F1 scores, true positive rates (TPR), and true negative rates (TNR) for partial-trace detection (process measurements), full-trace detection (whole process), whole application (process tree), and with process-level measurements + process killing (process killing) for validation set (left column) and test set (right column).