Introduction
Anomaly detection in computer networks is becoming increasingly important. Several approaches exist for event detection problems. Majority of them have restricted themselves to single route analysis. Our aim is to apply Principal Component Analysis to address the problem of anomalous event detection for single route as well as multiple routes. The scheme is to be applied on different data sets. Most notable is ABwE measurements from SLAC (Stanford Linear Accelerator Center) to different parts of world. Other data sets include data from other tools like IPerf, Pathchirp end Ping etc. Data set from Fermi lab is also to be analysed. The tasks which are performed during analysis include pre-processing of data (Trimming, Normalization and Regularization), PCA analysis (Application of PCA and event detection) and study of results
Process
Principal Component Analysis is used in many application. Its basic functionality is dimensionality reduction. Following steps have been applied to use PCA.
...
This is a collaborative effort. Stanford Linear Accelerator Center (SLAC) and NUST Institue of IT (NIIT) are carrying out a combined research work. This work is part ofmaggie-ns (Maggie-NIIT-SLAC) project.
Dataset
The process has been applied on following different data sets.
...
b) SLAC-DESY, SLAC-DL, SLAC-FZK,SLAC-INFN,-CESNET
Terminology
Overlap: it is overlapping time of two different events i.e., did they occur at the same time or not.
Full Overlap: Events are overlapping with respect to time and this overlapping time is more than one hour.
Partial Overlap: Events are overlapping with respect to time but the time period is very small i.e. from 10 minutes to one hour.
No Overlap: Events are mutually exclusive.
Results are desribed seperately for each route. A description of each route is given below
A) ABING ANALYSIS RESULTS
Route# A1 (SLAC-DESY, SLAC-SWITCH, SLAC-CESNET, SLAC-FZK, SLAC-NIIT, SLAC-TRIUMF)
B) PING ANALYSIS RESULTS
Route# B1 (SLAC-DESY, SLAC-SWITCH, SLAC-CESNET, SLAC-FZK, SLAC-NIIT, SLAC-TRIUMF)
Route# B2 (SLAC-DESY, SLAC-SWITCH, SLAC-CESNET, SLAC-FZK, SLAC-NIIT, SLAC-TRIUMF)
Implementation details and usage