AREP: an adaptive, machine learning-based algorithm for real-time anomaly detection on network telemetry data
Abnormal behaviour detection is an essential task of real-time monitoring to secure the reliable operation of ICT infrastructures. This paper presents AREP, an adaptive, long short-term memory-based machine learning algorithm for real-time anomaly detection on network telemetry data. AREP is an impr...
Gespeichert in:
| Veröffentlicht in: | Neural computing & applications Jg. 35; H. 8; S. 6079 - 6094 |
|---|---|
| 1. Verfasser: | |
| Format: | Journal Article |
| Sprache: | Englisch |
| Veröffentlicht: |
London
Springer London
01.03.2023
Springer Nature B.V |
| Schlagworte: | |
| ISSN: | 0941-0643, 1433-3058 |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Abstract | Abnormal behaviour detection is an essential task of real-time monitoring to secure the reliable operation of ICT infrastructures. This paper presents AREP, an adaptive, long short-term memory-based machine learning algorithm for real-time anomaly detection on network telemetry data. AREP is an improved version of Alter-Re
2
, the direct predecessor algorithm developed by our research team. AREP introduces automatic tuning of its two key parameters and includes an offset compensation component to increase accuracy. Unfortunately, AREP and its predecessors perform well only on time series showing specific patterns. Thus, we propose also a data type classification method to identify patterns on which AREP performs best. Moreover, we use an extended range of metrics in our performance evaluations, including area under the curve (AUC). AUC computation is based on receiver operating characteristic (ROC) curves. However, generating ROC curves is not straightforward due to the inherent adaptive threshold technique used by AREP and its predecessors, so we had to develop a novel ROC curve generation approach for these algorithms. We show through rigorous experiments that on network time series following specific data patterns AREP overperforms its predecessors and produces similar or even better performance than other state-of-the-art algorithms. |
|---|---|
| AbstractList | Abnormal behaviour detection is an essential task of real-time monitoring to secure the reliable operation of ICT infrastructures. This paper presents AREP, an adaptive, long short-term memory-based machine learning algorithm for real-time anomaly detection on network telemetry data. AREP is an improved version of Alter-Re2, the direct predecessor algorithm developed by our research team. AREP introduces automatic tuning of its two key parameters and includes an offset compensation component to increase accuracy. Unfortunately, AREP and its predecessors perform well only on time series showing specific patterns. Thus, we propose also a data type classification method to identify patterns on which AREP performs best. Moreover, we use an extended range of metrics in our performance evaluations, including area under the curve (AUC). AUC computation is based on receiver operating characteristic (ROC) curves. However, generating ROC curves is not straightforward due to the inherent adaptive threshold technique used by AREP and its predecessors, so we had to develop a novel ROC curve generation approach for these algorithms. We show through rigorous experiments that on network time series following specific data patterns AREP overperforms its predecessors and produces similar or even better performance than other state-of-the-art algorithms. Abnormal behaviour detection is an essential task of real-time monitoring to secure the reliable operation of ICT infrastructures. This paper presents AREP, an adaptive, long short-term memory-based machine learning algorithm for real-time anomaly detection on network telemetry data. AREP is an improved version of Alter-Re 2 , the direct predecessor algorithm developed by our research team. AREP introduces automatic tuning of its two key parameters and includes an offset compensation component to increase accuracy. Unfortunately, AREP and its predecessors perform well only on time series showing specific patterns. Thus, we propose also a data type classification method to identify patterns on which AREP performs best. Moreover, we use an extended range of metrics in our performance evaluations, including area under the curve (AUC). AUC computation is based on receiver operating characteristic (ROC) curves. However, generating ROC curves is not straightforward due to the inherent adaptive threshold technique used by AREP and its predecessors, so we had to develop a novel ROC curve generation approach for these algorithms. We show through rigorous experiments that on network time series following specific data patterns AREP overperforms its predecessors and produces similar or even better performance than other state-of-the-art algorithms. Abnormal behaviour detection is an essential task of real-time monitoring to secure the reliable operation of ICT infrastructures. This paper presents AREP, an adaptive, long short-term memory-based machine learning algorithm for real-time anomaly detection on network telemetry data. AREP is an improved version of Alter-Re $$^2$$ 2 , the direct predecessor algorithm developed by our research team. AREP introduces automatic tuning of its two key parameters and includes an offset compensation component to increase accuracy. Unfortunately, AREP and its predecessors perform well only on time series showing specific patterns. Thus, we propose also a data type classification method to identify patterns on which AREP performs best. Moreover, we use an extended range of metrics in our performance evaluations, including area under the curve (AUC). AUC computation is based on receiver operating characteristic (ROC) curves. However, generating ROC curves is not straightforward due to the inherent adaptive threshold technique used by AREP and its predecessors, so we had to develop a novel ROC curve generation approach for these algorithms. We show through rigorous experiments that on network time series following specific data patterns AREP overperforms its predecessors and produces similar or even better performance than other state-of-the-art algorithms. |
| Author | Farkas, Karoly |
| Author_xml | – sequence: 1 givenname: Karoly orcidid: 0000-0001-6965-2689 surname: Farkas fullname: Farkas, Karoly email: farkas.karoly@vik.bme.hu, farkas.karoly@gloster.hu organization: Department of Networked Systems and Services, Budapest University of Technology and Economics, Gloster Infocommunications Public Company Limited by Shares |
| BookMark | eNp9kN9LHDEQx0NR6Kn9B_oU8LWpk2Szm_VNRFtBsBR9DrN7c2fsbnJNonL_vbleodAHYZh5mO9nfnyP2EGIgRj7LOGrBOjOMoBRUoBSAiwAiO0HtpCN1kKDsQdsAX1T222jP7KjnJ-qpGmtWbD54ufVj3OOgeMSN8W_0Bc-4_joA_GJMAUf1mLATEuO0zomXx5nvoqJJ8JJFD9TZeOM05YvqdBYfAy8RqDyGtMvXmiimUqqbSx4wg5XOGX69Lces4frq_vL7-L27tvN5cWtGFWvi7DUybaxuDKD7BqFnR0sdkabcay5BT2oRg2Sur5XNcselF2aFluDCuQI-pid7uduUvz9TLm4p_icQl3pVGfBdFLZvqrsXjWmmHOilRt9wd0HJaGfnAS3M9ftzXXVXPfHXLetqPoP3SQ_Y9q-D-k9lKs4rCn9u-od6g2qd45b |
| CitedBy_id | crossref_primary_10_1038_s41598_024_72982_z crossref_primary_10_1142_S0129156425403444 crossref_primary_10_3233_JIFS_231114 crossref_primary_10_1016_j_engappai_2024_108996 crossref_primary_10_1007_s00521_025_11371_7 |
| Cites_doi | 10.1162/neco.1997.9.8.1735 10.1145/3229607.3229611 10.1137/1.9781611972757.40 10.36244/ICJ.2021.1.5 10.1007/s00521-022-07156-x 10.1007/978-3-030-44041-1_110 10.1007/s00521-022-07506-9 10.1109/ICMLA.2015.141 10.36244/ICJ.2020.2.6 10.1109/ACCESS.2018.2886457 10.1029/TM003i001p00013 10.1007/s00521-022-07101-y 10.1007/978-3-030-75100-5_13 10.1109/COMPSAC48688.2020.0-226 10.1137/1.9781611972764.29 10.1145/3292500.3330680 10.1002/aic.690370209 |
| ContentType | Journal Article |
| Copyright | The Author(s) 2022 The Author(s) 2022. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| Copyright_xml | – notice: The Author(s) 2022 – notice: The Author(s) 2022. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| DBID | C6C AAYXX CITATION 8FE 8FG AFKRA ARAPS BENPR BGLVJ CCPQU DWQXO HCIFZ P5Z P62 PHGZM PHGZT PKEHL PQEST PQGLB PQQKQ PQUKI PRINS |
| DOI | 10.1007/s00521-022-08000-y |
| DatabaseName | Springer Nature OA Free Journals CrossRef ProQuest SciTech Collection ProQuest Technology Collection ProQuest Central UK/Ireland Advanced Technologies & Computer Science Collection ProQuest Central Technology collection ProQuest One Community College ProQuest Central Korea SciTech Premium Collection Advanced Technologies & Aerospace Database ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Premium ProQuest One Academic ProQuest One Academic Middle East (New) ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Applied & Life Sciences ProQuest One Academic (retired) ProQuest One Academic UKI Edition ProQuest Central China |
| DatabaseTitle | CrossRef Advanced Technologies & Aerospace Collection Technology Collection ProQuest One Academic Middle East (New) ProQuest Advanced Technologies & Aerospace Collection ProQuest One Academic Eastern Edition SciTech Premium Collection ProQuest One Community College ProQuest Technology Collection ProQuest SciTech Collection ProQuest Central China ProQuest Central Advanced Technologies & Aerospace Database ProQuest One Applied & Life Sciences ProQuest One Academic UKI Edition ProQuest Central Korea ProQuest Central (New) ProQuest One Academic ProQuest One Academic (New) |
| DatabaseTitleList | Advanced Technologies & Aerospace Collection CrossRef |
| Database_xml | – sequence: 1 dbid: P5Z name: Advanced Technologies & Aerospace Database url: https://search.proquest.com/hightechjournals sourceTypes: Aggregation Database |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISSN | 1433-3058 |
| EndPage | 6094 |
| ExternalDocumentID | 10_1007_s00521_022_08000_y |
| GrantInformation_xml | – fundername: Nemzeti Kutatási, Fejlesztési és Innovaciós Alap grantid: 2020-1.1.2-PIACI-KFI-2021-00203 funderid: http://dx.doi.org/10.13039/501100012550 – fundername: Nemzeti Kutatási, Fejlesztési és Innovaciós Alap grantid: BME-NVA-02 (TKP2021); Artificial Intelligence National Laboratory Program funderid: http://dx.doi.org/10.13039/501100012550 |
| GroupedDBID | -4Z -59 -5G -BR -EM -Y2 -~C .4S .86 .DC .VR 06D 0R~ 0VY 123 1N0 1SB 2.D 203 28- 29N 2J2 2JN 2JY 2KG 2LR 2P1 2VQ 2~H 30V 4.4 406 408 409 40D 40E 53G 5QI 5VS 67Z 6NX 8FE 8FG 8TC 8UJ 95- 95. 95~ 96X AAAVM AABHQ AACDK AAHNG AAIAL AAJBT AAJKR AANZL AAOBN AARHV AARTL AASML AATNV AATVU AAUYE AAWCG AAYIU AAYQN AAYTO AAYZH ABAKF ABBBX ABBXA ABDBF ABDZT ABECU ABFTD ABFTV ABHLI ABHQN ABJNI ABJOX ABKCH ABKTR ABLJU ABMNI ABMQK ABNWP ABQBU ABQSL ABSXP ABTEG ABTHY ABTKH ABTMW ABULA ABWNU ABXPI ACAOD ACBXY ACDTI ACGFS ACHSB ACHXU ACKNC ACMDZ ACMLO ACOKC ACOMO ACPIV ACSNA ACUHS ACZOJ ADHHG ADHIR ADIMF ADINQ ADKNI ADKPE ADMLS ADRFC ADTPH ADURQ ADYFF ADZKW AEBTG AEFIE AEFQL AEGAL AEGNC AEJHL AEJRE AEKMD AEMSY AENEX AEOHA AEPYU AESKC AETLH AEVLU AEXYK AFBBN AFEXP AFGCZ AFKRA AFLOW AFQWF AFWTZ AFZKB AGAYW AGDGC AGGDS AGJBK AGMZJ AGQEE AGQMX AGRTI AGWIL AGWZB AGYKE AHAVH AHBYD AHKAY AHSBF AHYZX AIAKS AIGIU AIIXL AILAN AITGF AJBLW AJRNO AJZVZ ALMA_UNASSIGNED_HOLDINGS ALWAN AMKLP AMXSW AMYLF AMYQR AOCGG ARAPS ARCSS ARMRJ ASPBG AVWKF AXYYD AYJHY AZFZN B-. B0M BA0 BBWZM BDATZ BENPR BGLVJ BGNMA BSONS C6C CAG CCPQU COF CS3 CSCUP DDRTE DL5 DNIVK DPUIP DU5 EAD EAP EBLON EBS ECS EDO EIOEI EJD EMI EMK EPL ESBYG EST ESX F5P FEDTE FERAY FFXSO FIGPU FINBP FNLPD FRRFC FSGXE FWDCC GGCAI GGRSB GJIRD GNWQR GQ6 GQ7 GQ8 GXS H13 HCIFZ HF~ HG5 HG6 HMJXF HQYDN HRMNR HVGLF HZ~ I-F I09 IHE IJ- IKXTQ ITM IWAJR IXC IZIGR IZQ I~X I~Z J-C J0Z JBSCW JCJTX JZLTJ KDC KOV KOW LAS LLZTM M4Y MA- N2Q N9A NB0 NDZJH NPVJJ NQJWS NU0 O9- O93 O9G O9I O9J OAM P19 P2P P62 P9O PF0 PT4 PT5 QOK QOS R4E R89 R9I RHV RIG RNI RNS ROL RPX RSV RZK S16 S1Z S26 S27 S28 S3B SAP SCJ SCLPG SCO SDH SDM SHX SISQX SJYHP SNE SNPRN SNX SOHCF SOJ SPISZ SRMVM SSLCW STPWE SZN T13 T16 TSG TSK TSV TUC TUS U2A UG4 UOJIU UTJUX UZXMN VC2 VFIZW W23 W48 WK8 YLTOR Z45 Z5O Z7R Z7S Z7V Z7W Z7X Z7Y Z7Z Z81 Z83 Z86 Z88 Z8M Z8N Z8P Z8Q Z8R Z8S Z8T Z8U Z8W Z92 ZMTXR ~8M ~EX AAPKM AAYXX ABBRH ABDBE ABFSG ABRTQ ACSTC ADHKG ADKFA AEZWR AFDZB AFFHD AFHIU AFOHR AGQPQ AHPBZ AHWEU AIXLP ATHPR AYFIA CITATION PHGZM PHGZT PQGLB DWQXO PKEHL PQEST PQQKQ PQUKI PRINS |
| ID | FETCH-LOGICAL-c293t-8e71648af5b1742a78b8a7535cc753603b242b1e79921e719028d56a65a201c03 |
| IEDL.DBID | P5Z |
| ISICitedReferencesCount | 3 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000882759300006&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| ISSN | 0941-0643 |
| IngestDate | Wed Nov 05 03:08:21 EST 2025 Tue Nov 18 20:45:27 EST 2025 Sat Nov 29 02:59:31 EST 2025 Fri Feb 21 02:44:46 EST 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 8 |
| Keywords | Network telemetry AREP LSTM Anomaly detection Machine learning Time series |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c293t-8e71648af5b1742a78b8a7535cc753603b242b1e79921e719028d56a65a201c03 |
| Notes | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14 |
| ORCID | 0000-0001-6965-2689 |
| OpenAccessLink | https://link.springer.com/10.1007/s00521-022-08000-y |
| PQID | 2780571289 |
| PQPubID | 2043988 |
| PageCount | 16 |
| ParticipantIDs | proquest_journals_2780571289 crossref_citationtrail_10_1007_s00521_022_08000_y crossref_primary_10_1007_s00521_022_08000_y springer_journals_10_1007_s00521_022_08000_y |
| PublicationCentury | 2000 |
| PublicationDate | 20230300 2023-03-00 20230301 |
| PublicationDateYYYYMMDD | 2023-03-01 |
| PublicationDate_xml | – month: 3 year: 2023 text: 20230300 |
| PublicationDecade | 2020 |
| PublicationPlace | London |
| PublicationPlace_xml | – name: London – name: Heidelberg |
| PublicationTitle | Neural computing & applications |
| PublicationTitleAbbrev | Neural Comput & Applic |
| PublicationYear | 2023 |
| Publisher | Springer London Springer Nature B.V |
| Publisher_xml | – name: Springer London – name: Springer Nature B.V |
| References | Ren H, Xu B, Wang Y, Yi C, Huang C, Kou X, Xing T, Yang M, Tong J, Zhang Q (2019) Time-series anomaly detection service at microsoft. In: Proceedings of the 25th ACM SIGKDD international conference on knowledge discovery & data mining. KDD’19. Association for Computing Machinery, New York, pp 3009–3017. https://doi.org/10.1145/3292500.3330680 Smirnov M ContextOSE [Online code repository]. https://github.com/smirmik/CAD Hawkins J, Ahmad S, Purdy S, Lavin A (2016) Biological and machine intelligence (BAMI). Initial online release 0.4. https://numenta.com/resources/biological-and-machine-intelligence Numenta Inc.: Hierarchial temporal memory [Online code repository]. https://github.com/numenta/htm.java Lee M-C, Lin J-C, Gran EG (2021) How far should we look back to achieve effective real-time time-series anomaly detection? Baeza-YatesRRibeiro-NetoBModern information retrieval: the concepts and technology behind search20112USAAddison-Wesley Publishing Company JiangLXuHLiuJShenXLuSShiZAnomaly detection of industrial multi-sensor signals based on enhanced spatiotemporal featuresNeural Comput Appl202234118465847710.1007/s00521-022-07101-y Vlachos M, Yu P, Castelli V (2005) On periodicity detection and structural periodic similarity, pp 449–460. https://doi.org/10.1137/1.9781611972757.40 FlusserMSomolPEfficient anomaly detection through surrogate neural networksNeural Comput Appl202210.1007/s00521-022-07506-9 Hochenbaum J, Vallis OS, Kejariwal A (2017) Automatic anomaly detection in the cloud via statistical learning Singh AK DeepAnT [Online code repository]. https://github.com/dev-aadarsh/DeepAnT Twitter: Twitter/AnomalyDetection [Online code repository]. https://github.com/twitter/AnomalyDetection SchusterAOn the investigation of hidden periodicities with application to a supposed 26 day period of meteorological phenomenaTerr Magn189831134110.1029/TM003i001p00013 Adams RP, MacKay DJC (2007) Bayesian online changepoint detection Lee TJ, Gottschlich J, Tatbul N, Metcalf E, Zdonik S (2018) Greenhouse: a zero-positive machine learning system for time-series anomaly detection Numenta Inc.: Numenta website. https://numenta.com Numenta Inc.: Numenta NAB whitepaper. https://drive.google.com/file/d/0B1_XUjaAXeV3dW1kX1B3VkYwOFE/view?resourcekey=0-swTidTTt83zFVZTGvoYxXg Lee M-C, Lin J-C, Gran EG (2020) RePAD: real-time proactive anomaly detection for time series. In: Barolli L, Amato F, Moscato F, Enokido T, Takizawa M (eds) Proceedings of the advanced information networking and applications. Springer, Cham, pp 1291–1302 Lavin A, Ahmad S (2015) Evaluating real-time anomaly detection algorithms—the Numenta anomaly benchmark. In: Proceedings of the IEEE 14th international conference on machine learning and applications (ICMLA), pp 38–44. https://doi.org/10.1109/ICMLA.2015.141 Putina A, Rossi D, Bifet A, Barth S, Pletcher D, Precup C, Nivaggioli P (2018) Telemetry-based stream-learning of BGP anomalies. In: Proceedings of the 2018 workshop on big data analytics and machine learning for data communication networks. Big-DAMA’18, pp 15–20. Association for Computing Machinery, New York. https://doi.org/10.1145/3229607.3229611 Kaiafas G, Hammerschmidt C, State R, Nguyen CD, Ries T, Ourdane M (2019) An experimental analysis of fraud detection methods in enterprise telecommunication data using unsupervised outlier ensembles. In: Proceedings of the 2019 IFIP/IEEE symposium on integrated network and service management (IM), pp 37–42. IEEE Cao F, Estert M, Qian W, Zhou A (2006) Density-based clustering over an evolving data stream with noise. In: Proceedings of the 2006 SIAM international conference on data mining, pp 328–339. https://doi.org/10.1137/1.9781611972764.29 HochreiterSSchmidhuberJLong short-term memoryNeural Comput1997981735178010.1162/neco.1997.9.8.1735 Pilinszki-NagyCGyires-TóthBPerformance analysis of sparse matrix representation in hierarchical temporal memory for sequence modelingInfocommunications J2020122414910.36244/ICJ.2020.2.6 Lee M-C, Lin J-C, Gran EG (2020) ReRe: a lightweight real-time ready-to-go anomaly detection approach for time series. In: 2020 IEEE 44th annual computers, software, and applications conference (COMPSAC), pp 322–327. https://doi.org/10.1109/COMPSAC48688.2020.0-226 MunirMSiddiquiSADengelAAhmedSDeepant: a deep learning approach for unsupervised anomaly detection in time seriesIEEE Access201971991200510.1109/ACCESS.2018.2886457 Numenta Inc.: NAB: Numenta Anomaly Benchmark [Online code repository]. https://github.com/numenta/NAB Numenta Inc.: Numenta Labeling Instructions. https://drive.google.com/file/d/0B1_XUjaAXeV3YlgwRXdsb3Voa1k/view?resourcekey=0-xwJ4s3pBPeOh1rRLJdjV7A VajdaDPekarAFarkasKTowards machine learning-based anomaly detection on time-series dataInfocommunications J2021XIII1364410.36244/ICJ.2021.1.5 ShiYShenHUnsupervised anomaly detection for network traffic using artificial immune networkNeural Comput Appl20223415130071302710.1007/s00521-022-07156-x KramerMANonlinear principal component analysis using autoassociative neural networksAIChE J199137223324310.1002/aic.690370209 MaxionRARobertsRRProper use of ROC curves in intrusion/anomaly detection2004Computing Science Tyne, UKUniversity of Newcastle upon Tyne Etsy I Skyline [Online code repository]. https://github.com/etsy/skyline 8000_CR28 8000_CR8 8000_CR9 8000_CR27 8000_CR6 8000_CR7 Y Shi (8000_CR13) 2022; 34 8000_CR25 R Baeza-Yates (8000_CR26) 2011 8000_CR22 L Jiang (8000_CR19) 2022; 34 8000_CR23 8000_CR21 A Schuster (8000_CR24) 1898; 3 S Hochreiter (8000_CR2) 1997; 9 MA Kramer (8000_CR20) 1991; 37 M Flusser (8000_CR18) 2022 D Vajda (8000_CR3) 2021; XIII RA Maxion (8000_CR29) 2004 8000_CR15 8000_CR14 8000_CR11 8000_CR33 8000_CR12 8000_CR31 8000_CR10 8000_CR32 8000_CR30 C Pilinszki-Nagy (8000_CR16) 2020; 12 8000_CR4 8000_CR5 M Munir (8000_CR17) 2019; 7 8000_CR1 |
| References_xml | – reference: VajdaDPekarAFarkasKTowards machine learning-based anomaly detection on time-series dataInfocommunications J2021XIII1364410.36244/ICJ.2021.1.5 – reference: Lee M-C, Lin J-C, Gran EG (2021) How far should we look back to achieve effective real-time time-series anomaly detection? – reference: Lavin A, Ahmad S (2015) Evaluating real-time anomaly detection algorithms—the Numenta anomaly benchmark. In: Proceedings of the IEEE 14th international conference on machine learning and applications (ICMLA), pp 38–44. https://doi.org/10.1109/ICMLA.2015.141 – reference: Numenta Inc.: Numenta NAB whitepaper. https://drive.google.com/file/d/0B1_XUjaAXeV3dW1kX1B3VkYwOFE/view?resourcekey=0-swTidTTt83zFVZTGvoYxXg – reference: Singh AK DeepAnT [Online code repository]. https://github.com/dev-aadarsh/DeepAnT – reference: Hawkins J, Ahmad S, Purdy S, Lavin A (2016) Biological and machine intelligence (BAMI). Initial online release 0.4. https://numenta.com/resources/biological-and-machine-intelligence/ – reference: Adams RP, MacKay DJC (2007) Bayesian online changepoint detection – reference: Numenta Inc.: NAB: Numenta Anomaly Benchmark [Online code repository]. https://github.com/numenta/NAB – reference: JiangLXuHLiuJShenXLuSShiZAnomaly detection of industrial multi-sensor signals based on enhanced spatiotemporal featuresNeural Comput Appl202234118465847710.1007/s00521-022-07101-y – reference: FlusserMSomolPEfficient anomaly detection through surrogate neural networksNeural Comput Appl202210.1007/s00521-022-07506-9 – reference: MaxionRARobertsRRProper use of ROC curves in intrusion/anomaly detection2004Computing Science Tyne, UKUniversity of Newcastle upon Tyne – reference: ShiYShenHUnsupervised anomaly detection for network traffic using artificial immune networkNeural Comput Appl20223415130071302710.1007/s00521-022-07156-x – reference: Lee TJ, Gottschlich J, Tatbul N, Metcalf E, Zdonik S (2018) Greenhouse: a zero-positive machine learning system for time-series anomaly detection – reference: HochreiterSSchmidhuberJLong short-term memoryNeural Comput1997981735178010.1162/neco.1997.9.8.1735 – reference: Lee M-C, Lin J-C, Gran EG (2020) RePAD: real-time proactive anomaly detection for time series. In: Barolli L, Amato F, Moscato F, Enokido T, Takizawa M (eds) Proceedings of the advanced information networking and applications. Springer, Cham, pp 1291–1302 – reference: Hochenbaum J, Vallis OS, Kejariwal A (2017) Automatic anomaly detection in the cloud via statistical learning – reference: Smirnov M ContextOSE [Online code repository]. https://github.com/smirmik/CAD – reference: Twitter: Twitter/AnomalyDetection [Online code repository]. https://github.com/twitter/AnomalyDetection – reference: Pilinszki-NagyCGyires-TóthBPerformance analysis of sparse matrix representation in hierarchical temporal memory for sequence modelingInfocommunications J2020122414910.36244/ICJ.2020.2.6 – reference: Putina A, Rossi D, Bifet A, Barth S, Pletcher D, Precup C, Nivaggioli P (2018) Telemetry-based stream-learning of BGP anomalies. In: Proceedings of the 2018 workshop on big data analytics and machine learning for data communication networks. Big-DAMA’18, pp 15–20. Association for Computing Machinery, New York. https://doi.org/10.1145/3229607.3229611 – reference: KramerMANonlinear principal component analysis using autoassociative neural networksAIChE J199137223324310.1002/aic.690370209 – reference: Cao F, Estert M, Qian W, Zhou A (2006) Density-based clustering over an evolving data stream with noise. In: Proceedings of the 2006 SIAM international conference on data mining, pp 328–339. https://doi.org/10.1137/1.9781611972764.29 – reference: Vlachos M, Yu P, Castelli V (2005) On periodicity detection and structural periodic similarity, pp 449–460. https://doi.org/10.1137/1.9781611972757.40 – reference: Numenta Inc.: Numenta website. https://numenta.com/ – reference: Numenta Inc.: Hierarchial temporal memory [Online code repository]. https://github.com/numenta/htm.java – reference: MunirMSiddiquiSADengelAAhmedSDeepant: a deep learning approach for unsupervised anomaly detection in time seriesIEEE Access201971991200510.1109/ACCESS.2018.2886457 – reference: Etsy I Skyline [Online code repository]. https://github.com/etsy/skyline – reference: Lee M-C, Lin J-C, Gran EG (2020) ReRe: a lightweight real-time ready-to-go anomaly detection approach for time series. In: 2020 IEEE 44th annual computers, software, and applications conference (COMPSAC), pp 322–327. https://doi.org/10.1109/COMPSAC48688.2020.0-226 – reference: Ren H, Xu B, Wang Y, Yi C, Huang C, Kou X, Xing T, Yang M, Tong J, Zhang Q (2019) Time-series anomaly detection service at microsoft. In: Proceedings of the 25th ACM SIGKDD international conference on knowledge discovery & data mining. KDD’19. Association for Computing Machinery, New York, pp 3009–3017. https://doi.org/10.1145/3292500.3330680 – reference: Numenta Inc.: Numenta Labeling Instructions. https://drive.google.com/file/d/0B1_XUjaAXeV3YlgwRXdsb3Voa1k/view?resourcekey=0-xwJ4s3pBPeOh1rRLJdjV7A – reference: Kaiafas G, Hammerschmidt C, State R, Nguyen CD, Ries T, Ourdane M (2019) An experimental analysis of fraud detection methods in enterprise telecommunication data using unsupervised outlier ensembles. In: Proceedings of the 2019 IFIP/IEEE symposium on integrated network and service management (IM), pp 37–42. IEEE – reference: SchusterAOn the investigation of hidden periodicities with application to a supposed 26 day period of meteorological phenomenaTerr Magn189831134110.1029/TM003i001p00013 – reference: Baeza-YatesRRibeiro-NetoBModern information retrieval: the concepts and technology behind search20112USAAddison-Wesley Publishing Company – ident: 8000_CR31 – volume: 9 start-page: 1735 issue: 8 year: 1997 ident: 8000_CR2 publication-title: Neural Comput doi: 10.1162/neco.1997.9.8.1735 – ident: 8000_CR10 – volume-title: Modern information retrieval: the concepts and technology behind search year: 2011 ident: 8000_CR26 – ident: 8000_CR5 doi: 10.1145/3229607.3229611 – volume-title: Proper use of ROC curves in intrusion/anomaly detection year: 2004 ident: 8000_CR29 – ident: 8000_CR25 doi: 10.1137/1.9781611972757.40 – ident: 8000_CR8 – ident: 8000_CR23 – volume: XIII start-page: 36 issue: 1 year: 2021 ident: 8000_CR3 publication-title: Infocommunications J doi: 10.36244/ICJ.2021.1.5 – volume: 34 start-page: 13007 issue: 15 year: 2022 ident: 8000_CR13 publication-title: Neural Comput Appl doi: 10.1007/s00521-022-07156-x – ident: 8000_CR11 – ident: 8000_CR15 – ident: 8000_CR22 doi: 10.1007/978-3-030-44041-1_110 – year: 2022 ident: 8000_CR18 publication-title: Neural Comput Appl doi: 10.1007/s00521-022-07506-9 – ident: 8000_CR4 doi: 10.1109/ICMLA.2015.141 – volume: 12 start-page: 41 issue: 2 year: 2020 ident: 8000_CR16 publication-title: Infocommunications J doi: 10.36244/ICJ.2020.2.6 – volume: 7 start-page: 1991 year: 2019 ident: 8000_CR17 publication-title: IEEE Access doi: 10.1109/ACCESS.2018.2886457 – ident: 8000_CR32 – volume: 3 start-page: 13 issue: 1 year: 1898 ident: 8000_CR24 publication-title: Terr Magn doi: 10.1029/TM003i001p00013 – ident: 8000_CR30 – volume: 34 start-page: 8465 issue: 11 year: 2022 ident: 8000_CR19 publication-title: Neural Comput Appl doi: 10.1007/s00521-022-07101-y – ident: 8000_CR7 – ident: 8000_CR27 doi: 10.1007/978-3-030-75100-5_13 – ident: 8000_CR1 doi: 10.1109/COMPSAC48688.2020.0-226 – ident: 8000_CR9 – ident: 8000_CR6 doi: 10.1137/1.9781611972764.29 – ident: 8000_CR21 – ident: 8000_CR14 – ident: 8000_CR28 doi: 10.1145/3292500.3330680 – ident: 8000_CR12 – volume: 37 start-page: 233 issue: 2 year: 1991 ident: 8000_CR20 publication-title: AIChE J doi: 10.1002/aic.690370209 – ident: 8000_CR33 |
| SSID | ssj0004685 |
| Score | 2.326797 |
| Snippet | Abnormal behaviour detection is an essential task of real-time monitoring to secure the reliable operation of ICT infrastructures. This paper presents AREP, an... |
| SourceID | proquest crossref springer |
| SourceType | Aggregation Database Enrichment Source Index Database Publisher |
| StartPage | 6079 |
| SubjectTerms | Adaptive algorithms Algorithms Anomalies Artificial Intelligence Computational Biology/Bioinformatics Computational Science and Engineering Computer Science Data Mining and Knowledge Discovery Identification methods Image Processing and Computer Vision Machine learning Original Article Performance evaluation Probability and Statistics in Computer Science Real time Telemetry Time series |
| SummonAdditionalLinks | – databaseName: SpringerLINK Contemporary 1997-Present dbid: RSV link: http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LS8NAEF60evBifWK1yh682YW8s_FWpMWDlFK19BYmyaYWkrSkUei_d3aTtCoqKIS97IMw-_hmdmfmI-Q6Nh0uIi9mlg4hsyLcijL8kWlyRQcI2Z5KYDp-cAcDPpl4wyoobFl7u9dPkuqkXge7yRtMNH3ReJJajsZW22QH4Y5LwobR4_hDNKQi4kS7Rfr0WGYVKvP9GJ_haKNjfnkWVWjTb_7vPw_IfqVd0m65HA7JlsiOSLNmbqDVRj4maXfUG95SyChEsJAnXoemyq1S0IpHYsokwEUUkuk8nxUvKUX1lqKKmTDJR4995ykkKxqJQnlzZRS_rHQqp4WQXulFjtVQwAl57vee7u5ZRbzAQkT_gnEhrSgOsR2gwWKAywMOaNfYYYilo5kBAnugC9fzDCx1mQEmsh1wbEB9ItTMU9LI5pk4I9R0I3lTxYPIFZYGghsgII41DyfOcmJoEb2Wvx9WWcklOUbir_MpK3n6KE9fydNftcjNus-izMnxa-t2Pa1-tT-XviGpHFzEZq9FOvU0bqp_Hu38b80vyJ7kpy-d1tqkUeSv4pLshm_FbJlfqXX7DipO5fM priority: 102 providerName: Springer Nature |
| Title | AREP: an adaptive, machine learning-based algorithm for real-time anomaly detection on network telemetry data |
| URI | https://link.springer.com/article/10.1007/s00521-022-08000-y https://www.proquest.com/docview/2780571289 |
| Volume | 35 |
| WOSCitedRecordID | wos000882759300006&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVPQU databaseName: Advanced Technologies & Aerospace Database customDbUrl: eissn: 1433-3058 dateEnd: 20241211 omitProxy: false ssIdentifier: ssj0004685 issn: 0941-0643 databaseCode: P5Z dateStart: 20120101 isFulltext: true titleUrlDefault: https://search.proquest.com/hightechjournals providerName: ProQuest – providerCode: PRVPQU databaseName: ProQuest Central customDbUrl: eissn: 1433-3058 dateEnd: 20241211 omitProxy: false ssIdentifier: ssj0004685 issn: 0941-0643 databaseCode: BENPR dateStart: 20120101 isFulltext: true titleUrlDefault: https://www.proquest.com/central providerName: ProQuest – providerCode: PRVAVX databaseName: SpringerLINK Contemporary 1997-Present customDbUrl: eissn: 1433-3058 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0004685 issn: 0941-0643 databaseCode: RSV dateStart: 19970101 isFulltext: true titleUrlDefault: https://link.springer.com/search?facet-content-type=%22Journal%22 providerName: Springer Nature |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV1LT8MwDLZ4HbgwnmIwUA7cIKJb17XlggYa4oCmaTyEuFRukwLS1o2tIO3fY2fpBkhwQapyaJq2kpP4s2P7AzhK3UagVZjKehUTWVe0FDn9UTo8o2NS2aEpYPpw47fbweNj2LEOt7ENqyz2RLNRq0HCPvLTGhff92k3Dc-Hb5JZo_h01VJoLMIyV0lg6oaO9_QlL9JQcpIFw9E9ddcmzZjUOfaH0l0yxRgzOXLyXTHN0eaPA1Kjd65K__3jdViziFM0p1NkAxZ0tgmlgs1B2MW9Bf1mt9U5E5gJVDjkXfBE9E2opRaWW-JZstJTAnvP9KH8pS8I8gqCnT3JHPU0dtDH3kQonZsIr0zQlU0DzUWuOVI9H1E35rgN91etu8trackYZEKIIJeBZssqwNSLyYipoR_EAZKt4yUJtQ3HjUnZx1Xth2GN2ipXhVFeAxseEsZIHHcHlrJBpndBuL5i71UQK1_XHdRBDTWmqRM6IaGhFMtQLSQRJbZSORNm9KJZjWUjvYikFxnpRZMyHM_GDKd1Ov58ulKILLJrdhzN5VWGk0Lo8-7f37b399v2YZU56qeBaxVYykfv-gBWko_8dTw6hOWLVrvTPTQzl9ru7cMnKxXyRA |
| linkProvider | ProQuest |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V3NT9swFH9iMGm7rIxtWlnHfIDTsJbmo0mQpgkNEIhSVROb0C7hJXYYUpOW1hvqP7W_ce85CWVI48ZhUuRDHFty_PN7P9vvA2Az93qRVnEu_S5m0le0FNn9UTqM6JRUdmwDmH7rh4NBdHYWD5fgd-MLw2aVjUy0glqNMz4j_-By8P2QpGn8aXIlOWsU3642KTQqWBzr-TVt2WYfj_Zofrdc92D_9POhrLMKyIxUm5GR5i1ChHmQEht3MYzSCIm0B1lGZc_xUtJaaVeHcexS2eXwJiroYS9AUpaZ41G_j2DF912HV9Ew-H7LD9OmAKUdE1sT-V7tpGNd9fj8ld7S1o85miPnfyvCBbu9cyFr9dxB63_7Q6vwrGbUYrdaAs9hSZdr0GqyVYhaeL2AYvfL_nBHYClQ4YSl_LYorCmpFnXujAvJSl0JHF3QwMyPQhClF0SrR9JcFprajgsczYXSxlqwlYKesjKkF0azJb6ZUjUafAlfH2TQr2C5HJf6NQgvVHw6F6Uq1L6DOnJRY547sRMT28uxDd1m5pOsjsTOCUFGyU0MaYuWhNCSWLQk8za8v2kzqeKQ3Pt1p4FIUsukWbLARxu2G5Atqv_d2_r9vb2DJ4enJ_2kfzQ4fgNPXWKBlZFeB5bN9Kd-C4-zX-ZyNt2wq0XA-UOD7w86IEhH |
| linkToPdf | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV1ZS8NAEB68EF-8xXrug2-6mDZpk_gmalGUUrzwLUyymyq0aamr0H_vzCapByqIEPYlu0vYI_PN7jfzAeylbiPQKkylV8VEeoq2Ioc_SodXdEwmO7QJTO-v_FYreHgI2x-i-C3bvbySzGMaOEtTZg4HKj0cB77xaSa5weRIMeJx5GgSpj0m0rO_fnP_ITLSinKSD8P8Hs8twma-7-OzaXrHm1-uSK3laS78_5sXYb5AneI4XyZLMKGzZVgoFR1EscFXoHd8fdY-EpgJVDjgP-GB6Fm6pRaFvkRHsuFTArud_vDJPPYEwV5B0LMrWaee2vZ72B0JpY1leWWCniwnmwujma1uhvQaDa7CXfPs9uRcFoIMMiFUYGSg2bsKMK3H5MjU0A_iAMnfqScJlQ3Hjcngx1Xth2GNyipnhlH1BjbqSDgjcdw1mMr6mV4H4fqKT7CCWPnac1AHNdSYpk7ohISIUqxAtZyLKCmylbNoRjca51m24xnReEZ2PKNRBfbHbQZ5ro5fa2-VUxwV-_Y5qrHEg082O6zAQTml769_7m3jb9V3YbZ92oyuLlqXmzDHEvY5r20LpszwRW_DTPJqnp6HO3Y5vwFcxvG7 |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=AREP%3A+an+adaptive%2C+machine+learning-based+algorithm+for+real-time+anomaly+detection+on+network+telemetry+data&rft.jtitle=Neural+computing+%26+applications&rft.au=Farkas%2C+Karoly&rft.date=2023-03-01&rft.pub=Springer+Nature+B.V&rft.issn=0941-0643&rft.eissn=1433-3058&rft.volume=35&rft.issue=8&rft.spage=6079&rft.epage=6094&rft_id=info:doi/10.1007%2Fs00521-022-08000-y |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0941-0643&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0941-0643&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0941-0643&client=summon |