International Workshop on Autonomic Networking and Self-Management in the Access Networks

Research Article

Remediating Anomalous Traffic Behaviour in Future Networked Environments

Download64 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-20931-4_15,
        author={Angelos Marnerides and Matthew Jakeman and David Hutchison and Dimitrios Pezaros},
        title={Remediating Anomalous Traffic Behaviour in Future Networked Environments},
        proceedings={International Workshop on Autonomic Networking and Self-Management in the Access Networks},
        proceedings_a={SELFMAGICNETS},
        year={2012},
        month={10},
        keywords={Future and autonomic networks resilience remediation},
        doi={10.1007/978-3-642-20931-4_15}
    }
    
  • Angelos Marnerides
    Matthew Jakeman
    David Hutchison
    Dimitrios Pezaros
    Year: 2012
    Remediating Anomalous Traffic Behaviour in Future Networked Environments
    SELFMAGICNETS
    Springer
    DOI: 10.1007/978-3-642-20931-4_15
Angelos Marnerides1,*, Matthew Jakeman1,*, David Hutchison1,*, Dimitrios Pezaros2,*
  • 1: Lancaster University
  • 2: University of Glasgow
*Contact email: a.marnerides@comp.lancs.ac.uk, m.jakeman@comp.lancs.ac.uk, dh@comp.lancs.ac.uk, dp@dcs.gla.ac.uk

Abstract

The diverse characteristics of network anomalies, and the specific recovery approaches that can subsequently be employed to remediate their effects, have generally led to defence mechanisms tuned to respond to specific abnormalities; and they are often suboptimal for providing an overall resilience framework. Emerging future network environments are likely to require always-on, adaptive, and generic mechanisms that can integrate with the core networking infrastructure and provide for a range of self-* capabilities, ranging from self-protection to self-tuning. In this paper we present the design and implementation of an adaptive remediation component built on top of an autonomic network node architecture. A set of pluggable modules that employ diverse algorithms, together with explicit cross-layer interaction, has been engineered to mitigate different classes of anomalous traffic behaviour in response to both legitimate and malicious external stimuli. In collaboration with an always-on measurement-based anomaly detection component, our prototype facilitates the properties of self-optimisation and self-healing.