Rule Induction of Computer Events

Monitoring systems are able to capture thousands of events from a computer network. Some of those events may be particularly informative to ensure the correct operation of an application. We assume the user is interested in a specific class of events, called target events (e.g., communication link is down). We propose a system that generates a set of rules correlating each target event with events occurring previous to the target event within a specified time window interval. Such rules can be extremely helpful in elucidating the origin of target events. We conduct experiments to assess the accuracy of the induced rules for different types of target events in a real-world network environment. Our results show the accuracy of the induced rules generally above 80% when the time window interval is at least 20 minutes wide. Such results give strong empirical support to the validity of our approach.

[1]  David H. Wolpert,et al.  The Existence of A Priori Distinctions Between Learning Algorithms , 1996, Neural Computation.

[2]  Ricardo Vilalta,et al.  A Quantification of Distance Bias Between Evaluation Metrics In Classification , 2000, ICML.

[3]  Rajeev Motwani,et al.  Beyond market baskets: generalizing association rules to correlations , 1997, SIGMOD '97.

[4]  Heikki Mannila,et al.  Fast Discovery of Association Rules , 1996, Advances in Knowledge Discovery and Data Mining.

[5]  Geoffrey I. Webb OPUS: An Efficient Admissible Algorithm for Unordered Search , 1995, J. Artif. Intell. Res..

[6]  Jason Catlett,et al.  On Changing Continuous Attributes into Ordered Discrete Attributes , 1991, EWSL.

[7]  Wynne Hsu,et al.  Integrating Classification and Association Rule Mining , 1998, KDD.

[8]  Alberto Maria Segre,et al.  Programs for Machine Learning , 1994 .

[9]  Geoffrey I. Webb Efficient search for association rules , 2000, KDD '00.

[10]  David H. Wolpert,et al.  The Lack of A Priori Distinctions Between Learning Algorithms , 1996, Neural Computation.

[11]  J. Ross Quinlan,et al.  C4.5: Programs for Machine Learning , 1992 .

[12]  Sholom M. Weiss,et al.  Computer Systems That Learn , 1990 .

[13]  Larry A. Rendell,et al.  Global Data Analysis and the Fragmentation Problem in Decision Tree Induction , 1997, ECML.

[14]  Ron Kohavi,et al.  A Study of Cross-Validation and Bootstrap for Accuracy Estimation and Model Selection , 1995, IJCAI.

[15]  Ron Rymon An SE-tree based Characterization of the Induction Problem , 1993, ICML.