基于配置语句树的网络设备配置异常检测算法

Anomaly Detection Algorithm for Network Device Configuration Based on Configuration Statement Tree

随着网络通信设备的发展,设备配置异常引发的问题日益显著。传统的检测工具通常只针对拼写、格式等进行检测,无法检测逻辑问题。因此,目前的配置异常检测工作高度依赖工程师经验。为了提高网络服务质量并减少工程师的重复工作,以及解决传统工具检测速度慢、检测能力弱、通用性差等问题,文中借鉴了抽象语法树的设计理念,创新性地提出了一种基于“配置语句树”的无监督异常检测算法。通过统计分析,该算法可以确定7种可检测异常类型,并支持异常定位和异常修改方案的推荐。文中采用运营商现网运营中的配置,根据算法可检测种类、运行时间、准确率和召回率这几个指标进行量化评估和对比分析。实验结果表明,该算法具有良好的鲁棒性,完全能够有效应对网络设备配置异常引发的网络通信问题。

The problem of device configuration anomalies is becoming increasingly significant with the development of network communication equipment.Traditional detection tools usually only detect spelling,formatting and other issues,and cannot identify logic problems.Consequently,engineers’experience plays a critical role in detecting such anomalies.To improve network service quality,reduce repetitive work,and address issues like slow detection speed,weak detection capabilities,and poor versatility of traditional tools,this paper draws on the design concept of abstract syntax trees and proposes an innovative unsupervised anomaly detection algorithm based on“configuration statement trees.”It can identify seven types of detectable anomalies and provides recommendations for anomaly localization and modification plans.The paper evaluates and compares the algorithm based on indicators such as detectable types,runtime,accuracy,and recall using configurations from the operator’s current network operation.The results demonstrate that the algorithm has good robustness and can effectively address network communication issues resulting from configuration anomalies in network communication equipment.