10/21/2003 DSOM'2003, Heidelberg, Ge rmany 1 Visual-based Anomaly Detection for BGP Origin AS Change (OASC) Soon-Tee Teoh 1 , Kwan-Liu Ma 1 , S. Felix Wu 1 , Dan Massey 2 , Xiao- Liang Zhao 2 , Dan Pei 3 , Lan Wang 3 , Lixia Zhang 3 , Randy Bush 4 UC Davis, USC/ISI, UCLA, IIJ
22
Embed
Visual-based Anomaly Detection for BGP Origin AS Change (OASC)
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
10/21/2003 DSOM'2003, Heidelberg, Germany 1
Visual-based Anomaly Detection for BGP Origin AS Change (OASC)
Soon-Tee Teoh1, Kwan-Liu Ma1, S. Felix Wu1, Dan Massey2, Xiao-Liang Zhao2, Dan Pei3, Lan Wang3, Lixia Zhang3, Randy Bush4
UC Davis, USC/ISI, UCLA, IIJ
10/21/2003 DSOM'2003, Heidelberg, Germany 2
Elisha: the long-term goal
• Monitoring and management of a large-scale complex system that we do not fully understand its behavior.
• Integration of human and machine intelligence to adaptively develop the domain knowledge for the target system.
10/21/2003 DSOM'2003, Heidelberg, Germany 3
In this talk…
• Knowledge Acquisition via Visualization– cognitive pattern matching– event correlation and explanation
• Outline– Background: Origin AS in BGP– The Elisha/OASC tool– One example and demo
10/21/2003 DSOM'2003, Heidelberg, Germany 4
Autonomous Systems (ASes)
UCDavis:169.237/16
AS6192 AS11423 (UC)
AS11537 (CENIC)AS513
an AS Path:169.237/16 5131153711423 6192
10/21/2003 DSOM'2003, Heidelberg, Germany 5
Origin AS in an AS Path• UCDavis (AS-6192) owns 169.237/16 and AS-6192 is the