Anomaly Detection (AD) has been extensively adopted in industrial settings to facilitate quality control of products. It is critical to industrial production, especially to areas such as aircraft manufacturing, which ...Anomaly Detection (AD) has been extensively adopted in industrial settings to facilitate quality control of products. It is critical to industrial production, especially to areas such as aircraft manufacturing, which require strict part qualification rates. Although being more efficient and practical, few-shot AD has not been well explored. The existing AD methods only extract features in a single frequency while defects exist in multiple frequency domains. Moreover, current methods have not fully leveraged the few-shot support samples to extract input-related normal patterns. To address these issues, we propose an industrial few-shot AD method, Feature Extender for Anomaly Detection (FEAD), which extracts normal patterns in multiple frequency domains from few-shot samples under the guidance of the input sample. Firstly, to achieve better coverage of normal patterns in the input sample, we introduce a Sample-Conditioned Transformation Module (SCTM), which transforms support features under the guidance of the input sample to obtain extra normal patterns. Secondly, to effectively distinguish and localize anomaly patterns in multiple frequency domains, we devise an Adaptive Descriptor Construction Module (ADCM) to build and select pattern descriptors in a series of frequencies adaptively. Finally, an auxiliary task for SCTM is designed to ensure the diversity of transformations and include more normal patterns into support features. Extensive experiments on two widely used industrial AD datasets (MVTec-AD and VisA) demonstrate the effectiveness of the proposed FEAD.展开更多
Potential high-temperature risks exist in heat-prone components of electric moped charging devices,such as sockets,interfaces,and controllers.Traditional detection methods have limitations in terms of real-time perfor...Potential high-temperature risks exist in heat-prone components of electric moped charging devices,such as sockets,interfaces,and controllers.Traditional detection methods have limitations in terms of real-time performance and monitoring scope.To address this,a temperature detection method based on infrared image processing has been proposed:utilizing the median filtering algorithm to denoise the original infrared image,then applying an image segmentation algorithm to divide the image.展开更多
The rapid proliferation of electric vehicle(EV)charging infrastructure introduces critical cybersecurity vulnerabilities to power grids system.This study presents an innovative anomaly detection framework for EV charg...The rapid proliferation of electric vehicle(EV)charging infrastructure introduces critical cybersecurity vulnerabilities to power grids system.This study presents an innovative anomaly detection framework for EV charging stations,addressing the unique challenges posed by third-party aggregation platforms.Our approach integrates node equations-based on the parameter identification with a novel deep learning model,xDeepCIN,to detect abnormal data reporting indicative of aggregation attacks.We employ a graph-theoretic approach to model EV charging networks and utilize Markov Chain Monte Carlo techniques for accurate parameter estimation.The xDeepCIN model,incorporating a Compressed Interaction Network,has the ability to capture complex feature interactions in sparse,high-dimensional charging data.Experimental results on both proprietary and public datasets demonstrate significant improvements in anomaly detection performance,with F1-scores increasing by up to 32.3%for specific anomaly types compared to traditional methods,such as wide&deep and DeepFM(Factorization-Machine).Our framework exhibits robust scalability,effectively handling networks ranging from 8 to 85 charging points.Furthermore,we achieve real-time monitoring capabilities,with parameter identification completing within seconds for networks up to 1000 nodes.This research contributes to enhancing the security and reliability of renewable energy systems against evolving cyber threats,offering a comprehensive solution for safeguarding the rapidly expanding EV charging infrastructure.展开更多
As more and more devices in Cyber-Physical Systems(CPS)are connected to the Internet,physical components such as programmable logic controller(PLC),sensors,and actuators are facing greater risks of network attacks,and...As more and more devices in Cyber-Physical Systems(CPS)are connected to the Internet,physical components such as programmable logic controller(PLC),sensors,and actuators are facing greater risks of network attacks,and fast and accurate attack detection techniques are crucial.The key problem in distinguishing between normal and abnormal sequences is to model sequential changes in a large and diverse field of time series.To address this issue,we propose an anomaly detection method based on distributed deep learning.Our method uses a bilateral filtering algorithm for sequential sequences to remove noise in the time series,which can maintain the edge of discrete features.We use a distributed linear deep learning model to establish a sequential prediction model and adjust the threshold for anomaly detection based on the prediction error of the validation set.Our method can not only detect abnormal attacks but also locate the sensors that cause anomalies.We conducted experiments on the Secure Water Treatment(SWAT)and Water Distribution(WADI)public datasets.The experimental results show that our method is superior to the baseline method in identifying the types of attacks and detecting efficiency.展开更多
The rapid integration of Internet of Things(IoT)technologies is reshaping the global energy landscape by deploying smart meters that enable high-resolution consumption monitoring,two-way communication,and advanced met...The rapid integration of Internet of Things(IoT)technologies is reshaping the global energy landscape by deploying smart meters that enable high-resolution consumption monitoring,two-way communication,and advanced metering infrastructure services.However,this digital transformation also exposes power system to evolving threats,ranging from cyber intrusions and electricity theft to device malfunctions,and the unpredictable nature of these anomalies,coupled with the scarcity of labeled fault data,makes realtime detection exceptionally challenging.To address these difficulties,a real-time decision support framework is presented for smart meter anomality detection that leverages rolling time windows and two self-supervised contrastive learning modules.The first module synthesizes diverse negative samples to overcome the lack of labeled anomalies,while the second captures intrinsic temporal patterns for enhanced contextual discrimination.The end-to-end framework continuously updates its model with rolling updated meter data to deliver timely identification of emerging abnormal behaviors in evolving grids.Extensive evaluations on eight publicly available smart meter datasets over seven diverse abnormal patterns testing demonstrate the effectiveness of the proposed full framework,achieving average recall and F1 score of more than 0.85.展开更多
The exponential expansion of the Internet of Things(IoT),Industrial Internet of Things(IIoT),and Transportation Management of Things(TMoT)produces vast amounts of real-time streaming data.Ensuring system dependability...The exponential expansion of the Internet of Things(IoT),Industrial Internet of Things(IIoT),and Transportation Management of Things(TMoT)produces vast amounts of real-time streaming data.Ensuring system dependability,operational efficiency,and security depends on the identification of anomalies in these dynamic and resource-constrained systems.Due to their high computational requirements and inability to efficiently process continuous data streams,traditional anomaly detection techniques often fail in IoT systems.This work presents a resource-efficient adaptive anomaly detection model for real-time streaming data in IoT systems.Extensive experiments were carried out on multiple real-world datasets,achieving an average accuracy score of 96.06%with an execution time close to 7.5 milliseconds for each individual streaming data point,demonstrating its potential for real-time,resourceconstrained applications.The model uses Principal Component Analysis(PCA)for dimensionality reduction and a Z-score technique for anomaly detection.It maintains a low computational footprint with a sliding window mechanism,enabling incremental data processing and identification of both transient and sustained anomalies without storing historical data.The system uses a Multivariate Linear Regression(MLR)based imputation technique that estimates missing or corrupted sensor values,preserving data integrity prior to anomaly detection.The suggested solution is appropriate for many uses in smart cities,industrial automation,environmental monitoring,IoT security,and intelligent transportation systems,and is particularly well-suited for resource-constrained edge devices.展开更多
The original monitoring data from aero-engines possess characteristics such as high dimen-sionality,strong noise,and imbalance,which present substantial challenges to traditional anomalydetection methods.In response,t...The original monitoring data from aero-engines possess characteristics such as high dimen-sionality,strong noise,and imbalance,which present substantial challenges to traditional anomalydetection methods.In response,this paper proposes a method based on Fuzzy Fusion of variablesand Discriminant mapping of features for Clustering(FFD-Clustering)to detect anomalies in originalmonitoring data from Aircraft Communication Addressing and Reporting System(ACARS).Firstly,associated variables are fuzzily grouped to extract the underlying distribution characteristics and trendsfrom the data.Secondly,a multi-layer contrastive denoising-based feature Fusion Encoding Network(FEN)is designed for each variable group,which can construct representative features for each variablegroup through eliminating strong noise and complex interrelations between variables.Thirdly,a featureDiscriminative Mapping Network(DMN)based on reconstruction difference re-clustering is designed,which can distinguish dissimilar feature vectors when mapping representative features to a unified fea-ture space.Finally,the K-means clustering is used to detect the abnormal feature vectors in the unifiedfeature space.Additionally,the algorithm is capable of reconstructing identified abnormal vectors,thereby locating the abnormal variable groups.The performance of this algorithm was tested ontwo public datasets and real original monitoring data from four aero-engines'ACARS,demonstratingits superiority and application potential in aero-engine anomaly detection.展开更多
Detecting sitting posture abnormalities in wheelchair users enables early identification of changes in their functional status.To date,this detection has relied on in-person observation by medical specialists.However,...Detecting sitting posture abnormalities in wheelchair users enables early identification of changes in their functional status.To date,this detection has relied on in-person observation by medical specialists.However,given the challenges faced by health specialists to carry out continuous monitoring,the development of an intelligent anomaly detection system is proposed.Unlike other authors,where they use supervised techniques,this work proposes using unsupervised techniques due to the advantages they offer.These advantages include the lack of prior labeling of data,and the detection of anomalies previously not contemplated,among others.In the present work,an individualized methodology consisting of two phases is developed:characterizing the normal sitting pattern and determining abnormal samples.An analysis has been carried out between different unsupervised techniques to study which ones are more suitable for postural diagnosis.It can be concluded,among other aspects,that the utilization of dimensionality reduction techniques leads to improved results.Moreover,the normality characterization phase is deemed necessary for enhancing the system’s learning capabilities.Additionally,employing an individualized approach to the model aids in capturing the particularities of the various pathologies present among subjects.展开更多
Time series anomaly detection is crucial in finance,healthcare,and industrial monitoring.However,traditional methods often face challenges when handling time series data,such as limited feature extraction capability,p...Time series anomaly detection is crucial in finance,healthcare,and industrial monitoring.However,traditional methods often face challenges when handling time series data,such as limited feature extraction capability,poor temporal dependency handling,and suboptimal real-time performance,sometimes even neglecting the temporal relationships between data.To address these issues and improve anomaly detection performance by better capturing temporal dependencies,we propose an unsupervised time series anomaly detection method,VLT-Anomaly.First,we enhance the Variational Autoencoder(VAE)module by redesigning its network structure to better suit anomaly detection through data reconstruction.We introduce hyperparameters to control the weight of the Kullback-Leibler(KL)divergence term in the Evidence Lower Bound(ELBO),thereby improving the encoder module’s decoupling and expressive power in the latent space,which yields more effective latent representations of the data.Next,we incorporate transformer and Long Short-Term Memory(LSTM)modules to estimate the long-term dependencies of the latent representations,capturing both forward and backward temporal relationships and performing time series forecasting.Finally,we compute the reconstruction error by averaging the predicted results and decoder reconstruction and detect anomalies through grid search for optimal threshold values.Experimental results demonstrate that the proposed method performs superior anomaly detection on multiple public time series datasets,effectively extracting complex time-related features and enabling efficient computation and real-time anomaly detection.It improves detection accuracy and robustness while reducing false positives and false negatives.展开更多
In recent years,there has been a concerted effort to improve anomaly detection tech-niques,particularly in the context of high-dimensional,distributed clinical data.Analysing patient data within clinical settings reve...In recent years,there has been a concerted effort to improve anomaly detection tech-niques,particularly in the context of high-dimensional,distributed clinical data.Analysing patient data within clinical settings reveals a pronounced focus on refining diagnostic accuracy,personalising treatment plans,and optimising resource allocation to enhance clinical outcomes.Nonetheless,this domain faces unique challenges,such as irregular data collection,inconsistent data quality,and patient-specific structural variations.This paper proposed a novel hybrid approach that integrates heuristic and stochastic methods for anomaly detection in patient clinical data to address these challenges.The strategy combines HPO-based optimal Density-Based Spatial Clustering of Applications with Noise for clustering patient exercise data,facilitating efficient anomaly identification.Subsequently,a stochastic method based on the Interquartile Range filters unreliable data points,ensuring that medical tools and professionals receive only the most pertinent and accurate information.The primary objective of this study is to equip healthcare pro-fessionals and researchers with a robust tool for managing extensive,high-dimensional clinical datasets,enabling effective isolation and removal of aberrant data points.Furthermore,a sophisticated regression model has been developed using Automated Machine Learning(AutoML)to assess the impact of the ensemble abnormal pattern detection approach.Various statistical error estimation techniques validate the efficacy of the hybrid approach alongside AutoML.Experimental results show that implementing this innovative hybrid model on patient rehabilitation data leads to a notable enhance-ment in AutoML performance,with an average improvement of 0.041 in the R2 score,surpassing the effectiveness of traditional regression models.展开更多
Edge computing(EC)combined with the Internet of Things(IoT)provides a scalable and efficient solution for smart homes.Therapid proliferation of IoT devices poses real-time data processing and security challenges.EC ha...Edge computing(EC)combined with the Internet of Things(IoT)provides a scalable and efficient solution for smart homes.Therapid proliferation of IoT devices poses real-time data processing and security challenges.EC has become a transformative paradigm for addressing these challenges,particularly in intrusion detection and anomaly mitigation.The widespread connectivity of IoT edge networks has exposed them to various security threats,necessitating robust strategies to detect malicious activities.This research presents a privacy-preserving federated anomaly detection framework combined with Bayesian game theory(BGT)and double deep Q-learning(DDQL).The proposed framework integrates BGT to model attacker and defender interactions for dynamic threat level adaptation and resource availability.It also models a strategic layout between attackers and defenders that takes into account uncertainty.DDQL is incorporated to optimize decision-making and aids in learning optimal defense policies at the edge,thereby ensuring policy and decision optimization.Federated learning(FL)enables decentralized and unshared anomaly detection for sensitive data between devices.Data collection has been performed from various sensors in a real-time EC-IoT network to identify irregularities that occurred due to different attacks.The results reveal that the proposed model achieves high detection accuracy of up to 98%while maintaining low resource consumption.This study demonstrates the synergy between game theory and FL to strengthen anomaly detection in EC-IoT networks.展开更多
FedCognis is a secure and scalable federated learning framework designed for continuous anomaly detection in Industrial Internet of Things-enabled Cognitive Cities(IIoTCC).It introduces two key innovations:a Quantum S...FedCognis is a secure and scalable federated learning framework designed for continuous anomaly detection in Industrial Internet of Things-enabled Cognitive Cities(IIoTCC).It introduces two key innovations:a Quantum Secure Authentication(QSA)mechanism for adversarial defense and integrity validation,and a Self-Attention Long Short-Term Memory(SALSTM)model for high-accuracy spatiotemporal anomaly detection.Addressing core challenges in traditional Federated Learning(FL)—such as model poisoning,communication overhead,and concept drift—FedCognis integrates dynamic trust-based aggregation and lightweight cryptographic verification to ensure secure,real-time operation across heterogeneous IIoT domains including utilities,public safety,and traffic systems.Evaluated on the WUSTL-IIoTCC-2021 dataset,FedCognis achieves 94.5%accuracy,0.941 AUC for precision-recall,and 0.896 ROC-AUC,while reducing bandwidth consumption by 72%.The framework demonstrates sublinear computational complexity and a resilience score of 96.56%across six security dimensions.These results confirm FedCognis as a robust and adaptive anomaly detection solution suitable for deployment in large-scale cognitive urban infrastructures.展开更多
Attacks are growing more complex and dangerous as network capabilities improve at a rapid pace.Network intrusion detection is usually regarded as an efficient means of dealing with security attacks.Many ways have been...Attacks are growing more complex and dangerous as network capabilities improve at a rapid pace.Network intrusion detection is usually regarded as an efficient means of dealing with security attacks.Many ways have been presented,utilizing various strategies and focusing on different types of visitors.Anomaly-based network intrusion monitoring is an essential area of intrusion detection investigation and development.Despite extensive research on anomaly-based network detection,there is still a lack of comprehensive literature reviews covering current methodologies and datasets.Despite the substantial research into anomaly-based network intrusion detection algorithms,there is a dearth of a research evaluation of new methodologies and datasets.We explore and evaluate 50 highest publications on anomaly-based intrusion detection using an in-depth review of related literature techniques.Our work thoroughly explores the technological environment of the subject in order to help future research in this sector.Our examination is carried out from the relevant angles:application areas,data preprocessing and threat detection approaches,assessment measures,and datasets.We select unresolved research difficulties and underexplored research areas from every viewpoint recommendation of the study.Finally,we outline five potentially increased research areas for the future.展开更多
Reliable electricity infrastructure is critical for modern society,highlighting the importance of securing the stability of fundamental power electronic systems.However,as such systems frequently involve high-current ...Reliable electricity infrastructure is critical for modern society,highlighting the importance of securing the stability of fundamental power electronic systems.However,as such systems frequently involve high-current and high-voltage conditions,there is a greater likelihood of failures.Consequently,anomaly detection of power electronic systems holds great significance,which is a task that properly-designed neural networks can well undertake,as proven in various scenarios.Transformer-like networks are promising for such application,yet with its structure initially designed for different tasks,features extracted by beginning layers are often lost,decreasing detection performance.Also,such data-driven methods typically require sufficient anomalous data for training,which could be difficult to obtain in practice.Therefore,to improve feature utilization while achieving efficient unsupervised learning,a novel model,Densely-connected Decoder Transformer(DDformer),is proposed for unsupervised anomaly detection of power electronic systems in this paper.First,efficient labelfree training is achieved based on the concept of autoencoder with recursive-free output.An encoder-decoder structure with densely-connected decoder is then adopted,merging features from all encoder layers to avoid possible loss of mined features while reducing training difficulty.Both simulation and real-world experiments are conducted to validate the capabilities of DDformer,and the average FDR has surpassed baseline models,reaching 89.39%,93.91%,95.98%in different experiment setups respectively.展开更多
As computer data grows exponentially,detecting anomalies within system logs has become increasingly important.Current research on log anomaly detection largely depends on log templates derived from log parsing.Word em...As computer data grows exponentially,detecting anomalies within system logs has become increasingly important.Current research on log anomaly detection largely depends on log templates derived from log parsing.Word embedding is utilized to extract information from these templates.However,this method neglects a portion of the content within the logs and confronts the challenge of data imbalance among various log template types after parsing.Currently,specialized research on data imbalance across log template categories remains scarce.A dual-attention-based log anomaly detection model(LogDA),which leveraged data imbalance,was proposed to address these issues in the work.The LogDA model initially utilized a pre-trained model to extract semantic embedding from log templates.Besides,the similarity between embedding was calculated to discern the relationships among the various templates.Then,a Transformer model with a dual-attention mechanism was constructed to capture positional information and global dependencies.Compared to multiple baseline experiments across three public datasets,the proposed approach could improve precision,recall,and F1 scores.展开更多
In the burgeoning field of anomaly detection within attributed networks,traditional methodologies often encounter the intricacies of network complexity,particularly in capturing nonlinearity and sparsity.This study in...In the burgeoning field of anomaly detection within attributed networks,traditional methodologies often encounter the intricacies of network complexity,particularly in capturing nonlinearity and sparsity.This study introduces an innovative approach that synergizes the strengths of graph convolutional networks with advanced deep residual learning and a unique residual-based attention mechanism,thereby creating a more nuanced and efficient method for anomaly detection in complex networks.The heart of our model lies in the integration of graph convolutional networks that capture complex structural relationships within the network data.This is further bolstered by deep residual learning,which is employed to model intricate nonlinear connections directly from input data.A pivotal innovation in our approach is the incorporation of a residual-based attention mech-anism.This mechanism dynamically adjusts the importance of nodes based on their residual information,thereby significantly enhancing the sensitivity of the model to subtle anomalies.Furthermore,we introduce a novel hypersphere mapping technique in the latent space to distinctly separate normal and anomalous data.This mapping is the key to our model’s ability to pinpoint anomalies with greater precision.An extensive experimental setup was used to validate the efficacy of the proposed model.Using attributed social network datasets,we demonstrate that our model not only competes with but also surpasses existing state-of-the-art methods in anomaly detection.The results show the exceptional capability of our model to handle the multifaceted nature of real-world networks.展开更多
In this study, we provide a detailed case study of the X-pattern of equatorial ionization anomaly(EIA) observed on the night of September 12, 2021 by the Global-scale Observations of the Limb and Disk(GOLD) mission. U...In this study, we provide a detailed case study of the X-pattern of equatorial ionization anomaly(EIA) observed on the night of September 12, 2021 by the Global-scale Observations of the Limb and Disk(GOLD) mission. Unlike most previous studies about the X-pattern observed under the severely disturbed background ionosphere, this event is observed under geomagnetically quiet and low solar activity conditions. GOLD's continuous observations reveal that the X-pattern intensity evolves with local time, while its center's longitude remains constant. The total electron content(TEC) data derived from the ground-based Global Navigation Satellite System(GNSS) network aligns well with GOLD observations in capturing the formation of the X-pattern, extending coverage to areas beyond GOLD's observational reach. Additionally, the ESA's Swarm mission show that both sides of the X-pattern can coincide with the occurrence of small-scale equatorial plasma bubbles(EPBs). To further analyze the possible drivers of the X-pattern, observations from the Ionospheric Connection Explorer(ICON) satellite were used. It shows that the latitudinal expansion(or width) between the EIA crests in two hemispheres is proportional(or inversely proportional) to the upward(or downward) plasma drift velocity, which suggests that the zonal electric field should have a notable influence on the formation of EIA X-pattern. Further simulations using the SAMI2 model support this mechanism, as the X-pattern of EIA is successfully reproduced by setting the vertical plasma drift to different values at different longitudes.展开更多
A new phenomenological model(axionic QCD string)is constructed to study the topological issues of the QCD vacuum and hadron structure.It provides an alternative way of tackling the Strong CP problem,which is different...A new phenomenological model(axionic QCD string)is constructed to study the topological issues of the QCD vacuum and hadron structure.It provides an alternative way of tackling the Strong CP problem,which is different from the traditional Peccei–Quinn approach.Neither new particle nor extra symmetry is introduced,and the role of the Peccei–Quinn axion is played by a quasiparticle arising from the phase of the quark condensate,dubbed as axionic excitation.The derivative of this excitation field is decomposed into a regular part and a singular part,and the latter contains vorticity from the string configuration.A hidden gauge symmetry is revealed in this decomposition and vorticity is represented by an emergent gauge field associated with anomalies.These components,together with the anomaly-inflow mechanism,complete the effective Lagrangian description for the axionic QCD string.展开更多
In space probes,anomaly detection of sequence data collected by various sensors is essential to help detect potential faults promptly,improve the reliability of equipment operation,and ensure the smooth operation of t...In space probes,anomaly detection of sequence data collected by various sensors is essential to help detect potential faults promptly,improve the reliability of equipment operation,and ensure the smooth operation of the mission.However,sensors'signals often contain a superposition of various frequencies,changing fluctuations,and correlations between features.This complexity of data attributes makes building effective models challenging.This paper proposes a TimeEvolving Multi-Period Observational(TEMPO)anomaly detection method for space probes.First,fusing wavelet analysis and natural periods improves the ability to capture multi-period features in data.Then,the feature extraction framework proposed enhances the effectiveness of anomaly detection by comprehensively extracting the complex features of data through the multi-module synergy of temporal and channel.The results demonstrate that the proposed method enhances anomaly detection accuracy and its effectiveness is confirmed.Additionally,the ablation experiment results further validate the efficacy of each module.An evaluation of the algorithm's computational complexity confirms its suitability for real-time processing.展开更多
Abnormal network traffic, as a frequent security risk, requires a series of techniques to categorize and detect it. Existing network traffic anomaly detection still faces challenges: the inability to fully extract loc...Abnormal network traffic, as a frequent security risk, requires a series of techniques to categorize and detect it. Existing network traffic anomaly detection still faces challenges: the inability to fully extract local and global features, as well as the lack of effective mechanisms to capture complex interactions between features;Additionally, when increasing the receptive field to obtain deeper feature representations, the reliance on increasing network depth leads to a significant increase in computational resource consumption, affecting the efficiency and performance of detection. Based on these issues, firstly, this paper proposes a network traffic anomaly detection model based on parallel dilated convolution and residual learning (Res-PDC). To better explore the interactive relationships between features, the traffic samples are converted into two-dimensional matrix. A module combining parallel dilated convolutions and residual learning (res-pdc) was designed to extract local and global features of traffic at different scales. By utilizing res-pdc modules with different dilation rates, we can effectively capture spatial features at different scales and explore feature dependencies spanning wider regions without increasing computational resources. Secondly, to focus and integrate the information in different feature subspaces, further enhance and extract the interactions among the features, multi-head attention is added to Res-PDC, resulting in the final model: multi-head attention enhanced parallel dilated convolution and residual learning (MHA-Res-PDC) for network traffic anomaly detection. Finally, comparisons with other machine learning and deep learning algorithms are conducted on the NSL-KDD and CIC-IDS-2018 datasets. The experimental results demonstrate that the proposed method in this paper can effectively improve the detection performance.展开更多
基金supported by the National Natural Science Foundation of China(No.52188102).
文摘Anomaly Detection (AD) has been extensively adopted in industrial settings to facilitate quality control of products. It is critical to industrial production, especially to areas such as aircraft manufacturing, which require strict part qualification rates. Although being more efficient and practical, few-shot AD has not been well explored. The existing AD methods only extract features in a single frequency while defects exist in multiple frequency domains. Moreover, current methods have not fully leveraged the few-shot support samples to extract input-related normal patterns. To address these issues, we propose an industrial few-shot AD method, Feature Extender for Anomaly Detection (FEAD), which extracts normal patterns in multiple frequency domains from few-shot samples under the guidance of the input sample. Firstly, to achieve better coverage of normal patterns in the input sample, we introduce a Sample-Conditioned Transformation Module (SCTM), which transforms support features under the guidance of the input sample to obtain extra normal patterns. Secondly, to effectively distinguish and localize anomaly patterns in multiple frequency domains, we devise an Adaptive Descriptor Construction Module (ADCM) to build and select pattern descriptors in a series of frequencies adaptively. Finally, an auxiliary task for SCTM is designed to ensure the diversity of transformations and include more normal patterns into support features. Extensive experiments on two widely used industrial AD datasets (MVTec-AD and VisA) demonstrate the effectiveness of the proposed FEAD.
基金supported by the National Key Research and Development Project of China(No.2023YFB3709605)the National Natural Science Foundation of China(No.62073193)the National College Student Innovation Training Program(No.202310422122)。
文摘Potential high-temperature risks exist in heat-prone components of electric moped charging devices,such as sockets,interfaces,and controllers.Traditional detection methods have limitations in terms of real-time performance and monitoring scope.To address this,a temperature detection method based on infrared image processing has been proposed:utilizing the median filtering algorithm to denoise the original infrared image,then applying an image segmentation algorithm to divide the image.
基金supported by Jiangsu Provincial Science and Technology Project,grant number J2023124.Jing Guo received this grant,the URLs of sponsors’website is https://kxjst.jiangsu.gov.cn/(accessed on 06 June 2024).
文摘The rapid proliferation of electric vehicle(EV)charging infrastructure introduces critical cybersecurity vulnerabilities to power grids system.This study presents an innovative anomaly detection framework for EV charging stations,addressing the unique challenges posed by third-party aggregation platforms.Our approach integrates node equations-based on the parameter identification with a novel deep learning model,xDeepCIN,to detect abnormal data reporting indicative of aggregation attacks.We employ a graph-theoretic approach to model EV charging networks and utilize Markov Chain Monte Carlo techniques for accurate parameter estimation.The xDeepCIN model,incorporating a Compressed Interaction Network,has the ability to capture complex feature interactions in sparse,high-dimensional charging data.Experimental results on both proprietary and public datasets demonstrate significant improvements in anomaly detection performance,with F1-scores increasing by up to 32.3%for specific anomaly types compared to traditional methods,such as wide&deep and DeepFM(Factorization-Machine).Our framework exhibits robust scalability,effectively handling networks ranging from 8 to 85 charging points.Furthermore,we achieve real-time monitoring capabilities,with parameter identification completing within seconds for networks up to 1000 nodes.This research contributes to enhancing the security and reliability of renewable energy systems against evolving cyber threats,offering a comprehensive solution for safeguarding the rapidly expanding EV charging infrastructure.
基金supported in part by the Guangxi Science and Technology Major Program under grant AA22068067the Guangxi Natural Science Foundation under grant 2023GXNSFAA026236 and 2024GXNSFDA010064the National Natural Science Foundation of China under project 62172119.
文摘As more and more devices in Cyber-Physical Systems(CPS)are connected to the Internet,physical components such as programmable logic controller(PLC),sensors,and actuators are facing greater risks of network attacks,and fast and accurate attack detection techniques are crucial.The key problem in distinguishing between normal and abnormal sequences is to model sequential changes in a large and diverse field of time series.To address this issue,we propose an anomaly detection method based on distributed deep learning.Our method uses a bilateral filtering algorithm for sequential sequences to remove noise in the time series,which can maintain the edge of discrete features.We use a distributed linear deep learning model to establish a sequential prediction model and adjust the threshold for anomaly detection based on the prediction error of the validation set.Our method can not only detect abnormal attacks but also locate the sensors that cause anomalies.We conducted experiments on the Secure Water Treatment(SWAT)and Water Distribution(WADI)public datasets.The experimental results show that our method is superior to the baseline method in identifying the types of attacks and detecting efficiency.
文摘The rapid integration of Internet of Things(IoT)technologies is reshaping the global energy landscape by deploying smart meters that enable high-resolution consumption monitoring,two-way communication,and advanced metering infrastructure services.However,this digital transformation also exposes power system to evolving threats,ranging from cyber intrusions and electricity theft to device malfunctions,and the unpredictable nature of these anomalies,coupled with the scarcity of labeled fault data,makes realtime detection exceptionally challenging.To address these difficulties,a real-time decision support framework is presented for smart meter anomality detection that leverages rolling time windows and two self-supervised contrastive learning modules.The first module synthesizes diverse negative samples to overcome the lack of labeled anomalies,while the second captures intrinsic temporal patterns for enhanced contextual discrimination.The end-to-end framework continuously updates its model with rolling updated meter data to deliver timely identification of emerging abnormal behaviors in evolving grids.Extensive evaluations on eight publicly available smart meter datasets over seven diverse abnormal patterns testing demonstrate the effectiveness of the proposed full framework,achieving average recall and F1 score of more than 0.85.
基金funded by the Ongoing Research Funding Program(ORF-2025-890)King Saud University,Riyadh,Saudi Arabia and was supported by the Competitive Research Fund of theUniversity of Aizu,Japan.
文摘The exponential expansion of the Internet of Things(IoT),Industrial Internet of Things(IIoT),and Transportation Management of Things(TMoT)produces vast amounts of real-time streaming data.Ensuring system dependability,operational efficiency,and security depends on the identification of anomalies in these dynamic and resource-constrained systems.Due to their high computational requirements and inability to efficiently process continuous data streams,traditional anomaly detection techniques often fail in IoT systems.This work presents a resource-efficient adaptive anomaly detection model for real-time streaming data in IoT systems.Extensive experiments were carried out on multiple real-world datasets,achieving an average accuracy score of 96.06%with an execution time close to 7.5 milliseconds for each individual streaming data point,demonstrating its potential for real-time,resourceconstrained applications.The model uses Principal Component Analysis(PCA)for dimensionality reduction and a Z-score technique for anomaly detection.It maintains a low computational footprint with a sliding window mechanism,enabling incremental data processing and identification of both transient and sustained anomalies without storing historical data.The system uses a Multivariate Linear Regression(MLR)based imputation technique that estimates missing or corrupted sensor values,preserving data integrity prior to anomaly detection.The suggested solution is appropriate for many uses in smart cities,industrial automation,environmental monitoring,IoT security,and intelligent transportation systems,and is particularly well-suited for resource-constrained edge devices.
基金co-supported by the National Science and Technology Major Project,China(No.J2019-I-0001-0001)the National Natural Science Foundation of China(No.52105545)。
文摘The original monitoring data from aero-engines possess characteristics such as high dimen-sionality,strong noise,and imbalance,which present substantial challenges to traditional anomalydetection methods.In response,this paper proposes a method based on Fuzzy Fusion of variablesand Discriminant mapping of features for Clustering(FFD-Clustering)to detect anomalies in originalmonitoring data from Aircraft Communication Addressing and Reporting System(ACARS).Firstly,associated variables are fuzzily grouped to extract the underlying distribution characteristics and trendsfrom the data.Secondly,a multi-layer contrastive denoising-based feature Fusion Encoding Network(FEN)is designed for each variable group,which can construct representative features for each variablegroup through eliminating strong noise and complex interrelations between variables.Thirdly,a featureDiscriminative Mapping Network(DMN)based on reconstruction difference re-clustering is designed,which can distinguish dissimilar feature vectors when mapping representative features to a unified fea-ture space.Finally,the K-means clustering is used to detect the abnormal feature vectors in the unifiedfeature space.Additionally,the algorithm is capable of reconstructing identified abnormal vectors,thereby locating the abnormal variable groups.The performance of this algorithm was tested ontwo public datasets and real original monitoring data from four aero-engines'ACARS,demonstratingits superiority and application potential in aero-engine anomaly detection.
基金FEDER/Ministry of Science and Innovation-State Research Agency/Project PID2020-112667RB-I00 funded by MCIN/AEI/10.13039/501100011033the Basque Government,IT1726-22+2 种基金by the predoctoral contracts PRE_2022_2_0022 and EP_2023_1_0015 of the Basque Governmentpartially supported by the Italian MIUR,PRIN 2020 Project“COMMON-WEARS”,N.2020HCWWLP,CUP:H23C22000230005co-funding from Next Generation EU,in the context of the National Recovery and Resilience Plan,through the Italian MUR,PRIN 2022 Project”COCOWEARS”(A framework for COntinuum COmputing WEARable Systems),N.2022T2XNJE,CUP:H53D23003640006.
文摘Detecting sitting posture abnormalities in wheelchair users enables early identification of changes in their functional status.To date,this detection has relied on in-person observation by medical specialists.However,given the challenges faced by health specialists to carry out continuous monitoring,the development of an intelligent anomaly detection system is proposed.Unlike other authors,where they use supervised techniques,this work proposes using unsupervised techniques due to the advantages they offer.These advantages include the lack of prior labeling of data,and the detection of anomalies previously not contemplated,among others.In the present work,an individualized methodology consisting of two phases is developed:characterizing the normal sitting pattern and determining abnormal samples.An analysis has been carried out between different unsupervised techniques to study which ones are more suitable for postural diagnosis.It can be concluded,among other aspects,that the utilization of dimensionality reduction techniques leads to improved results.Moreover,the normality characterization phase is deemed necessary for enhancing the system’s learning capabilities.Additionally,employing an individualized approach to the model aids in capturing the particularities of the various pathologies present among subjects.
基金support from the Fundamental Research Funds for Central Public Welfare Research Institutes(SK202324)the Central Guidance on Local Science and Technology Development Fund of Hebei Province(236Z0104G)+1 种基金the National Natural Science Foundation of China(62476078)the Geological Survey Project of China Geological Survey(G202304-2).
文摘Time series anomaly detection is crucial in finance,healthcare,and industrial monitoring.However,traditional methods often face challenges when handling time series data,such as limited feature extraction capability,poor temporal dependency handling,and suboptimal real-time performance,sometimes even neglecting the temporal relationships between data.To address these issues and improve anomaly detection performance by better capturing temporal dependencies,we propose an unsupervised time series anomaly detection method,VLT-Anomaly.First,we enhance the Variational Autoencoder(VAE)module by redesigning its network structure to better suit anomaly detection through data reconstruction.We introduce hyperparameters to control the weight of the Kullback-Leibler(KL)divergence term in the Evidence Lower Bound(ELBO),thereby improving the encoder module’s decoupling and expressive power in the latent space,which yields more effective latent representations of the data.Next,we incorporate transformer and Long Short-Term Memory(LSTM)modules to estimate the long-term dependencies of the latent representations,capturing both forward and backward temporal relationships and performing time series forecasting.Finally,we compute the reconstruction error by averaging the predicted results and decoder reconstruction and detect anomalies through grid search for optimal threshold values.Experimental results demonstrate that the proposed method performs superior anomaly detection on multiple public time series datasets,effectively extracting complex time-related features and enabling efficient computation and real-time anomaly detection.It improves detection accuracy and robustness while reducing false positives and false negatives.
文摘In recent years,there has been a concerted effort to improve anomaly detection tech-niques,particularly in the context of high-dimensional,distributed clinical data.Analysing patient data within clinical settings reveals a pronounced focus on refining diagnostic accuracy,personalising treatment plans,and optimising resource allocation to enhance clinical outcomes.Nonetheless,this domain faces unique challenges,such as irregular data collection,inconsistent data quality,and patient-specific structural variations.This paper proposed a novel hybrid approach that integrates heuristic and stochastic methods for anomaly detection in patient clinical data to address these challenges.The strategy combines HPO-based optimal Density-Based Spatial Clustering of Applications with Noise for clustering patient exercise data,facilitating efficient anomaly identification.Subsequently,a stochastic method based on the Interquartile Range filters unreliable data points,ensuring that medical tools and professionals receive only the most pertinent and accurate information.The primary objective of this study is to equip healthcare pro-fessionals and researchers with a robust tool for managing extensive,high-dimensional clinical datasets,enabling effective isolation and removal of aberrant data points.Furthermore,a sophisticated regression model has been developed using Automated Machine Learning(AutoML)to assess the impact of the ensemble abnormal pattern detection approach.Various statistical error estimation techniques validate the efficacy of the hybrid approach alongside AutoML.Experimental results show that implementing this innovative hybrid model on patient rehabilitation data leads to a notable enhance-ment in AutoML performance,with an average improvement of 0.041 in the R2 score,surpassing the effectiveness of traditional regression models.
基金The authors extend their appreciation to the Deanship of Research and Graduate Studies at King Khalid University for funding this work through the Large Group Project under grant number(RGP2/337/46)The research team thanks the Deanship of Graduate Studies and Scientific Research at Najran University for supporting the research project through the Nama’a program,with the project code NU/GP/SERC/13/352-4.
文摘Edge computing(EC)combined with the Internet of Things(IoT)provides a scalable and efficient solution for smart homes.Therapid proliferation of IoT devices poses real-time data processing and security challenges.EC has become a transformative paradigm for addressing these challenges,particularly in intrusion detection and anomaly mitigation.The widespread connectivity of IoT edge networks has exposed them to various security threats,necessitating robust strategies to detect malicious activities.This research presents a privacy-preserving federated anomaly detection framework combined with Bayesian game theory(BGT)and double deep Q-learning(DDQL).The proposed framework integrates BGT to model attacker and defender interactions for dynamic threat level adaptation and resource availability.It also models a strategic layout between attackers and defenders that takes into account uncertainty.DDQL is incorporated to optimize decision-making and aids in learning optimal defense policies at the edge,thereby ensuring policy and decision optimization.Federated learning(FL)enables decentralized and unshared anomaly detection for sensitive data between devices.Data collection has been performed from various sensors in a real-time EC-IoT network to identify irregularities that occurred due to different attacks.The results reveal that the proposed model achieves high detection accuracy of up to 98%while maintaining low resource consumption.This study demonstrates the synergy between game theory and FL to strengthen anomaly detection in EC-IoT networks.
基金the Deanship of Graduate Studies and Scientific Research at Qassim University for financial support(QU-APC-2025).
文摘FedCognis is a secure and scalable federated learning framework designed for continuous anomaly detection in Industrial Internet of Things-enabled Cognitive Cities(IIoTCC).It introduces two key innovations:a Quantum Secure Authentication(QSA)mechanism for adversarial defense and integrity validation,and a Self-Attention Long Short-Term Memory(SALSTM)model for high-accuracy spatiotemporal anomaly detection.Addressing core challenges in traditional Federated Learning(FL)—such as model poisoning,communication overhead,and concept drift—FedCognis integrates dynamic trust-based aggregation and lightweight cryptographic verification to ensure secure,real-time operation across heterogeneous IIoT domains including utilities,public safety,and traffic systems.Evaluated on the WUSTL-IIoTCC-2021 dataset,FedCognis achieves 94.5%accuracy,0.941 AUC for precision-recall,and 0.896 ROC-AUC,while reducing bandwidth consumption by 72%.The framework demonstrates sublinear computational complexity and a resilience score of 96.56%across six security dimensions.These results confirm FedCognis as a robust and adaptive anomaly detection solution suitable for deployment in large-scale cognitive urban infrastructures.
文摘Attacks are growing more complex and dangerous as network capabilities improve at a rapid pace.Network intrusion detection is usually regarded as an efficient means of dealing with security attacks.Many ways have been presented,utilizing various strategies and focusing on different types of visitors.Anomaly-based network intrusion monitoring is an essential area of intrusion detection investigation and development.Despite extensive research on anomaly-based network detection,there is still a lack of comprehensive literature reviews covering current methodologies and datasets.Despite the substantial research into anomaly-based network intrusion detection algorithms,there is a dearth of a research evaluation of new methodologies and datasets.We explore and evaluate 50 highest publications on anomaly-based intrusion detection using an in-depth review of related literature techniques.Our work thoroughly explores the technological environment of the subject in order to help future research in this sector.Our examination is carried out from the relevant angles:application areas,data preprocessing and threat detection approaches,assessment measures,and datasets.We select unresolved research difficulties and underexplored research areas from every viewpoint recommendation of the study.Finally,we outline five potentially increased research areas for the future.
基金supported in part by the National Natural Science Foundation of China under Grant 62303090,U2330206in part by the Postdoctoral Science Foundation of China under Grant 2023M740516+1 种基金in part by the Natural Science Foundation of Sichuan Province under Grant 2024NSFSC1480in part by the New Cornerstone Science Foundation through the XPLORER PRIZE.
文摘Reliable electricity infrastructure is critical for modern society,highlighting the importance of securing the stability of fundamental power electronic systems.However,as such systems frequently involve high-current and high-voltage conditions,there is a greater likelihood of failures.Consequently,anomaly detection of power electronic systems holds great significance,which is a task that properly-designed neural networks can well undertake,as proven in various scenarios.Transformer-like networks are promising for such application,yet with its structure initially designed for different tasks,features extracted by beginning layers are often lost,decreasing detection performance.Also,such data-driven methods typically require sufficient anomalous data for training,which could be difficult to obtain in practice.Therefore,to improve feature utilization while achieving efficient unsupervised learning,a novel model,Densely-connected Decoder Transformer(DDformer),is proposed for unsupervised anomaly detection of power electronic systems in this paper.First,efficient labelfree training is achieved based on the concept of autoencoder with recursive-free output.An encoder-decoder structure with densely-connected decoder is then adopted,merging features from all encoder layers to avoid possible loss of mined features while reducing training difficulty.Both simulation and real-world experiments are conducted to validate the capabilities of DDformer,and the average FDR has surpassed baseline models,reaching 89.39%,93.91%,95.98%in different experiment setups respectively.
基金funded by the Hainan Provincial Natural Science Foundation Project(Grant No.622RC675)the National Natural Science Foundation of China(Grant No.62262019).
文摘As computer data grows exponentially,detecting anomalies within system logs has become increasingly important.Current research on log anomaly detection largely depends on log templates derived from log parsing.Word embedding is utilized to extract information from these templates.However,this method neglects a portion of the content within the logs and confronts the challenge of data imbalance among various log template types after parsing.Currently,specialized research on data imbalance across log template categories remains scarce.A dual-attention-based log anomaly detection model(LogDA),which leveraged data imbalance,was proposed to address these issues in the work.The LogDA model initially utilized a pre-trained model to extract semantic embedding from log templates.Besides,the similarity between embedding was calculated to discern the relationships among the various templates.Then,a Transformer model with a dual-attention mechanism was constructed to capture positional information and global dependencies.Compared to multiple baseline experiments across three public datasets,the proposed approach could improve precision,recall,and F1 scores.
文摘In the burgeoning field of anomaly detection within attributed networks,traditional methodologies often encounter the intricacies of network complexity,particularly in capturing nonlinearity and sparsity.This study introduces an innovative approach that synergizes the strengths of graph convolutional networks with advanced deep residual learning and a unique residual-based attention mechanism,thereby creating a more nuanced and efficient method for anomaly detection in complex networks.The heart of our model lies in the integration of graph convolutional networks that capture complex structural relationships within the network data.This is further bolstered by deep residual learning,which is employed to model intricate nonlinear connections directly from input data.A pivotal innovation in our approach is the incorporation of a residual-based attention mech-anism.This mechanism dynamically adjusts the importance of nodes based on their residual information,thereby significantly enhancing the sensitivity of the model to subtle anomalies.Furthermore,we introduce a novel hypersphere mapping technique in the latent space to distinctly separate normal and anomalous data.This mapping is the key to our model’s ability to pinpoint anomalies with greater precision.An extensive experimental setup was used to validate the efficacy of the proposed model.Using attributed social network datasets,we demonstrate that our model not only competes with but also surpasses existing state-of-the-art methods in anomaly detection.The results show the exceptional capability of our model to handle the multifaceted nature of real-world networks.
基金supported by the National Key R&D Program of China (Grant No. 2022YFF0503700)the special funds of Hubei Luojia Laboratory (220100011)+1 种基金Chao Xiong is supported by the ISSI-BJ project, “the electromagnetic data validation and scientific application research based on CSES satellite”ISSI/ISSI-BJ project “Multi-Scale Magnetosphere–Ionosphere–Thermosphere Interaction”。
文摘In this study, we provide a detailed case study of the X-pattern of equatorial ionization anomaly(EIA) observed on the night of September 12, 2021 by the Global-scale Observations of the Limb and Disk(GOLD) mission. Unlike most previous studies about the X-pattern observed under the severely disturbed background ionosphere, this event is observed under geomagnetically quiet and low solar activity conditions. GOLD's continuous observations reveal that the X-pattern intensity evolves with local time, while its center's longitude remains constant. The total electron content(TEC) data derived from the ground-based Global Navigation Satellite System(GNSS) network aligns well with GOLD observations in capturing the formation of the X-pattern, extending coverage to areas beyond GOLD's observational reach. Additionally, the ESA's Swarm mission show that both sides of the X-pattern can coincide with the occurrence of small-scale equatorial plasma bubbles(EPBs). To further analyze the possible drivers of the X-pattern, observations from the Ionospheric Connection Explorer(ICON) satellite were used. It shows that the latitudinal expansion(or width) between the EIA crests in two hemispheres is proportional(or inversely proportional) to the upward(or downward) plasma drift velocity, which suggests that the zonal electric field should have a notable influence on the formation of EIA X-pattern. Further simulations using the SAMI2 model support this mechanism, as the X-pattern of EIA is successfully reproduced by setting the vertical plasma drift to different values at different longitudes.
基金supported by the Natural Science Foundation of Fujian Province(Grant No.2022J011130)the Research Starting Grant from Minjiang University(Grant No.30804317)。
文摘A new phenomenological model(axionic QCD string)is constructed to study the topological issues of the QCD vacuum and hadron structure.It provides an alternative way of tackling the Strong CP problem,which is different from the traditional Peccei–Quinn approach.Neither new particle nor extra symmetry is introduced,and the role of the Peccei–Quinn axion is played by a quasiparticle arising from the phase of the quark condensate,dubbed as axionic excitation.The derivative of this excitation field is decomposed into a regular part and a singular part,and the latter contains vorticity from the string configuration.A hidden gauge symmetry is revealed in this decomposition and vorticity is represented by an emergent gauge field associated with anomalies.These components,together with the anomaly-inflow mechanism,complete the effective Lagrangian description for the axionic QCD string.
基金supported by the National Natural Science Foundation of China(Nos.92467108,62141604,62032016,92467206)Beijing Nova Program,China No.(20220484106,20230484451)。
文摘In space probes,anomaly detection of sequence data collected by various sensors is essential to help detect potential faults promptly,improve the reliability of equipment operation,and ensure the smooth operation of the mission.However,sensors'signals often contain a superposition of various frequencies,changing fluctuations,and correlations between features.This complexity of data attributes makes building effective models challenging.This paper proposes a TimeEvolving Multi-Period Observational(TEMPO)anomaly detection method for space probes.First,fusing wavelet analysis and natural periods improves the ability to capture multi-period features in data.Then,the feature extraction framework proposed enhances the effectiveness of anomaly detection by comprehensively extracting the complex features of data through the multi-module synergy of temporal and channel.The results demonstrate that the proposed method enhances anomaly detection accuracy and its effectiveness is confirmed.Additionally,the ablation experiment results further validate the efficacy of each module.An evaluation of the algorithm's computational complexity confirms its suitability for real-time processing.
基金supported by the Xiamen Science and Technology Subsidy Project(No.2023CXY0318).
文摘Abnormal network traffic, as a frequent security risk, requires a series of techniques to categorize and detect it. Existing network traffic anomaly detection still faces challenges: the inability to fully extract local and global features, as well as the lack of effective mechanisms to capture complex interactions between features;Additionally, when increasing the receptive field to obtain deeper feature representations, the reliance on increasing network depth leads to a significant increase in computational resource consumption, affecting the efficiency and performance of detection. Based on these issues, firstly, this paper proposes a network traffic anomaly detection model based on parallel dilated convolution and residual learning (Res-PDC). To better explore the interactive relationships between features, the traffic samples are converted into two-dimensional matrix. A module combining parallel dilated convolutions and residual learning (res-pdc) was designed to extract local and global features of traffic at different scales. By utilizing res-pdc modules with different dilation rates, we can effectively capture spatial features at different scales and explore feature dependencies spanning wider regions without increasing computational resources. Secondly, to focus and integrate the information in different feature subspaces, further enhance and extract the interactions among the features, multi-head attention is added to Res-PDC, resulting in the final model: multi-head attention enhanced parallel dilated convolution and residual learning (MHA-Res-PDC) for network traffic anomaly detection. Finally, comparisons with other machine learning and deep learning algorithms are conducted on the NSL-KDD and CIC-IDS-2018 datasets. The experimental results demonstrate that the proposed method in this paper can effectively improve the detection performance.
