Pattern Detector: Fast Detection of Suspicious Stream Patterns for Immediate Reaction

Detecting emerging problems in information and manufacturing systems is the goal of monitoring tools. Good and timely detection of problematic conditions from measured indicators requires efficient and effective detection of critical patterns in a stream of incoming observations. We present Pattern Detector, an interactive system which is capable of immediate detection and signaling of such patterns. Using user-defined query patterns which indicate e.g. low rate denial-of-service attacks in network traffic, this system signals problems fast and transparently. The underlying detection algorithm is based on a recent technique from computer networking research using the Dynamic Time Warping (DTW) measure. Fast query processing is achieved by reliably filtering out candidates via a highly efficient multistep filter-and-refine framework, anticipatory DTW (ADTW). This framework is capable of processing continuous streams such that appropriate action can be taken as soon as suspicious patterns occur. While our pattern detector system is developed specifically for network traffic by incorporating recent patterns from computer networking, it easily generalizes to many online stream monitoring tasks.

Authors: Assent I., Kremer H., Günnemann S., Seidl T.
Published in: Proc. International Conference on Extending Database Technology (EDBT/ICDT 2010), Lausanne, Switzerland.
Publisher: ACM - New York, NY, USA
Sprache: EN
Jahr: 2010
Additional:

(Demo)

Seiten: 709-712
ISBN: 978-1-60558-945-9
Konferenz: EDBT
DOI:10.1145/1739041.1739133
URL:EDBT/ICDT 2010
Typ: Tagungsbeiträge
Forschungsgebiet: Exploration of Multimedia Databases