Category: Detection Theory
Disadvantages of Rule-Based Systems (Part 1)
In Orwellian Event Processing the discussion moved away from my original intent, which was primarily to discuss the vendor-state-of-denial regarding the prior art for processing complex events, and gravitated toward a discussion on the “inefficiencies” of rule-based systems. I was surprised learn that there are professionals who believe that there is no basis in fact [...]
Read moreOrwellian Event Processing
Recently we completed the installation and training of an open source Bayesian classifier to replace a rule-based approach to manage forum spam. In a nutshell, we found the rule-based approach was highly prone to both false positives and false negatives; however, a statistical approach using a Bayesian approach has turned out to be far superior. [...]
Read moreA Hidden Danger in Cloud Computing
Back in the days when I was happily spending time on the operations floor in computing centers, we always observed that the greatest security threats to our systems were well-intended operators who make simple mistakes. No hacker or criminal ever brought down a network like the bored network guy on the late shift who decided [...]
Read moreProcessing Complex Events at the Large Hadron Collider (LHC)
Here is an excellent Google TechTalk by Dr. Majorie Shapiro (LBL & LHC ATLAS), June 18, 2007, on processing complex events at the LHC called, Supersymmetry, Extra Dimensions and the Origin of Mass: Exploring the Nature of the Universe Using PetaScale Data Analysis. This is really what I would call “real-time CEP.” Bean collisions at [...]
Read moreCreative E-Trade and Similar Salami Scams – Ignorance is Bliss
Here is one of my favorite news stories of the week, Guilty Plea for Man Behind Creative E-Trade Scam. In this funny story, Michael Largent, 23, of Plumas Lake, CA, wrote a simple Internet script that opened more than 58,000 online accounts at places like E-trade and Schwab. Largent used fake names to automatically [...]
Read moreReal-Time, Online and Offline Complex Event Processing
Using NIST as computer science reference, an online algorithm is an algorithm that processes data (including events) element-by-element (and event-by-event), serially without having the entire problem space available from the beginning. In contrast, an offline algorithm is provided the entire problem set from the start. Hence, real-time event processing applications generally involve online processing. Offline processing is useful when creating [...]
Read moreQuintessential Event Processing: Signature Versus Anomaly Detection
Detection experts understand that the optimal detection design and architecture is generally a combination of both signature and anomaly detection engines. In event processing, signature detection involves the real-time pattern matching analysis of events. A core advantage of signature detection is that basic pattern matching models are easy to understand and develop when you [...]
Read moreTwenty Four CEP Public Presentations on SlideShare
For archiving purposes, I have uploaded 24 public CEP presentations that I presented over an 18 month period at various conferences from March 14, 2006 to September 21, 2007. These presentations can be viewed here. For example, my first public CEP presentation: View SlideShare presentation or Upload your own. (tags: event processing) So far, I [...]
Read moreThe Motivation Behind Adaptive Analytics and CEP
This is a continuation of The Genesis of Complex Event Processing: Asymmetric Capabilities and CEP, Event Noise and Asymmetric Event Processing where I have been discussing the motivation behind CEP and adaptive analytics in cyberspace. Around the same time that Professor Luckham and his team was working on CEP applications in network management and security [...]
Read moreCEP, Event Noise and Asymmetric Event Processing
In The Genesis of Complex Event Processing: Asymmetric Capabilities I introduced the abstract concept of “asymmetric processing capabilities” to describe the foundations of complex event processing. If you take a few moments to review the first CEP projects from Stanford University, you will see that the application of CEP was toward solving myriad asymmetric event [...]
Read more