Machine learning assisted monitoring of optical network security
Chalmers University of Technology (Sweden), TIM (Italy), and Infosim® PoC
Demonstrated live at ECOC’19 held in Dublin, the PoC showed an integrated approach for detecting and localizing malicious attacks targeting service disruption at the optical layer. The security management system uses the largest experimental data set related to optical network security reported thus far, obtained by subjecting TIM’s network testbed to in-band jamming, out-of-band jamming and polarization scrambling attacks.
The data is collected by StableNet® and processed by attack detection and localization modules developed by Chalmers. The type and intensity of an experienced attack is identified by applying a pre-trained artificial neural network, while an unsupervised learning technique DBSCAN facilitates detection of previously unseen attacks. Attack source localization relies on correlating security statuses of connections across the network modelled with binary words called attack syndromes.
The demonstrator features a rich set of attack regimes, where attack type, intensity and physical location can be dynamically selected by the demo attendees through a graphical user interface. The interface also features a rich graphical representation of the outputs of attack detection and localization modules as well as a deep analysis of the security status of each network element.
The modules are implemented in the form of containers and use standard, open interfaces, whose interoperability with contemporary network management platforms was showcased through integration with StableNet®. This demonstration represents an important step towards enabling holistic, integrated data analytics and enhancing optical network security.
Want to see more? Look at our Video!
An interview about how Infosim partner Frequentis uses StableNet® as a core part of their Advanced Network Management Solution (ANMS)
It’s autumn. As days become shorter and evenings longer, it is the perfect time to issue another series of blog posts. This is the first of a set of four posts that will look at – amongst numerous closely related things – StableNet® implementations for monitoring automation.
Take a look at how our Director of Marketing describes consolidation and integration in Network Management. See where they overlap, how they differ and why the terms are important for StableNet®.