通信学报 ›› 2022, Vol. 43 ›› Issue (3): 1-13.doi: 10.11959/j.issn.1000-436x.2022050
• 学术论文 • 下一篇
段雪源1,2, 付钰1, 王坤1,3
修回日期:
2022-02-21
出版日期:
2022-03-25
发布日期:
2022-03-01
作者简介:
段雪源(1981- ),男,河南开封人,海军工程大学博士生,主要研究方向为人工智能、信息处理、网络安全基金资助:
Xueyuan DUAN1,2, Yu FU1, Kun WANG1,3
Revised:
2022-02-21
Online:
2022-03-25
Published:
2022-03-01
Supported by:
摘要:
针对传统半监督深度异常检测模型对非平衡多维数据分布学习能力不足及模型训练困难等问题,提出一种基于VAE-WGAN架构的多维时间序列异常检测方法,利用VAE作为WGAN的生成器,使用Wasserstein距离作为模型拟合分布与待测数据真实分布之间的度量,学习复杂的高维数据分布。利用滑动窗口划分时间序列,使用正常序列数据训练模型;根据待测序列在训练好的模型中的异常得分,结合自适应阈值技术进行异常判定。实验表明,该方法具有模型容易训练且稳定性强的特点,并且在精确率、召回率?F1值等异常检测性能指标上,比现有的生成式异常检测模型有明显提升。
中图分类号:
段雪源, 付钰, 王坤. 基于VAE-WGAN的多维时间序列异常检测方法[J]. 通信学报, 2022, 43(3): 1-13.
Xueyuan DUAN, Yu FU, Kun WANG. Multi-dimensional time series anomaly detection method based on VAE-WGAN[J]. Journal on Communications, 2022, 43(3): 1-13.
表3
各异常检测模型性能比较"
模型 | 数据集 | 精确率 | 召回率 | F1值 |
KDD99-sub | 0.376 7 | 0.156 3 | 0.220 9 | |
SMAP | 0.668 6 | 0.533 4 | 0.593 4 | |
TadGAN | MSL | 0.613 7 | 0.666 9 | 0.639 2 |
SWaT | 0.631 6 | 0.468 7 | 0.538 1 | |
总评 | 0.614 0 | 0.475 2 | 0.524 4 | |
KDD99-sub | 0.236 7 | 0.442 9 | 0.308 5 | |
SMAP | 0.263 8 | 0.283 7 | 0.273 4 | |
MAD-GAN | MSL | 0.567 9 | 0.354 3 | 0.436 4 |
SWaT | 0.897 8 | 0.723 2 | 0.801 1 | |
总评 | 0.450 2 | 0.432 2 | 0.428 3 | |
KDD99-sub | 0.784 6 | 0.569 4 | 0.659 9 | |
SMAP | 0.701 2 | 0.804 5 | 0.749 3 | |
VAE-WGAN | MSL | 0.741 2 | 0.609 9 | 0.669 2 |
SWaT | 0.823 1 | 0.686 4 | 0.748 6 | |
总评 | 0.762 5 | 0.667 6 | 0.706 7 |
[1] | AHMAD S , LAVIN A , PURDY S ,et al. Unsupervised real-time anomaly detection for streaming data[J]. Neurocomputing, 2017,262: 134-147. |
[2] | KINGMA D P , WELLING M . Auto-encoding variational Bayes[J]. arXiv Preprint,arXiv:1312.6114, 2013. |
[3] | GOODFELLOW I J , POUGET-ABADIE J , MIRZA M ,et al. Generative adversarial nets[C]// Proceedings of the 27th International Conference on Neural Information Processing Systems. Cambridge:MIT Press, 2014: 2672-2680. |
[4] | CHANDOLA V , BANERJEE A , KUMAR V . Anomaly detection:a survey[J]. ACM computing surveys (CSUR), 2009,41(3): 1-58. |
[5] | AN J , CHO S . Variational autoencoder based anomaly detection using reconstruction probability[J]. SUN Data Mining Center, 2015,2: 1-18. |
[6] | XU H W , CHEN W X , ZHAO N W ,et al. Unsupervised anomaly detection via variational auto-encoder for seasonal KPIs in web applications[C]// Proceedings of the 2018 World Wide Web Conference. Republic and Canton of Geneva:International World Wide Web Conferences Steering Committee, 2018: 187-196. |
[7] | CHEN W X , XU H W , LI Z Y ,et al. Unsupervised anomaly detection for intricate KPIs via adversarial training of VAE[C]// Proceedings of IEEE INFOCOM 2019 - IEEE Conference on Computer Communications. Piscataway:IEEE Press, 2019: 1891-1899. |
[8] | POL A A , BERGER V , GERMAIN C ,et al. Anomaly detection with conditional variational autoencoders[C]// Proceedings of 2019 18th IEEE International Conference on Machine Learning and Applications. Piscataway:IEEE Press, 2019: 1651-1657. |
[9] | 杨宏宇, 王峰岩, 吕伟力 . 基于无监督生成推理的网络安全威胁态势评估方法[J]. 清华大学学报(自然科学版), 2020,60(6): 474-484. |
YANG H Y , WANG F Y , LYU W L . Network security threat assessment method based on unsupervised generation reasoning[J]. Journal of Tsinghua University (Science and Technology), 2020,60(6): 474-484. | |
[10] | MEMARZADEH M , MATTHEWS B , AVREKH I . Unsupervised anomaly detection in flight data using convolutional variational auto-encoder[J]. Aerospace, 2020,7(8): 115. |
[11] | 郭敏, 曾颖明, 于然 ,等. 基于对抗训练和VAE样本修复的对抗攻击防御技术研究[J]. 信息网络安全, 2019(9): 66-70. |
GUO M , ZENG Y M , YU R ,et al. Research on defense technology of adversarial attacks based on adversarial training and VAE-repairing[J]. Netinfo Security, 2019(9): 66-70. | |
[12] | BEULA RANI B J , SUMATHI M E L . Survey on applying GAN for anomaly detection[C]// Proceedings of 2020 International Conference on Computer Communication and Informatics (ICCCI). Piscataway:IEEE Press, 2020: 1-5. |
[13] | THOMAS S , PHILIPP S , SEBASTIAN M W . Unsupervised anomaly detection with generative adversarial networks to guide marker discovery[C]// Proceedings of Information Processing in Medical Imaging. Berlin:Springer, 2017,39(2): 1703-1721. |
[14] | BASHAR M A , NAYAK R . TAnoGAN:time series anomaly detection with generative adversarial networks[C]// Proceedings of 2020 IEEE Symposium Series on Computational Intelligence. Piscataway:IEEE Press, 2020: 1778-1785. |
[15] | LI D , CHEN D C , JIN B H ,et al. MAD-GAN:multivariate anomaly detection for time series data with generative adversarial networks[C]// Artificial Neural Networks and Machine Learning - ICANN 2019. Berlin:Springer, 2019: 214-232. |
[16] | CHEN X H , DENG L W , HUANG F T ,et al. DAEMON:unsupervised anomaly detection and interpretation for multivariate time series[C]// Proceedings of 2021 IEEE 37th International Conference on Data Engineering. Piscataway:IEEE Press, 2021: 2225-2230. |
[17] | 戴文倩 . 基于生成对抗网络的流量预测研究[D]. 上海:上海师范大学, 2019. |
DAI W Q . Traffic prediction method for network based on generative adversarial network[D]. Shanghai:Shanghai Normal University, 2019. | |
[18] | 潘一鸣, 林家骏 . 基于生成对抗网络的恶意网络流生成及验证[J]. 华东理工大学学报(自然科学版), 2019,45(2): 344-350. |
PAN Y M , LIN J J . Generation and verification of malicious network flow based on generative adversarial networks[J]. Journal of East China University of Science and Technology, 2019,45(2): 344-350. | |
[19] | FERDOWSI A , SAAD W . Generative adversarial networks for distributed intrusion detection in the Internet of things[C]// Proceedings of 2019 IEEE Global Communications Conference. Piscataway:IEEE Press, 2019: 1-6. |
[20] | 刘芃 . 基于Text-GAN的加密流量识别关键技术研究[D]. 南京:南京邮电大学, 2020. |
LIU P . Research on encrypted traffic identification based on Text-Gan[D]. Nanjing:Nanjing University of Posts and Telecommunications, 2020. | |
[21] | 邹福泰, 谭越, 王林 ,等. 基于生成对抗网络的僵尸网络检测[J]. 通信学报, 2021,42(7): 95-106. |
ZOU F T , TAN Y , WANG L ,et al. Botnet detection based on generative adversarial network[J]. Journal on Communications, 2021,42(7): 95-106. | |
[22] | CHEN N G , LI C M . Hyperspectral image classification approach based on Wasserstein generative adversarial networks[C]// Proceedings of 2020 International Conference on Machine Learning and Cybernetics (ICMLC). Piscataway:IEEE Press, 2020: 53-63. |
[23] | WEI X , GONG B Q , LIU Z X ,et al. Improving the improved training of Wasserstein GANs:a consistency term and its dual effect[J]. arXiv Preprint,arXiv:1803.01541, 2018. |
[24] | GEIGER A , LIU D Y , ALNEGHEIMISH S ,et al. TadGAN:time series anomaly detection using generative adversarial networks[C]// Proceedings of 2020 IEEE International Conference on Big Data (Big Data). Piscataway:IEEE Press, 2020: 33-43. |
[25] | 王星, 霍纬纲 . Wasserstein 自编码器异常检测模型[J]. 计算机工程与设计, 2020,41(11): 3249-3254. |
WANG X , HUO W G . Wasserstein autoencoder anomaly detection models[J]. Computer Engineering and Design, 2020,41(11): 3249-3254. | |
[26] | LARSEN A B L , S?NDERBY S K , WINTHER O ,et al. Autoencoding beyond pixels using a learned similarity metric[C]// Proceedings of the 33rd International Conference on Machine Learning.[S.l. ]:JMLR, 2016: 1558-1566. |
[27] | NIU Z J , YU K , WU X F . LSTM-based VAE-GAN for time-series anomaly detection[J]. Sensors (Basel,Switzerland), 2020,20(13): 3738. |
[28] | 张璇, 程敏熙, 肖凤平 . 利用Origin对数据异常值的剔除方法进行比较[J]. 实验科学与技术, 2012,10(1): 74-76,118. |
ZHANG X , CHENG M X , XIAO F P . Origin used in comparison the methods of eliminating the excrescent data[J]. Experiment Science and Technology, 2012,10(1): 74-76,118. |
[1] | 王一丰, 郭渊博, 陈庆礼, 方晨, 林韧昊, 周永良, 马佳利. 基于对比增量学习的细粒度恶意流量分类方法[J]. 通信学报, 2023, 44(3): 1-11. |
[2] | 霍纬纲, 梁锐, 李永华. 基于随机Transformer的多维时间序列异常检测模型[J]. 通信学报, 2023, 44(2): 94-103. |
[3] | 王延文, 雷为民, 张伟, 孟欢, 陈新怡, 叶文慧, 景庆阳. 基于生成模型的视频图像重建方法综述[J]. 通信学报, 2022, 43(9): 194-208. |
[4] | 廖建新, 付霄元, 戚琦, 王敬宇, 孙海峰. 6G-ADM:基于知识空间的6G网络管控体系[J]. 通信学报, 2022, 43(6): 3-15. |
[5] | 吴平, 常朝稳, 左志斌, 马莹莹. 基于地址重载的SDN分组转发验证[J]. 通信学报, 2022, 43(3): 88-100. |
[6] | 孙海丽, 龙翔, 韩兰胜, 黄炎, 李清波. 工业物联网异常检测技术综述[J]. 通信学报, 2022, 43(3): 196-210. |
[7] | 陈卓, 朱淼, 杜军威. 基于多视角图神经网络的欺诈检测算法[J]. 通信学报, 2022, 43(11): 225-232. |
[8] | 王一丰, 郭渊博, 陈庆礼, 方晨, 林韧昊. 基于对比学习的细粒度未知恶意流量分类方法[J]. 通信学报, 2022, 43(10): 12-25. |
[9] | 段雪源, 付钰, 王坤, 刘涛涛, 李彬. 基于多尺度特征的网络流量异常检测方法[J]. 通信学报, 2022, 43(10): 65-76. |
[10] | 朱会娟, 陈锦富, 李致远, 殷尚男. 基于多特征自适应融合的区块链异常交易检测方法[J]. 通信学报, 2021, 42(5): 41-50. |
[11] | 陈铁明,金成强,吕明琪,朱添田. 基于样本增强的网络恶意流量智能检测方法[J]. 通信学报, 2020, 41(6): 128-138. |
[12] | 戚琦,申润业,王敬宇. GAD:基于拓扑感知的时间序列异常检测[J]. 通信学报, 2020, 41(6): 152-160. |
[13] | 杨晓晖,张圣昌. 基于多粒度级联孤立森林算法的异常检测模型[J]. 通信学报, 2019, 40(8): 133-142. |
[14] | 李佳,云晓春,李书豪,张永铮,谢江,方方. 基于混合结构深度神经网络的HTTP恶意流量检测方法[J]. 通信学报, 2019, 40(1): 24-33. |
[15] | 吴志军,张景安,岳猛,张才峰. 基于联合特征的LDoS攻击检测方法[J]. 通信学报, 2017, 38(5): 19-30. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|