A semisupervised autoencoder-based approach for anomaly detection in high performance computing systems

Borghesi, Andrea; Bartolini, Andrea; Lombardi, Michele; Milano, Michela; Benini, Luca

doi:10.1016/j.engappai.2019.07.008

Cited by 81 publications

(44 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Notice that, to the best of our knowledge, this is the first work based on fine grain monitoring of power and performance, that targets SCs and DC compute nodes, along with their requirements (e.g., scalability, and reasonable overhead for in-band monitoring, to do not impact computing resources), and that reports a comprehensive analysis with a vast number of malware. When comparing with the analysis via performance counters, in line with other SoA works in literature targeting anomaly detection in SCs [28], [65], we obtain superior results when using IF and AE, rather than oc-SVM. In particular, in our experience the main problem with oc-SVM is that the feature space is not well separable for performance counters, and thus it is difficult to find a good tuning (e.g., kernel coefficient, PCA components, etc.)…”

Section: B Malware Detection Resultssupporting

confidence: 80%

pAElla: Edge AI-Based Real-Time Malware Detection in Data Centers

Libri

Bartolini

Benini

2020

IEEE Internet Things J.

Self Cite

View full text Add to dashboard Cite

The increasing use of Internet-of-Things (IoT) devices for monitoring a wide spectrum of applications, along with the challenges of "big data" streaming support they often require for data analysis, is nowadays pushing for an increased attention to the emerging edge computing paradigm. In particular, smart approaches to manage and analyze data directly on the network edge, are more and more investigated, and Artificial Intelligence (AI) powered edge computing is envisaged to be a promising direction. In this paper, we focus on Data Centers (DCs) and Supercomputers (SCs), where a new generation of high-resolution monitoring systems is being deployed, opening new opportunities for analysis like anomaly detection and security, but introducing new challenges for handling the vast amount of data it produces. In detail, we report on a novel lightweight and scalable approach to increase the security of DCs / SCs, that involves AI-powered edge computing on high-resolution power consumption. The method -called pAElla -targets real-time Malware Detection (MD), it runs on an out-of-band IoT-based monitoring system for DCs / SCs, and involves Power Spectral Density of power measurements, along with AutoEncoders. Results are promising, with an F1-score close to 1, and a False Alarm and Malware Miss rate close to 0%. We compare our method with State-of-the-Art MD techniques and show that, in the context of DCs / SCs, pAElla can cover a wider range of malware, significantly outperforming SoA approaches in terms of accuracy. Moreover, we propose a methodology for online training suitable for DCs / SCs in production, and release open dataset and code.

show abstract

Section: B Malware Detection Resultssupporting

confidence: 80%

pAElla: Edge AI-Based Real-Time Malware Detection in Data Centers

Libri

Bartolini

Benini

2020

IEEE Internet Things J.

Self Cite

View full text Add to dashboard Cite

show abstract

“…Autoencoder: Borghesi et al have proposed an autoencoder architecture for anomaly detection using HPC time series data [10], [56]. The autoencoder is trained using only "healthy" telemetry data, and it learns a compressed representation of this data.…”

Section: B Machine Learning Techniquesmentioning

confidence: 99%

“…This is a typical scenario that would be encountered if ML systems are deployed to production. We train the autoencoder-based anomaly detection framework [10], Coverage Fig. 7.…”

Section: F Investigating Misclassificationsmentioning

confidence: 99%

Counterfactual Explanations for Multivariate Time Series

Ateş

Aksar

Leung

et al. 2021

2021 International Conference on Applied Artificial Intelligence (ICAPAI)

View full text Add to dashboard Cite

Applying machine learning (ML) on multivariate time series data has growing popularity in many application domains, including in computer system management. For example, recent high performance computing (HPC) research proposes a variety of ML frameworks that use system telemetry data in the form of multivariate time series so as to detect performance variations, perform intelligent scheduling or node allocation, and improve system security. Common barriers for adoption for these ML frameworks include the lack of user trust and the difficulty of debugging. These barriers need to be overcome to enable the widespread adoption of ML frameworks in production systems. To address this challenge, this paper proposes a novel explainability technique for providing counterfactual explanations for supervised ML frameworks that use multivariate time series data. Proposed method outperforms state-of-the-art explainability methods on several different ML frameworks and data sets in metrics such as faithfulness and robustness. The paper also demonstrates how the proposed method can be used to debug ML frameworks and gain a better understanding of HPC system telemetry data.

show abstract

“…Vincent et al [29] built a self-encoding noise reduction model that can restore the input data with noise to the data without noise. Borghesi et al [30] used a semi-supervised anomaly detection method based on an autoencoder. The autoencoder uses the idea of encoding and decoding to suppress the noise in time-series, which makes the model more robust, but the autoencoder is theoretically better at dealing with one-dimensional time-series [9] because this structure is unable to obtain the correlation between multidimensional time series data.…”

Section: Related Workmentioning

confidence: 99%

A Novel Multivariate Time-Series Anomaly Detection Approach Using an Unsupervised Deep Neural Network

2021

View full text Add to dashboard Cite

With the development of hardware technology, we can collect increasingly reliable time series data, in which time series anomaly detection is an important task to find problems in time and avoid risks. It is not easy to establish a multivariate time series anomaly detection system, because the collected data not only have different attributes, scales, and characteristic information but also have horizontal and vertical connections among these data collected by various sensors. In addition, there is no clear boundary regarding whether the data are abnormal, and there is currently no unified definition of multidimensional timeseries anomalies. Recently, deep learning methods have shown outstanding advantages in the processing of multidimensional time series. In this paper, we propose a definition of point anomalies in multivariate time series and an unsupervised deep learning method, the multilayer convolutional recurrent autoencoded anomaly detector (MCRAAD), which is used to detect anomalies in multivariate time series. We calculate the feature matrix sequence through the data in the sliding window, extract the characteristics of the feature matrix sequence by a multilayer convolutional encoder, obtain the time relations in the feature matrix by using several ConvLSTM units, and finally reconstruct the feature matrix sequence with the convolutional decoder to predict the self-feature matrix. In addition, we propose a threshold setting method to assist with the determination of anomalies. Finally, we test our model on synthetic datasets and a real dataset of house monitoring. The results of experiments show that our method is superior to these basic models in detecting ability and robustness. This model also provides an effective method for multivariate time-series anomaly detection in real life.

show abstract

A semisupervised autoencoder-based approach for anomaly detection in high performance computing systems

Cited by 81 publications

References 37 publications

pAElla: Edge AI-Based Real-Time Malware Detection in Data Centers

pAElla: Edge AI-Based Real-Time Malware Detection in Data Centers

Counterfactual Explanations for Multivariate Time Series

A Novel Multivariate Time-Series Anomaly Detection Approach Using an Unsupervised Deep Neural Network

Contact Info

Product

Resources

About