HawkEye: A Real-Time Anomaly Detection System
Submitted by Satnam Singh, PhD (@satnam-datageek) on Monday, 8 June 2015
Section: Crisp Talk Technical level: Beginner
In this talk, I will present the details of the HawkEye system with insights on selection of algorithms and parameter tuning. I intend to share our mistakes and learnings while deveoloping HawkEye.
HawkEye is a real-time anomaly detection framework for detecting anomalies in IT infrastructure data e.g. CPU, memory, response time of a data center machine. The framework uses a combination of anomaly detection techniques to detect local and global anomalies. The system detects several types of local anomalies using different anomaly detection techniques over a sliding window. We used rigorous data experiments to perform data preprocessing and select hyperparameters. We have employed statistics-based techniques to detect local point anomalies and statistical detection theory (Page’s Test) to detect local contextual anomalies. Time-series models are employed to detect seasonality in the data and detect global anomalies.
In this talk, I will showcase results of the HawkEye system on real-data.
Basic knowledge of statistics, machine learning, data mining will be helpful in understanding the talk.