SlideShare a Scribd company logo

Anomaly Detection @Twitter

Zhan Zhang
Zhan Zhang

Anomaly Detection

Technology
1 of 27
Anomaly  Detec-on  @  Twi2er   Vijay Rajaram, Jenna Zhang, Arun Kejariwal (@djvjallday, @jenna_zz, @arun_kejariwal) February 2015
Internet  Trends:  Real-­‐-me  Communica-on   AK  2  
Data  Fidelity   •  Data-driven decision making q Evolving product landscape •  Data partners q Nielsen q Dataminr •  Operational q Performance and Availability AK  3   A/B  Tes-ng  
Data  Fidelity:  Challenges   •  Anomalies q Exogenic factors §  User behavior §  Events §  Data center q Endogenic factors §  Agile development o  Fail fast §  Data collection •  Millions of time series [1,2] q Scalability AK  4   [1]  h2p://strata.oreilly.com/2013/09/how-­‐twi2er-­‐monitors-­‐millions-­‐of-­‐-me-­‐series.html   [2]  h2p://strataconf.com/strata2014/public/schedule/detail/32431  
Anomaly  Detec-on   •  Visual q Prone to errors q Not scalable §  Machine generated data 11% of the digital universe in 2005 to > 40% by 2020 [1] §  Cloud Infrastructure 2013-2017 CAGR ~50% [2] •  Algorithmic approach q Automate! AK  5  [1]  h2p://www.emc.com/about/news/press/2012/20121211-­‐01.htm   [2]  h2p://www.forbes.com/sites/gilpress/2013/12/12/16-­‐1-­‐billion-­‐big-­‐data-­‐market-­‐2014-­‐predic-ons-­‐from-­‐idc-­‐and-­‐iia/    
Anomaly  Detec-on:  Background   •  Over 50 years of research [1] q Statistics §  Extreme Value Theory §  Robust Statistics, Grubb’s Test, ESD q Econometrics q Finance §  Value at Risk (VaR) q Signal Processing q Music Information Retrieval q Networking q E- Commerce q Performance Regression AK  6  [1]  “Anomaly  Detec-on”  by  Chandola  et  al.  ACM  Compu-ng  Surveys,  2009.    
Anomaly  Detec-on   •  Characterization q Magnitude q Width q Frequency q Direction  AK  7  
Anomaly  Detec-on    (contd.)   •  Two flavors q Global §  Max Value q Local §  Intra-day AK  8   Global Local
Anomaly  Detec-on    (contd.)   •  Traditional Approaches q Metrics §  Mean μ §  Variance σ q Rule of thumb §  μ + 3*σ q Which time series? §  Raw §  Moving Averages o  SMA, EWMA, PEWMA AK  9   3 * σ
Anomaly  Detec-on    (contd.)   •  Impact of multi-modal distribution q μ Shift ~ 0.2% q Inflates σ by 4.5% §  Miss quite a few anomalies q What do multiple modes correspond to? §  Seasonality AK  10  
•  Robust Statistics q MAD §  Robust Breakdown point o  Median 50% vs. Mean 0% q σMAD §  K = 1.4826 for normally distributed data AK  11   Anomaly  Detec-on    (contd.)  
•  Grubb’s Test q Critical value is derived from data using a statistical confidence (α) •  ESD (Generalized Extreme Studentized Deviate) [1] q Critical value (λi) re-calculated every iteration q Largest i such that Ri > λi determines # of anomalies q An upper-bound on the number of anomalies is an input parameter AK  12   Anomaly  Detec-on    (contd.)   [1]  Rosner,  Bernard.  “Percentage  Points  for  a  Generalized  ESD  Many-­‐outlier  Procedure.”  Technometrics  25,  no.  2  (1983):  165–172.  
Our  Approach  
•  Addressing Seasonality q Key Idea §  Time Series Decomposition AK  14   Anomaly  Detec-on    (contd.)  
•  Impact of removal of seasonal and trend q Transforms our multi-modal data into unimodal data. §  Amenable to ESD/MAD! AK  15   Anomaly  Detec-on    (contd.)   The decomposed Residual becomes "Uni-modal". This significantly shrinks the value of sigma. The original "Multi-Modal" Raw Data has a much wider value for sigma, leading ESD to miss a lot of the outliers.
Trend Smoothing Distortion Creates “Phantom” Anomalies •  Challenges remain! AK  16   Anomaly  Detec-on    (contd.)  
•  Marrying Robust Statistics with Seasonal Decomposition AK  17   Anomaly  Detec-on    (contd.)   Median is Free from Distortion
•  Applying ESD on the Residual AK  18   Anomaly  Detec-on    (contd.)   Decomposition Exposes Anomalies
•  Illustrative example AK  19   Anomaly  Detec-on    (contd.)  
•  Standalone R package q https://github.com/twitter/AnomalyDetection q Key features §  Filter o  Last day, Last hour o  Direction: positive, negative, both §  Expected values §  Long term o  Piecewise approximation (HotCloud’14 research paper) q Widely used •  Blog q  https://blog.twitter.com/2015/introducing-practical-and-robust-anomaly-detection-in-a-time-series AK  20   Open  Source  
•  Pluggable design q Data source §  Currently, support different data sources q Detector •  Usage q Library: §  Mesos job q Service §  RESTful API AK  21   Anomaly  Detec-on    (contd.)   Status     Used  by  10+  internal  customers  
•  E-mail notification AK  22   Anomaly  Detec-on    (contd.)   •  JIRA integration q  Ticket auto-created if anomaly detected
•  Granularities q Daily §  Seasonal adjustment based on day of the week o  Keep things simple q Minutely §  S-H-ESD AK  23   Anomaly  Detec-on    (contd.)  
•  Lessons learned in the wild q Summingbird [1] - Lambda architecture q Real time: Data integrity issues - lag between real time and batch §  Periodic update to cache §  Higher threshold AK  24   Real-­‐-me  Anomaly  Detec-on   [1]  "Summingbird:  a  framework  for  integra-ng  batch  and  online  MapReduce  computa-ons",    by  O.  Boykin  and  S.  Ritchie  and  I.  O'Connell  and  J.  Lin.    Proceedings  of  the  VLDB  Endowment,  7:13,  pp.  1441-­‐1451,  August  2014.  
•  Lessons learned in the wild q JVM R bridges §  High latency §  Exception handling missing q Looping future model §  Finagle q Few historical anomalies AK  25   Real-­‐-me  Anomaly  Detec-on  (contd.)  
•  Future work q Streaming algorithms §  Key for sub-minute data granularity q Making job more robust §  Minimizing false positives §  Real-time topology uptime q More use cases §  Multiple time series (correlation) §  Core metrics AK  26   Real-­‐-me  Anomaly  Detec-on  (contd.)  
Join  the  Flock   •  We are hiring!! q https://twitter.com/JoinTheFlock q https://twitter.com/jobs q Contact us: @arun_kejariwal Like  problem  solving?     Like  challenges?     Be  at  cuing  Edge     Make  an  impact   AK  27  

Recommended

Best Practices in DataOps: How to Create Agile, Automated Data Pipelines
Best Practices in DataOps: How to Create Agile, Automated Data PipelinesBest Practices in DataOps: How to Create Agile, Automated Data Pipelines
Best Practices in DataOps: How to Create Agile, Automated Data PipelinesEric Kavanagh
 
Building Data Lakes in the AWS Cloud
Building Data Lakes in the AWS CloudBuilding Data Lakes in the AWS Cloud
Building Data Lakes in the AWS CloudAmazon Web Services
 
Forget Big Data. It's All About Smart Data
Forget Big Data. It's All About Smart DataForget Big Data. It's All About Smart Data
Forget Big Data. It's All About Smart DataAlan McSweeney
 
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...Amazon Web Services
 
How to build a successful Data Lake
How to build a successful Data LakeHow to build a successful Data Lake
How to build a successful Data LakeDataWorks Summit/Hadoop Summit
 
Building-a-Data-Lake-on-AWS
Building-a-Data-Lake-on-AWSBuilding-a-Data-Lake-on-AWS
Building-a-Data-Lake-on-AWSAmazon Web Services
 
DataEd Slides: Data Strategy Best Practices
DataEd Slides: Data Strategy Best PracticesDataEd Slides: Data Strategy Best Practices
DataEd Slides: Data Strategy Best PracticesDATAVERSITY
 
The Zen of DataOps – AWS Lake Formation and the Data Supply Chain Pipeline
The Zen of DataOps – AWS Lake Formation and the Data Supply Chain PipelineThe Zen of DataOps – AWS Lake Formation and the Data Supply Chain Pipeline
The Zen of DataOps – AWS Lake Formation and the Data Supply Chain PipelineAmazon Web Services
 

Recommended

Best Practices in DataOps: How to Create Agile, Automated Data Pipelines
Best Practices in DataOps: How to Create Agile, Automated Data PipelinesBest Practices in DataOps: How to Create Agile, Automated Data Pipelines
Best Practices in DataOps: How to Create Agile, Automated Data PipelinesEric Kavanagh
 
Building Data Lakes in the AWS Cloud
Building Data Lakes in the AWS CloudBuilding Data Lakes in the AWS Cloud
Building Data Lakes in the AWS CloudAmazon Web Services
 
Forget Big Data. It's All About Smart Data
Forget Big Data. It's All About Smart DataForget Big Data. It's All About Smart Data
Forget Big Data. It's All About Smart DataAlan McSweeney
 
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...
How HSBC Uses Serverless to Process Millions of Transactions in Real Time (FS...Amazon Web Services
 
How to build a successful Data Lake
How to build a successful Data LakeHow to build a successful Data Lake
How to build a successful Data LakeDataWorks Summit/Hadoop Summit
 
Building-a-Data-Lake-on-AWS
Building-a-Data-Lake-on-AWSBuilding-a-Data-Lake-on-AWS
Building-a-Data-Lake-on-AWSAmazon Web Services
 
DataEd Slides: Data Strategy Best Practices
DataEd Slides: Data Strategy Best PracticesDataEd Slides: Data Strategy Best Practices
DataEd Slides: Data Strategy Best PracticesDATAVERSITY
 
The Zen of DataOps – AWS Lake Formation and the Data Supply Chain Pipeline
The Zen of DataOps – AWS Lake Formation and the Data Supply Chain PipelineThe Zen of DataOps – AWS Lake Formation and the Data Supply Chain Pipeline
The Zen of DataOps – AWS Lake Formation and the Data Supply Chain PipelineAmazon Web Services
 
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Amazon Web Services
 
Presentation on Big Data Analytics
Presentation on Big Data AnalyticsPresentation on Big Data Analytics
Presentation on Big Data AnalyticsS P Sajjan
 
Social Media Monitoring with NiFi, Druid and Superset
Social Media Monitoring with NiFi, Druid and SupersetSocial Media Monitoring with NiFi, Druid and Superset
Social Media Monitoring with NiFi, Druid and SupersetThiago Santiago
 
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summits
 
Whoops, The Numbers Are Wrong! Scaling Data Quality @ Netflix
Whoops, The Numbers Are Wrong! Scaling Data Quality @ NetflixWhoops, The Numbers Are Wrong! Scaling Data Quality @ Netflix
Whoops, The Numbers Are Wrong! Scaling Data Quality @ NetflixDataWorks Summit
 
Apache Atlas: Tracking dataset lineage across Hadoop components
Apache Atlas: Tracking dataset lineage across Hadoop componentsApache Atlas: Tracking dataset lineage across Hadoop components
Apache Atlas: Tracking dataset lineage across Hadoop componentsDataWorks Summit/Hadoop Summit
 
Cloud transformation and Evolution of Integration Patterns
Cloud transformation and Evolution of Integration PatternsCloud transformation and Evolution of Integration Patterns
Cloud transformation and Evolution of Integration PatternsSrikanth Prathipati
 
Straight Talk to Demystify Data Lineage
Straight Talk to Demystify Data LineageStraight Talk to Demystify Data Lineage
Straight Talk to Demystify Data LineageDATAVERSITY
 
Data pipeline and data lake for autonomous driving
Data pipeline and data lake for autonomous drivingData pipeline and data lake for autonomous driving
Data pipeline and data lake for autonomous drivingYu Huang
 
Building Robust Production Data Pipelines with Databricks Delta
Building Robust Production Data Pipelines with Databricks DeltaBuilding Robust Production Data Pipelines with Databricks Delta
Building Robust Production Data Pipelines with Databricks DeltaDatabricks
 
Dynamic Column Masking and Row-Level Filtering in HDP
Dynamic Column Masking and Row-Level Filtering in HDPDynamic Column Masking and Row-Level Filtering in HDP
Dynamic Column Masking and Row-Level Filtering in HDPHortonworks
 
Building Data Lakes and Analytics on AWS
Building Data Lakes and Analytics on AWSBuilding Data Lakes and Analytics on AWS
Building Data Lakes and Analytics on AWSAmazon Web Services
 
국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장
국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장
국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장BESPIN GLOBAL
 
Customer Event Hub - the modern Customer 360° view
Customer Event Hub - the modern Customer 360° viewCustomer Event Hub - the modern Customer 360° view
Customer Event Hub - the modern Customer 360° viewGuido Schmutz
 
Exploratory data analysis
Exploratory data analysisExploratory data analysis
Exploratory data analysisVishwas N
 
Day 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon Kinesis
Day 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon KinesisDay 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon Kinesis
Day 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon KinesisAmazon Web Services
 
Migrating Oracle database to Cassandra
Migrating Oracle database to CassandraMigrating Oracle database to Cassandra
Migrating Oracle database to CassandraUmair Mansoob
 
Sustainable Data Governance
Sustainable Data GovernanceSustainable Data Governance
Sustainable Data GovernanceFirst San Francisco Partners
 
Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control DBmaestro - Database DevOps
 
Azure data bricks by Eugene Polonichko
Azure data bricks by Eugene PolonichkoAzure data bricks by Eugene Polonichko
Azure data bricks by Eugene PolonichkoAlex Tumanoff
 
Statistical Learning Based Anomaly Detection @ Twitter
Statistical Learning Based Anomaly Detection @ TwitterStatistical Learning Based Anomaly Detection @ Twitter
Statistical Learning Based Anomaly Detection @ TwitterArun Kejariwal
 
PosterPresentation
PosterPresentationPosterPresentation
PosterPresentationRaj Shekhar
 

More Related Content

What's hot

Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Amazon Web Services
 
Presentation on Big Data Analytics
Presentation on Big Data AnalyticsPresentation on Big Data Analytics
Presentation on Big Data AnalyticsS P Sajjan
 
Social Media Monitoring with NiFi, Druid and Superset
Social Media Monitoring with NiFi, Druid and SupersetSocial Media Monitoring with NiFi, Druid and Superset
Social Media Monitoring with NiFi, Druid and SupersetThiago Santiago
 
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summits
 
Whoops, The Numbers Are Wrong! Scaling Data Quality @ Netflix
Whoops, The Numbers Are Wrong! Scaling Data Quality @ NetflixWhoops, The Numbers Are Wrong! Scaling Data Quality @ Netflix
Whoops, The Numbers Are Wrong! Scaling Data Quality @ NetflixDataWorks Summit
 
Apache Atlas: Tracking dataset lineage across Hadoop components
Apache Atlas: Tracking dataset lineage across Hadoop componentsApache Atlas: Tracking dataset lineage across Hadoop components
Apache Atlas: Tracking dataset lineage across Hadoop componentsDataWorks Summit/Hadoop Summit
 
Cloud transformation and Evolution of Integration Patterns
Cloud transformation and Evolution of Integration PatternsCloud transformation and Evolution of Integration Patterns
Cloud transformation and Evolution of Integration PatternsSrikanth Prathipati
 
Straight Talk to Demystify Data Lineage
Straight Talk to Demystify Data LineageStraight Talk to Demystify Data Lineage
Straight Talk to Demystify Data LineageDATAVERSITY
 
Data pipeline and data lake for autonomous driving
Data pipeline and data lake for autonomous drivingData pipeline and data lake for autonomous driving
Data pipeline and data lake for autonomous drivingYu Huang
 
Building Robust Production Data Pipelines with Databricks Delta
Building Robust Production Data Pipelines with Databricks DeltaBuilding Robust Production Data Pipelines with Databricks Delta
Building Robust Production Data Pipelines with Databricks DeltaDatabricks
 
Dynamic Column Masking and Row-Level Filtering in HDP
Dynamic Column Masking and Row-Level Filtering in HDPDynamic Column Masking and Row-Level Filtering in HDP
Dynamic Column Masking and Row-Level Filtering in HDPHortonworks
 
Building Data Lakes and Analytics on AWS
Building Data Lakes and Analytics on AWSBuilding Data Lakes and Analytics on AWS
Building Data Lakes and Analytics on AWSAmazon Web Services
 
국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장
국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장
국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장BESPIN GLOBAL
 
Customer Event Hub - the modern Customer 360° view
Customer Event Hub - the modern Customer 360° viewCustomer Event Hub - the modern Customer 360° view
Customer Event Hub - the modern Customer 360° viewGuido Schmutz
 
Exploratory data analysis
Exploratory data analysisExploratory data analysis
Exploratory data analysisVishwas N
 
Day 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon Kinesis
Day 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon KinesisDay 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon Kinesis
Day 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon KinesisAmazon Web Services
 
Migrating Oracle database to Cassandra
Migrating Oracle database to CassandraMigrating Oracle database to Cassandra
Migrating Oracle database to CassandraUmair Mansoob
 
Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control DBmaestro - Database DevOps
 
Azure data bricks by Eugene Polonichko
Azure data bricks by Eugene PolonichkoAzure data bricks by Eugene Polonichko
Azure data bricks by Eugene PolonichkoAlex Tumanoff
 

What's hot (20)

Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
 
Presentation on Big Data Analytics
Presentation on Big Data AnalyticsPresentation on Big Data Analytics
Presentation on Big Data Analytics
 
Social Media Monitoring with NiFi, Druid and Superset
Social Media Monitoring with NiFi, Druid and SupersetSocial Media Monitoring with NiFi, Druid and Superset
Social Media Monitoring with NiFi, Druid and Superset
 
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
 
Whoops, The Numbers Are Wrong! Scaling Data Quality @ Netflix
Whoops, The Numbers Are Wrong! Scaling Data Quality @ NetflixWhoops, The Numbers Are Wrong! Scaling Data Quality @ Netflix
Whoops, The Numbers Are Wrong! Scaling Data Quality @ Netflix
 
Apache Atlas: Tracking dataset lineage across Hadoop components
Apache Atlas: Tracking dataset lineage across Hadoop componentsApache Atlas: Tracking dataset lineage across Hadoop components
Apache Atlas: Tracking dataset lineage across Hadoop components
 
Cloud transformation and Evolution of Integration Patterns
Cloud transformation and Evolution of Integration PatternsCloud transformation and Evolution of Integration Patterns
Cloud transformation and Evolution of Integration Patterns
 
Straight Talk to Demystify Data Lineage
Straight Talk to Demystify Data LineageStraight Talk to Demystify Data Lineage
Straight Talk to Demystify Data Lineage
 
Data pipeline and data lake for autonomous driving
Data pipeline and data lake for autonomous drivingData pipeline and data lake for autonomous driving
Data pipeline and data lake for autonomous driving
 
Building Robust Production Data Pipelines with Databricks Delta
Building Robust Production Data Pipelines with Databricks DeltaBuilding Robust Production Data Pipelines with Databricks Delta
Building Robust Production Data Pipelines with Databricks Delta
 
Dynamic Column Masking and Row-Level Filtering in HDP
Dynamic Column Masking and Row-Level Filtering in HDPDynamic Column Masking and Row-Level Filtering in HDP
Dynamic Column Masking and Row-Level Filtering in HDP
 
Building Data Lakes and Analytics on AWS
Building Data Lakes and Analytics on AWSBuilding Data Lakes and Analytics on AWS
Building Data Lakes and Analytics on AWS
 
국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장
국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장
국내 건설 기계사 도입 사례를 통해 보는 AI가 적용된 수요 예측 관리 - 베스핀글로벌 조창윤 AI/ML팀 팀장
 
Customer Event Hub - the modern Customer 360° view
Customer Event Hub - the modern Customer 360° viewCustomer Event Hub - the modern Customer 360° view
Customer Event Hub - the modern Customer 360° view
 
Exploratory data analysis
Exploratory data analysisExploratory data analysis
Exploratory data analysis
 
Day 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon Kinesis
Day 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon KinesisDay 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon Kinesis
Day 5 - Real-time Data Processing/Internet of Things (IoT) with Amazon Kinesis
 
Migrating Oracle database to Cassandra
Migrating Oracle database to CassandraMigrating Oracle database to Cassandra
Migrating Oracle database to Cassandra
 
Sustainable Data Governance
Sustainable Data GovernanceSustainable Data Governance
Sustainable Data Governance
 
Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control
 
Azure data bricks by Eugene Polonichko
Azure data bricks by Eugene PolonichkoAzure data bricks by Eugene Polonichko
Azure data bricks by Eugene Polonichko
 

Similar to Anomaly Detection @Twitter

Statistical Learning Based Anomaly Detection @ Twitter
Statistical Learning Based Anomaly Detection @ TwitterStatistical Learning Based Anomaly Detection @ Twitter
Statistical Learning Based Anomaly Detection @ TwitterArun Kejariwal
 
PosterPresentation
PosterPresentationPosterPresentation
PosterPresentationRaj Shekhar
 
Part Arrival Prediction Engine
Part Arrival Prediction EnginePart Arrival Prediction Engine
Part Arrival Prediction EngineBalaji Mohan
 
AI for PM.pptx
AI for PM.pptxAI for PM.pptx
AI for PM.pptxNatan Katz
 
Data Stream Analytics - Why they are important
Data Stream Analytics - Why they are importantData Stream Analytics - Why they are important
Data Stream Analytics - Why they are importantParis Carbone
 
GridPIQ_Webinar_2018_08_28.pptx
GridPIQ_Webinar_2018_08_28.pptxGridPIQ_Webinar_2018_08_28.pptx
GridPIQ_Webinar_2018_08_28.pptxMThamilAlagan
 
Holistic data application quality
Holistic data application qualityHolistic data application quality
Holistic data application qualityLars Albertsson
 
PEARC17: Visual exploration and analysis of time series earthquake data
PEARC17: Visual exploration and analysis of time series earthquake dataPEARC17: Visual exploration and analysis of time series earthquake data
PEARC17: Visual exploration and analysis of time series earthquake dataAmit Chourasia
 
Sql azure cluster dashboard public.ppt
Sql azure cluster dashboard public.pptSql azure cluster dashboard public.ppt
Sql azure cluster dashboard public.pptQingsong Yao
 
Why Data Management Needs To Be Involved In Study Design, Katrien Vermeiren, ...
Why Data Management Needs To Be Involved In Study Design, Katrien Vermeiren, ...Why Data Management Needs To Be Involved In Study Design, Katrien Vermeiren, ...
Why Data Management Needs To Be Involved In Study Design, Katrien Vermeiren, ...Steffan Stringer
 
Final observability starts_with_data
Final observability starts_with_dataFinal observability starts_with_data
Final observability starts_with_dataDave McAllister
 
TAO Refresh - Automation of Data Spike Flagging Quality
TAO Refresh - Automation of Data Spike Flagging Quality TAO Refresh - Automation of Data Spike Flagging Quality
TAO Refresh - Automation of Data Spike Flagging Quality Sathishkumar Samiappan
 
Digital supply chain quality management
Digital supply chain quality managementDigital supply chain quality management
Digital supply chain quality managementMartin Geddes
 
impervious cover
impervious coverimpervious cover
impervious coverJames Yang
 
How to leverage Quantum Computing and Generative AI for Clean Energy Transiti...
How to leverage Quantum Computing and Generative AI for Clean Energy Transiti...How to leverage Quantum Computing and Generative AI for Clean Energy Transiti...
How to leverage Quantum Computing and Generative AI for Clean Energy Transiti...Sayonsom Chanda
 
A Segmentation of Water Consumption with Apache Spark
A Segmentation of Water Consumption with Apache SparkA Segmentation of Water Consumption with Apache Spark
A Segmentation of Water Consumption with Apache SparkDiego García Valverde
 
22 - CSIRO - Water Data Management-Sep-17
22 - CSIRO - Water Data Management-Sep-1722 - CSIRO - Water Data Management-Sep-17
22 - CSIRO - Water Data Management-Sep-17indiawrm
 
Quantiative Risk Analysis for the Aerospace Industry
Quantiative Risk Analysis for the Aerospace IndustryQuantiative Risk Analysis for the Aerospace Industry
Quantiative Risk Analysis for the Aerospace IndustryIntaver Insititute
 

Similar to Anomaly Detection @Twitter (20)

Statistical Learning Based Anomaly Detection @ Twitter
Statistical Learning Based Anomaly Detection @ TwitterStatistical Learning Based Anomaly Detection @ Twitter
Statistical Learning Based Anomaly Detection @ Twitter
 
PosterPresentation
PosterPresentationPosterPresentation
PosterPresentation
 
Part Arrival Prediction Engine
Part Arrival Prediction EnginePart Arrival Prediction Engine
Part Arrival Prediction Engine
 
AI for PM.pptx
AI for PM.pptxAI for PM.pptx
AI for PM.pptx
 
Data Stream Analytics - Why they are important
Data Stream Analytics - Why they are importantData Stream Analytics - Why they are important
Data Stream Analytics - Why they are important
 
GridPIQ_Webinar_2018_08_28.pptx
GridPIQ_Webinar_2018_08_28.pptxGridPIQ_Webinar_2018_08_28.pptx
GridPIQ_Webinar_2018_08_28.pptx
 
Holistic data application quality
Holistic data application qualityHolistic data application quality
Holistic data application quality
 
PEARC17: Visual exploration and analysis of time series earthquake data
PEARC17: Visual exploration and analysis of time series earthquake dataPEARC17: Visual exploration and analysis of time series earthquake data
PEARC17: Visual exploration and analysis of time series earthquake data
 
Sql azure cluster dashboard public.ppt
Sql azure cluster dashboard public.pptSql azure cluster dashboard public.ppt
Sql azure cluster dashboard public.ppt
 
Why Data Management Needs To Be Involved In Study Design, Katrien Vermeiren, ...
Why Data Management Needs To Be Involved In Study Design, Katrien Vermeiren, ...Why Data Management Needs To Be Involved In Study Design, Katrien Vermeiren, ...
Why Data Management Needs To Be Involved In Study Design, Katrien Vermeiren, ...
 
Final observability starts_with_data
Final observability starts_with_dataFinal observability starts_with_data
Final observability starts_with_data
 
TAO Refresh - Automation of Data Spike Flagging Quality
TAO Refresh - Automation of Data Spike Flagging Quality TAO Refresh - Automation of Data Spike Flagging Quality
TAO Refresh - Automation of Data Spike Flagging Quality
 
Digital supply chain quality management
Digital supply chain quality managementDigital supply chain quality management
Digital supply chain quality management
 
impervious cover
impervious coverimpervious cover
impervious cover
 
Louisiana coastal master plan
Louisiana coastal master planLouisiana coastal master plan
Louisiana coastal master plan
 
Shikha fdp 62_14july2017
Shikha fdp 62_14july2017Shikha fdp 62_14july2017
Shikha fdp 62_14july2017
 
How to leverage Quantum Computing and Generative AI for Clean Energy Transiti...
How to leverage Quantum Computing and Generative AI for Clean Energy Transiti...How to leverage Quantum Computing and Generative AI for Clean Energy Transiti...
How to leverage Quantum Computing and Generative AI for Clean Energy Transiti...
 
A Segmentation of Water Consumption with Apache Spark
A Segmentation of Water Consumption with Apache SparkA Segmentation of Water Consumption with Apache Spark
A Segmentation of Water Consumption with Apache Spark
 
22 - CSIRO - Water Data Management-Sep-17
22 - CSIRO - Water Data Management-Sep-1722 - CSIRO - Water Data Management-Sep-17
22 - CSIRO - Water Data Management-Sep-17
 
Quantiative Risk Analysis for the Aerospace Industry
Quantiative Risk Analysis for the Aerospace IndustryQuantiative Risk Analysis for the Aerospace Industry
Quantiative Risk Analysis for the Aerospace Industry
 

Recently uploaded

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 

Recently uploaded (20)

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 

Anomaly Detection @Twitter

  • 1. Anomaly  Detec-on  @  Twi2er   Vijay Rajaram, Jenna Zhang, Arun Kejariwal (@djvjallday, @jenna_zz, @arun_kejariwal) February 2015
  • 2. Internet  Trends:  Real-­‐-me  Communica-on   AK  2  
  • 3. Data  Fidelity   •  Data-driven decision making q Evolving product landscape •  Data partners q Nielsen q Dataminr •  Operational q Performance and Availability AK  3   A/B  Tes-ng  
  • 4. Data  Fidelity:  Challenges   •  Anomalies q Exogenic factors §  User behavior §  Events §  Data center q Endogenic factors §  Agile development o  Fail fast §  Data collection •  Millions of time series [1,2] q Scalability AK  4   [1]  h2p://strata.oreilly.com/2013/09/how-­‐twi2er-­‐monitors-­‐millions-­‐of-­‐-me-­‐series.html   [2]  h2p://strataconf.com/strata2014/public/schedule/detail/32431  
  • 5. Anomaly  Detec-on   •  Visual q Prone to errors q Not scalable §  Machine generated data 11% of the digital universe in 2005 to > 40% by 2020 [1] §  Cloud Infrastructure 2013-2017 CAGR ~50% [2] •  Algorithmic approach q Automate! AK  5  [1]  h2p://www.emc.com/about/news/press/2012/20121211-­‐01.htm   [2]  h2p://www.forbes.com/sites/gilpress/2013/12/12/16-­‐1-­‐billion-­‐big-­‐data-­‐market-­‐2014-­‐predic-ons-­‐from-­‐idc-­‐and-­‐iia/    
  • 6. Anomaly  Detec-on:  Background   •  Over 50 years of research [1] q Statistics §  Extreme Value Theory §  Robust Statistics, Grubb’s Test, ESD q Econometrics q Finance §  Value at Risk (VaR) q Signal Processing q Music Information Retrieval q Networking q E- Commerce q Performance Regression AK  6  [1]  “Anomaly  Detec-on”  by  Chandola  et  al.  ACM  Compu-ng  Surveys,  2009.    
  • 7. Anomaly  Detec-on   •  Characterization q Magnitude q Width q Frequency q Direction  AK  7  
  • 8. Anomaly  Detec-on    (contd.)   •  Two flavors q Global §  Max Value q Local §  Intra-day AK  8   Global Local
  • 9. Anomaly  Detec-on    (contd.)   •  Traditional Approaches q Metrics §  Mean μ §  Variance σ q Rule of thumb §  μ + 3*σ q Which time series? §  Raw §  Moving Averages o  SMA, EWMA, PEWMA AK  9   3 * σ
  • 10. Anomaly  Detec-on    (contd.)   •  Impact of multi-modal distribution q μ Shift ~ 0.2% q Inflates σ by 4.5% §  Miss quite a few anomalies q What do multiple modes correspond to? §  Seasonality AK  10  
  • 11. •  Robust Statistics q MAD §  Robust Breakdown point o  Median 50% vs. Mean 0% q σMAD §  K = 1.4826 for normally distributed data AK  11   Anomaly  Detec-on    (contd.)  
  • 12. •  Grubb’s Test q Critical value is derived from data using a statistical confidence (α) •  ESD (Generalized Extreme Studentized Deviate) [1] q Critical value (λi) re-calculated every iteration q Largest i such that Ri > λi determines # of anomalies q An upper-bound on the number of anomalies is an input parameter AK  12   Anomaly  Detec-on    (contd.)   [1]  Rosner,  Bernard.  “Percentage  Points  for  a  Generalized  ESD  Many-­‐outlier  Procedure.”  Technometrics  25,  no.  2  (1983):  165–172.  
  • 14. •  Addressing Seasonality q Key Idea §  Time Series Decomposition AK  14   Anomaly  Detec-on    (contd.)  
  • 15. •  Impact of removal of seasonal and trend q Transforms our multi-modal data into unimodal data. §  Amenable to ESD/MAD! AK  15   Anomaly  Detec-on    (contd.)   The decomposed Residual becomes "Uni-modal". This significantly shrinks the value of sigma. The original "Multi-Modal" Raw Data has a much wider value for sigma, leading ESD to miss a lot of the outliers.
  • 16. Trend Smoothing Distortion Creates “Phantom” Anomalies •  Challenges remain! AK  16   Anomaly  Detec-on    (contd.)  
  • 17. •  Marrying Robust Statistics with Seasonal Decomposition AK  17   Anomaly  Detec-on    (contd.)   Median is Free from Distortion
  • 18. •  Applying ESD on the Residual AK  18   Anomaly  Detec-on    (contd.)   Decomposition Exposes Anomalies
  • 19. •  Illustrative example AK  19   Anomaly  Detec-on    (contd.)  
  • 20. •  Standalone R package q https://github.com/twitter/AnomalyDetection q Key features §  Filter o  Last day, Last hour o  Direction: positive, negative, both §  Expected values §  Long term o  Piecewise approximation (HotCloud’14 research paper) q Widely used •  Blog q  https://blog.twitter.com/2015/introducing-practical-and-robust-anomaly-detection-in-a-time-series AK  20   Open  Source  
  • 21. •  Pluggable design q Data source §  Currently, support different data sources q Detector •  Usage q Library: §  Mesos job q Service §  RESTful API AK  21   Anomaly  Detec-on    (contd.)   Status     Used  by  10+  internal  customers  
  • 22. •  E-mail notification AK  22   Anomaly  Detec-on    (contd.)   •  JIRA integration q  Ticket auto-created if anomaly detected
  • 23. •  Granularities q Daily §  Seasonal adjustment based on day of the week o  Keep things simple q Minutely §  S-H-ESD AK  23   Anomaly  Detec-on    (contd.)  
  • 24. •  Lessons learned in the wild q Summingbird [1] - Lambda architecture q Real time: Data integrity issues - lag between real time and batch §  Periodic update to cache §  Higher threshold AK  24   Real-­‐-me  Anomaly  Detec-on   [1]  "Summingbird:  a  framework  for  integra-ng  batch  and  online  MapReduce  computa-ons",    by  O.  Boykin  and  S.  Ritchie  and  I.  O'Connell  and  J.  Lin.    Proceedings  of  the  VLDB  Endowment,  7:13,  pp.  1441-­‐1451,  August  2014.  
  • 25. •  Lessons learned in the wild q JVM R bridges §  High latency §  Exception handling missing q Looping future model §  Finagle q Few historical anomalies AK  25   Real-­‐-me  Anomaly  Detec-on  (contd.)  
  • 26. •  Future work q Streaming algorithms §  Key for sub-minute data granularity q Making job more robust §  Minimizing false positives §  Real-time topology uptime q More use cases §  Multiple time series (correlation) §  Core metrics AK  26   Real-­‐-me  Anomaly  Detec-on  (contd.)  
  • 27. Join  the  Flock   •  We are hiring!! q https://twitter.com/JoinTheFlock q https://twitter.com/jobs q Contact us: @arun_kejariwal Like  problem  solving?     Like  challenges?     Be  at  cuing  Edge     Make  an  impact   AK  27