Popular Post

_

Monday, October 10, 2011

Is Anomaly Detection Similar to Exception Detection? Apply SEDS for Information Security!

Sometimes I call my "Exception Detection" as "Anomaly Detection".  In some cases the performance degradation could be caused by parasite program (like badly written data collection agent ) or incompetent user (like submitting badly written ad-hock  database query) or even by a cyber attack (denial-of-service attack -DoS definitely  degrades performance to absolutly not performing, doesn't it?)

So it is similar by my opinion and the Exception Detection methodology I am offering to by using MASF technique can be applied to broader filed of Information Security. And vice versa! Some intrusion detection techniques could be useful for automatic performance issues detection!

I have made a litle Google reserch on that and found a few interesting approaches. See one of that:

See the abstract page for dissertation written by Steven Gianvecchio:

Application of information theory and statistical learning to anomaly detection.


So the question is "can that information theory (entropy analysis) could be applied to performance exception detection?"
Posted by at
Labels:

1 comment:

  1. Igor TrubinApril 11, 2013

    ____________________________

    UPDATE: see other related posts:



    Not a MASF Based Statistical Techniques (Entropy-based) for Anomaly Detection in Data Centers (http://itrubin.blogspot.com/2012/10/not-masf-based-statistical-techniques.html)



    Quantifying Imbalance in Computer Systems: CMG'11 Trip Report, Part 2 (http://itrubin.blogspot.com/2012/01/quantifying-imbalance-in-computer.html)

    ReplyDelete

Subscribe to: Post Comments (Atom)