[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.4218/etrij.12.0211.0293

A New Semantic Kernel Function for Online Anomaly Detection of Software

Parsa, Saeed (School of Computer Engineering, Iran University of Science and Technology)
Naree, Somaye Arabi (School of Computer Engineering, Iran University of Science and Technology)

Publication Information

ETRI Journal / v.34, no.2, 2012 , pp. 288-291 More about this Journal

Abstract

In this letter, a new online anomaly detection approach for software systems is proposed. The novelty of the proposed approach is to apply a new semantic kernel function for a support vector machine (SVM) classifier to detect fault-suspicious execution paths at runtime in a reasonable amount of time. The kernel uses a new sequence matching algorithm to measure similarities among program execution paths in a customized feature space whose dimensions represent the largest common subpaths among the execution paths. To increase the precision of the SVM classifier, each common subpath is given weights according to its ability to discern executions as correct or anomalous. Experiment results show that compared with the known kernels, the proposed SVM kernel will improve the time overhead of online anomaly detection by up to 170%, while improving the precision of anomaly alerts by up to 140%.

Keywords

Software debugging; online anomaly detection; semantic kernel;

Citations & Related Records

Times Cited By Web Of Science : 1 (Related Records In Web of Science)

Reference

1	G.K. Baah, A. Gray, and M.J. Harrold, "On-Line Anomaly Detection of Deployed Software: A Statistical Machine Learning Approach," Proc. SOQUA, 2006, pp. 70-77.
2	A. Zeller, Why Programs Fail: A Guide to Systematic Debugging, Morgan Kaufmann, 2009.
3	F. Salfner, M. Lenk, and M. Malek, A Survey of Online Failure Prediction Methods, ACM Comput. Surv., 2010, pp. 1-42.
4	S. Parsa, S. Arabi, and M. Vahidi, "A Learning Approach to Early Bug Prediction in Deployed Software," Proc. AIMSA, 2008, pp. 400-404.
5	R. Herbrich, Learning Kernel Classifiers Theory and Algorithms, MIT Press, 2002.
6	M.J. Harrold, A. Jefferson, and K. Tewary, "An Approach to Fault Modeling and Fault Seeding Using the Program Dependence Graph," J. Syst. Software, vol. 36, 1997, pp. 273-295. DOI ScienceOn
7	Software Infrastructure Repository. http://sir.unl.edu/
8	L. Fei and S.P. Midkiff, "Artemis: Practical Runtime Monitoring of Applications for Execution Anomalies," Proc. PLDI, 2006, pp. 84-95.
9	L. Fei et al., "Argus: Online Statistical Bug Detection," Proc. FASE, 2006, pp. 308-323.
10	Testwell CTC++ tool. http://www.testwell.fi/
11	C.-C. Chang, "LIBSVM: A Library for Support Vector Machines," ACM Trans. Intell. Syst. Technol., 2011, pp. 1-27.

3	Heon Gyu Lee. (2013) 한국산업정보학회논문지 센서스 정보 및 전력 부하를 활용한 전력 수요 예측 / 18 (3) , 35
3	(2015) KSII Transactions on internet and information systems : TIIS Anomaly Intrusion Detection Based on Hyper-ellipsoid in the Kernel Feature Space / 9 (3) , 1173
4	(2012) IEICE transactions on information and systems Feature-Chain Based Malware Detection Using Multiple Sequence Alignment of API Call / ed99 (4) , 1071
1	(2012) S&amacr;dhan&amacr; : Academy proceedings in engineering sciences PAM: process authentication mechanism for protecting system services against malicious code attacks / 45 (1) , 141