Referenced Items are not available for this document.
Anomaly detection has the potential to detect unusual behavior and novel attacks that have not been previously observed. Audits of many events including system calls, user command usage, credit card usage, etc. can be used as the basis for anomaly detection. Examination of these traces of ordered events allows classification of audit trails as normal or anomalous. This paper explores the utility of wavelets as a classification method for use in the context of anomaly detection in parallel programs run in a high performance cluster environment. The events considered are traces of function calls and system calls invoked by parallel programs. Two wavelet-based classification methods are described for anomaly detection. The wavelet-based approaches are sensitive to both order and frequency behavior of the events. The experimental results indicate that both wavelet-based classification methods are more effective in the detection of anomalies than sequence matching.
Published in:
Networking, Sensing and Control, 2005. Proceedings. 2005 IEEE
Date of Conference: 19-22 March 2005
- Page(s):
- 348 - 353
- Print ISBN:
- 0-7803-8812-7
- INSPEC Accession Number:
- 8495907
- Digital Object Identifier :
- 10.1109/ICNSC.2005.1461214
- Product Type:
- Conference Publications
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
