Sciweavers

MINENET
2006
ACM

Toward sophisticated detection with distributed triggers

14 years 6 months ago
Toward sophisticated detection with distributed triggers
Recent research has proposed efficient protocols for distributed triggers, which can be used in monitoring infrastructures to maintain system-wide invariants and detect abnormal events with minimal communication overhead. To date, however, this work has been limited to simple thresholds on distributed aggregate functions like sums and counts. In this paper, we present our initial results that show how to use these simple threshold triggers to enable sophisticated anomaly detection in near-real time, with modest communication overheads. We design a distributed protocol to detect “unusual traffic patterns” buried in an OriginDestination network flow matrix that: a) uses a Principal Components Analysis decomposition technique to detect anomalies via a threshold function on residual signals [10]; and b) efficiently tracks this threshold function in near-real time using a simple distributed protocol. In addition, we speculate that such simple thresholding can be a powerful tool for...
Ling Huang, Minos N. Garofalakis, Joseph M. Heller
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Where MINENET
Authors Ling Huang, Minos N. Garofalakis, Joseph M. Hellerstein, Anthony D. Joseph, Nina Taft
Comments (0)