Mining Complex Event Patterns in Computer Networks

  • Dietmar Seipel
  • Philipp Neubeck
  • Stefan Köhler
  • Martin Atzmueller
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7765)

Abstract

More and more ubiquitous and mobile computer networks are becoming available, which leads to a massive growth in the amount of traffic and according log messages. Therefore, sophisticated approaches for network management and analysis are necessary for handling and managing networks efficiently.

In this paper, we show how to use temporal data mining in a declarative framework for analysing log files for computer networks. From a sequence of network management protocol messages, we derive temporal association rules, which state frequent dependencies between the occuring events. We also present methods for extendable and modular parsing of text messages and their analysis in log files based on Xml.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Achar, A., Laxman, S., Sastry, P.: A Unified View of the Apriori–Based Algorithms for Frequent Episode Discovery. Journal of Knowledge and Information Systems 31(2), 223–250 (2012)CrossRefGoogle Scholar
  2. 2.
    Atzmueller, M., Lemmerich, F.: Fast Subgroup Discovery for Continuous Target Concepts. In: Rauch, J., Raś, Z.W., Berka, P., Elomaa, T. (eds.) ISMIS 2009. LNCS, vol. 5722, pp. 35–44. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Atzmueller, M., Puppe, F.: A Knowledge-Intensive Approach for Semi-Automatic Causal Subgroup Discovery. In: Berendt, B., Mladenič, D., de Gemmis, M., Semeraro, G., Spiliopoulou, M., Stumme, G., Svátek, V., Železný, F. (eds.) Knowledge Discovery Enhanced with Semantic and Social Information. SCI, vol. 220, pp. 19–36. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Atzmueller, M., Puppe, F., Buscher, H.-P.: Exploiting Background Knowledge for Knowledge–Intensive Subgroup Discovery. In: Proc. 19th International Joint Conference on Artificial Intelligence (IJCAI), pp. 647–652 (2005)Google Scholar
  5. 5.
    Chen, J., He, H., Williams, G., Jin, H.: Temporal Sequence Associations for Rare Events. In: Dai, H., Srikant, R., Zhang, C. (eds.) PAKDD 2004. LNCS (LNAI), vol. 3056, pp. 235–239. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Chuah, E., Lee, G., Tjhi, W., Kuo, S., Hung, T., Hammond, J., Minyard, T., Browne, J.C.: Establishing Hypothesis for Recurrent System Failures from Cluster Log Files. In: Proc. 9th IEEE International Conference on Dependable, Autonomic and Secure Computing, pp. 15–22 (2011)Google Scholar
  7. 7.
    Casas-Garriga, G.: Discovering Unbounded Episodes in Sequential Data. In: Lavrač, N., Gamberger, D., Todorovski, L., Blockeel, H. (eds.) PKDD 2003. LNCS (LNAI), vol. 2838, pp. 83–94. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Hand, D.J., Smyth, P., Mannila, H.: Principles of Data Mining. MIT Press (2001)Google Scholar
  9. 9.
    Han, J., Kamber, M.: Data Mining: Concepts and Techniques. Series in Data Management Systems. Morgan Kaufmann (2000)Google Scholar
  10. 10.
    Klemettinen, M., Mannila, H., Toivonen, H.: Rule Discovery in Telecommunication Alarm Data. Journal of Network and Systems Management 7(4), 395–423 (1999)CrossRefMATHGoogle Scholar
  11. 11.
    Laxman, S., Sastry, P.S.: A Survey of Temporal Data Mining. Sadhana, Academy: Proceedings in Engineering Sciences 31, 173–198 (2006)MathSciNetCrossRefMATHGoogle Scholar
  12. 12.
    Mannila, H., Toivonen, H., Verkamo, A.I.: Discovery of Frequent Episodes in Event Sequences. Journal of Data Mining and Knowledge Discovery 1, 259–289 (1997)CrossRefGoogle Scholar
  13. 13.
    Méger, N., Rigotti, C.: Constraint-Based Mining of Episode Rules and Optimal Window Sizes. In: Boulicaut, J.-F., Esposito, F., Giannotti, F., Pedreschi, D. (eds.) PKDD 2004. LNCS (LNAI), vol. 3202, pp. 313–324. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Pfleger de Aguiar, L., de Almeida, V.A.F., Meira, W.: Mining Redundant Industrial Alarm Occurrences with Association Rules Extraction and Complex Networks Modeling. Journal of Computational Methods in Science and Engineering 11, 15–28 (2011)Google Scholar
  15. 15.
    Schneiker, C., Seipel, D., Wegstein, W., Prätor, K.: Declarative Parsing and Annotation of Electronic Dictionaries. In: Proc. 6th International Workshop on Natural Language Processing and Cognitive Science, NLPCS (2009)Google Scholar
  16. 16.
    Seipel, D.: Processing Xml–Documents in Prolog. In: Proc. 17th Workshop on Logic Programmierung, WLP (2002)Google Scholar
  17. 17.
    Tatti, N., Cule, B.: Mining Closed Strict Episodes. Journal of Data Mining and Knowledge Discovery 25(1), 34–66 (2012)MathSciNetCrossRefMATHGoogle Scholar
  18. 18.
    Vaarandi, R.: A Data Clustering Algorithm for Mining Patterns from Event Logs. In: Proc. IEEE Workshop on IP Operations and Management (2003)Google Scholar
  19. 19.
    Wu, J., Wan, L., Xu, Z.: Algorithms to Discover Complete Frequent Episodes in Sequences. In: Cao, L., Huang, J.Z., Bailey, J., Koh, Y.S., Luo, J. (eds.) PAKDD Workshops 2011. LNCS, vol. 7104, pp. 267–278. Springer, Heidelberg (2012)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Dietmar Seipel
    • 1
  • Philipp Neubeck
    • 2
  • Stefan Köhler
    • 3
  • Martin Atzmueller
    • 4
  1. 1.Department of Computer ScienceUniversity of WürzburgGermany
  2. 2.Google Germany GmbHMunichGermany
  3. 3.Infosim GmbH & Co. KGWürzburgGermany
  4. 4.Knowledge and Data Engineering GroupUniversity of KasselGermany

Personalised recommendations