12,061 research outputs found
Semi-Supervised Spatial-Temporal Feature Learning on Anomaly-Based Network Intrusion Detection
Due to a rapid increase in network traffic, it is growing more imperative to have systems that detect attacks that are both known and unknown to networks. Anomaly-based detection methods utilize deep learning techniques, including semi-supervised learning, in order to effectively detect these attacks. Semi-supervision is advantageous as it doesn\u27t fully depend on the labelling of network traffic data points, which may be a daunting task especially considering the amount of traffic data collected. Even though deep learning models such as the convolutional neural network have been integrated into a number of proposed network intrusion detection systems in recent years, little work has been done on spatial-temporal feature extraction for network intrusion anomaly detection using semi-supervised learning. This paper introduces Anomaly-CNVAE, a variational autoencoder where the encoding and decoding layers perform convolution and transpose convolution, respectively, in order to account for spatial feature extraction. In addition, in order to account for time-based features in the dataset, the proposed model utilizes 1D-CNN for the convolution operations. The performance of the model in network intrusion detection is evaluated against an autoencoder and a vanilla variational autoencoder. Results show that Anomaly-CNVAE significantly outperforms the other semi-supervised learning models with a 5-10 percent increase in evaluation metrics
Deep Neural Networks With Confidence Sampling For Electrical Anomaly Detection
The increase in electrical metering has created tremendous quantities of data and, as a result, possibilities for deep insights into energy usage, better energy management, and new ways of energy conservation. As buildings are responsible for a significant portion of overall energy consumption, conservation efforts targeting buildings can provide tremendous effect on energy savings. Building energy monitoring enables identification of anomalous or unexpected behaviors which, when corrected, can lead to energy savings. Although the available data is large, the limited availability of labels makes anomaly detection difficult. This research proposes a deep semi-supervised convolutional neural network with confidence sampling for electrical anomaly detection. To achieve semi-supervised learning, two sub-networks are used: the first performs reconstruction and uses unlabelled data, while the second performs classification with labelled data. The two sub-networks overlap: the encoder parameters are shared between the two. To quantify anomaly detection confidence, a valuable metric in anomaly detection, the network uses a dropout sampling method. The proposed approach has been evaluated with real-world electrical data from systems such as HVAC, lighting, and heat pumps. The results demonstrated the accuracy of the proposed anomaly detection solution
On Diffusion Modeling for Anomaly Detection
Known for their impressive performance in generative modeling, diffusion
models are attractive candidates for density-based anomaly detection. This
paper investigates different variations of diffusion modeling for unsupervised
and semi-supervised anomaly detection. In particular, we find that Denoising
Diffusion Probability Models (DDPM) are performant on anomaly detection
benchmarks yet computationally expensive. By simplifying DDPM in application to
anomaly detection, we are naturally led to an alternative approach called
Diffusion Time Probabilistic Model (DTPM). DTPM estimates the posterior
distribution over diffusion time for a given input, enabling the identification
of anomalies due to their higher posterior density at larger timesteps. We
derive an analytical form for this posterior density and leverage a deep neural
network to improve inference efficiency. Through empirical evaluations on the
ADBench benchmark, we demonstrate that all diffusion-based anomaly detection
methods perform competitively. Notably, DTPM achieves orders of magnitude
faster inference time than DDPM, while outperforming it on this benchmark.
These results establish diffusion-based anomaly detection as an interpretable
and scalable alternative to traditional methods and recent deep-learning
techniques
Graph Fairing Convolutional Networks for Anomaly Detection
Graph convolution is a fundamental building block for many deep neural
networks on graph-structured data. In this paper, we introduce a simple, yet
very effective graph convolutional network with skip connections for
semi-supervised anomaly detection. The proposed layerwise propagation rule of
our model is theoretically motivated by the concept of implicit fairing in
geometry processing, and comprises a graph convolution module for aggregating
information from immediate node neighbors and a skip connection module for
combining layer-wise neighborhood representations. This propagation rule is
derived from the iterative solution of the implicit fairing equation via the
Jacobi method. In addition to capturing information from distant graph nodes
through skip connections between the network's layers, our approach exploits
both the graph structure and node features for learning discriminative node
representations. These skip connections are integrated by design in our
proposed network architecture. The effectiveness of our model is demonstrated
through extensive experiments on five benchmark datasets, achieving better or
comparable anomaly detection results against strong baseline methods. We also
demonstrate through an ablation study that skip connection helps improve the
model performance
GAN Augmented Text Anomaly Detection with Sequences of Deep Statistics
Anomaly detection is the process of finding data points that deviate from a
baseline. In a real-life setting, anomalies are usually unknown or extremely
rare. Moreover, the detection must be accomplished in a timely manner or the
risk of corrupting the system might grow exponentially. In this work, we
propose a two level framework for detecting anomalies in sequences of discrete
elements. First, we assess whether we can obtain enough information from the
statistics collected from the discriminator's layers to discriminate between
out of distribution and in distribution samples. We then build an unsupervised
anomaly detection module based on these statistics. As to augment the data and
keep track of classes of known data, we lean toward a semi-supervised
adversarial learning applied to discrete elements.Comment: 5 pages, 53rd Annual Conference on Information Sciences and Systems,
CISS 201
- …