On-line Anomaly Detection of Deployed Software: A Statistical Machine Learning Approach

Abstract

This paper presents a new machine-learning technique that performs anomaly detection as software is excuting in the field. The technique uses a fully observable Markov model where each in the model emits a number of distinct observations according to a probability distribution, and estimates the model parameters using the Baum-Welch algorithm. The trained model is then deployed with the software to perform anomaly detection. By performing the anomaly detection as the software is executing, faults associated with anomalies can be located and fixed before they cause critical failures in the system, and developers time to debug deployed software can be reduced. This paper also presents a prototype implementation of our technique, along with a case study that shows, for the subjects we studied, the effectiveness of the technique.


Related research categories:
(1) Program Analysis
(2) Debugging
(3) Deployed Software
(4) Machine Learning

Go To Publications