Anomaly detection using LSTM neural networks: an application to VoIP traffic

Voice communications nowadays are largely dominated by VoIP, which substituted the Plain Old Telephone Network over the years. Telephone exchanges are thus software-based rather than electromechanical, and a whole set of new methods for analyzing anomalies has been introduced. This paper addresses the implementation of an AI application, based on the LSTM model, whose aim is to learn to predict the VoIP traffic shape given what happened in the past, to compare it with the normal or expected traffic, and eventually state whether the system is going to fall into an anomalous situation or not. In the paper we use data from a real working system instead of synthetic data or pre-built datasets. We consider a system in a real production environment, and we deployed the model we developed on the system itself, comparing its forecasts with the actual VoIP traffic flow. We verified that the forecasts and the actual traffic do not significantly differ in the general case. In one case, however, our model contributed to find a configuration problem in the system, allowing to correct it before it could generate further issues. These results confirm the usefulness of the model in detecting malfunctions or anomalies in VoIP based systems. Further applications of the proposed methodology include video conferencing and other IP-based communication systems.