• ETRI Journal
• /
• v.45 no.4
• /
• pp.650-665
• /
• 2023

A novel smart metering technique capable of anomaly detection was proposed for real-time home power management system. Smart meter data generated in real-time were obtained from 900 households of single apartments. To detect outliers and missing values in smart meter data, a deep learning model, the autoencoder, consisting of a graph convolutional network and bidirectional long short-term memory network, was applied to the smart metering technique. Power management based on the smart metering technique was executed by multi-objective optimization in the presence of a battery storage system and an electric vehicle. The results of the power management employing the proposed smart metering technique indicate a reduction in electricity cost and amount of power supplied by the grid compared to the results of power management without anomaly detection.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.3
• /
• pp.127-136
• /
• 2024

This study explores the correlation between system anomalies and large-scale logs within the Spark cluster environment. While research on anomaly detection using logs is growing, there remains a limitation in adequately leveraging logs from various components of the cluster and considering the relationship between anomalies and the system. Therefore, this paper analyzes the distribution of normal and abnormal logs and explores the potential for anomaly detection based on the occurrence of log templates. By employing Hadoop and Spark, normal and abnormal log data are generated, and through t-SNE and K-means clustering, templates of abnormal logs in anomalous situations are identified to comprehend anomalies. Ultimately, unique log templates occurring only during abnormal situations are identified, thereby presenting the potential for anomaly detection.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.8
• /
• pp.2298-2315
• /
• 2024

This paper introduces a method aimed at diagnosing the presence or absence of lesions by detecting anomalies in Chest X-ray images. The proposed approach is based on the PatchCore anomaly detection method, which extracts a feature vector containing location information of an image patch from normal image data and calculates the anomaly distance from the normal vector. However, applying PatchCore directly to medical image processing presents challenges due to the possibility of diseases occurring only in specific organs and the presence of image noise unrelated to lesions. In this study, we present an image alignment method that utilizes affine transformation parameter prediction to standardize already captured X-ray images into a specific composition. Additionally, we introduce a region-specific abnormality detection method that requires affine-transformed chest X-ray images. Furthermore, we propose a method to enhance application efficiency and performance through feature map hard masking. The experimental results demonstrate that our proposed approach achieved a maximum AUROC (Area Under the Receiver Operating Characteristic) of 0.774. Compared to a previous study conducted on the same dataset, our method shows a 6.9% higher performance and improved accuracy.

• Advances in concrete construction
• /
• v.17 no.2
• /
• pp.53-66
• /
• 2024

Domain Name Systems (DNS) provide critical performance in directing Internet traffic. It is a significant duty of DNS service providers to protect DNS servers from bandwidth attacks. Data mining techniques may identify different trends in detecting anomalies, but these approaches are insufficient to provide adequate methods for querying traffic data in significant network environments. The patterns can enable the providers of DNS services to find anomalies. Accordingly, this research has used a new approach to find the anomalies using the Neural Network (NN) because intrusion detection techniques or conventional rule-based anomaly are insufficient to detect general DNS anomalies using multi-enterprise network traffic data obtained from network traffic data (from different organizations). NN was developed, and its results were measured to determine the best performance in anomaly detection using DNS query data. Going through the R² results, it was found that NN could satisfactorily perform the DNS anomaly detection process. Based on the results, the security weaknesses and problems related to unpredictable matters could be practically distinguished, and many could be avoided in advance. Based on the R² results, the NN could perform remarkably well in general DNS anomaly detection processing in this study.

• Journal of Internet Computing and Services
• /
• v.9 no.6
• /
• pp.27-35
• /
• 2008

With the proliferation of wireless devices, mobile ad-hoc networking (MANETS) has become a very exciting and important technology. However, MANET is more vulnerable than wired networking. Existing security mechanisms designed for wired networks have to be redesigned in this new environment. In this paper, we discuss the problem of anomaly detection in MANET. The focus of our research is on techniques for automatically constructing anomaly detection models that are capable of detecting new or unseen attacks. We propose a new anomaly detection method for MANETs. The proposed method performs cross-feature analysis on the basis of Rough sets to capture the inter-feature correlation patterns in normal traffic. The performance of the proposed method is evaluated through a simulation. The results show that the performance of the proposed method is superior to the performance of Huang method that uses cross-feature based on the probability of feature attribute value. Accordingly, we know that the proposed method effectively detects anomalies.

• Journal of Korean Society for Quality Management
• /
• v.49 no.4
• /
• pp.581-594
• /
• 2021

Purpose: The purpose of this study is to compare machine learning models for anomaly detection of mechanical facility equipment and suggest an anomaly detection system for mechanical facility equipment in subway stations. It helps to predict failures and plan the maintenance of facility. Ultimately it aims to improve the quality of facility equipment. Methods: The data collected from Daejeon Metropolitan Rapid Transit Corporation was used in this experiment. The experiment was performed using Python, Scikit-learn, tensorflow 2.0 for preprocessing and machine learning. Also it was conducted in two failure states of the equipment. We compared and analyzed five unsupervised machine learning models focused on model Long Short-Term Memory Variational Autoencoder(LSTM-VAE). Results: In both experiments, change in vibration and current data was observed when there is a defect. When the rotating body failure was happened, the magnitude of vibration has increased but current has decreased. In situation of axis alignment failure, both of vibration and current have increased. In addition, model LSTM-VAE showed superior accuracy than the other four base-line models. Conclusion: According to the results, model LSTM-VAE showed outstanding performance with more than 97% of accuracy in the experiments. Thus, the quality of mechanical facility equipment will be improved if the proposed anomaly detection system is established with this model used.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.27 no.1
• /
• pp.8-14
• /
• 2023

The existing self-supervised learning-based CutPaste generated synthetic data by cutting and attaching specific patches from normal images and then performed anomaly detection. However, this method has a problem in that there is a clear difference in the boundary of the patch. NSA for solving these problems have achieved higher anomaly detection performance by generating natural synthetic data through Poisson Blending. However, NSA has the disadvantage of having many hyperparameters that need to be adjusted for each class. In this paper, synthetic data similar to normal were generated by a simple method of making the size of the synthetic patch very small. At this time, since the patches are so locally synthesized, models that learn local features can easily overfit synthetic data. Therefore, we performed anomaly detection using gMLP, which learns global features, and even with simple synthesis methods, we were able to achieve higher performance than conventional self-supervised learning techniques.

• The Journal of Society for e-Business Studies
• /
• v.27 no.1
• /
• pp.1-13
• /
• 2022

With the development of network technologies, the security to protect organizational resources from internal and external intrusions and threats becomes more important. Therefore in recent years, the anomaly detection algorithm that detects and prevents security threats with respect to various security log events has been actively studied. Security anomaly detection algorithms that have been developed based on rule-based or statistical learning in the past are gradually evolving into modeling based on machine learning and deep learning. In this study, we propose a deep-autoencoder model that transforms LSTM-autoencoder as an optimal algorithm to detect insider threats in advance using various machine learning analysis methodologies. This study has academic significance in that it improved the possibility of adaptive security through the development of an anomaly detection algorithm based on unsupervised learning, and reduced the false positive rate compared to the existing algorithm through supervised true positive labeling.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.11
• /
• pp.19-27
• /
• 2022

In this study, we propose a language and platform to describe and manage the MLOps(Machine Learning Operations) workflow for time series data anomaly detection. Time series data is collected in many fields, such as IoT sensors, system performance indicators, and user access. In addition, it is used in many applications such as system monitoring and anomaly detection. In order to perform prediction and anomaly detection of time series data, the MLOps platform that can quickly and flexibly apply the analyzed model to the production environment is required. Thus, we developed Python-based AI/ML Modeling Language (AMML) to easily configure and execute MLOps workflows. Python is widely used in data analysis. The proposed MLOps platform can extract and preprocess time series data from various data sources (R-DB, NoSql DB, Log File, etc.) using AMML and predict it through a deep learning model. To verify the applicability of AMML, the workflow for generating a transformer oil temperature prediction deep learning model was configured with AMML and it was confirmed that the training was performed normally.

• Journal of Internet Computing and Services
• /
• v.24 no.1
• /
• pp.49-59
• /
• 2023

Recently, attention to the pandemic situation represented by COVID-19 emerged problems caused by unexpected shortage of medical personnel. In this paper, we present a method for diagnosing the presence or absence of lesional sign on PA chest X-ray images as computer vision solution to support diagnosis tasks. Method for visual anomaly detection based on feature modeling can be also applied to X-ray images. With extracting feature vectors from PA chest X-ray images and divide to patch unit, region-specific abnormality can be detected. As preliminary experiment, we created simulation data set containing multiple objects and present results of the comparative experiments in this paper. We present method to improve both efficiency and performance of the process through hard masking of patch features to aligned images. By summing up regional specificity and global anomaly detection results, it shows improved performance by 0.069 AUROC compared to previous studies. By aggregating region-specific and global anomaly detection results, it shows improved performance by 0.069 AUROC compared to our last study.