{"title":"A new adaptive evidential reasoning approach for network alarm correlation","authors":"A. Mohamed, M. Ahmed, Siu-Cheung Chau","doi":"10.1109/SAMI.2012.6208966","DOIUrl":null,"url":null,"abstract":"In computer networks, fault detection and identification techniques rely substantially on analyzing a set of observed alarms generated by different network entities due to unknown failures. However, network alarms are subject to becoming lost and spurious and their information is often incomplete, ambiguous, and inconsistent. In this paper, an adaptive distributed Dempster-Shafer evidential reasoning technique is proposed to effectively reduce the negative impact of the uncertainty properties which network alarms can exhibit. Each observed alarm is perceived as a piece of evidence and as such, the incomplete and ambiguous properties can be tackled within the framework of the evidential theory. A discounting mechanism by which the observed alarms are assigned certain weights is also presented. A given weight reflects the significance of the information in the corresponding alarm. Then, the alarms are correlated by the Dempster's rule of combination and the inconsistent alarms play a limited role in the alarm correlation process since they are given lower weights. Simulations confirm that the proposed scheme has a high detection rate even in the presence of defective alarms.","PeriodicalId":158731,"journal":{"name":"2012 IEEE 10th International Symposium on Applied Machine Intelligence and Informatics (SAMI)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE 10th International Symposium on Applied Machine Intelligence and Informatics (SAMI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SAMI.2012.6208966","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
In computer networks, fault detection and identification techniques rely substantially on analyzing a set of observed alarms generated by different network entities due to unknown failures. However, network alarms are subject to becoming lost and spurious and their information is often incomplete, ambiguous, and inconsistent. In this paper, an adaptive distributed Dempster-Shafer evidential reasoning technique is proposed to effectively reduce the negative impact of the uncertainty properties which network alarms can exhibit. Each observed alarm is perceived as a piece of evidence and as such, the incomplete and ambiguous properties can be tackled within the framework of the evidential theory. A discounting mechanism by which the observed alarms are assigned certain weights is also presented. A given weight reflects the significance of the information in the corresponding alarm. Then, the alarms are correlated by the Dempster's rule of combination and the inconsistent alarms play a limited role in the alarm correlation process since they are given lower weights. Simulations confirm that the proposed scheme has a high detection rate even in the presence of defective alarms.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
