scholarly journals Finding new physics without learning about it: anomaly detection as a tool for searches at colliders

2021 ◽  
Vol 81 (1) ◽  
Author(s):  
M. Crispim Romão ◽  
N. F. Castro ◽  
R. Pedro
Keyword(s):  
Anomaly Detection ◽  
New Physics ◽  
Machine Learning Techniques ◽  
Detection Methods ◽  
Support Vector ◽  
Support Vector Data Description ◽  
Vector Data ◽  
Detection Techniques ◽  
Learning Techniques ◽  
New Strategy

AbstractIn this paper we propose a new strategy, based on anomaly detection methods, to search for new physics phenomena at colliders independently of the details of such new events. For this purpose, machine learning techniques are trained using Standard Model events, with the corresponding outputs being sensitive to physics beyond it. We explore three novel AD methods in HEP: Isolation Forest, Histogram-Based Outlier Detection, and Deep Support Vector Data Description; alongside the most customary Autoencoder. In order to evaluate the sensitivity of the proposed approach, predictions from specific new physics models are considered and compared to those achieved when using fully supervised deep neural networks. A comparison between shallow and deep anomaly detection techniques is also presented. Our results demonstrate the potential of semi-supervised anomaly detection techniques to extensively explore the present and future hadron colliders’ data.

scholarly journals Auto-Threshold Deep SVDD for Anomaly-based Web Application Firewall

2021 ◽  
Author(s):  
Ali Moradi Vartouni ◽  
Matin Shokri ◽  
Mohammad Teshnehlab
Keyword(s):  
Deep Learning ◽  
Anomaly Detection ◽  
Web Application ◽  
Threshold Level ◽  
Web Security ◽  
Detection Methods ◽  
Support Vector ◽  
Support Vector Data Description ◽  
Vector Data ◽  
Deep Support

Protecting websites and applications from cyber-threats is vital for any organization. A Web application firewall (WAF) prevents attacks to damaging applications. This provides a web security by filtering and monitoring traffic network to protect against attacks. A WAF solution based on the anomaly detection can identify zero-day attacks. Deep learning is the state-of-the-art method that is widely used to detect attacks in the anomaly-based WAF area. Although deep learning has demonstrated excellent results on anomaly detection tasks in web requests, there is trade-off between false-positive and missed-attack rates which is a key problem in WAF systems. On the other hand, anomaly detection methods suffer adjusting threshold-level to distinguish attack and normal traffic. In this paper, first we proposed a model based on Deep Support Vector Data Description (Deep SVDD), then we compare two feature extraction strategies, one-hot and bigram, on the raw requests. Second to overcome threshold challenges, we introduce a novel end-to-end algorithm Auto-Threshold Deep SVDD (ATDSVDD) to determine an appropriate threshold during the learning process. As a result we compare our model with other deep models on CSIC-2010 and ECML/PKDD-2007 datasets. Results show ATDSVDD on bigram feature data have better performance in terms of accuracy and generalization. <br>

scholarly journals Auto-Threshold Deep SVDD for Anomaly-based Web Application Firewall

2021 ◽  
Author(s):  
Ali Moradi Vartouni ◽  
Matin Shokri ◽  
Mohammad Teshnehlab
Keyword(s):  
Deep Learning ◽  
Anomaly Detection ◽  
Web Application ◽  
Threshold Level ◽  
Web Security ◽  
Detection Methods ◽  
Support Vector ◽  
Support Vector Data Description ◽  
Vector Data ◽  
Deep Support

Protecting websites and applications from cyber-threats is vital for any organization. A Web application firewall (WAF) prevents attacks to damaging applications. This provides a web security by filtering and monitoring traffic network to protect against attacks. A WAF solution based on the anomaly detection can identify zero-day attacks. Deep learning is the state-of-the-art method that is widely used to detect attacks in the anomaly-based WAF area. Although deep learning has demonstrated excellent results on anomaly detection tasks in web requests, there is trade-off between false-positive and missed-attack rates which is a key problem in WAF systems. On the other hand, anomaly detection methods suffer adjusting threshold-level to distinguish attack and normal traffic. In this paper, first we proposed a model based on Deep Support Vector Data Description (Deep SVDD), then we compare two feature extraction strategies, one-hot and bigram, on the raw requests. Second to overcome threshold challenges, we introduce a novel end-to-end algorithm Auto-Threshold Deep SVDD (ATDSVDD) to determine an appropriate threshold during the learning process. As a result we compare our model with other deep models on CSIC-2010 and ECML/PKDD-2007 datasets. Results show ATDSVDD on bigram feature data have better performance in terms of accuracy and generalization. <br>

Bridge health anomaly detection using deep support vector data description

2021 ◽  
Author(s):  
JianXi Yang ◽  
Fei Yang ◽  
Likai Zhang ◽  
Ren Li ◽  
Shixin Jiang ◽  
...  
Keyword(s):  
Anomaly Detection ◽  
Support Vector ◽  
Support Vector Data Description ◽  
Vector Data ◽  
Data Description ◽  
Deep Support

scholarly journals IoT Dataset Validation Using Machine Learning Techniques for Traffic Anomaly Detection

Electronics ◽  
2021 ◽  
Vol 10 (22) ◽  
pp. 2857
Author(s):  
Laura Vigoya ◽  
Diego Fernandez ◽  
Victor Carneiro ◽  
Francisco Nóvoa
Keyword(s):  
Machine Learning ◽  
Anomaly Detection ◽  
False Positive Rate ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
High Detection Rate ◽  
Security Vulnerabilities ◽  
Smart Systems ◽  
Learning Techniques ◽  
Positive Rate

With advancements in engineering and science, the application of smart systems is increasing, generating a faster growth of the IoT network traffic. The limitations due to IoT restricted power and computing devices also raise concerns about security vulnerabilities. Machine learning-based techniques have recently gained credibility in a successful application for the detection of network anomalies, including IoT networks. However, machine learning techniques cannot work without representative data. Given the scarcity of IoT datasets, the DAD emerged as an instrument for knowing the behavior of dedicated IoT-MQTT networks. This paper aims to validate the DAD dataset by applying Logistic Regression, Naive Bayes, Random Forest, AdaBoost, and Support Vector Machine to detect traffic anomalies in IoT. To obtain the best results, techniques for handling unbalanced data, feature selection, and grid search for hyperparameter optimization have been used. The experimental results show that the proposed dataset can achieve a high detection rate in all the experiments, providing the best mean accuracy of 0.99 for the tree-based models, with a low false-positive rate, ensuring effective anomaly detection.

A Review of Machine Learning Techniques for Anomaly Detection in Static Graphs

2020 ◽  
pp. 146-162
Author(s):  
Hesham M. Al-Ammal
Keyword(s):  
Machine Learning ◽  
Neural Networks ◽  
Anomaly Detection ◽  
Real Life ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Learning Methods ◽  
Data Set ◽  
Learning Techniques ◽  
Vector Machines

Detection of anomalies in a given data set is a vital step in several applications in cybersecurity; including intrusion detection, fraud, and social network analysis. Many of these techniques detect anomalies by examining graph-based data. Analyzing graphs makes it possible to capture relationships, communities, as well as anomalies. The advantage of using graphs is that many real-life situations can be easily modeled by a graph that captures their structure and inter-dependencies. Although anomaly detection in graphs dates back to the 1990s, recent advances in research utilized machine learning methods for anomaly detection over graphs. This chapter will concentrate on static graphs (both labeled and unlabeled), and the chapter summarizes some of these recent studies in machine learning for anomaly detection in graphs. This includes methods such as support vector machines, neural networks, generative neural networks, and deep learning methods. The chapter will reflect the success and challenges of using these methods in the context of graph-based anomaly detection.

Generalized support vector data description for anomaly detection

2020 ◽  
Vol 100 ◽  
pp. 107119 ◽  
Author(s):  
Mehmet Turkoz ◽  
Sangahn Kim ◽  
Youngdoo Son ◽  
Myong K. Jeong ◽  
Elsayed A. Elsayed
Keyword(s):  
Anomaly Detection ◽  
Support Vector ◽  
Support Vector Data Description ◽  
Vector Data ◽  
Data Description

scholarly journals A new approach of anomaly detection in wireless sensor networks using support vector data description

2017 ◽  
Vol 13 (1) ◽  
pp. 155014771668616 ◽  
Author(s):  
Zhen Feng ◽  
Jingqi Fu ◽  
Dajun Du ◽  
Fuqiang Li ◽  
Sizhou Sun
Keyword(s):  
Decision Making ◽  
Wireless Sensor Networks ◽  
Sensor Networks ◽  
Computational Complexity ◽  
Anomaly Detection ◽  
Wireless Sensor ◽  
Support Vector ◽  
Support Vector Data Description ◽  
Vector Data ◽  
Data Description

Anomaly detection is an important challenge in wireless sensor networks for some applications, which require efficient, accurate, and timely data analysis to facilitate critical decision making and situation awareness. Support vector data description is well applied to anomaly detection using a very attractive kernel method. However, it has a high computational complexity since the standard version of support vector data description needs to solve quadratic programming problem. In this article, an improved method on the basis of support vector data description is proposed, which reduces the computational complexity and is used for anomaly detection in energy-constraint wireless sensor networks. The main idea is to improve the computational complexity from the training stage and the decision-making stage. First, the strategy of training sample reduction is used to cut back the number of samples and then the sequential minimal optimization algorithm based on the second-order approximation is implemented on the sample set to achieve the goal of reducing the training time. Second, through the analysis of the decision function, the pre-image in the original space corresponding to the center of hyper-sphere in kernel feature space can be obtained. The decision complexity is reduced from O( l) to O(1) using the pre-image. Eventually, the experimental results on several benchmark datasets and real wireless sensor networks datasets demonstrate that the proposed method can not only guarantee detection accuracy but also reduce time complexity.

Sign in / Sign up

Export Citation Format

Share Document