• 한국BIM학회 논문집
• /
• 제13권3호
• /
• pp.12-20
• /
• 2023

Deep learning-based anomaly detection technology is used in various fields such as computer vision, speech recognition, and natural language processing. In particular, this technology is applied in various fields such as monitoring manufacturing equipment abnormalities, detecting financial fraud, detecting network hacking, and detecting anomalies in medical images. However, in the field of construction and architecture, research on deep learning-based data anomaly detection technology is difficult due to the lack of digitization of domain knowledge due to late digital conversion, lack of learning data, and difficulties in collecting and processing field data in real time. This study acquires necessary data through IoT (Internet of Things) from the viewpoint of monitoring for environmental management of architectural spaces, converts them into a database, learns deep learning, and then supports anomaly patterns using AI (Artificial Infelligence) deep learning-based anomaly detection. We propose an implementation process. The results of this study suggest an effective environmental anomaly pattern detection solution architecture for environmental management of architectural spaces, proving its feasibility. The proposed method enables quick response through real-time data processing and analysis collected from IoT. In order to confirm the effectiveness of the proposed method, performance analysis is performed through prototype implementation to derive the results.

• 한국멀티미디어학회논문지
• /
• 제10권12호
• /
• pp.1726-1732
• /
• 2007

The rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network security. Anomaly detection is a pattern recognition task whose goal is to report the occurrence of abnormal or unknown behavior in a given system being monitored. This paper presents an efficient rough set based anomaly detection method that can effectively identify a group of especially harmful internal attackers - masqueraders in cellular mobile networks. Our scheme uses the trace data of wireless application layer by a user as feature value. Based on this, the used pattern of a mobile's user can be captured by rough sets, and the abnormal behavior of the mobile can be also detected effectively by applying a roughness membership function with the age of the user profile. The performance of the proposed scheme is evaluated by using a simulation. Simulation results demonstrate that the anomalies are well detected by the proposed scheme that considers the age of user profiles.

• Journal of the Korean Data and Information Science Society
• /
• 제18권2호
• /
• pp.315-326
• /
• 2007

The rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network security. Anomaly detection is a pattern recognition task whose goal is to report the occurrence of abnormal or unknown behavior in a given system being monitored. This paper presents a dynamic anomaly detection scheme that can effectively identify a group of especially harmful internal masqueraders in cellular mobile networks. Our scheme uses the trace data of wireless application layer by a user as feature value. Based on the feature values, the use pattern of a mobile's user can be captured by rough sets, and the abnormal behavior of the mobile can be also detected effectively by applying a roughness membership function with both the age of the user profile and weighted feature values. The performance of our scheme is evaluated by a simulation. Simulation results demonstrate that the anomalies are well detected by the proposed dynamic scheme that considers the age of user profiles.

• 한국방송∙미디어공학회:학술대회논문집
• /
• 한국방송∙미디어공학회 2022년도 추계학술대회
• /
• pp.171-174
• /
• 2022

Weakly-supervised learning is a widely adopted approach in video anomaly detection whereby only video labels are utilized instead of expensive frame-level annotations. Since the success of multi-instance learning (MIL), almost all recent approaches are based on maximizing the margin between the set of abnormal video snippets and those of normal video snippets. In this work, we present a simple contrastive approach for weakly supervised video anomaly detection (WS-VAD) with aims to enhance the performance of existing models. The method is generic in nature and introduces a loss function to encourage attraction of output features from the same video class and repel those from different video classes. Experimental results demonstrate our method can be applied to existing algorithms to improve detection accuracy in public video anomaly dataset.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2021년도 춘계학술대회
• /
• pp.581-583
• /
• 2021

코로나19의 펜데믹 현상으로 인하여 모바일 서비스의 활용 비중이 높아지고 있다. 그러나, 대부분의 모바일 장비에 대한 이상 현상을 장비의 알람 중심으로 인지하므로, 복잡한 장애가 발생할 경우에 직관적으로 장비의 문제 판별하기 어려운 한계가 발생한다. 이를 보완하기 위해서 본 연구에서는 장비의 알람과 성능 정보를 조합하여 직관적으로 문제를 인지할 수 있도록 RRCF 알고리즘을 활용하여 Anomaly Score 생성하였으며, 과거 장애 이력을 97% 검출하는 효과를 검증하였다.

• ETRI Journal
• /
• 제46권3호
• /
• pp.513-525
• /
• 2024

Deep neural networks trained on labeled medical data face major challenges owing to the economic costs of data acquisition through expensive medical imaging devices, expert labor for data annotation, and large datasets to achieve optimal model performance. The heterogeneity of diseases, such as Alzheimer's disease, further complicates deep learning because the test cases may substantially differ from the training data, possibly increasing the rate of false positives. We propose a reconstruction-based self-supervised anomaly detection model to overcome these challenges. It has a dual-subnetwork encoder that enhances feature encoding augmented by skip connections to the decoder for improving the gradient flow. The novel encoder captures local and global features to improve image reconstruction. In addition, we introduce an entropy-based image conversion method. Extensive evaluations show that the proposed model outperforms benchmark models in anomaly detection and classification using an encoder. The supervised and unsupervised models show improved performances when trained with data preprocessed using the proposed image conversion method.

• Smart Structures and Systems
• /
• 제29권6호
• /
• pp.757-766
• /
• 2022

To train deep learning algorithms, a sufficient number of data are required. However, in most engineering systems, the acquisition of fault data is difficult or sometimes not feasible, while normal data are secured. The dearth of data is one of the major challenges to developing deep learning models, and fault diagnosis in particular cannot be made in the absence of fault data. With this context, this paper proposes an anomaly detection methodology for rotating machines using only normal data with self-labeling. Since only normal data are used for anomaly detection, a self-labeling method is used to generate a new labeled dataset. The overall procedure includes the following three steps: (1) transformation of normal data to self-labeled data based on a pretext task, (2) training the convolutional neural networks (CNN), and (3) anomaly detection using defined anomaly score based on the softmax output of the trained CNN. The softmax value of the abnormal sample shows different behavior from the normal softmax values. To verify the proposed method, four case studies were conducted, on the Case Western Reserve University (CWRU) bearing dataset, IEEE PHM 2012 data challenge dataset, PHMAP 2021 data challenge dataset, and laboratory bearing testbed; and the results were compared to those of existing machine learning and deep learning methods. The results showed that the proposed algorithm could detect faults in the bearing testbed and compressor with over 99.7% accuracy. In particular, it was possible to detect not only bearing faults but also structural faults such as unbalance and belt looseness with very high accuracy. Compared with the existing GAN, the autoencoder-based anomaly detection algorithm, the proposed method showed high anomaly detection performance.

• 인터넷정보학회논문지
• /
• 제25권1호
• /
• pp.109-121
• /
• 2024

섬유, 자동차와 같은 여러 제조 공정에서 설비가 고장이 나 멈추게 되면 기계가 작동하지 않게 되고 이는 기업의 시간적, 금전적 손실로 이어진다. 따라서 설비의 고장이 발생하기 전, 고장을 예측하여 정비할 수 있도록 설비의 이상을 사전에 탐지하는 것이 중요하다. 대부분의 설비 고장 원인은 설비의 필수 부품인 베어링의 고장으로, 베어링의 고장을 진단하는 것은 설비예지보전 연구의 핵심이기도 하다. 본 논문에서는 베어링의 진동 신호를 분석하여 SWT-SVD 전처리 알고리즘을 제안하고 이를 시계열 이상탐지 모델 네트워크 중 하나인 어노멀리 트랜스포머에 적용하여 베어링 이상탐지 모델을 구현한다. 제조공정의 베어링 진동신호는 실시간으로 센서값들의 이력이 작성되어 노이즈가 존재하므로, 이를 줄이기 위해 본 연구에서는 정상 웨이블릿 변환(Stationary Wavelet Transform)을 사용하여 주파수 성분을 추출하고, 특이값 분해(Singular Value Decomposition) 알고리즘을 통해 유의미한 특징들을 추출하는 전처리를 진행한다. 제안하는 SWT-SVD 전처리 방법을 적용한 베어링 이상탐지 모델 실험을 위해 IEEE PHM학회에서 제공하는 PHM-2012-Challenge 데이터 세트를 활용하였으며, 실험 결과는 0.98의 정확도와 0.97의 F1-Score로 우수한 성능을 보였다. 추가로, 성능 향상을 입증하기 위해 선행 연구들과 성능 비교를 진행한다. 비교 실험을 통해 제안한 전처리 방법이 기존의 전처리보다 높은 성능을 보임을 확인하였다.

• Journal of Communications and Networks
• /
• 제18권5호
• /
• pp.818-825
• /
• 2016

Network management and anomaly detection are challenges in high-speed networks due to the high volume of packets that has to be analysed. Flow-based analysis is a scalable method which reduces the high volume of network traffic by dividing it into flows. As sampling methods are extensively used in flow generators such as NetFlow, the impact of sampling on the performance of flow-based analysis needs to be investigated. Monitoring using sampled traffic is a well-studied research area, however, the impact of sampling on flow-based anomaly detection is a poorly researched area. This paper investigates flow sampling methods and shows that these methods have negative impact on flow-based anomaly detection. Therefore, we propose an efficient probabilistic flow sampling method that can preserve flow traffic distribution. The proposed sampling method takes into account two flow features: Destination IP address and octet. The destination IP addresses are sampled based on the number of received bytes. Our method provides efficient sampled traffic which has the required traffic features for both flow-based anomaly detection and monitoring. The proposed sampling method is evaluated using a number of generated flow-based datasets. The results show improvement in preserved malicious flows.

• 한국통신학회논문지
• /
• 제33권5B호
• /
• pp.304-309
• /
• 2008

본 논문에서는 시계열 예측 모델을 이용하여 웡 또는 바이러스 등과 같은 공격 트래픽에 의해 네트워크상에 발생할 수 있는 트래픽 이상 징후를 탐지할 수 있는 예측 모델 기반 트래픽 이상 징후 탐지 기법을 제안한다. 제안 기법은 비교적 정확한 예측모델로 알려져 있는 ARIMA 모델을 이용하였고 이상 징후 여부를 확률값으로 변화하여 확률 임계값에 따라 이상 징후를 탐지하도록 하여 그 성능을 극대화할 수 있도록 하였다. 이를 위해 제안 기법을 네트워크상에 발생시킨 웜과 같은 비정상 공격 트래픽을 포함한 전체 트래픽과 웹 트래픽에 적용하여 트래픽의 이상 징후를 신뢰성 있는 수준에서 탐지함을 보여주었다. 이 기법을 네트워크 기반의 침입탐지시스템에 적용할 강제 큰 효과 가져올 수 있을 것이다.