• 지능정보연구
• /
• 제29권3호
• /
• pp.229-247
• /
• 2023

여러 분야에서 이상탐지의 중요성이 강조됨에 따라, 다양한 데이터 유형과 이상치 유형에 대한 이상탐지 알고리즘이 개발되고 있다. 하지만 이상탐지 알고리즘의 성능은 주로 공개 데이터 세트에 대해 측정될 뿐 특정 유형의 이상치에서 나타나는 각 알고리즘의 성능은 확인되지 않고 있으므로, 분석 상황에 맞는 적절한 이상탐지 알고리즘 선택에 어려움이 있다. 이에 본 논문에서는 이상치의 유형과 다양한 데이터 속성을 먼저 파악하여, 이를 기반으로 적절한 이상탐지 알고리즘 선택에 도움을 줄 수 있는 방안을 제시하고자 한다. 구체적으로 본 연구에서는 지역, 전역, 종속성, 그리고 군집화의 총 4가지 이상치 유형에 대해 이상탐지 알고리즘의 성능을 비교하고, 추가 분석을 통해 라벨 수준, 데이터 개수, 그리고 차원 수가 성능에 미치는 영향을 확인한다. 실험 결과 이상치 유형에 따라 가장 우수한 성능을 나타내는 알고리즘이 다르게 나타나며, 이상치 유형에 대한 정보가 없는 경우에도 안정적인 성능을 보여주는 알고리즘을 확인했다. 또한 비지도 학습 기반 이상탐지 알고리즘의 성능이 지도 학습 및 준지도 학습 알고리즘의 성능보다 낮게 나타나는 유형을 확인하였다. 마지막으로 데이터 개수가 상대적으로 적거나 많을 때 대부분 알고리즘들의 성능이 이상치 유형에 더 강하게 영향을 받으며, 상대적으로 고차원일 경우 지역, 전역 이상치에서는 우수한 성능을 보였지만 군집화 이상치 유형에서 낮은 성능을 나타냄을 확인하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제16권8호
• /
• pp.2787-2800
• /
• 2022

The aging society increases emergency situations of the elderly living alone and a variety of social crimes. In order to prevent them, techniques to detect emergency situations through voice are actively researched. This study proposes CutPaste-based anomaly detection model using multi-scale feature extraction in time series streaming data. In the proposed method, an audio file is converted into a spectrogram. In this way, it is possible to use an algorithm for image data, such as CNN. After that, mutli-scale feature extraction is applied. Three images drawn from Adaptive Pooling layer that has different-sized kernels are merged. In consideration of various types of anomaly, including point anomaly, contextual anomaly, and collective anomaly, the limitations of a conventional anomaly model are improved. Finally, CutPaste-based anomaly detection is conducted. Since the model is trained through self-supervised learning, it is possible to detect a diversity of emergency situations as anomaly without labeling. Therefore, the proposed model overcomes the limitations of a conventional model that classifies only labelled emergency situations. Also, the proposed model is evaluated to have better performance than a conventional anomaly detection model.

• 천문학회보
• /
• 제41권1호
• /
• pp.45.2-45.2
• /
• 2016

In this study we investigate 195 spacecraft anomalies from 1998 to 2010 from Satellite News Digest (SND). We classify these data according to types of anomaly : Control, Power, Telemetry etc. We examine the association between these anomaly data and daily peak particle (electron and proton) flux data from GOES as well as their occurrence rates. To determine the association, we use two criteria that electron criterion is >10,000 pfu and proton criterion is >100 pfu. Main results from this study are as flows. First, the number of days satisfying the criteria for electron flux has a peak near a week before the anomaly day and decreases from the peak day to the anomaly day, while that for proton flux has a peak near the anomaly day. Second, we found a similar pattern for the mean daily peak particle (electron and proton) flux as a function of day before the anomaly day. Third, an examination of multiple spacecraft anomaly events, which are likely to occur by severe space weather effects, shows that anomalies mostly occur either when electron fluxes are in the declining stage, or when daily proton peak fluxes are strongly enhanced. This result is very consistent with the above statistical studies. Our results will be discussed in view of the origins of spacecraft anomaly.

• Structural Engineering and Mechanics
• /
• 제88권6호
• /
• pp.569-581
• /
• 2023

This paper introduces a system to detect and diagnose anomalies in pumped storage hydropower plants. We collect data from various types of sensors, including those monitoring temperature, vibration, and power. The data are classified according to the operation modes (pump and turbine operation modes) and normalized to remove the influence of the external environment. To detect anomalies and diagnose their types, we adopt a multivariate normal distribution analysis by learning the distribution of the normal data. The feasibility of the proposed system is evaluated using actual monitoring data of a pumped storage hydropower plant. The proposed system can be used to implement condition monitoring systems for other plants through modifications.

• Smart Structures and Systems
• /
• 제29권1호
• /
• pp.77-91
• /
• 2022

Various monitoring systems have been implemented in civil infrastructure to ensure structural safety and integrity. In long-term monitoring, these systems generate a large amount of data, where anomalies are not unusual and can pose unique challenges for structural health monitoring applications, such as system identification and damage detection. Therefore, developing efficient techniques is quite essential to recognize the anomalies in monitoring data. In this study, several machine learning techniques are explored and implemented to detect and classify various types of data anomalies. A field dataset, which consists of one month long acceleration data obtained from a long-span cable-stayed bridge in China, is employed to examine the machine learning techniques for automated data anomaly detection. These techniques include the statistic-based pattern recognition network, spectrogram-based convolutional neural network, image-based time history convolutional neural network, image-based time-frequency hybrid convolution neural network (GoogLeNet), and proposed ensemble neural network model. The ensemble model deliberately combines different machine learning models to enhance anomaly classification performance. The results show that all these techniques can successfully detect and classify six types of data anomalies (i.e., missing, minor, outlier, square, trend, drift). Moreover, both image-based time history convolutional neural network and GoogLeNet are further investigated for the capability of autonomous online anomaly classification and found to effectively classify anomalies with decent performance. As seen in comparison with accuracy, the proposed ensemble neural network model outperforms the other three machine learning techniques. This study also evaluates the proposed ensemble neural network model to a blind test dataset. As found in the results, this ensemble model is effective for data anomaly detection and applicable for the signal characteristics changing over time.

• Smart Structures and Systems
• /
• 제30권6호
• /
• pp.613-626
• /
• 2022

Guaranteeing the quality and integrity of structural health monitoring (SHM) data is very important for an effective assessment of structural condition. However, sensory system may malfunction due to sensor fault or harsh operational environment, resulting in multiple types of data anomaly existing in the measured data. Efficiently and automatically identifying anomalies from the vast amounts of measured data is significant for assessing the structural conditions and early warning for structural failure in SHM. The major challenges of current automated data anomaly detection methods are the imbalance of dataset categories. In terms of the feature of actual anomalous data, this paper proposes a data anomaly detection method based on data-level and deep learning technique for SHM of civil engineering structures. The proposed method consists of a data balancing phase to prepare a comprehensive training dataset based on data-level technique, and an anomaly detection phase based on a sophisticatedly designed network. The advanced densely connected convolutional network (DenseNet) and Transformer encoder are embedded in the specific network to facilitate extraction of both detail and global features of response data, and to establish the mapping between the highest level of abstractive features and data anomaly class. Numerical studies on a steel frame model are conducted to evaluate the performance and noise immunity of using the proposed network for data anomaly detection. The applicability of the proposed method for data anomaly classification is validated with the measured data of a practical supertall structure. The proposed method presents a remarkable performance on data anomaly detection, which reaches a 95.7% overall accuracy with practical engineering structural monitoring data, which demonstrates the effectiveness of data balancing and the robust classification capability of the proposed network.

• 한국컴퓨터정보학회논문지
• /
• 제28권11호
• /
• pp.89-101
• /
• 2023

사이버 공격으로 인한 국가, 기업 등의 피해를 막기 위해 공격자의 접근을 사전에 감지하는 이상 탐지 기술이 꾸준히 연구되어왔다. 외부 혹은 내부에서 침입하는 공격들을 즉각적으로 막기 위해 실행시간의 감축과 오탐지 감소는 필수불가결하다. 본 연구에서는 공격 이벤트의 유형과 빈도가 이상 탐지 정탐률 향상 및 오탐률 감소에 영향을 미칠 것으로 가설을 세우고, 검증을 위해 Los Alamos National Laboratory의 2015년 로그인 로그 데이터셋을 사용하였다. 전처리 된 데이터를 대표적인 이상행위 탐지 알고리즘에 적용한 결과, 공격 이벤트 유형과 빈도를 동시에 적용한 특성을 사용하는 것이 이상행위 탐지의 오탐률과 수행시간을 절감하는데 매우 효과적임을 확인하였다.

• Journal of Chest Surgery
• /
• 제12권2호
• /
• pp.135-139
• /
• 1979

Interruption of the aortic arch may be defined as discontinuity of the aortic arch in which either an aortic branch vessel or a patent ductus arteriosus supplies the descending aorta. This uncommon lesion was described first by Raphe Steidele in 1778 and was later classified into 3 types by Celoria and Patton. This anomaly rarely occurs as an isolated anomaly. Most commonly, a ventricular septal defect, patent ductus arteriosus, and abnormal arrangement of the brachiocephalic arteries occurs together with arch anomaly. Rarely, more complex anomaly, such as transposition of the great vessel, or single ventricle, is coexistent. We present the case of an 6 year-old boy with D-transposition of great vessel single ventricle, patent ductus arteriosus and patent foramen ovale with interruption of the aortic arch (Type A).

• Journal of Communications and Networks
• /
• 제10권1호
• /
• pp.89-97
• /
• 2008

Anomaly detection systems playa significant role in protection mechanism against attacks launched on a network. The greatest challenge in designing systems detecting anomalous exploits is defining what to measure. Effective yet simple, Shannon entropy metrics have been successfully used to detect specific types of malicious traffic in a number of commercially available IDS's. We believe that Renyi entropy measures can also adequately describe the characteristics of a network as a whole as well as detect abnormal traces in the observed traffic. In addition, Renyi entropy metrics might boost sensitivity of the methods when disambiguating certain anomalous patterns. In this paper we describe our efforts to understand how Renyi mutual information can be applied to anomaly detection as an offline computation. An initial analysis has been performed to determine how well fast spreading worms (Slammer, Code Red, and Welchia) can be detected using our technique. We use both synthetic and real data audits to illustrate the potentials of our method and provide a tentative explanation of the results.

• 대한두경부종양학회지
• /
• 제10권2호
• /
• pp.122-127
• /
• 1994

One hundred fifty four cases of branchial anomaly treated from January 1987 to July 1993 were analysed to determine clinical features, embryologic and anatomic types of the branchial cleft anomaly, to investigate the differences between adults and pediatrics, and to establish the appropriate treatment plan. The male to female ratio was not signifiacntly different in pediatric and adult patients. The mean symptom duration was 0.5 years(range 0.08-14 years) in pediatric patients and 1.67 years (0.7-7 years) in adult patients. The clinical presentations of these anomalies were lateral neck mass in 112(72.7%), infected discharge in 22(14.3%), non-infected discharge in 6(3.9%), and abscess in 14 cases(9.l%). Sites of the lesions were upper third of the neck in 93(60.3%), infraauricular in 35(22.7%), middle third of the neck in 17(11.0%) and inferior third of the neck in 9 cases(5.8%). The anatomic types were cystic form in 117(75.9%), sinus in 24(15.5%), and fistula in 13 cases(8.4%). Embryologic classification were 124 second branchial cleft anomalies(80.5%), 29 first branchial cleft anomalies(18.8%), and 1 third branchial cleft anomaly(0.6%). Immediate surgery under the uncontrolled infection in 17 cases result in 82.4% recurrent rate(14 cases), and 17.6% cure rate(3 cases). Delayed surgery under the controlled infection in 8 cases recurrent rate(1 case), and 87.5% cure rate(7 cases). In summary, the most common branchial cleft anomaly is second type cyst both in pediatric and adult group, delayed surgical exterpation after infection control with I & D or antibiotics may give a good chance for care and may reduce the recurrence.