[siddhartb_]

Hi, I am one of the authors of the work. MStream detects anomalies, intrusions, DoS and DDoS attacks in real time and constant memory. It is built on top of MIDAS (https://github.com/Stream-AD/MIDAS/) and works in a multi-aspect data setting i.e., entries having multiple dimensions such as event-log data, multi-attributed graphs etc. MStream is two orders of magnitude faster while achieving higher accuracy on several publicly available datasets.

Github Repository: https://github.com/Stream-AD/MStream

[ldn_tech_exec1]

Awesome work. Would you say this is the state of the art for real-time anomaly detection ?

[siddhartb_]

MStream and MIDAS are more accurate than previous baselines for unsupervised anomaly detection. However, there can be scenarios where some labels (ground truth information) are known. In such cases, a semi-supervised algorithm might work better. We are currently working towards building a semi-supervised approach for anomaly detection in real-time.

To the best of my knowledge, MStream and MIDAS are the fastest and detect anomalies in real-time.