Anomaly-detection tool

• Student: J. Frank Roberts (2013).
• Purpose: Build a software suite that detects misbehaving computers in large computing systems and presents information about those machines to the system administrator.
• Method: (1) Each monitored machine sends data to the collector on a regular basis. (2) The collector stores the data in a database. (3) The profiler converts stored data into a series of Symbolic Aggregate approXimation (SAX) words. (4) The analyzer applies window-pair and baseline analysis techniques to the series of SAX words to detect anomalies and present the results as graphs.
• What the student learned
  1. The Go language
  2. The SAX algorithms
  3. Research methods
  4. Technical writing
  Code and documentation can be found at this site.