MSTREAM: Fast Anomaly Detection in Multi-Aspect Streams

• URL: http://arxiv.org/abs/2009.08451v4
• Date: Tue, 30 Mar 2021 14:49:02 GMT
• Title: MSTREAM: Fast Anomaly Detection in Multi-Aspect Streams
• Authors: Siddharth Bhatia, Arjit Jain, Pan Li, Ritesh Kumar, Bryan Hooi
• Abstract summary: MSTREAM can detect unusual group anomalies as they occur in a dynamic manner. It is evaluated over the KDDCUP99, CICIDS-DoS, UNSW-NB 15 and CICIDS-DDoS datasets.
• Score: 33.20161160552062
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Given a stream of entries in a multi-aspect data setting i.e., entries having multiple dimensions, how can we detect anomalous activities in an unsupervised manner? For example, in the intrusion detection setting, existing work seeks to detect anomalous events or edges in dynamic graph streams, but this does not allow us to take into account additional attributes of each entry. Our work aims to define a streaming multi-aspect data anomaly detection framework, termed MSTREAM which can detect unusual group anomalies as they occur, in a dynamic manner. MSTREAM has the following properties: (a) it detects anomalies in multi-aspect data including both categorical and numeric attributes; (b) it is online, thus processing each record in constant time and constant memory; (c) it can capture the correlation between multiple aspects of the data. MSTREAM is evaluated over the KDDCUP99, CICIDS-DoS, UNSW-NB 15 and CICIDS-DDoS datasets, and outperforms state-of-the-art baselines.

Related papers

• ARC: A Generalist Graph Anomaly Detector with In-Context Learning [62.202323209244]
  ARC is a generalist GAD approach that enables a one-for-all'' GAD model to detect anomalies across various graph datasets on-the-fly. equipped with in-context learning, ARC can directly extract dataset-specific patterns from the target dataset. Extensive experiments on multiple benchmark datasets from various domains demonstrate the superior anomaly detection performance, efficiency, and generalizability of ARC.
  arXiv  Detail & Related papers  (2024-05-27T02:42:33Z)
• Dynamic Erasing Network Based on Multi-Scale Temporal Features for Weakly Supervised Video Anomaly Detection [103.92970668001277]
  We propose a Dynamic Erasing Network (DE-Net) for weakly supervised video anomaly detection. We first propose a multi-scale temporal modeling module, capable of extracting features from segments of varying lengths. Then, we design a dynamic erasing strategy, which dynamically assesses the completeness of the detected anomalies.
  arXiv  Detail & Related papers  (2023-12-04T09:40:11Z)
• MSFlow: Multi-Scale Flow-based Framework for Unsupervised Anomaly Detection [124.52227588930543]
  Unsupervised anomaly detection (UAD) attracts a lot of research interest and drives widespread applications. An inconspicuous yet powerful statistics model, the normalizing flows, is appropriate for anomaly detection and localization in an unsupervised fashion. We propose a novel Multi-Scale Flow-based framework dubbed MSFlow composed of asymmetrical parallel flows followed by a fusion flow. Our MSFlow achieves a new state-of-the-art with a detection AUORC score of up to 99.7%, localization AUCROC score of 98.8%, and PRO score of 97.1%.
  arXiv  Detail & Related papers  (2023-08-29T13:38:35Z)
• Efficient pattern-based anomaly detection in a network of multivariate devices [0.17188280334580192]
  We propose a scalable approach to detect anomalies using a two-step approach. First, we recover relations between entities in the network, since relations are often dynamic in nature and caused by an unknown underlying process. Next, we report anomalies based on an embedding of sequential patterns.
  arXiv  Detail & Related papers  (2023-05-07T16:05:30Z)
• Abnormal Event Detection via Hypergraph Contrastive Learning [54.80429341415227]
  Abnormal event detection plays an important role in many real applications. In this paper, we study the unsupervised abnormal event detection problem in Attributed Heterogeneous Information Network. A novel hypergraph contrastive learning method, named AEHCL, is proposed to fully capture abnormal event patterns.
  arXiv  Detail & Related papers  (2023-04-02T08:23:20Z)
• Streaming Anomaly Detection [7.60882697435906]
  We first propose MIDAS which uses a count-min sketch to detect anomalous edges in dynamic graphs in an online manner. We then extend the count-min sketch to a Higher-Order sketch to capture complex relations in graph data. Using this sketch, we propose four streaming methods to detect edge and subgraph anomalies.
  arXiv  Detail & Related papers  (2023-01-30T18:59:51Z)
• Detecting Multivariate Time Series Anomalies with Zero Known Label [17.930211011723447]
  MTGFlow is an unsupervised anomaly detection approach for multivariate time series anomaly detection. The complex interdependencies among entities and the diverse inherent characteristics of each entity pose significant challenges on the density estimation. Experiments on five public datasets with seven baselines are conducted, MTGFlow outperforms the SOTA methods by up to 5.0 AUROC%.
  arXiv  Detail & Related papers  (2022-08-03T14:38:19Z)
• Deep Federated Anomaly Detection for Multivariate Time Series Data [93.08977495974978]
  We present a Federated Exemplar-based Deep Neural Network (Fed-ExDNN) to conduct anomaly detection for multivariate time series data on different edge devices. We show that ExDNN and Fed-ExDNN can outperform state-of-the-art anomaly detection algorithms and federated learning techniques.
  arXiv  Detail & Related papers  (2022-05-09T05:06:58Z)
• Federated Variational Learning for Anomaly Detection in Multivariate Time Series [13.328883578980237]
  We propose an unsupervised time series anomaly detection framework in a federated fashion. We leave the training data distributed at the edge to learn a shared Variational Autoencoder (VAE) based on Convolutional Gated Recurrent Unit (ConvGRU) model. Experiments on three real-world networked sensor datasets illustrate the advantage of our approach over other state-of-the-art models.
  arXiv  Detail & Related papers  (2021-08-18T22:23:15Z)
• Anomaly Detection for Aggregated Data Using Multi-Graph Autoencoder [21.81622481466591]
  We focus on creating an Anomaly detection models for system logs. We present a thorough analysis of the aggregated data and the relationships between aggregated events. We propose Multiple-graphs autoencoder MGAE, a novel convolutional graphs-autoencoder model.
  arXiv  Detail & Related papers  (2021-01-11T17:38:42Z)
• Multi-Scale One-Class Recurrent Neural Networks for Discrete Event Sequence Anomaly Detection [63.825781848587376]
  We propose OC4Seq, a one-class recurrent neural network for detecting anomalies in discrete event sequences. Specifically, OC4Seq embeds the discrete event sequences into latent spaces, where anomalies can be easily detected.
  arXiv  Detail & Related papers  (2020-08-31T04:48:22Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.