A Multi-Layer Anomaly Detector for Dynamic Service-Based Systems

Research Area: Uncategorized Year: 2015
Type of Publication: In Proceedings Keywords: anomalies, monitor, complex event processor, Service Oriented Architecture, Secure
Authors: Tommaso Zoppi; Andrea Bondavalli; Andrea Ceccarelli; Massimiliano Itria
Volume: 9337
Book title: Computer Safety, Reliability, and Security
Series: Lecture Notes in Computer Science Pages: 166-180
Month: September
ISBN: 978-3-319-24254-5 ISSN: 0302-9743
BibTex:
Abstract:
Revealing anomalies to support error detection in complex systems is a promising approach when traditional detection mechanisms (e.g., based on event logs, probes and heartbeats) are considered inadequate or not applicable. The detection capability of such complex system can be enhanced observing different layers to achieve richer information that describes the system status. Relying on an algorithm for statistical anomaly detection, in this paper we present the definition and implementation of an anomaly detector able to monitor data acquired from multiple layers, namely the Operating system and the Application Server, of a remote physical or virtual node. As case study, such monitoring system is applied to a node of the Secure! crisis management servicebased system. Results show the monitor performance, the intrusiveness of the probes, and ultimately the improved detection capability achieved observing data from the different layers.

Resilient Computing Lab, 2011

Joomla - Realizzazione siti web