Skip to main content
SpringerLink
Log in

Modeling network traffic for traffic matrix estimation and anomaly detection based on Bayesian network in cloud computing networks

  • Published:
Annals of Telecommunications Aims and scope Submit manuscript

    We’re sorry, something doesn't seem to be working properly.

    Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Abstract

With the rapid development of a cloud computing network, the network security has been a terrible problem when it provides much more services and applications. Network traffic modeling and analysis is significantly crucial to detect some lawless activities such as DDoS, virus and worms, and so on. Meanwhile, it is a common approach for acquiring a traffic matrix, which can be used by network operators to carry out network management and planning. Although a great number of methods have been proposed to model and analyze the network traffic, it is still a remarkable challenge since the network traffic characterization has been tremendously changed, in particular, for a cloud computing network. Motivated by that, we analyze and model the statistical features of network traffic based on the Bayesian network in this paper. Furthermore, we propose an accurate network traffic estimation approach and an efficient anomaly detection approach, respectively. In detail, we design a Bayesian network structure to model the causal relationships between network traffic entries. Based on this Bayesian network model, we obtain a joint probability distribution of network traffic by the maximum a posteriori approach. Then, we estimate the network traffic in terms of a regularized optimization model. Meanwhile, we also perform anomaly detection based on the proposed Bayesian network structure. We finally discuss the effectiveness of the proposed method for traffic matrix estimation and anomaly detection by applying it to the Abilene and GÉANT networks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

References

  1. Polverini M, Iacovazzi A, Cianfrani A, et al. Traffic Matrix Estimation Enhanced by SDNs Nodes in Real Network Topology. Proceedings of 2015 I.E. Conference on Computer Communications Workshops, 2015: 300–305.

  2. Jiang D, Xu Z, Xu H (2015) A novel hybrid prediction algorithm to network traffic. Ann Telecommun 70(9):427–439

    Article  Google Scholar 

  3. Niu Y, Tian H. Study on a New Model for Network Traffic Matrix Estimation. Proceedings of 2014 Sixth International Symposium on Parallel Architectures, Algorithms and Programming, 2014: 152–154.

  4. Jiang D, Zhao Z, Xu Z et al (2014) How to reconstruct end-to-end traffic based on time-frequency analysis and artificial neural network. AEU-Int J Electron Commun 68(10):915–925

    Article  Google Scholar 

  5. Jiang D, Yuan Z, Zhang P, et al. A Traffic Anomaly Detection Approach in Communication Networks for Applications of Multimedia Medical Devices. Multimedia Tools and Applications, 2015, online available.

  6. Tune P, Roughan M (2015) Spatiotemporal traffic matrix synthesis. Acm Sigcomm Computer Commun Rev 45(5):579–592

    Article  Google Scholar 

  7. Vardi Y (1996) Network tomography: estimating source-destination traffic intensities from link data. J Am Stat Assoc 91(433):365–377

    Article  MathSciNet  MATH  Google Scholar 

  8. Cao J, Davis D, Wiel SV et al (2000) Time-varying network tomography: router link data. J Am Stat Assoc 95(452):1063–1075

    Article  MathSciNet  MATH  Google Scholar 

  9. Conti P, Giovanni L, Naldi M. Blind Maximum-likelihood Estimation of Traffic Matrices in Long Range Dependent Traffic. Traffic Management and Traffic Engineering for the Future Internet, Springer, 2008: 141–154.

  10. Conti P, Giovanni L, Naldi M. Estimation of Traffic Matrices for LRD Traffic. Complex Models and Computational Methods in Statistics, Springer, 2012: 91–107.

  11. Roughan M, Zhang Y, Willinger W et al (2012) Spatio-temporal compressive sensing and internet traffic matrices (extended version). IEEE Trans Networking 20(3):662–676

    Article  Google Scholar 

  12. Soule A, Lakhina A, Taft N et al (2005) Traffic matrices: balancing measurements, inference and modeling. Proceed SIGMETRICS 2005:362–373

    Article  Google Scholar 

  13. Jiang D, Xu Z, Chen Z et al (2011) Joint time-frequency sparse estimation of large-scale network traffic. Comput Netw 55(15):3533–3547

    Article  Google Scholar 

  14. Vieira F, Lee L (2009) Adaptive wavelet-based multifractal model applied to the effective bandwidth estimation of network traffic flows. IET Commun 3(6):906–919

    Article  Google Scholar 

  15. Friedman N, Dan G, Goldszmidt M. Bayesian Network Classifiers. Wiley Encyclopedia of Operations Research & Management Science, 2011, 29(2–3): 598–605.

  16. Chickering D, Meek C, Heckerman D (2012) Large-sample learning of Bayesian networks is NP-hard. J Mach Learn Res 5(4):1287–1330

    MathSciNet  MATH  Google Scholar 

  17. Sun S, Zhang C, Yu G (2006) A Bayesian network approach to traffic flow forecasting. IEEE Trans Intell Transp Syst 7(1):124–132

    Article  Google Scholar 

  18. Bouchaala L, Masmoudi A, Gargouri F et al (2010) Improving algorithms for structure learning in Bayesian networks using a new implicit score. Expert Syst Appl 37(7):5470–5475

    Article  Google Scholar 

  19. Zhang Y, Roughan M, Duffield N et al (2003) Fast accurate computation of large-scale IP traffic matrices from link loads. ACM SIGMETRICS Perform Eval Rev 31(2003):206–207

    Article  Google Scholar 

  20. Jiang D, Yao C, Xu Z et al (2015) Multi-scale anomaly detection for high-speed network traffic. Trans Emerg Telecommun Technol 26(3):308–317

    Article  Google Scholar 

  21. Jiang D, Xu Z, Zhang P et al (2014) A transform domain-based anomaly detection approach to network-wide traffic. J Netw Comput Appl 40(2):292–306

    Article  Google Scholar 

Download references

Acknowledgments

This work was supported in part by the National Natural Science Foundation of China (Nos. 61571104, 61071124), the General Project of Scientific Research of the Education Department of Liaoning Province (No. L20150174), the Program for New Century Excellent Talents in University (No. NCET-11-0075), the Fundamental Research Funds for the Central Universities (Nos. N120804004, N130504003), and the State Scholarship Fund (201208210013). The authors wish to thank the reviewers for their helpful comments.

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, Northeastern University, Shenyang, 110819, China

    Laisen Nie & Dingde Jiang

  2. Department of Computer Science, University College London, WC1E 6BT, London, UK

    Zhihan Lv

Authors
  1. Laisen Nie
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dingde Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhihan Lv
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Dingde Jiang or Zhihan Lv.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nie, L., Jiang, D. & Lv, Z. Modeling network traffic for traffic matrix estimation and anomaly detection based on Bayesian network in cloud computing networks. Ann. Telecommun. 72, 297–305 (2017). https://doi.org/10.1007/s12243-016-0546-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12243-016-0546-3

Keywords

Search

Navigation