We discuss an approach to reducing the number of events accepted by anomaly detection systems, based on alternative schemes for interest-ranking. The basic assumption is that regular and periodic usage of a system will yield patterns of events that can be learned by data-mining. Events that deviate from this pattern can then be filtered out and receive special attention. Our approach compares the anomaly detection framework from Cfengine and the EventRank algorithm for the analysis of the event logs. We show that the EventRank algorithm can be used to successfully prune periodic events from real-life data. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Begnum, K., & Burgess, M. (2007). Improving anomaly detection event analysis using the EventRank algorithm. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4543 LNCS, pp. 145–155). Springer Verlag. https://doi.org/10.1007/978-3-540-72986-0_13
Mendeley helps you to discover research relevant for your work.