An empirical comparison of monitoring algorithms for access anomaly detection

Authors:
A. Dinning

Courant Institute of Mathematical Sciences, New York University, 251 Mercer Street, New York, NY

Courant Institute of Mathematical Sciences, New York University, 251 Mercer Street, New York, NY
View Profile

,
E. Schonberg

IBM T.J. Watson Research Center, P.O. Box 218, Yorktown Heights, NY

IBM T.J. Watson Research Center, P.O. Box 218, Yorktown Heights, NY
View Profile

PPOPP '90: Proceedings of the second ACM SIGPLAN symposium on Principles & practice of parallel programmingFebruary 1990Pages 1–10https://doi.org/10.1145/99163.99165

Published:01 February 1990Publication History

PPOPP '90: Proceedings of the second ACM SIGPLAN symposium on Principles & practice of parallel programming

Pages 1–10

ABSTRACT

One of the major disadvantages of parallel programming with shared memory is the nondeterministic behavior caused by uncoordinated access to shared variables, known as access anomalies. Monitoring program execution to detect access anomalies is a promising and relatively unexplored approach to this problem. We present a new algorithm, referred to as task recycling, for detecting anomalies, and compare it to an existing algorithm. Empirical results indicate several significant conclusions: (i) While space requirements are bounded by Ο(T × V), where T is the maximum number of threads that may potentially execute in parallel and V is the number of variable monitored, for typical programs space requirements are on average Ο(V). (ii) Task recycling is more efficient in terms of space requirements and often in performance. (iii) The general approach of monitoring to detect access anomalies is practical.

References

1.Todd R. Allen and David A. Padua. Debugging Fortran on a. Shared Memory Machine. In Proceedings of 1he International Conference on Parallel Processing, pages 721-717, Aug 1987.Google Scholar
2.David Callahan and Jaspai Subhlok. Static Analysis of Low Level Synchronization. In Proceedings on the SIGPLAN Workshop on Parallel and Distributed Debugging, pages 100-111, May 1988. Google ScholarDigital Library
3.Jong-Deok Choi, Barton P. Miller, and Robert Netzer. Techniques for Debugging Parallel Programs with Flowback Analysis. Technical Report, University of Wisconson, Aug 1988.Google Scholar
4.Anne Dinning and Edith Schonberg. Aa Evaluation of Monitoring Algorithms for Access Anomaly Detection. Technical Report Ultracornputer Note #163, New York University, July 1989.Google Scholar
5.Perry A. Emrath and David A. Padua. Automatic Detection of Nondeterminancy in Parallel Programs. In Proceedings on the SIGPLAN Workshop on Parallel and Distributed Debugging, pages 89- 99, May 1988. Google ScholarDigital Library
6.Allan Gottlieb. An Overview of the NYU Ultracomputer Project. In J.J. Dongarra, editor, Experimental Parallel Computing Architectures, pages 25 - 95, Elsevier, 1988.Google Scholar
7.Leslie Lamport. Time, clocks, and the ordering of events in a distributed system. Communications of the A CM, 21(7), Jul 1978. Google ScholarDigital Library
8.Barton P. Miller and 3ong-Deok Choi. A Mechanism for Efficient Debugging of Parallel Programs. In Proceedings on the SIGPLAN Workshop on Parallel and Distributed Debugging, May 1988. Google ScholarDigital Library
9.Itzhak Nudler and L#rry Rudolph. Iadetermiaaacy Considered Harmful. 1988.Google Scholar
10.Itzhak Nudler and Larry Rudolph. Tools for the Efficient Development of Efficient Parallel Programs. In 1#t Israeli Conference on Computer System En. gineering, 1988.Google Scholar
11.Edith Schonberg. On-The-Fly Detection of Access Anomalies. In Proceedings on the SIGPLAN Conference on Programming Language Design and Implementation, Jun 1989. Google ScholarDigital Library
12.Marc Snir. Private correspondence. 1988.Google Scholar

Index Terms

Recommendations

Quantitative comparison of unsupervised anomaly detection algorithms for intrusion detection
SAC '19: Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing

Anomaly detection algorithms aim at identifying unexpected fluctuations in the expected behavior of target indicators, and, when applied to intrusion detection, suspect attacks whenever the above deviations are observed. Through years, several of such ...
Read More
An empirical comparison of monitoring algorithms for access anomaly detection

One of the major disadvantages of parallel programming with shared memory is the nondeterministic behavior caused by uncoordinated access to shared variables, known as access anomalies. Monitoring program execution to detect access anomalies is a ...
Read More
Mitigating Privilege Misuse in Access Control through Anomaly Detection
ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security

Access control is a fundamental component of IT systems to guarantee the confidentiality and integrity of sensitive resources. However, access control systems have inherent limitations: once permissions have been assigned to users, access control ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
PPOPP '90: Proceedings of the second ACM SIGPLAN symposium on Principles & practice of parallel programming
February 1990
206 pages
ISBN:0897913507
DOI:10.1145/99163
Chairman:
David Padua
Univ. of Illinois at Urbana/Champaign, Urbana
ACM SIGPLAN Notices Volume 25, Issue 3
Mar. 1990
216 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/99164
Editor:
David Padua
Univ. of Illinois at Urbana/Champaign, Urbana
Issue’s Table of Contents
Copyright © 1990 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 February 1990
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- Article
Conference

Acceptance Rates
Overall Acceptance Rate230of1,014submissions,23%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 198
  Total Citations
  View Citations
- 1,208
  Total Downloads
- Downloads (Last 12 months)65
- Downloads (Last 6 weeks)13
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

An empirical comparison of monitoring algorithms for access anomaly detection

PPOPP '90: Proceedings of the second ACM SIGPLAN symposium on Principles & practice of parallel programming

ABSTRACT

References

Cited By

Index Terms

Recommendations

Quantitative comparison of unsupervised anomaly detection algorithms for intrusion detection

An empirical comparison of monitoring algorithms for access anomaly detection

Mitigating Privilege Misuse in Access Control through Anomaly Detection