Letteratura scientifica selezionata sul tema "Networks anomalies detection"
Cita una fonte nei formati APA, MLA, Chicago, Harvard e in molti altri stili
Consulta la lista di attuali articoli, libri, tesi, atti di convegni e altre fonti scientifiche attinenti al tema "Networks anomalies detection".
Accanto a ogni fonte nell'elenco di riferimenti c'è un pulsante "Aggiungi alla bibliografia". Premilo e genereremo automaticamente la citazione bibliografica dell'opera scelta nello stile citazionale di cui hai bisogno: APA, MLA, Harvard, Chicago, Vancouver ecc.
Puoi anche scaricare il testo completo della pubblicazione scientifica nel formato .pdf e leggere online l'abstract (il sommario) dell'opera se è presente nei metadati.
Articoli di riviste sul tema "Networks anomalies detection"
1
Mažeika, Dalius, e Saulius Jasonis. "NETWORK TRAFFIC ANOMALIES DETECTING USING MAXIMUM ENTROPY METHOD / KOMPIUTERIŲ TINKLO SRAUTO ANOMALIJŲ ATPAŽINIMAS MAKSIMALIOS ENTROPIJOS METODU". Mokslas – Lietuvos ateitis 6, n. 2 (24 aprile 2014): 162–67. http://dx.doi.org/10.3846/mla.2014.22.
Testo completoAbstract (sommario):
The problem of traffic anomalies in computer networks is analyzed. NetFlow packets are used as network traffic data and maximum entropy methods is used for anomalies detection. Method detects network anomalies by comparing the current network traffic against a baseline distribution. Method is adopted according to NetFow data and performace of the method is improved. Prototype of anomalies detection system was developed and experimental investigation carried out. Results of investigation confirmed that method is sensitive to deviations of the network traffic and can be successfully used for network traffic anomalies detection. Straipsnyje nagrinėjama kompiuterių tinklo srauto anomalijų atpažinimo problema. Kompiuterių tinklo srautui stebėti pasirenkama NetFlow technologija, o anomalijos aptinkamos maksimalios entropijos metodu. Metodas pritaikytas NetFlow pateikiamiems duomenims apdoroti. Sukurta programinė priemonė ir atliktas eksperimentinis metodo tinkamumo tyrimas analizuojant „Cisco“ maršrutizatoriaus srauto duomenis. Metodas patobulintas siekiant pagreitinti skaičiavimus, tačiau neprarandant tikslumo. Nustatyta, kad metodas yra jautrus įvairaus tipo tinklo srauto nuokrypiams ir gali būti sėkmingai taikomas tinklo srauto anomalijoms aptikti.
2
Račys, Donatas, e Dalius Mažeika. "NETWORK TRAFFIC ANOMALIES IDENTIFICATION BASED ON CLASSIFICATION METHODS / TINKLO SRAUTO ANOMALIJŲ IDENTIFIKAVIMAS, TAIKANT KLASIFIKAVIMO METODUS". Mokslas – Lietuvos ateitis 7, n. 3 (13 luglio 2015): 340–44. http://dx.doi.org/10.3846/mla.2015.796.
Testo completoAbstract (sommario):
A problem of network traffic anomalies detection in the computer networks is analyzed. Overview of anomalies detection methods is given then advantages and disadvantages of the different methods are analyzed. Model for the traffic anomalies detection was developed based on IBM SPSS Modeler and is used to analyze SNMP data of the router. Investigation of the traffic anomalies was done using three classification methods and different sets of the learning data. Based on the results of investigation it was determined that C5.1 decision tree method has the largest accuracy and performance and can be successfully used for identification of the network traffic anomalies. Straipsnyje nagrinėjama kompiuterių tinklo srauto anomalijų atpažinimo problema. Apžvelgiami kompiuterių tinklų anomalijų aptikimo metodai bei aptariami jų privalumai ir trūkumai. Naudojant IBM SPSS Modeler programų paketą sudarytas nagrinėjamo tinklo srauto anomalijų atpažinimo modelis, pritaikytas SNMP protokolu pagrįstiems maršruto parinktuvo duomenims apdoroti. Pagal tris klasifikavimo metodus ir skirtingus mokymui skirtus duomenų rinkinius atlikti skaičiavimai tinklo anomalijoms identifikuoti. Palyginant gautus rezultatus nustatyta, kad C5.1 sprendimo medžio algoritmas yra tiksliausias ir sparčiausias, todėl ir tinkamiausias tinklo srauto anomalijoms atpažinti.
3
Rejito, Juli, Deris Stiawan, Ahmed Alshaflut e Rahmat Budiarto. "Machine learning-based anomaly detection for smart home networks under adversarial attack". Computer Science and Information Technologies 5, n. 2 (1 luglio 2024): 122–29. http://dx.doi.org/10.11591/csit.v5i2.p122-129.
Testo completoAbstract (sommario):
As smart home networks become more widespread and complex, they are capable of providing users with a wide range of applications and services. At the same time, the networks are also vulnerable to attack from malicious adversaries who can take advantage of the weaknesses in the network's devices and protocols. Detection of anomalies is an effective way to identify and mitigate these attacks; however, it requires a high degree of accuracy and reliability. This paper proposes an anomaly detection method based on machine learning (ML) that can provide a robust and reliable solution for the detection of anomalies in smart home networks under adversarial attack. The proposed method uses network traffic data of the UNSW-NB15 and IoT-23 datasets to extract relevant features and trains a supervised classifier to differentiate between normal and abnormal behaviors. To assess the performance and reliability of the proposed method, four types of adversarial attack methods: evasion, poisoning, exploration, and exploitation are implemented. The results of extensive experiments demonstrate that the proposed method is highly accurate and reliable in detecting anomalies, as well as being resilient to a variety of types of attacks with average accuracy of 97.5% and recall of 96%.
4
Rejito, Juli, Deris Stiawan, Ahmed Alshaflut e Rahmat Budiarto. "Machine learning-based anomaly detection for smart home networks under adversarial attack". Computer Science and Information Technologies 5, n. 2 (1 luglio 2024): 122–29. http://dx.doi.org/10.11591/csit.v5i2.pp122-129.
Testo completoAbstract (sommario):
As smart home networks become more widespread and complex, they are capable of providing users with a wide range of applications and services. At the same time, the networks are also vulnerable to attack from malicious adversaries who can take advantage of the weaknesses in the network's devices and protocols. Detection of anomalies is an effective way to identify and mitigate these attacks; however, it requires a high degree of accuracy and reliability. This paper proposes an anomaly detection method based on machine learning (ML) that can provide a robust and reliable solution for the detection of anomalies in smart home networks under adversarial attack. The proposed method uses network traffic data of the UNSW-NB15 and IoT-23 datasets to extract relevant features and trains a supervised classifier to differentiate between normal and abnormal behaviors. To assess the performance and reliability of the proposed method, four types of adversarial attack methods: evasion, poisoning, exploration, and exploitation are implemented. The results of extensive experiments demonstrate that the proposed method is highly accurate and reliable in detecting anomalies, as well as being resilient to a variety of types of attacks with average accuracy of 97.5% and recall of 96%.
5
Liao, Xiao Ju, Yi Wang e Hai Lu. "Rule Anomalies Detection in Firewalls". Key Engineering Materials 474-476 (aprile 2011): 822–27. http://dx.doi.org/10.4028/www.scientific.net/kem.474-476.822.
Testo completoAbstract (sommario):
Firewall is the most prevalent and important technique to enforce the security inside the networks. However, effective and free anomalies rules management in large and fast growing networks becomes increasingly challenging. In this paper, we use a directed tree-based method to detect rule anomalies in firewall; in addition, this method can track the source of the anomalies. We believe the posed information will simplify the rules management and minimizing the networking vulnerability due to firewall rules misconfigurations.
6
Gutiérrez-Gómez, Leonardo, Alexandre Bovet e Jean-Charles Delvenne. "Multi-Scale Anomaly Detection on Attributed Networks". Proceedings of the AAAI Conference on Artificial Intelligence 34, n. 01 (3 aprile 2020): 678–85. http://dx.doi.org/10.1609/aaai.v34i01.5409.
Testo completoAbstract (sommario):
Many social and economic systems can be represented as attributed networks encoding the relations between entities who are themselves described by different node attributes. Finding anomalies in these systems is crucial for detecting abuses such as credit card frauds, web spams or network intrusions. Intuitively, anomalous nodes are defined as nodes whose attributes differ starkly from the attributes of a certain set of nodes of reference, called the context of the anomaly. While some methods have proposed to spot anomalies locally, globally or within a community context, the problem remain challenging due to the multi-scale composition of real networks and the heterogeneity of node metadata. Here, we propose a principled way to uncover outlier nodes simultaneously with the context with respect to which they are anomalous, at all relevant scales of the network. We characterize anomalous nodes in terms of the concentration retained for each node after smoothing specific signals localized on the vertices of the graph. Besides, we introduce a graph signal processing formulation of the Markov stability framework used in community detection, in order to find the context of anomalies. The performance of our method is assessed on synthetic and real-world attributed networks and shows superior results concerning state of the art algorithms. Finally, we show the scalability of our approach in large networks employing Chebychev polynomial approximations.
7
Rana, Samir. "Anomaly Detection in Network Traffic using Machine Learning and Deep Learning Techniques". Turkish Journal of Computer and Mathematics Education (TURCOMAT) 10, n. 2 (10 settembre 2019): 1063–67. http://dx.doi.org/10.17762/turcomat.v10i2.13626.
Testo completoAbstract (sommario):
Due to the rise of sophisticated cyberattacks, network security has become an increasingly important field. One of the most common threats to the security of networks is network anomalies, which can cause system malfunctions and prevent them from working properly. Detecting such anomalies is very important to ensure the continued operation of the network. Deep learning and machine learning algorithms have demonstrated their ability to detect network anomalies, but their effectiveness is still not widely known. This paper presents an evaluation of the performance of three algorithms against the KDD-NSL dataset. This study aims to provide a comprehensive analysis of the various techniques used in deep learning and machine learning to detect network anomalies. It will also help improve the security of networks. The paper presents an evaluation of the performance of three algorithms against the KDD-NSL dataset. The three algorithms are the Support Vector Machine, the Random Forest, and the Artificial Neural Network. They will be compared with their accuracy, recall, and F1-score. The study also explores the impact of the algorithm's feature selection on its performance. The findings of the investigation will be used to inform the development of new techniques that can be utilized to enhance the security of networks. The KDD NSL dataset provides an ideal opportunity to analyze the performance of various algorithms for detecting network anomalies.
8
Jiang, Ding De, Cheng Yao, Zheng Zheng Xu, Peng Zhang, Zhen Yuan e Wen Da Qin. "An Continuous Wavelet Transform-Based Detection Approach to Traffic Anomalies". Applied Mechanics and Materials 130-134 (ottobre 2011): 2098–102. http://dx.doi.org/10.4028/www.scientific.net/amm.130-134.2098.
Testo completoAbstract (sommario):
Anomalous traffic often has a significant impact on network activities and lead to the severe damage to our networks because they usually are involved with network faults and network attacks. How to detect effectively network traffic anomalies is a challenge for network operators and researchers. This paper proposes a novel method for detecting traffic anomalies in a network, based on continuous wavelet transform. Firstly, continuous wavelet transforms are performed for network traffic in several scales. We then use multi-scale analysis theory to extract traffic characteristics. And these characteristics in different scales are further analyzed and an appropriate detection threshold can be obtained. Consequently, we can make the exact anomaly detection. Simulation results show that our approach is effective and feasible.
9
A, Nandini. "Anomaly Detection Using CNN with I3D Feature Extraction". INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, n. 03 (18 marzo 2024): 1–5. http://dx.doi.org/10.55041/ijsrem29371.
Testo completoAbstract (sommario):
Anomaly detection is a critical task in various fields such as surveillance, healthcare, and industrial monitoring, aiming to identify patterns that deviate significantly from normal behavior.Video anomaly detection is inherently difficult due to visual complexity and variability. This work proposes a unique anomaly detection technique leveraging Convolutional Neural Networks (CNN) with Inflated 3D Convolutional Networks (I3D) for feature extraction. This involves training the CNN on a large dataset to learn normal behavior, enabling it to identify anomalies by recognizing deviations from learned patterns. Furthermore, our approach exhibits promising results in detecting various types of anomalies, including sudden changes, abnormal trajectories, and rare events. Upon detection of such activity, mail(notification) can be raised concerned people who can take immediate action.This research contributes a significant advancement in the field of anomaly detection, and holds potential for applications in surveillance, security, and industrial monitoring systems. Keywords—Anomaly detection,I3D(Inflated3D) feature extraction,Convolutional neural network, Spatio-Temporal Features,Normal and abnormal event detection.
10
Badr, Malek, Shaha Al-Otaibi, Nazik Alturki e Tanvir Abir. "Deep Learning-Based Networks for Detecting Anomalies in Chest X-Rays". BioMed Research International 2022 (23 luglio 2022): 1–10. http://dx.doi.org/10.1155/2022/7833516.
Testo completoAbstract (sommario):
X-ray images aid medical professionals in the diagnosis and detection of pathologies. They are critical, for example, in the diagnosis of pneumonia, the detection of masses, and, more recently, the detection of COVID-19-related conditions. The chest X-ray is one of the first imaging tests performed when pathology is suspected because it is one of the most accessible radiological examinations. Deep learning-based neural networks, particularly convolutional neural networks, have exploded in popularity in recent years and have become indispensable tools for image classification. Transfer learning approaches, in particular, have enabled the use of previously trained networks’ knowledge, eliminating the need for large data sets and lowering the high computational costs associated with this type of network. This research focuses on using deep learning-based neural networks to detect anomalies in chest X-rays. Different convolutional network-based approaches are investigated using the ChestX-ray14 database, which contains over 100,000 X-ray images with labels relating to 14 different pathologies, and different classification objectives are evaluated. Starting with the pretrained networks VGG19, ResNet50, and Inceptionv3, networks based on transfer learning are implemented, with different schemes for the classification stage and data augmentation. Similarly, an ad hoc architecture is proposed and evaluated without transfer learning for the classification objective with more examples. The results show that transfer learning produces acceptable results in most of the tested cases, indicating that it is a viable first step for using deep networks when there are not enough labeled images, which is a common problem when working with medical images. The ad hoc network, on the other hand, demonstrated good generalization with data augmentation and an acceptable accuracy value. The findings suggest that using convolutional neural networks with and without transfer learning to design classifiers for detecting pathologies in chest X-rays is a good idea.
Tesi sul tema "Networks anomalies detection"
1
Sithirasenan, Elankayer. "Substantiating Anomalies in Wireless Networks Using Outlier Detection Techniques". Thesis, Griffith University, 2009. http://hdl.handle.net/10072/365690.
Testo completoAbstract (sommario):
With the increasing dependence on Wireless Local Area Networks (WLANs), businesses
and educational institutions are in real need of a robust security mechanism.
The latest WLAN security protocol, the IEEE 802.11i assures rigid security for
wireless networks with the support of IEEE 802.1x protocol for authentication,
authorization and key distribution. Nevertheless, users remain skeptical since they
lack confidence on the practical trustworthiness of these security mechanisms. In
this research we propose a novel Early Warning System (EWS), built on the foundations
of IEEE 802.11i security architecture. Our proposed system can effectively
detect anomalies, substantiate them, and also identify the basis for such malicious
behavior. It has a number of levels of defense to scrutinize malicious behaviors
of the wireless network, caused by a range of factors including security issues.
Security alerts will be raised only when the legitimacy of abnormal conditions is
validated using effective outlier based substantiation techniques.
Timing anomalies can occur due to various conditions including security vulnerabilities
in the wireless environment. Hence, detecting and analyzing such
anomalies may lead to significant advancement towards the detection of misbehaving
wireless hosts. In this view, we have discussed the effectiveness of monitoring
and analyzing round trip timing values between every request and response
messages during the authentication process of wireless hosts. Further, to enhance
the capabilities of our detection mechanism we have also considered the effect
of behavioral anomalies of the wireless hosts. Every wireless host that tends to
connect to the wireless network exhibits a particular behavior. This behavior may vary depending on a number of issues including security vulnerabilities. Hence,
in this study we have discussed the use of behavioral analysis for detecting abnormal
conditions. We have used the standard theoretical/practical behavior profiles
developed using a software model of the wireless hosts to compare the actual
behavior during a specific authentication process.Thesis (PhD Doctorate)
Doctor of Philosophy (PhD)
School of Information and Communication Technology
Science, Environment, Engineering and Technology
Full Text
2
Abuaitah, Giovani Rimon. "ANOMALIES IN SENSOR NETWORK DEPLOYMENTS: ANALYSIS, MODELING, AND DETECTION". Wright State University / OhioLINK, 2013. http://rave.ohiolink.edu/etdc/view?acc_num=wright1376594068.
Testo completo
3
Verner, Alexander. "LSTM Networks for Detection and Classification of Anomalies in Raw Sensor Data". Diss., NSUWorks, 2019. https://nsuworks.nova.edu/gscis_etd/1074.
Testo completoAbstract (sommario):
In order to ensure the validity of sensor data, it must be thoroughly analyzed for various types of anomalies. Traditional machine learning methods of anomaly detections in sensor data are based on domain-specific feature engineering. A typical approach is to use domain knowledge to analyze sensor data and manually create statistics-based features, which are then used to train the machine learning models to detect and classify the anomalies. Although this methodology is used in practice, it has a significant drawback due to the fact that feature extraction is usually labor intensive and requires considerable effort from domain experts.
An alternative approach is to use deep learning algorithms. Research has shown that modern deep neural networks are very effective in automated extraction of abstract features from raw data in classification tasks. Long short-term memory networks, or LSTMs in short, are a special kind of recurrent neural networks that are capable of learning long-term dependencies. These networks have proved to be especially effective in the classification of raw time-series data in various domains. This dissertation systematically investigates the effectiveness of the LSTM model for anomaly detection and classification in raw time-series sensor data.
As a proof of concept, this work used time-series data of sensors that measure blood glucose levels. A large number of time-series sequences was created based on a genuine medical diabetes dataset. Anomalous series were constructed by six methods that interspersed patterns of common anomaly types in the data. An LSTM network model was trained with k-fold cross-validation on both anomalous and valid series to classify raw time-series sequences into one of seven classes: non-anomalous, and classes corresponding to each of the six anomaly types.
As a control, the accuracy of detection and classification of the LSTM was compared to that of four traditional machine learning classifiers: support vector machines, Random Forests, naive Bayes, and shallow neural networks. The performance of all the classifiers was evaluated based on nine metrics: precision, recall, and the F1-score, each measured in micro, macro and weighted perspective.
While the traditional models were trained on vectors of features, derived from the raw data, that were based on knowledge of common sources of anomaly, the LSTM was trained on raw time-series data. Experimental results indicate that the performance of the LSTM was comparable to the best traditional classifiers by achieving 99% accuracy in all 9 metrics. The model requires no labor-intensive feature engineering, and the fine-tuning of its architecture and hyper-parameters can be made in a fully automated way. This study, therefore, finds LSTM networks an effective solution to anomaly detection and classification in sensor data.
4
Kamat, Sai Shyamsunder. "Analyzing Radial Basis Function Neural Networks for predicting anomalies in Intrusion Detection Systems". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-259187.
Testo completoAbstract (sommario):
In the 21st century, information is the new currency. With the omnipresence of devices connected to the internet, humanity can instantly avail any information. However, there are certain are cybercrime groups which steal the information. An Intrusion Detection System (IDS) monitors a network for suspicious activities and alerts its owner about an undesired intrusion. These commercial IDS’es react after detecting intrusion attempts. With the cyber attacks becoming increasingly complex, it is expensive to wait for the attacks to happen and respond later. It is crucial for network owners to employ IDS’es that preemptively differentiate a harmless data request from a malicious one. Machine Learning (ML) can solve this problem by recognizing patterns in internet traffic to predict the behaviour of network users. This project studies how effectively Radial Basis Function Neural Network (RBFN) with Deep Learning Architecture can impact intrusion detection. On the basis of the existing framework, it asks how well can an RBFN predict malicious intrusive attempts, especially when compared to contemporary detection practices.Here, an RBFN is a multi-layered neural network model that uses a radial basis function to transform input traffic data. Once transformed, it is possible to separate the various traffic data points using a single straight line in extradimensional space. The outcome of the project indicates that the proposed method is severely affected by limitations. E.g. the model needs to be fine tuned over several trials to achieve a desired accuracy. The results of the implementation show that RBFN is accurate at predicting various cyber attacks such as web attacks, infiltrations, brute force, SSH etc, and normal internet behaviour on an average 80% of the time. Other algorithms in identical testbed are more than 90% accurate. Despite the lower accuracy, RBFN model is more than 94% accurate at recording specific kinds of attacks such as Port Scans and BotNet malware. One possible solution is to restrict this model to predict only malware attacks and use different machine learning algorithm for other attacks.I det 21: a århundradet är information den nya valutan. Med allnärvaro av enheter anslutna till internet har mänskligheten tillgång till information inom ett ögonblick. Det finns dock vissa grupper som använder metoder för att stjäla information för personlig vinst via internet. Ett intrångsdetekteringssystem (IDS) övervakar ett nätverk för misstänkta aktiviteter och varnar dess ägare om ett oönskat intrång skett. Kommersiella IDS reagerar efter detekteringen av ett intrångsförsök. Angreppen blir alltmer komplexa och det kan vara dyrt att vänta på att attackerna ska ske för att reagera senare. Det är avgörande för nätverksägare att använda IDS:er som på ett förebyggande sätt kan skilja på oskadlig dataanvändning från skadlig. Maskininlärning kan lösa detta problem. Den kan analysera all befintliga data om internettrafik, känna igen mönster och förutse användarnas beteende. Detta projekt syftar till att studera hur effektivt Radial Basis Function Neural Networks (RBFN) med Djupinlärnings arkitektur kan påverka intrångsdetektering. Från detta perspektiv ställs frågan hur väl en RBFN kan förutsäga skadliga intrångsförsök, särskilt i jämförelse med befintliga detektionsmetoder.Här är RBFN definierad som en flera-lagers neuralt nätverksmodell som använder en radiell grundfunktion för att omvandla data till linjärt separerbar. Efter en undersökning av modern litteratur och lokalisering av ett namngivet dataset användes kvantitativ forskningsmetodik med prestanda indikatorer för att utvärdera RBFN: s prestanda. En Random Forest Classifier algorithm användes också för jämförelse. Resultaten erhölls efter en serie finjusteringar av parametrar på modellerna. Resultaten visar att RBFN är korrekt när den förutsäger avvikande internetbeteende i genomsnitt 80% av tiden. Andra algoritmer i litteraturen beskrivs som mer än 90% korrekta. Den föreslagna RBFN-modellen är emellertid mycket exakt när man registrerar specifika typer av attacker som Port Scans och BotNet malware. Resultatet av projektet visar att den föreslagna metoden är allvarligt påverkad av begränsningar. T.ex. så behöver modellen finjusteras över flera försök för att uppnå önskad noggrannhet. En möjlig lösning är att begränsa denna modell till att endast förutsäga malware-attacker och använda andra maskininlärnings-algoritmer för andra attacker.
5
Kabore, Raogo. "Hybrid deep neural network anomaly detection system for SCADA networks". Thesis, Ecole nationale supérieure Mines-Télécom Atlantique Bretagne Pays de la Loire, 2020. http://www.theses.fr/2020IMTA0190.
Testo completoAbstract (sommario):
Les systèmes SCADA sont de plus en plus ciblés par les cyberattaques en raison de nombreuses vulnérabilités dans le matériel, les logiciels, les protocoles et la pile de communication. Ces systèmes utilisent aujourd'hui du matériel, des logiciels, des systèmes d'exploitation et des protocoles standard. De plus, les systèmes SCADA qui étaient auparavant isolés sont désormais interconnectés aux réseaux d'entreprise et à Internet, élargissant ainsi la surface d'attaque. Dans cette thèse, nous utilisons une approche deep learning pour proposer un réseau de neurones profonds hybride efficace pour la détection d'anomalies dans les systèmes SCADA. Les principales caractéristiques des données SCADA sont apprises de manière automatique et non supervisée, puis transmises à un classificateur supervisé afin de déterminer si ces données sont normales ou anormales, c'est-à-dire s'il y a une cyber-attaque ou non. Par la suite, en réponse au défi dû au temps d’entraînement élevé des modèles deep learning, nous avons proposé une approche distribuée de notre système de détection d'anomalies afin de réduire le temps d’entraînement de notre modèleSCADA systems are more and more targeted by cyber-attacks because of many vulnerabilities inhardware, software, protocols and the communication stack. Those systems nowadays use standard hardware, software, operating systems and protocols. Furthermore, SCADA systems which used to be air-gaped are now interconnected to corporate networks and to the Internet, widening the attack surface.In this thesis, we are using a deep learning approach to propose an efficient hybrid deep neural network for anomaly detection in SCADA systems. The salient features of SCADA data are automatically and unsupervisingly learnt, and then fed to a supervised classifier in order to dertermine if those data are normal or abnormal, i.e if there is a cyber-attack or not. Afterwards, as a response to the challenge caused by high training time of deep learning models, we proposed a distributed approach of our anomaly detection system in order lo lessen the training time of our model
6
Jin, Fang. "Algorithms for Modeling Mass Movements and their Adoption in Social Networks". Diss., Virginia Tech, 2016. http://hdl.handle.net/10919/72292.
Testo completoAbstract (sommario):
Online social networks have become a staging ground for many modern movements, with the Arab Spring being the most prominent example. In an effort to understand and predict those movements, social media can be regarded as a valuable social sensor for disclosing underlying behaviors and patterns. To fully understand mass movement information propagation patterns in social networks, several problems need to be considered and addressed. Specifically, modeling mass movements that incorporate multiple spaces, a dynamic network structure, and misinformation propagation, can be exceptionally useful in understanding information propagation in social media.
This dissertation explores four research problems underlying efforts to identify and track the adoption of mass movements in social media. First, how do mass movements become mobilized on Twitter, especially in a specific geographic area? Second, can we detect protest activity in social networks by observing group anomalies in graph? Third, how can we distinguish real movements from rumors or misinformation campaigns? and fourth, how can we infer the indicators of a specific type of protest, say climate related protest?
A fundamental objective of this research has been to conduct a comprehensive study of how mass movement adoption functions in social networks. For example, it may cross multiple spaces, evolve with dynamic network structures, or consist of swift outbreaks or long term slowly evolving transmissions. In many cases, it may also be mixed with misinformation campaigns, either deliberate or in the form of rumors. Each of those issues requires the development of new mathematical models and algorithmic approaches such as those explored here. This work aims to facilitate advances in information propagation, group anomaly detection and misinformation distinction and, ultimately, help improve our understanding of mass movements and their adoption in social networks.Ph. D.
7
Mdini, Maha. "Anomaly detection and root cause diagnosis in cellular networks". Thesis, Ecole nationale supérieure Mines-Télécom Atlantique Bretagne Pays de la Loire, 2019. http://www.theses.fr/2019IMTA0144/document.
Testo completoAbstract (sommario):
Grâce à l'évolution des outils d'automatisation et d'intelligence artificielle, les réseauxmobiles sont devenus de plus en plus dépendants de la machine. De nos jours, une grandepartie des tâches de gestion de réseaux est exécutée d'une façon autonome, sans interventionhumaine. Dans cette thèse, nous avons focalisé sur l'utilisation des techniques d'analyse dedonnées dans le but d'automatiser et de consolider le processus de résolution de défaillancesdans les réseaux. Pour ce faire, nous avons défini deux objectifs principaux : la détectiond'anomalies et le diagnostic des causes racines de ces anomalies. Le premier objectif consiste àdétecter automatiquement les anomalies dans les réseaux sans faire appel aux connaissancesdes experts. Pour atteindre cet objectif, nous avons proposé un algorithme, Watchmen AnomalyDetection (WAD), basé sur le concept de la reconnaissance de formes (pattern recognition). Cetalgorithme apprend le modèle du trafic réseau à partir de séries temporelles périodiques etdétecte des distorsions par rapport à ce modèle dans le flux de nouvelles données. Le secondobjectif a pour objet la détermination des causes racines des problèmes réseau sans aucuneconnaissance préalable sur l'architecture du réseau et des différents services. Pour ceci, nousavons conçu un algorithme, Automatic Root Cause Diagnosis (ARCD), qui permet de localiser lessources d'inefficacité dans le réseau. ARCD est composé de deux processus indépendants :l'identification des contributeurs majeurs à l'inefficacité globale du réseau et la détection desincompatibilités. WAD et ARCD ont fait preuve d'efficacité. Cependant, il est possible d'améliorerces algorithmes sur plusieurs aspectsWith the evolution of automation and artificial intelligence tools, mobile networks havebecome more and more machine reliant. Today, a large part of their management tasks runs inan autonomous way, without human intervention. In this thesis, we have focused on takingadvantage of the data analysis tools to automate the troubleshooting task and carry it to a deeperlevel. To do so, we have defined two main objectives: anomaly detection and root causediagnosis. The first objective is about detecting issues in the network automatically withoutincluding expert knowledge. To meet this objective, we have proposed an algorithm, WatchmenAnomaly Detection (WAD), based on pattern recognition. It learns patterns from periodic timeseries and detect distortions in the flow of new data. The second objective aims at identifying theroot cause of issues without any prior knowledge about the network topology and services. Toaddress this question, we have designed an algorithm, Automatic Root Cause Diagnosis (ARCD)that identifies the roots of network issues. ARCD is composed of two independent threads: MajorContributor identification and Incompatibility detection. WAD and ARCD have been proven to beeffective. However, many improvements of these algorithms are possible
8
Moussa, Mohamed Ali. "Data gathering and anomaly detection in wireless sensors networks". Thesis, Paris Est, 2017. http://www.theses.fr/2017PESC1082/document.
Testo completoAbstract (sommario):
L'utilisation des réseaux de capteurs sans fil (WSN) ne cesse d'augmenter au point de couvrir divers domaines et applications. Cette tendance est supportée par les avancements techniques achevés dans la conception des capteurs, qui ont permis de réduire le coût ainsi que la taille de ces composants. Toutefois, il reste plusieurs défis qui font face au déploiement et au bon fonctionnement de ce type de réseaux et qui parviennent principalement de la limitation des ressources de capteurs ainsi de l'imperfection des données collectées. Dans cette thèse, on adresse le problème de collecte de données et de détection d'anomalies dans les réseaux de capteurs. Nous visons à assurer ces deux fonctionnalités tout en économisant l'utilisation des ressources de capteurs et en prolongeant la durée de vie de réseaux. Tout au long de ce travail, nous présentons plusieurs solutions qui permettent une collecte efficace de données de capteurs ainsi que une bonne détection des éventuelles anomalies. Dans notre première contribution, nous décrivons une solution basée sur la technique Compressive Sensing (CS) qui permet d'équilibrer le trafic transmis par les nœuds dans le réseau. Notre approche diffère des solutions existantes par la prise en compte de la corrélation temporelle ainsi que spatiale dans le processus de décompression des données. De plus, nous proposons une nouvelle formulation pour détecter les anomalies. Les simulations réalisées sur des données réelles prouvent l'efficacité de notre approche en termes de reconstruction de données et de détection d'anomalies par rapport aux approches existantes. Pour mieux optimiser l'utilisation des ressources de WSNs, nous proposons dans une deuxième contribution une solution de collecte de données et de détection d'anomalies basée sur la technique Matrix Completion (MC) qui consiste à transmettre un sous ensemble aléatoire de données de capteurs. Nous développons un algorithme qui estime les mesures manquantes en se basant sur plusieurs propriétés des données. L'algorithme développé permet également de dissimuler les anomalies de la structure normale des données. Cette solution est améliorée davantage dans notre troisième contribution, où nous proposons une formulation différente du problème de collecte de données et de détection d'anomalies. Nous reformulons les connaissances a priori sur les données cibles par des contraintes convexes. Ainsi, les paramètres impliqués dans l'algorithme développé sont liés a certaines propriétés physiques du phénomène observé et sont faciles à ajuster. Nos deux approches montrent de bonnes performances en les simulant sur des données réelles. Enfin, nous proposons dans la dernière contribution une nouvelle technique de collecte de données qui consiste à envoyer que les positions les plus importantes dans la représentation parcimonieuse des données uniquement. Nous considérons dans cette approche le bruit qui peut s'additionner aux données reçues par le nœud collecteur. Cette solution permet aussi de détecter les pics dans les mesures prélevées. En outre, nous validons l'efficacité de notre solution par une analyse théorique corroborée par des simulations sur des données réellesThe use of Wireless Sensor Networks (WSN)s is steadily increasing to cover various applications and domains. This trend is supported by the technical advancements in sensor manufacturing process which allow a considerable reduction in the cost and size of these components. However, there are several challenges facing the deployment and the good functioning of this type of networks. Indeed, WSN's applications have to deal with the limited energy, memory and processing capacities of sensor nodes as well as the imperfection of the probed data. This dissertation addresses the problem of collecting data and detecting anomalies in WSNs. The aforementioned functionality needs to be achieved while ensuring a reliable data quality at the collector node, a good anomaly detection accuracy, a low false alarm rate as well as an efficient energy consumption solution. Throughout this work, we provide different solutions that allow to meet these requirements. Foremost, we propose a Compressive Sensing (CS) based solution that allows to equilibrate the traffic carried by nodes regardless their distance from the sink. This solution promotes a larger lifespan of the WSN since it balances the energy consumption between sensor nodes. Our approach differs from existing CS-based solutions by taking into account the sparsity of sensory representation in the temporal domain in addition to the spatial dimension. Moreover, we propose a new formulation to detect aberrant readings. The simulations carried on real datasets prove the efficiency of our approach in terms of data recovering and anomaly detection compared to existing solutions. Aiming to further optimize the use of WSN resources, we propose in our second contribution a Matrix Completion (MC) based data gathering and anomaly detection solution where an arbitrary subset of nodes contributes at the data gathering process at each operating period. To fill the missing values, we mainly relay on the low rank structure of sensory data as well as the sparsity of readings in some transform domain. The developed algorithm also allows to dissemble anomalies from the normal data structure. This solution is enhanced in our third contribution where we propose a constrained formulation of the data gathering and anomalies detection problem. We reformulate the textit{a prior} knowledge about the target data as hard convex constraints. Thus, the involved parameters into the developed algorithm become easy to adjust since they are related to some physical properties of the treated data. Both MC based approaches are tested on real datasets and demonstrate good capabilities in terms of data reconstruction quality and anomaly detection performance. Finally, we propose in the last contribution a position based compressive data gathering scheme where nodes cooperate to compute and transmit only the relevant positions of their sensory sparse representation. This technique provide an efficient tool to deal with the noisy nature of WSN environment as well as detecting spikes in the sensory data. Furthermore, we validate the efficiency of our solution by a theoretical analysis and corroborate it by a simulation evaluation
9
Audibert, Julien. "Unsupervised anomaly detection in time-series". Electronic Thesis or Diss., Sorbonne université, 2021. http://www.theses.fr/2021SORUS358.
Testo completoAbstract (sommario):
La détection d'anomalies dans les séries temporelles multivariées est un enjeu majeur dans de nombreux domaines. La complexité croissante des systèmes et l'explosion de la quantité de données ont rendu son automatisation indispensable. Cette thèse propose une méthode non supervisée de détection d'anomalies dans les séries temporelles multivariées appelée USAD. Cependant, les méthodes de réseaux de neurones profonds souffrent d'une limitation dans leur capacité à extraire des caractéristiques des données puisqu'elles ne s'appuient que sur des informations locales. Afin d'améliorer les performances de ces méthodes, cette thèse présente une stratégie d'ingénierie des caractéristiques qui introduit des informations non-locales. Enfin, cette thèse propose une comparaison de seize méthodes de détection d'anomalies dans les séries temporelles pour comprendre si l'explosion de la complexité des méthodes de réseaux de neurones proposées dans les publications actuelles est réellement nécessaireAnomaly detection in multivariate time series is a major issue in many fields. The increasing complexity of systems and the explosion of the amount of data have made its automation indispensable. This thesis proposes an unsupervised method for anomaly detection in multivariate time series called USAD. However, deep neural network methods suffer from a limitation in their ability to extract features from the data since they only rely on local information. To improve the performance of these methods, this thesis presents a feature engineering strategy that introduces non-local information. Finally, this thesis proposes a comparison of sixteen time series anomaly detection methods to understand whether the explosion in complexity of neural network methods proposed in the current literature is really necessary
10
Orman, Keziban. "Contribution to the interpretation of evolving communities in complex networks : Application to the study of social interactions". Thesis, Lyon, INSA, 2014. http://www.theses.fr/2014ISAL0072/document.
Testo completoAbstract (sommario):
Les réseaux complexes constituent un outil pratique pour modéliser les systèmes complexes réels. Pour cette raison, ils sont devenus très populaires au cours de la dernière décennie. De nombreux outils existent pour étudier les réseaux complexes. Parmi ceux-ci, la détection de la communauté est l’un des plus importants. Une communauté est grossièrement définie comme un groupe de nœuds plus densément connectés entre eux qu’avec le reste du réseau. Dans la littérature, cette définition intuitive a été formalisée de plusieurs différentes façons, ce qui a conduit à d’innombrables méthodes et variantes permettant de les détecter. Du point de vue applicatif, le sens des communautés est aussi important que leur détection. Cependant, bien que la tâche de détection de communautés en elle-même ait attiré énormément d’attention, le problème de leur interprétation n’a pas été sérieusement abordé jusqu’à présent. Dans cette thèse, nous voyons l’interprétation des communautés comme un problème indépendant du processus de leur détection, consistant à identifier les éléments leurs caractéristiques les plus typiques. Nous le décomposons en deux sous-problèmes : 1) trouver un moyen approprié pour représenter une communauté ; et 2) sélectionner de façon objective les parties les plus caractéristiques de cette représentation. Pour résoudre ces deux sous-problèmes, nous exploitons l’information encodée dans les réseaux dynamiques attribués. Nous proposons une nouvelle représentation des communautés sous la forme de séquences temporelles de descripteurs associés à chaque nœud individuellement. Ces descripteurs peuvent être des mesures topologiques et des attributs nodaux. Nous détectons ensuite les motifs séquentiels émergents dans cet ensemble de données, afin d’identifier les ceux qui sont les plus caractéristiques de la communauté. Nous effectuons une validation de notre procédé sur des réseaux attribués dynamiques générés artificiellement. A cette occasion, nous étudions son comportement relativement à des changements structurels de la structure de communautés, à des modifications des valeurs des attributs. Nous appliquons également notre procédé à deux systèmes du monde réel : un réseau de collaborations scientifiques issu de DBLP, et un réseau d’interactions sociales et musicales tiré du service LastFM. Nos résultats montrent que les communautés détectées ne sont pas complètement homogènes. Certaines communautés sont composées de petits groupes de nœuds qui ont tendance à évoluer ensemble au cours du temps, que ce soit en termes de propriétés individuelles ou collectives. Les anomalies détectées correspondent généralement à des profils typiques : nœuds mal placés par l’outil de détection de communautés, ou nœuds différant des tendances de leur communautés sur certains points, et/ou non-synchrones avec l’évolution de leur communauté, ou encore nœuds complètement différentsComplex Networks constitute a convenient tool to model real-world complex systems. For this reason, they have become very popular in the last decade. Many tools exist to study complex networks. Among them, community detection is one of the most important. A community is roughly defined as a group of nodes more connected internally than to the rest of the network. In the literature, this intuitive definition has been formalized in many ways, leading to countless different methods and variants to detect communities. In the large majority of cases, the result of these methods is set of node groups in which each node group corresponds to a community. From the applicative point of view, the meaning of these groups is as important as their detection. However, although the task of detecting communities in itself took a lot of attraction, the problem of interpreting them has not been properly tackled until now. In this thesis, we see the interpretation of communities as a problem independent from the community detection process, consisting in identifying the most characteristic features of communities. We break it down into two sub-problems: 1) finding an appropriate way to represent a community and 2) objectively selecting the most characteristic parts of this representation. To solve them, we take advantage of the information encoded in dynamic attributed networks. We propose a new representation of communities under the form of temporal sequences of topological measures and attribute values associated to individual nodes. We then look for emergent sequential patterns in this dataset, in order to identify the most characteristic community features. We perform a validation of our framework on artificially generated dynamic attributed networks. At this occasion, we study its behavior relatively to changes in the temporal evolution of the communities, and to the distribution and evolution of nodal features. We also apply our framework to real-world systems: a DBLP network of scientific collaborations, and a LastFM network of social and musical interactions. Our results show that the detected communities are not completely homogeneous, in the sense several node topic or interests can be identified for a given community. Some communities are composed of smaller groups of nodes which tend to evolve together as time goes by, be it in terms of individual (attributes, topological measures) or relational (community migration) features. The detected anomalies generally fit some generic profiles: nodes misplaced by the community detection tool, nodes relatively similar to their communities, but also significantly different on certain features and/or not synchronized with their community evolution, and finally nodes with completely different interests
Libri sul tema "Networks anomalies detection"
1
T, Feagin, Overland D, University of Houston--Clear Lake. Research Institute for Computing and Information Systems. e Lyndon B. Johnson Space Center., a cura di. Communications and tracking expert systems study. [Houston, Tex.]: Research Institute for Computing and Information Systems, University of Houston--Clear Lake, 1987.
Cerca il testo completo
2
Parisi, Alessandro. Hands-On Artificial Intelligence for Cybersecurity: Implement Smart AI Systems for Preventing Cyber Attacks and Detecting Threats and Network Anomalies. Packt Publishing, Limited, 2019.
Cerca il testo completo
3
Hands-On Artificial Intelligence for Cybersecurity: Implement Smart AI Systems for Preventing Cyber Attacks and Detecting Threats and Network Anomalies. de Gruyter GmbH, Walter, 2019.
Cerca il testo completoCapitoli di libri sul tema "Networks anomalies detection"
1
Krzysztoń, Mateusz, Marcin Lew e Michał Marks. "NAD: Machine Learning Based Component for Unknown Attack Detection in Network Traffic". In Cybersecurity of Digital Service Chains, 83–102. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-04036-8_4.
Testo completoAbstract (sommario):
AbstractDetection of unknown attacks is challenging due to the lack of exemplary attack vectors. However, previously unknown attacks are a significant danger for systems due to a lack of tools for protecting systems against them, especially in fast-evolving Internet of Things (IoT) technology. The most widely used approach for malicious behaviour of the monitored system is detecting anomalies. The vicious behaviour might result from an attack (both known and unknown) or accidental breakdown. We present a Net Anomaly Detector (NAD) system that uses one-class classification Machine Learning techniques to detect anomalies in the network traffic. The highly modular architecture allows the system to be expanded with adapters for various types of networks. We propose and discuss multiple approaches for increasing detection quality and easing the component deployment in unknown networks by known attacks emulation, exhaustive feature extraction, hyperparameter tuning, detection threshold adaptation and ensemble models strategies. Furthermore, we present both centralized and decentralized deployment schemes and present preliminary results of experiments for the TCP/IP network traffic conducted on the CIC-IDS2017 dataset.
2
Akashi, Osamu, Atsushi Terauchi, Kensuke Fukuda, Toshio Hirotsu, Mitsuru Maruyama e Toshiharu Sugawara. "Detection and Diagnosis of Inter-AS Routing Anomalies by Cooperative Intelligent Agents". In Ambient Networks, 181–92. Berlin, Heidelberg: Springer Berlin Heidelberg, 2005. http://dx.doi.org/10.1007/11568285_16.
Testo completo
3
Čermák, Milan, Pavel Čeleda e Jan Vykopal. "Detection of DNS Traffic Anomalies in Large Networks". In Lecture Notes in Computer Science, 215–26. Cham: Springer International Publishing, 2014. http://dx.doi.org/10.1007/978-3-319-13488-8_20.
Testo completo
4
Dawoud, Ahmed, Seyed Shahristani e Chun Raun. "Unsupervised Deep Learning for Software Defined Networks Anomalies Detection". In Lecture Notes in Computer Science, 167–78. Berlin, Heidelberg: Springer Berlin Heidelberg, 2019. http://dx.doi.org/10.1007/978-3-662-59540-4_9.
Testo completo
5
Hossain, Md Azam, Iqram Hussain, Baseem Al-Athwari e Santosh Dahit. "Network Traffic Anomalies Detection Using Machine Learning Algorithm: A Performance Study". In Lecture Notes in Networks and Systems, 274–82. Singapore: Springer Nature Singapore, 2022. http://dx.doi.org/10.1007/978-981-16-9480-6_26.
Testo completo
6
Bhattacharya, Saurabh, e Manju Pandey. "Anomalies Detection on Contemporary Industrial Internet of Things Data for Securing Crucial Devices". In Lecture Notes in Networks and Systems, 11–20. Singapore: Springer Nature Singapore, 2023. http://dx.doi.org/10.1007/978-981-19-9228-5_2.
Testo completo
7
LaRock, Timothy, Vahan Nanumyan, Ingo Scholtes, Giona Casiraghi, Tina Eliassi-Rad e Frank Schweitzer. "HYPA: Efficient Detection of Path Anomalies in Time Series Data on Networks". In Proceedings of the 2020 SIAM International Conference on Data Mining, 460–68. Philadelphia, PA: Society for Industrial and Applied Mathematics, 2020. http://dx.doi.org/10.1137/1.9781611976236.52.
Testo completo
8
Romero, Santiago Felipe Luna, e Luis Serpa-Andrade. "Intelligent Agent Proposal in a Building Electricity Monitoring System for Anomalies’ Detection Using Reinforcement Learning". In Lecture Notes in Networks and Systems, 207–15. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-80624-8_26.
Testo completo
9
Rajendra, S., Chittaranjan Pradhan e Jayavel Kanniappan. "An Adaptive Detection Mechanism for IoT Devices Anomalies Using AI/ML Based on User Pattern". In Lecture Notes in Networks and Systems, 13–25. Singapore: Springer Nature Singapore, 2024. http://dx.doi.org/10.1007/978-981-99-9043-6_2.
Testo completo
10
Wankhade, Kapil Keshao, Snehlata Dongre, Ravi Chandra, Kishore V. Krishnan e Srikanth Arasavilli. "Machine Learning-Based Detection of Attacks and Anomalies in Industrial Internet of Things (IIoT) Networks". In Applied Soft Computing and Communication Networks, 91–109. Singapore: Springer Nature Singapore, 2024. http://dx.doi.org/10.1007/978-981-97-2004-0_7.
Testo completoAtti di convegni sul tema "Networks anomalies detection"
1
Huang, Hao, Tapan Shah, John Karigiannis e Scott Evans. "Deep Root Cause Analysis: Unveiling Anomalies and Enhancing Fault Detection in Industrial Time Series". In 2024 International Joint Conference on Neural Networks (IJCNN), 1–8. IEEE, 2024. http://dx.doi.org/10.1109/ijcnn60899.2024.10650906.
Testo completo
2
Mosayebi, Reza, e Lutz Lampe. "Anomaly Detection in Optical Fiber: A Change-Point Detection Perspective". In Signal Processing in Photonic Communications, SpTh2G.4. Washington, D.C.: Optica Publishing Group, 2024. http://dx.doi.org/10.1364/sppcom.2024.spth2g.4.
Testo completoAbstract (sommario):
We present a change-point detection algorithm for optical fibers. Utilizing SNR, our approach swiftly identifies soft anomalies, aiding early failure detection. This proactive identification can mitigate connectivity disruptions, an important step toward enhancing network reliability.
3
Kolodziej, Joanna, Mateusz Krzyszton e Pawel Szynkiewicz. "Anomaly Detection In TCP/IP Networks". In 37th ECMS International Conference on Modelling and Simulation. ECMS, 2023. http://dx.doi.org/10.7148/2023-0542.
Testo completoAbstract (sommario):
Intrusion Detection Systems (IDS) should be capable of quickly detecting attacks and network traffic anomalies to reduce the damage to the network components. They may efficiently detect threats based on prior knowledge of attack characteristics and the potential threat impact ('known attacks'). However, IDS cannot recognize threats, and attacks ('unknown attacks') usually occur when using brand-new technologies for system damage. This paper presents two security services -- Net Anomaly Detector (NAD) and a signature-based PGA Filter for detecting attacks and anomalies in TCP/IP networks. Both services are modules of the cloud-based GUARD platform developed in the H2020 GUARD project. Such a platform was the main component of the simulation environment in the work presented in this paper. The provided experiments show that both modules achieved satisfactory results in detecting an unknown type of DoS attacks and signatures of DDoS attacks.
4
Li, Jundong, Harsh Dani, Xia Hu e Huan Liu. "Radar: Residual Analysis for Anomaly Detection in Attributed Networks". In Twenty-Sixth International Joint Conference on Artificial Intelligence. California: International Joint Conferences on Artificial Intelligence Organization, 2017. http://dx.doi.org/10.24963/ijcai.2017/299.
Testo completoAbstract (sommario):
Attributed networks are pervasive in different domains, ranging from social networks, gene regulatory networks to financial transaction networks. This kind of rich network representation presents challenges for anomaly detection due to the heterogeneity of two data representations. A vast majority of existing algorithms assume certain properties of anomalies are given a prior. Since various types of anomalies in real-world attributed networks co-exist, the assumption that priori knowledge regarding anomalies is available does not hold. In this paper, we investigate the problem of anomaly detection in attributed networks generally from a residual analysis perspective, which has been shown to be effective in traditional anomaly detection problems. However, it is a non-trivial task in attributed networks as interactions among instances complicate the residual modeling process. Methodologically, we propose a learning framework to characterize the residuals of attribute information and its coherence with network information for anomaly detection. By learning and analyzing the residuals, we detect anomalies whose behaviors are singularly different from the majority. Experiments on real datasets show the effectiveness and generality of the proposed framework.
5
Zhang, Jiaqiang, Senzhang Wang e Songcan Chen. "Reconstruction Enhanced Multi-View Contrastive Learning for Anomaly Detection on Attributed Networks". In Thirty-First International Joint Conference on Artificial Intelligence {IJCAI-22}. California: International Joint Conferences on Artificial Intelligence Organization, 2022. http://dx.doi.org/10.24963/ijcai.2022/330.
Testo completoAbstract (sommario):
Detecting abnormal nodes from attributed networks is of great importance in many real applications, such as financial fraud detection and cyber security. This task is challenging due to both the complex interactions between the anomalous nodes with other counterparts and their inconsistency in terms of attributes. This paper proposes a self-supervised learning framework that jointly optimizes a multi-view contrastive learning-based module and an attribute reconstruction-based module to more accurately detect anomalies on attributed networks. Specifically, two contrastive learning views are firstly established, which allow the model to better encode rich local and global information related to the abnormality. Motivated by the attribute consistency principle between neighboring nodes, a masked autoencoder-based reconstruction module is also introduced to identify the nodes which have large reconstruction errors, then are regarded as anomalies. Finally, the two complementary modules are integrated for more accurately detecting the anomalous nodes. Extensive experiments conducted on five benchmark datasets show our model outperforms current state-of-the-art models.
6
Liu, Chen, Shibo He, Qihang Zhou, Shizhong Li e Wenchao Meng. "Large Language Model Guided Knowledge Distillation for Time Series Anomaly Detection". In Thirty-Third International Joint Conference on Artificial Intelligence {IJCAI-24}. California: International Joint Conferences on Artificial Intelligence Organization, 2024. http://dx.doi.org/10.24963/ijcai.2024/239.
Testo completoAbstract (sommario):
Self-supervised methods have gained prominence in time series anomaly detection due to the scarcity of available annotations. Nevertheless, they typically demand extensive training data to acquire a generalizable representation map, which conflicts with scenarios of a few available samples, thereby limiting their performance. To overcome the limitation, we propose AnomalyLLM, a knowledge distillation-based time series anomaly detection approach where the student network is trained to mimic the features of the large language model (LLM)-based teacher network that is pretrained on large-scale datasets. During the testing phase, anomalies are detected when the discrepancy between the features of the teacher and student networks is large. To circumvent the student network from learning the teacher network’s feature of anomalous samples, we devise two key strategies. 1) Prototypical signals are incorporated into the student network to consolidate the normal feature extraction. 2) We use synthetic anomalies to enlarge the representation gap between the two networks. AnomalyLLM demonstrates state-of-the-art performance on 15 datasets, improving accuracy by at least 14.5% in the UCR dataset.
7
Zhang, Zheng, e Liang Zhao. "Unsupervised Deep Subgraph Anomaly Detection (Extended Abstract)". In Thirty-Second International Joint Conference on Artificial Intelligence {IJCAI-23}. California: International Joint Conferences on Artificial Intelligence Organization, 2023. http://dx.doi.org/10.24963/ijcai.2023/730.
Testo completoAbstract (sommario):
Effectively mining anomalous subgraphs in networks is crucial for various applications, including disease outbreak detection, financial fraud detection, and activity monitoring in social networks. However, identifying anomalous subgraphs poses significant challenges due to their complex topological structures, high-dimensional attributes, multiple notions of anomalies, and the vast subgraph space within a given graph. Classical shallow models rely on handcrafted anomaly measure functions, limiting their applicability when prior knowledge is unavailable. Deep learning-based methods have shown promise in detecting node-level, edge-level, and graph-level anomalies, but subgraph-level anomaly detection remains under-explored due to difficulties in subgraph representation learning, supervision, and end-to-end anomaly quantification. To address these challenges, this paper introduces a novel deep framework named Anomalous Subgraph Autoencoder (AS-GAE). AS-GAE leverages an unsupervised and weakly supervised approach to extract anomalous subgraphs. It incorporates a location-aware graph autoencoder to uncover anomalous areas based on reconstruction mismatches and introduces a supermodular graph scoring function module to assign meaningful anomaly scores to subgraphs within the identified anomalous areas. Extensive experiments on synthetic and real-world datasets demonstrate the effectiveness of our proposed method.
8
Shekhar, Prashant, e Rahul Rai. "Anomaly Detection in Complex Spatiotemporal Networks Through Location Aware Geospatial Big Data Sets". In ASME 2016 International Design Engineering Technical Conferences and Computers and Information in Engineering Conference. American Society of Mechanical Engineers, 2016. http://dx.doi.org/10.1115/detc2016-59587.
Testo completoAbstract (sommario):
Anomaly detection is an important problem that has been researched in several domains. Based on the available data patterns, various supervised and unsupervised anomaly detection techniques have been introduced. In this paper, a novel anomaly detection technique for location aware geospatial big dataset is outlined. Specifically, we focus on anomaly detection in spatiotemporal complex networks. The outlined technique incorporates components of anomaly quantification and decision making on spatiotemporal graphs and embeds simultaneous learning and detection procedures. The magnitude of an anomaly at each time step is quantified to signify the pattern of anomalous behavior in the spatiotemporal network. We illustrate the efficacy of the proposed method by detecting and indicating the time and location of a single or multiple anomalies in an illustrative traffic network problem. Theoretical experiments on a suite of six randomly generated traffic network problems have been performed. The performance of the proposed algorithm with tuned parameters on this random set of problem instances clearly establishes the effectiveness and applicability of the introduced solution procedure.
9
Barker, Jack W., e Toby P. Breckon. "PANDA: Perceptually Aware Neural Detection of Anomalies". In 2021 International Joint Conference on Neural Networks (IJCNN). IEEE, 2021. http://dx.doi.org/10.1109/ijcnn52387.2021.9534399.
Testo completo
10
Liu, Ninghao, Xiao Huang e Xia Hu. "Accelerated Local Anomaly Detection via Resolving Attributed Networks". In Twenty-Sixth International Joint Conference on Artificial Intelligence. California: International Joint Conferences on Artificial Intelligence Organization, 2017. http://dx.doi.org/10.24963/ijcai.2017/325.
Testo completoAbstract (sommario):
Attributed networks, in which network connectivity and node attributes are available, have been increasingly used to model real-world information systems, such as social media and e-commerce platforms. While outlier detection has been extensively studied to identify anomalies that deviate from certain chosen background, existing algorithms cannot be directly applied on attributed networks due to the heterogeneous types of information and the scale of real-world data. Meanwhile, it has been observed that local anomalies, which may align with global condition, are hard to be detected by existing algorithms with interpretability. Motivated by the observations, in this paper, we propose to study the problem of effective and efficient local anomaly detection in attributed networks. In particular, we design a collective way for modeling heterogeneous network and attribute information, and develop a novel and efficient distributed optimization algorithm to handle large-scale data. In the experiments, we compare the proposed framework with the state-of-the-art methods on both real and synthetic datasets, and demonstrate its effectiveness and efficiency through quantitative evaluation and case studies.
Rapporti di organizzazioni sul tema "Networks anomalies detection"
1
Kirichek, Galina, Vladyslav Harkusha, Artur Timenko e Nataliia Kulykovska. System for detecting network anomalies using a hybrid of an uncontrolled and controlled neural network. [б. в.], febbraio 2020. http://dx.doi.org/10.31812/123456789/3743.
Testo completoAbstract (sommario):
In this article realization method of attacks and anomalies detection with the use of training of ordinary and attacking packages, respectively. The method that was used to teach an attack on is a combination of an uncontrollable and controlled neural network. In an uncontrolled network, attacks are classified in smaller categories, taking into account their features and using the self- organized map. To manage clusters, a neural network based on back-propagation method used. We use PyBrain as the main framework for designing, developing and learning perceptron data. This framework has a sufficient number of solutions and algorithms for training, designing and testing various types of neural networks. Software architecture is presented using a procedural-object approach. Because there is no need to save intermediate result of the program (after learning entire perceptron is stored in the file), all the progress of learning is stored in the normal files on hard disk.
2
Tayeb, Shahab. Taming the Data in the Internet of Vehicles. Mineta Transportation Institute, gennaio 2022. http://dx.doi.org/10.31979/mti.2022.2014.
Testo completoAbstract (sommario):
As an emerging field, the Internet of Vehicles (IoV) has a myriad of security vulnerabilities that must be addressed to protect system integrity. To stay ahead of novel attacks, cybersecurity professionals are developing new software and systems using machine learning techniques. Neural network architectures improve such systems, including Intrusion Detection System (IDSs), by implementing anomaly detection, which differentiates benign data packets from malicious ones. For an IDS to best predict anomalies, the model is trained on data that is typically pre-processed through normalization and feature selection/reduction. These pre-processing techniques play an important role in training a neural network to optimize its performance. This research studies the impact of applying normalization techniques as a pre-processing step to learning, as used by the IDSs. The impacts of pre-processing techniques play an important role in training neural networks to optimize its performance. This report proposes a Deep Neural Network (DNN) model with two hidden layers for IDS architecture and compares two commonly used normalization pre-processing techniques. Our findings are evaluated using accuracy, Area Under Curve (AUC), Receiver Operator Characteristic (ROC), F-1 Score, and loss. The experimentations demonstrate that Z-Score outperforms no-normalization and the use of Min-Max normalization.
3
León, Carlos. Detecting anomalous payments networks: A dimensionality reduction approach. Banco de la República de Colombia, dicembre 2019. http://dx.doi.org/10.32468/be.1098.
Testo completo
4
Valdez, Luis, e Alexander Heifetz. Detection of Anomalies in Environmental Gamma Radiation Background with Hopfield Artificial Neural Network - Consortium on Nuclear Security Technologies (CONNECT) Q3 Report. Office of Scientific and Technical Information (OSTI), gennaio 2021. http://dx.doi.org/10.2172/1827413.
Testo completo