skip to main content
10.1145/2452376.2452395acmotherconferencesArticle/Chapter ViewAbstractPublication PagesedbtConference Proceedingsconference-collections
research-article

Anomaly management using complex event processing: extending data base technology paper

Published: 18 March 2013 Publication History

Abstract

During the last decade, complex event processing (CEP) has emerged as a technological foundation for many time-critical monitoring applications. CEP is powerful, effective, easy to use and low in costs at the same time. Common CEP applications are for example stock-market analysis, detection of fraudulent credit card use, traffic monitoring and consumption forecasting in power grids. Many application domains are still hard to target by CEP, because state of the art CEP technology is characterized by a static behavior and by a signature-based detection paradigm. In this paper, we motivate substantial improvements of CEP technology by making the behavior of the infrastructure dynamic and by switching the detection paradigm from signatures to anomalies. This leads to multiple changes in the infrastructure that raise interesting and challenging research questions. The resulting dynamic CEP infrastructure not only makes existing applications more powerful and easier to maintain but also enables novel application domains.

References

[1]
ACCEPT. http://www.accept-projekt.de/
[2]
H. Appelrath et al. Odysseus: a highly customizable framework for creating efficient event stream management systems. In DEBS, pages 367--368, 2012.
[3]
C. Binnig, D. Kossmann and E. Lo. Towards automatic test database generation. In IEEE Data Engineering Bulletin, 31(1), pages 28--35, 2008.
[4]
I. Botan et al. SECRET: a model for analysis of the execution semantics of stream processing systems. In PVLDB, 3(1), pages 232--243, 2010.
[5]
G. Brar and G. Saini. Milk run logistics: literature review and directions. In WCE, pages 797--801, 2011.
[6]
L. Brenna et al. Cayuga: a high-performance event processing engine. In SIGMOD, pages 1100--1102, 2007.
[7]
V. Chandola, A. Banerjee and V. Kumar. Anomaly detection: a survey. In ACM Computing Surveys, 41(3), pages 15:1--15:58, 2009.
[8]
Cisco Systems Inc. Cisco 4Q11 global threat report. Technical report, 2012.
[9]
C. Curino, H. Moon, A. Deutsch and C. Zaniolo. Update rewriting and integrity constraint maintenance in a schema evolution support system: PRISM++. In PVLDB, 4(2), pages 117--128, 2010.
[10]
CWE/SANS Top 25. http://cwe.mitre.org/top25/
[11]
Esper. http://esper.codehaus.org/
[12]
Gartner Inc. Effective security monitoring requires context. Technical report G00227893, 2012.
[13]
L. Golab and M. Özsu. Data stream management. Morgan & Claypool Publishers, 2010.
[14]
V. Gulisano, R. Jimenez-Peris, M. Patino-Martinez and P. Valduriez. StreamCloud: a large scale data streaming system. In ICDCS, pages 126--137, 2010.
[15]
H. Han, H. Ryoo and H. Patrick. An infrastructure of stream data mining, fusion and management for monitored patients. In CBMS, pages 461--468, 2006.
[16]
N. Jain et al. Towards a streaming SQL standard. In PVLDB, 1(2), pages 1379--1390, 2008.
[17]
Y. Lee, L. Pipino, J. Funk and R. Wang. Journey to data quality. The MIT Press, 2006.
[18]
Y. Mei and S. Madden. ZStream: a cost-based query processor for adaptively detecting composite events. In SIGMOD, pages 193--206, 2009.
[19]
F. Naumann, A. Bilke, J. Bleiholder, M. Weis. Data fusion in three steps: resolving inconsistencies at schema-, tuple-, and value-level. In IEEE Data Engineering Bulletin, 29(2), pages 21--31, 2006.
[20]
K. Patroumpas and T. Sellis. Event processing and real-time monitoring over streaming traffic data. In W2GIS, pages 116--133, 2012.
[21]
L. Pipino, Y. Lee and R. Wang. Data quality assessment. In Communications of the ACM, 45(4), pages 211--218, 2002.
[22]
N. Schultz-Møller, M. Migliavacca and P. Pietzuch. Distributed complex event processing with query rewriting. In DEBS, pages 4:1--4:12, 2009.
[23]
Y. Tan, X. Gu and H. Wang. Adaptive system anomaly prediction for large-scale hosting infrastructures. In PODC, pages 173--182, 2010.
[24]
K. Teymourian, M. Rohde and A. Paschke. Knowledge-based processing of complex stock market events. In EDBT, pages 594--597, 2012.
[25]
D. Wang, E. Rundensteiner, R. Ellison. Active complex event processing: applications in real-time health care. In PVLDB, 3(2), pages 1545--1548, 2010.
[26]
L. Woods, J. Teubner and G. Alonso. Complex event detection at wire speed with FPGAs. In PVLDB, 3(1), pages 660--669, 2010.
[27]
Q. Zhou, Y. Simmhan and V. Prasanna. Towards an inexact semantic complex event processing framework. In DEBS, pages 401--402, 2011.

Cited By

View all
  • (2020)Querying Streaming System Monitoring Data for Enterprise System Anomaly Detection2020 IEEE 36th International Conference on Data Engineering (ICDE)10.1109/ICDE48307.2020.00167(1774-1777)Online publication date: Apr-2020
  • (2020)Kronos: Lightweight Knowledge-based Event Analysis in Cyber-Physical Data Streams2020 IEEE 36th International Conference on Data Engineering (ICDE)10.1109/ICDE48307.2020.00165(1766-1769)Online publication date: Apr-2020
  • (2019)A Smart Mobility Platform for Electric Vehicles with Event Processing2019 IEEE 5th World Forum on Internet of Things (WF-IoT)10.1109/WF-IoT.2019.8767225(480-484)Online publication date: Apr-2019
  • Show More Cited By

Index Terms

  1. Anomaly management using complex event processing: extending data base technology paper

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Other conferences
      EDBT '13: Proceedings of the 16th International Conference on Extending Database Technology
      March 2013
      793 pages
      ISBN:9781450315975
      DOI:10.1145/2452376
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 18 March 2013

      Permissions

      Request permissions for this article.

      Check for updates

      Qualifiers

      • Research-article

      Funding Sources

      Conference

      EDBT/ICDT '13

      Acceptance Rates

      Overall Acceptance Rate 7 of 10 submissions, 70%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)3
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 18 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2020)Querying Streaming System Monitoring Data for Enterprise System Anomaly Detection2020 IEEE 36th International Conference on Data Engineering (ICDE)10.1109/ICDE48307.2020.00167(1774-1777)Online publication date: Apr-2020
      • (2020)Kronos: Lightweight Knowledge-based Event Analysis in Cyber-Physical Data Streams2020 IEEE 36th International Conference on Data Engineering (ICDE)10.1109/ICDE48307.2020.00165(1766-1769)Online publication date: Apr-2020
      • (2019)A Smart Mobility Platform for Electric Vehicles with Event Processing2019 IEEE 5th World Forum on Internet of Things (WF-IoT)10.1109/WF-IoT.2019.8767225(480-484)Online publication date: Apr-2019
      • (2018)Enhanced Complex Event Processing Framework for Geriatric Remote HealthcareHandbook of Research on Investigations in Artificial Life Research and Development10.4018/978-1-5225-5396-0.ch016(348-379)Online publication date: 2018
      • (2017)Considering Human Factors in the Development of Situation-Aware CEP ApplicationsProceedings of the 11th ACM International Conference on Distributed and Event-based Systems10.1145/3093742.3093916(24-33)Online publication date: 8-Jun-2017
      • (2017)Semantic maps for IoT network reorganization in face of sensor malfunctioning2017 IEEE International Conference on Systems, Man, and Cybernetics (SMC)10.1109/SMC.2017.8122897(1914-1919)Online publication date: 5-Oct-2017
      • (2017)Sequence Clustering-based Automated Rule Generation for Adaptive Complex Event ProcessingFuture Generation Computer Systems10.1016/j.future.2016.02.01166:C(100-109)Online publication date: 1-Jan-2017
      • (2017)A disruption management system for automotive inbound networks: concepts and challengesEURO Journal on Transportation and Logistics10.1007/s13676-017-0108-57:1(25-56)Online publication date: 15-May-2017
      • (2016)Partial pattern fulfillment and its application in event processingProceedings of the 10th ACM International Conference on Distributed and Event-based Systems10.1145/2933267.2933537(358-361)Online publication date: 13-Jun-2016
      • (2016)Smooth and crispyProceedings of the 10th ACM International Conference on Distributed and Event-based Systems10.1145/2933267.2933302(153-160)Online publication date: 13-Jun-2016
      • Show More Cited By

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media