Hong Nguyen, Arash Hajisafi, Alireza Abdoli, S. H. Kim, C. Shahabi
{"title":"An Evaluation of Time-Series Anomaly Detection in Computer Networks","authors":"Hong Nguyen, Arash Hajisafi, Alireza Abdoli, S. H. Kim, C. Shahabi","doi":"10.1109/ICOIN56518.2023.10049051","DOIUrl":null,"url":null,"abstract":"One critical issue in any network systems is failure detection. Failures not only impact the source network but also propagate through other communicating networks due to the butterfly effect, making root causing of failures even more challenging. Therefore, the necessity to detect failures and anomalies in computer networks is fundamental. Given the nature of computer networks, data is received in a time-series format where each time-point has temporal dependencies on others. As a result, time-series analysis stands out as a potential approach to deal with the task of network anomaly detection. In this paper, we conduct studies on multivariate time series anomaly detection, varying from traditional machine learning techniques to deep learning models. We show that the choice of models is not as important as the choice of pre-processing techniques. Interestingly, non-linear normalization can boost the performance of deep detectors by around 20% in terms of F1 score and balance the preference of deep detectors for specific types of anomalies. We also study the bias of anomaly types to deep detectors, time-performance trade-offs, shortage of data, and effects of weakly labeled data on both synthetic and realworld datasets to fill out the missing insights in the literature.","PeriodicalId":285763,"journal":{"name":"2023 International Conference on Information Networking (ICOIN)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-01-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 International Conference on Information Networking (ICOIN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICOIN56518.2023.10049051","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
One critical issue in any network systems is failure detection. Failures not only impact the source network but also propagate through other communicating networks due to the butterfly effect, making root causing of failures even more challenging. Therefore, the necessity to detect failures and anomalies in computer networks is fundamental. Given the nature of computer networks, data is received in a time-series format where each time-point has temporal dependencies on others. As a result, time-series analysis stands out as a potential approach to deal with the task of network anomaly detection. In this paper, we conduct studies on multivariate time series anomaly detection, varying from traditional machine learning techniques to deep learning models. We show that the choice of models is not as important as the choice of pre-processing techniques. Interestingly, non-linear normalization can boost the performance of deep detectors by around 20% in terms of F1 score and balance the preference of deep detectors for specific types of anomalies. We also study the bias of anomaly types to deep detectors, time-performance trade-offs, shortage of data, and effects of weakly labeled data on both synthetic and realworld datasets to fill out the missing insights in the literature.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
