Popular Post


Monday, October 10, 2011

Is Anomaly Detection Similar to Exception Detection? Apply SEDS for Information Security!

Sometimes I call my "Exception Detection" as "Anomaly Detection".  In some cases the performance degradation could be caused by parasite program (like badly written data collection agent ) or incompetent user (like submitting badly written ad-hock  database query) or even by a cyber attack (denial-of-service attack -DoS definitely  degrades performance to absolutly not performing, doesn't it?)

So it is similar by my opinion and the Exception Detection methodology I am offering to by using MASF technique can be applied to broader filed of Information Security. And vice versa! Some intrusion detection techniques could be useful for automatic performance issues detection!

I have made a litle Google reserch on that and found a few interesting approaches. See one of that:

See the abstract page for dissertation written by Steven Gianvecchio:

Application of information theory and statistical learning to anomaly detection.

So the question is "can that information theory (entropy analysis) could be applied to performance exception detection?"

1 comment:

  1. ____________________________

    UPDATE: see other related posts:

    Not a MASF Based Statistical Techniques (Entropy-based) for Anomaly Detection in Data Centers (http://itrubin.blogspot.com/2012/10/not-masf-based-statistical-techniques.html)

    Quantifying Imbalance in Computer Systems: CMG'11 Trip Report, Part 2 (http://itrubin.blogspot.com/2012/01/quantifying-imbalance-in-computer.html)