US 12,143,408 B2
Semi-supervised framework for purpose-oriented anomaly detection
Milos Vasic, Zurchi (CH); Saeid Allahdadian, Vancouver (CA); Matteo Casserini, Zurich (CH); Felix Schmidt, Baden-Dattwil (CH); and Andrew Brownsword, Vancover (CA)
Assigned to Oracle International Corporation, Campbell, CA (US)
Filed by Oracle International Corporation, Redwood Shores, CA (US)
Filed on May 9, 2022, as Appl. No. 17/739,968.
Prior Publication US 2023/0362180 A1, Nov. 9, 2023
Int. Cl. H04L 9/40 (2022.01); G06N 20/20 (2019.01)
CPC H04L 63/1425 (2013.01) [G06N 20/20 (2019.01)] 19 Claims
OG exemplary drawing
 
1. A method comprising:
inputting a data item to an unsupervised anomaly detection model;
generating, by the unsupervised anomaly detection model, first output;
determining, based on the first output, whether the data item represents an anomaly;
in response to determining that the data item represents an anomaly, inputting the data item to a supervised classification model;
generating, by the supervised classification model, second output that indicates whether the data item is unknown;
in response to determining that the data item is unknown, generating a training instance based on the data item;
updating the supervised classification model based on the training instance;
in response to determining that a second data item represents an anomaly, inputting the second data item to the supervised classification model;
generating, by the supervised classification model, third output that indicates whether the second data item is relevant or irrelevant;
in response to determining that the second data item is relevant, generating and storing an alert;
wherein the method is performed by one or more computing devices.