Entropy-Based Anomaly Detection for SAP z/OS Systems
نویسنده
چکیده
This paper presents techniques based on relative entropy a metric for characterizing structure in data environments and applies them to both measured production performance data as well as synthetic data modeled on the statistical profiles of production data. The proposed technique provides significant improvements over industry standard Gaussian-based multivariate adaptive statistical filter (MASF) methods. In addition, the proposed algorithms have greater computational efficiency. In a series of experiments, entropy based anomaly detection algorithms were applied to production data in a SAP Z/OS-based operating environment as well as carefully calibrated anomaly-injected datasets of varying structure. Results showed important improvements in recall and false positive rates over conventional MASF techniques.
منابع مشابه
Behavior-Based Online Anomaly Detection for a Nationwide Short Message Service
As fraudsters understand the time window and act fast, real-time fraud management systems becomes necessary in Telecommunication Industry. In this work, by analyzing traces collected from a nationwide cellular network over a period of a month, an online behavior-based anomaly detection system is provided. Over time, users' interactions with the network provides a vast amount of usage data. Thes...
متن کاملMoving dispersion method for statistical anomaly detection in intrusion detection systems
A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as tec...
متن کاملA Survey of Anomaly Detection Approaches in Internet of Things
Internet of Things is an ever-growing network of heterogeneous and constraint nodes which are connected to each other and the Internet. Security plays an important role in such networks. Experience has proved that encryption and authentication are not enough for the security of networks and an Intrusion Detection System is required to detect and to prevent attacks from malicious nodes. In this ...
متن کاملAssessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کاملAnomaly network traffic detection using entropy calculation and support Vector machine
Intrusion detection systems (IDS) have a vital role in protecting computer networks and information systems. In this paper, we propose a method for identifying abnormal traffic behaviour based on entropy and support vector machine. Main challenge is to distinguish between normal traffic and attack traffic since there is no major difference between normal and attack traffic. Our objective is to ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014