SYSTEM ANOMALY DETECTION USING PARAMETER FLOWS

SYSTEM ANOMALY DETECTION USING PARAMETER FLOWS

One embodiment provides a method, including: receiving a plurality of loglines from a system execution log; generating at least one control flow graph by mining (i) a plurality of templates and (ii) a sequence of the plurality of templates defined by an order encountered during execution from the sy...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Aggarwal, Pooja, Mandal, Atri, Atreja, Shubham, Dasgupta, Gargi Banerjee
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:One embodiment provides a method, including: receiving a plurality of loglines from a system execution log; generating at least one control flow graph by mining (i) a plurality of templates and (ii) a sequence of the plurality of templates defined by an order encountered during execution from the system execution log, wherein the control flow graph identifies flows between templates during execution; mining (i) discriminative parameters, (ii) a position for each of the mined discriminative parameters within a template, and (iii) a value of each of the mined discriminative parameters; annotating edges of the at least one control flow graph with the values of the mined discriminative parameters within the control flow graph; identifying execution traces from the system execution log using the values of the mined discriminative parameters; and detecting system anomalies in the identified execution traces by comparing one of the execution traces to an expected execution.