共查询到20条相似文献,搜索用时 78 毫秒
1.
基于关联规则的通信网络告警相关性分析模型 总被引:4,自引:0,他引:4
在通信网络运行过程中.每天都会产生大量告警,将数据挖掘中的关联规则发现技术用于分析历史告警数据,可发现告警相关性规则。这些规则可辅助故障定位和告警过滤,以减轻网络管理员的工作强度,提高工作效率。本文分析了通信网络原始告警信息的特点,提出了一个基于关联规则的通信网络告警相关性分析模型,该模型通遏对原始告警数据进行预处理,不仅有效地解决了网络告警时间不同步问题,使得处理后的告警数据可直接用一般的关联规则挖掘工具发现告警相关规则,还大大地压缩了挖掘结果,提高了规则的准确率。初步的实验表明这种分析模型具有实用价值。 相似文献
2.
Recently, the application of association rules mining becomes an important research area in alarm correlation analysis. However, the original alarms in the telecommunication networks cannot be used to mine association rules directly. This paper proposes a novel preprocessing expert system model to deal with the original alarms. This model uses two important techniques, of which the time window technique is used for converting original alarms into transactions, and the neural network technique can classify the alarms with different levels according to the characteristics of telecommunication networks in order to mine the weighted association rules. Simulation results and the real-world applications demonstrate the effectiveness and practicality of this preprocessing expert system. 相似文献
3.
在网络管理领域,相关性分析愈来愈发挥出重要的作用。与传统的专家系统方法相比,相关性分析等数据挖掘方法,不仅能够有效克服知识获取、更新困难的瓶颈,而且,能够从海量网络管理信息中,快速挖掘出先前未知的却有潜在价值的信息和模式。通过对故障、告警数据的讨论分析,文章研究利用相关性分析,从历史告警序列数据中,挖掘潜在的相关性规则,讨论并定义了相关性的类型、相关性规则的表示语言、相关性规则的生成算法,最后讨论了运用相关性规则进行网络故障预测的方法。 相似文献
4.
5.
《Information and Software Technology》1999,41(9):557-567
In this paper we describe the final version of a knowledge discovery system, Telecommunication Network Alarm Sequence Analyzer (TASA), for telecommunication networks alarm data analysis. The system is based on the discovery of recurrent, temporal patterns of alarms in databases; these patterns, episode rules, can be used in the construction of real-time alarm correlation systems. Also association rules are used for identifying relationships between alarm properties. TASA uses a methodology for knowledge discovery in databases (KDD) where one first discovers large collections of patterns at once, and then performs interactive retrievals from the collection of patterns. The proposed methodology suits very well such KDD formalisms as association and episode rules, where large collections of potentially interesting rules can be found efficiently. When searching for the most interesting rules, simple threshold-like restrictions, such as rule frequency and confidence may satisfy a large number of rules. In TASA, this problem can be alleviated by templates and pattern expressions that describe the form of rules that are to be selected or rejected. Using templates the user can flexibly specify the focus of interest, and also iteratively refine it. Different versions of TASA have been in prototype use in four telecommunication companies since the beginning of 1995. TASA has been found useful in, e.g. finding long-term, rather frequently occurring dependencies, creating an overview of a short-term alarm sequence, and evaluating the alarm data base consistency and correctness. 相似文献
6.
7.
8.
通信网络中的告警相关性研究 总被引:8,自引:0,他引:8
随着通信网络的迅速发展和通信业务的拓展,对通信网络的管理与维护变得越来越困难。告警相关性在通信网络故障维护中起着十分关键的作用。文中介绍了告警相关性的定义,讨论了在告警相关性分析中存在的问题,分析比较了当前告警相关性采用的算法,阐述了采用数据挖掘的新发展方向。 相似文献
9.
故障诊断与定位是网络管理的核心,数据挖掘为告警相关性分析中知识获取提供了新的途径.通过对网络告警加权关联规则挖掘的研究,设计与实现了网络告警关联规则挖掘系统.该系统对网络告警相关性分析和故障的诊断定位有一定的意义和实用价值. 相似文献
10.
《Journal of Network and Computer Applications》2012,35(6):1781-1792
Many solutions have been proposed for network alarm correlation. However, they mainly have focused on alarm reduction and on root cause analysis. This paper presents an automated alarm correlation system composed of three layers, which obtains raw alarms and presents to network administrator a wide view of the scenario affected by the volume anomaly. In the preprocessing layer, it is performed the alarm compression using their spatial and temporal attributes, which are reduced into a unique alarm named Device Level Alarm (DLA). The correlation layer aims to infer the anomaly propagation path and its origin and destination using DLAs and network topology information. The presentation layer provides the visualization of the path and network elements affected by the anomaly propagation. Moreover, it is presented the Anomaly Propagation View (APV), a graphic tool developed to provide a wide visualization of the network status. In order to evaluate the effectiveness of the proposed solution, it was used real traffic data from State University of Londrina. 相似文献
11.
Ivan Caravela Artur Arsenio Nuno Borges 《Journal of Network and Systems Management》2016,24(4):974-1003
As telecommunication networks grow in size and complexity, monitoring systems need to scale up accordingly. Alarm data generated in a large network are often highly correlated. These correlations can be explored to simplify the process of network fault management, by reducing the number of alarms presented to the network-monitoring operator. This makes it easier to react to network failures. But in some scenarios, it is highly desired to prevent the occurrence of these failures by predicting the occurrence of alarms before hand. This work investigates the usage of data mining methods to generate knowledge from historical alarm data, and using such knowledge to train a machine learning system, in order to predict the occurrence of the most relevant alarms in the network. The learning system was designed to be retrained periodically in order to keep an updated knowledge base. 相似文献
12.
提出一种基于“最小发生的双时间窗口约束”时序规则挖掘新方法。该方法依据“双时间窗口”约束和“最小发生”判据,可判别在一个时间窗内的哪些告警事件导致了另一个时间窗内告警集合事件的产生,快速寻找出不同网络设备告警与其它网络设备告警之间的关联知识。通过对采集某省级IP网的告警数据库进行规则挖掘实验,表明该方法可以准确、快速地挖掘出海量网络告警数据库中大量有意义的时序规则,这些规则可作为选验知识来指导网络智能化故障定位、诊断及预测。 相似文献
13.
14.
Stefan Wallin 《Journal of Network and Systems Management》2009,17(4):457-481
Alarm management has been around for decades in telecom solutions. We have seen various efforts to define standardised alarm
interfaces. The research community has focused on various alarms correlation strategies. Still, after years of effort in industry
and research alike, network administrators are flooded with alarms; alarms are suffering from poor information quality; and
the costs of alarm integration have not decreased. In this paper, we explore the concept of ‘alarm’. We define ‘alarm’ and
alarm-type concepts by investigating the different definitions currently in use in standards and research efforts. Based on
statistical alarm data from a mobile operator we argue that operational and capital expenditures would decrease if alarm sources
would apply to our alarm model. 相似文献
15.
针对FP-Growth算法中频繁模式树的遍历低效问题,提出了一种无项头表的频繁模式增长算法。该算法利用递归回溯的方式遍历频繁模式树以求取条件模式基,解决了对同一树路径多次重复遍历的问题。从理论分析和实际挖掘能力两方面,将新算法与FP-Growth算法进行了对比。结果表明,新算法有效减少了条件模式基的搜索开销,使频繁模式挖掘的效率提高了2~5倍,在时间和空间性能上均优于FP-Growth算法。将该算法应用于通信告警关联规则挖掘,较快地挖掘出了关联规则结果,且正确规则的覆盖率达到了83.3%。 相似文献
16.
Alarm summary interfaces are lists of chronologically sorted alarms used in oil producing supervision programs for decades. When a great number of alarms are activated in a small interval of time – that is, an alarm flood – alarm summary ceases to be as useful to understand the process situation. New alarm systems and interfaces are necessary to support operators' decision when dealing with such alarm floods. Situational awareness is an important concept for process operators when making decisions. The application of Ecological Interface Design concepts can lead to better interface designs, especially in unanticipated situations. The aim of this work is to verify the usefulness of a new ecological alarm interface, called Advanced System of Intelligent Alarms (SAAI, the Portuguese acronym). SAAI displays alarms prioritised in real-time with relevant graphical information on process conditions. Professional operators' situational awareness is measured when using either the SAAI interface, or the alarm summary interface, connected to a dynamic simulator running a model of an oil production process. Measurement techniques used include objective and subjective rating approaches, and a proposed technique. Operators' situation awareness for SAAI interface has shown greater values under all techniques used, compared to alarm summary interface. Although the new interface implied that operators would have to look also at an extra monitor, results show that their situation awareness improved on average, and that situation awareness might be less impaired under alarm floods.Relevance to industrySituation awareness plays an important role in operators' decision-making process. Alarm systems are critical in complex process operation, and alarm floods may impair operators' decisions. A new alarm ecological interface designed to maintain operators' situational awareness under alarm floods may mean an improvement in operation safety and efficiency. 相似文献
17.
王平水 《计算机工程与应用》2010,46(30):115-116
关联规则挖掘是数据挖掘的一个重要研究领域。针对经典Apriori算法频繁扫描事务数据库致使运行效率低下的缺点,在研究已有关联规则挖掘算法的基础上,提出一种改进的基于关系矩阵的关联规则挖掘算法。理论分析和实验结果均表明,所提算法是高效的和实用的。 相似文献
18.
针对城市轨道交通的海量监控报警数据分析难度大的问题,结合设备故障特征,应用数据挖掘方法定义聚类特征树,建立基于故障集的层次聚类分析模型,取得故障要素的高频聚类并识别关联规则。通过构建故障贝叶斯层次网络,提出故障预警模型,计算取值概率推断预警值,进一步探讨了关联性预警的识别和应用策略。采用某城市轨道交通的阶段报警数据实例验证,表明识别出的故障关联规则与实际较好地符合,利用该方法推断故障预警能快速定位风险隐患,为安全管理提供有效的决策支持。 相似文献
19.
In order to improve road safety, automobile manufacturers are now developing Forward Collision Warning Systems (FCWS). However, there has been insufficient consideration of how drivers may respond to FCWS. This driving simulator study focused on alarm timing and its impact on driver response to alarm. The experimental investigation considered driver perception of alarm timings and its influence on trust at three driving speeds (40, 60 and 70 mile/h) and two time headways (1.7 and 2.2 s). The results showed that alarm effectiveness varied in response to driving conditions. Alarm promptness had a greater influence on ratings of trust than improvements in braking performance enabled by the alarm system. Moreover, alarms which were presented after braking actions had been initiated were viewed as late alarms. It is concluded that drivers typically expect alarms to be presented before they initiate braking actions and when this does not happen driver trust in the system is substantially decreased. 相似文献
20.
Markus Schleburg Lars Christiansen Nina F. Thornhill Alexander Fay 《Journal of Process Control》2013,23(6):839-851
A process alarm arises when normal operation limits are exceeded and an alarm management system alerts the operator of a process plant. Due to the material, energy and information flow in a plant, single disturbances can cause multiple consequent alarm messages, and the alarm messages may overload the operator by presenting many redundant alarms. This undesired situation is called an ‘alarm flood’. In such situations, the operator might not be able to fulfil his required tasks to keep the plant within safe operation limits and to find the root cause of the disturbance. The aim of the work presented in this paper is to reduce the number of alerts presented to the operator. If alarms are related to one another, those alarms should be grouped and presented as one alarm problem. For the implementation of the concept, a software prototype has been developed to perform this reduction automatically. The analysis process starts with the alarm history which is a log containing all past alarm messages. This is combined with the plant topology of the controlled system and a set of rules. The rules describe typical interrelations between alarm messages which have a common cause. The combination of these three elements yields an effective alarm management strategy that can help plant owners and operators to comply with standards for alarm management such as ANSI/ISA 18.2 (2009) and EEMUA 191 (2007) which set limits on the number of alarms per unit time for an operator. The effectiveness of the approach is illustrated by two industrial examples where a significant reduction of alarms has been achieved. 相似文献