1 / 4

Self-Detection of Abnormal Event Sequences

Self-Detection of Abnormal Event Sequences. Project Lead: Farokh Bastani , I-Ling Yen, Latifur Khan Date: April 7, 2011. 2010/Current Project Overview Self-Detection of Abnormal Event Sequences. Tasks: Prepare Cisco event sequence data for analysis tools.

adanne
Download Presentation

Self-Detection of Abnormal Event Sequences

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Self-Detection of Abnormal Event Sequences Project Lead: FarokhBastani, I-Ling Yen, Latifur Khan Date: April 7, 2011

  2. 2010/Current Project OverviewSelf-Detection of Abnormal Event Sequences Tasks: Prepare Cisco event sequence data for analysis tools. Develop clustering, local outlier factor, and probabilistic finite state automata (PFSA) based technique for anomaly detection. Apply the techniques on Cisco datasets, analyze and validate the results. Use streaming techniques, parallelization, and prefix tree method to handle large datasets from Cisco. Enhance the anomaly detection tools for on-the-fly anomaly detection. Project Schedule: Task 1: preprocessor Task 1/2/3/4/5: Fine tuning Task 2/3/4: varoius anomaly detection techniques and applying them Task 5: on-the-fly detection A M J J A S O N D J F M A 10 11 Research Goals: Develop a diverse set of anomaly detection techniques for handling datasets with different characteristics. Handling large datasets is still a major issue in current data mining research and it is especially an issue in attributed event sequences. Develop run-time anomaly detection techniques to detect non-crashing faults in deployed systems to mitigate critical failures and ensure software reliability. • Benefits to Industry Partners: • A comprehensive set of techniques and tools to allow best analysis of different datasets. • Real-time on-the-fly anomaly detection capability. • Rapid adaptation of the tools to handle other application specific datasets.

  3. Project Results to Date Significant Finding/Accomplishment Task Complete Task Partially Complete Task Not Started

  4. Major Accomplishments, Discoveries, and Surprises Various Methods for Comparison & integration Real Time Processing Method: Anomaly Detection for Event Sequences Density Automata Clustering Collect Dt+T Build At Apply At–T Collect Dt+2T Build At+T Apply At Collect Dt Build At–T Apply At–2T Prefix-tree based K-Medoid MDI Prefix-tree based LOF Optimized & Added Anomaly Detection Capability t+3T t+2T t+T t Use prefix tree traces as input Developed Tool 2nd closest neighbor Prefix Tree Based Methods Experimental Results:Data Set: 2GB Cisco SDL trace logs (197,628 signal flows with 18 manually injected anomalies). Conducted on a PC with Intel Core i5 Duo 2.67 GHz CPU and 8 GB RAM.

More Related