A Two-Stage Temporal Anomaly Detection Algorithm Based on Danger Theory

Anomaly detection is to identify the abnormal states from time series, which is widely used for early diagnosis or warning in various areas. In recent years, there are many algorithms developed for anomaly detection. However, the time series from different areas have obvious specificities, which limits the generalization of the current anomaly detection approaches. In this study, we proposed a two-stage anomaly detection algorithm (TSAD) to identify discords in univariate time series. Based on Danger Theory, the TSAD approach determined an abnormal subsequence using a two-stage recognition strategy, recognition signal is referred as a danger signal to report the candidate abnormal subsequences, and the response signal is to determine if a candidate subsequence is an anomaly based on its statistical properties. To validate the effectiveness, we applied our developed approach on extensive time series. The simulation results indicate that TSAD is capable of identifying discords from time series. Besides, comparison with other typical algorithms also proved that it is outstanding to others.

[1]  Kishan G. Mehrotra,et al.  Clustering-Based Anomaly Detection Approaches , 2017 .

[2]  Dong Li,et al.  A method of anomaly detection and fault diagnosis with online adaptive learning under small training samples , 2017, Pattern Recognit..

[3]  S. Carpenter,et al.  Early-warning signals for critical transitions , 2009, Nature.

[4]  R. Savit,et al.  Time series and dependent variables , 1991 .

[5]  Jaideep Srivastava,et al.  A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection , 2003, SDM.

[6]  Mehmet Karakose,et al.  An approach for automated fault diagnosis based on a fuzzy decision tree and boundary analysis of a reconstructed phase space. , 2014, ISA transactions.

[7]  Mehrdad Nouri Khajavi,et al.  Intelligent fault classification of rolling bearings using neural network and discrete wavelet transform , 2014 .

[8]  Min Hu,et al.  Visual Early-Warning Signal Detection for Critical Transitions , 2017 .

[9]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[10]  Eamonn J. Keogh,et al.  HOT SAX: efficiently finding the most unusual time series subsequence , 2005, Fifth IEEE International Conference on Data Mining (ICDM'05).

[11]  Luci Pirmez,et al.  Intrusion Detection System for Wireless Sensor Networks Using Danger Theory Immune-Inspired Techniques , 2012, International Journal of Wireless Information Networks.

[12]  F. Takens Detecting strange attractors in turbulence , 1981 .

[13]  Qiang Chen,et al.  An anomaly detection technique based on a chi‐square statistic for detecting intrusions into information systems , 2001 .

[14]  Tiejun Zhao,et al.  Self-adaptive statistical process control for anomaly detection in time series , 2016, Expert Syst. Appl..

[15]  Michael S. Gashler,et al.  A continuum among logarithmic, linear, and exponential functions, and its potential to improve generalization in neural networks , 2015, 2015 7th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management (IC3K).

[16]  Li Chun-Gui,et al.  A method for distinguishing dynamical species in chaotic time series , 2003 .

[17]  Mohd Zalisham Jali,et al.  A Perception Model of Spam Risk Assessment Inspired by Danger Theory of Artificial Immune Systems , 2015 .

[18]  Jianzhong Fu,et al.  Intelligent fault diagnosis using rough set method and evidence theory for NC machine tools , 2009, Int. J. Comput. Integr. Manuf..

[19]  Witold Pedrycz,et al.  Multivariate time series anomaly detection: A framework of Hidden Markov Models , 2017, Appl. Soft Comput..

[20]  Alex Alves Freitas,et al.  A Danger Theory Inspired Approach to Web Mining , 2003, ICARIS.

[21]  Reza Azmi,et al.  SHADuDT: Secure hypervisor-based anomaly detection using danger theory , 2013, Comput. Secur..

[22]  Peter Sommer,et al.  Intrusion detection systems as evidence , 1999, Comput. Networks.

[23]  De-Shuang Huang,et al.  NMFBFS: A NMF-Based Feature Selection Method in Identifying Pivotal Clinical Symptoms of Hepatocellular Carcinoma , 2015, Comput. Math. Methods Medicine.

[24]  Melvin Cohn,et al.  A Theory of Self-Nonself Discrimination , 1970, Science.

[25]  P. Matzinger The Danger Model: A Renewed Sense of Self , 2002, Science.

[26]  Felix Naumann,et al.  Data fusion , 2009, CSUR.