Telemetry-based stream-learning of BGP anomalies

Andrian Putina; Dario Rossi; Albert Bifet; Steven Barth; Drew Pletcher; Cristina Precup; Patrice Nivaggioli

doi:10.1145/3229607.3229611

Telemetry-based stream-learning of BGP anomalies

Andrian Putina
, Dario Rossi
, Albert Bifet
, Steven Barth
, Drew Pletcher
, Cristina Precup
, Patrice Nivaggioli

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Recent technology evolution allows network equipments to continuously stream a wealth of "telemetry" information, which pertains to multiple protocols and layers of the stack, at a very fine spatial-grain and at high-frequency. Processing this deluge of telemetry data in real-time clearly ofers new opportunities for network control and troubleshooting, but also poses serious challenges. We tackle this challenge by applying streaming machine-learning techniques to the continuous flow of control and data-plane telemetry data, with the purpose of real-time detection of BGP anomalies. In particular, we implement an anomaly detection engine that leverages DenStream, an unsupervised clustering technique, and apply it to features collected from a large-scale testbed comprising tens of routers traversed by 1 Terabit/sec worth of real application traffic. In spirit with the recent trend toward reproducibility of research results, we make our code, datasets and demo available as open source to the scientiffic community.

Original language	English
Title of host publication	Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018
Publisher	Association for Computing Machinery
Pages	15-20
Number of pages	6
ISBN (Electronic)	9781450359047
DOIs	https://doi.org/10.1145/3229607.3229611
Publication status	Published - 7 Aug 2018
Event	ACM SIGCOMM Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Big-DAMA 2018 - Budapest, Hungary Duration: 20 Aug 2018 → …

Publication series

Name	Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018

Conference

Conference	ACM SIGCOMM Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Big-DAMA 2018
Country/Territory	Hungary
City	Budapest
Period	20/08/18 → …

Access to Document

10.1145/3229607.3229611

Cite this

Putina, A., Rossi, D., Bifet, A., Barth, S., Pletcher, D., Precup, C., & Nivaggioli, P. (2018). Telemetry-based stream-learning of BGP anomalies. In Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018 (pp. 15-20). (Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018). Association for Computing Machinery. https://doi.org/10.1145/3229607.3229611

Putina, Andrian ; Rossi, Dario ; Bifet, Albert et al. / Telemetry-based stream-learning of BGP anomalies. Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018. Association for Computing Machinery, 2018. pp. 15-20 (Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018).

@inproceedings{8fe987f1d95243289c7fffe804c479dd,

title = "Telemetry-based stream-learning of BGP anomalies",

abstract = "Recent technology evolution allows network equipments to continuously stream a wealth of {"}telemetry{"} information, which pertains to multiple protocols and layers of the stack, at a very fine spatial-grain and at high-frequency. Processing this deluge of telemetry data in real-time clearly ofers new opportunities for network control and troubleshooting, but also poses serious challenges. We tackle this challenge by applying streaming machine-learning techniques to the continuous flow of control and data-plane telemetry data, with the purpose of real-time detection of BGP anomalies. In particular, we implement an anomaly detection engine that leverages DenStream, an unsupervised clustering technique, and apply it to features collected from a large-scale testbed comprising tens of routers traversed by 1 Terabit/sec worth of real application traffic. In spirit with the recent trend toward reproducibility of research results, we make our code, datasets and demo available as open source to the scientiffic community.",

author = "Andrian Putina and Dario Rossi and Albert Bifet and Steven Barth and Drew Pletcher and Cristina Precup and Patrice Nivaggioli",

note = "Publisher Copyright: {\textcopyright} 2018 Copyright held by the owner/author(s).; ACM SIGCOMM Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Big-DAMA 2018 ; Conference date: 20-08-2018",

year = "2018",

month = aug,

day = "7",

doi = "10.1145/3229607.3229611",

language = "English",

series = "Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018",

publisher = "Association for Computing Machinery",

pages = "15--20",

booktitle = "Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018",

}

Putina, A, Rossi, D, Bifet, A, Barth, S, Pletcher, D, Precup, C & Nivaggioli, P 2018, Telemetry-based stream-learning of BGP anomalies. in Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018. Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018, Association for Computing Machinery, pp. 15-20, ACM SIGCOMM Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Big-DAMA 2018, Budapest, Hungary, 20/08/18. https://doi.org/10.1145/3229607.3229611

Telemetry-based stream-learning of BGP anomalies. / Putina, Andrian; Rossi, Dario; Bifet, Albert et al.
Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018. Association for Computing Machinery, 2018. p. 15-20 (Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Telemetry-based stream-learning of BGP anomalies

AU - Putina, Andrian

AU - Rossi, Dario

AU - Bifet, Albert

AU - Barth, Steven

AU - Pletcher, Drew

AU - Precup, Cristina

AU - Nivaggioli, Patrice

PY - 2018/8/7

Y1 - 2018/8/7

N2 - Recent technology evolution allows network equipments to continuously stream a wealth of "telemetry" information, which pertains to multiple protocols and layers of the stack, at a very fine spatial-grain and at high-frequency. Processing this deluge of telemetry data in real-time clearly ofers new opportunities for network control and troubleshooting, but also poses serious challenges. We tackle this challenge by applying streaming machine-learning techniques to the continuous flow of control and data-plane telemetry data, with the purpose of real-time detection of BGP anomalies. In particular, we implement an anomaly detection engine that leverages DenStream, an unsupervised clustering technique, and apply it to features collected from a large-scale testbed comprising tens of routers traversed by 1 Terabit/sec worth of real application traffic. In spirit with the recent trend toward reproducibility of research results, we make our code, datasets and demo available as open source to the scientiffic community.

AB - Recent technology evolution allows network equipments to continuously stream a wealth of "telemetry" information, which pertains to multiple protocols and layers of the stack, at a very fine spatial-grain and at high-frequency. Processing this deluge of telemetry data in real-time clearly ofers new opportunities for network control and troubleshooting, but also poses serious challenges. We tackle this challenge by applying streaming machine-learning techniques to the continuous flow of control and data-plane telemetry data, with the purpose of real-time detection of BGP anomalies. In particular, we implement an anomaly detection engine that leverages DenStream, an unsupervised clustering technique, and apply it to features collected from a large-scale testbed comprising tens of routers traversed by 1 Terabit/sec worth of real application traffic. In spirit with the recent trend toward reproducibility of research results, we make our code, datasets and demo available as open source to the scientiffic community.

U2 - 10.1145/3229607.3229611

DO - 10.1145/3229607.3229611

M3 - Conference contribution

AN - SCOPUS:85056378857

T3 - Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018

SP - 15

EP - 20

BT - Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018

PB - Association for Computing Machinery

T2 - ACM SIGCOMM Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Big-DAMA 2018

Y2 - 20 August 2018

ER -

Putina A, Rossi D, Bifet A, Barth S, Pletcher D, Precup C et al. Telemetry-based stream-learning of BGP anomalies. In Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018. Association for Computing Machinery. 2018. p. 15-20. (Big-DAMA 2018 - Proceedings of the 2018 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Part of SIGCOMM 2018). doi: 10.1145/3229607.3229611

Telemetry-based stream-learning of BGP anomalies

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this