine temporal granularity, which can provide deep insight into network anomalies. However, the rich features in the telemetry data are insufficient exploited in existing research. This paper proposes a Multi-feature Fusion Graph Deep learning approach driven by the In-band Network Telemetry, shorted as MFGAD-INT, to efficiently extract and process the spatial-temporal correlation information in telemetry data and effectively identify the anomalies. The experimental results show that the accuracy performance of the proposed method improves about 10.56% compared to the anomaly detection method without network telemetry and about 9.73% compared to the network telemetry-based method.https://doi.org/10.1186/s13677-023-00492-wAnomaly detectionTime series analysisIn-band network telemetryDeep learningData stream miningCloud computing
spellingShingle Yunfeng Duan
Chenxu Li
Guotao Bai
Guo Chen
Fanqin Zhou
Jiaxing Chen
Zehua Gao
Chun Zhang
MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning
Journal of Cloud Computing: Advances, Systems and Applications
Anomaly detection
Time series analysis
In-band network telemetry
Deep learning
Data stream mining
Cloud computing
title MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning
title_full MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning
title_fullStr MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning
title_full_unstemmed MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning
title_short MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning
title_sort mfgad int in band network telemetry data driven anomaly detection using multi feature fusion graph deep learning
topic Anomaly detection
Time series analysis
In-band network telemetry
Deep learning
Data stream mining
Cloud computing
url https://doi.org/10.1186/s13677-023-00492-w
work_keys_str_mv AT yunfengduan mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning
AT chenxuli mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning
AT guotaobai mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning
AT guochen mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning
AT fanqinzhou mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning
AT jiaxingchen mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning
AT zehuagao mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning
AT chunzhang mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning