Information-value-based Feature Selection Algorithm for Anomaly Detection over Data Streams

Original scientific paper Computer systems are becoming more and more complex, and system anomalies have a serious impact on system availability. One effective way to achieve high availability is to use anomaly detection tools to find the abnormal activities in the computer system so that they can be repaired. Because of the complexity of modern computing systems, many system metrics need to be monitored. For this reason, one major challenge of anomaly detection is multi-dimensionality. Large numbers of metrics increase the processing time of anomaly detection technology and lower the accuracy. To overcome this problem, we use information-value to ascertain the importance of features with respect to detecting anomalies. However, the information-value method does not take redundant features into account. Thus, correlations between features are evaluated to remove redundant features. This paper compares the presented method to other feature selection methods using a real system anomaly data set. Experimental results show that the presented method can learn the model more efficiently and detect anomalies more accurately.