A distributed information network with complex network structure always has a challenge of locating fault root causes.In this paper,we propose a novel root cause analysis(RCA)method by random walk on the weighted faul...A distributed information network with complex network structure always has a challenge of locating fault root causes.In this paper,we propose a novel root cause analysis(RCA)method by random walk on the weighted fault propagation graph.Different from other RCA methods,it mines effective features information related to root causes from offline alarms.Combined with the information,online alarms and graph relationship of network structure are used to construct a weighted graph.Thus,this approach does not require operational experience and can be widely applied in different distributed networks.The proposed method can be used in multiple fault location cases.The experiment results show the proposed approach achieves much better performance with 6%higher precision at least for root fault location,compared with three baseline methods.Besides,we explain how the optimal parameter’s value in the random walk algorithm influences RCA results.展开更多
SDN (Software Defined Network) has many security problems, and DDoS attack is undoubtedly the most serious harm to SDN architecture network. How to accurately and effectively detect DDoS attacks has always been a diff...SDN (Software Defined Network) has many security problems, and DDoS attack is undoubtedly the most serious harm to SDN architecture network. How to accurately and effectively detect DDoS attacks has always been a difficult point and focus of SDN security research. Based on the characteristics of SDN, a DDoS attack detection method combining generalized entropy and PSOBP neural network is proposed. The traffic is pre-detected by the generalized entropy method deployed on the switch, and the detection result is divided into normal and abnormal. Locate the switch that issued the abnormal alarm. The controller uses the PSO-BP neural network to detect whether a DDoS attack occurs by further extracting the flow features of the abnormal switch. Experiments show that compared with other methods, the detection accurate rate is guaranteed while the CPU load of the controller is reduced, and the detection capability is better.展开更多
基金supported by ZTE Industry-University-Institute Cooperation Funds under Grant No.HC-CN-20201120009。
文摘A distributed information network with complex network structure always has a challenge of locating fault root causes.In this paper,we propose a novel root cause analysis(RCA)method by random walk on the weighted fault propagation graph.Different from other RCA methods,it mines effective features information related to root causes from offline alarms.Combined with the information,online alarms and graph relationship of network structure are used to construct a weighted graph.Thus,this approach does not require operational experience and can be widely applied in different distributed networks.The proposed method can be used in multiple fault location cases.The experiment results show the proposed approach achieves much better performance with 6%higher precision at least for root fault location,compared with three baseline methods.Besides,we explain how the optimal parameter’s value in the random walk algorithm influences RCA results.
基金supported by the Hebei Province Innovation Capacity Improvement Program of China under Grant No.179676278Dthe Ministry of Education Fund Project of China under Grant No.2017A20004
文摘SDN (Software Defined Network) has many security problems, and DDoS attack is undoubtedly the most serious harm to SDN architecture network. How to accurately and effectively detect DDoS attacks has always been a difficult point and focus of SDN security research. Based on the characteristics of SDN, a DDoS attack detection method combining generalized entropy and PSOBP neural network is proposed. The traffic is pre-detected by the generalized entropy method deployed on the switch, and the detection result is divided into normal and abnormal. Locate the switch that issued the abnormal alarm. The controller uses the PSO-BP neural network to detect whether a DDoS attack occurs by further extracting the flow features of the abnormal switch. Experiments show that compared with other methods, the detection accurate rate is guaranteed while the CPU load of the controller is reduced, and the detection capability is better.
