| 发明名称 |
SYSTEM AND METHOD FOR ANOMALY DETECTION IN INFORMATION TECHNOLOGY OPERATIONS |
| 摘要 |
An anomaly detection system is able to detect spatial and temporal environment anomalies and spatial and temporal behavior anomalies, and monitor servers for anomalous characteristics of the environment and behavior. If metrics and/or characteristics associated with a given server are beyond a certain threshold, an alert is generated. Among other options, the alert can take the form of a heat map or a cluster cohesiveness report. |
| 申请公布号 |
US2015341246(A1) |
申请公布日期 |
2015.11.26 |
| 申请号 |
US201514815941 |
申请日期 |
2015.07.31 |
| 申请人 |
METAFOR SOFTWARE INC. |
发明人 |
BOUBEZ TOUFIC |
| 分类号 |
H04L12/26 |
主分类号 |
H04L12/26 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of detecting a behavior anomaly in a system comprising a plurality of servers, the method comprising:
receiving a set of metrics from each of the plurality of servers at one or more times during a time window, wherein the metrics comprise one or more time-stamped log entries, the one or more entries representative of a performance or operation of a machine in an information technology environment; calculating one or more statistics for at least one metric of the set of metrics for each of the plurality of servers for the time window; concatenating the metrics and the statistics into a corresponding n-dimensional feature vector for each of the plurality of servers; computing a center of mass in n-dimensional space of the feature vectors; computing a distance measurement from the feature vector of a first server of the plurality of servers to the center of mass; and determining a degree of anomaly of the first server based on the distance measurement. |
| 地址 |
Vancouver CA |
