Network traffic analysis is one of the core functions in network monitoring for effective network operations and management.While online traffic analysis has been widely studied,it is still intensively challenging due to several reasons.One of the primary challenges is the heavy volume of traffic to analyze within a finite amount of time due to the increasing network bandwidth.Another important challenge for effective traffic analysis is to support multivariate functions of traffic variables to help administrators identify unexpected network events intuitively.To this end,we propose a new approach with the multivariate analysis that offers a high-level summary of the online network traffic.With this approach,the current state of the network will display patterns compiled from a set of traffic variables,and the detection problems in network monitoring(e.g.,change detection and anomaly detection)can be reduced to a pattern identification and classification problem.In this paper,we introduce our preliminary work with clustered patterns for online,multivariate network traffic analysis with the challenges and limitations we observed.We then present a grid-based model that is designed to overcome the limitations of the clustered pattern-based technique.We will discuss the potential of the new model with respect to the technical challenges including streaming-based computation and robustness to outliers.
Journal of Computer Science and Technology
the Office of Advanced Scientific Computing Research,Office of Science,of the U.S.Department of Energy under Contract No.DE-AC02-05CH11231
by the Office of Workforce Development for Teachers and Scientists(WDTS),Office of Science,of the U.S.Department of Energy,under the Visiting Faculty Program(VFP).
Jinoh Kim,E-mail:email@example.com.Jinoh Kim received his Ph.D.degree in computer science from University of Minnesota,Twin Cities.He is currently an assistant professor of the Department of Computer Science at Texas A&M University,Commerce.His research interests span from systems to networks,including large-scale distributed systems,big-data computing,network security and network traffic analysis.Prior to that,he was a researcher at the Lawrence Berkeley National Laboratory in 2010–2011 and an assistant professor of computer science at Lock Haven University of Pennsylvania in 2011–2012.From 1991 to 2005,he was a researcher and a senior researcher at ETRI (a national lab in Korea) participating in various research projects in system/network management and security;Alex Sim,E-mail:firstname.lastname@example.org.Alex Sim is a senior computing engineer at the Lawrence Berkeley National Laboratory,Berkeley.His current research interests are in data modeling and analysis methods,machine learning for large-scale streaming data,and I/O optimization for exascale HPC applications.He has been actively involved in applications,such as accelerator simulation,astronomy,climate modeling,combustion modeling,fusion science,genomics,high energy physics,nuclear science,power systems,smart networking infrastructure,and others.He has led several projects from DOE (U.S.Department of Energy) and NSF (National Science Foundation) as a PI or Co-PI.He has authored and co-authored over 130 technical publications,demonstrated software products in conferences,and released a few software packages under open source license.