ASTD Patterns for Integrated Continuous Anomaly Detection In Data Logs
This work addresses anomaly detection in data streams for developers, but it appears incremental as it builds on existing ASTD language methods.
The paper tackles the problem of continuous anomaly detection in data logs by proposing ASTD patterns and a new Quantified Flow operator to combine learning models in ensembles, aiming to simplify system design for developers.
This paper investigates the use of the ASTD language for ensemble anomaly detection in data logs. It uses a sliding window technique for continuous learning in data streams, coupled with updating learning models upon the completion of each window to maintain accurate detection and align with current data trends. It proposes ASTD patterns for combining learning models, especially in the context of unsupervised learning, which is commonly used for data streams. To facilitate this, a new ASTD operator is proposed, the Quantified Flow, which enables the seamless combination of learning models while ensuring that the specification remains concise. Our contribution is a specification pattern, highlighting the capacity of ASTDs to abstract and modularize anomaly detection systems. The ASTD language provides a unique approach to develop data flow anomaly detection systems, grounded in the combination of processes through the graphical representation of the language operators. This simplifies the design task for developers, who can focus primarily on defining the functional operations that constitute the system.