MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning
Abstract As the cloud services market grows, cloud management tools that detect network anomalies in a non-intrusive manner are critical to improve users’ experience of cloud services. However, some network anomalies, such as Microburst, in cloud systems are very discreet. Network monitoring methods...
Main Authors: | , , , , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
SpringerOpen
2023-08-01
|
Series: | Journal of Cloud Computing: Advances, Systems and Applications |
Subjects: | |
Online Access: | https://doi.org/10.1186/s13677-023-00492-w |
_version_ | 1797556435714834432 |
---|---|
author | Yunfeng Duan Chenxu Li Guotao Bai Guo Chen Fanqin Zhou Jiaxing Chen Zehua Gao Chun Zhang |
author_facet | Yunfeng Duan Chenxu Li Guotao Bai Guo Chen Fanqin Zhou Jiaxing Chen Zehua Gao Chun Zhang |
author_sort | Yunfeng Duan |
collection | DOAJ |
description | Abstract As the cloud services market grows, cloud management tools that detect network anomalies in a non-intrusive manner are critical to improve users’ experience of cloud services. However, some network anomalies, such as Microburst, in cloud systems are very discreet. Network monitoring methods, e.g., SNMP, Ping, are of coarse temporal granularity or low-dimension metrics, have difficulty to identify such anomalies quickly and accurately. Network telemetry is able to collect rich network metrics with fine temporal granularity, which can provide deep insight into network anomalies. However, the rich features in the telemetry data are insufficient exploited in existing research. This paper proposes a Multi-feature Fusion Graph Deep learning approach driven by the In-band Network Telemetry, shorted as MFGAD-INT, to efficiently extract and process the spatial-temporal correlation information in telemetry data and effectively identify the anomalies. The experimental results show that the accuracy performance of the proposed method improves about 10.56% compared to the anomaly detection method without network telemetry and about 9.73% compared to the network telemetry-based method. |
first_indexed | 2024-03-10T17:01:52Z |
format | Article |
id | doaj.art-648b61504d14488ba33382dfa4b4c99e |
institution | Directory Open Access Journal |
issn | 2192-113X |
language | English |
last_indexed | 2024-03-10T17:01:52Z |
publishDate | 2023-08-01 |
publisher | SpringerOpen |
record_format | Article |
series | Journal of Cloud Computing: Advances, Systems and Applications |
spelling | doaj.art-648b61504d14488ba33382dfa4b4c99e2023-11-20T10:55:58ZengSpringerOpenJournal of Cloud Computing: Advances, Systems and Applications2192-113X2023-08-0112111610.1186/s13677-023-00492-wMFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learningYunfeng Duan0Chenxu Li1Guotao Bai2Guo Chen3Fanqin Zhou4Jiaxing Chen5Zehua Gao6Chun Zhang7China Mobile Information Technology Co., Ltd.State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and TelecommunicationsChina Mobile Information Technology Co., Ltd.China Mobile Information Technology Co., Ltd.State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and TelecommunicationsChina Mobile Information Technology Co., Ltd.School of Information and Communication Engineering, Beijing University of Posts and TelecommunicationsChina Mobile Information Technology Co., Ltd.Abstract As the cloud services market grows, cloud management tools that detect network anomalies in a non-intrusive manner are critical to improve users’ experience of cloud services. However, some network anomalies, such as Microburst, in cloud systems are very discreet. Network monitoring methods, e.g., SNMP, Ping, are of coarse temporal granularity or low-dimension metrics, have difficulty to identify such anomalies quickly and accurately. Network telemetry is able to collect rich network metrics with fine temporal granularity, which can provide deep insight into network anomalies. However, the rich features in the telemetry data are insufficient exploited in existing research. This paper proposes a Multi-feature Fusion Graph Deep learning approach driven by the In-band Network Telemetry, shorted as MFGAD-INT, to efficiently extract and process the spatial-temporal correlation information in telemetry data and effectively identify the anomalies. The experimental results show that the accuracy performance of the proposed method improves about 10.56% compared to the anomaly detection method without network telemetry and about 9.73% compared to the network telemetry-based method.https://doi.org/10.1186/s13677-023-00492-wAnomaly detectionTime series analysisIn-band network telemetryDeep learningData stream miningCloud computing |
spellingShingle | Yunfeng Duan Chenxu Li Guotao Bai Guo Chen Fanqin Zhou Jiaxing Chen Zehua Gao Chun Zhang MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning Journal of Cloud Computing: Advances, Systems and Applications Anomaly detection Time series analysis In-band network telemetry Deep learning Data stream mining Cloud computing |
title | MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning |
title_full | MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning |
title_fullStr | MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning |
title_full_unstemmed | MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning |
title_short | MFGAD-INT: in-band network telemetry data-driven anomaly detection using multi-feature fusion graph deep learning |
title_sort | mfgad int in band network telemetry data driven anomaly detection using multi feature fusion graph deep learning |
topic | Anomaly detection Time series analysis In-band network telemetry Deep learning Data stream mining Cloud computing |
url | https://doi.org/10.1186/s13677-023-00492-w |
work_keys_str_mv | AT yunfengduan mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning AT chenxuli mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning AT guotaobai mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning AT guochen mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning AT fanqinzhou mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning AT jiaxingchen mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning AT zehuagao mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning AT chunzhang mfgadintinbandnetworktelemetrydatadrivenanomalydetectionusingmultifeaturefusiongraphdeeplearning |