Anomaly Detection on Broadband Network Gateway

Abstract

Anomaly detection in Digital Subscriber Line (DSL) networks is a vital task to immediately detect unusual network behavior caused by cyber security threats, faulty hardware or software. Generally, to make this process automatic, state-of-the-art methods use machine learning techniques to analyze data collected from either Customer Premises Equipment (CPE) or from devices in Access Network. In contrast to the existing methods, this paper utilizes network traffic data collected from multiple static Broadband Network Gateways (BNGs) which are core network devices at Network Service Provider (NSP). To automatically detect anomalies in BNG traffic data, a new framework is proposed which consists of three steps: data acquisition, feature extraction, and modeling anomalies using a random forest-based framework. The proposed method is compared with state-of-the-art methods and the results show the effectiveness and robustness of our method.