Abstract
The detection of network fault scenarios wasachieved using an appropriate subset of ManagementInformation Base (MIB) variables. Anomalous changes inthe behavior of the MIB variables was detected using a sequential Generalized Likelihood Ratio (GLR)test. This information was then temporally correlatedusing a duration filter to provide node level alarmswhich correlated with observed network faults and performance problems. The algorithm wasimplemented on data obtained from two different networknodes. The algorithm was optimized using five of thenine fault data sets, and it proved general enough to detect three of the remaining four faults.Consistent results were obtained from the second node aswell. Detection of most faults occurred in advance (atleast 5 minutes) of the fault suggesting the possibility of prediction and recovery in thefuture.
Similar content being viewed by others
REFERENCES
F. Feather and R. Maxion, Fault detection in an ethernet network using anomaly signature matching, Proceedings of ACM SIGCOMM, Vol. 23, No. 4, pp. 279-288, 1993.
K. McCloghrie and M. Rose, Management information base for network management of tcp/ipbased internets: Mib 2. RFC1213, 1991.
R. E. Moore, Problem detection, isolation and noti® cation in systems network architecture. Proceedings of IEEE INFOCOM, Vol. 1, pp. 377-381, 1986.
A. S. M. Franceschi, L. F. Kormann, and C. B. Westphall, Performance evaluation for proactive network management, Proceedings of IEEE ICC, Vol. 1, pp. 22-26, 1996.
I. Rouvellou and G. W. Hart, Automatic alarm correlation for fault identi® cation, Proceedings of IEEE INFOCOM, Vol. 2, pp. 553-561, 1995.
I. Katzela and M. Schwarz, Schemes for fault identi® cation in communication networks. IEEE/ ACM Transactions on Networking, Vol. 3, No. 6, pp. 753-764, 1995.
S. Kaetker and K. Geihs, A generic model for fault isolation in integrated management systems. Journal of Networks and Systems Management, Special Issue: Fault Management in Communication Networks, Vol. 5, No. 2, 1997.
T. K. Apostolopoulos and V. C. Daskalou, Temporal network management model, concepts and implementation issues, Computer Communications, Vol. 20, pp. 694-708, 1997.
C. S. Hood and C. Ji, Proactive network fault detection, Proceedings of IEEE INFOCOM, Vol. 3, pp. 1147-1155, 1997. Also available from http: / /neuron.ecse.rpi.ed u/.
W. Stallings, SNMP, SNMPv2, and CMIP The practical guide to Network Management Standards, Addison-Wesley Publishing Company, Fifth Edition, 1994.
M. Thottan, et al. Analysis of data collection. Computer Networks and Adaptive Systems Laboratory Technical Report, No. 1, 1998. Also available from http: / / www.rpi.edu / Ä thottm.
M. T. Rose, The Simple Book: An Introduction to Internet management. Prentice Hall Series in Innovative Technology, Second Edition, 1996.
J. D. Case and C. Partridge, Case diagrams: A ® rst approach to diagrammed management information bases. Computer Communication Review, Vol. 19, No. 1, pp. 13-16, 1989.
R. Maxion, A case study of ethernet anomalies in a distributed computing environment. IEEE Transactions on Reliability, Vol. 39, No. 4, pp. 433-443, 1990.
G. E. P. Box and G. M. Jenkins, Time Series Analysis, Forecasting and Control, Holden Day Series, revised edition, 1976.
U. Appel and A. V. Brandt, Adaptive sequential segmentation of piecewise stationary time series. Information Sciences, Vol. 29, pp. 27-56, 1983.
P. V. Desouza, Statistical tests and distance measures for lpc coef® cients. IEEE Transactions on Acoustics, Speech, and Signal Processing, Vol. 25, No. 6, pp. 554-559, 1977.
H. B. Mann and A. Wald, On the statistical treatment of linear stochastic difference equations, Econometrica, Vol. 11, Nos. 3/ 4, 1943.
A. V. Brandt, An entropy distance measure for segmentation and clustering of time series with application to EEG signals. Sixth International Conference on Pattern Recognition, Vol. 2, pp. 981-984, 1982.
H. Akaike, A new look at statistical model identi® cation, IEEE Transactions on Automatic Control, Vol. 19, No. 6, pp. 716-723, 1974.
Rights and permissions
About this article
Cite this article
Thottan, M., Ji, C. Statistical Detection of Enterprise Network Problems. Journal of Network and Systems Management 7, 27–45 (1999). https://doi.org/10.1023/A:1018713732192
Issue Date:
DOI: https://doi.org/10.1023/A:1018713732192