Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Multi-level anomaly detection method based on exponential smoothing and integrated learning model

An exponential smoothing and integrated learning technology, applied in the field of integrated learning classification technology, can solve the problems of high false alarms, unsuitable detection, and low accuracy

Active Publication Date: 2015-07-22
NANJING UNIV
View PDF3 Cites 53 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among them, the statistical method relies on the idealized probability distribution assumption. Although the calculation speed is the fastest, in many cases, because the assumption cannot describe the essential structure of the application problem well, the accuracy is not high, especially the proportion of false alarms. too high
Anomaly detection algorithms based on classification, clustering, information theory, etc. can use more complex machine learning models, and the accuracy of prediction is guaranteed by the generalization ability of the model. However, the computational complexity of most model training processes is high and cannot be applied to online real-time detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-level anomaly detection method based on exponential smoothing and integrated learning model
  • Multi-level anomaly detection method based on exponential smoothing and integrated learning model
  • Multi-level anomaly detection method based on exponential smoothing and integrated learning model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0066] In order to better understand the technical content of the present invention, specific embodiments are given together with the attached drawings for description as follows.

[0067] The flow chart of the multi-level anomaly detection method based on exponential smoothing, sliding window distribution statistics and integrated learning model of the present invention is as follows figure 1 shown.

[0068] Step 0 is the initial state of the abnormal detection method of the present invention;

[0069] During the statistical detection phase (steps 1-3):

[0070] Step 1 is to construct a set of key monitoring features based on application scenarios and domain knowledge;

[0071] Step 2 is to model each key feature (exponential smoothing or sliding window distribution statistics) according to the type of feature (discrete or continuous);

[0072] Step 3 is to monitor new records in real time. For each key feature of the new record, the type of feature is judged. The key feat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A multi-level anomaly detection method based on exponential smoothing, sliding window distribution statistics and an integrated learning model comprises the following steps of a statistic detection stage, an integrated learning training stage and an integrated learning classification stage, wherein in the statistic detection stage, a, a key feature set is determined according to the application scene; b, for discrete characteristics, a model is built through a sliding window distribution histogram, and a model is built through exponential smoothing for continuous characteristics; c, the observation features of all key features are input periodically; d, the process is ended. In the integrated learning training stage, a, a training data set is formed by marked normal and abnormal examples; b, a random forest classification model is trained. The method provides a general framework for anomaly detection problems comprising time sequence characteristics and complex behavior patterns and is suitable for online permanent detection, the random forest model is used in the integrated learning stage to achieve the advantages of parallelization and high generalization ability, and the method can be applied to multiple scenes like business violation detection in the telecom industry, credit card fraud detection in the financial industry and network attack detection.

Description

technical field [0001] The invention relates to a detection method for abnormal pattern modeling, especially including exponential smoothing and statistical detection technology suitable for resident rapid screening in massive data scenarios and integrated learning classification technology suitable for parallel detection. Background technique [0002] Abnormal patterns in big data can be intelligently discovered using machine learning and data mining techniques. Anomaly detection is also a hot issue with a wide range of practical scenarios in data mining, such as intrusion detection in the network environment, credit card fraud detection in the financial industry, business violation detection in the telecommunications industry, and new epidemic detection in the medical and health industry. Effective application of anomaly detection can recover high financial losses and even protect human lives for relevant organizations or individuals. [0003] Commonly used anomaly detect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/30
Inventor 吴骏陈飞宇彭岳吴和生李宁谢俊元
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com