Improving Systems Dependability Through Analysis of Anomalies

Rufaida Ahmed, University of Utah
Webinar
DOE supercomputer

In this research, I study different complicated systems logs. The goal is to enhance systems' trustworthiness and improve dependability.

First, I look at complex system logs and attempt to model the system's normal behavior using invariant mining. This goal is to answer two questions: Are automated anomaly detection tools, specifically invariant mining useful in datacenters? And; does the anomalous behavior persist over time? To answer these questions, I study the logs from one year of operations coming from the Cloudlab testbed.

Second, existing anomaly detection tools do not specifically label malicious anomalies. They either disregard the malicious class, or they consider all anomalies malicious. This poses a problem for system admins who need to differentiate between the two classes. To solve this, I designed Deep-Sec, an anomaly detection framework that introduces a novel fine-grained scoring system that distinguish between benign and malicious anomalies on long sessions driven by human behavior.

Join on your computer or mobile app

Click here to join the meeting

Or call in (audio only)

+1 630-556-7958,,624164282#  United States, Big Rock

Phone Conference ID: 624 164 282#