9
HawkEye: A Real-Time Anomaly Detection System Satnam Singh

HawkEye : A Real-time Anomaly Detection System

Embed Size (px)

Citation preview

Page 1: HawkEye : A Real-time Anomaly Detection System

HawkEye: A Real-Time Anomaly Detection System

Satnam Singh

Page 2: HawkEye : A Real-time Anomaly Detection System

Use case: IT Infrastructure Monitoring

Page 3: HawkEye : A Real-time Anomaly Detection System

• Local Anomalies

• Global Anomalies

Anomaly Types: Demo

BaselineGlobal Anomaly

Number of Requests madeon Retail website

Tuesday Tuesday Tuesday

Page 4: HawkEye : A Real-time Anomaly Detection System

HawkEye: Anomaly Detection Framework

1. Data Stream

Complexity Estimator

2. Local Anomaly Detection

3. Global Anomaly Detection

4. AnomalySuppressionand Fusion

AlertsdB

Metricsdata

UserDashboard

Page 5: HawkEye : A Real-time Anomaly Detection System

Local Anomaly Detection

- Page’s Test- Parametric Models - One Class SVM- Kernel Density

Estimator- Ensemble of

Detectors

CPU

Baseline1

Baseline2

Anomaly1

Anomaly2

Anomaly3

Memory

µ +3σ-3σ

Page 6: HawkEye : A Real-time Anomaly Detection System

Local Anomaly Detection: Page’s Test

Process beginsat t = 75

Detectiondeclared at t = 80

h = 30

Test statistic 1max 0, ( )n n nS S g x

log likelihood ratio

Test statistic Sn is “clamped” at zero

( )( ) ln

( )K n

nH n

f xg x

f x

Page 7: HawkEye : A Real-time Anomaly Detection System

Local Anomaly Detection Results: Page’s Test

Page 8: HawkEye : A Real-time Anomaly Detection System

Seasonality Detection and Prediction

Time Series Models- ARMA

Page 9: HawkEye : A Real-time Anomaly Detection System

Summary• Real-time anomaly detection• Local anomalies + Global Anomalies• Anomaly suppression - alerts• Ensemble of detectors• Hyper-parameters tuning using multi-model

approach


Anomaly Detection Techniques

Anomaly Detection Techniques

Documents
Unsupervised Anomaly Detection in Large Datacenters › ~mgabel › papers › MSc Thesis - Final.pdf · 2014-06-14 · Unsupervised Anomaly Detection ... Unsupervised Anomaly Detection

Unsupervised Anomaly Detection in Large Datacenters › ~mgabel › papers › MSc Thesis - Final.pdf · 2014-06-14 · Unsupervised Anomaly Detection ... Unsupervised Anomaly Detection

Documents
Chap10 Anomaly Detection

Chap10 Anomaly Detection

Technology
Anomaly Detection Technology Using BigGraph€¦ · Anomaly Detection Technology Using BigGraph ... detection Several anomaly detection techniques have been developed and applied

Anomaly Detection Technology Using BigGraph€¦ · Anomaly Detection Technology Using BigGraph ... detection Several anomaly detection techniques have been developed and applied

Documents
Anomaly Detection - Improving Security Together · Anomaly Detection • Anomaly Detection is the holy grail of security. • From a baseline of “normal” behavior, abnormal or

Anomaly Detection - Improving Security Together · Anomaly Detection • Anomaly Detection is the holy grail of security. • From a baseline of “normal” behavior, abnormal or

Documents
Intrusion & Anomaly Detection & Preventiongauss.ececs.uc.edu/Courses/c6056/pdf/intrusion.pdfIntrusion & Anomaly Detection & Prevention Intrusion Detection: Monitor events, analyze

Intrusion & Anomaly Detection & Preventiongauss.ececs.uc.edu/Courses/c6056/pdf/intrusion.pdfIntrusion & Anomaly Detection & Prevention Intrusion Detection: Monitor events, analyze

Documents
Introduction to Anomaly Detection - uwyo.educlan/teach/rampe18_anomaly.pdfWhat is anomaly detection? “Anomaly detection refers to the problem of finding patterns in data that do

Introduction to Anomaly Detection - uwyo.educlan/teach/rampe18_anomaly.pdfWhat is anomaly detection? “Anomaly detection refers to the problem of finding patterns in data that do

Documents
Anomaly Detection Systems

Anomaly Detection Systems

Documents
Credit Card Fraud Detection - Anomaly Detection

Credit Card Fraud Detection - Anomaly Detection

Technology
HawkEye: A Real-Time Anomaly Detection System

HawkEye: A Real-Time Anomaly Detection System

Data & Analytics
Anomaly detection

Anomaly detection

Technology
Anomaly Detection Tutorial

Anomaly Detection Tutorial

Documents
Anomaly Detection Petty

Anomaly Detection Petty

Documents
Deep Learning based Anomaly Detection in€¦ · Deep Learning based Anomaly Detection in Multivariate Time-Series Data 1. Background Anomaly detection, also known as outlier detection,

Deep Learning based Anomaly Detection in€¦ · Deep Learning based Anomaly Detection in Multivariate Time-Series Data 1. Background Anomaly detection, also known as outlier detection,

Documents
Taxonomy of Anomaly Based Intrusion Detection System… · Figure 1: Taxonomy of Anomaly based Intrusion Detection System. III. STATISTICAL ANOMALY BASED INTRUSION DETECTION SYSTEM

Taxonomy of Anomaly Based Intrusion Detection System… · Figure 1: Taxonomy of Anomaly based Intrusion Detection System. III. STATISTICAL ANOMALY BASED INTRUSION DETECTION SYSTEM

Documents
From Anomaly Detection to Rumour Detection using Data ... · Local Anomaly Detection (§4). We propose a non-parametric method for anomaly detection at the level of individual entities,

From Anomaly Detection to Rumour Detection using Data ... · Local Anomaly Detection (§4). We propose a non-parametric method for anomaly detection at the level of individual entities,

Documents
Anomaly Detection and Attribution Using Bayesian … · UNCLASSIFIED DSTO{TR{2975 Anomaly Detection and Attribution Using Bayesian Networks Executive Summary Anomaly detection techniques

Anomaly Detection and Attribution Using Bayesian … · UNCLASSIFIED DSTO{TR{2975 Anomaly Detection and Attribution Using Bayesian Networks Executive Summary Anomaly detection techniques

Documents
A Survey on Anomaly detection in Evolving Data · Anomaly detection has received con-1In this paper, we use the terms outlier detection and anomaly detection interchangeably siderable

A Survey on Anomaly detection in Evolving Data · Anomaly detection has received con-1In this paper, we use the terms outlier detection and anomaly detection interchangeably siderable

Documents
Online Nonparametric Anomaly Detection in High-Dimensional ... · 13/2/2018 · Online Nonparametric Anomaly Detection in High-Dimensional Datasets Online Nonparametric Anomaly Detection

Online Nonparametric Anomaly Detection in High-Dimensional ... · 13/2/2018 · Online Nonparametric Anomaly Detection in High-Dimensional Datasets Online Nonparametric Anomaly Detection

Documents
Anomaly Detection RapidMiner

Anomaly Detection RapidMiner

Documents
Real-Time Anomaly Detection in Water Distribution Networks ... Anomaly Detection in Water Distribution Networks using Spark Streaming ... 2.3 Anomaly Detection in Water Distribution

Real-Time Anomaly Detection in Water Distribution Networks ... Anomaly Detection in Water Distribution Networks using Spark Streaming ... 2.3 Anomaly Detection in Water Distribution

Documents
Anomaly Detection using Outlier Detection Schemes

Anomaly Detection using Outlier Detection Schemes

Documents
Science of Anomaly detection - v4 Updated for HTM for IT · The#Science#of#Anomaly#Detection!! ! Page 3! Anomaly!Detection!inStreamingData" Early anomaly detection in streaming data

Science of Anomaly detection - v4 Updated for HTM for IT · The#Science#of#Anomaly#Detection!! ! Page 3! Anomaly!Detection!inStreamingData" Early anomaly detection in streaming data

Documents
Anomaly detection, part 1

Anomaly detection, part 1

Data & Analytics
BGP Anomaly Detection

BGP Anomaly Detection

Internet
Anomaly Detection in Predictive Maintenance - KNIME · Anomaly Detection in Predictive Maintenance Anomaly Detection with Time Series Analysis

Anomaly Detection in Predictive Maintenance - KNIME · Anomaly Detection in Predictive Maintenance Anomaly Detection with Time Series Analysis

Documents
Spacecraft anomaly detection via transformer ...€¦ · measures, anomaly detection is important and necessary to warn operation engineer of anomalies. Current anomaly detection

Spacecraft anomaly detection via transformer ...€¦ · measures, anomaly detection is important and necessary to warn operation engineer of anomalies. Current anomaly detection

Documents
Anomaly Detection - University of Edinburghudrc.eng.ed.ac.uk/sites/udrc.eng.ed.ac.uk/files... · Anomaly detection system architecture ! Incongruence detection ! Dempster Shaffer

Anomaly Detection - University of Edinburghudrc.eng.ed.ac.uk/sites/udrc.eng.ed.ac.uk/files... · Anomaly detection system architecture ! Incongruence detection ! Dempster Shaffer

Documents
Data Mining II Anomaly Detection - uni-mannheim.deData Mining II Anomaly Detection Heiko Paulheim 02/26/18 Heiko Paulheim 2 Anomaly Detection • Also known as “Outlier Detection”

Data Mining II Anomaly Detection - uni-mannheim.deData Mining II Anomaly Detection Heiko Paulheim 02/26/18 Heiko Paulheim 2 Anomaly Detection • Also known as “Outlier Detection”

Documents
Anomaly Detection Survey

Anomaly Detection Survey

Documents