[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [tracecompass-dev] TotalADS: Total Anomaly Detection System
|
Hi Shariyar,
First, congrats on getting this out! I've seen demos of TotalADS many
times so far, and I'm very happy to see this coming out as open-source.
Props to you and all the people at Concordia who worked on this!
Some questions:
Is this meant to be a project of its own? I'm wondering if it wouldn't
be better to have this in a separate git repository. It could for
example be under the Trace Compass project umbrella at Eclipse, but have
its own separate git repo. Especially since it has its own dependencies
that aren't shared with the rest. It could also be advertised on its
own, or as a plugin to Trace Compass.
Just throwing the idea out there, we'll have to see more in details how
everything integrates together.
Related to the previous question, who will be maintaining this? What is
the plan going forward? I assume it's not "done done", and that there
will be people around for fixing bugs? Will more people from Concordia
be working on this? Ideally it shouldn't be a case of "dump & run" ;)
Some remarks:
- Everything Geneviève said!
- It seems to be based on a very recent version of Trace Compass, good
job getting it up to date!
- Binary test traces should not be committed in the git tree. We host
our test traces on archive.eclipse.org, and we have our build system
download them on-demand. We can help you set that up once we get to that
point.
- Embedded libraries are a big no-no. You could look into using a target
definition to allow Eclipse to download the dependencies (see the
"org.eclipse.tracecompass.target" plugin in our git tree). Eclipse
projects that depend on external libraries have to get them packaged in
Orbit [1] first. All the ones you are depending on are already in Orbit,
with the exception of Mahout. But that one seems to be under the Apache
License, so there should be no problem getting it into Orbit, once we
get there.
Cheers,
Alexandre
[1] Latest Orbit build:
http://download.eclipse.org/tools/orbit/downloads/drops/R20140525021250/
On 2014-11-25 11:31 AM, Shariyar wrote:
Dear all,
I would like to introduce a new plugin for Tracecompass, called TotalADS
(Total Anomaly Detection System). Here is a brief introduction:
TotalADS is a novel framework for automated host-based anomaly detection.
TotalADS is an open source tool developed as a plug-in for Eclipse. It
integrates different anomaly detection algorithms (or techniques),
different trace readers and a rich set of trace views in one common
platform.
Currently, TotalADS encompasses three different algorithms, such as
Sequence Matching (SQM), Kernel State Modeling (KSM), and Hidden Markov
Model (HMM). It supports execution traces and logs in CTF, XML and text
format. It also supports live anomaly detection using trace streaming along
with real time training and testing.
TotalADS also extends another Eclipse plugin called Tracecompass by using
the rich set of views present in it for the visualization of traces, such
as control flow of processes,resource usages and etc.
TotalADS has a number of applications, such as automatic detection of zero
day attacks, diagnosis of anomalous paths in failure traces, and diagnosis
of performance faults in the system.
TotalADS is extendible through simple Java interfaces: new algorithms and
trace readers can be easily added.algorithms and trace readers can be
easily added.
Here is the wiki of TotalADS:
https://github.com/sshahriyar/org.eclipse.tracecompass/wiki
The fork repository of Tracecompass and the new plugin TotalADS:
https://github.com/sshahriyar/org.eclipse.tracecompass
TotalADS adds four new plugins to Tracecompass, namely:
totalads.core
totalads.core.tests
totalads.ui
totalads.ui.swtbot.tests
TotalADS does not make changes to the source code of existing plugins of
Tracecompass except adding references to the plugins where necessary.
Screenshots are available here:
http://users.encs.concordia.ca/~abdelw/sba/totalads/features.html
A Use Case:
https://github.com/sshahriyar/org.eclipse.tracecompass/wiki/Use-Case
Let me know how can I push the code for review.
Regards,
Shariyar
_______________________________________________
tracecompass-dev mailing list
tracecompass-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/tracecompass-dev