Active Database Systems: Triggers and Rules for Advanced Database Processing
Active Database Systems: Triggers and Rules for Advanced Database Processing
Trigger Condition Testing and View Maintenance Using Optimized Discrimination Networks
IEEE Transactions on Knowledge and Data Engineering
A knowledge plane for the internet
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Adaptive filters for continuous queries over distributed data streams
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Structural analysis of network traffic flows
Proceedings of the joint international conference on Measurement and modeling of computer systems
Adaptive stream resource management using Kalman Filters
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Diagnosing network-wide traffic anomalies
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Communication-efficient distributed monitoring of thresholded counts
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Querying the internet with PIER
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
NetProfiler: profiling wide-area networks using peer cooperation
IPTPS'05 Proceedings of the 4th international conference on Peer-to-Peer Systems
A geometric approach to monitoring threshold functions over distributed data streams
ACM Transactions on Database Systems (TODS)
Decentralized detection of global threshold crossings using aggregation trees
Computer Networks: The International Journal of Computer and Telecommunications Networking
Shape sensitive geometric monitoring
Proceedings of the twenty-seventh ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Network exception handlers: host-network control in enterprise networks
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Gossiping for threshold detection
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Complex Event Detection in Extremely Resource-Constrained Wireless Sensor Networks
Mobile Networks and Applications
Monitoring and status representation of devices in wireless grids
GPC'10 Proceedings of the 5th international conference on Advances in Grid and Pervasive Computing
Prediction-based geometric monitoring over distributed data streams
SIGMOD '12 Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data
An efficient method of sharing device resource status in wireless grids
Multiagent and Grid Systems
| Hi-index | 0.00 |
Recent research has proposed efficient protocols for distributed triggers, which can be used in monitoring infrastructures to maintain system-wide invariants and detect abnormal events with minimal communication overhead. To date, however, this work has been limited to simple thresholds on distributed aggregate functions like sums and counts. In this paper, we present our initial results that show how to use these simple threshold triggers to enable sophisticated anomaly detection in near-real time, with modest communication overheads. We design a distributed protocol to detect "unusual traffic patterns" buried in an Origin-Destination network flow matrix that: a) uses a Principal Components Analysis decomposition technique to detect anomalies via a threshold function on residual signals [10]; and b) efficiently tracks this threshold function in near-real time using a simple distributed protocol. In addition, we speculate that such simple thresholding can be a powerful tool for a variety of monitoring tasks beyond the one presented here, and we propose an agenda to explore additional sophisticated applications.