대지 67@5x.png

KT RND Center

KT.com Web log Anomaly Pattern Detection System for Netflow

Nowadays, the network service environment is exposed to various intrusions and attacks due to the complexity and diversification of high-speed Internet-based application traffic such as real-time voice, video, streaming, and online games. The network traffic and stability monitoring now became essential element to network service provider, KT RND team wanted to implement anomaly pattern detection capability based on active and advanced AI web log analysis to respond to more intelligent and complex network attacks.

학습 및 테스트 자료 생성.png

Modelling & Test set generation

툴 개발.png
알고리즘 개발.png

Development of tools

for TP, FP and FN calculation

Anomaly pattern detection algorithm deveolpment

대시보드 시각화.png

System integration & dashboard

Technological Challenges

Overcoming the limitations of rule-based technology

Ruleset-based design that is widely in use for commercial monitoring systems require to identify data and abnormal patterns in advance by experts. This process takes considerable time and cost which is not suitable for large networks. By using Ellexi’s time-series normal pattern deep learning modeling (assuming every data is normal), it can be applied immediately without need of ruleset design process by the experts.

1

Monitoring result reliability

It is difficult to achieve 100% detection of intelligent and complex threats through monitoring system. Existing monitoring systems suffers from unknow threats and frequent false positive issues. Ellexi has secured the monitoring reliability by applying hybrid approach, combining deep learning modelling and HBKS (Hierarchical Behavior Knowledge Space) that gradually reduces false positives, minimized alarm fatigue and identify unknow threats.

2

Road Map

M

  • Data Collection

  • Data Analysis

M+3

  • Field Test

M+1 / M+2

  • Data Modeling

Key Features

Real-time Network status change dataction

1

Lossless giag-class link traffic collection & analysis

2

Harmful traffic detection (abnormal/harmful traffic)

3

Unidentified traffic and application detaction (By class, type, unknown)

4

Detailed flow traffic analysis

5

The Result

99.36%

Anomaly Detection Accurcy

0.0004s

Confirmation within 1min after detection

Process time/case

100%

False Discovery rate

100%

API Integration

KT RND Center 결과.png
Philo-AD.png

Check out Ellexi's AI

​Philo-AD (Anomaly Pattern Detection) Curious about the solution?