label less a semi automatic labelling tool for kpi
play

Label-Less: A Semi-Automatic Labelling Tool for KPI Anomalies - PowerPoint PPT Presentation

Feb 11, 2023 •117 likes •464 views

Label-Less: A Semi-Automatic Labelling Tool for KPI Anomalies Nengwen Zhao , Jing Zhu, Rong Liu, Dapeng Liu, Ming Zhang, Dan Pei INFOCOM 2019 1 Operational Background Design Evaluation Experience 2 Operational Background Design

  1. Label-Less: A Semi-Automatic Labelling Tool for KPI Anomalies Nengwen Zhao , Jing Zhu, Rong Liu, Dapeng Liu, Ming Zhang, Dan Pei INFOCOM 2019 1

  2. Operational Background Design Evaluation Experience 2

  3. Operational Background Design Evaluation Experience 3

  4. Internet-Based Services and KPI n KPIs (Key Performance Indicators): A set of performance metrics that monitor the service Search Engine Online Search response time Shopping Social Network Memory usage Internet-based services 4

  5. KPI Anomaly KPI anomalies: Potential failures unexpected behavior Detect it ! [IMC15] 5

  6. KPI Anomaly Detection Methods Ø Existing KPI anomaly detection methods: Traditional statistical methods: Holt-Winters, MA, ARIMA… 1 [CONEXT11, INFOCOM12,SIGCOMM13…] 2 Supervised ensemble learning: Opprentice, EGADS… [IMC15,KDD15…] Unsupervised learning: Donut, Auto-encoder… 3 [WWW18,AAAI19,IJCAI17,KDD17…] 6

  7. KPI Anomaly Detection Methods Ø Existing KPI anomaly detection methods: Traditional statistical methods: Holt-Winters, MA, ARIMA… 1 [IMC03, INFOCOM12…] 2 Supervised ensemble learning: Opprentice, EGADS… [IMC15,KDD15…] KPI anomaly detection is very important and many efforts have been devoted to the research of anomaly detection Unsupervised learning: Donut, Autoencoder… 3 [WWW18,AAAI19,…] Ø Anomaly detection products in industry: • Prometheus, Anodot, Kibana… 7

  8. KPI Anomaly Detection Methods The performance in reality is far from satisfying: - Lack of generality - KPIs in practice have various types of patterns seasonal Variable Donut is designed only for seasonal KPIs [WWW18] Stationary 8

  9. Public Datasets Types Datasets Problem • UCR time series archive • Time series Not for anomaly • UCI machine learning repository datasets detection • Yahoo Benchmark[KDD15] • KPIs with limited data KPI anomaly • Numenta Anomaly Benchmark detection points • Synthetic anomalies datasets [ICMLA15] 1400 data points, only one anomaly segment with four data points. 9

  10. Public Datasets Public time series datasets n – UCR time series archive, UCI machine learning repository – Problem: aim at classification, clustering or regression not for anomaly detection Public KPI anomaly detection datasets n The community of KPI anomaly detection is in an urgent need – Yahoo Benchmark , Numenta Anomaly Benchmark [KDD15 ,ICMLA15] for a large-scale and diverse KPI anomaly dataset. – Problem • KPIs with limited data points • Synthetic anomalies 10

  11. Challenges Obtaining a large-scale KPI anomaly dataset with high-quality ground truth has been a great challenge. Labeling KPI anomalies takes domain knowledge of IT operations 1 Anomaly? Where are anomalies? Weekend normal pattern! 11

  12. Challenges It is labor intensive to carefully examine a several-month-long KPI 2 back and forth and try to label anomalies in a consistent manner 6-month-long KPI with Take a few hours 30, 0000 data points 1-minute interval to label A labeling tool 12

  13. Challenges 3 The number of KPIs that need to be labeled is very large Rare Large Diverse KPI anomalies in number of pattern each KPI KPIs Usually less Millions of KPIs in Seasonal than 1% large companies Variable Stationary 13

  14. Challenges Ø A real example: KPI Anomaly Detection Algorithm Competition: http://iops.ai/ Labeling overhead Thousands of 30 labeled unlabeled KPIs KPIs Labeling overhead has become the main hurdle to large-scale KPI anomaly dataset, which in turn is the main hurdle to effective and practical KPI anomaly detection. 14

  15. Key Ideas n Design a semi-automatic labeling framework Visually scanning through the 1 KPIs to gauge their normal patterns and variations Unsupervised anomaly Raw KPI detection : provide potential anomalies Potential anomalies 15

  16. Key Ideas n Design a semi-automatic labeling framework Examining KPIs back and forth to check whether similar patterns 2 are labeled consistently Template Anomaly similarity search : discover similar anomalies automatically Similar anomalies Potential anomalies 16

  17. Operational Background Design Evaluation Experience 17

  18. Label-Less Overview Yes (Labeled KPIs) Operators Investigate All anomalies have been Unlabeled labeled? KPIs Preprocessing Check of top-k No (Choose similar anomalies Feature another Extraction template) Accelerated Isolation DTW Forest Threshold Candidate Anomaly Selection Anomalies Template Unsupervised Anomaly Similarity Search Anomaly Detection 18

  19. Unsupervised Anomaly Detection Candidate Feature extraction Isolation Forest Threshold selection KPIs anomalies Feature extraction n – Time series prediction models as feature extractors. – Feature: prediction error Normal points: well predicted with small prediction errors KPI value Predicted value 3 Value 2 1 Anomalies: large 0 prediction errors 04-04 04-05 04-06 04-07 Time (Day) 19

  20. Unsupervised Anomaly Detection Isolation Forest [ICDM08] n – Anomalies: few and different – Anomaly score: average path lengths iForest KPI value Output MA 6 EWMA HW iTree Score Anomaly score < > …… Anomaly score β β anomaly score 1 Anomaly Di ff 0.9 Value 4 1 WMA 0.6 2 Normal 0.2 ARIMA samples 0 0 0.1 0 08-03 08-04 08-05 Time (Day) Threshold selection n – Our goal: generate candidate potential anomalies – High recall and acceptable precision 20

  21. Anomaly Similarity Search Candidate anomalies check Anomaly Top-k similar similarity search anomalies Anomaly template Goals: high accuracy and low response latency n DTW as Similarity Measure n – None of other distance measures consistently outperforms DTW [KDD12…] y DTW alignment x 21

  22. Anomaly Similarity Search Accelerated DTW n We adopt the following three techniques from existing works to speed up DTW Constrained path 1 Limit the permissible warping paths by providing local restrictions on the set of alternative steps considered Lower bound 2 Use a cheap-to-compute lower bound of DTW to prune segments that cannot possibly be the top-k similar anomalies Early stopping 3 22

  23. Operational Background Design Evaluation Experience 23

  24. Datasets and Metrics Datasets Ø Four datasets containing 30 KPIs Ø A time span of about six months Ø 1-minute monitoring interval Metrics Ø Unsupervised anomaly detection • Recall Ø Anomaly similarity search • Best F-score and AUC • Response time 24

  25. Performance of Unsupervised Anomaly Detection Yes (Labeled KPIs) Operators Investigate All anomalies have been Unlabeled KPIs labeled? Preprocessing Check of top-k No (Choose similar anomalies Feature another Extraction template) Accelerated Isolation DTW Forest Threshold Candidate Anomaly Selection Anomalies Template High recall Recall of Unsupervised Anomaly Detection with few false 1 negative 0.8 Recall 0.6 0.4 0.2 0 A B C D Dataset 25

  26. Performance of Anomaly Similarity Search Yes (Labeled KPIs) Operators Investigate Ø Comparison with other distance measures All anomalies Unlabeled have been KPIs labeled? Preprocessing Check of top-k No (Choose similar anomalies Feature another Extraction template) Accelerated Isolation DTW Forest Threshold Candidate Anomaly Selection Anomalies Template DTW ED SBD DTW ED SBD 1 1 0.8 0.8 Best F-score 0.6 0.6 AUC 0.4 0.4 0.2 0.2 0 0 A B C D A B C D Dataset Dataset DTW is a good choice! 26

  27. Efficiency of Anomaly Similarity Search Yes (Labeled KPIs) Operators Investigate All anomalies Unlabeled have been KPIs labeled? Comparison of per-KPI response time Preprocessing Check of top-k No (Choose similar anomalies Feature another Extraction template) Accelerated Anomaly Similarity Search Naïve Search Original DTW Isolation DTW Forest Threshold Candidate Anomaly Selection Anomalies Template 6 Per-KPI running time 5 Unsupervised anomaly detection: 4 (seconds) n Reduce search space 3 Accelerated DTW: Reduce DTW 2 n computational complexity 1 0 A B C D Dataset Under 0.5 second, real-time response 27

  28. Operational Background Design Evaluation Experience 28

  29. Labeling Tool with Label-Less Unsupervised anomaly detection n – Candidate potential anomalies (marked in red) – The threshold can be tuned by operators Tune threshold 29

  30. Labeling Tool with Label-Less Anomaly similarity search n Anomaly template Similar anomalies 30

  31. Comparison of Labeling time Traditional labeling Label-Less Scanning back Unsupervised and forth anomaly detection Checking labeling Anomaly similarity consistency search 31

  32. Comparison of Labeling time • Experiment: eight voluntary experienced operators Group 1: Traditional labeling Group 2: Label-less Comparison of per-KPI Labeling Time Reduce more Label-Less Traditional 120 than 90% labeling Time(minutes) 100 time! 80 60 40 20 0 A B C D Dataset 32

  33. Conclusion Labeling overhead has become the main hurdle to researching effective and n practical KPI anomaly detection. The semi-automatic labeling tool Label-Less can greatly reduce operators’ n labeling overhead. Label-Less is important first step to enable an ImageNet-like large-scale KPI n anomaly dataset with high-quality ground truth. 33

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

(Semi-)Automatic Normalization of Historical Texts using Distance Measures and the Norma tool

(Semi-)Automatic Normalization of Historical Texts using Distance Measures and the Norma tool

Corpora Methods Norma Tool Evaluation (Semi-)Automatic Normalization of Historical Texts using Distance Measures and the Norma tool Marcel Bollmann Department of Linguistics Ruhr-University Bochum, Germany Second Workshop on Annotation of

626 views • 35 slides
A&quot;semi'automatic&quot;web&quot;based&quot;tool

A&quot;semi'automatic&quot;web&quot;based&quot;tool

A&quot;semi'automatic&quot;web&quot;based&quot;tool for&quot;the&quot;selection&quot;of&quot;research ! projects&quot;reviewers Valeria!PUPELLA!a,!Maria!Eugenia!MONTEVERDE!a,!Claudio!LOMBARDO!b, Filippo!BELARDELLI!c!and!Mauro!GIACOMINI!a

422 views • 19 slides
Towards a semi-automatic functional annotation tool based on decision tree techniques J. Az 1 L.

Towards a semi-automatic functional annotation tool based on decision tree techniques J. Az 1 L.

Towards a semi-automatic functional annotation tool based on decision tree techniques J. Az 1 L. Gentils 1 C. Toffano-Nioche 1 V. Loux 2 J-F. Gibrat 2 . Bessires 2 C. Rouveirol 3 A. Poupon 4 P C. Froidevaux 1 1 LRI UMR 8623 CNRS, Univ.

624 views • 51 slides
ByLabel: A Boundary Based Semi-Automatic Image Annotation Tool Xuebin Qin, Shida He, Zichen

ByLabel: A Boundary Based Semi-Automatic Image Annotation Tool Xuebin Qin, Shida He, Zichen

ByLabel: A Boundary Based Semi-Automatic Image Annotation Tool Xuebin Qin, Shida He, Zichen Zhang, Masood Dehghan and Martin Jagersand Department of Computing Science University of Alberta, Canada Introduction Our Solution Results

488 views • 10 slides
Presentation of the label Annick DEMOUY President of the committee of labelling Certicold

Presentation of the label Annick DEMOUY President of the committee of labelling Certicold

Certicold Pharma Presentation of the label Annick DEMOUY President of the committee of labelling Certicold Responsible pharmacist Stradis This Document is the property of Cemafroid SAS, and cannot be used nor given to outside party without

300 views • 13 slides
The complementarity of automatic, semi-automatic and phonetic measures of vocal tract output

The complementarity of automatic, semi-automatic and phonetic measures of vocal tract output

The complementarity of automatic, semi-automatic and phonetic measures of vocal tract output Vincent Hughes, Philip Harrison, Paul Foulkes, Peter French, Colleen Kavanagh &amp; Eugenia San Segundo IAFPA 9-12 July 2017 1. Forensic voice

481 views • 20 slides
Amendments to Maltas Firearms Legislation TARGET SHOOTERS (SEMI-AUTOMATIC FIREARMS),

Amendments to Maltas Firearms Legislation TARGET SHOOTERS (SEMI-AUTOMATIC FIREARMS),

Ministry for Home Affairs and National Security Amendments to Maltas Firearms Legislation TARGET SHOOTERS (SEMI-AUTOMATIC FIREARMS), COLLECTORS (AUTOMATIC AND SEMI-AUTOMATIC FIREARMS), RENEWAL OF LICENCES AND FIREARMS PASS Target Shooters:

852 views • 27 slides
Semi-Automatic Code Modernization for Optimal Parallel I/O PRESENTED BY: SCEC 2018 Trung Nguyen

Semi-Automatic Code Modernization for Optimal Parallel I/O PRESENTED BY: SCEC 2018 Trung Nguyen

Semi-Automatic Code Modernization for Optimal Parallel I/O PRESENTED BY: SCEC 2018 Trung Nguyen Ba: December 14, 2018 tnguyenba@cs.umass.edu Ritu Arora: rauta@tacc.utexas.edu Interactive Parallelization Tool (IPT) IPT Design Overview

289 views • 13 slides
1 WHAT L-KD ( Labelled-KD ): tool for keyphrase clustering and labelling Extension of KD:

1 WHAT L-KD ( Labelled-KD ): tool for keyphrase clustering and labelling Extension of KD:

1 WHAT L-KD ( Labelled-KD ): tool for keyphrase clustering and labelling Extension of KD: http://dh.fbk.eu/technologies/kd Based on external linguistic and knowledge resources: i.e., WordNet Domains and ConceptNet 5 Works on

411 views • 13 slides
Assessing the benefits of partial automatic pre-labelling for frame-semantic annotation Ines

Assessing the benefits of partial automatic pre-labelling for frame-semantic annotation Ines

Motivation The Data - FrameNet Experimental Setup Results Conclusion and Future Work Assessing the benefits of partial automatic pre-labelling for frame-semantic annotation Ines Rehbein, Josef Ruppenhofer &amp; Caroline Sporleder FEAST

766 views • 37 slides
Automatic Labelling of tabla signals Olivier K. GILLET , Gal RICHARD Introduction

Automatic Labelling of tabla signals Olivier K. GILLET , Gal RICHARD Introduction

ISMIR 2003 Oct. 27th 30th 2003 Baltimore (USA) Automatic Labelling of tabla signals Olivier K. GILLET , Gal RICHARD Introduction Exponential growth of available digital information need for Indexing and Retrieval technique

845 views • 21 slides
Object Detection in Snorkel Michael Chi Ian Tang 1 Snorkel 2 Data Programming Labelling

Object Detection in Snorkel Michael Chi Ian Tang 1 Snorkel 2 Data Programming Labelling

R244 Object Detection in Snorkel Michael Chi Ian Tang 1 Snorkel 2 Data Programming Labelling functions Express knowledge as labelling functions Can have unknown accuracies and correlations Assign a class label or abstain 3

470 views • 16 slides
ParaFormance: An Advanced Refactoring Tool for Parallelising C++

ParaFormance: An Advanced Refactoring Tool for Parallelising C++

Allows engagement with the new MultiCore/ManyCore age, with minimal efgort Provides automated guidance on choosing the right Parallel structure Provides semi-automatic (programmer-in-the-loop) Parallelisation Signifjcantly

745 views • 26 slides
More unlabelled data or label more data? A study on semi-supervised laparoscopic image

More unlabelled data or label more data? A study on semi-supervised laparoscopic image

More unlabelled data or label more data? A study on semi-supervised laparoscopic image segmentation Yunguan Fu 1,2 , Maria R. Robu 1 , Bongjin Koo 1 , Crispin Schneider 3 , Stijn van Laarhoven 3 , Danail Stoyanov 1 , Brian Davidson 3 , Matthew J.

259 views • 11 slides
Semi-automatic generation of multilingual glossaries Ilan Kernerman K Dictionaries Ltd, Tel Aviv

Semi-automatic generation of multilingual glossaries Ilan Kernerman K Dictionaries Ltd, Tel Aviv

MultilingualWeb Workshop Riga, 29 April 2015 Semi-automatic generation of multilingual glossaries Ilan Kernerman K Dictionaries Ltd, Tel Aviv SUMMARY K Dictionaries semi-automated multilingual glossaries stem from our unique English

785 views • 21 slides
Subjective Evaluation of a Semi-Automatic Optical See- Through Head-Mounted Display Calibration

Subjective Evaluation of a Semi-Automatic Optical See- Through Head-Mounted Display Calibration

Subjective Evaluation of a Semi-Automatic Optical See- Through Head-Mounted Display Calibration Technique Kenneth Moser Yuta Itoh Kohei Oshima Technical University of Munich Nara Institute of Science &amp; Technology Mississippi State

461 views • 45 slides
t Hooft Anomaly &amp; Modular Bootstrap Shu-Heng Shao Institute for Advanced Study Based on

t Hooft Anomaly &amp; Modular Bootstrap Shu-Heng Shao Institute for Advanced Study Based on

Joint ICTP/SISSA String Seminar April 3 rd , 2019 t Hooft Anomaly &amp; Modular Bootstrap Shu-Heng Shao Institute for Advanced Study Based on work with Ying-Hsuan Lin (Caltech) ArXiv: 1904.xxxxx Two Major Non-Perturbative Tools for QFT

678 views • 51 slides
Identifying Suspicious Activities in Grid Network Traffic Fyodor Yarochkin, Vladimir Kropotov

Identifying Suspicious Activities in Grid Network Traffic Fyodor Yarochkin, Vladimir Kropotov

Identifying Suspicious Activities in Grid Network Traffic Fyodor Yarochkin, Vladimir Kropotov TWGRID/EGI What can be wrong in a cloud?! Agenda Methods Case Studies Lessons Learnt The DATA Raw Data (network packet captures)

408 views • 30 slides
Aspects of Symmetries and RG Flow Constraints Ken Intriligator (UCSD) ICMP Montreal 2018 Thank

Aspects of Symmetries and RG Flow Constraints Ken Intriligator (UCSD) ICMP Montreal 2018 Thank

Aspects of Symmetries and RG Flow Constraints Ken Intriligator (UCSD) ICMP Montreal 2018 Thank the organizers for the opportunity to attend this conference and give this talk. Based on work with Clay Cordova (IAS / U. Chicago) and Thomas

595 views • 21 slides
Comparison of GFDLs Atmospheric Models against Observations Claire Radley, Leo Donner &amp;

Comparison of GFDLs Atmospheric Models against Observations Claire Radley, Leo Donner &amp;

Comparison of GFDLs Atmospheric Models against Observations Claire Radley, Leo Donner &amp; Stephan Fueglistaler GFDL, Princeton University, Princeton, NJ Motivation: 1. General Circulation Models - Needed for predicting changes - Tools

569 views • 26 slides
Anomaly of the Electromagnetic Duality of Maxwell Theory $ N # + # S $ Chang-Tse Hsieh

Anomaly of the Electromagnetic Duality of Maxwell Theory $ N # + # S $ Chang-Tse Hsieh

Anomaly of the Electromagnetic Duality of Maxwell Theory $ N # + # S $ Chang-Tse Hsieh Kavli IPMU &amp; Institute for Solid States Physics, Univ of Tokyo East Asian String Webinar May 29, 2020 Collaboration Yuji Tachikawa Kazuya

570 views • 55 slides
Anomalies and discrete chiral symmetries Michael Creutz BNL &amp; U. Mainz Three sources of

Anomalies and discrete chiral symmetries Michael Creutz BNL &amp; U. Mainz Three sources of

Anomalies and discrete chiral symmetries Michael Creutz BNL &amp; U. Mainz Three sources of chiral symmetry breaking in QCD spontaneous breaking = 0 explains lightness of pions implicit breaking of U (1) by the anomaly

427 views • 32 slides
CC-Log : Drastically Reducing Storage Requirements for Robots Using Classification and

CC-Log : Drastically Reducing Storage Requirements for Robots Using Classification and

CC-Log : Drastically Reducing Storage Requirements for Robots Using Classification and Compression Santiago Gonzalez , Vijay Chidambaram, Jivko Sinapov, and Peter Stone University of Texas at Austin 1 The Problem Robots have a growing

794 views • 54 slides
Intrusion Detection Systems CSE497b - Spring 2007 Introduction Computer and Network Security

Intrusion Detection Systems CSE497b - Spring 2007 Introduction Computer and Network Security

Intrusion Detection Systems CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger

328 views • 18 slides

More recommend