Detection of Anomalies in a SOA System by Learning Algorithms

Bluemke, Ilona; Tarka, Marcin

doi:10.1007/978-3-642-30662-4_5

Cited by 4 publications

(6 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The results presented in this paper and in [29] show that in anomalies detection in SOA systems different algorithms may appear most suitable for different type of anomaly so further research should be conducted. The exemplary SOA system (section 2) enables to conduct other experiments examining the suitability of learning algorithms in the detection of other anomalies.…”

Section: Discussionmentioning

confidence: 89%

“…In [29] the results of detecting other anomaly -the change in frequencies of service calls was described. The least accurate in the detection of this kind of anomaly was the k-means clustering algorithm and the best was emerging pattern algorithm.…”

Section: Discussionmentioning

confidence: 99%

“…In ours research' environment this anomaly was obtained by forcing the request generator not to generate courier delivery services by setting parameter Courier_share to zero [24]. In [29] the detection of anomalies in the frequency of service calls by K-means clustering algorithm and emerging patterns are described.…”

Section: Methodsmentioning

confidence: 99%

“…In [29] we have shown that this algorithm was not suitable in detecting the change in frequencies of single services calls.…”

Section: K-means Algorithmmentioning

confidence: 96%

See 3 more Smart Citations

Learning Algorithms in the Detection of Unused Functionalities in SOA Systems

Bluemke

Tarka

2013

Computer Information Systems and Industrial Management

Self Cite

View full text Add to dashboard Cite

Abstract. The objective of this paper is to present an application of learning algorithms to the detection of anomalies in SOA system. As it was not possible to inject errors into the "real" SOA system and to analyze the effect of these errors, a special model of SOA system was designed and implemented. In this system several anomalies were introduced and the effectiveness of algorithms in detecting them were measured. The results of experiments can be used to select efficient algorithm for anomaly detection. Two algorithms: K-means clustering and Kohonen networks were used to detect the unused functionalities and the results of this experiment are discussed. IntroductionWith the growth of computer networking, electronic commerce, and web services, security of networking systems has become very important. Many companies now rely on web services as a major source of revenue. Computer hacking poses significant problems to these companies, as distributed attacks can make their systems or services inoperable for some period of time. As this happens often, an entire area of research, called Intrusion Detection, is devoted to detect these activities. Nowadays many system are based on Service Oriented Architecture (SOA) [1,2] idea. A system based on SOA provides functionalities as a suite of interoperable services that can be used within multiple, separate systems from several business domains. SOA also provides a way for consumers of services, such as web-based applications, to be aware of available SOA-based services. Service-orientation requires loose coupling of services with operating systems, and other technologies that underly applications. SOA separates functionality into distinct units, or services, which developers make accessible over a network in order to allow users to combine and reuse them in the production of applications.The objective of this paper is to present the detection of anomalies in SOA systems by learning algorithms. Related work is presented in section 2 and in section 3, a special model of SOA system which was used in experiments, is presented. In this systems several anomalies were introduced. Four algorithms: Chi-Square statistics, k-means clustering, emerging patterns and Kohonen networks were used to detect anomalies. Detection of anomalies by k-means and Kohonen networks is presented in section 4 and some conclusions are given in section 5.

show abstract

Section: Discussionmentioning

confidence: 89%

Section: Discussionmentioning

confidence: 99%

Section: Methodsmentioning

confidence: 99%

“…In [29] we have shown that this algorithm was not suitable in detecting the change in frequencies of single services calls.…”

Section: K-means Algorithmmentioning

confidence: 96%

See 2 more Smart Citations

Learning Algorithms in the Detection of Unused Functionalities in SOA Systems

Bluemke

Tarka

2013

Computer Information Systems and Industrial Management

Self Cite

View full text Add to dashboard Cite

show abstract

“…Focusing on Unknowns. In addition to the surveyed works, we refer to the context-aware studies in [47], [48] to evaluate the ability of MADneSs to detect manifestation of unknowns, either due to undiscovered faults or zero day attacks. In [47] authors use a contextual misuse detector combined with a neighbour-based algorithm to detect zero-day cyber-attacks in static systems.…”

Section: Comparison With Respect To Other Frameworkmentioning

confidence: 99%

MADneSs: A Multi-Layer Anomaly Detection Framework for Complex Dynamic Systems

Zoppi

Ceccarelli

Bondavalli

2021

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Anomaly detection can infer the presence of errors without observing the target services, but detecting variations in the observable parts of the system on which the services reside. This is a promising technique in complex software-intensive systems, because either instrumenting the services' internals is exceedingly time-consuming, or encapsulation makes them not accessible. Unfortunately, in such systems anomaly detection is often ineffective due to their dynamicity, which implies changes in the services or their expected workload. Here we present our approach to enhance the efficacy of anomaly detection in complex, dynamic software-intensive systems. After discussing the related challenges, we present MADneSs, an anomaly detection framework tailored for the above systems that includes an adaptive multi-layer monitoring module. Monitored data are then processed by the anomaly detector, which adapts its parameters depending on the current system behavior. An anomaly alert is provided if the analysis conducted by the anomaly detector identify unexpected trends in the data. MADneSs is evaluated through an experimental campaign on two service-oriented architectures; software faults are injected in the application layer, and detected through monitoring of underlying system layers. Lastly, we quantitatively and qualitatively discuss our results with respect to state-of-the-art solutions, highlighting the key contributions of MADneSs.

show abstract

Detection of Changes in Group of Services in SOA System by Learning Algorithms

Bluemke

Tarka

2015

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

Detection of Anomalies in a SOA System by Learning Algorithms

Cited by 4 publications

References 4 publications

Learning Algorithms in the Detection of Unused Functionalities in SOA Systems

Learning Algorithms in the Detection of Unused Functionalities in SOA Systems

MADneSs: A Multi-Layer Anomaly Detection Framework for Complex Dynamic Systems

Detection of Changes in Group of Services in SOA System by Learning Algorithms

Contact Info

Product

Resources

About