Pattern detector: fast detection of suspicious stream patterns for immediate reaction

  • Authors:

  • Ira Assent;Hardy Kremer;Stephan Günnemann;Thomas Seidl

  • Affiliations:

  • Aalborg University, Denmark;RWTH Aachen University, Germany;RWTH Aachen University, Germany;RWTH Aachen University, Germany

  • Venue:
  • Proceedings of the 13th International Conference on Extending Database Technology
  • Year:
  • 2010

Quantified Score

Hi-index 0.00

Visualization

Abstract

Detecting emerging problems in information and manufacturing systems is the goal of monitoring tools. Good and timely detection of problematic conditions from measured indicators requires efficient and effective detection of critical patterns in a stream of incoming observations. We present Pattern Detector, an interactive system which is capable of immediate detection and signaling of such patterns. Using user-defined query patterns which indicate e.g. low rate denial-of-service attacks in network traffic, this system signals problems fast and transparently. The underlying detection algorithm is based on matching patterns using the Dynamic Time Warping (DTW). Fast query processing is achieved by reliably filtering out candidates via a highly efficient multistep filter-and-refine framework, anticipatory DTW (ADTW). This framework is capable of processing continuous streams such that appropriate action can be taken as soon as suspicious patterns occur. While our pattern detector system is developed specifically for network traffic by incorporating recent patterns from computer networking, it easily generalizes to many online stream monitoring tasks.