Network and service anomaly detection in multi-service transaction-based electronic commerce wide area networks

Proactive detection of network failures and performance degradations is a key to rapid fault recovery and thus robust networking. The authors present methodologies and algorithms that were developed in order to enhance the proactive and adaptive detection of network/service anomalies (failures and performance degradations) in transaction based electronic commerce wide area networks (WANs). Specifically our proactive network/service anomaly detection method detects network/service performance degradations and failures in multiple service class networks, where performances of service classes are mutually dependent and strongly correlated, and where external or environmental factors (e.g., non-managed or non-monitored equipment within customer premises) can strongly impact network and service performances. The authors describe and implement algorithms that: (1) sample and convert raw transaction records to service class based performance data in which potential network anomalies are highlighted; (2) construct adaptive and service class based performance thresholds for real time detection of network and service anomalies; and (3) perform real time network anomaly detection