DOCSLIB.ORG

Network Anomaly Detection Using Lightgbm: a Gradient Boosting Classifier

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Network Anomaly Detection Using Lightgbm: a Gradient Boosting Classifier Network Anomaly Detection Using LightGBM: A Gradient Boosting Classifier Md. Khairul Islam1, Prithula Hridi1, Md. Shohrab Hossain1, Husnu S. Narman2 1Department of Computer Science and Engineering, Bangladesh University of Engineering and Technology, Bangladesh 2Weisberg Division of Computer Science, Marshall University, Huntington, WV, USA Email: [email protected], [email protected], [email protected], [email protected] Abstract—Anomaly detection systems are significant in rec- U2R and the R2U attacks, the DoS attack to the collective ognizing intruders or suspicious activities by detecting unseen anomaly, and the Probe attack to the contextual anomaly. and unknown attacks. In this paper, we have worked on a Machine learning techniques, in many cases they have benchmark network anomaly detection dataset UNSW-NB15, that reflects modern-day network traffic. Previous works on this outperformed the previous state-of-the-art models. As UNSW- dataset either lacked a proper validation approach or followed NB15 [4] is a benchmark network anomaly detection dataset, only one evaluation setup which made it difficult to compare numerous studies have been done on it. However, to evaluate their contributions with others using the same dataset but with the same dataset many different setups were adopted (Section different validation steps. In this paper, we have used a machine II). For example, train and evaluate on train data [5], [6] learning classifier LightGBM to perform binary classification on this dataset. We have presented a thorough study of the dataset . Ten-fold cross-validation on train data [7], [8]), test data with feature engineering, preprocessing, feature selection. We [9], combined (train+test) data [10], [11]. Five-fold cross- have evaluated the performance of our model using different validation on train and test data [12] . Train on train data experimental setups (used in several previous works) to clearly and evaluate on test data [13], [14]. evaluate and compare with others. Using ten-fold cross-validation With so many different experimental setups, it is difficult on the train, test, and combined (training and test) dataset, to find the single best work on this dataset. Moreover, works our model has achieved 97.21%, 98.33%, and 96.21% f1 scores, respectively. Also, the model fitted only on train data, achieved that followed the same experimentation setup did not compare 92.96% f1 score on the separate test data. So our model their results with prior works in some cases (for example, also provides significant performance on unseen data. We have Kanimozhi et al. [6] and Nawir et al. [10] did not compare their presented complete comparisons with the prior arts using all results with Koroniotis et al. [11]). Therefore, it is difficult performance metrics available on them. And we have also shown to validate improvements. Mogal et al. [5] and Kanimozhi et that our model outperformed them in most metrics and thus can detect network anomalies better. al. [6] mentioned near-perfect detection scores. However, they Index Terms—anomaly detection, machine learning, network did not mention the significant technical flaws regarding their security. approaches, which we have explained in Section IV-B. Some other works [6], [10], [12] followed only one validation setup. I. INTRODUCTION Hence, it is impossible to compare those works with the ones, which have worked on the same dataset but with different Web applications are getting increasingly popular, and the validation setups. Internet has become an important part in our daily life. As The novelty and contributions of this work are as follows: a consequence, network systems are being targeted more by • We have provided a thorough study of the UNSW-NB15 attackers [1] with malicious intent [2]. To detect intruders in a dataset with feature engineering, preprocessing, selection. network system, there are generally two approaches: signature- • We have explored the performance of a boosting algo- based and anomaly-based detection. Signature-based systems rithm in binary classification on the dataset following all maintain a database of previously known attacks and raise experimentation setups found from prior studies whereas alarms when any match is found with the analyzed data. each of the previous works focused on only one setup. However, they are vulnerable to zero-day attacks. • We have compared our results to prior state-of-the-art An anomaly in a network means a deviation of traffic data works using all related performance metrics. from its normal pattern. Thus, anomaly detection techniques Our results show that feature engineering can make the have the advantage of detecting zero-day attacks. However, in model more generalized. So our model performance improved a complex and large network system, it is not easy to define in cross-validation experiments, as well as when evaluated on a set of valid requests or normal behavior of the endpoints. separate test data. We have also shown a very small false Hence, anomaly detection faces the disadvantage of having a alarm rate (1.83% - 4.81%). Our work can help in detecting high false-positive error rate. unseen anomaly attacks better having very few false alarms. According to Ahmed et al. [3], the main attack types are And Our different experimentation setups will help visualize DoS, Probe, User to Root (U2R), and Remote to User (R2U) the impact of validation strategies on the model performance attacks. Ahmed et al. [3] mapped the point anomaly with the of this dataset. The rest of the paper has been organized as follows. by using the WEKA tool. They also compared centralized and SectionII describes the recent works related to NIDS (Network distributed AODE algorithms based on accuracy against the Intrusion Detection Systems) on the UNSW-NB15 dataset. number of nodes. Our proposed methodology has been explained in Section Meftah et al. [8] applied both binary and multiclass clas- III. Section IV describes the experimentation setups and our sification on the UNSW-NB15 dataset. They found that for results as well as some comparisons with the prior state-of-the- binary classification SVM performs the best in ten-fold cross- art. The rest of the comparisons regarding evaluating on train validation and decision tree (C5.0) for multiclass classification. and test data, cross-validation approaches have been shown in Hanif et al. [9] used ANN(Artificial Neural Network) on the Section V. Finally, SectionVI has the concluding remarks. same dataset. They compared their performance with prior works on the NSL-KDD dataset, instead of works on the same II. RELATED WORKS dataset. Meghdouri et al. [12] applied feature preprocessing For network intrusion detection KDDCUP99, NSL-KDD, and principal component analysis on the UNSW-NB15 dataset. DARPA, UNSW-NB15 are among the benchmark dataset. As Then performed five-fold cross-validation using a RandomFor- a popular dataset, we focus on binary classification of the est classifier. UNSW-NB15 dataset [4] which is used in several anomaly detection works. Based on the model evaluation process, we D. Validation on separate test data have divided them into several parts. Moustafa et al. [14] analyzed the statistical properties of the UNSW-NB15 dataset and showed that it is more complex A. Random train test compared to the KDD99 dataset. Vinaykumar et al. [18] Moustafa et al. [15] used central points of attribute values used classical machine learning classifiers, and deep neural and Association Rule Mining for feature selection on a high networks on several intrusion detection datasets. The classical level of abstraction from datasets UNSW-NB15 and NSL- models performed much better than the neural network mod- KDD. They have partitioned the datasets into train and test els. Dahiya et al. [19] applied feature reduction techniques on sets following an equation. Then evaluated performance us- both larger and smaller versions of the UNSW-NB15 dataset. ing Expectation-Maximisation clustering (EM), Logistic Re- Bhamare et al. [13] tested the robustness of machine learning gression (LR), and Nave Bayes (NB). Moustafa et al. [16] models in cloud scenarios. They trained classifiers on the also proposed a beta mixture model-based anomaly detection UNSW-NB15 dataset and tested them on a cloud security system on the UNSW-NB15 dataset. They first selected eight dataset ISOT. They found that these models did not perform features from the dataset, then randomly selected samples from well in the cloud environment. it. In another work, Moustafa et al. [17] selected random samples from the UNSW-NB15 dataset and ran ten-fold cross- E. Gap analysis validation on it. To the best of our knowledge, there has been no work that has provided a thorough study of the UNSW-NB15 dataset B. Validation on same data used for training with feature engineering to improve results. Moreover, most Mogal et al. [5] used machine learning classifiers on both of the previous works on this dataset focused on only one UNSW-NB15 and KDDCUP99 datasets. They achieved nearly evaluation process. So it is difficult to make a proper com- 100% accuracy on both datasets using Naive Bayes and parison among them. For example, the performance achieved Logistic Regression on train data. Kanimozhi et al. [6] choose in five-fold cross-validation, can not be compared with that the best four features of the UNSW-NB15 dataset using achieved in ten-fold cross-validation. So, we have evaluated the RandomForest classifier. They also used a Multi-Layer our model performance using all possible experimentation Perceptron to show how neural networks would perform on setups found in prior arts and provided a thorough comparison this dataset. with prior state-of-the-art techniques. We have also used feature engineering to reduce overfitting, thereby providing a C. Cross validation more generalized model. Koroniotis et al. [11] selected the top ten features of the UNSW-NB15 combined (train+test) dataset using Information III.
Load more

Recommended publications
  • A Tensor Compiler for Unified Machine Learning Prediction Serving
    A Tensor Compiler for Unified Machine Learning Prediction Serving Supun Nakandala, UC San Diego; Karla Saur, Microsoft; Gyeong-In Yu, Seoul National University; Konstantinos Karanasos, Carlo Curino, Markus Weimer, and Matteo Interlandi, Microsoft https://www.usenix.org/conference/osdi20/presentation/nakandala This paper is included in the Proceedings of the 14th USENIX Symposium on Operating Systems Design and Implementation November 4–6, 2020 978-1-939133-19-9 Open access to the Proceedings of the 14th USENIX Symposium on Operating Systems Design and Implementation is sponsored by USENIX A Tensor Compiler for Unified Machine Learning Prediction Serving Supun Nakandalac,∗, Karla Saurm, Gyeong-In Yus,∗, Konstantinos Karanasosm, Carlo Curinom, Markus Weimerm, Matteo Interlandim mMicrosoft, cUC San Diego, sSeoul National University {<name>.<surname>}@microsoft.com,[email protected], [email protected] Abstract TensorFlow [13] combined, and growing faster than both. Machine Learning (ML) adoption in the enterprise requires Acknowledging this trend, traditional ML capabilities have simpler and more efficient software infrastructure—the be- been recently added to DNN frameworks, such as the ONNX- spoke solutions typical in large web companies are simply ML [4] flavor in ONNX [25] and TensorFlow’s TFX [39]. untenable. Model scoring, the process of obtaining predic- When it comes to owning and operating ML solutions, en- tions from a trained model over new data, is a primary con- terprises differ from early adopters in their focus on long-term tributor to infrastructure complexity and cost as models are costs of ownership and amortized return on investments [68]. trained once but used many times. In this paper we propose As such, enterprises are highly sensitive to: (1) complexity, HUMMINGBIRD, a novel approach to model scoring, which (2) performance, and (3) overall operational efficiency of their compiles featurization operators and traditional ML models software infrastructure [14].
    [Show full text]
  • Lightgbm Release 3.2.1.99
    LightGBM Release 3.2.1.99 Microsoft Corporation Sep 26, 2021 CONTENTS: 1 Installation Guide 3 2 Quick Start 21 3 Python-package Introduction 23 4 Features 29 5 Experiments 37 6 Parameters 43 7 Parameters Tuning 65 8 C API 71 9 Python API 99 10 Distributed Learning Guide 175 11 LightGBM GPU Tutorial 185 12 Advanced Topics 189 13 LightGBM FAQ 191 14 Development Guide 199 15 GPU Tuning Guide and Performance Comparison 201 16 GPU SDK Correspondence and Device Targeting Table 205 17 GPU Windows Compilation 209 18 Recommendations When Using gcc 229 19 Documentation 231 20 Indices and Tables 233 Index 235 i ii LightGBM, Release 3.2.1.99 LightGBM is a gradient boosting framework that uses tree based learning algorithms. It is designed to be distributed and efficient with the following advantages: • Faster training speed and higher efficiency. • Lower memory usage. • Better accuracy. • Support of parallel, distributed, and GPU learning. • Capable of handling large-scale data. For more details, please refer to Features. CONTENTS: 1 LightGBM, Release 3.2.1.99 2 CONTENTS: CHAPTER ONE INSTALLATION GUIDE This is a guide for building the LightGBM Command Line Interface (CLI). If you want to build the Python-package or R-package please refer to Python-package and R-package folders respectively. All instructions below are aimed at compiling the 64-bit version of LightGBM. It is worth compiling the 32-bit version only in very rare special cases involving environmental limitations. The 32-bit version is slow and untested, so use it at your own risk and don’t forget to adjust some of the commands below when installing.
    [Show full text]
  • 2020 Sut20 CASC-J10.Pdf
    CASC-J10 CASC-J10 CASC-J10 CASC-J10 Proceedings of the 10th IJCAR ATP System Competition (CASC-J10) Geo↵Sutcli↵e University of Miami, USA Abstract The CADE ATP System Competition (CASC) evaluates the performance of sound, fully automatic, classical logic, ATP systems. The evaluation is in terms of the number of problems solved, the number of acceptable proofs and models produced, and the average runtime for problems solved, in the context of a bounded number of eligible problems chosen from the TPTP problem library and other useful sources of test problems, and specified time limits on solution attempts. The 10th IJCAR ATP System Competition (CASC-J10) was held on 2th July 2020. The design of the competition and its rules, and information regarding the competing systems, are provided in this report. 1 Introduction The CADE and IJCAR conferences are the major forum for the presentation of new research in all aspects of automated deduction. In order to stimulate ATP research and system de- velopment, and to expose ATP systems within and beyond the ATP community, the CADE ATP System Competition (CASC) is held at each CADE and IJCAR conference. CASC-J10 was held on 2nd July 2020, as part of the 10th International Joint Conference on Automated Reasoning (IJCAR 2020)1, Online, Earth. It was the twenty-fifth competition in the CASC series [139, 145, 142, 95, 97, 138, 136, 137, 102, 104, 106, 108, 111, 113, 115, 117, 119, 121, 123, 144, 125, 127, 130, 132]. CASC evaluates the performance of sound, fully automatic, classical logic, ATP systems.
    [Show full text]
  • Characterization and Prediction of Deep Learning Workloads in Large-Scale GPU Datacenters
    Characterization and Prediction of Deep Learning Workloads in Large-Scale GPU Datacenters Qinghao Hu1,2 Peng Sun3 Shengen Yan3 Yonggang Wen1 Tianwei Zhang1∗ 1School of Computer Science and Engineering, Nanyang Technological University 2S-Lab, Nanyang Technological University 3SenseTime {qinghao.hu, ygwen, tianwei.zhang}@ntu.edu.sg {sunpeng1, yanshengen}@sensetime.com ABSTRACT 1 INTRODUCTION Modern GPU datacenters are critical for delivering Deep Learn- Over the years, we have witnessed the remarkable impact of Deep ing (DL) models and services in both the research community and Learning (DL) technology and applications on every aspect of our industry. When operating a datacenter, optimization of resource daily life, e.g., face recognition [65], language translation [64], adver- scheduling and management can bring significant financial bene- tisement recommendation [21], etc. The outstanding performance fits. Achieving this goal requires a deep understanding of thejob of DL models comes from the complex neural network structures features and user behaviors. We present a comprehensive study and may contain trillions of parameters [25]. Training a production about the characteristics of DL jobs and resource management. model may require large amounts of GPU resources to support First, we perform a large-scale analysis of real-world job traces thousands of petaflops operations [15]. Hence, it is a common prac- from SenseTime. We uncover some interesting conclusions from tice for research institutes, AI companies and cloud providers to the perspectives of clusters, jobs and users, which can facilitate the build large-scale GPU clusters to facilitate DL model development. cluster system designs. Second, we introduce a general-purpose These clusters are managed in a multi-tenancy fashion, offering framework, which manages resources based on historical data.
    [Show full text]
  • A Universal Neural Network Solution for Tabular Data
    Under review as a conference paper at ICLR 2019 TABNN: A UNIVERSAL NEURAL NETWORK SOLUTION FOR TABULAR DATA Anonymous authors Paper under double-blind review ABSTRACT Neural Networks (NN) have achieved state-of-the-art performance in many tasks within image, speech, and text domains. Such great success is mainly due to special structure design to fit the particular data patterns, such as CNN captur- ing spatial locality and RNN modeling sequential dependency. Essentially, these specific NNs achieve good performance by leveraging the prior knowledge over corresponding domain data. Nevertheless, there are many applications with all kinds of tabular data in other domains. Since there are no shared patterns among these diverse tabular data, it is hard to design specific structures to fit them all. Without careful architecture design based on domain knowledge, it is quite chal- lenging for NN to reach satisfactory performance in these tabular data domains. To fill the gap of NN in tabular data learning, we propose a universal neural net- work solution, called TabNN, to derive effective NN architectures for tabular data in all kinds of tasks automatically. Specifically, the design of TabNN follows two principles: to explicitly leverage expressive feature combinations and to reduce model complexity. Since GBDT has empirically proven its strength in modeling tabular data, we use GBDT to power the implementation of TabNN. Comprehen- sive experimental analysis on a variety of tabular datasets demonstrate that TabNN can achieve much better performance than many baseline solutions. 1 INTRODUCTION Recent years have witnessed the extraordinary success of Neural Networks (NN), especially Deep Neural Networks, in achieving state-of-the-art performances in many domains, such as image clas- sification (He et al., 2016), speech recognition (Graves et al., 2013), and text mining (Goodfellow et al., 2016).
    [Show full text]
  • ISBN # 1-60132-514-2; American Council on Science & Education / CSCE 2021
    ISBN # 1-60132-514-2; American Council on Science & Education / CSCE 2021 CSCI 2021 BOOK of ABSTRACTS The 2021 World Congress in Computer Science, Computer Engineering, and Applied Computing CSCE 2021 https://www.american-cse.org/csce2021/ July 26-29, 2021 Luxor Hotel (MGM Property), 3900 Las Vegas Blvd. South, Las Vegas, 89109, USA Table of Contents Keynote Addresses .................................................................................................................... 2 Int'l Conf. on Applied Cognitive Computing (ACC) ...................................................................... 3 Int'l Conf. on Bioinformatics & Computational Biology (BIOCOMP) ............................................ 6 Int'l Conf. on Biomedical Engineering & Sciences (BIOENG) ................................................... 12 Int'l Conf. on Scientific Computing (CSC) .................................................................................. 14 SESSION: Military & Defense Modeling and Simulation ............................................................ 27 Int'l Conf. on e-Learning, e-Business, EIS & e-Government (EEE) ............................................ 28 SESSION: Agile IT Service Practices for the cloud ................................................................... 34 Int'l Conf. on Embedded Systems, CPS & Applications (ESCS) ................................................ 37 Int'l Conf. on Foundations of Computer Science (FCS) ............................................................. 39 Int'l Conf. on Frontiers
    [Show full text]
  • Download Vol 13, No 1&2, Year 2020
    The International Journal on Advances in Internet Technology is published by IARIA. ISSN: 1942-2652 journals site: http://www.iariajournals.org contact: [email protected] Responsibility for the contents rests upon the authors and not upon IARIA, nor on IARIA volunteers, staff, or contractors. IARIA is the owner of the publication and of editorial aspects. IARIA reserves the right to update the content for quality improvements. Abstracting is permitted with credit to the source. Libraries are permitted to photocopy or print, providing the reference is mentioned and that the resulting material is made available at no cost. Reference should mention: International Journal on Advances in Internet Technology, issn 1942-2652 vol. 13, no. 1 & 2, year 2020, http://www.iariajournals.org/internet_technology/ The copyright for each included paper belongs to the authors. Republishing of same material, by authors or persons or organizations, is not allowed. Reprint rights can be granted by IARIA or by the authors, and must include proper reference. Reference to an article in the journal is as follows: <Author list>, “<Article title>” International Journal on Advances in Internet Technology, issn 1942-2652 vol. 13, no. 1 & 2, year 2020, <start page>:<end page> , http://www.iariajournals.org/internet_technology/ IARIA journals are made available for free, proving the appropriate references are made when their content is used. Sponsored by IARIA www.iaria.org Copyright © 2020 IARIA International Journal on Advances in Internet Technology Volume 13, Number 1 & 2, 2020 Editors-in-Chief Mariusz Głąbowski, Poznan University of Technology, Poland Editorial Advisory Board Eugen Borcoci, University "Politehnica"of Bucharest, Romania Lasse Berntzen, University College of Southeast, Norway Michael D.
    [Show full text]
  • Information-11-00193-V2.Pdf
    information Review Machine Learning in Python: Main Developments and Technology Trends in Data Science, Machine Learning, and Artificial Intelligence Sebastian Raschka 1,*,† , Joshua Patterson 2 and Corey Nolet 2,3 1 Department of Statistics, University of Wisconsin-Madison, Madison, WI 53575, USA 2 NVIDIA, Santa Clara, CA 95051, USA; [email protected] (J.P.); [email protected] (C.N.) 3 Department of Comp Sci & Electrical Engineering, University of Maryland, Baltimore County, Baltimore, MD 21250, USA * Correspondence: [email protected] † Current address: 1300 University Ave, Medical Sciences Building, Madison, WI 53706, USA. Received: 6 February 2020; Accepted: 31 March 2020; Published: 4 April 2020 Abstract: Smarter applications are making better use of the insights gleaned from data, having an impact on every industry and research discipline. At the core of this revolution lies the tools and the methods that are driving it, from processing the massive piles of data generated each day to learning from and taking useful action. Deep neural networks, along with advancements in classical machine learning and scalable general-purpose graphics processing unit (GPU) computing, have become critical components of artificial intelligence, enabling many of these astounding breakthroughs and lowering the barrier to adoption. Python continues to be the most preferred language for scientific computing, data science, and machine learning, boosting both performance and productivity by enabling the use of low-level libraries and clean high-level APIs. This survey offers insight into the field of machine learning with Python, taking a tour through important topics to identify some of the core hardware and software paradigms that have enabled it.
    [Show full text]
  • Proceedings of CASC-27 – the CADE-27 ATP System Competition
    CASC-27 CASC-27 CASC-27 CASC-27 Proceedings of CASC-27 – the CADE-27 ATP System Competition Geo↵Sutcli↵e University of Miami, USA Abstract The CADE ATP System Competition (CASC) evaluates the performance of sound, fully automatic, classical logic, ATP systems. The evaluation is in terms of the number of problems solved, the number of acceptable proofs and models produced, and the average runtime for problems solved, in the context of a bounded number of eligible problems chosen from the TPTP problem library and other useful sources of test problems, and specified time limits on solution attempts. The CADE-27 ATP System Competition (CASC-27) was held on 29th August 2019. The design of the competition and its rules, and information regarding the competing systems, are provided in this report. 1 Introduction The CADE and IJCAR conferences are the major forum for the presentation of new research in all aspects of automated deduction. In order to stimulate ATP research and system de- velopment, and to expose ATP systems within and beyond the ATP community, the CADE ATP System Competition (CASC) is held at each CADE and IJCAR conference. CASC-27 was held on 29th August 2019, as part of the 27th International Conference on Automated Deduction (CADE-27), in Natal, Brazil. It was the twenty-fourth competition in the CASC series [137, 143, 140, 95, 97, 136, 134, 135, 102, 104, 106, 108, 111, 113, 115, 117, 119, 121, 123, 142, 125, 127, 130]. CASC evaluates the performance of sound, fully automatic, classical logic, ATP systems. The evaluation is in terms of: the number of problems solved, • the number of acceptable proofs and models produced, and • the average runtime for problems solved; • in the context of: a bounded number of eligible problems, chosen from the TPTP problem library [128] and • other useful sources of test problems, and specified time limits on solution attempts.
    [Show full text]
  • Late Payment Prediction of Invoices Through Graph Features
    Late PAYMENT PREDICTION OF INVOICES THROUGH GRAPH FEATURES Master Thesis By: Arthur HoVANESYAN Late-payment prediction of invoices through graph features Arthur Hovanesyan to obtain the degree of Master of Science, Computer Science, Data Science Track at the Delft University of Technology, to be defended publicly on Wednesday December 18, 2019 at 12:30 PM. Student number: 4322711 Thesis committee: Associate Prof. dr. Pablo Cesar, TU Delft, (Chair) Assistant Prof. dr. Huijuan Wang, TU Delft (Supervisor) Assistant Prof. dr. Christoph Lofi, TU Delft Head Data Science. dr. Judith Redi, Exact (Supervisor) Preface This report concludes the thesis project and with it the two-year journey towards receiving my master’s de- gree in Computer Science. Thank you to Exact and especially to everyone in the Customer Intelligence/Data Science team for giving me the opportunity to work on such an awesome project. This was was not possible without the supervision of Dr. Judith Redi, Dr. Huijuan Wang, Dr. Bikash Joshi, Ir. Xiuxiu Zhan and of course everyone else from the team that chipped in and kept the morale high. Thank you for your guidance during the process. There are too many of you now to list. Thank you to my family and friends for your support throughout the journey. Without you all, this would not have been possible. Arthur Hovanesyan Delft, December 2019 iii Disclaimer The information made available by Exact for this research is provided for use of this research only and under strict confidentiality. v Abstract Keeping a steady cash flow is one of the biggest if not the biggest problem that Small to Medium Enterprises (SMEs) deal with daily.
    [Show full text]
  • Analytical and Other Software on the Secure Research Environment
    Analytical and other software on the Secure Research Environment The Research Environment runs with the operating system: Microsoft Windows Server 2016 DataCenter edition. The environment is based on the Microsoft Data Science virtual machine template and includes the following software: • R Version 4.0.2 (2020-06-22), as part of Microsoft R Open • R Studio Desktop 1.3.1093 working with R 4.0.2 • Anaconda 3, including an environment for Python 3.8.5 • Python, 3.8.5 as part of the Anaconda base environment • Jupyter Notebook, as part of the Anaconda3 environment • Microsoft Office 2016 Standard edition, including Word, Excel, PowerPoint, and OneNote (Access not included) • JuliaPro 0.5.1.1 and the Juno IDE for Julia • PyCharm Community Edition, 2020.3 • PLINK • JAGS • WinBUGS • OpenBUGS • stan and rstan • Apache Spark 2.2.0 • SparkML and pySpark • Apache Drill 1.11.0 • MAPR Drill driver • VIM 8.0.606 • TensorFlow • MXNet, MXNet Model Server • Microsoft Cognitive Toolkit (CNTK) • Weka • Vowpal Wabbit • xgboost • Team Data Science Process (TDSP) Utilities • VOTT (Visual Object Tagging Tool) 1.6.11 • Microsoft Machine Learning Server • PowerBI • Docker version 10.03.5, build 2ee0c57608 • SQL Server Developer Edition (2017), including Management Studio and SQL Server Integration Services (SSIS) • Visual Studio Code 1.17.1 • Nodejs • 7-zip • Evince PDF Viewer • Acrobat Reader • Microsoft Photo Viewer • PowerShell 6 March 2021 Version 1.2 And in the Premium research environments: • STATA 16.1 • SAS 9.4, m4 (academic license) Users also have the ability to bring in additional software if the software was specified in the data request, the software runs in the operating system described above, and the user can provide Vivli with any necessary licensing keys.
    [Show full text]
  • SONIC: Application-Aware Data Passing for Chained Serverless Applications
    SONIC: Application-aware Data Passing for Chained Serverless Applications Ashraf Mahgoub(a), Karthick Shankar(b), Subrata Mitra(c), Ana Klimovic(d), Somali Chaterji(a), Saurabh Bagchi(a) (a) Purdue University, (b) Carnegie Mellon University, (c) Adobe Research, (d) ETH Zurich Abstract and video analytics [6,27]. Accordingly, major cloud comput- ing providers recently introduced their serverless workflow Data analytics applications are increasingly leveraging services such as AWS Step Functions [5], Azure Durable serverless execution environments for their ease-of-use and Functions [48], and Google Cloud Composer [29], which pay-as-you-go billing. Increasingly, such applications are provide easier design and orchestration for serverless work- composed of multiple functions arranged in some workflow. flow applications. Serverless workflows are composed of a However, the current approach of exchanging intermediate sequence of execution stages, which can be represented as (ephemeral) data between functions through remote storage a directed acyclic graph (DAG) [21, 56]. DAG nodes corre- (such as S3) introduces significant performance overhead. spond to serverless functions (or ls1) and edges represent the We show that there are three alternative data-passing meth- flow of data between dependent ls (e.g., our video analytics ods, which we call VM-Storage, Direct-Passing, and state-of- application DAG is shown in Fig. 1). practice Remote-Storage. Crucially, we show that no single Exchanging intermediate data between serverless functions data-passing method prevails under all scenarios and the op- has been identified as a major challenge in serverless work- timal choice depends on dynamic factors such as the size flows [39, 41, 50].
    [Show full text]