Dear all,
I would like to introduce a new plugin for Tracecompass, called TotalADS (Total Anomaly Detection System). Here is a brief introduction:
TotalADS is a novel framework for automated host-based anomaly detection. TotalADS is an open source tool developed as a plug-in for Eclipse. It integrates different anomaly detection algorithms (or techniques), different trace readers and a rich set of trace views in one common platform.
Currently, TotalADS encompasses three different algorithms, such as Sequence Matching (SQM), Kernel State Modeling (KSM), and Hidden Markov Model (HMM). It supports execution traces and logs in CTF, XML and text format. It also supports live anomaly detection using trace streaming along with real time training and testing.
TotalADS also extends another Eclipse plugin called Tracecompass by using the rich set of views present in it for the visualization of traces, such as control flow of processes,resource usages and etc.
TotalADS has a number of applications, such as automatic detection of zero day attacks, diagnosis of anomalous paths in failure traces, and diagnosis of performance faults in the system.
TotalADS is extendible through simple Java interfaces: new algorithms and trace readers can be easily added.algorithms and trace readers can be easily added.
Here is the wiki of TotalADS:
https://github.com/sshahriyar/org.eclipse.tracecompass/wikiTotalADS does not make changes to the source code of existing plugins of Tracecompass except adding references to the plugins where necessary.