Anomaly Management using Complex Event Processing
نویسندگان
چکیده
During the last decade, complex event processing (CEP) has emerged as a technological foundation for many time-critical monitoring applications. CEP is powerful, effective, easy to use and low in costs at the same time. Common CEP applications are for example stock-market analysis, detection of fraudulent credit card use, traffic monitoring and consumption forecasting in power grids. Many application domains are still hard to target by CEP, because state of the art CEP technology is characterized by a static behavior and by a signature-based detection paradigm. In this paper, we motivate substantial improvements of CEP technology by making the behavior of the infrastructure dynamic and by switching the detection paradigm from signatures to anomalies. This leads to multiple changes in the infrastructure that raise interesting and challenging research questions. The resulting dynamic CEP infrastructure not only makes existing applications more powerful and easier to maintain but also enables novel application domains.
منابع مشابه
PlanetData Network of Excellence FP 7 – 257641 D 1 . 5 Trend and anomaly detection in non - structured data Coordinator : Alexandra Moraru
for dissemination) Non-structured or unstructured data is data that doesn’t conform to an explicit and well-defined formal data model. This deliverable focuses on textual and network data. We discuss several statistical properties by which these types of data differ from more structured data. Trend and anomaly detection is the process of discovering patterns in the data that do not conform to n...
متن کاملStuttgart High - Performance Complex Event Processing to Detect Anomalies in Streaming RDF Data
. . . A lot of sensors nowadays are embedded in smart factories which generate massive real-time data about the functional conditions of the manufacturing equipments. Complex Event Processing(CEP) systems are involved to analyze continuous behavior of these machines, detect undesired patterns and give alerts in case of anomalies. In this thesis, we introduce an architectural design and concrete...
متن کاملEnhancing Security Event Management Systems with Unsupervised Anomaly Detection
Security Information and Event Management (SIEM) systems are today a key component of complex enterprise networks. They usually aggregate and correlate events from different machines and perform a rule-based analysis to detect threats. In this paper we present an enhancement of such systems which makes use of unsupervised anomaly detection algorithms without the need for any prior training of t...
متن کاملMastering Security Anomalies in Virtualized Computing Environments via Complex Event Processing
To protect computer systems and their users against security attacks, all potential security related incidents should be detected by monitoring system behavior. In this paper, a novel approach to detect, analyze and handle security anomalies in virtualized computing systems is presented. Adequate sensors on different virtualization layers monitor relevant events, a Complex Event Processing engi...
متن کاملIntegration of Business Process Management and Complex Event Processing
Business Process Management (BPM) and Complex Event Processing (CEP) are two technologies with growing market shares. Additional to their inherent strengths, they also complement well. This paper will present two general scenarios for integrating both technologies together with an example for each scenario. These examples are realized using ActiveVOS as BPM suite and Esper as CEP suite. Both su...
متن کامل