Abstract
The objective of this paper is to present an application of learning algorithms to the detection of anomalies in SOA system. As it was not possible to inject errors into the “real” SOA system and to analyze the effect of these errors, a special model of SOA system was designed and implemented. In this system several anomalies were introduced and the effectiveness of algorithms in detecting them were measured. The results of experiments can be used to select efficient algorithm for anomaly detection. Two algorithms: K-means clustering and Kohonen networks were used to detect the unused functionalities and the results of this experiment are discussed.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
BPEL Standard, http://docs.oasis-open.org/wsbpel/2.0/wsbpel-v2.0.html (access July 2011)
SOA manifesto, http://www.soa-manifesto.org (access July 2011)
Lim, S.Y., Jones, A.: Network Anomaly Detection System: The State of Art of Network Behavior Analysis. In: Proc. of the Int. Conf. on Convergence and Hybrid Information Technology 2008, pp. 459–465 (2008), doi:10.1109/ICHIT2008.249
Ko, C., Ruschitzka, M., Levitt, K.: Execution monitoring of security-critical programs in distributed systems: a specification-based approach. In: Proc. of IEEE Symposium on Security and Privacy, Oakland, CA, USA (1997)
Lemonnier, E.: Protocol Anomaly Detection in Network-based IDSs. Defcom white paper (2001)
Sekar, R., Gupta, A., Frullo, J., Shanbag, T., Tiwari, A., Yang, H., Zhou, S.: Specification-based anomaly detection: A New Approach for Detecting Network Intrusions. In: ACM Computer and Communication Security Conference, Washington, DC, USA (2002)
Shan, Z., Chen, P., Xu, Y., Xu, K.: A Network State Based Intrusion Detection Model. In: Proc. of the 2001 Int. Conf. on Computer Networks and Mobile Computing, ICCNMC 2001 (2001)
Buschkes, R., Borning, M., Kesdogan, D.: Transaction-based Anomaly Detection. In: Proc. of the Workshop on Intrusion Detection and Network Monitoring, Santa Clara, California, USA (1999)
Anderson, D., Frivold, T.: Valdes: A Next-generation Intrusion Detection Expert System (NIDES) Summary. Computer Science Laboratory, SRI-CSL-95-07 (May 1995)
Owens, S., Levary, R.: An adaptive expert system approach for intrusion detection. International Journal of Security and Networks 1, 3–4 (2006)
Lee, W., Stolfo, S.J.: Data mining approaches for intrusion detection. In: Proc. of the 7th USENIX Security Symposium (1998)
Bivens, A., Palagrini, C., Smith, R., Szymański, B., Embrechts, M.: Network-based intrusion detection using neural networks. In: Proc. Intelligent Eng. Systems through Neural Networks, ANNIE 2002, St. Louis, MO, vol. 12, pp. 579–584. ASME Press, NY (2002)
C Neural network library, http://franck.fleurey.free.fr/NeuralNetwork/
NeuroBox, http://www.cdrnet.net/projects/neuro/
Fast Artificial Neural Network Library, http://sourceforge.net/projects/fann/
Ryan, J., Lin, M., Miikkulainen, M.: Intrusion Detection with Neural Networks. In: Advances in Neural Information Processing Systems, vol. 10 (1998)
Ghosh, A.K., Schwartzbard, A.: A Study in Using Neural Networks for Anomaly and Misuse Detection. In: Proc. of the 8th USENIX Security Symposium, Washington D.C., USA (1999)
Han, S.-J., Cho, S.-B.: Evolutionary Neural Networks for Anomaly Detection Based on the Behaviour of a Program. IEEE Transactions on Systems, Man and Cybernetics (2006)
Bivens, A., et al.: Network-based intrusion detection using neural networks. In: Proc. of Intelligent Engineering Systems through Artificial Neural Networks, ANNIE 2002, St.Luis, MO, vol. 12, pp. 579–584. ASME press, New York (2002)
Ceci, M., Appice, A., Caruso, C., Malerba, D.: Discovering Emerging Patterns for Anomaly Detection in Network Connection Data. In: An, A., Matwin, S., Raś, Z.W., Ślęzak, D. (eds.) ISMIS 2008. LNCS (LNAI), vol. 4994, pp. 179–188. Springer, Heidelberg (2008)
Denning, D., Neumann, P.: Requirements and Model for IDES-A Real-Time Intrusion-Detection Expert System. SRI Project 6169, SRI International, Menlo Park, CA (1985)
Masum, S., Ye, E.M., Chen, Q., Noh, K.: Chi-square statistical profiling for anomaly detection. In: Proceedings of the 2000 IEEE Workshop on Information Assurance and Security (2000)
Ye, N., Chen, Q.: An anomaly detection technique based on a chi-square statistic for detecting intrusions into information systems. Qual. Reliab. Eng. Int. 17, 105–112 (2001)
Tarka, M.: Anomaly detection in SOA systems. Msc Thesis, Institute of Computer Science, Warsaw University of Technology (2011) (in polish)
The R Project for Statistical Computing, http://gcc.gnu.org/ (access September 2011)
Munz, G., Li, S., Carle, G.: Traffic Anomaly Detection Using K-Means Clustering. Wilhelm Schickard Institute for Computer Science, University of Tuebingen (2007)
Guozhu, D., Jinyan, L.: Efficient Mining of Emerging Patterns: Discovering Trends and Differences. Wright State University, The University of Melbourne (2007)
Hanley, J.A.: Receiver operating characteristic (ROC) methodology: the state of the art. Crit Rev Diagn Imaging (1989)
Bluemke, I., Tarka, M.: Detection of anomalies in a SOA system by learning algorithms. In: Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., Kacprzyk, J. (eds.) Complex Systems and Dependability. AISC, vol. 170, pp. 69–85. Springer, Heidelberg (2012)
Kohonen, T.: The self-organizing map. Proc. IEEE 78(9), 1464–1480 (1990)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 IFIP International Federation for Information Processing
About this paper
Cite this paper
Bluemke, I., Tarka, M. (2013). Learning Algorithms in the Detection of Unused Functionalities in SOA Systems. In: Saeed, K., Chaki, R., Cortesi, A., Wierzchoń, S. (eds) Computer Information Systems and Industrial Management. CISIM 2013. Lecture Notes in Computer Science, vol 8104. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40925-7_36
Download citation
DOI: https://doi.org/10.1007/978-3-642-40925-7_36
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40924-0
Online ISBN: 978-3-642-40925-7
eBook Packages: Computer ScienceComputer Science (R0)