ADSaS

Comprehensive real-time anomaly detection system

Sooyeon Lee, Huy Kang Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Since with massive data growth, the need for autonomous and generic anomaly detection system is increased. However, developing one stand-alone generic anomaly detection system that is accurate and fast is still a challenge. In this paper, we propose conventional time-series analysis approaches, the Seasonal Autoregressive Integrated Moving Average (SARIMA) model and Seasonal Trend decomposition using Loess (STL), to detect complex and various anomalies. Usually, SARIMA and STL are used only for stationary and periodic time-series, but by combining, we show they can detect anomalies with high accuracy for data that is even noisy and non-periodic. We compared the algorithm to Long Short Term Memory (LSTM), a deep-learning-based algorithm used for anomaly detection system. We used a total of seven real-world datasets and four artificial datasets with different time-series properties to verify the performance of the proposed algorithm.

Original languageEnglish
Title of host publicationInformation Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers
EditorsBrent ByungHoon Kang, JinSoo Jang
PublisherSpringer Verlag
Pages29-41
Number of pages13
ISBN (Print)9783030179816
DOIs
Publication statusPublished - 2019 Jan 1
Event19th World International Conference on Information Security and Application, WISA 2018 - Jeju Island, Korea, Republic of
Duration: 2018 Aug 232018 Aug 25

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11402 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference19th World International Conference on Information Security and Application, WISA 2018
CountryKorea, Republic of
CityJeju Island
Period18/8/2318/8/25

Fingerprint

Anomaly Detection
Real-time
Anomaly
Time series
Moving Average Model
Time series analysis
Memory Term
Moving Average
Time Series Analysis
Integrated Model
High Accuracy
Verify
Decomposition
Decompose

Keywords

  • Anomaly detection
  • Data stream
  • Real-time
  • SARIMA
  • STL

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Lee, S., & Kim, H. K. (2019). ADSaS: Comprehensive real-time anomaly detection system. In B. B. Kang, & J. Jang (Eds.), Information Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers (pp. 29-41). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11402 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-17982-3_3

ADSaS : Comprehensive real-time anomaly detection system. / Lee, Sooyeon; Kim, Huy Kang.

Information Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers. ed. / Brent ByungHoon Kang; JinSoo Jang. Springer Verlag, 2019. p. 29-41 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11402 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Lee, S & Kim, HK 2019, ADSaS: Comprehensive real-time anomaly detection system. in BB Kang & J Jang (eds), Information Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11402 LNCS, Springer Verlag, pp. 29-41, 19th World International Conference on Information Security and Application, WISA 2018, Jeju Island, Korea, Republic of, 18/8/23. https://doi.org/10.1007/978-3-030-17982-3_3
Lee S, Kim HK. ADSaS: Comprehensive real-time anomaly detection system. In Kang BB, Jang J, editors, Information Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers. Springer Verlag. 2019. p. 29-41. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-030-17982-3_3
Lee, Sooyeon ; Kim, Huy Kang. / ADSaS : Comprehensive real-time anomaly detection system. Information Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers. editor / Brent ByungHoon Kang ; JinSoo Jang. Springer Verlag, 2019. pp. 29-41 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{59f44783451d4387b8318e3a377e6e02,
title = "ADSaS: Comprehensive real-time anomaly detection system",
abstract = "Since with massive data growth, the need for autonomous and generic anomaly detection system is increased. However, developing one stand-alone generic anomaly detection system that is accurate and fast is still a challenge. In this paper, we propose conventional time-series analysis approaches, the Seasonal Autoregressive Integrated Moving Average (SARIMA) model and Seasonal Trend decomposition using Loess (STL), to detect complex and various anomalies. Usually, SARIMA and STL are used only for stationary and periodic time-series, but by combining, we show they can detect anomalies with high accuracy for data that is even noisy and non-periodic. We compared the algorithm to Long Short Term Memory (LSTM), a deep-learning-based algorithm used for anomaly detection system. We used a total of seven real-world datasets and four artificial datasets with different time-series properties to verify the performance of the proposed algorithm.",
keywords = "Anomaly detection, Data stream, Real-time, SARIMA, STL",
author = "Sooyeon Lee and Kim, {Huy Kang}",
year = "2019",
month = "1",
day = "1",
doi = "10.1007/978-3-030-17982-3_3",
language = "English",
isbn = "9783030179816",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "29--41",
editor = "Kang, {Brent ByungHoon} and JinSoo Jang",
booktitle = "Information Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers",

}

TY - GEN

T1 - ADSaS

T2 - Comprehensive real-time anomaly detection system

AU - Lee, Sooyeon

AU - Kim, Huy Kang

PY - 2019/1/1

Y1 - 2019/1/1

N2 - Since with massive data growth, the need for autonomous and generic anomaly detection system is increased. However, developing one stand-alone generic anomaly detection system that is accurate and fast is still a challenge. In this paper, we propose conventional time-series analysis approaches, the Seasonal Autoregressive Integrated Moving Average (SARIMA) model and Seasonal Trend decomposition using Loess (STL), to detect complex and various anomalies. Usually, SARIMA and STL are used only for stationary and periodic time-series, but by combining, we show they can detect anomalies with high accuracy for data that is even noisy and non-periodic. We compared the algorithm to Long Short Term Memory (LSTM), a deep-learning-based algorithm used for anomaly detection system. We used a total of seven real-world datasets and four artificial datasets with different time-series properties to verify the performance of the proposed algorithm.

AB - Since with massive data growth, the need for autonomous and generic anomaly detection system is increased. However, developing one stand-alone generic anomaly detection system that is accurate and fast is still a challenge. In this paper, we propose conventional time-series analysis approaches, the Seasonal Autoregressive Integrated Moving Average (SARIMA) model and Seasonal Trend decomposition using Loess (STL), to detect complex and various anomalies. Usually, SARIMA and STL are used only for stationary and periodic time-series, but by combining, we show they can detect anomalies with high accuracy for data that is even noisy and non-periodic. We compared the algorithm to Long Short Term Memory (LSTM), a deep-learning-based algorithm used for anomaly detection system. We used a total of seven real-world datasets and four artificial datasets with different time-series properties to verify the performance of the proposed algorithm.

KW - Anomaly detection

KW - Data stream

KW - Real-time

KW - SARIMA

KW - STL

UR - http://www.scopus.com/inward/record.url?scp=85065013521&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85065013521&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-17982-3_3

DO - 10.1007/978-3-030-17982-3_3

M3 - Conference contribution

SN - 9783030179816

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 29

EP - 41

BT - Information Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers

A2 - Kang, Brent ByungHoon

A2 - Jang, JinSoo

PB - Springer Verlag

ER -