Open AccessA New Semantic Kernel Function for Online Anomaly Detection of Software
Author(s) -
Parsa Saeed,
Naree Somaye Arabi
Publication year - 2012
Publication title -
etri journal
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.295
H-Index - 46
eISSN - 2233-7326
pISSN - 1225-6463
DOI - 10.4218/etrij.12.0211.0293
Subject(s) - computer science , anomaly detection , support vector machine , data mining , kernel (algebra) , feature vector , pattern recognition (psychology) , classifier (uml) , artificial intelligence , kernel method , novelty detection , matching (statistics) , software , linux kernel , machine learning , novelty , mathematics , philosophy , statistics , operating system , theology , combinatorics , programming language
In this letter, a new online anomaly detection approach for software systems is proposed. The novelty of the proposed approach is to apply a new semantic kernel function for a support vector machine (SVM) classifier to detect fault‐suspicious execution paths at runtime in a reasonable amount of time. The kernel uses a new sequence matching algorithm to measure similarities among program execution paths in a customized feature space whose dimensions represent the largest common subpaths among the execution paths. To increase the precision of the SVM classifier, each common subpath is given weights according to its ability to discern executions as correct or anomalous. Experiment results show that compared with the known kernels, the proposed SVM kernel will improve the time overhead of online anomaly detection by up to 170%, while improving the precision of anomaly alerts by up to 140%.