Mining Multivariate Discrete Event Sequences for Knowledge Discovery and Anomaly Detection

Modern physical systems deploy large numbers of sensors to record at different time-stamps the status of different systems components via measurements such as temperature, pressure, speed, but also the component's categorical state. Depending on the measurement values, there are two kinds of se...

Full description

Saved in:
Bibliographic Details
Published in2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) pp. 552 - 563
Main Authors Nie, Bin, Xu, Jianwu, Alter, Jacob, Chen, Haifeng, Smirni, Evgenia
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.06.2020
Subjects
Anomaly detection
categorical event sequences
discrete event sequences
disk failures
Knowledge discovery
physical plant failures
rare events
Sensor systems
Temperature measurement
Temperature sensors
Training
unsupervised learning
Online AccessGet full text

Cover

More Information
Summary:Modern physical systems deploy large numbers of sensors to record at different time-stamps the status of different systems components via measurements such as temperature, pressure, speed, but also the component's categorical state. Depending on the measurement values, there are two kinds of sequences: continuous and discrete. For continuous sequences, there is a host of state-of-the-art algorithms for anomaly detection based on time-series analysis, but there is a lack of effective methodologies that are tailored specifically to discrete event sequences. This paper proposes an analytics framework for discrete event sequences for knowledge discovery and anomaly detection. During the training phase, the framework extracts pairwise relationships among discrete event sequences using a neural machine translation model by viewing each discrete event sequence as a "natural language". The relationship between sequences is quantified by how well one discrete event sequence is "translated" into another sequence. These pairwise relationships among sequences are aggregated into a multivariate relationship graph that clusters the structural knowledge of the underlying system and essentially discovers the hidden relationships among discrete sequences. This graph quantifies system behavior during normal operation. During testing, if one or more pairwise relationships are violated, an anomaly is detected. The proposed framework is evaluated on two real-world datasets: a proprietary dataset collected from a physical plant where it is shown to be effective in extracting sensor pairwise relationships for knowledge discovery and anomaly detection, and a public hard disk drive dataset where its ability to effectively predict upcoming disk failures is illustrated.
DOI:10.1109/DSN48063.2020.00067