KT RND Center
KT.com Web log Anomaly Pattern Detection System for Netflow
Nowadays, the network service environment is exposed to various intrusions and attacks due to the complexity and diversification of high-speed Internet-based application traffic such as real-time voice, video, streaming, and online games. The network traffic and stability monitoring now became essential element to network service provider, KT RND team wanted to implement anomaly pattern detection capability based on active and advanced AI web log analysis to respond to more intelligent and complex network attacks.
Development of tools for TP, FP and FN calculation
System integration & dashboard
Modelling & Test set generation
Anomaly pattern detection algorithm development
Overcoming the limitations of
Ruleset-based design that is widely in use for commercial monitoring systems require to identify data and abnormal patterns in advance by experts. This process takes considerable time and cost which is not suitable for large networks. By using Ellexi’s time-series normal pattern deep learning modeling (assuming every data is normal), it can be applied immediately without need of ruleset design process by the experts.
Monitoring result reliability
It is difficult to achieve 100% detection of intelligent and complex threats through monitoring system. Existing monitoring systems suffers from unknow threats and frequent false positive issues. Ellexi has secured the monitoring reliability by applying hybrid approach, combining deep learning modelling and HBKS (Hierarchical Behavior Knowledge Space) that gradually reduces false positives, minimized alarm fatigue and identify unknow threats.
M+1 / M+2
M+3 / M+4
Real-time network status change detection
Lossless giga-class link traffic collection & analysis
Harmful traffic detection (abnormal/harmful traffic)
Unidentified traffic and application detection (By class, type, unknown)
Detailed flow traffic analysis
Anomaly Detection Accuracy 99.36%
Process time/case 0.000444 sec
Confirmation within 1min after detection
False Discovery rate 34.26%
Miss Rate 1.02%