Anomoly detection method selection
-
22-10-2019 - |
سؤال
I need to decide between SVM (One-Class Support Vector Machine) and PCA (PCA-Based Anomaly Detection) as anomaly detection methods. Azure ML is used and provides SVM and PCA as methods - hence the choice of 2 possible methods.
Does anyone have suggestions or a defined process for method selection? (Similar to cheat sheets you get for selecting a regression method).
The use case is to detect anomalies in high frequency network traffic data (from firewalls, routers & switches)?
المحلول
Without putting in the time to look through Azure's documentation, my guess is that their PCA method is really just a way to do a feature reduction, then use some algorithm they have to classify. Best thing to do is try both methods and then CV and compare performances. gallery.cortanaintelligence.com/Experiment/