Category: False Positives and Negatives

Disadvantages of Rule-Based Systems (Part 1)

Posted on 03/05/10 8 Comments

In Orwellian Event Processing the discussion moved away from my original intent, which was primarily to discuss the vendor-state-of-denial regarding the prior art for processing complex events, and gravitated toward a discussion on the “inefficiencies” of rule-based systems.  I was surprised learn that there are professionals who believe that there is no basis in fact [...]

Read more

Orwellian Event Processing

Posted on 02/28/10 16 Comments

Recently we completed the installation and training of an open source Bayesian classifier to replace a rule-based approach to manage forum spam.  In a nutshell, we found the rule-based approach was highly prone to both false positives and false negatives; however, a statistical approach using a Bayesian approach has turned out to be far superior. [...]

Read more

A Hidden Danger in Cloud Computing

Posted on 06/23/09 No Comments

Back in the days when I was happily spending time on the operations floor in computing centers, we always observed that the greatest security threats to our systems were well-intended operators who make simple mistakes.  No hacker or criminal ever brought down a network like the bored network guy on the late shift who decided [...]

Read more

The Promises and Perils of Twitter

Posted on 04/19/09 1 Comment

One year ago I penned Event Processing in Twitter Space, and today parts of the net are buzzing about Twitter. In a nutshell, Twitter is a one-to-many communications service that uses short messages (140 chars or less). Following on the heels of the blogging phenomena, Twitter has been primarily used for microblogging and group communications. [...]

Read more

Real-Time, Online and Offline Complex Event Processing

Posted on 02/08/09 No Comments

Using NIST as computer science reference, an online algorithm is an algorithm that processes data (including events) element-by-element (and event-by-event), serially without having the entire problem space available from the beginning.  In contrast, an offline algorithm is provided the entire problem set from the start. Hence, real-time event processing applications generally involve online processing.  Offline processing is useful when creating [...]

Read more

Classification in Complex Event Processing

Posted on 02/01/09 2 Comments

Following up on the excellent discussion in Predicting Events with Logistic Regression I think it is time to talk a bit about the importance of classification in complex event processing.  CEP is, by definition, about detecting business opportunities and threats in real-time.   It follows, that by definition, CEP is centered around classifying and discriminating complex [...]

Read more

Quintessential Event Processing: Signature Versus Anomaly Detection

Posted on 11/28/08 No Comments

Detection experts understand that the optimal detection design and architecture is generally a combination of both signature and anomaly detection engines.   In event processing, signature detection involves the real-time pattern matching analysis of events.   A core advantage of signature detection is that basic pattern matching models are easy to understand and develop when you [...]

Read more

Twenty Four CEP Public Presentations on SlideShare

Posted on 11/03/08 2 Comments

For archiving purposes, I have uploaded 24 public CEP presentations that I presented over an 18 month period at various conferences from March 14, 2006 to September 21, 2007.  These presentations can be viewed here.  For example, my first public CEP presentation: View SlideShare presentation or Upload your own. (tags: event processing) So far, I [...]

Read more

A Complex Event = Sum (Events) + Situational Knowledge

Posted on 08/16/08 14 Comments

Sometimes we read some opinions about CEP where folks opine that ”complex event processing” is really about processing “complex events” and not about “complex” “event processing”.   The truth be told, processing “complex events” requires “complex” “event processing” so there is really no difference between the two ways of expressing CEP. You can not process complex events in [...]

Read more

The Bot Hunter: An Event Processing Challenge (Bot or Not)

Posted on 08/15/08 1 Comment

Recently we penned The Attack of the Spiders from the Clouds where we mentioned how cloud computing infrastructures can be used to stage malicous or accidential network attacks. Today I challenge our CEP/ESP/EP vendors (or SIs) to create the following solution to detect and block rogue bots on Apache web sites.   I will install and [...]

Read more
Page 1 of 3123»