DATA-AGNOSTIC ANOMALY DETECTION
First Claim
1. A data-anomaly detection system comprising:
- one or more processors;
one or more computer-readable media; and
a routine that executes on the one or more processors to analyze digitally encoded data output from a system monitoring tool and stored in the computer-readable media byidentifying output data as qualified data or corrupted data;
identifying and sorting the qualified data into categorized data;
calculating normalcy bounds for the categorized data; and
storing the categorized data and normalcy bounds in the one or more computer-readable media.
3 Assignments
0 Petitions
Accused Products
Abstract
This disclosure presents computational systems and methods for detecting anomalies in data output from any type of monitoring tool. The data is aggregated and sent to an alerting system for abnormality detection via comparison with normalcy bounds. The anomaly detection methods are performed by construction of normalcy bounds of the data based on the past behavior of the data output from the monitoring tool. The methods use data quality assurance and data categorization processes that allow choosing a correct procedure for determination of the normalcy bounds. The methods are completely data agnostic, and as a result, can also be used to detect abnormalities in time series data associated with any complex system.
-
Citations
36 Claims
-
1. A data-anomaly detection system comprising:
-
one or more processors; one or more computer-readable media; and a routine that executes on the one or more processors to analyze digitally encoded data output from a system monitoring tool and stored in the computer-readable media by identifying output data as qualified data or corrupted data; identifying and sorting the qualified data into categorized data; calculating normalcy bounds for the categorized data; and storing the categorized data and normalcy bounds in the one or more computer-readable media. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method carried out within a computer system having one or more processors and an electronic memory that analyzes digitally encoded data stored in one or more computer-readable media, the method comprising:
-
identifying data output from a system monitoring tool as qualified data or corrupted data; identifying and sorting the qualified data into categorized data; calculating normalcy bounds for the categorized data; and storing the categorized data and normalcy bounds in the one or more computer-readable media. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A tangible computer-readable medium encoded with machine-readable instructions that implement a method carried out by one or more processors of a computer system to perform the operations of
identifying data output from a system monitoring tool as qualified data or corrupted data; -
identifying and sorting the qualified data into categorized data; calculating normalcy bounds for the categorized data; and storing the categorized data and normalcy bounds in the one or more computer-readable media. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification