DOCSLIB.ORG

An Efficient Local Outlier Factor for Data Stream Processing: a Case Study

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
An Efficient Local Outlier Factor for Data Stream Processing: a Case Study 2020 International Conference on Computational Science and Computational Intelligence (CSCI) An Efficient Local Outlier Factor for Data Stream Processing: A Case Study Omar Alghushairy Raed Alsini Xiaogang Ma Department of Computer Science Department of Computer Science Department of Computer Science University of Idaho University of Idaho University of Idaho Moscow, ID, USA Moscow, ID, USA Moscow, ID, USA College of Computer Science and Faculty of Computing and Information [email protected] Engineering Technology University of Jeddah King Abdulaziz University Jeddah, 23890, Saudi Arabia Jeddah, 21589, Saudi Arabia [email protected] [email protected] Abstract— In the field of data mining and machine learning, II. BACKGROUND outlier detection is considered a significant procedure for many A. Big Data applications, such as fraud detection in bank transactions and decision support systems. Data streams are a major player in the Big data is a set of data of a size that exceeds the ability of big data era. Currently, data streams are generated from regular databases to process, store, transfer, manage, share and various sources with huge amounts of data. This has led to analyze within an acceptable period of time [5]. Big data difficulty when using older algorithms, which are designed for comes in three different modes: structured data, semi- static data. The Local Outlier Factor (LOF) is one of these structured data, and unstructured data [6]. The most important algorithms. The most challenging issue of the LOF is that it type of big data is the data stream, which has the needs to preserve the whole dataset in computer memory. A new characteristics of volume, velocity, variety, value, and LOF that can deal with a data stream in limited memory is variability. Therefore, it is not possible to process big data by needed. This paper is a case study of several benchmark datasets traditional methods. Currently, there is an urgent need to for outlier detection that aim to increase the efficiency of the develop new algorithms of processing and managing big data. accuracy of local outlier detection in data streams. B. Data Stream Keywords—local outlier factor, data science, stream data A data stream is a collection of continuous data processed mining, genetic algorithm, outlier detection (short paper) to collect knowledge and extract information [7]. Data streams Symposium on Computational Intelligence (CSCI-ISCI) represent big data as primary sources by having various applications in different properties such as volume, velocity, I. INTRODUCTION variety, value, and veracity [8, 9]. Volume refers to the large Outlier detection attempts to distinguish a data point that volume of data assembled and analyzed. Velocity involves the is distinct from the rest of the given data. Outliers occur during pace at which data between various systems and devices are a procedure or as a consequence of an error of measurement generated and transported. Variety applies multiple types of [1]. By detecting outliers, essential information can be data that may be used to obtain the required knowledge or obtained to make better decisions in various applications, such performance; it involves the data modes of structured, as fraud transactions in credit card and intrusion detection [3]. unstructured, and semi-structured data [6, 9]. Value refers to Outlier detection techniques have been widely used in the advantages in extracting the information from the big data. machine learning and data mining to extract information and Lastly, veracity involves the quality of the data for precision, to clean data, for example, in various domains for the purpose integrity, confidence, protection, and reliability. Due to the of decision-making, clustering, classification, and identifying nature of the data stream with regard to these five significant frequent patterns [2, 4]. One of the popular algorithms used to data properties, data stream processing requires various process outliers detection is the Local Outlier Factor (LOF). methods to evaluate the data points in the data stream The LOF algorithm is a density-based outlier detection environment. technique. It is used to evaluate the outlier with multi-density C. The Local Outlier Factor (LOF) data points. Despite the LOF success in identifying local outliers, it cannot work in stream environments because it The LOF is a popular algorithm for outlier detection and requires retaining the whole dataset in memory. is considered the foremost algorithm in local outlier detection in static environments. The LOF aims to calculate a score for This paper describes the main challenges and all data points when determining how close a data point is to methodologies of processing the LOF in the stream an outlier. Figure 1 illustrates the key definitions for environment. Data streams produce massive data that calculating the LOF score for data point p [10]. continually expand at great velocity. The data cannot be processed entirely in computer memory because the data D. The Incremental Local Outlier Factor (ILOF) keeps increasing [1]. The paper has six remaining parts: The ILOF solves the issue of the LOF in a data stream and second is Background, third is Problem Definition, fourth is is able to calculate the score of the LOF in a stream Direction to New Development, fifth is Dataset, and the sixth environment. The goal of the ILOF algorithm is to detect the is Discussion and Conclusion. local outliers in data streams [11]. The main task in the ILOF 978-1-7281-7624-6/20/$31.00 ©2020 IEEE 1525 DOI 10.1109/CSCI51800.2020.00282 is to calculate and update the LOF score when a new incoming spaces that include many local minima. This is because the data point (np) is inserted. However, the major issue for the genetic algorithm is a population-based search technique and ILOF is that it needs to retain all data points in memory, which it has crossover and mutation operators to more widely search leads to a large usage of memory and long computational time. spaces. E. The Density Summarization Incremental Local Outlier The GILOF algorithm finds the LOF score in the data Factor (DILOF) stream in two steps: the detection step and the summarization The DILOF is an algorithm that was developed to step [13]. To operate the detection step, both the LOF and the overcome the vulnerability of the ILOF. The DILOF ILOF are applied with skipping scheme. In the summarization algorithm has two steps: the summarization step and the step the genetic density summarization (GDS) is applied. the detection step. The task of summarization step is to summarize next section describes the GDS method. The GILOF the old half of data points in the current window by using the algorithm function begins by specifying the window size as W gradient-descent method. An issue for gradient-descent is that for data points. The threshold value θ is employed to it might be stuck in local minima. The task of detection step is distinguish outliers according to the LOF threshold. Then, the to detect the outliers and update the data points [12]. GDS function is used in the summarization step. The GILOF will keep detecting outliers and measure the LOF scores until the current window reaches the determined window size. The GDS is used to summarize 50%W of the old data points in the window. Then, the GILOF selects 25%W of data points to represent 50%W of old data points, which are then deleted from the window; the 25%W of data points are transferred to the window to combine with the remaining 50%W. Figure 2 illustrates how the GILOF algorithm works in a data stream1. For more details refer to [13]. Fig. 1. The key definitions of LOF. III. PROBLEM DEFINITION We are currently in the big data era, and the most significant type of big data is the data stream. With the Fig. 2. GILOF process for a data stream in two dimensional from time T0 to Tcurrent [13]. increasing need to analyze and process high-velocity streaming data, it has become difficult to use traditional local outlier detection algorithms effectively. The main challenge A. Genetic Density Summarization (GDS) of the LOF is that it needs the whole dataset and the distance values between all data points to be stored in memory. In The GDS algorithm aims to summarize the old data points addition, the LOF requires being recalculated from the in the window. The GDS performs the process by applying the beginning when any alteration occurs in the dataset. The ILOF genetic algorithm (GA) to minimize the difference in density and DILOF algorithms address the LOF issues in data streams, between the 50% of old data points and the selected 25% of but they also have some issues that limit their performance, as data points. GA is hypothesized to be better than the gradient- mentioned above. descent method. The reason for this is that GA is able to discover enough optimal solutions while skipping local IV. A PROPOSED NEW DEVELOPMENT minima. To improve the efficiency of the local outlier factor in data The GDS operates as follows: first, a population is created, streams and overcome the limitation of the DILOF algorithm, and it includes individuals that have chromosomes; then, the we propose a new algorithm called the Genetic-based fitness (objective) function evaluates the chromosomes; next, Incremental Local Outlier Factor (GILOF). The GILOF is the GDS uses the method of selection for each generation; based on the Genetic Algorithm (GA). Actually, the Genetic after that, the crossover process is used; following this, the Algorithm is one of the well-known heuristic search GDS uses the mutation process (the GDS will retain the algorithms that is considered under evolutionary computation optimal results after finishing all the GA operations); and, [15].
Load more

Recommended publications
  • Fastlof: an Expectation-Maximization Based Local Outlier Detection Algorithm
    FastLOF: An Expectation-Maximization based Local Outlier Detection Algorithm Markus Goldstein German Research Center for Artificial Intelligence (DFKI), Kaiserslautern www.dfki.de [email protected] Introduction Performance Improvement Attempts Anomaly detection finds outliers in data sets which Space partitioning algorithms (e.g. search trees): Require time to build the tree • • – only occur very rarely in the data and structure and can be slow when having many dimensions – their features significantly deviate from the normal data Locality Sensitive Hashing (LSH): Approximates neighbors well in dense areas but • Three different anomaly detection setups exist [4]: performs poor for outliers • 1. Supervised anomaly detection (labeled training and test set) FastLOF Idea: Estimate the nearest neighbors for dense areas approximately and compute • 2. Semi-supervised anomaly detection exact neighbors for sparse areas (training with normal data only and labeled test set) Expectation step: Find some (approximately correct) neighbors and estimate • LRD/LOF based on them Maximization step: For promising candidates (LOF > θ ), find better neighbors • 3. Unsupervised anomaly detection (one data set without any labels) Algorithm 1 The FastLOF algorithm 1: Input 2: D = d1,...,dn: data set with N instances 3: c: chunk size (e.g. √N) 4: θ: threshold for LOF In this work, we present an unsupervised algorithm which scores instances in a 5: k: number of nearest neighbors • Output given data set according to their outlierliness 6: 7: LOF = lof1,...,lofn:
    [Show full text]
  • Incremental Local Outlier Detection for Data Streams
    IEEE Symposium on Computational Intelligence and Data Mining (CIDM), April 2007 Incremental Local Outlier Detection for Data Streams Dragoljub Pokrajac Aleksandar Lazarevic Longin Jan Latecki CIS Dept. and AMRC United Tech. Research Center CIS Department. Delaware State University 411 Silver Lane, MS 129-15 Temple University Dover DE 19901 East Hartford, CT 06108, USA Philadelphia, PA 19122 Abstract. Outlier detection has recently become an important have labeled data, which can be extremely time consuming for problem in many industrial and financial applications. This real life applications, and (2) inability to detect new types of problem is further complicated by the fact that in many cases, rare events. In contrast, unsupervised learning methods outliers have to be detected from data streams that arrive at an typically do not require labeled data and detect outliers as data enormous pace. In this paper, an incremental LOF (Local Outlier points that are very different from the normal (majority) data Factor) algorithm, appropriate for detecting outliers in data streams, is proposed. The proposed incremental LOF algorithm based on some measure [3]. These methods are typically provides equivalent detection performance as the iterated static called outlier/anomaly detection techniques, and their success LOF algorithm (applied after insertion of each data record), depends on the choice of similarity measures, feature selection while requiring significantly less computational time. In addition, and weighting, etc. They have the advantage of detecting new the incremental LOF algorithm also dynamically updates the types of rare events as deviations from normal behavior, but profiles of data points. This is a very important property, since on the other hand they suffer from a possible high rate of false data profiles may change over time.
    [Show full text]
  • A Two-Level Approach Based on Integration of Bagging and Voting for Outlier Detection
    Research Paper A Two-Level Approach based on Integration of Bagging and Voting for Outlier Detection Alican Dogan1, Derya Birant2† 1The Graduate School of Natural and Applied Sciences, Dokuz Eylul University, Izmir, Turkey 2Department of Computer Engineering, Dokuz Eylul University, Izmir, Turkey Citation: Dogan, Alican and Derya Birant. “A two- level approach based on Abstract integration of bagging and voting for outlier Purpose: The main aim of this study is to build a robust novel approach that is able to detect detection.” Journal of outliers in the datasets accurately. To serve this purpose, a novel approach is introduced to Data and Information determine the likelihood of an object to be extremely different from the general behavior of Science, vol. 5, no. 2, 2020, pp. 111–135. the entire dataset. https://doi.org/10.2478/ Design/methodology/approach: This paper proposes a novel two-level approach based jdis-2020-0014 on the integration of bagging and voting techniques for anomaly detection problems. The Received: Dec. 13, 2019 proposed approach, named Bagged and Voted Local Outlier Detection (BV-LOF), benefits Revised: Apr. 27, 2020 Accepted: Apr. 29, 2020 from the Local Outlier Factor (LOF) as the base algorithm and improves its detection rate by using ensemble methods. Findings: Several experiments have been performed on ten benchmark outlier detection datasets to demonstrate the effectiveness of the BV-LOF method. According to the results, the BV-LOF approach significantly outperformed LOF on 9 datasets of 10 ones on average. Research limitations: In the BV-LOF approach, the base algorithm is applied to each subset data multiple times with different neighborhood sizes (k) in each case and with different ensemble sizes (T).
    [Show full text]
  • Accelerating the Local Outlier Factor Algorithm on a GPU for Intrusion Detection Systems
    Accelerating the Local Outlier Factor Algorithm on a GPU for Intrusion Detection Systems Malak Alshawabkeh Byunghyun Jang David Kaeli Dept of Electrical and Dept. of Electrical and Dept. of Electrical and Computer Engineering Computer Engineering Computer Engineering Northeastern University Northeastern University Northeastern University Boston, MA Boston, MA Boston, MA [email protected] [email protected] [email protected] ABSTRACT 1. INTRODUCTION The Local Outlier Factor (LOF) is a very powerful anomaly The Local Outlier Factor (LOF) [3] algorithm is a powerful detection method available in machine learning and classifi- outlier detection technique that has been widely applied to cation. The algorithm defines the notion of local outlier in anomaly detection and intrusion detection systems. LOF which the degree to which an object is outlying is dependent has been applied in a number of practical applications such on the density of its local neighborhood, and each object can as credit card fraud detection [5], product marketing [16], be assigned an LOF which represents the likelihood of that and wireless sensor network security [6]. object being an outlier. Although this concept of a local out- lier is a useful one, the computation of LOF values for every data object requires a large number of k-nearest neighbor The LOF algorithm utilizes the concept of a local outlier that queries – this overhead can limit the use of LOF due to the captures the degree to which an object is an outlier based computational overhead involved. on the density of its local neighborhood. Each object can be assigned an LOF value which represents the likelihood of that object being an outlier.
    [Show full text]
  • Arxiv:1904.06034V1 [Stat.ML] 12 Apr 2019 Sity Exactly for a Test Instance
    Supervised Anomaly Detection based on Deep Autoregressive Density Estimators Tomoharu Iwata Yuki Yamanaka NTT Communication Science Laboratories NTT Secure Platform Laboratories Abstract autoencoders (VAE) (Kingma and Welling 2013), flow- based generative models (Dinh, Krueger, and Bengio 2014; We propose a supervised anomaly detection method based Dinh, Sohl-Dickstein, and Bengio 2016; Kingma and Dhari- on neural density estimators, where the negative log likeli- wal 2018), and autoregressive models (Uria, Murray, and hood is used for the anomaly score. Density estimators have been widely used for unsupervised anomaly detection. By Larochelle 2013; Raiko et al. 2014; Germain et al. 2015; the recent advance of deep learning, the density estimation Uria et al. 2016). The VAE has been used for anomaly de- performance has been greatly improved. However, the neural tection (An and Cho 2015; Suh et al. 2016; Xu et al. 2018). density estimators cannot exploit anomaly label information, In some situations, the label information, which indicates which would be valuable for improving the anomaly detec- whether each instance is anomalous or normal, is avail- tion performance. The proposed method effectively utilizes able (Gornitz¨ et al. 2013). The label information is valuable the anomaly label information by training the neural density for improving the anomaly detection performance. How- estimator so that the likelihood of normal instances is max- ever, the existing neural network based density estimation imized and the likelihood of anomalous instances is lower methods cannot exploit the label information. To use the than that of the normal instances. We employ an autoregres- sive model for the neural density estimator, which enables anomaly label information, supervised classifiers, such as us to calculate the likelihood exactly.
    [Show full text]
  • A Comparative Evaluation of Semi- Supervised Anomaly Detection Techniques
    DEGREE PROJECT IN COMPUTER ENGINEERING, FIRST CYCLE, 15 CREDITS STOCKHOLM, SWEDEN 2020 A Comparative Evaluation Of Semi- supervised Anomaly Detection Techniques REBWAR BAJALLAN BURHAN HASHI KTH ROYAL INSTITUTE OF TECHNOLOGY SCHOOL OF ELECTRICAL ENGINEERING AND COMPUTER SCIENCE A Comparative Evaluation Of Semi-supervised Anomaly Detection Techniques REBWAR BAJALLAN BURHAN HASHI Degree Project in Computer Science Date: June 9, 2020 Supervisor: Pawel Herman Examiner: Pawel Herman School of Electrical Engineering and Computer Science Swedish title: En jämförande utvärdering av semi-övervakade tekniker för identifiering av uteliggande datapunkter iii Abstract As we are entering the information age and the amount of data is rapidly in- creasing, the task of detecting anomalies has become a necessity in many orga- nizations as anomalies often reveal useful information which in many cases can be critical to save lives or to catch imposters. The semi-supervised approach to anomaly detection which is based on the fact that the user has no infor- mation about anomalies has become widely popular since it’s easier to model the normal state of systems than to obtain information about every anomalous behavior. Therefore, in this study we choose to conduct a comparative evalua- tion of the semi-supervised anomaly detection techniques; Autoencoder, Local outlier factor algorithm, and one class support vector machine, to simplify the process of selecting the right technique when faced with similar anomaly de- tection problems of semi-supervised nature. We found that the local outlier factor algorithm was superior in performance given the Electrocardiograms dataset (ECG5000), achieving a high precision and perfect recall. The autoencoder achieved the best performance given the credit card fraud dataset, even though the remaining models also achieved a relatively high performance that didn’t differ much from that of the autoen- coder.
    [Show full text]
  • Isolation Forest and Local Outlier Factor for Credit Card Fraud Detection System
    International Journal of Engineering and Advanced Technology (IJEAT) ISSN: 2249 – 8958, Volume-9 Issue-4, April 2020 Isolation Forest and Local Outlier Factor for Credit Card Fraud Detection System V. Vijayakumar, Nallam Sri Divya, P. Sarojini, K. Sonika The dataset includes Credit Card purchases made by Abstract: Fraud identification is a crucial issue facing large consumers in Europe during September 2013. Credit card economic institutions, which has caused due to the rise in credit purchases are defined by tracking the conduct of purchases card payments. This paper brings a new approach for the predictive into two classifications: fraudulent and non-fraudulent. identification of credit card payment frauds focused on Isolation Depending on these two groups correlations are generated Forest and Local Outlier Factor. The suggested solution comprises of the corresponding phases: pre-processing of data-sets, training and machine learning algorithms are used to identify and sorting, convergence of decisions and analysis of tests. In this suspicious transactions. Instead, the action of such article, the behavior characteristics of correct and incorrect anomalies can be evaluated using Isolation Forest and transactions are to be taught by two kinds of algorithms local Local Outlier Factor and their final results can be outlier factor and isolation forest. To date, several researchers contrasted to verify which algorithm is better. identified different approaches for identifying and growing such The key problems involved in the identification of frauds. In this paper we suggest analysis of Isolation Forest and credit card fraud are: Immense data is collected on a regular Local Outlier Factor algorithms using python and their basis and the model construct must be quick sufficiently comprehensive experimental results.
    [Show full text]
  • Anomaly Detection Using Signal Segmentation and One-Class Classification in Diffusion Process of Semiconductor Manufacturing
    sensors Article Anomaly Detection Using Signal Segmentation and One-Class Classification in Diffusion Process of Semiconductor Manufacturing Kyuchang Chang 1, Youngji Yoo 2 and Jun-Geol Baek 1,* 1 Department of Industrial and Management Engineering, Korea University, Seoul 02841, Korea; [email protected] 2 Samsung Electronics Co., Ltd., Hwaseong-si 18448, Korea; [email protected] * Correspondence: [email protected]; Tel.: +82-2-3290-3396 Abstract: This paper proposes a new diagnostic method for sensor signals collected during semi- conductor manufacturing. These signals provide important information for predicting the quality and yield of the finished product. Much of the data gathered during this process is time series data for fault detection and classification (FDC) in real time. This means that time series classification (TSC) must be performed during fabrication. With advances in semiconductor manufacturing, the distinction between normal and abnormal data has become increasingly significant as new challenges arise in their identification. One challenge is that an extremely high FDC performance is required, which directly impacts productivity and yield. However, general classification algorithms can have difficulty separating normal and abnormal data because of subtle differences. Another challenge is that the frequency of abnormal data is remarkably low. Hence, engineers can use only normal data to Citation: Chang, K.; Yoo, Y.; Baek, develop their models. This study presents a method that overcomes these problems and improves J.-G. Anomaly Detection Using Signal the FDC performance; it consists of two phases. Phase I has three steps: signal segmentation, feature Segmentation and One-Class extraction based on local outlier factors (LOF), and one-class classification (OCC) modeling using the Classification in Diffusion Process of Semiconductor Manufacturing.
    [Show full text]
  • Anomaly Detection Using Dictionary Learning
    Anomaly Detection Using Dictionary Learning Mark Eisen,∗ Mengjie Pan,y Zachary Siegelzand Sara Staszakx July 22, 2013 MAXIMA REU Summer 2013 Institute for Mathematics and its Applications University of Minnesota Faculty advisor: Alicia Johnson (Macalester College) Problem poser: Jarvis Haupt (University of Minnesota) Abstract This report applies dictionary learning and sparse coding algorithms to data in the interest of de- veloping a better method of anomaly detection without a priori information about the anomalies them- selves. These methods aim to find a sparse representation of data Y with respect to a learned basis, or dictionary D. Specifically, iterative learning algorithms are used to solve the minimization problem 2 min kY − DXk2 + λkXk0, where X is a set of coefficients and λ controls the sparsity of X. Sparsity X;D helps assign semantic meaning to individual dictionary elements based upon their use in reconstructing data, which in turn highlights natural groupings and relationships among the data points. Thus, though traditional applications of dictionary learning include image denoising, novel methods for identification of anomalous or salient data points can also be derived from such structural features. To this end, we develop sparsity-informed metrics for defining and identifying anomalies with broad applications. Our results are promising and competitive with previous methods for flagging anomalous data in both images and propagating wavefield video. ∗University of Pennsylvania yBryn Mawr College zPomona College xMacalester College 1 Contents 1 Introduction 3 1.1 Anomaly Detection . .3 1.2 Existing Methods . .3 1.3 Proposed Method . .3 2 Methodology 4 2.1 Sparse Coding . .4 2.2 Dictionary Learning .
    [Show full text]
  • A Review of Local Outlier Factor Algorithms for Outlier Detection in Big Data Streams
    big data and cognitive computing Review A Review of Local Outlier Factor Algorithms for Outlier Detection in Big Data Streams Omar Alghushairy 1,2,* , Raed Alsini 1,3 , Terence Soule 1 and Xiaogang Ma 1,* 1 Department of Computer Science, University of Idaho, Moscow, ID 83844, USA; [email protected] (R.A.); [email protected] (T.S.) 2 College of Computer Science and Engineering, University of Jeddah, Jeddah 23890, Saudi Arabia 3 Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 21589, Saudi Arabia * Correspondence: [email protected] (O.A.); [email protected] (X.M.) Abstract: Outlier detection is a statistical procedure that aims to find suspicious events or items that are different from the normal form of a dataset. It has drawn considerable interest in the field of data mining and machine learning. Outlier detection is important in many applications, including fraud detection in credit card transactions and network intrusion detection. There are two general types of outlier detection: global and local. Global outliers fall outside the normal range for an entire dataset, whereas local outliers may fall within the normal range for the entire dataset, but outside the normal range for the surrounding data points. This paper addresses local outlier detection. The best-known technique for local outlier detection is the Local Outlier Factor (LOF), a density-based technique. There are many LOF algorithms for a static data environment; however, these algorithms cannot be applied directly to data streams, which are an important type of big data. In general, local outlier detection algorithms for data streams are still deficient and better algorithms need to be developed that can effectively analyze the high velocity of data streams to detect local outliers.
    [Show full text]
  • Unsupervised Anomaly Detection Approach for Time-Series in Multi-Domains Using Deep Reconstruction Error
    S S symmetry Article Unsupervised Anomaly Detection Approach for Time-Series in Multi-Domains Using Deep Reconstruction Error Tsatsral Amarbayasgalan 1, Van Huy Pham 2, Nipon Theera-Umpon 3,4 and Keun Ho Ryu 2,4,* 1 Database and Bioinformatics Laboratory, School of Electrical and Computer Engineering, Chungbuk National University, Cheongju 28644, Korea; [email protected] 2 Faculty of Information Technology, Ton Duc Thang University, Ho Chi Minh City 700000, Vietnam; [email protected] 3 Department of Electrical Engineering, Faculty of Engineering, Chiang Mai University, Chiang Mai 50200, Thailand; [email protected] 4 Biomedical Engineering Institute, Chiang Mai University, Chiang Mai 50200, Thailand * Correspondence: [email protected] or [email protected] Received: 16 June 2020; Accepted: 28 July 2020; Published: 29 July 2020 Abstract: Automatic anomaly detection for time-series is critical in a variety of real-world domains such as fraud detection, fault diagnosis, and patient monitoring. Current anomaly detection methods detect the remarkably low proportion of the actual abnormalities correctly. Furthermore, most of the datasets do not provide data labels, and require unsupervised approaches. By focusing on these problems, we propose a novel deep learning-based unsupervised anomaly detection approach (RE-ADTS) for time-series data, which can be applicable to batch and real-time anomaly detections. RE-ADTS consists of two modules including the time-series reconstructor and anomaly detector. The time-series reconstructor module uses the autoregressive (AR) model to find an optimal window width and prepares the subsequences for further analysis according to the width. Then, it uses a deep autoencoder (AE) model to learn the data distribution, which is then used to reconstruct a time-series close to the normal.
    [Show full text]
  • Open Cheng-Kai Chen Thesis Final.Pdf
    The Pennsylvania State University The Graduate School BIOMARKERS DISCOVERY USING NETWORK BASED ANOMALY DETECTION AThesisin Computer Science and Engineering by Cheng-Kai Chen c 2019 Cheng-Kai Chen Submitted in Partial Fulfillment of the Requirements for the Degree of Master of Science August 2019 The thesis of Cheng-Kai Chen was reviewed and approved⇤ by the following: Vasant Honavar Professor of Computer Science and Engineering Professor of Information Sciences and Technology Thesis Advisor Kamesh Madduri Associate Professor of Computer Science and Engineering Chitaranjan R. Das Distinguished Professor of Computer Science and Engineering Head of the Department of Computer Science and Engineering ⇤Signatures are on file in the Graduate School. Abstract Identifying biomarkers is an important step in translating research advances in genomics into clinical practice. From a machine learning perspective, computa- tional biomarker identification can be implemented using a broad range of feature selection methods. In this thesis, we consider an alternative approach, Network- Based Biomarker Discovery (NBBD) framework. As the name suggest, NBBD uses network representations of the input data to identify potential biomarkers (i.e., dis- criminative features for training machine learning classifiers). NBBD consists of two main customizable modules: Network Inference Module and Node Importance Scoring Module. The Network Inference Module creates ecological networks from given dataset. The Node Importance Scoring Module computes a score for each node based on the di↵erence between two ecological networks. However, most of the node scoring methods used in NBBD are based on nodes’ local topological properties. To date, NBBD has been successfully applied to metagenomics data. In this thesis, we extend two aspects of the earlier work on NBBD: i) we pro- pose two novel node important scoring methods based on node anomaly scores and di↵erences in nodes global profiles; ii) we demonstrate the applicability of NBBD for Neuroblastoma biomarker discovery from gene expression data.
    [Show full text]