This project aims at building mechanisms and tools for monitoring and responding to anomalies such as faults, overload, misconfiguration, and intrusion. The scope includes data gathering and estimation, statistical anomaly detection, policy based security, and the methods and tools for finding the root-causes of anomalies of various kinds. The scope also includes the methods for suggesting counter-measures.
The long term research goals are to enable self-healing and resilience in networked systems. The motivation is simple: Given the increase in size in the networks there is too much to keep an eye on for humans to cope and the increasing complexity and interdependency makes anomalies potentially more destructive, as well as harder to anticipate, detect and diagnose. For the solutions to scale, it is also important to make them as decentralized and distributed as possible.
In the project, we will develop specific novel tools and ideas, ensure that they fit together and start building the framework in the long-term vision. We will continue some of the work done during year one and two of CNS, and will align our work with that done in the EU-project 4WARD and the Vinnova project DiSC. The work will focus both on achieving particular functionalities (e.g. detecting equipment malfunction), and on using the experience and insight gathered during such work to begin extracting principles, concepts and techniques for how to build these types of network management functionality and systems in general.