ASN Traffic Volume
Unusual ASN Traffic Volume
Detecting an unusual volume of traffic to or from an Autonomous System (AS) is crucial for maintaining the integrity and performance of network infrastructures. An Autonomous System is a collection of IP routing prefixes under the control of one or more network operators that presents a common, clearly defined routing policy to the internet. Unusual traffic patterns involving an AS can be indicative of several issues, such as targeted cyber attacks, network hijacking, or unintentional misconfigurations leading to traffic floods or leaks. Identifying these anomalies promptly is essential for preventing potential network disruptions, mitigating security risks, and ensuring efficient network operation. Early detection allows network operators to take swift corrective actions to address the underlying causes and maintain the stability of their networks.
ElastiFlow provides a collection of anomaly detection jobs designed to identify unusual volumes of traffic to or from an Autonomous System comprises various tools and techniques focused on monitoring and analyzing network traffic patterns.
Attributes
Attribute | Information |
---|---|
Analysis | temporal |
Downloads
Schema | Endpoint | Metric | Link |
---|---|---|---|
CODEX | source | bytes | elastiflow_codex_perf_asn_src_thruput_bytes |
CODEX | source | packets | elastiflow_codex_perf_asn_src_thruput_packets |
CODEX | source | flows | elastiflow_codex_perf_asn_src_thruput_flows |
CODEX | destination | bytes | elastiflow_codex_perf_asn_dst_thruput_bytes |
CODEX | destination | packets | elastiflow_codex_perf_asn_dst_thruput_packets |
CODEX | destination | flows | elastiflow_codex_perf_asn_dst_thruput_flows |
ECS | source | bytes | elastiflow_ecs_perf_asn_src_thruput_bytes |
ECS | source | packets | elastiflow_ecs_perf_asn_src_thruput_packets |
ECS | source | flows | elastiflow_ecs_perf_asn_src_thruput_flows |
ECS | destination | bytes | elastiflow_ecs_perf_asn_dst_thruput_bytes |
ECS | destination | packets | elastiflow_ecs_perf_asn_dst_thruput_packets |
ECS | destination | flows | elastiflow_ecs_perf_asn_dst_thruput_flows |
By implementing this suite of anomaly detection jobs, network administrators and security professionals can quickly identify unusual traffic patterns involving an Autonomous System. Early identification of these anomalies is key to taking timely actions to investigate and resolve potential issues, whether they are security-related, operational, or configuration-based. This proactive approach is vital for ensuring the ongoing security, performance, and reliability of network operations in the complex and dynamic environment of internet routing and traffic management.