Anomaly detection using logs and metrics analysis for system application operations

Anomaly detection is the identification of events or observations that do not conform to an expected behaviour of a system. The lack of detecting anomalous items could translate to some kind of problems such as system failure, network intrusion, frauds, etc. This thesis addressed some of the challenges in this domain by proposing a set of mechanisms to perform a cross-layer anomaly detection using correlation analysis of systems’ logs and metrics. The result of investigating with two complex case studies demonstrate that the proposed techniques were able to detect emulated anomalies with high accuracy.