Two Dimensional Time-Series for Anomaly Detection and Regulation in Adaptive Systems

Authors:
Mark Burgess
Affiliations:
-
Venue:
DSOM '02 Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications
Year:
2002

Citing 13
Cited 7

The measured performance of personal computer operating systems

SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Computer immunology

Communications of the ACM
Automated system administration with feedback regulation

Software—Practice & Experience
A statistical approach to predictive detection

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on selected topics in network and systems management
Measuring system normality

ACM Transactions on Computer Systems (TOCS)
Implementing a Generalized Tool for Network Monitoring

LISA '97 Proceedings of the 11th Conference on Systems Administration
Self-Monitoring and Self-Adapting Operating Systems

HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Adaptive Locks For Frequently Scheduled Tasks With Unpredictable Runtimes

LISA '97 Proceedings of the 11th USENIX conference on System administration
Computer Immunology

LISA '98 Proceedings of the 12th USENIX conference on System administration
Theoretical System Administration

LISA '00 Proceedings of the 14th USENIX conference on System administration
A comparison of methods for implementing adaptive security policies

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Intrusion detection using sequences of system calls

Journal of Computer Security
Computer system performance problem detection using time series models

Usenix-stc'93 Proceedings of the USENIX Summer 1993 Technical Conference on Summer technical conference - Volume 1

Configurable immunity for evolving human-computer systems

Science of Computer Programming - Methods of software design: Techniques and applications
Principle Components and Importance Ranking of Distributed Anomalies

Machine Learning
A control theory perspective on configuration management and Cfengine

ACM SIGBED Review
Probabilistic anomaly detection in distributed computer networks

Science of Computer Programming
Improving Anomaly Detection Event Analysis Using the EventRank Algorithm

AIMS '07 Proceedings of the 1st international conference on Autonomous Infrastructure, Management and Security: Inter-Domain Management
Multiagent Approach to Network Traffic Anomalies Uncertainty Level Assessment in Distributed Intrusion Detection System

KES-AMSTA '07 Proceedings of the 1st KES International Symposium on Agent and Multi-Agent Systems: Technologies and Applications
An environment for service composition, execution and resource allocation

PARA'12 Proceedings of the 11th international conference on Applied Parallel and Scientific Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

A two dimensional time approach is introduced in order to classify a periodic, adaptive threshold for service level anomaly detection. An iterative algorithm is applied to history analysis on this periodic time to provide a the smooth roll-off in the significance of the data with time. The algorithm described leads to an approximately ten-fold compression in data storage, and thousand fold improvement in computation cycles, compared to a naive time-series approach. The behaviour of this anomaly detector is discussed, and the result is implemented in cfengine for direct use in system management.