Event Prediction in Network Monitoring Systems: Performing Sequential Pattern Mining in Osmius Monitoring Tool

  • Rafael García
  • Luis Llana
  • Constantino Malagón
  • Jesús Pancorbo
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6171)


Event prediction is one of the most challenging problems in network monitoring systems. This type of inductive knowledge provides monitoring systems with valuable real time predictive capabilities. By obtaining this knowledge, system and network administrators can anticipate and prevent failures.

In this paper we present a prediction module for the monitoring software Osmius ( ). Osmius has been developed by Peopleware ( ) under GPL licence. We have extended the Osmius database to store the knowledge we obtain from the algorithms in a highly parametrized way. Thus system administrators can apply the most appropriate settings for each system.

Results are presented in terms of positive predictive values and false discovery rates over a huge event database. They confirm that these pattern mining processes will provide network monitoring systems with accurate real time predictive capabilities.


Association Rule Frequent Pattern Intrusion Detection System Prediction Module Mining Association Rule 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Agrawal, R., Imielinski, T., Swami, A.: Mining association rules between sets of items in large databases. SIGMOD 22(2), 207–216 (1993)CrossRefGoogle Scholar
  2. 2.
    Cheng, H., Yan, X., Han, J.: Incspan: Incremental mining of sequential patterns in large database. In: Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining (2004)Google Scholar
  3. 3.
    Dong, G., Pei, J.: Sequence Data Mining. Springer, Heidelberg (2007)zbMATHGoogle Scholar
  4. 4.
    Han, J., Cheng, H., Xin, D., Yan, X.: Frequent pattern mining: current status and future directions. Data Min. Knowl. Disc. 5, 55–86 (2007)CrossRefMathSciNetGoogle Scholar
  5. 5.
    Han, J., Pei, J., Yiwein, Y., Runying, M.: Mining frequent patterns without candidate generation: A frequent-pattern tree approach. Data Mining and Knowledge Discovery 8, 53–87 (2004)CrossRefMathSciNetGoogle Scholar
  6. 6.
    Hasan, M., Chaoji, V., Salem, S., Parimi, N., Zaki, M.: Dmtl: A generic data mining template library. In: Workshop on Library-Centric Software Design (LCSD 2005), with Object-Oriented Programming, Systems, Languages and Applications (OOPSLA 2005) conference, San Diego, California (2005)Google Scholar
  7. 7.
    Kim, S., Park, S., Won, J., Kim, S.-W.: Privacy preserving data mining of sequential patterns for network traffic data. In: Kotagiri, R., Radha Krishna, P., Mohania, M., Nantajeewarawat, E. (eds.) DASFAA 2007. LNCS, vol. 4443, pp. 201–212. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Leung, C.K.-S., Khan, Q.I., Li, Z., Hoque, T.: Cantree: a canonical-order tree for incremental frequent-pattern mining. Knowl. Inf. Syst. 11, 287–311 (2007)CrossRefGoogle Scholar
  9. 9.
    Olson, D., Delen, D.: Advanced Data Mining Techniques. Springer, Heidelberg (2008)zbMATHGoogle Scholar
  10. 10.
    Srikant, R., Vu, Q., Agrawal, R.: Mining association rules with item constraints. In: Proc. 1997 Int. Conf. Knowledge Discovery and Data Mining, Newport Beach, CA, pp. 67–73 (1997)Google Scholar
  11. 11.
    Van Bon, J.: The guide to IT service management. Addison-Wesley, Reading (2002)Google Scholar
  12. 12.
    Wu, L., Hunga, C., Chen, S.: Building intrusion pattern miner for snort network intrusion detection system. Journal of Systems and Software 80, 1699–1715 (2007)CrossRefGoogle Scholar
  13. 13.
    Wu, P., Peng, W., Chen, M.: Mining sequential alarm patterns in a telecommunication database. In: Jonker, W. (ed.) VLDB-WS 2001 and DBTel 2001. LNCS, vol. 2209, p. 37. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Zaki, M.: Scalable algorithms for association minning. IEEE Trans. Knowledge and Data Engineering 12, 372–390 (2000)CrossRefGoogle Scholar
  15. 15.
    Zaki, M.: Spade: An efficient algorithm for mining frequent sequences. Machine Learning 42(1-2), 31–60 (2001)zbMATHCrossRefGoogle Scholar
  16. 16.
    Zaki, M.: DMTL (December 2007),
  17. 17.
    Zequn, Z., Eseife, C.I.: A low-scan incremental association rule maintenance method based on the apriori property. In: Stroulia, E., Matwin, S. (eds.) Canadian AI 2001. LNCS (LNAI), vol. 2056, pp. 26–35. Springer, Heidelberg (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Rafael García
    • 1
  • Luis Llana
    • 1
  • Constantino Malagón
    • 2
  • Jesús Pancorbo
    • 3
  1. 1.Universidad Complutense de MadridMadridSpain
  2. 2.Universidad NebrijaMadridSpain
  3. 3.Peopleware, S.L.MadridSpain

Personalised recommendations