Exploring Change Point Detection in Network Equipment Logs

Change point detection (CPD) is the method of detecting sudden changes in timeseries, and its importance is great concerning network traffic. With increased knowledge of occurring changes in data logs due to updates in networking equipment,a deeper understanding is allowed for interactions between t...

Full description

Bibliographic Details
Main Author: Björk, Tim
Format: Others
Language:English
Published: Karlstads universitet, Institutionen för matematik och datavetenskap (from 2013) 2021
Subjects:
Online Access:http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-85626
id ndltd-UPSALLA1-oai-DiVA.org-kau-85626
record_format oai_dc
spelling ndltd-UPSALLA1-oai-DiVA.org-kau-856262021-08-25T05:27:03ZExploring Change Point Detection in Network Equipment LogsengBjörk, TimKarlstads universitet, Institutionen för matematik och datavetenskap (from 2013)2021Change point detectionlog change detectiontime series datasignal processingComputer EngineeringDatorteknikChange point detection (CPD) is the method of detecting sudden changes in timeseries, and its importance is great concerning network traffic. With increased knowledge of occurring changes in data logs due to updates in networking equipment,a deeper understanding is allowed for interactions between the updates and theoperational resource usage. In a data log that reflects the amount of network traffic, there are large variations in the time series because of reasons such as connectioncount or external changes to the system. To circumvent these unwanted variationchanges and assort the deliberate variation changes is a challenge. In this thesis, we utilize data logs retrieved from a network equipment vendor to detect changes, then compare the detected changes to when firmware/signature updates were applied, configuration changes were made, etc. with the goal to achieve a deeper understanding of any interaction between firmware/signature/configuration changes and operational resource usage. Challenges in the data quality and data processing are addressed through data manipulation to counteract anomalies and unwanted variation, as well as experimentation with parameters to achieve the most ideal settings. Results are produced through experiments to test the accuracy of the various change pointdetection methods, and for investigation of various parameter settings. Through trial and error, a satisfactory configuration is achieved and used in large scale log detection experiments. The results from the experiments conclude that additional information about how changes in variation arises is required to derive the desired understanding. Student thesisinfo:eu-repo/semantics/bachelorThesistexthttp://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-85626application/pdfinfo:eu-repo/semantics/openAccess
collection NDLTD
language English
format Others
sources NDLTD
topic Change point detection
log change detection
time series data
signal processing
Computer Engineering
Datorteknik
spellingShingle Change point detection
log change detection
time series data
signal processing
Computer Engineering
Datorteknik
Björk, Tim
Exploring Change Point Detection in Network Equipment Logs
description Change point detection (CPD) is the method of detecting sudden changes in timeseries, and its importance is great concerning network traffic. With increased knowledge of occurring changes in data logs due to updates in networking equipment,a deeper understanding is allowed for interactions between the updates and theoperational resource usage. In a data log that reflects the amount of network traffic, there are large variations in the time series because of reasons such as connectioncount or external changes to the system. To circumvent these unwanted variationchanges and assort the deliberate variation changes is a challenge. In this thesis, we utilize data logs retrieved from a network equipment vendor to detect changes, then compare the detected changes to when firmware/signature updates were applied, configuration changes were made, etc. with the goal to achieve a deeper understanding of any interaction between firmware/signature/configuration changes and operational resource usage. Challenges in the data quality and data processing are addressed through data manipulation to counteract anomalies and unwanted variation, as well as experimentation with parameters to achieve the most ideal settings. Results are produced through experiments to test the accuracy of the various change pointdetection methods, and for investigation of various parameter settings. Through trial and error, a satisfactory configuration is achieved and used in large scale log detection experiments. The results from the experiments conclude that additional information about how changes in variation arises is required to derive the desired understanding.
author Björk, Tim
author_facet Björk, Tim
author_sort Björk, Tim
title Exploring Change Point Detection in Network Equipment Logs
title_short Exploring Change Point Detection in Network Equipment Logs
title_full Exploring Change Point Detection in Network Equipment Logs
title_fullStr Exploring Change Point Detection in Network Equipment Logs
title_full_unstemmed Exploring Change Point Detection in Network Equipment Logs
title_sort exploring change point detection in network equipment logs
publisher Karlstads universitet, Institutionen för matematik och datavetenskap (from 2013)
publishDate 2021
url http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-85626
work_keys_str_mv AT bjorktim exploringchangepointdetectioninnetworkequipmentlogs
_version_ 1719472192681410560