Jump to ContentJump to Main Navigation
Show Summary Details
More options …

Foundations of Computing and Decision Sciences

The Journal of Poznan University of Technology

4 Issues per year

CiteScore 2016: 0.75

SCImago Journal Rank (SJR) 2016: 0.330
Source Normalized Impact per Paper (SNIP) 2016: 0.709

Open Access
See all formats and pricing
More options …

Data Warehouse for Event Streams Violating Rules

Bogdan Denny Czejdo
  • Corresponding author
  • Department of Mathematics and Computer Science, Fayetteville State University, Fayetteville, USA
  • Email
  • Other articles by this author:
  • De Gruyter OnlineGoogle Scholar
/ Erik M. Ferragut / John R. Goodall / Jason Laska
Published Online: 2013-06-18 | DOI: https://doi.org/10.2478/fcds-2013-0001


In this presentation, we discuss how a data warehouse can support situational awareness and data forensic needs for investigation of event streams violating rules. The data warehouse for event streams can contain summary tables showing rule violation on different aggregation level. We will introduce the classification of rules and the concept of a general aggregation graph for defining various classes of rules violation and their relationships. The data warehouse system containing various rule violation aggregations will allow the data forensics experts to have the ability to “drill-down” into event data across different data warehouse dimensions. The event stream real-time processing and other software modules can also use the summarizations to discover if current events bursts satisfy rules by comparing them with historic event bursts.

Keywords : data streams; data warehouses; drill-down operation; aggregation; data forensics; situational awareness

  • [1] Michael T. Goodrich, Mikhail J. Atallah and Roberto Tamassia, Indexing Information for Data Forensics, Lecture Notes in Computer Science, 2005, Volume 3531/2005, 206-221.Google Scholar

  • [2] Federico Maggi, Stefano Zanero, Vincenzo Iozzo, “Seeing the invisible: forensic uses of anomaly detection and machine learning” ACM SIGOPS Operating Systems Review, Volume 42 Issue 3, April 2008, 51-58.Google Scholar

  • [3] Hal Berghel “Hiding data, forensics, and anti-forensics”, Communications of the ACM CACM, Volume 50 Issue 4, April 2007, 15 - 20.Google Scholar

  • [4] Sushil Jajodia, Peng Liu, Vipin Swarup, Cliff Wang, 2009, Cyber Situational Awareness: Issues and Research, Springer Publishing Company, 2009.Google Scholar

  • [5] Ferragut, E.M.; Darmon, D.M.; Shue, C.A.; Kelley, S., Automatic construction of anomaly detectors from graphical models”, IEEE Symposium on Computational Intelligence in Cyber Security (CICS), 2011 IEEE Symposium onGoogle Scholar

  • [6] Sung-Bae Cho, “Incorporating soft computing techniques into a probabilistic intrusion detection system” IEEE Transactions on Systems, Man, and Cybernetics, May 2002, vol. 32 , issue: 2, pp: 154 - 160.Google Scholar

  • [7] Denning, Dorothy, "An Intrusion Detection Model," Proceedings of the Seventh IEEE Symposium on Security and Privacy, May 1986, pages 119-131.Google Scholar

  • [8] Teng, Henry S., Chen, Kaihu, and Lu, Stephen C-Y, "Adaptive Real-time Anomaly Detection Using Inductively Generated Sequential Patterns," 1990 IEEE Symposium on Security and PrivacyGoogle Scholar

  • [9] Jones, Anita K., and Sielken, Robert S., "Computer System Intrusion Detection: A Survey," Technical Report, Department of Computer Science, University of Virginia, Charlottesville, VA, 1999Google Scholar

  • [10] Czejdo. B, Taylor M. and Putonti C.,(2000); “Summary Tables in Data Warehouses”. Proceedings of ADVIS’2000.Google Scholar

  • [11] Gupta A., Harinarayan V., and Quass D. (1995); "Aggregate-Query Processing in Data Warehousing Environments", Proceedings of the VLDB.Google Scholar

  • [12] Bischoff J. and Alexander T. (1997); Data Warehouse: Practical Advice from theExperts. New Jersey: Prentice-Hall, Inc.Google Scholar

  • [13] Widom J. (1995); “Research problems in data warehousing", Proceedings of the 4thInt. Conf. CIKM.Google Scholar

  • [14] Bogdan Denny Czejdo, Erik M. Ferragut, John Goodall and Jason Laska “Network Intrusion Detection and Visualization using Aggregations in a Cyber Security Data Warehouse”, accepted for publication in International Journal of Communications,Network and System Sciences, (IJCNS)Google Scholar

About the article

Published Online: 2013-06-18

Published in Print: 2013-06-01

Citation Information: Foundations of Computing and Decision Sciences, ISSN (Online) 2300-3405, ISSN (Print) 0867-6356, DOI: https://doi.org/10.2478/fcds-2013-0001.

Export Citation

This content is open access.

Comments (0)

Please log in or register to comment.
Log in