Skip to main content
SpringerLink
Log in
Book cover

Workshop on Enterprise and Organizational Modeling and Simulation

EOMAS 2016: Enterprise and Organizational Modeling and Simulation pp 52–66Cite as

Multi-Level Event and Anomaly Correlation Based on Enterprise Architecture Information

  • Conference paper
  • First Online:

  • 426 Accesses

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 272))

Abstract

Growing IT landscapes in and among enterprises face the challenge of increasing complexity, which complicates root cause analysis and calls for automated support. This paper presents an approach to correlate events, e.g. anomalies in multi-level monitoring stream data, for instance conversion rates or network load monitoring. Events, e.g. operational activities like application deployments and marketing activities can be taken into account, too. We exploit an Enterprise Architecture documented as a graph to focus on those correlations, where relationships are already known. Therefore, different data source types are identified. We present a minimal prototypical implementation called MLAC that shows first results of the feasibility of the approach, in particular to correlate events and level shift anomalies in an artificial web-shop setup. It includes a dynamic visualization of the correlations in the EA graph.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Hershey, P., Silio, C.B.: Systems of systems approach for monitoring and response across net-centric enterprise systems. In: 2010 4th Annual IEEE Systems Conference, pp. 1–6, April 2010

    Google Scholar 

  2. TUM LLCM: Integrated monitoring (2016). http://tum-llcm.de/project/ap3/tp32/. Accessed 3 Feb 2016

  3. TUM LLCM: Visual service-management control panel (2016). http://tum-llcm.de/project/ap3/tp33/. Accessed 3 Feb 2016

  4. TUM LLCM: Living lab connected mobility (2016). http://www.tum-llcm.de. Accessed 3 Feb 2016

  5. Ly, L.T., Maggi, F.M., Montali, M., Rinderle-Ma, S., van der Aalst, W.: Compliance monitoring in business processes: functionalities, application, and tool-support. Inf. Syst. 54, 209–234 (2015)

    Article  Google Scholar 

  6. Tennenhouse, D.L., Smith, J.M., Sincoskie, W.D., Wetherall, D.J., Minden, G.J.: A survey of active network research. IEEE Commun. Mag. 35(1), 80–86 (1997)

    Article  Google Scholar 

  7. Delgado, N., Gates, A.Q., Roach, S.: A taxonomy and catalog of runtime software-fault monitoring tools. IEEE Trans. Softw. Eng. 30(12), 859–872 (2004)

    Article  Google Scholar 

  8. Zanikolas, S., Sakellariou, R.: A taxonomy of grid monitoring systems. Future Gener. Comput. Syst. 21(1), 163–188 (2005)

    Article  Google Scholar 

  9. Aceto, G., Botta, A., De Donato, W., Pescapè, A.: Survey cloud monitoring: a survey. Comput. Netw. 57(9), 2093–2115 (2013)

    Article  Google Scholar 

  10. Zeginis, C., Kritikos, K., Garefalakis, P., Konsolaki, K., Magoutis, K., Plexousakis, D.: Towards cross-layer monitoring of multi-cloud service-based applications. In: Aiello, M., Johnsen, E.B., Dustdar, S., Georgievski, I. (eds.) ESOCC 2016. LNCS, vol. 9846, pp. 188–195. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40651-5_16

    Chapter  Google Scholar 

  11. Vierhauser, M., Rabiser, R., Grnbacher, P., Seyerlehner, K., Wallner, S., Zeisel, H.: ReMinds: a flexible runtime monitoring framework for systems of systems. J. Syst. Softw. (2015)

    Google Scholar 

  12. Baresi, L., Guinea, S.: Event-based multi-level service monitoring. In: ICWS, pp. 83–90. IEEE Computer Society (2013)

    Google Scholar 

  13. Mos, A., Pedrinaci, C., Rey, G.A., Gomez, J.M., Liu, D., Vaudaux-Ruth, G., Quaireau, S.: Multi-level monitoring and analysis of web-scale service based applications. In: Dan, A., Gittler, F., Toumani, F. (eds.) ICSOC/ServiceWave 2009. LNCS, vol. 6275, pp. 269–282. Springer, Heidelberg (2010). doi:10.1007/978-3-642-16132-2_26

    Chapter  Google Scholar 

  14. Hawkins, D.: Identification of Outliers. Monographs on Statistics and Applied Probability. Springer, Netherlands (1980)

    Book  MATH  Google Scholar 

  15. Rousseeuw, P.J., Leroy, A.M.: Robust Regression and Outlier Detection. Wiley, New York (1987)

    Book  MATH  Google Scholar 

  16. Abraham, B., Chuang, A.: Outlier detection and time series modeling. Technometrics 31(2), 241–248 (1989)

    Article  MathSciNet  MATH  Google Scholar 

  17. Abraham, B., Box, G.E.P.: Bayesian analysis of some outlier problems in time series. Biometrika 66(2), 229–236 (1979)

    Article  MathSciNet  MATH  Google Scholar 

  18. Galeano, P., Peña, D., Tsay, R.: Outlier detection in multivariate time series by projection pursuit. J. Am. Stat. Assoc. 101(474), 654–669 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  19. Zeevi, A., Meir, R., Adler, R.: Time series prediction using mixtures of experts. Adv. Neural Inf. Process. 9, 309–315 (1997)

    Google Scholar 

  20. Bianco, A.M., García Ben, M., Martínez, E.J., Yohai, V.J.: Outlier detection in regression models with ARIMA errors using robust estimates. J. Forecast. 20(8), 565–579 (2001)

    Article  Google Scholar 

  21. Tsay, R.S.: Outliers, level shifts, and variance changes in time series. J. Forecast. 7(1), 1–20 (1988)

    Article  Google Scholar 

  22. Aggarwal, C.C.: Outlier Analysis, 1st edn. Springer, New York (2013)

    Book  MATH  Google Scholar 

  23. Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41, 1–58 (2009)

    Article  Google Scholar 

  24. Hodge, V.J., Austin, J.: A survey of outlier detection methodologies. Artif. Intell. Rev. 22(2), 85–126 (2004)

    Article  MATH  Google Scholar 

  25. Gupta, M., Gao, J., Aggarwal, C., Han, J.: Outlier detection for temporal data: a survey. IEEE Trans. Knowl. Data Eng. 26(9), 2250–2267 (2014)

    Article  MathSciNet  MATH  Google Scholar 

  26. Ranshous, S., Shen, S., Koutra, D., Harenberg, S., Faloutsos, C., Samatova, N.F.: Anomaly detection in dynamic networks: a survey. Wiley Interdiscip. Rev. Comput. Stat. 7, 1–27 (2015)

    Article  MathSciNet  Google Scholar 

  27. Akoglu, L., Tong, H., Koutra, D.: Graph based anomaly detection and description: a survey. Data Min. Knowl. Disc. 29(3), 626–688 (2015)

    Article  MathSciNet  Google Scholar 

  28. Jiang, R., Fei, H., Huan, J.: Anomaly localization for network data streams with graph joint sparse PCA. IN: Proceedings of 17th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 886–894 (2011)

    Google Scholar 

  29. Chao, C.S., Yang, D.L., Liu, A.C.: An automated fault diagnosis system using hierarchical reasoning, alarm correlation. In: Proceedings 1999 IEEE Workshop on Internet Applications, vol. 9, no. 2, pp. 183–202 (1999)

    Google Scholar 

  30. Yan, H., Flavel, A., Ge, Z., Gerber, A., Massey, D., Papadopoulos, C., Shah, H., Yates, J.: Argus: end-to-end service anomaly detection and localization from an ISP’s point of view. In: Proceedings of IEEE INFOCOM, pp. 3038–3042 (2012)

    Google Scholar 

  31. Steinder, M., Sethi, A.: End-to-end service failure diagnosis using belief networks. In: IEEE/IFIP Network Operations and Management Symposium, pp. 375–390 (2002)

    Google Scholar 

  32. Wang, C., Rayan, I.A., Eisenhauer, G., Schwan, K., Talwar, V., Wolf, M., Huneycutt, C.: VScope: middleware for troubleshooting time-sensitive data center applications. In: Narasimhan, P., Triantafillou, P. (eds.) Middleware 2012. LNCS, vol. 7662, pp. 121–141. Springer, Heidelberg (2012). doi:10.1007/978-3-642-35170-9_7

    Chapter  Google Scholar 

  33. Wang, C., Schwan, K., Talwar, V., Eisenhauer, G., Hu, L., Wolf, M.: A flexible architecture integrating monitoring and analytics for managing large-scale data centers. In: Proceedings of 8th ACM International Conference on Autonomic Computing, pp. 141–150 (2011)

    Google Scholar 

  34. Chen, M., Zheng, A., Lloyd, J., Jordan, M., Brewer, E.: Failure diagnosis using decision trees. In: Autonomic Computing, pp. 36–43 (2004)

    Google Scholar 

  35. Khan, M.M.H., Le, H.K., Ahmadi, H., Abdelzaher, T.F., Han, J.: Dustminer: troubleshooting interactive complexity bugs in sensor networks. In: Proceedings of 6th ACM Conference on Embedded Network Sensor Systems, pp. 99–112 (2008)

    Google Scholar 

  36. Kim, M., Sumbaly, R., Shah, S.: Root cause detection in a service-oriented architecture. In: Proceedings of ACM SIGMET- RICS/International Conference on Measurement and Modeling of Computer Systems, vol. 41, no. 1, pp. 93–104 (2013)

    Google Scholar 

  37. Zhang, T., Ramakrishnan, R., Livny, M.: BIRCH: an efficient data clustering databases method for very large databases. In: ACM SIGMOD International Conference on Management of Data, vol. 25, no. 2, pp. 103–114 (1996)

    Google Scholar 

  38. Fox, A.J.: Outliers in time series. J. Roy. Stat. Soc. 34(3), 350–363 (1972)

    MathSciNet  MATH  Google Scholar 

  39. Wu, L.S.-Y., Hosking, J.R.M.: Reallocation outliers in time series. J. Roy. Stat. Soc. 42(2), 301–313 (1991)

    MathSciNet  MATH  Google Scholar 

  40. Dutot, A., Guinand, F., Olivier, D., Pigné, Y.: GraphStream: a tool for bridging the gap between complex systems and dynamic graphs. In: Emergent Properties in Natural and Artificial Complex Systems, Satellite Conference within the 4th European Conference on Complex Systems (ECCS 2007), Dresden, Germany, October 2007

    Google Scholar 

  41. Pentaho Corporation: Pentaho—data integration, business analytics and big data leaders (2016). http://www.pentaho.com/. Accessed 15 Feb 2016

  42. Red Hat: Drools - business rules management system (2016). http://www.drools.org/. Accessed 15 Feb 2016

Download references

Acknowledgments

This work is part of TUM Living Lab Connected Mobility (TUM LLCM) project and has been funded by the Bayerisches Staatsministerium für Wirtschaft und Medien, Energie und Technologie (StMWi). We also thank our reviewers for their valuable feedback and constructive reviews.

Author information

Authors and Affiliations

  1. TU München, Boltzmannstr. 3, 85748, München, Germany

    Jörg Landthaler, Martin Kleehaus & Florian Matthes

Authors
  1. Jörg Landthaler
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martin Kleehaus
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Florian Matthes
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Florian Matthes .

Editor information

Editors and Affiliations

  1. Czech Technical University in Prague, Prague, Czech Republic

    Robert Pergl

  2. Czech Technical University in Prague , Prague, Czech Republic

    Martin Molhanec

  3. National Research University Higher School of Economics, Nizhny Novgorod, Russia

    Eduard Babkin

  4. Toulouse Business School, Toulouse University, Toulouse, France

    Samuel Fosso Wamba

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Landthaler, J., Kleehaus, M., Matthes, F. (2016). Multi-Level Event and Anomaly Correlation Based on Enterprise Architecture Information. In: Pergl, R., Molhanec, M., Babkin, E., Fosso Wamba, S. (eds) Enterprise and Organizational Modeling and Simulation. EOMAS 2016. Lecture Notes in Business Information Processing, vol 272. Springer, Cham. https://doi.org/10.1007/978-3-319-49454-8_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49454-8_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49453-1

  • Online ISBN: 978-3-319-49454-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation