Barcelona, Spain
October 25-28, 2016

Event Details

Anomaly Detection in Contrail Networking

Cloud Computing is accelerating the movement of System monitoring from manual, to reactive to proactive. One important aspect of being proactive is Anomaly Detection. But, it’s often unclear what’s anomalous for a given deployment. Machine learning techniques can help.

Contrail Networking provides an Anomaly Detection model based on time-series of any metric. Based on past information, we learn what to expect in the future. If a given metric reports values that are far from this expectation, we raise an Alert.

In this example we will use statistical process control, based on computing the running average and standard deviation and examining the current value using real-time stream processing. The metric being used is the number of active flows on the host/vRouter. We run a multitier application with some clients – a redmine webserver with a separate mysql database. Then, we launch a TCP SYN attack on the server, which causes an ususual number of flows. This triggers an Alert.

Wednesday, October 26, 1:15pm-1:29pm
Difficulty Level: Intermediate
Juniper Networks
Anish Mehta builds high-performance networking and system software products. He's currently working on the Contrail Analytics solution at Juniper. Prior to that, among other things, he's been involved with SDN development at Facebook and led engineering teams at Ericcson and Ciena.    FULL PROFILE