Bovenzi, Antonio (2013) On-line Detection of Anomalies in Mission-critical Software Systems. [Tesi di dottorato]

[img]
Preview
Text
Phd Thesis Bovenzi.pdf

Download (5MB) | Preview
[error in script] [error in script]
Item Type: Tesi di dottorato
Lingua: English
Title: On-line Detection of Anomalies in Mission-critical Software Systems
Creators:
CreatorsEmail
Bovenzi, Antonioantonio.bovenzi@unina.it
Date: April 2013
Number of Pages: 172
Institution: Università degli Studi di Napoli Federico II
Department: Ingegneria Elettrica e delle Tecnologie dell'Informazione
Scuola di dottorato: Ingegneria dell'informazione
Dottorato: Ingegneria informatica ed automatica
Ciclo di dottorato: 25
Coordinatore del Corso di dottorato:
nomeemail
Garofalo, Francescofranco.garofalo@pec.it
Tutor:
nomeemail
Russo, Stefanostefano.russo@unina.it
Date: April 2013
Number of Pages: 172
Uncontrolled Keywords: anomaly detection; kernel-level tracing; statistical analysis
Settori scientifico-disciplinari del MIUR: Area 09 - Ingegneria industriale e dell'informazione > ING-INF/05 - Sistemi di elaborazione delle informazioni
Date Deposited: 05 Apr 2013 12:29
Last Modified: 04 Dec 2014 08:24
URI: http://www.fedoa.unina.it/id/eprint/9356
DOI: 10.6092/UNINA/FEDOA/9356

Abstract

Revealing anomalies in mission-critical software systems that make use of commercial off-the-shelf (OTS) for minimizing costs and time to market –e.g., power grids, transportation systems, financial services – is fundamental to avoid unexpected failures that may lead to loss of business or even may endanger our lives. Revealing anomalies by monitoring the operating environment in which OTS items are deployed is a promising approach when traditional detection mechanisms have poor performance or cannot be applied. Furthermore, the approach is particularly suited for OTS-based systems since it does not require to modify the application components. This work investigated the effectiveness and efficiency of the OS-level anomaly detection approach, and contributed to the state-of-the art with a novel detection framework, i.e., sosmon, that relies on the following key characteristics: (i) the possibilities to deploy this mechanism on different OTS systems, working at the OS-level and, hence, without modifying the monitored application components; (ii) exploiting internal algorithms that make use of statistical observations on the monitored indicators to deal with non-stationary and variable operating conditions; (iii) the possibilities of tuning the framework according to the type of dependability requirements of the systems. The ability of the anomaly-detector framework to adapt its behavior to different working scenarios and its low intrusiveness, enriched by the encouraging results obtained in the experimental campaign, lays the ground towards practical deployment of sosmon in many real systems (varying from large scale complex and mission-critical OTS-based software systems to smaller and less critical systems), which have to deal with unreliable OTS components.

Actions (login required)

View Item View Item