research-article

Tuning complex event processing rules using the prediction-correction paradigm

Authors:

Yulia Turchin,

Avigdor Gal,

Segev WasserkrugAuthors Info & Claims

DEBS '09: Proceedings of the Third ACM International Conference on Distributed Event-Based Systems

Article No.: 10, Pages 1 - 12

https://doi.org/10.1145/1619258.1619272

Published: 06 July 2009 Publication History

Get Access

Abstract

There is a growing need for the use of active systems, systems that act automatically based on events. In many cases, providing such active functionality requires materializing (inferring) the occurrence of relevant events. A widespread paradigm for enabling such materialization is Complex Event Processing (CEP), a rule based paradigm, which currently relies on domain experts to fully define the relevant rules. These experts need to provide the set of basic events which serves as input to the rule, their inter-relationships, and the parameters of the events for determining a new event materialization. While it is reasonable to expect that domain experts will be able to provide a partial rules specification, providing all the required details is a hard task, even for domain experts. Moreover, in many active systems, rules may change over time, due to the dynamic nature of the domain. Such changes complicate even further the specification task, as the expert must constantly update the rules. As a result, we seek additional support to the definition of rules, beyond expert opinion. This work presents a mechanism for automating both the initial definition of rules and the update of rules over time. This mechanism combines partial information provided by the domain expert with machine learning techniques, and is aimed at improving the accuracy of event specification and materialization. The proposed mechanism consists of two main repetitive stages, namely rule parameter prediction and rule parameter correction. The former is performed by updating the parameters using an available expert knowledge regarding the future changes of parameters. The latter stage utilizes expert feedback regarding the actual past occurrence of events and the events materialized by the CEP framework to tune rule parameters. We also include possible implementations for both stages, based on a statistical estimator and evaluate our outcome using a case study from the intrusion detection domain.

References

[1]

A. Adi and O. Etzion. Amit - the situation manager. The International Journal on Very Large Data Bases, 13(2):177--203, May 2004.

Abstract

References

Cited By

Index Terms

Recommendations

Complex event processing over uncertain data

Introducing uncertainty in complex event processing: model, implementation, and validation

Complex event processing with T-REX

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tag

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations