Behavioral abnormality automatic detection method and behavioral abnormality automatic detection system aiming at computer system

A computer system and automatic detection technology, applied in the detection of faulty computer hardware, etc., can solve the problems of high false alarm rate, low behavior information detection rate, low degree of automation, etc., to reduce the false alarm rate and provide flexibility. , the effect of improving the recognition rate

Active Publication Date: 2015-01-28
江阴逐日信息科技有限公司
View PDF2 Cites 34 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide a method for predicting abnormal behavior of computer systems, which solves the problem that the detection rate of abnormal ...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Behavioral abnormality automatic detection method and behavioral abnormality automatic detection system aiming at computer system
  • Behavioral abnormality automatic detection method and behavioral abnormality automatic detection system aiming at computer system
  • Behavioral abnormality automatic detection method and behavioral abnormality automatic detection system aiming at computer system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] Please refer to figure 1 , the invention provides an automatic detection method for abnormal behavior of a computer system, which mainly includes the following steps:

[0046] S1: the historical monitoring data and the real-time monitoring data flow obtained from the monitoring system or background database of the computer system form a monitoring time series;

[0047] In this embodiment, the CPU Usage Rate (CPU Usage Rate, y) and the corresponding timestamp (Timestamp, t) of a monitored machine are directly obtained from the front-end monitoring system. And it constitutes a monitoring time series Y=[(y 1 , t 1 ), (y 2 , t 2 ),..., (y n , t n ), ...].

[0048] Among them, Y - the final complete time series;

[0049] the y i ——The CPU usage rate of the i-th element in the time series, i=0,1...n, n is the number of elements in the time series;

[0050] t i ——time stamp of the i-th in the time series, i=0,1...n, n is the number of elements of the time series; S2...

Embodiment 2

[0087] Please refer to figure 2 , the present invention provides an automatic detection system for abnormal behavior of a computer system, including a data acquisition device, a monitoring time series reconstruction device, a similarity index calculation device, an adjacency matrix establishment device, an abnormal index evaluation device and an abnormal behavior marking device, wherein each device details as follows.

[0088] The data acquisition device is connected with the computer system or installed inside the computer system, and forms a monitoring time series with historical monitoring data and real-time monitoring data streams obtained from the monitoring system or background database of the computer system.

[0089] In this embodiment, the CPU Usage Rate (CPU Usage Rate, y) and the corresponding timestamp (Timestamp, t) of a monitored machine are directly obtained from the front-end monitoring system. And it constitutes a monitoring time series Y=[(y 1 , t 1 ), (y...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a behavioral abnormality automatic detection method and a behavioral abnormality automatic detection system aiming at a computer system. The method comprises the following steps that: the system is monitored; historical performance index data and real-time performance index data of a detected machine are collected in a time sequence form; a time sequence pretreatment algorithm is used for performing steps of data segmentation, denoising, peak point extraction and time sequence rebuilding; the behavior similarity among all segments of time sequences is calculated through a time sequence dynamic alignment algorithm, so that a time sequence similarity matrix is built; and finally, a behavioral abnormality index in each time segment is calculated by a Markovian random walking sequencing algorithm from the similarity matrix. The method and the system provided by the invention aim at the behavioral abnormality detection problem in the computer system; the machine behavior features in a segment of time are comprehensively considered; through the similarity among behaviors in all time segments, the Markovian random walking sequencing is used for performing comprehensive sequencing and abnormality marking; and the intelligent behavioral abnormality detection with a high automation degree, a high detection rate and no training need is realized.

Description

technical field [0001] The invention relates to an automatic detection method and detection system for abnormal behavior, in particular to an automatic detection method and detection system for abnormal behavior of a computer system. Background technique [0002] With the continuous improvement of computer hardware and software technology and network technology, computers have become an indispensable part of people's production and life. Especially in recent years, driven by the popularization of high-speed Internet, the dramatic improvement of computer processing performance, and the continuous improvement of virtualization technology, computers, as a kind of computing resources, often undertake very important tasks in the use of current society, such as important Access to information, calculation of key tasks, etc. Many enterprise systems and government services are now supported by large computer systems. Therefore, the stability and reliability of the computer system ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F11/22
Inventor 曹健沈琪骏顾骅
Owner 江阴逐日信息科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap