•A reconstruction-by-inpainting-based anomaly detection method (RIAD) was proposed.•RIAD achieves state-of-the-art performance on anomaly detection and localization.•We compare RIAD anomaly detection ...results with recent anomaly detection methods.•The generality of RIAD is demonstrated by applying it on video anomaly detection.
Visual anomaly detection addresses the problem of classification or localization of regions in an image that deviate from their normal appearance. A popular approach trains an auto-encoder on anomaly-free images and performs anomaly detection by calculating the difference between the input and the reconstructed image. This approach assumes that the auto-encoder will be unable to accurately reconstruct anomalous regions. But in practice neural networks generalize well even to anomalies and reconstruct them sufficiently well, thus reducing the detection capabilities. Accurate reconstruction is far less likely if the anomaly pixels were not visible to the auto-encoder. We thus cast anomaly detection as a self-supervised reconstruction-by-inpainting problem. Our approach (RIAD) randomly removes partial image regions and reconstructs the image from partial inpaintings, thus addressing the drawbacks of auto-enocoding methods. RIAD is extensively evaluated on several benchmarks and sets a new state-of-the art on a recent highly challenging anomaly detection benchmark.
Anomaly detection (AD) requires spectral and spatial information to differentiate anomalies from their surrounding data samples. To capture spatial information, a general approach is to utilize local ...windows in various forms to adapt local characteristics of the background (BKG) from which unknown anomalies can be detected. This article develops a new approach, called iterative spectral-spatial hyperspectral AD (ISSHAD), which can improve an anomaly detector in its performance via an iterative process. Its key idea is to include an iterative process that captures spectral and spatial information from AD maps (ADMaps) obtained in previous iterations and feeds these anomaly maps back to the current data cube to create a new data cube for the next iteration. To terminate the iterative process, a Tanimoto index (TI)-based automatic stopping rule is particularly designed. Three types of spectral and spatial information, ADMaps, foreground map (FGMap), and spatial filtered map (SFMap), are introduced to develop seven various versions of ISSHAD. To demonstrate its full utilization in improving AD performance, a large number of extensive experiments are performed for ISSHAD along with its detailed comprehensive analysis among several most recently developed anomaly detectors, including classic, dual-window-based, low-rank representation model-based, and tensor-based AD methods for validation.
Unsupervised anomaly detection holds a distinctive advantage in industrial fault detection applications, offering the ability to detect anomalies without relying on annotated images. However, our ...experiments on freight train fault detection unveil a significant observation: detectors tend to produce anomaly maps that exhibit spatial activations, leading to false alarms with obvious spatial patterns. To this end, we propose a novel Low-Rank Representation Spatial Activation Suppression (LRR-SAS) post-processing method. A tensor structure, namely the High Spatial Response Tensor, captures spatial activations from anomaly maps while preserving independence among sub-regions. A Kolda Horizontal Expansion-based dictionary construction method is proposed to construct a dictionary tensor of specified tensor size from training instances. Moreover, the low-rank and sparse representation-based spatial attention suppression method is developed. Experimental results demonstrate the effectiveness of our approach in eliminating false positives and improving comprehensive fault detection performance on freight train images compared with state-of-the-art detectors.
Deep learning approaches to anomaly detection (AD) have recently improved the state of the art in detection performance on complex data sets, such as large collections of images or text. These ...results have sparked a renewed interest in the AD problem and led to the introduction of a great variety of new methods. With the emergence of numerous such methods, including approaches based on generative models, one-class classification, and reconstruction, there is a growing need to bring methods of this field into a systematic and unified perspective. In this review, we aim to identify the common underlying principles and the assumptions that are often made implicitly by various methods. In particular, we draw connections between classic "shallow" and novel deep approaches and show how this relation might cross-fertilize or extend both directions. We further provide an empirical assessment of major existing methods that are enriched by the use of recent explainability techniques and present specific worked-through examples together with practical advice. Finally, we outline critical open challenges and identify specific paths for future research in AD.
Detecting anomalies in maritime systems involves recognizing vessel patterns that are not in line with what is expected or planned prior to the voyage. These patterns are identified for a variety of ...reasons at different stages. However, the available approaches are mostly focused on batch processing, which assumes that all data are available at once. Furthermore, limited attention has been paid to the identification of vessel behavior in the maritime domain. To gain a deeper understanding of the behavior of the vessel, this paper proposes a framework for online vessel anomaly detection and behavior identification for streaming AIS data. The framework employs an Ornstein–Uhlenbeck (OU)-based algorithm for anomaly detection and a machine learning-based behavior identification algorithm for ship behavior classification. In particular, we use the XGBoost algorithm as a classification method to distinguish various behaviors of vessels within the maritime domain. The proposed framework does not require labeled data for anomaly detection, and shows robustness in the presence of missing information (a passage plan, which contains the parameters to be followed during the voyage). The numerical results demonstrate that the proposed approach can achieve reasonable values of the F1 score for the various activities of the vessels.
•Proposed a framework for online anomaly detection and behavior identification.•For anomaly detection in trajectories, it exploits Ornstein–Uhlenbeck processes.•It utilizes XGBoost for accurate classification of vessel behaviors.•Numerical results show the efficacy of the proposed framework.
Cyber intrusions to substations of a power grid are a source of vulnerability since most substations are unmanned and with limited protection of the physical security. In the worst case, simultaneous ...intrusions into multiple substations can lead to severe cascading events, causing catastrophic power outages. In this paper, an integrated Anomaly Detection System (ADS) is proposed which contains host- and network-based anomaly detection systems for the substations, and simultaneous anomaly detection for multiple substations. Potential scenarios of simultaneous intrusions into the substations have been simulated using a substation automation testbed. The host-based anomaly detection considers temporal anomalies in the substation facilities, e.g., user-interfaces, Intelligent Electronic Devices (IEDs) and circuit breakers. The malicious behaviors of substation automation based on multicast messages, e.g., Generic Object Oriented Substation Event (GOOSE) and Sampled Measured Value (SMV), are incorporated in the proposed network-based anomaly detection. The proposed simultaneous intrusion detection method is able to identify the same type of attacks at multiple substations and their locations. The result is a new integrated tool for detection and mitigation of cyber intrusions at a single substation or multiple substations of a power grid.
Video anomaly detection is a challenging task due to the unpredictable nature of abnormal actions, sophisticated semantics and a lack in training data. The visual representations of most existing ...approaches are limited by short-term sequences which cannot provide necessary clues for achieving reasonable detections. In this paper, we propose to comprehensively represent the motion patterns in human actions by learning from long-term sequences. Firstly, a Stacked State Machine (SSM) model with distinctive basis functions is proposed to represent the temporal dependencies which are consistent across long-term observations. Secondly, the dependencies are leveraged in filtering out problematic motion estimations which are influenced by short-term observation noises, plausible motion parameters are obtained in this way. Finally, SSM model predicts future states based on past ones, the divergence between the predictions with inherent normal patterns and observed ones determines anomalies which violate normal motion patterns. To address the challenges in drone-based surveillance, a dataset which is more diversified than existing ones is built. Extensive experiments are carried out to evaluate the proposed approach on the dataset and existing ones. Improvements over state-of-the-art methods can be observed. The proposed dataset will be made publicly available. Code is available at https://github.com/AllenYLJiang/Anomaly-Detection-in-Sequences.
Anomalies are rare observations (e.g., data records or events) that deviate significantly from the others in the sample. Over the past few decades, research on anomaly mining has received increasing ...interests due to the implications of these occurrences in a wide range of disciplines - for instance, security, finance, and medicine. For this reason, anomaly detection, which aims to identify these rare observations, has become one of the most vital tasks in the world and has shown its power in preventing detrimental events, such as financial fraud, network intrusions, and social spam. The detection task is typically solved by identifying outlying data points in the feature space, which, inherently, overlooks the relational information in real-world data. At the same time, graphs have been prevalently used to represent the structural/relational information, which raises the graph anomaly detection problem - identifying anomalous graph objects (i.e., nodes, edges and sub-graphs) in a single graph, or anomalous graphs in a set/database of graphs. Conventional anomaly detection techniques cannot tackle this problem well because of the complexity of graph data (e.g., irregular structures, relational dependencies, node/edge types/attributes/directions/multiplicities/weights, large scale, etc.). However, thanks to the advent of deep learning in breaking these limitations, graph anomaly detection with deep learning has received a growing attention recently. In this survey, we aim to provide a systematic and comprehensive review of the contemporary deep learning techniques for graph anomaly detection. Specifically, we provide a taxonomy that follows a task-driven strategy and categorizes existing work according to the anomalous graph objects that they can detect. We especially focus on the challenges in this research area and discuss the key intuitions, technical details as well as relative strengths and weaknesses of various techniques in each category. From the survey results, we highlight 12 future research directions spanning unsolved and emerging problems introduced by graph data, anomaly detection, deep learning and real-world applications. Additionally, to provide a wealth of useful resources for future studies, we have compiled a set of open-source implementations, public datasets, and commonly-used evaluation metrics. With this survey, our goal is to create a "one-stop-shop" that provides a unified understanding of the problem categories and existing approaches, publicly available hands-on resources, and high-impact open challenges for graph anomaly detection using deep learning.
A Survey of Single-Scene Video Anomaly Detection Ramachandra, Bharathkumar; Jones, Michael J.; Vatsavai, Ranga Raju
IEEE transactions on pattern analysis and machine intelligence,
05/2022, Letnik:
44, Številka:
5
Journal Article
Recenzirano
Odprti dostop
This article summarizes research trends on the topic of anomaly detection in video feeds of a single scene. We discuss the various problem formulations, publicly available datasets and evaluation ...criteria. We categorize and situate past research into an intuitive taxonomy and provide a comprehensive comparison of the accuracy of many algorithms on standard test sets. Finally, we also provide best practices and suggest some possible directions for future research.
A Survey on Explainable Anomaly Detection Li, Zhong; Zhu, Yuxuan; Van Leeuwen, Matthijs
ACM transactions on knowledge discovery from data,
09/2023, Letnik:
18, Številka:
1
Journal Article
Recenzirano
Odprti dostop
In the past two decades, most research on anomaly detection has focused on improving the accuracy of the detection, while largely ignoring the explainability of the corresponding methods and thus ...leaving the explanation of outcomes to practitioners. As anomaly detection algorithms are increasingly used in safety-critical domains, providing explanations for the high-stakes decisions made in those domains has become an ethical and regulatory requirement. Therefore, this work provides a comprehensive and structured survey on state-of-the-art explainable anomaly detection techniques. We propose a taxonomy based on the main aspects that characterise each explainable anomaly detection technique, aiming to help practitioners and researchers find the explainable anomaly detection method that best suits their needs.