| To know the Ethernet networks topology is one of the fundamental basis for an adequate management and a correct identification of problems.Being this knowledge essential,it is necessary to keep it constantly available and updated.However,with the size and complexity of today's networks,it is difficult and time-consuming to search for this information manually.On the other hand,there are several risks and dangers that threaten to disrupt the proper functioning of a network.Although hostile traffic is often different from normal traffic,it becomes difficult to translate it into an explicit set of rules,because traffic is heavily irregular,thus varying network patterns and the effects of anomalies.In this study,a new tool is proposed to assist in the control and management of networks.In the first phase,a search algorithm is presented allowing an automatic discovery of the layer-2 topology of the network.This functionality is based on information collected by SNMP,provided by reference MIBs,and is therefore supported by the vast majority of equipment.Next,an unsupervised learning method is described that autonomously enables the detection of anomalous functioning situations.The irregularities are identified by a traffic model composed of a mixture of Gaussian,responsible for characterizing the normal operation of the system.One of the main advantages of this algorithm is its adaptability to the network conditions,having produced good results through various operating scenarios.In the application to the Unilurio test network,all connections between equipment were properly identified,as well as several anomalies detected,for various configurations and load levels in the network.This provides a faster reaction to problematic situations in the network,with more effective control,both at operational management level and at system security level. |
PDF Full Text Request