Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
133 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
46 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

METER: A Dynamic Concept Adaptation Framework for Online Anomaly Detection (2312.16831v1)

Published 28 Dec 2023 in cs.LG

Abstract: Real-time analytics and decision-making require online anomaly detection (OAD) to handle drifts in data streams efficiently and effectively. Unfortunately, existing approaches are often constrained by their limited detection capacity and slow adaptation to evolving data streams, inhibiting their efficacy and efficiency in handling concept drift, which is a major challenge in evolving data streams. In this paper, we introduce METER, a novel dynamic concept adaptation framework that introduces a new paradigm for OAD. METER addresses concept drift by first training a base detection model on historical data to capture recurring central concepts, and then learning to dynamically adapt to new concepts in data streams upon detecting concept drift. Particularly, METER employs a novel dynamic concept adaptation technique that leverages a hypernetwork to dynamically generate the parameter shift of the base detection model, providing a more effective and efficient solution than conventional retraining or fine-tuning approaches. Further, METER incorporates a lightweight drift detection controller, underpinned by evidential deep learning, to support robust and interpretable concept drift detection. We conduct an extensive experimental evaluation, and the results show that METER significantly outperforms existing OAD approaches in various application scenarios.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (93)
  1. 1999. KDD Cup Dataset. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html. Accessed:2023-07.
  2. Practical approach to asynchronous multivariate time series anomaly detection and localization. In Proceedings of the 27th ACM SIGKDD conference on knowledge discovery & data mining. 2485–2494.
  3. Unsupervised real-time anomaly detection for streaming data. Neurocomputing 262 (2017), 134–147.
  4. Jinwon An and Sungzoon Cho. 2015. Variational autoencoder based anomaly detection using reconstruction probability. Special lecture on IE 2, 1 (2015), 1–18.
  5. Fabrizio Angiulli and Fabio Fassetti. 2007. Detecting distance-based outliers in streams of data. In Proceedings of the sixteenth ACM conference on Conference on information and knowledge management. 811–820.
  6. Usad: Unsupervised anomaly detection on multivariate time series. In Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. 3395–3404.
  7. Mstream: Fast anomaly detection in multi-aspect streams. In Proceedings of the Web Conference 2021. 3371–3382.
  8. MemStream: Memory-Based Streaming Anomaly Detection. In Proceedings of the ACM Web Conference 2022. 610–621.
  9. Albert Bifet and Ricard Gavalda. 2007. Learning from time-changing data with adaptive windowing. In Proceedings of the 2007 SIAM international conference on data mining. SIAM, 443–448.
  10. Unsupervised and scalable subsequence anomaly detection in large data series. The VLDB Journal (2021), 1–23.
  11. SAND: streaming subsequence anomaly detection. Proceedings of the VLDB Endowment 14, 10 (2021), 1717–1729.
  12. LOF: identifying density-based local outliers. In Proceedings of the 2000 ACM SIGMOD international conference on Management of data. 93–104.
  13. Arm-Net: Adaptive relation modeling network for structured data. In Proceedings of the 2021 International Conference on Management of Data. 207–220.
  14. Apache flink: Stream and batch processing in a single engine. The Bulletin of the Technical Committee on Data Engineering 38, 4 (2015).
  15. Fedd: Feature extraction for explicit concept drift detection in time series. In 2016 International Joint Conference on Neural Networks (IJCNN). IEEE, 740–747.
  16. Anomaly detection: A survey. ACM computing surveys (CSUR) 41, 3 (2009), 1–58.
  17. Sudarshan S Chawathe and Hector Garcia-Molina. 1997. Meaningful change detection in structured data. ACM SIGMOD Record 26, 2 (1997), 26–37.
  18. Adaptive performance anomaly detection for online service systems via pattern sketching. In Proceedings of the 44th International Conference on Software Engineering. 61–72.
  19. The UCR Time Series Classification Archive. https://www.cs.ucr.edu/~eamonn/time_series_data_2018/UCR_TimeSeriesAnomalyDatasets2021.zip. Accessed:2023-07.
  20. Hanqiu Deng and Xingyu Li. 2022. Anomaly detection via reverse distillation from one-class embedding. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. 9737–9746.
  21. Zhiguo Ding and Minrui Fei. 2013. An anomaly detection approach based on isolation forest algorithm for streaming data using sliding window. IFAC Proceedings Volumes 46, 20 (2013), 12–17.
  22. Quantitative comparison of unsupervised anomaly detection algorithms for intrusion detection. In Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing. 318–327.
  23. A Reliable and Interpretable Framework of Multi-view Learning for Liver Fibrosis Staging. arXiv preprint arXiv:2306.12054 (2023).
  24. Memorizing normality to detect anomaly: Memory-augmented deep autoencoder for unsupervised anomaly detection. In Proceedings of the IEEE/CVF International Conference on Computer Vision. 1705–1714.
  25. Pidforest: anomaly detection via partial identification. Advances in Neural Information Processing Systems 32 (2019).
  26. Robust random cut forest based anomaly detection on streams. In International conference on machine learning. PMLR, 2712–2721.
  27. KNN model-based approach in classification. In On The Move to Meaningful Internet Systems 2003: CoopIS, DOA, and ODBASE: OTM Confederated International Conferences, CoopIS, DOA, and ODBASE 2003, Catania, Sicily, Italy, November 3-7, 2003. Proceedings. Springer, 986–996.
  28. Hypernetworks. arXiv preprint arXiv:1609.09106 (2016).
  29. Trusted multi-view classification with dynamic evidential fusion. IEEE transactions on pattern analysis and machine intelligence 45, 2 (2022), 2551–2566.
  30. Statistical testing for efficient out of distribution detection in deep neural networks. arXiv preprint arXiv:2102.12967 (2021).
  31. Deep residual learning for image recognition. In Proceedings of the IEEE conference on computer vision and pattern recognition. 770–778.
  32. Financial Fraud:: A Review of Anomaly Detection Techniques and Recent Advances. (2022).
  33. Detecting volatility shift in data streams. In 2014 IEEE International Conference on Data Mining. IEEE, 863–868.
  34. Hao Huang and Shiva Prasad Kasiviswanathan. 2015. Streaming anomaly detection using randomized matrix sketching. Proceedings of the VLDB Endowment 9, 3 (2015), 192–203.
  35. Audun Jsang. 2018. Subjective Logic: A formalism for reasoning under uncertainty. Springer Publishing Company, Incorporated.
  36. Outlier Detection for Time Series with Recurrent Autoencoder Ensembles.. In IJCAI. 2725–2732.
  37. Rapp: Novelty detection with reconstruction along projection pathway. In International Conference on Learning Representations.
  38. Diederik P. Kingma and Jimmy Ba. 2015. Adam: A Method for Stochastic Optimization. In 3rd International Conference on Learning Representations, ICLR.
  39. Diederik P Kingma and Max Welling. 2013. Auto-encoding variational bayes. arXiv preprint arXiv:1312.6114 (2013).
  40. Frank Klinker. 2011. Exponential moving average versus moving exponential average. Mathematische Semesterberichte 58 (2011), 97–107.
  41. Marius Kloft and Pavel Laskov. 2010. Online anomaly detection under adversarial impact. In Proceedings of the thirteenth international conference on artificial intelligence and statistics. JMLR Workshop and Conference Proceedings, 405–412.
  42. Marius Kloft and Pavel Laskov. 2012. Security analysis of online centroid anomaly detection. The Journal of Machine Learning Research 13, 1 (2012), 3681–3724.
  43. Robust subspace recovery layer for unsupervised anomaly detection. arXiv preprint arXiv:1904.00152 (2019).
  44. Gradient-based learning applied to document recognition. Proc. IEEE 86, 11 (1998), 2278–2324.
  45. Anomaly detection of time series with smoothness-inducing sequential variational auto-encoder. IEEE transactions on neural networks and learning systems 32, 3 (2020), 1177–1191.
  46. Unsupervised Contextual Anomaly Detection for Database Systems. In Proceedings of the 2022 International Conference on Management of Data. 788–802.
  47. Isolation forest. In 2008 eighth ieee international conference on data mining. IEEE, 413–422.
  48. Learning under concept drift: A review. IEEE transactions on knowledge and data engineering 31, 12 (2018), 2346–2363.
  49. Matrix profile XXIV: scaling time series anomaly detection to trillions of datapoints and ultra-fast arriving data streams. In Proceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data Mining. 1173–1182.
  50. Alireza Makhzani and Brendan J Frey. 2015. Winner-take-all autoencoders. Advances in neural information processing systems 28 (2015).
  51. xstream: Outlier detection in feature-evolving data streams. In Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. 1963–1972.
  52. Kitsune: an ensemble of autoencoders for online network intrusion detection. arXiv preprint arXiv:1802.09089 (2018).
  53. Dilof: Effective and memory efficient local outlier detection in data streams. In Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. 1993–2002.
  54. Effective and efficient network anomaly detection system using machine learning algorithm. Bulletin of Electrical Engineering and Informatics 8, 1 (2019), 46–51.
  55. Dirichlet and related distributions: Theory, methods and applications. (2011).
  56. Adam Oliner and Jon Stearley. 2007. What Supercomputers Say: A Study of Five System Logs. In 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’07). 575–584. https://doi.org/10.1109/DSN.2007.103
  57. Deep learning for anomaly detection: A review. ACM computing surveys (CSUR) 54, 2 (2021), 1–38.
  58. TSB-UAD: an end-to-end benchmark suite for univariate time-series anomaly detection. Proceedings of the VLDB Endowment 15, 8 (2022), 1697–1711.
  59. Scikit-learn: Machine learning in Python. the Journal of machine Learning research 12 (2011), 2825–2830.
  60. Tomáš Pevnỳ. 2016. Loda: Lightweight on-line detector of anomalies. Machine Learning 102 (2016), 275–304.
  61. Shebuti Rayana. 2016. ODDS Library. https://odds.cs.stonybrook.edu. Accessed:2023-07.
  62. A unifying review of deep and shallow anomaly detection. Proc. IEEE 109, 5 (2021), 756–795.
  63. Healthcare and anomaly detection: using machine learning to predict anomalies in heart rate data. AI & SOCIETY 36, 1 (2021), 149–158.
  64. Video anomaly detection and localisation based on the sparsity and reconstruction error of auto-encoder. Electronics Letters 52, 13 (2016), 1122–1124.
  65. Mayu Sakurada and Takehisa Yairi. 2014. Anomaly detection using autoencoders with nonlinear dimensionality reduction. In Proceedings of the MLSDA 2014 2nd workshop on machine learning for sensory data analysis. 4–11.
  66. Fast memory efficient local outlier detection in data streams. IEEE Transactions on Knowledge and Data Engineering 28, 12 (2016), 3246–3260.
  67. Saket Sathe and Charu C Aggarwal. 2016. Subspace outlier detection in linear time with randomized hashing. In 2016 IEEE 16th International Conference on Data Mining (ICDM). IEEE, 459–468.
  68. Anomaly detection in online social networks. Social networks 39 (2014), 62–70.
  69. Anomaly detection in time series: a comprehensive evaluation. Proceedings of the VLDB Endowment 15, 9 (2022), 1779–1797.
  70. Evidential deep learning to quantify classification uncertainty. Advances in neural information processing systems 31 (2018).
  71. Evidential deep learning for guided molecular property prediction and discovery. ACS central science 7, 8 (2021), 1356–1367.
  72. Challenges in benchmarking stream learning algorithms with real-world data. Data Mining and Knowledge Discovery 34 (2020), 1805–1858.
  73. Fast anomaly detection for streaming data. In Twenty-second international joint conference on artificial intelligence. Citeseer.
  74. Efficient computer network anomaly detection by changepoint detection methods. IEEE Journal of Selected Topics in Signal Processing 7, 1 (2012), 4–11.
  75. A detailed analysis of the KDD CUP 99 data set. In 2009 IEEE symposium on computational intelligence for security and defense applications. Ieee, 1–6.
  76. Anomaly detection using self-organizing maps-based k-nearest neighbor algorithm. In PHM society European conference, Vol. 2.
  77. PROUD: parallel outlier detection for streams. In Proceedings of the 2020 ACM SIGMOD International Conference on Management of Data. 2717–2720.
  78. Distance-based outlier detection in data streams. Proceedings of the VLDB Endowment 9, 12 (2016), 1089–1100.
  79. Real-time distance-based outlier detection in data streams. Proceedings of the VLDB Endowment 14, 2 (2020), 141–153.
  80. Anomaly detection with adversarial dual autoencoders. arXiv preprint arXiv:1902.06924 (2019).
  81. GuardHealth: Blockchain empowered secure data management and Graph Convolutional Network enabled anomaly detection in smart healthcare. J. Parallel and Distrib. Comput. 142 (2020), 1–12.
  82. Wider or deeper: Revisiting the resnet model for visual recognition. Pattern Recognition 90 (2019), 119–133.
  83. Fashion-mnist: a novel image dataset for benchmarking machine learning algorithms. arXiv preprint arXiv:1708.07747 (2017).
  84. Selim F Yilmaz and Suleyman S Kozat. 2020. Pysad: A streaming anomaly detection framework in python. arXiv preprint arXiv:2009.02572 (2020).
  85. Ultrafast local outlier detection from a data stream with stationary region skipping. In Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. 1181–1191.
  86. Adaptive Model Pooling for Online Deep Anomaly Detection from a Complex Evolving Data Stream. In Proceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data Mining. 2347–2357.
  87. Multiple dynamic outlier-detection from a data stream by exploiting duality of data and queries. In Proceedings of the 2021 International Conference on Management of Data. 2063–2075.
  88. Adversarially learned anomaly detection. In 2018 IEEE International conference on data mining (ICDM). IEEE, 727–736.
  89. Identifying bad software changes via multimodal anomaly detection for online service systems. In Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 527–539.
  90. An empirical investigation of practical log anomaly detection for online service systems. In Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 1404–1415.
  91. Pyod: A python toolbox for scalable outlier detection. arXiv preprint arXiv:1901.01588 (2019).
  92. Tracer: A framework for facilitating accurate and interpretable analytics for high stakes applications. In Proceedings of the 2020 ACM SIGMOD International Conference on Management of Data. 1747–1763.
  93. Deep autoencoding gaussian mixture model for unsupervised anomaly detection. In International conference on learning representations.
Citations (4)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now