Search results for: climate anomaly
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 2947

Search results for: climate anomaly

2947 Anomaly Detection Based Fuzzy K-Mode Clustering for Categorical Data

Authors: Murat Yazici

Abstract:

Anomalies are irregularities found in data that do not adhere to a well-defined standard of normal behavior. The identification of outliers or anomalies in data has been a subject of study within the statistics field since the 1800s. Over time, a variety of anomaly detection techniques have been developed in several research communities. The cluster analysis can be used to detect anomalies. It is the process of associating data with clusters that are as similar as possible while dissimilar clusters are associated with each other. Many of the traditional cluster algorithms have limitations in dealing with data sets containing categorical properties. To detect anomalies in categorical data, fuzzy clustering approach can be used with its advantages. The fuzzy k-Mode (FKM) clustering algorithm, which is one of the fuzzy clustering approaches, by extension to the k-means algorithm, is reported for clustering datasets with categorical values. It is a form of clustering: each point can be associated with more than one cluster. In this paper, anomaly detection is performed on two simulated data by using the FKM cluster algorithm. As a significance of the study, the FKM cluster algorithm allows to determine anomalies with their abnormality degree in contrast to numerous anomaly detection algorithms. According to the results, the FKM cluster algorithm illustrated good performance in the anomaly detection of data, including both one anomaly and more than one anomaly.

Keywords: fuzzy k-mode clustering, anomaly detection, noise, categorical data

Procedia PDF Downloads 55
2946 Use of Hierarchical Temporal Memory Algorithm in Heart Attack Detection

Authors: Tesnim Charrad, Kaouther Nouira, Ahmed Ferchichi

Abstract:

In order to reduce the number of deaths due to heart problems, we propose the use of Hierarchical Temporal Memory Algorithm (HTM) which is a real time anomaly detection algorithm. HTM is a cortical learning algorithm based on neocortex used for anomaly detection. In other words, it is based on a conceptual theory of how the human brain can work. It is powerful in predicting unusual patterns, anomaly detection and classification. In this paper, HTM have been implemented and tested on ECG datasets in order to detect cardiac anomalies. Experiments showed good performance in terms of specificity, sensitivity and execution time.

Keywords: cardiac anomalies, ECG, HTM, real time anomaly detection

Procedia PDF Downloads 231
2945 Facility Anomaly Detection with Gaussian Mixture Model

Authors: Sunghoon Park, Hank Kim, Jinwon An, Sungzoon Cho

Abstract:

Internet of Things allows one to collect data from facilities which are then used to monitor them and even predict malfunctions in advance. Conventional quality control methods focus on setting a normal range on a sensor value defined between a lower control limit and an upper control limit, and declaring as an anomaly anything falling outside it. However, interactions among sensor values are ignored, thus leading to suboptimal performance. We propose a multivariate approach which takes into account many sensor values at the same time. In particular Gaussian Mixture Model is used which is trained to maximize likelihood value using Expectation-Maximization algorithm. The number of Gaussian component distributions is determined by Bayesian Information Criterion. The negative Log likelihood value is used as an anomaly score. The actual usage scenario goes like a following. For each instance of sensor values from a facility, an anomaly score is computed. If it is larger than a threshold, an alarm will go off and a human expert intervenes and checks the system. A real world data from Building energy system was used to test the model.

Keywords: facility anomaly detection, gaussian mixture model, anomaly score, expectation maximization algorithm

Procedia PDF Downloads 272
2944 Machine Learning Approach for Anomaly Detection in the Simulated Iec-60870-5-104 Traffic

Authors: Stepan Grebeniuk, Ersi Hodo, Henri Ruotsalainen, Paul Tavolato

Abstract:

Substation security plays an important role in the power delivery system. During the past years, there has been an increase in number of attacks on automation networks of the substations. In spite of that, there hasn’t been enough focus dedicated to the protection of such networks. Aiming to design a specialized anomaly detection system based on machine learning, in this paper we will discuss the IEC 60870-5-104 protocol that is used for communication between substation and control station and focus on the simulation of the substation traffic. Firstly, we will simulate the communication between substation slave and server. Secondly, we will compare the system's normal behavior and its behavior under the attack, in order to extract the right features which will be needed for building an anomaly detection system. Lastly, based on the features we will suggest the anomaly detection system for the asynchronous protocol IEC 60870-5-104.

Keywords: Anomaly detection, IEC-60870-5-104, Machine learning, Man-in-the-Middle attacks, Substation security

Procedia PDF Downloads 370
2943 Data-Centric Anomaly Detection with Diffusion Models

Authors: Sheldon Liu, Gordon Wang, Lei Liu, Xuefeng Liu

Abstract:

Anomaly detection, also referred to as one-class classification, plays a crucial role in identifying product images that deviate from the expected distribution. This study introduces Data-centric Anomaly Detection with Diffusion Models (DCADDM), presenting a systematic strategy for data collection and further diversifying the data with image generation via diffusion models. The algorithm addresses data collection challenges in real-world scenarios and points toward data augmentation with the integration of generative AI capabilities. The paper explores the generation of normal images using diffusion models. The experiments demonstrate that with 30% of the original normal image size, modeling in an unsupervised setting with state-of-the-art approaches can achieve equivalent performances. With the addition of generated images via diffusion models (10% equivalence of the original dataset size), the proposed algorithm achieves better or equivalent anomaly localization performance.

Keywords: diffusion models, anomaly detection, data-centric, generative AI

Procedia PDF Downloads 84
2942 Integrating RAG with Prompt Engineering for Dynamic Log Parsing and Anomaly Detections

Authors: Liu Lin Xin

Abstract:

With the increasing complexity of systems, log parsing and anomaly detection have become crucial for maintaining system stability. However, traditional methods often struggle with adaptability and accuracy, especially when dealing with rapidly evolving log content and unfamiliar domains. To address these challenges, this paper proposes approach that integrates Retrieval Augmented Generation (RAG) technology with Prompt Engineering for Large Language Models, applied specifically in LogPrompt. This approach enables dynamic log parsing and intelligent anomaly detection by combining real-time information retrieval with prompt optimization. The proposed method significantly enhances the adaptability of log analysis and improves the interpretability of results. Experimental results on several public datasets demonstrate the method's superior performance, particularly in scenarios lacking training data, where it significantly outperforms traditional methods. This paper introduces a novel technical pathway for log parsing and anomaly detection, showcasing the substantial theoretical value and practical potential.

Keywords: log parsing, anomaly detection, RAG, prompt engineering, LLMs

Procedia PDF Downloads 36
2941 Image Recognition and Anomaly Detection Powered by GANs: A Systematic Review

Authors: Agastya Pratap Singh

Abstract:

Generative Adversarial Networks (GANs) have emerged as powerful tools in the fields of image recognition and anomaly detection due to their ability to model complex data distributions and generate realistic images. This systematic review explores recent advancements and applications of GANs in both image recognition and anomaly detection tasks. We discuss various GAN architectures, such as DCGAN, CycleGAN, and StyleGAN, which have been tailored to improve accuracy, robustness, and efficiency in visual data analysis. In image recognition, GANs have been used to enhance data augmentation, improve classification models, and generate high-quality synthetic images. In anomaly detection, GANs have proven effective in identifying rare and subtle abnormalities across various domains, including medical imaging, cybersecurity, and industrial inspection. The review also highlights the challenges and limitations associated with GAN-based methods, such as instability during training and mode collapse, and suggests future research directions to overcome these issues. Through this review, we aim to provide researchers with a comprehensive understanding of the capabilities and potential of GANs in transforming image recognition and anomaly detection practices.

Keywords: generative adversarial networks, image recognition, anomaly detection, DCGAN, CycleGAN, StyleGAN, data augmentation

Procedia PDF Downloads 25
2940 The Projections of Urban Climate Change Using Conformal Cubic Atmospheric Model in Bali, Indonesia

Authors: Laras Tursilowati, Bambang Siswanto

Abstract:

Urban climate change has short- and long-term implications for decision-makers in urban development. The problem for this important metropolitan regional of population and economic value is that there is very little usable information on climate change. Research about urban climate change has been carried out in Bali Indonesia by using Conformal Cubic Atmospheric Model (CCAM) that runs with Representative Concentration Pathway (RCP)4.5. The history data means average data from 1975 to 2005, climate projections with RCP4.5 scenario means average data from 2006 to 2099, and anomaly (urban climate change) is RCP4.5 minus history. The results are the history of temperature between 22.5-27.5 OC, and RCP4.5 between 25.5-29.5 OC. The temperature anomalies can be seen in most of northern Bali that increased by about 1.6 to 2.9 OC. There is a reduced humidity tendency (drier) in most parts of Bali, especially the northern part of Bali, while a small portion in the south increase moisture (wetter). The comfort index of Bali region in history is still relatively comfortable (20-26 OC), but on the condition RCP4.5 there is no comfortable area with index more than 26 OC (hot and dry). This research is expected to be useful to help the government make good urban planning.

Keywords: CCAM, comfort index, IPCC AR5, temperature, urban climate change

Procedia PDF Downloads 144
2939 Dynamic Log Parsing and Intelligent Anomaly Detection Method Combining Retrieval Augmented Generation and Prompt Engineering

Authors: Liu Linxin

Abstract:

As system complexity increases, log parsing and anomaly detection become more and more important in ensuring system stability. However, traditional methods often face the problems of insufficient adaptability and decreasing accuracy when dealing with rapidly changing log contents and unknown domains. To this end, this paper proposes an approach LogRAG, which combines RAG (Retrieval Augmented Generation) technology with Prompt Engineering for Large Language Models, applied to log analysis tasks to achieve dynamic parsing of logs and intelligent anomaly detection. By combining real-time information retrieval and prompt optimisation, this study significantly improves the adaptive capability of log analysis and the interpretability of results. Experimental results show that the method performs well on several public datasets, especially in the absence of training data, and significantly outperforms traditional methods. This paper provides a technical path for log parsing and anomaly detection, demonstrating significant theoretical value and application potential.

Keywords: log parsing, anomaly detection, retrieval-augmented generation, prompt engineering, LLMs

Procedia PDF Downloads 31
2938 Incorporating Anomaly Detection in a Digital Twin Scenario Using Symbolic Regression

Authors: Manuel Alves, Angelica Reis, Armindo Lobo, Valdemar Leiras

Abstract:

In industry 4.0, it is common to have a lot of sensor data. In this deluge of data, hints of possible problems are difficult to spot. The digital twin concept aims to help answer this problem, but it is mainly used as a monitoring tool to handle the visualisation of data. Failure detection is of paramount importance in any industry, and it consumes a lot of resources. Any improvement in this regard is of tangible value to the organisation. The aim of this paper is to add the ability to forecast test failures, curtailing detection times. To achieve this, several anomaly detection algorithms were compared with a symbolic regression approach. To this end, Isolation Forest, One-Class SVM and an auto-encoder have been explored. For the symbolic regression PySR library was used. The first results show that this approach is valid and can be added to the tools available in this context as a low resource anomaly detection method since, after training, the only requirement is the calculation of a polynomial, a useful feature in the digital twin context.

Keywords: anomaly detection, digital twin, industry 4.0, symbolic regression

Procedia PDF Downloads 122
2937 A Dynamic Ensemble Learning Approach for Online Anomaly Detection in Alibaba Datacenters

Authors: Wanyi Zhu, Xia Ming, Huafeng Wang, Junda Chen, Lu Liu, Jiangwei Jiang, Guohua Liu

Abstract:

Anomaly detection is a first and imperative step needed to respond to unexpected problems and to assure high performance and security in large data center management. This paper presents an online anomaly detection system through an innovative approach of ensemble machine learning and adaptive differentiation algorithms, and applies them to performance data collected from a continuous monitoring system for multi-tier web applications running in Alibaba data centers. We evaluate the effectiveness and efficiency of this algorithm with production traffic data and compare with the traditional anomaly detection approaches such as a static threshold and other deviation-based detection techniques. The experiment results show that our algorithm correctly identifies the unexpected performance variances of any running application, with an acceptable false positive rate. This proposed approach has already been deployed in real-time production environments to enhance the efficiency and stability in daily data center operations.

Keywords: Alibaba data centers, anomaly detection, big data computation, dynamic ensemble learning

Procedia PDF Downloads 202
2936 Manufacturing Anomaly Detection Using a Combination of Gated Recurrent Unit Network and Random Forest Algorithm

Authors: Atinkut Atinafu Yilma, Eyob Messele Sefene

Abstract:

Anomaly detection is one of the essential mechanisms to control and reduce production loss, especially in today's smart manufacturing. Quick anomaly detection aids in reducing the cost of production by minimizing the possibility of producing defective products. However, developing an anomaly detection model that can rapidly detect a production change is challenging. This paper proposes Gated Recurrent Unit (GRU) combined with Random Forest (RF) to detect anomalies in the production process in real-time quickly. The GRU is used as a feature detector, and RF as a classifier using the input features from GRU. The model was tested using various synthesis and real-world datasets against benchmark methods. The results show that the proposed GRU-RF outperforms the benchmark methods with the shortest time taken to detect anomalies in the production process. Based on the investigation from the study, this proposed model can eliminate or reduce unnecessary production costs and bring a competitive advantage to manufacturing industries.

Keywords: anomaly detection, multivariate time series data, smart manufacturing, gated recurrent unit network, random forest

Procedia PDF Downloads 121
2935 Magnetic Investigation and 2½D Gravity Profile Modelling across the Beattie Magnetic Anomaly in the Southeastern Karoo Basin, South Africa

Authors: Christopher Baiyegunhi, Oswald Gwavava

Abstract:

The location/source of the Beattie magnetic anomaly (BMA) and interconnectivity of geologic structures at depth have been a topic of investigation for over 30 years. Up to now, no relationship between geological structures (interconnectivity of dolerite intrusions) at depth has been established. Therefore, the environmental impact of fracking the Karoo for shale gas could not be assessed despite the fact that dolerite dykes are groundwater localizers in the Karoo. In this paper, we shed more light to the unanswered questions concerning the possible location of the source of the BMA, the connectivity of geologic structures like dolerite dykes and sills at depth and this relationship needs to be established before the tectonic evolution of the Karoo basin can be fully understood and related to fracking of the Karoo for shale gas. The result of the magnetic investigation and modelling of four gravity profiles that crosses the BMA in the study area reveals that the anomaly, which is part of the Beattie magnetic anomaly tends to divide into two anomalies and continue to trend in an NE-SW direction, the dominant gravity signatures is of long wavelength that is due to a deep source/interface inland and shallows towards the coast, the average depth to the top of the shallow and deep magnetic sources was estimated to be approximately 0.6 km and 15 km, respectively. The BMA become stronger with depth which could be an indication that the source(s) is deep possibly a buried body in the basement. The bean-shaped anomaly also behaves in a similar manner like the BMA thus it could possibly share the same source(s) with the BMA.

Keywords: Beattie magnetic anomaly, magnetic sources, modelling, Karoo Basin

Procedia PDF Downloads 555
2934 Climate Change Scenario Phenomenon in Malaysia: A Case Study in MADA Area

Authors: Shaidatul Azdawiyah Abdul Talib, Wan Mohd Razi Idris, Liew Ju Neng, Tukimat Lihan, Muhammad Zamir Abdul Rasid

Abstract:

Climate change has received great attention worldwide due to the impact of weather causing extreme events. Rainfall and temperature are crucial weather components associated with climate change. In Malaysia, increasing temperatures and changes in rainfall distribution patterns lead to drought and flood events involving agricultural areas, especially rice fields. Muda Agricultural Development Authority (MADA) is the largest rice growing area among the 10 granary areas in Malaysia and has faced floods and droughts in the past due to changing climate. Changes in rainfall and temperature patter affect rice yield. Therefore, trend analysis is important to identify changes in temperature and rainfall patterns as it gives an initial overview for further analysis. Six locations across the MADA area were selected based on the availability of meteorological station (MetMalaysia) data. Historical data (1991 to 2020) collected from MetMalaysia and future climate projection by multi-model ensemble of climate model from CMIP5 (CNRM-CM5, GFDL-CM3, MRI-CGCM3, NorESM1-M and IPSL-CM5A-LR) have been analyzed using Mann-Kendall test to detect the time series trend, together with standardized precipitation anomaly, rainfall anomaly index, precipitation concentration index and temperature anomaly. Future projection data were analyzed based on 3 different periods; early century (2020 – 2046), middle century (2047 – 2073) and late-century (2074 – 2099). Results indicate that the MADA area does encounter extremely wet and dry conditions, leading to drought and flood events in the past. The Mann-Kendall (MK) trend analysis test discovered a significant increasing trend (p < 0.05) in annual rainfall (z = 0.40; s = 15.12) and temperature (z = 0.61; s = 0.04) during the historical period. Similarly, for both RCP 4.5 and RCP 8.5 scenarios, a significant increasing trend (p < 0.05) was found for rainfall (RCP 4.5: z = 0.15; s = 2.55; RCP 8.5: z = 0.41; s = 8.05;) and temperature (RCP 4.5: z = 0.84; s = 0.02; RCP 8.5: z = 0.94; s = 0.05). Under the RCP 4.5 scenario, the average temperature is projected to increase up to 1.6 °C in early century, 2.0 °C in the middle century and 2.4 °C in the late century. In contrast, under RCP 8.5 scenario, the average temperature is projected to increase up to 1.8 °C in the early century, 3.1 °C in the middle century and 4.3 °C in late century. Drought is projected to occur in 2038 and 2043 (early century); 2052 and 2069 (middle century); and 2095, 2097 to 2099 (late century) under RCP 4.5 scenario. As for RCP 8.5 scenario, drought is projected to occur in 2021, 2031 and 2034 (early century); and 2069 (middle century). No drought is projected to occur in the late century under the RCP 8.5 scenario. Thus, this information can be used for the analysis of the impact of climate change scenarios on rice growth and yield besides other crops found in MADA area. Additionally, this study, it would be helpful for researchers and decision-makers in developing applicable adaptation and mitigation strategies to reduce the impact of climate change.

Keywords: climate projection, drought, flood, rainfall, RCP 4.5, RCP 8.5, temperature

Procedia PDF Downloads 79
2933 Anomaly Detection Based on System Log Data

Authors: M. Kamel, A. Hoayek, M. Batton-Hubert

Abstract:

With the increase of network virtualization and the disparity of vendors, the continuous monitoring and detection of anomalies cannot rely on static rules. An advanced analytical methodology is needed to discriminate between ordinary events and unusual anomalies. In this paper, we focus on log data (textual data), which is a crucial source of information for network performance. Then, we introduce an algorithm used as a pipeline to help with the pretreatment of such data, group it into patterns, and dynamically label each pattern as an anomaly or not. Such tools will provide users and experts with continuous real-time logs monitoring capability to detect anomalies and failures in the underlying system that can affect performance. An application of real-world data illustrates the algorithm.

Keywords: logs, anomaly detection, ML, scoring, NLP

Procedia PDF Downloads 95
2932 Minimum Pension Guarantee in Funded Pension Schemes: Theoretical Model and Global Implementation

Authors: Ishay Wolf

Abstract:

In this study, the financial position of pension actors in the market during the pension system transition toward a more funded capitalized scheme is explored, mainly via an option benefit model. This is enabled by not considering the economy as a single earning cohort. We analytically demonstrate a socio-economic anomaly in the funded pension system, which is in favor of high earning cohorts on at the expense of low earning cohorts. This anomaly is realized by a lack of insurance and exposure to financial and systemic risks. Furthermore, the anomaly might lead to pension re-reform back to unfunded scheme, mostly due to political pressure. We find that a minimum pension guarantee is a rebalance mechanism to this anomaly, which increases the probability to of the sustainable pension scheme. Specifically, we argue that implementing the guarantee with an intra-generational, risk-sharing mechanism is the most efficient way to reduce the effect of this abnormality. Moreover, we exhibit the convergence process toward implementing minimum pension guarantee in many countries which have capitalized their pension systems during the last three decades, particularly among Latin America and CEE countries.

Keywords: benefits, pension scheme, put option, social security

Procedia PDF Downloads 122
2931 Effect of Climate Change Rate in Indonesia against the Shrinking Dimensions of Granules and Plasticity Index of Soils

Authors: Muhammad Rasyid Angkotasan

Abstract:

The soil is a dense granules and arrangement of the pores that are related to each other, so that the water can flow from one point which has higher energy to a point that has lower energy. The flow of water through the pores of the porous ground is urgently needed in water seepage estimates in ground water pumping problems, investigate for underground construction, as well as analyzing the stability of the construction of Weirs. Climate change resulted in long-term changes in the distribution of weather patterns are statistically throughout the period start time of decades to millions of years. In other words, changes in the average weather circumstances or a change in the distribution of weather events, on average, for example, the number of extreme weather events that increasingly a lot or a little. Climate change is limited to a particular regional or can occur in all regions of the Earth. Geographical location between two continents and two oceans and is located around the equator is klimatologis factor is the cause of flooding and drought in Indonesia. This caused Indonesia' geographical position is on a hemisphere with a tropical monsoon climate is very sensitive to climatic anomaly El Nino Southern Oscillation (ENSO). ENSO causes drought occurrence in sea surface temperature conditions in the Pacific Equator warms up to the middle part of the East (El Nino). Based on the analysis of the climate of the last 30 years show that there is a tendency, the formation of a new pattern of climate causes the onset of climate change. The impact of climate change on the occurrence of the agricultural sector is the bergesernya beginning of the dry season which led to the above-mentioned pattern planting due to drought. The impact of climate change (drought) which is very extreme in Indonesia affect the shrinkage dimensions grain land and reduced the value of a percentage of the soil Plasticity Index caused by climate change.

Keywords: climate change, soil shrinkage, plasticity index, shrinking dimensions

Procedia PDF Downloads 239
2930 A Conceptual Analysis of Teams’ Climate Role in the Intrapreneurial Process

Authors: Georgia C. Kosta, Christos S. Nicolaidis

Abstract:

The present paper discusses the role of teams’ climate in the intrapreneurial process. Intrapreneurship, which corresponds for entrepreneurship in existing organizations, puts special emphasis on climate as an influential factor of the intrapreneurial behavior. Although climate exists at every level and in every subgroup of the organizational structure, research focuses mainly on the study of climate that characterizes organization as a whole. However, the climate of a work team may differ radically from the organizational climate, and in fact it can be far more influential. The paper provides a conceptual analysis of organizational climate from the intrapreneurial point of view, and sheds light upon teams’ climate role in the intrapreneurial posture.

Keywords: entrepreneurship, innovation, intrapreneurship, organizational climate, teams’ climate

Procedia PDF Downloads 283
2929 Evaluating Performance of an Anomaly Detection Module with Artificial Neural Network Implementation

Authors: Edward Guillén, Jhordany Rodriguez, Rafael Páez

Abstract:

Anomaly detection techniques have been focused on two main components: data extraction and selection and the second one is the analysis performed over the obtained data. The goal of this paper is to analyze the influence that each of these components has over the system performance by evaluating detection over network scenarios with different setups. The independent variables are as follows: the number of system inputs, the way the inputs are codified and the complexity of the analysis techniques. For the analysis, some approaches of artificial neural networks are implemented with different number of layers. The obtained results show the influence that each of these variables has in the system performance.

Keywords: network intrusion detection, machine learning, artificial neural network, anomaly detection module

Procedia PDF Downloads 344
2928 Reviewing Image Recognition and Anomaly Detection Methods Utilizing GANs

Authors: Agastya Pratap Singh

Abstract:

This review paper examines the emerging applications of generative adversarial networks (GANs) in the fields of image recognition and anomaly detection. With the rapid growth of digital image data, the need for efficient and accurate methodologies to identify and classify images has become increasingly critical. GANs, known for their ability to generate realistic data, have gained significant attention for their potential to enhance traditional image recognition systems and improve anomaly detection performance. The paper systematically analyzes various GAN architectures and their modifications tailored for image recognition tasks, highlighting their strengths and limitations. Additionally, it delves into the effectiveness of GANs in detecting anomalies in diverse datasets, including medical imaging, industrial inspection, and surveillance. The review also discusses the challenges faced in training GANs, such as mode collapse and stability issues, and presents recent advancements aimed at overcoming these obstacles.

Keywords: generative adversarial networks, image recognition, anomaly detection, synthetic data generation, deep learning, computer vision, unsupervised learning, pattern recognition, model evaluation, machine learning applications

Procedia PDF Downloads 32
2927 Intrusion Detection and Prevention System (IDPS) in Cloud Computing Using Anomaly-Based and Signature-Based Detection Techniques

Authors: John Onyima, Ikechukwu Ezepue

Abstract:

Virtualization and cloud computing are among the fast-growing computing innovations in recent times. Organisations all over the world are moving their computing services towards the cloud this is because of its rapid transformation of the organization’s infrastructure and improvement of efficient resource utilization and cost reduction. However, this technology brings new security threats and challenges about safety, reliability and data confidentiality. Evidently, no single security technique can guarantee security or protection against malicious attacks on a cloud computing network hence an integrated model of intrusion detection and prevention system has been proposed. Anomaly-based and signature-based detection techniques will be integrated to enable the network and its host defend themselves with some level of intelligence. The anomaly-base detection was implemented using the local deviation factor graph-based (LDFGB) algorithm while the signature-based detection was implemented using the snort algorithm. Results from this collaborative intrusion detection and prevention techniques show robust and efficient security architecture for cloud computing networks.

Keywords: anomaly-based detection, cloud computing, intrusion detection, intrusion prevention, signature-based detection

Procedia PDF Downloads 308
2926 Uncertainty Quantification of Corrosion Anomaly Length of Oil and Gas Steel Pipelines Based on Inline Inspection and Field Data

Authors: Tammeen Siraj, Wenxing Zhou, Terry Huang, Mohammad Al-Amin

Abstract:

The high resolution inline inspection (ILI) tool is used extensively in the pipeline industry to identify, locate, and measure metal-loss corrosion anomalies on buried oil and gas steel pipelines. Corrosion anomalies may occur singly (i.e. individual anomalies) or as clusters (i.e. a colony of corrosion anomalies). Although the ILI technology has advanced immensely, there are measurement errors associated with the sizes of corrosion anomalies reported by ILI tools due limitations of the tools and associated sizing algorithms, and detection threshold of the tools (i.e. the minimum detectable feature dimension). Quantifying the measurement error in the ILI data is crucial for corrosion management and developing maintenance strategies that satisfy the safety and economic constraints. Studies on the measurement error associated with the length of the corrosion anomalies (in the longitudinal direction of the pipeline) has been scarcely reported in the literature and will be investigated in the present study. Limitations in the ILI tool and clustering process can sometimes cause clustering error, which is defined as the error introduced during the clustering process by including or excluding a single or group of anomalies in or from a cluster. Clustering error has been found to be one of the biggest contributory factors for relatively high uncertainties associated with ILI reported anomaly length. As such, this study focuses on developing a consistent and comprehensive framework to quantify the measurement errors in the ILI-reported anomaly length by comparing the ILI data and corresponding field measurements for individual and clustered corrosion anomalies. The analysis carried out in this study is based on the ILI and field measurement data for a set of anomalies collected from two segments of a buried natural gas pipeline currently in service in Alberta, Canada. Data analyses showed that the measurement error associated with the ILI-reported length of the anomalies without clustering error, denoted as Type I anomalies is markedly less than that for anomalies with clustering error, denoted as Type II anomalies. A methodology employing data mining techniques is further proposed to classify the Type I and Type II anomalies based on the ILI-reported corrosion anomaly information.

Keywords: clustered corrosion anomaly, corrosion anomaly assessment, corrosion anomaly length, individual corrosion anomaly, metal-loss corrosion, oil and gas steel pipeline

Procedia PDF Downloads 310
2925 Combination between Intrusion Systems and Honeypots

Authors: Majed Sanan, Mohammad Rammal, Wassim Rammal

Abstract:

Today, security is a major concern. Intrusion Detection, Prevention Systems and Honeypot can be used to moderate attacks. Many researchers have proposed to use many IDSs ((Intrusion Detection System) time to time. Some of these IDS’s combine their features of two or more IDSs which are called Hybrid Intrusion Detection Systems. Most of the researchers combine the features of Signature based detection methodology and Anomaly based detection methodology. For a signature based IDS, if an attacker attacks slowly and in organized way, the attack may go undetected through the IDS, as signatures include factors based on duration of the events but the actions of attacker do not match. Sometimes, for an unknown attack there is no signature updated or an attacker attack in the mean time when the database is updating. Thus, signature-based IDS fail to detect unknown attacks. Anomaly based IDS suffer from many false-positive readings. So there is a need to hybridize those IDS which can overcome the shortcomings of each other. In this paper we propose a new approach to IDS (Intrusion Detection System) which is more efficient than the traditional IDS (Intrusion Detection System). The IDS is based on Honeypot Technology and Anomaly based Detection Methodology. We have designed Architecture for the IDS in a packet tracer and then implemented it in real time. We have discussed experimental results performed: both the Honeypot and Anomaly based IDS have some shortcomings but if we hybridized these two technologies, the newly proposed Hybrid Intrusion Detection System (HIDS) is capable enough to overcome these shortcomings with much enhanced performance. In this paper, we present a modified Hybrid Intrusion Detection System (HIDS) that combines the positive features of two different detection methodologies - Honeypot methodology and anomaly based intrusion detection methodology. In the experiment, we ran both the Intrusion Detection System individually first and then together and recorded the data from time to time. From the data we can conclude that the resulting IDS are much better in detecting intrusions from the existing IDSs.

Keywords: security, intrusion detection, intrusion prevention, honeypot, anomaly-based detection, signature-based detection, cloud computing, kfsensor

Procedia PDF Downloads 383
2924 mKDNAD: A Network Flow Anomaly Detection Method Based On Multi-teacher Knowledge Distillation

Authors: Yang Yang, Dan Liu

Abstract:

Anomaly detection models for network flow based on machine learning have poor detection performance under extremely unbalanced training data conditions and also have slow detection speed and large resource consumption when deploying on network edge devices. Embedding multi-teacher knowledge distillation (mKD) in anomaly detection can transfer knowledge from multiple teacher models to a single model. Inspired by this, we proposed a state-of-the-art model, mKDNAD, to improve detection performance. mKDNAD mine and integrate the knowledge of one-dimensional sequence and two-dimensional image implicit in network flow to improve the detection accuracy of small sample classes. The multi-teacher knowledge distillation method guides the train of the student model, thus speeding up the model's detection speed and reducing the number of model parameters. Experiments in the CICIDS2017 dataset verify the improvements of our method in the detection speed and the detection accuracy in dealing with the small sample classes.

Keywords: network flow anomaly detection (NAD), multi-teacher knowledge distillation, machine learning, deep learning

Procedia PDF Downloads 123
2923 Multi-scale Spatial and Unified Temporal Feature-fusion Network for Multivariate Time Series Anomaly Detection

Authors: Hang Yang, Jichao Li, Kewei Yang, Tianyang Lei

Abstract:

Multivariate time series anomaly detection is a significant research topic in the field of data mining, encompassing a wide range of applications across various industrial sectors such as traffic roads, financial logistics, and corporate production. The inherent spatial dependencies and temporal characteristics present in multivariate time series introduce challenges to the anomaly detection task. Previous studies have typically been based on the assumption that all variables belong to the same spatial hierarchy, neglecting the multi-level spatial relationships. To address this challenge, this paper proposes a multi-scale spatial and unified temporal feature fusion network, denoted as MSUT-Net, for multivariate time series anomaly detection. The proposed model employs a multi-level modeling approach, incorporating both temporal and spatial modules. The spatial module is designed to capture the spatial characteristics of multivariate time series data, utilizing an adaptive graph structure learning model to identify the multi-level spatial relationships between data variables and their attributes. The temporal module consists of a unified temporal processing module, which is tasked with capturing the temporal features of multivariate time series. This module is capable of simultaneously identifying temporal dependencies among different variables. Extensive testing on multiple publicly available datasets confirms that MSUT-Net achieves superior performance on the majority of datasets. Our method is able to model and accurately detect systems data with multi-level spatial relationships from a spatial-temporal perspective, providing a novel perspective for anomaly detection analysis.

Keywords: data mining, industrial system, multivariate time series, anomaly detection

Procedia PDF Downloads 16
2922 Detecting Anomalous Matches: An Empirical Study from National Basketball Association

Authors: Jacky Liu, Dulani Jayasuriya, Ryan Elmore

Abstract:

Match fixing and anomalous sports events have increasingly threatened the integrity of professional sports, prompting concerns about existing detection methods. This study addresses prior research limitations in match fixing detection, improving the identification of potential fraudulent matches by incorporating advanced anomaly detection techniques. We develop a novel method to identify anomalous matches and player performances by examining series of matches, such as playoffs. Additionally, we investigate bettors' potential profits when avoiding anomaly matches and explore factors behind unusual player performances. Our literature review covers match fixing detection, match outcome forecasting models, and anomaly detection methods, underscoring current limitations and proposing a new sports anomaly detection method. Our findings reveal anomalous series in the 2022 NBA playoffs, with the Phoenix Suns vs Dallas Mavericks series having the lowest natural occurrence probability. We identify abnormal player performances and bettors' profits significantly decrease when post-season matches are included. This study contributes by developing a new approach to detect anomalous matches and player performances, and assisting investigators in identifying responsible parties. While we cannot conclusively establish reasons behind unusual player performances, our findings suggest factors such as team financial difficulties, executive mismanagement, and individual player contract issues.

Keywords: anomaly match detection, match fixing, match outcome forecasting, problematic players identification

Procedia PDF Downloads 80
2921 Anomaly Detection in a Data Center with a Reconstruction Method Using a Multi-Autoencoders Model

Authors: Victor Breux, Jérôme Boutet, Alain Goret, Viviane Cattin

Abstract:

Early detection of anomalies in data centers is important to reduce downtimes and the costs of periodic maintenance. However, there is little research on this topic and even fewer on the fusion of sensor data for the detection of abnormal events. The goal of this paper is to propose a method for anomaly detection in data centers by combining sensor data (temperature, humidity, power) and deep learning models. The model described in the paper uses one autoencoder per sensor to reconstruct the inputs. The auto-encoders contain Long-Short Term Memory (LSTM) layers and are trained using the normal samples of the relevant sensors selected by correlation analysis. The difference signal between the input and its reconstruction is then used to classify the samples using feature extraction and a random forest classifier. The data measured by the sensors of a data center between January 2019 and May 2020 are used to train the model, while the data between June 2020 and May 2021 are used to assess it. Performances of the model are assessed a posteriori through F1-score by comparing detected anomalies with the data center’s history. The proposed model outperforms the state-of-the-art reconstruction method, which uses only one autoencoder taking multivariate sequences and detects an anomaly with a threshold on the reconstruction error, with an F1-score of 83.60% compared to 24.16%.

Keywords: anomaly detection, autoencoder, data centers, deep learning

Procedia PDF Downloads 194
2920 The Use of Image Processing Responses Tools Applied to Analysing Bouguer Gravity Anomaly Map (Tangier-Tetuan's Area-Morocco)

Authors: Saad Bakkali

Abstract:

Image processing is a powerful tool for the enhancement of edges in images used in the interpretation of geophysical potential field data. Arial and terrestrial gravimetric surveys were carried out in the region of Tangier-Tetuan. From the observed and measured data of gravity Bouguer gravity anomalies map was prepared. This paper reports the results and interpretations of the transformed maps of Bouguer gravity anomaly of the Tangier-Tetuan area using image processing. Filtering analysis based on classical image process was applied. Operator image process like logarithmic and gamma correction are used. This paper also present the results obtained from this image processing analysis of the enhancement edges of the Bouguer gravity anomaly map of the Tangier-Tetuan zone.

Keywords: bouguer, tangier, filtering, gamma correction, logarithmic enhancement edges

Procedia PDF Downloads 422
2919 A Data-Driven Monitoring Technique Using Combined Anomaly Detectors

Authors: Fouzi Harrou, Ying Sun, Sofiane Khadraoui

Abstract:

Anomaly detection based on Principal Component Analysis (PCA) was studied intensively and largely applied to multivariate processes with highly cross-correlated process variables. Monitoring metrics such as the Hotelling's T2 and the Q statistics are usually used in PCA-based monitoring to elucidate the pattern variations in the principal and residual subspaces, respectively. However, these metrics are ill suited to detect small faults. In this paper, the Exponentially Weighted Moving Average (EWMA) based on the Q and T statistics, T2-EWMA and Q-EWMA, were developed for detecting faults in the process mean. The performance of the proposed methods was compared with that of the conventional PCA-based fault detection method using synthetic data. The results clearly show the benefit and the effectiveness of the proposed methods over the conventional PCA method, especially for detecting small faults in highly correlated multivariate data.

Keywords: data-driven method, process control, anomaly detection, dimensionality reduction

Procedia PDF Downloads 299
2918 The Impact of Climate Change on Cropland Ecosystem in Tibet Plateau

Authors: Weishou Shen, Chunyan Yang, Zhongliang Li

Abstract:

The crop climate productivity and the distribution of cropland reflect long-term adaption of agriculture to climate. In order to fully understand the impact of climate change on cropland ecosystem in Tibet, the spatiotemporal changes of crop climate productivity and cropland distribution were analyzed with the help of GIS and RS software. Results indicated that the climate change to the direction of wet and warm in Tibet in the recent 30 years, with a rate of 0.79℃/10 yr and 23.28 mm/10yr respectively. Correspondingly, the climate productivity increased gradually, with a rate of 346.3kg/(hm2•10a), of which, the fastest-growing rate of the crop climate productivity is in Southern Tibet Mountain- plain-valley. During the study period, the total cropland area increased from 32.54 million ha to 37.13 million ha, and cropland has expanded to higher altitude area and northward. Overall, increased cropland area and crop climate productivity due to climate change plays a positive role for agriculture in Tibet.

Keywords: climate change, productivity, cropland area, Tibet plateau

Procedia PDF Downloads 378