This paper investigates the use of the ASTD language for ensemble anomaly detection in data logs. It uses a sliding window technique for continuous learning in data streams, coupled with updating learning models upon the completion of each window to maintain accurate detection and align with current data trends. It proposes ASTD patterns for combining learning models, especially in the context of unsupervised learning, which is commonly used for data streams. To facilitate this, a new ASTD operator is proposed, the Quantified Flow, which enables the seamless combination of learning models while ensuring that the specification remains concise. Our contribution is a specification pattern, highlighting the capacity of ASTDs to abstract and modularize anomaly detection systems. The ASTD language provides a unique approach to develop data flow anomaly detection systems, grounded in the combination of processes through the graphical representation of the language operators. This simplifies the design task for developers, who can focus primarily on defining the functional operations that constitute the system.

翻译：本文研究了利用ASTD语言在数据日志中实现集成异常检测的方法。通过滑动窗口技术实现数据流中的持续学习，并在每个窗口处理完成后更新学习模型，以保持检测准确性并适应当前数据趋势。针对无监督学习场景（数据流分析中的常用范式），提出了用于组合学习模型的ASTD模式。为此，我们设计了一种新型ASTD算子——量化流（Quantified Flow），该算子能够在保证规范简洁性的同时，实现学习模型的无缝集成。本研究的核心贡献在于提出了一种规范模式，彰显了ASTD在异常检测系统抽象化与模块化方面的能力。ASTD语言通过其算子的图形化表示实现流程组合，为构建数据流异常检测系统提供了独特方法。这显著简化了开发者的设计工作，使其能够专注于定义构成系统的功能操作。