Bayesian detection of router configuration anomalies

Abstract

Problems arising from router misconfigurations cost time and money. The first step in fixing such misconfigurations is finding them. In this paper, we propose a method for detecting misconfigurations that does not depend on an a priori model of what constitutes a correct configuration. Our hypothesis is that uncommon or unexpected misconfigurations in router data can be identified as statistical anomalies within a Bayesian framework. We present a detection algorithm based on this framework, and show that it is able to detect errors in the router configuration files of a university network.