Anomaly detection system using resource pattern learning

Yuki Ohno, Midori Sugaya, Andrej Van Der Zee, Tatsuo Nakajima

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

In this paper, Anomaly Detection by Resource Monitoring (Ayaka), a novel lightweight anomaly and fault detection infrastructure, is presented for Information Appliances. Ayaka provides a general monitoring method for detecting anomalies using only resource usage information on systems independent of its domain, target application and programming languages. Ayaka modifies the kernel to detect faults and uses a completely application black-box approach based on machine learning methods. It uses the clustering method to quantize the resource usage vector data and learn the normal patterns with Hidden Markov Model. In the running phase, Ayaka finds anomalies by comparing the application resource usage with learned model. The evaluation experiment indicates that our prototype system is able to detect anomalies, such as SQL injection and buffer overrun, without significant overheads.

Original languageEnglish
Title of host publicationProceedings - 1st International Workshop on Software Technologies for Future Dependable Distributed Systems, STFSSD 2009
Pages38-42
Number of pages5
DOIs
Publication statusPublished - 2009 Dec 1
Event1st International Workshop on Software Technologies for Future Dependable Distributed Systems, STFSSD 2009 - Tokyo, Japan
Duration: 2009 Mar 172009 Mar 18

Publication series

NameProceedings - 1st International Workshop on Software Technologies for Future Dependable Distributed Systems, STFSSD 2009

Conference

Conference1st International Workshop on Software Technologies for Future Dependable Distributed Systems, STFSSD 2009
CountryJapan
CityTokyo
Period09/3/1709/3/18

    Fingerprint

Keywords

  • Anomaly Detection
  • Dependability
  • Hidden Markov Model
  • Machine Learning

ASJC Scopus subject areas

  • Hardware and Architecture
  • Information Systems

Cite this

Ohno, Y., Sugaya, M., Van Der Zee, A., & Nakajima, T. (2009). Anomaly detection system using resource pattern learning. In Proceedings - 1st International Workshop on Software Technologies for Future Dependable Distributed Systems, STFSSD 2009 (pp. 38-42). [4804569] (Proceedings - 1st International Workshop on Software Technologies for Future Dependable Distributed Systems, STFSSD 2009). https://doi.org/10.1109/STFSSD.2009.41