{"id":343,"date":"2019-12-09T19:17:28","date_gmt":"2019-12-09T19:17:28","guid":{"rendered":"http:\/\/rtechblog.psg.com\/?p=343"},"modified":"2019-12-09T21:05:43","modified_gmt":"2019-12-09T21:05:43","slug":"comparing-machine-learning-algorithms-for-bgp-anomaly-detection-using-graph-features","status":"publish","type":"post","link":"https:\/\/rtechblog.rg.net\/?p=343","title":{"rendered":"Comparing Machine Learning Algorithms for BGP Anomaly Detection using Graph Features"},"content":{"rendered":"\n

Odnan Ref Sanchez, Simone Ferlin, Cristel Pelsser, Randy Bush Comparing Machine Learning Algorithms for BGP Anomaly Detection using Graph Features<\/a><\/em> at 3rd ACM CoNEXT Workshop on Big DAta, Machine Learning and Artificial Intelligence for Data Communication Networks (Big-DAMA 2019)<\/p>\n\n\n\n

The Border Gateway Protocol (BGP) coordinates the connectivity\nand reachability among Autonomous Systems, providing efficient\noperation of the global Internet. Historically, BGP anomalies have\ndisrupted network connections on a global scale, i.e., detecting them\nis of great importance. Today, Machine Learning (ML) methods have\nimproved BGP anomaly detection using volume and path features\nof BGP\u2019s update messages, which are often noisy and bursty. In\nthis work, we identified different graph features to detect BGP\nanomalies, which are arguably more robust than traditional features.\nWe evaluate such features through an extensive comparison of\ndifferent ML algorithms, i.e., Naive Bayes classifier (NB), Decision\nTrees (DT), Random Forests (RF), Support Vector Machines (SVM),\nand Multi-Layer Perceptron (MLP), to specifically detect BGP path\nleaks. We show that SVM offers a good trade-off between precision\nand recall. Finally, we provide insights into the graph features\u2019\ncharacteristics during the anomalous and non-anomalous interval\nand provide an interpretation of the ML classifier results.\n<\/p>\n","protected":false},"excerpt":{"rendered":"

Odnan Ref Sanchez, Simone Ferlin, Cristel Pelsser, Randy Bush Comparing Machine Learning Algorithms for BGP Anomaly Detection using Graph Features at 3rd ACM CoNEXT Workshop on Big DAta, Machine Learning and Artificial Intelligence for Data Communication Networks (Big-DAMA 2019) The Border Gateway Protocol (BGP) coordinates the connectivity and reachability among Autonomous Systems, providing efficient operation […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,9,7],"tags":[],"class_list":["post-343","post","type-post","status-publish","format-standard","hentry","category-conferences","category-routers","category-security"],"_links":{"self":[{"href":"https:\/\/rtechblog.rg.net\/index.php?rest_route=\/wp\/v2\/posts\/343","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rtechblog.rg.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rtechblog.rg.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rtechblog.rg.net\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/rtechblog.rg.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=343"}],"version-history":[{"count":4,"href":"https:\/\/rtechblog.rg.net\/index.php?rest_route=\/wp\/v2\/posts\/343\/revisions"}],"predecessor-version":[{"id":347,"href":"https:\/\/rtechblog.rg.net\/index.php?rest_route=\/wp\/v2\/posts\/343\/revisions\/347"}],"wp:attachment":[{"href":"https:\/\/rtechblog.rg.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=343"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rtechblog.rg.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=343"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rtechblog.rg.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=343"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}