Self-Detection of Abnormal Event Sequences
Sponsored by Cisco and NSF
March 2009 -- May 2011
Project Overview
Anomaly detection has a critical role in many modern systems.
Many system behaviors can be captured by sequences of events.
From a large number of event sequences, it is possible to
learn the normal system behaviors and identify anomalies.
The anomaly detection techniques can be applied in many scenarios,
such as software execution traces, information and data flows
for the decision process, supply-chain transactional events,
human-system interoperation behaviors, etc.
We have developed a suite of anomaly detection techniques,
including clustering based, distance based, and automata
based techniques.
For different datasets, different techniques may have
different performance and, hence, specific analysis via
experimentation is very important.
In this project, we apply the anomaly detection techniques to
call control signal processing data traces and analyze the
effectiveness of different schemes.
The best scheme, in terms of anomaly detection precision and
execution time, will be chosen to build a real-time
anomaly detection toolset.
The resulting toolset will be able to catch anomalies on-the-fly.
Project Presentations
- Project Presentation
- Project Report -- Spring 2010
- Project Report -- Fall 2010
- Project Report -- Spring 2011