公开(公告)号：US20150039749A1

公开(公告)日：2015-02-05

申请号：US13956886

申请日：2013-08-01

Applicant: ALCATEL-LUCENT CANADA INC.

Inventor： Louie Kwan ,  Neeraj Chandra ,  Phil Rackus ,  Ajay Pandya ,  Ahmed Hammad

IPC: H04L12/26

CPC classification number: H04L43/067 ,  H04L41/5067 ,  H04L43/045

Abstract: Various exemplary embodiments relate to a method of detecting anomalies in network traffic. The method includes: receiving a plurality of accounting reports from an application assurance device, the accounting reports indicating a metric of network performance; aggregating the metric from a plurality of accounting reports to determine a plurality of aggregated metrics corresponding to a plurality of intervals; storing the aggregated metrics in a database in association with the corresponding plurality of intervals; determining a rolling baseline for a current time period based on metrics of intervals corresponding to a primary partition and a sub-partition; comparing a metric for a current time period to the rolling baseline; and determining that an anomaly is occurring if the metric for the current time period differs from the rolling baseline by more than a pre-defined threshold.

Abstract translation: 各种示例性实施例涉及检测网络业务异常的方法。 该方法包括：从应用保证设备接收多个会计报告，所述会计报告指示网络性能的度量; 从多个会计报告聚合度量以确定对应于多个间隔的多个聚合度量; 将所述聚合度量存储在与所述对应的多个间隔相关联的数据库中; 基于对应于主分区和子分区的间隔的度量来确定当前时间段的滚动基线; 将当前时间段的度量与滚动基线进行比较; 并且如果当前时间段的度量与滚动基线不同超过预定义的阈值，则确定正在发生异常。