Abstract
This paper deals with the problem of finding implicit failures in distributed information systems. If the hardware or software does not provide enough data to identify a failure, then the system administrator or information security officer has to check every element of the computer system associated with solving a specific problem. In this paper, the reduction of enumeration when searching for implicit failures (anomalies) is associated with the construction of a hierarchical method for representing knowledge about the system. It is proposed to model information technology in the form of a directed acyclic graph (DAG). The concept of contradiction is defined, which is used to find the causes of failures and anomalies. A failure or anomaly in the implementation of a transformation is defined as a conflict between input and output data. This paper proposes an approximate method for solving the problems of finding contradictions, based on the assumption that the data is of probabilistic origin and nonordinary data is unlikely. If, as a result of the calculations, a contradiction arises, then the anomaly has occurred in the block under consideration and, using the detailing operation, it is possible to refine the localization of the anomaly within the block.
Similar content being viewed by others
REFERENCES
Lavrova, D., Zaitceva, E., and Zegzhda, P., Bio-inspired approach to self-regulation for industrial dynamic network infrastructure, CEUR Workshop Proc., Moscow, 2019, Basarab, M. and Markov, A.S., Eds., Moscow: CEUR Workshop Proceedings, 2019, pp. 34–39.
Lavrova, D., Zegzhda, D., and Yarmak, A., Predicting cyber attacks on industrial systems using the Kalman filter, Third World Conf. on Smart Trends in Systems Security and Sustainability (WorldS4), London, 2019, IEEE, 2019, pp. 317–321. https://doi.org/10.1109/WorldS4.2019.8904038
Lavrova, D.S., Alekseev, I.V., Shtyrkina, A.A., Security analysis based on controlling dependences of network traffic parameters by wavelet transformation, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 931–935. https://doi.org/10.3103/S0146411618080187
Pavlenko, E., Zegzhda, D., and Shtyrkina, A., Criterion of cyber-physical systems sustainability, CEUR Workshop Proc., Moscow, 2019, Basarab, M. and Markov, A.S., Eds., Moscow: CEUR Workshop Proceedings, 2019, pp. 60–64.
Zegzhda, D., Lavrova, D., Pavlenko, E., and Shtyrkina, A. Cyber attack prevention based on evolutionary cybernetics approach, Symmetry, 2020, vol. 12, no. 11, p. 1931. https://doi.org/10.3390/sym12111931
Steenwinckel, B., Adaptive anomaly detection and root cause analysis by fusing semantics and machine learning, The Semantic Web: ESWC 2018 Satellite Events, Gangemi, A., Gentile, A.L., Nuzzolese, A.G., Rudolph, S., Maleshkova, M., Paulheim, H., Pan, J.Z., and Alam, M., Eds., Lecture Notes in Computer Science, vol. 11155, Cham: Springer, 2018, pp. 272–282. https://doi.org/10.1007/978-3-319-98192-5_46
Jurn, J.S., Kim, T., and Kim, H., A survey of automated root cause analysis of software vulnerability, Innovative Mobile and Internet Services in Ubiquitous Computing. IMIS 2018, Barolli, L., Xhafa, F., Javaid, N., and Enokido, T., Eds., Cham: Springer, 2019, pp. 756–761. https://doi.org/10.1007/978-3-319-93554-6_74
Grusho, A., Grusho, N., and Timonina, E., Method of several information spaces for identification of anomalies, Intelligent Distributed Computing XIII. IDC 2019, Kotenko, I., Badica, C., Desnitsky, V., El Baz, D., and Ivanovic, M., Eds., Studies in Computational Intelligence, vol. 868, Cham: Springer, 2020, pp. 515–520. https://doi.org/10.1007/978-3-030-32258-8_60
Samuilov, K.E., Chukarin, A.V., and Yarkina, N.V., Biznes-protsessy i informatsionnye tekhnologii v upravlenii telekommunikatsionnymi kompaniyami (Business Processes and Information Technologies in Management of Telecommunication Enterprises), Moscow: Al’pina Pablishers, 2009.
Brandon, A., Solé, M., Huélamo, A., Solans, D., Pérez, M.S., and Muntés-Mulero, V., Graph-based root cause analysis for service-oriented and microservice architectures, J. Syst. Software, 2020, vol. 159, p. 110432. https://doi.org/10.1016/j.jss.2019.110432
Behravan, A., Obermaisser, R., Basavegowda, D.H., and Meckel, S., Automatic model-based fault detection and diagnosis using diagnostic directed acyclic graph for a demand-controlled ventilation and heating system in Simulink, Ann. IEEE Int. Systems Conf. (SysCon), Vancouver, 2018, IEEE, 2018, pp. 1–7. https://doi.org/10.1109/SYSCON.2018.8369614
Grusho, A., Grusho, N., Zabezhailo, M., and Timonina, E., Generation of metadata for network control, Distributed Computer and Communication Networks. DCCN 2020, Vishnevskiy, V.M., Samouylov, K.E., and Kozyrev, D.V., Eds., Lecture Notes in Computer Science, vol. 12563, Cham: Springer, 2020, pp. 723–735. https://doi.org/10.1007/978-3-030-66471-8_55
Grusho, A., Grusho, N., Zabezhailo, M., Timonina, E., and Senchilo, V., Metadata for root cause analysis, Commun. ECMS, 2021, vol. 35, no. 1 (in press).
Prokhorov, Yu.V. and Rozanov, Yu.A., Teoriya veroyatnostei (Probability Theory), Moscow: Nauka, 1993.
Grusho, A.A., Consistent significance criteria for cluster structures based on pairwise proximity measures, Obozr. Prikl. Promysh. Mat., 1996, vol. 3, no. 1, pp. 43–46.
Shiryaev, A.N., Veroyatnost’ (Probability), 2 vols., Moscow: MTsNMO, 2004, 3rd ed.
Funding
The study was partially supported by the Russian Foundation for Basic Research, project nos. 18-29-03081 and 18-29-03102.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
The authors declare that they have no conflicts of interest.
Additional information
Translated by S. Avodkova
About this article
Cite this article
Grusho, A.A., Grusho, N.A., Zabezhailo, M.I. et al. Use of Contradictions in Data for Finding Implicit Failures in Computer Systems. Aut. Control Comp. Sci. 55, 1115–1120 (2021). https://doi.org/10.3103/S0146411621080149
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411621080149