Modeling network traffic for traffic matrix estimation and anomaly detection based on Bayesian network in cloud computing networks

With the rapid development of a cloud computing network, the network security has been a terrible problem when it provides much more services and applications. Network traffic modeling and analysis is significantly crucial to detect some lawless activities such as DDoS, virus and worms, and so on. Meanwhile, it is a common approach for acquiring a traffic matrix, which can be used by network operators to carry out network management and planning. Although a great number of methods have been proposed to model and analyze the network traffic, it is still a remarkable challenge since the network traffic characterization has been tremendously changed, in particular, for a cloud computing network. Motivated by that, we analyze and model the statistical features of network traffic based on the Bayesian network in this paper. Furthermore, we propose an accurate network traffic estimation approach and an efficient anomaly detection approach, respectively. In detail, we design a Bayesian network structure to model the causal relationships between network traffic entries. Based on this Bayesian network model, we obtain a joint probability distribution of network traffic by the maximum a posteriori approach. Then, we estimate the network traffic in terms of a regularized optimization model. Meanwhile, we also perform anomaly detection based on the proposed Bayesian network structure. We finally discuss the effectiveness of the proposed method for traffic matrix estimation and anomaly detection by applying it to the Abilene and GAeANT networks.