Original link:tecdat.cn/?p=1573

Original source:Tuo End number according to the tribe public number

 

“Today we’re seeing an explosion of data: social media data, systems data, CRM data, a lot of web data. In most cases, however, the data tells us about common patterns of user behavior. Abnormal changes in data can be the “crux” of a failure in our system or loss of users.

How to identify the “reef” in the data ocean is a problem to be discussed in abnormal behavior analysis of user behavior.

 

What is abnormal detection?

Anomaly detection is the process of finding patterns of behavior in data that do not conform to “normal.” It is very important to detect deviation from expected behavior in time series data to ensure the normal operation of the system.

In general, exceptions can be divided into two types:

Global/local exception

Local anomalies

Many times we can see the underlying trend in the data, which looks like a “wave” : low activity in the morning, high during the day and low at night. Local anomalies occur in this case. For example, high activity in the evening indicates abnormalities.

 

exception

This is the kind of anomaly we’re most familiar with. This is a random anomaly that occurs at ordinary times. It can generally be detected using 95% quantiles.

 

Abnormal detection methods

We use historical data to build estimates from each monitored data. The real-time data is compared to these values and a score is assigned.

Based on the threshold observed from the most recent data, determine whether the real-time data is abnormal. The advantage of this approach is that the threshold is not static, but real-time.

Detection Scenario:

 

Tecdat’s solution starts by collecting behavioral data from websites. The three main components of measuring trends, namely fixed trend, cyclical trend and seasonal data, are summarized separately, and the algorithm looks for anomalies in the data to send automatic real-time alerts to the user.

 

Through real-time anomaly data monitoring, we can clearly see the difference in site traffic, troubleshooting and repair quickly when abnormal conditions occur, reduce site downtime and reduce the loss of potential customers.