Skip to main content
SpringerLink
Log in

Statistical Detection of Enterprise Network Problems

  • Published:
Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

The detection of network fault scenarios wasachieved using an appropriate subset of ManagementInformation Base (MIB) variables. Anomalous changes inthe behavior of the MIB variables was detected using a sequential Generalized Likelihood Ratio (GLR)test. This information was then temporally correlatedusing a duration filter to provide node level alarmswhich correlated with observed network faults and performance problems. The algorithm wasimplemented on data obtained from two different networknodes. The algorithm was optimized using five of thenine fault data sets, and it proved general enough to detect three of the remaining four faults.Consistent results were obtained from the second node aswell. Detection of most faults occurred in advance (atleast 5 minutes) of the fault suggesting the possibility of prediction and recovery in thefuture.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

REFERENCES

  1. F. Feather and R. Maxion, Fault detection in an ethernet network using anomaly signature matching, Proceedings of ACM SIGCOMM, Vol. 23, No. 4, pp. 279-288, 1993.

    Google Scholar 

  2. K. McCloghrie and M. Rose, Management information base for network management of tcp/ipbased internets: Mib 2. RFC1213, 1991.

  3. R. E. Moore, Problem detection, isolation and noti® cation in systems network architecture. Proceedings of IEEE INFOCOM, Vol. 1, pp. 377-381, 1986.

    Google Scholar 

  4. A. S. M. Franceschi, L. F. Kormann, and C. B. Westphall, Performance evaluation for proactive network management, Proceedings of IEEE ICC, Vol. 1, pp. 22-26, 1996.

    Google Scholar 

  5. I. Rouvellou and G. W. Hart, Automatic alarm correlation for fault identi® cation, Proceedings of IEEE INFOCOM, Vol. 2, pp. 553-561, 1995.

    Google Scholar 

  6. I. Katzela and M. Schwarz, Schemes for fault identi® cation in communication networks. IEEE/ ACM Transactions on Networking, Vol. 3, No. 6, pp. 753-764, 1995.

    Google Scholar 

  7. S. Kaetker and K. Geihs, A generic model for fault isolation in integrated management systems. Journal of Networks and Systems Management, Special Issue: Fault Management in Communication Networks, Vol. 5, No. 2, 1997.

  8. T. K. Apostolopoulos and V. C. Daskalou, Temporal network management model, concepts and implementation issues, Computer Communications, Vol. 20, pp. 694-708, 1997.

    Google Scholar 

  9. C. S. Hood and C. Ji, Proactive network fault detection, Proceedings of IEEE INFOCOM, Vol. 3, pp. 1147-1155, 1997. Also available from http: / /neuron.ecse.rpi.ed u/.

    Google Scholar 

  10. W. Stallings, SNMP, SNMPv2, and CMIP The practical guide to Network Management Standards, Addison-Wesley Publishing Company, Fifth Edition, 1994.

  11. M. Thottan, et al. Analysis of data collection. Computer Networks and Adaptive Systems Laboratory Technical Report, No. 1, 1998. Also available from http: / / www.rpi.edu / Ä thottm.

  12. M. T. Rose, The Simple Book: An Introduction to Internet management. Prentice Hall Series in Innovative Technology, Second Edition, 1996.

  13. J. D. Case and C. Partridge, Case diagrams: A ® rst approach to diagrammed management information bases. Computer Communication Review, Vol. 19, No. 1, pp. 13-16, 1989.

    Google Scholar 

  14. R. Maxion, A case study of ethernet anomalies in a distributed computing environment. IEEE Transactions on Reliability, Vol. 39, No. 4, pp. 433-443, 1990.

    Google Scholar 

  15. G. E. P. Box and G. M. Jenkins, Time Series Analysis, Forecasting and Control, Holden Day Series, revised edition, 1976.

  16. U. Appel and A. V. Brandt, Adaptive sequential segmentation of piecewise stationary time series. Information Sciences, Vol. 29, pp. 27-56, 1983.

    Google Scholar 

  17. P. V. Desouza, Statistical tests and distance measures for lpc coef® cients. IEEE Transactions on Acoustics, Speech, and Signal Processing, Vol. 25, No. 6, pp. 554-559, 1977.

    Google Scholar 

  18. H. B. Mann and A. Wald, On the statistical treatment of linear stochastic difference equations, Econometrica, Vol. 11, Nos. 3/ 4, 1943.

  19. A. V. Brandt, An entropy distance measure for segmentation and clustering of time series with application to EEG signals. Sixth International Conference on Pattern Recognition, Vol. 2, pp. 981-984, 1982.

    Google Scholar 

  20. H. Akaike, A new look at statistical model identi® cation, IEEE Transactions on Automatic Control, Vol. 19, No. 6, pp. 716-723, 1974.

    Google Scholar 

Download references

Authors
  1. Marina Thottan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chuanyi Ji
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Thottan, M., Ji, C. Statistical Detection of Enterprise Network Problems. Journal of Network and Systems Management 7, 27–45 (1999). https://doi.org/10.1023/A:1018713732192

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1018713732192

Search

Navigation