Machine-Learning Based Approaches for Anomaly Detection and Classification in Cellular Networks

Despite the long literature and assorted list of proposed systems for performing detection and classification of anomalies in operational networks, Internet Service Providers (ISPs) are still looking for effective means to manage the ever-growing number of network traffic anomalies they face in their daily business. In this paper we address the problem of automatic network traffic anomaly detection and classification using Machine Learning (ML) based techniques, for the specific case of traffic anomalies observed in cellular network measurements. We devise a simple detection and classification technique based on decision tress, and compare its performance to that achieved by other supervised learning classifiers well known in the ML literature (e.g., SVM, neuronal networks, etc.). The proposed solution is evaluated using syntheticallygenerated data from an operational cellular ISP, drawn from real traffic statistics to resemble the real cellular network traffic. Furthermore, we compare the achieved performance against other well-known detectors in the literature (e.g., distribution-based, entropy-based), and propose a multi-detector approach to increase the overall system performance in a number of case studies.