Revealing anomalies to support error detection in software-intensive systems is a promising approach when traditional detection mechanisms are considered inadequate or not applicable. The core of anomaly detection lies in the definition of the expected behavior of the observed system. Unfortunately, the behavior of complex and dynamic systems is particularly difficult to understand. To improve the accuracy of anomaly detection in such systems, in this paper we present a context-aware anomaly detection framework which acquires information on the running services to calibrate the anomaly detection. To cope with system dynamicity, our framework avoids instrumenting probes into the applica-tion layer of the observed system monitoring multiple underlying layers instead. Experimental evaluation shows that the detection accuracy is in-creased considerably through context-awareness and multiple layers moni-toring. Results are compared to state-of-the-art anomaly detectors exer-cised in demanding more static contexts.

Context-Awareness to improve Anomaly Detection in Dynamic Service Oriented Architectures / Zoppi, Tommaso; Ceccarelli, Andrea; Bondavalli, Andrea. - STAMPA. - 9922:(2016), pp. 145-158. (Intervento presentato al convegno INTERNATIONAL CONFERENCE ON COMPUTER SAFETY, RELIABILITY AND SECURITY tenutosi a Trondheim, Norway nel 20-23 September 2016) [10.1007/978-3-319-45477-1_12].

Context-Awareness to improve Anomaly Detection in Dynamic Service Oriented Architectures

ZOPPI, TOMMASO;CECCARELLI, ANDREA;BONDAVALLI, ANDREA
2016

Abstract

Revealing anomalies to support error detection in software-intensive systems is a promising approach when traditional detection mechanisms are considered inadequate or not applicable. The core of anomaly detection lies in the definition of the expected behavior of the observed system. Unfortunately, the behavior of complex and dynamic systems is particularly difficult to understand. To improve the accuracy of anomaly detection in such systems, in this paper we present a context-aware anomaly detection framework which acquires information on the running services to calibrate the anomaly detection. To cope with system dynamicity, our framework avoids instrumenting probes into the applica-tion layer of the observed system monitoring multiple underlying layers instead. Experimental evaluation shows that the detection accuracy is in-creased considerably through context-awareness and multiple layers moni-toring. Results are compared to state-of-the-art anomaly detectors exer-cised in demanding more static contexts.
2016
Computer Safety, Reliability and Security
INTERNATIONAL CONFERENCE ON COMPUTER SAFETY, RELIABILITY AND SECURITY
Trondheim, Norway
20-23 September 2016
Zoppi, Tommaso; Ceccarelli, Andrea; Bondavalli, Andrea
File in questo prodotto:
File Dimensione Formato  
SAFECOMP16_CameraReady_V2.pdf

accesso aperto

Tipologia: Pdf editoriale (Version of record)
Licenza: Creative commons
Dimensione 1.07 MB
Formato Adobe PDF
1.07 MB Adobe PDF

I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificatore per citare o creare un link a questa risorsa: https://hdl.handle.net/2158/1042887
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 11
  • ???jsp.display-item.citation.isi??? ND
social impact