Ramp loss one-class support vector machine; A robust and effective approach to anomaly detection problems

2018 ◽  
Vol 310 ◽  
pp. 223-235 ◽  
Author(s):  
Yingjie Tian ◽  
Mahboubeh Mirzabagheri ◽  
Seyed Mojtaba Hosseini Bamakan ◽  
Huadong Wang ◽  
Qiang Qu
Keyword(s):  
Support Vector Machine ◽  
Anomaly Detection ◽  
Support Vector ◽  
Ramp Loss

scholarly journals Lightweight Anomaly Detection Scheme Using Incremental Principal Component Analysis and Support Vector Machine

Sensors ◽  
2021 ◽  
Vol 21 (23) ◽  
pp. 8017
Author(s):  
Nurfazrina M. Zamry ◽  
Anazida Zainal ◽  
Murad A. Rassam ◽  
Eman H. Alkhammash ◽  
Fuad A. Ghaleb ◽  
...  
Keyword(s):  
Principal Component Analysis ◽  
Support Vector Machine ◽  
Sensor Networks ◽  
Computational Complexity ◽  
Anomaly Detection ◽  
Principal Component ◽  
Support Vector ◽  
Communication Overhead ◽  
Detection Scheme ◽  
Memory Utilization

Wireless Sensors Networks have been the focus of significant attention from research and development due to their applications of collecting data from various fields such as smart cities, power grids, transportation systems, medical sectors, military, and rural areas. Accurate and reliable measurements for insightful data analysis and decision-making are the ultimate goals of sensor networks for critical domains. However, the raw data collected by WSNs usually are not reliable and inaccurate due to the imperfect nature of WSNs. Identifying misbehaviours or anomalies in the network is important for providing reliable and secure functioning of the network. However, due to resource constraints, a lightweight detection scheme is a major design challenge in sensor networks. This paper aims at designing and developing a lightweight anomaly detection scheme to improve efficiency in terms of reducing the computational complexity and communication and improving memory utilization overhead while maintaining high accuracy. To achieve this aim, one-class learning and dimension reduction concepts were used in the design. The One-Class Support Vector Machine (OCSVM) with hyper-ellipsoid variance was used for anomaly detection due to its advantage in classifying unlabelled and multivariate data. Various One-Class Support Vector Machine formulations have been investigated and Centred-Ellipsoid has been adopted in this study due to its effectiveness. Centred-Ellipsoid is the most effective kernel among studies formulations. To decrease the computational complexity and improve memory utilization, the dimensions of the data were reduced using the Candid Covariance-Free Incremental Principal Component Analysis (CCIPCA) algorithm. Extensive experiments were conducted to evaluate the proposed lightweight anomaly detection scheme. Results in terms of detection accuracy, memory utilization, computational complexity, and communication overhead show that the proposed scheme is effective and efficient compared few existing schemes evaluated. The proposed anomaly detection scheme achieved the accuracy higher than 98%, with (𝑛𝑑) memory utilization and no communication overhead.

scholarly journals Comparison of New Anomaly Detection Technique for Wind Turbine Condition Monitoring Using Gearbox SCADA Data

Energies ◽  
2020 ◽  
Vol 13 (19) ◽  
pp. 5152
Author(s):  
Conor McKinnon ◽  
James Carroll ◽  
Alasdair McDonald ◽  
Sofia Koukoura ◽  
David Infield ◽  
...  
Keyword(s):  
Support Vector Machine ◽  
Anomaly Detection ◽  
Wind Turbine ◽  
Condition Monitoring ◽  
Support Vector ◽  
Specific Training ◽  
Average Accuracy ◽  
Operations And Maintenance ◽  
Novel Method ◽  
Isolation Forest

Anomaly detection for wind turbine condition monitoring is an active area of research within the wind energy operations and maintenance (O & M) community. In this paper three models were compared for multi-megawatt operational wind turbine SCADA data. The models used for comparison were One-Class Support Vector Machine (OCSVM), Isolation Forest (IF), and Elliptical Envelope (EE). Each of these were compared for the same fault, and tested under various different data configurations. IF and EE have not previously been used for fault detection for wind turbines, and OCSVM has not been used for SCADA data. This paper presents a novel method of condition monitoring that only requires two months of data per turbine. These months were separated by a year, the first being healthy and the second unhealthy. The number of anomalies is compared, with a greater number in the unhealthy month being considered correct. It was found that for accuracy IF and OCSVM had similar performances in both training regimes presented. OCSVM performed better for generic training, and IF performed better for specific training. Overall, IF and OCSVM had an average accuracy of 82% for all configurations considered, compared to 77% for EE.

Anomaly Detection for Industrial Control Networks Based on Improved One-Class Support Vector Machine

2020 ◽  
pp. 2150012
Author(s):  
Haicheng Qu ◽  
Jianzhong Zhou ◽  
Jitao Qin ◽  
Xiaorong Tian
Keyword(s):  
Machine Learning ◽  
Support Vector Machine ◽  
Anomaly Detection ◽  
Support Vector ◽  
Industrial Control ◽  
Control Networks ◽  
Detection Algorithms ◽  
Hinge Loss ◽  
Feature Fitting ◽  
Industrial Control Networks

In traditional network anomaly detection algorithms, the anomaly threshold needs to be defined manually. Keeping this as background, this study proposes an anomaly detection algorithm (VAEOCSVM), which combines the variable auto-encoder (VAE) and one-class support vector machine (OCSVM) to realize anomaly detection in industrial control networks. First, the VAE model is used to obtain the distribution of the original normal sample data represented by the low-dimensional code; the reconstruction error of the VAE model is merged into the new input. Then, using OCSVM’s hinge-loss objective function and the random Fourier feature fitting radial basis function (RBF) kernel method, the OCSVM model is represented and solved using the deep neural network and gradient descent method. Finally, the decision function of the OCSVM model is constructed by using the solved parameter information to realize the detection of abnormal data. The proposed algorithm is compared with other machine-learning-based anomaly detection algorithms in terms of multiple indicators such as precision, recall, and [Formula: see text] score. The experimental results using various datasets show that the proposed algorithm has a better outlier recognition ability than the machine-learning-based anomaly detection algorithms.

COMPUTER INTRUSION DETECTION WITH CLASSIFICATION AND ANOMALY DETECTION, USING SVMs

2003 ◽  
Vol 17 (03) ◽  
pp. 441-458 ◽  
Author(s):  
MIKE FUGATE ◽  
JAMES R. GATTIKER
Keyword(s):  
Support Vector Machine ◽  
Intrusion Detection ◽  
Anomaly Detection ◽  
Mahalanobis Distance ◽  
Supervised Classification ◽  
Cyber Attacks ◽  
Support Vector ◽  
Joint Performance ◽  
Modeling And Prediction ◽  
Computer Intrusion Detection

This paper describes experiences and results applying Support Vector Machine (SVM) to a Computer Intrusion Detection (CID) dataset. First, issues in supervised classification are discussed, then the incorporation of anomaly detection enhancing the modeling and prediction of cyber-attacks. SVM methods are seen as competitive with benchmark methods and other studies, and are used as a standard for the anomaly detection investigation. The anomaly detection approaches compare one class SVMs with a thresholded Mahalanobis distance to define support regions. Results compare the performance of the methods and investigate joint performance of classification and anomaly detection. The dataset used is the DARPA/KDD-99 publicly available dataset of features from network packets, classified into nonattack and four-attack categories.

Sign in / Sign up

Export Citation Format

Share Document