Expand description
Anomaly Grid - Sequential Pattern Analysis Library
A focused library for anomaly detection in finite-alphabet sequences using variable-order Markov chains with hierarchical context selection.
This library provides pattern-based anomaly detection through information-theoretic measures and probability estimation.
§Features
- Variable-Order Markov Models: Hierarchical context selection with Laplace smoothing
- Information Theory: Shannon entropy, KL divergence
- Hierarchical Context Selection: Automatic fallback from longer to shorter contexts
- Parallel Processing: Batch analysis using Rayon for multiple sequences
§Quick Start
use anomaly_grid::*;
// Create and train detector
let mut detector = AnomalyDetector::new(3)?;
let normal_sequence = vec![
"A".to_string(), "B".to_string(), "C".to_string(),
"A".to_string(), "B".to_string(), "C".to_string(),
];
detector.train(&normal_sequence)?;
// Detect anomalies
let test_sequence = vec![
"A".to_string(), "X".to_string(), "Y".to_string(),
];
let anomalies = detector.detect_anomalies(&test_sequence, 0.1)?;
for anomaly in anomalies {
println!("Anomaly: {:?}, Likelihood: {:.6}",
anomaly.sequence, anomaly.likelihood);
}§Architecture
The library is organized into three main modules:
context_tree: Context storage and probability estimationmarkov_model: Variable-order Markov chain implementationanomaly_detector: Anomaly detection using Markov models
§Use Cases
- Network Security: Detecting unusual protocol sequences and attack patterns
- User Behavior Analysis: Identifying privilege escalation and suspicious activities
- Financial Fraud: Detecting unusual transaction patterns and velocity attacks
- System Monitoring: Identifying anomalous log sequences and security incidents
- Bioinformatics: Detecting mutations and unusual genetic sequences
Re-exports§
pub use anomaly_detector::batch_process_sequences;pub use anomaly_detector::AnomalyDetector;pub use anomaly_detector::AnomalyScore;pub use config::AnomalyGridConfig;pub use context_tree::ContextNode;pub use context_tree::ContextTree;pub use error::AnomalyGridError;pub use error::AnomalyGridResult;pub use markov_model::MarkovModel;pub use performance::optimize_context_tree;pub use performance::ContextStatistics;pub use performance::OptimizationConfig;pub use performance::PerformanceMetrics;
Modules§
- anomaly_
detector - Anomaly Detector module for Markov chain-based anomaly detection
- config
- Configuration management for Anomaly Grid
- constants
- Constants and default values for Anomaly Grid
- context_
tree - Context Tree module for variable-order Markov model implementation
- context_
trie - Trie-based context storage for memory-efficient prefix sharing
- error
- Error types for the Anomaly Grid library
- markov_
model - Markov Model module for variable-order Markov chain implementation
- memory_
pool - Memory pooling for efficient allocation management
- performance
- Performance optimization utilities for Anomaly Grid
- string_
interner - String Interning System for Memory Optimization
- transition_
counts - Optimized transition count storage for small collections
- validation
- Validation utilities for improving user experience with edge cases
Constants§
- VERSION
- Library version
Functions§
- info
- Get library information