关键词: 异常检测, 单类SVM, 多源数据, 整合分析

Abstract: As an intelligent method of data control, anomaly detection plays an important role in network intrusion detection, fraud identification and fault detection. There are many data sources in the age of big data, which brings great challenges to anomaly detection of multi-source datasets. In this paper, the idea of penalty integration analysis is applied to anomaly detection. By pairwise punishment for the difference of model coefficients of different datasets, the integrative one-class SVM anomaly detection model is proposed. The proposed method can detect anomalies of multi-source data and automatically cluster similar data into one group, which can greatly reduce the model parameters to be estimated and reduce later maintenance cost. The simulation experiments show that the proposed method can not only accurately cluster datasets, but also improve the model prediction effects compared with the two cases of directly merging the datasets and modeling each dataset separately. The method in this paper is applied to anomaly detection of bank website logs and achieves good performance.

Key words: Anomaly Detection, One-Class SVM, Multi-Source Dataset, Integrative Analysis