Anomalous Event Sequence Detection

Boxiang Dong, Zhengzhang Chen, Lu An Tang, Haifeng Chen, Hui Wang, Kai Zhang, Ying Lin, Zhichun Li

Research output: Contribution to journalArticlepeer-review

7 Scopus citations

Abstract

Anomaly detection has been widely applied in modern data-driven security applications to detect abnormal events/entities that deviate from the majority. However, less work has been done in terms of detecting suspicious event sequences/paths, which are better discriminators than single events/entities for distinguishing normal and abnormal behaviors in complex systems such as cyber-physical systems. A key and challenging step in this endeavor is how to discover those abnormal event sequences from millions of system event records in an efficient and accurate way. To address this issue, we propose NINA, a network diffusion based algorithm for identifying anomalous event sequences. Experimental results on both static and streaming data show that NINA is efficient (processes about 2 million records per minute) and accurate.

Original languageEnglish
Article number9272840
Pages (from-to)5-13
Number of pages9
JournalIEEE Intelligent Systems
Volume36
Issue number3
DOIs
StatePublished - 1 May 2021

Keywords

  • anomaly detection
  • graph mining
  • intrusion detection
  • sequence discovery

Fingerprint

Dive into the research topics of 'Anomalous Event Sequence Detection'. Together they form a unique fingerprint.

Cite this