Automating Rapid Network Anomaly Detection with In-band Network Telemetry

Network anomaly detection plays a significant role in Operation Administration and Maintenance (OAM). In this letter, we propose INT-detector, an automated and rapid network anomaly detection system, by combining In-band Network Telemetry (INT) and Deep Learning (DL). First, we build an INTbased telemetry prototype, enabling fine-grained monitoring by acquiring hop-by-hop device states. Then, we leverage Generative Adversarial Active Learning (GAAL) to detect anomalies without overreliance on the human intervention. Besides, we perform data preprocessing with low-pass filtering to eliminate transient traffic jitters for detecting more persistent anomalies. INT-detector is accurate and achieves 0.979 AUC on the collected INT dataset.