• Journal of Korean Institute of Industrial Engineers
• /
• v.41 no.6
• /
• pp.540-550
• /
• 2015

There have been many attempts to find knowledge from data using conventional statistics, data mining, artificial intelligence, machine learning and pattern recognition. In those research areas, knowledge is approached in two ways. Firstly, researchers discover knowledge represented in general features for universal recognition, and secondly, they discover exceptional and distinctive features. In process mining, an instance is sequential information bounded by case ID, known as process instance. Here, an exceptional process instance can cause a problem in the analysis and discovery algorithm. Hence, in this paper we develop a method to detect the knowledge of exceptional and distinctive features when performing process mining. We propose a method for anomaly detection named Distance-based Anomaly Process Instance Detection (DAPID) which utilizes distance between process instances. DAPID contributes to a discovery of distinctive characteristic of process instance. For verifying the suggested methodology, we discovered characteristics of exceptional situations from log data. Additionally, we experiment on real data from a domestic port terminal to demonstrate our proposed methodology.

• Journal of Convergence for Information Technology
• /
• v.12 no.1
• /
• pp.31-38
• /
• 2022

This paper applies an expert independent unsupervised neural network learning-based multivariate time series data analysis model, MSCRED(Multi-Scale Convolutional Recurrent Encoder-Decoder), and to overcome the limitation, because the MCRED is based on Auto-encoder model, that train data must not to be contaminated, by using learning data sampling technique, called Subset Sampling Validation. By using the vibration data of power plant equipment that has been labeled, the classification performance of MSCRED is evaluated with the Anomaly Score in many cases, 1) the abnormal data is mixed with the training data 2) when the abnormal data is removed from the training data in case 1. Through this, this paper presents an expert-independent anomaly diagnosis framework that is strong against error data, and presents a concise and accurate solution in various fields of multivariate time series data.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.6
• /
• pp.1516-1529
• /
• 2023

In this paper, a motor gearbox fault-detection system based on a hierarchical flow-based model is proposed. The proposed system is used for the anomaly detection of a motion sound-based actuator module. The proposed flow-based model, which is a generative model, learns by directly modeling a data distribution function. As the objective function is the maximum likelihood value of the input data, the training is stable and simple to use for anomaly detection. The operation sound of a car's side-view mirror motor is converted into a Mel-spectrogram image, consisting of a folding signal and an unfolding signal, and used as training data in this experiment. The proposed system is composed of an encoder and a decoder. The data extracted from the layer of the pretrained feature extractor are used as the decoder input data in the encoder. This information is used in the decoder by performing an interlayer cross-scale convolution operation. The experimental results indicate that the context information of various dimensions extracted from the interlayer hierarchical data improves the defect detection accuracy. This paper is notable because it uses acoustic data and a normalizing flow model to detect outliers based on the features of experimental data.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.27 no.1
• /
• pp.8-14
• /
• 2023

The existing self-supervised learning-based CutPaste generated synthetic data by cutting and attaching specific patches from normal images and then performed anomaly detection. However, this method has a problem in that there is a clear difference in the boundary of the patch. NSA for solving these problems have achieved higher anomaly detection performance by generating natural synthetic data through Poisson Blending. However, NSA has the disadvantage of having many hyperparameters that need to be adjusted for each class. In this paper, synthetic data similar to normal were generated by a simple method of making the size of the synthetic patch very small. At this time, since the patches are so locally synthesized, models that learn local features can easily overfit synthetic data. Therefore, we performed anomaly detection using gMLP, which learns global features, and even with simple synthesis methods, we were able to achieve higher performance than conventional self-supervised learning techniques.

• ETRI Journal
• /
• v.41 no.5
• /
• pp.608-618
• /
• 2019

We propose a general framework for keyed learning, where a secret key is used as an additional input of an adversarial learning system. We also define models and formal challenges for an adversary who knows the learning algorithm and its input data but has no access to the key value. This adversarial learning framework is subsequently applied to a more specific context of anomaly detection, where the secret key finds additional practical uses and guides the entire learning and alarm-generating procedure.

• KIPS Transactions on Software and Data Engineering
• /
• v.12 no.8
• /
• pp.355-364
• /
• 2023

As advanced cyber threats continue to increase in recent years, it is difficult to detect new types of cyber attacks with existing pattern or signature-based intrusion detection method. Therefore, research on anomaly detection methods using data learning-based artificial intelligence technology is increasing. In addition, supervised learning-based anomaly detection methods are difficult to use in real environments because they require sufficient labeled data for learning. Research on an unsupervised learning-based method that learns from normal data and detects an anomaly by finding a pattern in the data itself has been actively conducted. Therefore, this study aims to extract a latent vector that preserves useful sequence information from sequence log data and develop an anomaly detection learning model using the extracted latent vector. Word2Vec was used to create a dense vector representation corresponding to the characteristics of each sequence, and an unsupervised autoencoder was developed to extract latent vectors from sequence data expressed as dense vectors. The developed autoencoder model is a recurrent neural network GRU (Gated Recurrent Unit) based denoising autoencoder suitable for sequence data, a one-dimensional convolutional neural network-based autoencoder to solve the limited short-term memory problem that GRU can have, and an autoencoder combining GRU and one-dimensional convolution was used. The data used in the experiment is time-series-based NGIDS (Next Generation IDS Dataset) data, and as a result of the experiment, an autoencoder that combines GRU and one-dimensional convolution is better than a model using a GRU-based autoencoder or a one-dimensional convolution-based autoencoder. It was efficient in terms of learning time for extracting useful latent patterns from training data, and showed stable performance with smaller fluctuations in anomaly detection performance.

• Journal of Information Processing Systems
• /
• v.17 no.6
• /
• pp.1071-1082
• /
• 2021

Since the smart factory has been recently recognized as an industrial core requirement, various mechanisms to ensure efficient and stable operation have attracted much attention. This attention is based on the fact that in a smart factory environment where operating processes, such as facility control, data collection, and decision making are automated, the disruption of processes due to problems such as facility anomalies causes considerable losses. Although many studies have considered methods to prevent such losses, few have investigated how to effectively apply the solutions. This study proposes a Kubernetes based system applied in a smart factory providing effective operation and facility management. To develop the system, we employed a useful and popular open source project, and adopted deep learning based anomaly detection model for multi-sensor anomaly detection. This can be easily modified without interruption by changing the container image for inference. Through experiments, we have verified that the proposed method can provide system stability through nondisruptive maintenance, monitoring and non-disruptive updates for anomaly detection models.

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• v.26 no.4
• /
• pp.310-322
• /
• 2022

In this report, we apply an anomaly detection algorithm to a mobile oral health care application. In particular, we have investigated one class YOLOv3 as an anomaly detection model to classify pictures of mouths which will be used as inputs in the following machine learning model. We have achieved outstanding performances by proposing appropriate annotation strategies for our data sets and modifying the loss function. Moreover, the model can classify not only oral and non-oral pictures but also output preprocessed pictures that only contain the area around the lips by using the predicted bounding box. Thus, the model performs prediction and preprocessing simultaneously.

• Smart Structures and Systems
• /
• v.29 no.1
• /
• pp.77-91
• /
• 2022

Various monitoring systems have been implemented in civil infrastructure to ensure structural safety and integrity. In long-term monitoring, these systems generate a large amount of data, where anomalies are not unusual and can pose unique challenges for structural health monitoring applications, such as system identification and damage detection. Therefore, developing efficient techniques is quite essential to recognize the anomalies in monitoring data. In this study, several machine learning techniques are explored and implemented to detect and classify various types of data anomalies. A field dataset, which consists of one month long acceleration data obtained from a long-span cable-stayed bridge in China, is employed to examine the machine learning techniques for automated data anomaly detection. These techniques include the statistic-based pattern recognition network, spectrogram-based convolutional neural network, image-based time history convolutional neural network, image-based time-frequency hybrid convolution neural network (GoogLeNet), and proposed ensemble neural network model. The ensemble model deliberately combines different machine learning models to enhance anomaly classification performance. The results show that all these techniques can successfully detect and classify six types of data anomalies (i.e., missing, minor, outlier, square, trend, drift). Moreover, both image-based time history convolutional neural network and GoogLeNet are further investigated for the capability of autonomous online anomaly classification and found to effectively classify anomalies with decent performance. As seen in comparison with accuracy, the proposed ensemble neural network model outperforms the other three machine learning techniques. This study also evaluates the proposed ensemble neural network model to a blind test dataset. As found in the results, this ensemble model is effective for data anomaly detection and applicable for the signal characteristics changing over time.

• The Transactions of the Korea Information Processing Society
• /
• v.13 no.3
• /
• pp.130-139
• /
• 2024

Artificial intelligence models are being used to detect facility anomalies using physics data such as vibration, current, and temperature for predictive maintenance in the manufacturing industry. Since the types of facility anomalies, such as facility defects and failures, anomaly detection methods using autoencoder-based unsupervised learning models have been mainly applied. Normal or abnormal facility conditions can be effectively classified using the reconstruction error of the autoencoder, but there is a limit to identifying facility anomalies specifically. When facility anomalies such as unbalance, misalignment, and looseness occur, the facility vibration frequency shows a pattern different from the normal state in a specific frequency range. This paper presents an N-segmentation anomaly detection method that performs anomaly detection by dividing the entire vibration frequency range into N regions. Experiments on nine kinds of anomaly data with different frequencies and amplitudes using vibration data from a compressor showed better performance when N-segmentation was applied. The proposed method helps materialize them after detecting facility anomalies.