Anomaly Detection Models Based on Context-Aware Sequential Long Short-Term Memory Learning

For a large and complex system that provides services to users, an exception can cause cascading failures if it is not detected and handled in time. System monitoring and anomaly detection can be used to identify system malfunctioning. However, as the size and the complexity of the online service system increases, anomaly detection becomes a challenging problem. This is because the size, complexity and correlation among the data bring great difficulties to anomaly detection process. To address the above challenges, we propose three context-aware sequential Long Short-Term Memory (LSTM) learning models for multi-dimensional anomaly detection, namely, LastLSTM model, AvgLSTM model and CirclLSTM model. In particular, the CirclLSTM model is a period-related LSTM model that can integrate cyclical system historical information into anomaly learning. We evaluated our methods based on three real-world datasets. Our experimental results show that our method can achieve a higher accuracy than other baseline methods such as the Gaussian Naive Bayes (GaussianNB) model, k-nearest neighbors (KNN) algorithm and Logistic Regression (LR) model.

[1]  Depei Qian,et al.  PSOM: Periodic Self-Organizing Maps for unsupervised anomaly detection in periodic time series , 2017, 2017 IEEE/ACM 25th International Symposium on Quality of Service (IWQoS).

[2]  Sridhar Adepu,et al.  Anomaly Detection in Cyber Physical Systems Using Recurrent Neural Networks , 2017, 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE).

[3]  Peter J. Rousseeuw,et al.  Robust regression and outlier detection , 1987 .

[4]  Claudio Sartori,et al.  Distributed Strategies for Mining Outliers in Large Data Sets , 2013, IEEE Transactions on Knowledge and Data Engineering.

[5]  Alexandros Nanopoulos,et al.  Reverse Nearest Neighbors in Unsupervised Distance-Based Outlier Detection , 2015, IEEE Transactions on Knowledge and Data Engineering.

[6]  Kamesh Munagala,et al.  Fa: A System for Automating Failure Diagnosis , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[7]  Martin Chovanec,et al.  INTRUSION DETECTION SYSTEM USING SELF ORGANIZING MAP , 2006 .

[8]  Clara Pizzuti,et al.  Distance-based detection and prediction of outliers , 2006, IEEE Transactions on Knowledge and Data Engineering.

[9]  Sankar K. Pal,et al.  Rough Sets, Kernel Set, and Spatiotemporal Outlier Detection , 2014, IEEE Transactions on Knowledge and Data Engineering.

[10]  Philip S. Yu,et al.  SPADE: the system s declarative stream processing engine , 2008, SIGMOD Conference.

[11]  Pasi Fränti,et al.  Outlier Detection Using k-Nearest Neighbour Graph , 2004, ICPR.

[12]  Les E. Atlas,et al.  Recurrent neural networks and robust time series prediction , 1994, IEEE Trans. Neural Networks.

[13]  Depei Qian,et al.  Using recurrent neural networks toward black-box system anomaly prediction , 2016, 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS).