| CPC G06F 16/2365 (2019.01) [G06F 16/9024 (2019.01)] | 20 Claims |
|
1. A method comprising:
identifying, by a server, aggregated transaction data corresponding to a set of attributes for a set of transactions, each attribute having one or more corresponding values;
executing, by the server, a computer model that is configured to:
generate a first data slice using the aggregated transaction data and at least one attribute;
calculate, for the first data slice, a first entropy value indicating a difference between one or more values corresponding to one or more attributes of the first data slice compared with a previous value for the same one or more attributes of the first data slice from a previous time window;
when the first entropy value does not satisfy a threshold, generate a set of data slices using the first data slice;
calculate a second entropy value for each data slice within the set of data slices;
generate an information gain value based on the first entropy value and each second entropy value for the set of data slices;
generate a second set of data slices using at least one data slice within the set of data slices that has an information gain value that satisfies an information gain threshold;
when at least one data slice within the second set of data slices satisfies the threshold, iteratively combine the at least one data slice with another data slice of the second set of data slices to generate a combined data slice until the combined data slice has a respective entropy value that satisfies the threshold; and
outputting, by the server, a notification of an anomaly associated with the aggregated transaction data comprising an identification of the combined data slice.
|