Online Transition-Based Feature Generation for Anomaly Detection in Concurrent Data Streams
This addresses the need for domain-independent, online anomaly detection in applications like network monitoring or surveillance, though it appears incremental as it builds on existing feature generation methods.
The paper tackles the problem of generating features for anomaly detection in concurrent data streams by introducing the transition-based feature generator (TFGen), which processes activity data online with high computational efficiency to encode historical information.
In this paper, we introduce the transition-based feature generator (TFGen) technique, which reads general activity data with attributes and generates step-by-step generated data. The activity data may consist of network activity from packets, system calls from processes or classified activity from surveillance cameras. TFGen processes data online and will generate data with encoded historical data for each incoming activity with high computational efficiency. The input activities may concurrently originate from distinct traces or channels. The technique aims to address issues such as domain-independent applicability, the ability to discover global process structures, the encoding of time-series data, and online processing capability.