• Title/Summary/Keyword: Anomaly

Search Result 2,202, Processing Time 0.022 seconds

A Study on the Gravity Anomaly of Okcheon Group based on the Gravity Measurement around Chung Lake (충주호 주변의 중력 측정에 의한 옥천계의 중력이상 연구)

  • Park, Jong-Oh;Song, Moo-Young
    • Journal of the Korean earth science society
    • /
    • v.32 no.1
    • /
    • pp.12-20
    • /
    • 2011
  • The gravity measurement was conducted at 256 stations around Chungju Lake to study subsurface geological distributions and subterranean mass discontinuities by the results of gravity anomaly in Metamorphic Complex, Okcheon Group, Great Limestone Group of Choson Supergroup, and Cretaceous biotite granites. Okcheon Group showed a high Bouguer gravity anomaly while Great Limestone Group of Choson Supergroup relatively a low anomaly. The mean depth of subterranean mass discontinuities is about 2.0 km and downward along the Suchangri Formation from the Hwanggangri and Moonjuri formations. In general, Okcheon Group appeared shallower than the depth of Great Limestone Group of Choson Supergroup when imaging the subterranean mass discontinuities from the Bouguer gravity anomaly.

A Moving Window Principal Components Analysis Based Anomaly Detection and Mitigation Approach in SDN Network

  • Wang, Mingxin;Zhou, Huachun;Chen, Jia
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.8
    • /
    • pp.3946-3965
    • /
    • 2018
  • Network anomaly detection in Software Defined Networking, especially the detection of DDoS attack, has been given great attention in recent years. It is convenient to build the Traffic Matrix from a global view in SDN. However, the monitoring and management of high-volume feature-rich traffic in large networks brings significant challenges. In this paper, we propose a moving window Principal Components Analysis based anomaly detection and mitigation approach to map data onto a low-dimensional subspace and keep monitoring the network state in real-time. Once the anomaly is detected, the controller will install the defense flow table rules onto the corresponding data plane switches to mitigate the attack. Furthermore, we evaluate our approach with experiments. The Receiver Operating Characteristic curves show that our approach performs well in both detection probability and false alarm probability compared with the entropy-based approach. In addition, the mitigation effect is impressive that our approach can prevent most of the attacking traffic. At last, we evaluate the overhead of the system, including the detection delay and utilization of CPU, which is not excessive. Our anomaly detection approach is lightweight and effective.

Anomaly Detection of Big Time Series Data Using Machine Learning (머신러닝 기법을 활용한 대용량 시계열 데이터 이상 시점탐지 방법론 : 발전기 부품신호 사례 중심)

  • Kwon, Sehyug
    • Journal of Korean Society of Industrial and Systems Engineering
    • /
    • v.43 no.2
    • /
    • pp.33-38
    • /
    • 2020
  • Anomaly detection of Machine Learning such as PCA anomaly detection and CNN image classification has been focused on cross-sectional data. In this paper, two approaches has been suggested to apply ML techniques for identifying the failure time of big time series data. PCA anomaly detection to identify time rows as normal or abnormal was suggested by converting subjects identification problem to time domain. CNN image classification was suggested to identify the failure time by re-structuring of time series data, which computed the correlation matrix of one minute data and converted to tiff image format. Also, LASSO, one of feature selection methods, was applied to select the most affecting variables which could identify the failure status. For the empirical study, time series data was collected in seconds from a power generator of 214 components for 25 minutes including 20 minutes before the failure time. The failure time was predicted and detected 9 minutes 17 seconds before the failure time by PCA anomaly detection, but was not detected by the combination of LASSO and PCA because the target variable was binary variable which was assigned on the base of the failure time. CNN image classification with the train data of 10 normal status image and 5 failure status images detected just one minute before.

Analysts' Cash Flow Forecasts and Accrual Anomaly (재무분석가의 현금흐름예측과 발생액 이상현상)

  • Kim, Jong-Hyun;Chang, Seok-Jin
    • Asia-Pacific Journal of Business
    • /
    • v.11 no.3
    • /
    • pp.137-151
    • /
    • 2020
  • Purpose - The purpose of this study is to investigate whether financial analysts' cash flow forecasts mitigate the accrual anomaly. In addition, we examine whether the more accurate analysts' cash flow forecasts are the greater the decline of the accrual anomaly. Design/methodology/approach - Data used in the empirical tests are extracted through KIS-VALUE and FN-GUIDE, and the sample consists of firms listed on Korea Stock Exchange for 7 years from 2005 to 2011. We test the hypotheses using multiple regression analysis and we also estimate the regressions with the decile ranks of the explanatory variables to minimize the influence of outliers. Findings - We have failed to capture evidence that the provision of financial analysts' cash flow forecasts itself reduces the accrual anomaly. However, we find the accrual anomaly to be less severe when financial analysts provide more accurate cash flow forecasts. The findings are consistent in the regression models with the decile ranks as well as in the robustness tests that controlled the accruals quality. Research implications or Originality - This study contributes to the expansion of related studies in the Korea by providing empirical evidence partially that the financial analysts' cash flow forecasts mitigate the accrual anomaly.

Abnormal Electrocardiogram Signal Detection Based on the BiLSTM Network

  • Asif, Husnain;Choe, Tae-Young
    • International Journal of Contents
    • /
    • v.18 no.2
    • /
    • pp.68-80
    • /
    • 2022
  • The health of the human heart is commonly measured using ECG (Electrocardiography) signals. To identify any anomaly in the human heart, the time-sequence of ECG signals is examined manually by a cardiologist or cardiac electrophysiologist. Lightweight anomaly detection on ECG signals in an embedded system is expected to be popular in the near future, because of the increasing number of heart disease symptoms. Some previous research uses deep learning networks such as LSTM and BiLSTM to detect anomaly signals without any handcrafted feature. Unfortunately, lightweight LSTMs show low precision and heavy LSTMs require heavy computing powers and volumes of labeled dataset for symptom classification. This paper proposes an ECG anomaly detection system based on two level BiLSTM for acceptable precision with lightweight networks, which is lightweight and usable at home. Also, this paper presents a new threshold technique which considers statistics of the current ECG pattern. This paper's proposed model with BiLSTM detects ECG signal anomaly in 0.467 ~ 1.0 F1 score, compared to 0.426 ~ 0.978 F1 score of the similar model with LSTM except one highly noisy dataset.

Anomaly Detection Model Based on Semi-Supervised Learning Using LIME: Focusing on Semiconductor Process (LIME을 활용한 준지도 학습 기반 이상 탐지 모델: 반도체 공정을 중심으로)

  • Kang-Min An;Ju-Eun Shin;Dong Hyun Baek
    • Journal of Korean Society of Industrial and Systems Engineering
    • /
    • v.45 no.4
    • /
    • pp.86-98
    • /
    • 2022
  • Recently, many studies have been conducted to improve quality by applying machine learning models to semiconductor manufacturing process data. However, in the semiconductor manufacturing process, the ratio of good products is much higher than that of defective products, so the problem of data imbalance is serious in terms of machine learning. In addition, since the number of features of data used in machine learning is very large, it is very important to perform machine learning by extracting only important features from among them to increase accuracy and utilization. This study proposes an anomaly detection methodology that can learn excellently despite data imbalance and high-dimensional characteristics of semiconductor process data. The anomaly detection methodology applies the LIME algorithm after applying the SMOTE method and the RFECV method. The proposed methodology analyzes the classification result of the anomaly classification model, detects the cause of the anomaly, and derives a semiconductor process requiring action. The proposed methodology confirmed applicability and feasibility through application of cases.

Network Anomaly Detection using Association Rule Mining in Network Packets (네트워크 패킷에 대한 연관 마이닝 기법을 적용한 네트워크 비정상 행위 탐지)

  • Oh, Sang-Hyun;Chang, Joong-Hyuk
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.14 no.3
    • /
    • pp.22-29
    • /
    • 2009
  • In previous work, anomaly-based intrusion detection techniques have been widely used to effectively detect various intrusions into a computer. This is because the anomaly-based detection techniques can effectively handle previously unknown intrusion methods. However, most of the previous work assumed that the normal network connections are fixed. For this reason, a new network connection may be regarded as an anomalous event. This paper proposes a new anomaly detection method based on an association-mining algorithm. The proposed method is composed of two phases: intra-packet association mining and inter-packet association mining. The performances of the proposed method are comparatively verified with JAM, which is a conventional representative intrusion detection method.

Techniques for Improving Host-based Anomaly Detection Performance using Attack Event Types and Occurrence Frequencies

  • Juyeon Lee;Daeseon Choi;Seung-Hyun Kim
    • Journal of the Korea Society of Computer and Information
    • /
    • v.28 no.11
    • /
    • pp.89-101
    • /
    • 2023
  • In order to prevent damages caused by cyber-attacks on nations, businesses, and other entities, anomaly detection techniques for early detection of attackers have been consistently researched. Real-time reduction and false positive reduction are essential to promptly prevent external or internal intrusion attacks. In this study, we hypothesized that the type and frequency of attack events would influence the improvement of anomaly detection true positive rates and reduction of false positive rates. To validate this hypothesis, we utilized the 2015 login log dataset from the Los Alamos National Laboratory. Applying the preprocessed data to representative anomaly detection algorithms, we confirmed that using characteristics that simultaneously consider the type and frequency of attack events is highly effective in reducing false positives and execution time for anomaly detection.

A Study on Detection of Abnormal Patterns Based on AI·IoT to Support Environmental Management of Architectural Spaces (건축공간 환경관리 지원을 위한 AI·IoT 기반 이상패턴 검출에 관한 연구)

  • Kang, Tae-Wook
    • Journal of KIBIM
    • /
    • v.13 no.3
    • /
    • pp.12-20
    • /
    • 2023
  • Deep learning-based anomaly detection technology is used in various fields such as computer vision, speech recognition, and natural language processing. In particular, this technology is applied in various fields such as monitoring manufacturing equipment abnormalities, detecting financial fraud, detecting network hacking, and detecting anomalies in medical images. However, in the field of construction and architecture, research on deep learning-based data anomaly detection technology is difficult due to the lack of digitization of domain knowledge due to late digital conversion, lack of learning data, and difficulties in collecting and processing field data in real time. This study acquires necessary data through IoT (Internet of Things) from the viewpoint of monitoring for environmental management of architectural spaces, converts them into a database, learns deep learning, and then supports anomaly patterns using AI (Artificial Infelligence) deep learning-based anomaly detection. We propose an implementation process. The results of this study suggest an effective environmental anomaly pattern detection solution architecture for environmental management of architectural spaces, proving its feasibility. The proposed method enables quick response through real-time data processing and analysis collected from IoT. In order to confirm the effectiveness of the proposed method, performance analysis is performed through prototype implementation to derive the results.

The Characteristics of the Anomaly Level and Variability of the Monthly Precipitation in Kyeongnam, Korea (경남지방의 월강수량의 변동율과 Anomaly Level의 출현특성)

  • 박종길;이부용
    • Journal of Environmental Science International
    • /
    • v.2 no.3
    • /
    • pp.179-191
    • /
    • 1993
  • This paper aims to know the characteristics of occurrence of the anomaly level and variability of the monthly precipitation in Kyeongnam, Korea. For this study, it was investigated 주e distribution of the annual and cont비y mean precipitation, the precipitation variability and its annual change, and the characteristics of occurrence of the anomaly level in Kyeongnam area the results were summarized as follows : 1) she mean of annual total precipitation averaged over Kyeongnam area is 1433.3mm. I'he spatial distribution of the annual total precipitation shows that in Kyeongnam area, the high rainfall area locates in the southwest area and south coast and the low rainfall area in an inland area. 2) Monthly mean precipitation in llyeongnam area was the highest in July(266.4mm) 각lowed by August(238.0mm), June(210.2mm) in descending order. In summer season, rainfall was concentrated and accounted for 49.9 percent of the annual total precipitation. Because convergence of the warm and humid southwest current which was influenced by Changma and typhoon took place well in this area. 3) The patterns of annual change of precipitaion variability can be divided into two types; One is a coast type and the other an inland type. The variability of precipitation generally appears low in spring and summer season and high in autumn and winter season. This is in accord with the large and small of precipitation. 4) The high frequency of anomaly level was N( Normal)-level and the next was LN( Low Informal) -level and 25(Extremely Subnormal)-level was not appeared in all stations. The occurrence frequency of N level was high in high rainfall area and distinguish성 in spring and summer season but the low rainfall area was not. hey Words : anomaly level, variability, precipitation, coast type, inland type.

  • PDF