Cluster-based Deep One-Class Classification Model for Anomaly Detection
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, Younghwan | - |
dc.contributor.author | Kim, Huy Kang | - |
dc.date.accessioned | 2022-03-11T22:41:05Z | - |
dc.date.available | 2022-03-11T22:41:05Z | - |
dc.date.created | 2022-01-20 | - |
dc.date.issued | 2021 | - |
dc.identifier.issn | 1607-9264 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/138650 | - |
dc.description.abstract | As cyber-attacks on Cyber-Physical System (CPS) become more diverse and sophisticated, it is important to quickly detect malicious behaviors occurring in CPS. Since CPS can collect sensor data in near real time throughout the process, there have been many attempts to detect anomaly behavior through normal behavior learning from the perspective of data-driven security. However, since the CPS datasets are big data and most of the data are normal data, it has always been a great challenge to analyze the data and implement the anomaly detection model. In this paper, we propose and evaluate the Clustered Deep One-Class Classification (CD-OCC) model that combines the clustering algorithm and deep learning (DL) model using only a normal dataset for anomaly detection. We use auto-encoder to reduce the dimensions of the dataset and the K-means clustering algorithm to classify the normal data into the optimal cluster size. The DL model trains to predict clusters of normal data, and we can obtain logit values as outputs. The derived logit values are datasets that can better represent normal data in terms of knowledge distillation and are used as inputs to the OCC model. As a result of the experiment, the F1 score of the proposed model shows 0.93 and 0.83 in the SWaT and HAI dataset, respectively, and shows a significant performance improvement over other recent detectors such as Com-AE and SVM-RBF. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | LIBRARY & INFORMATION CENTER, NAT DONG HWA UNIV | - |
dc.subject | PCA | - |
dc.title | Cluster-based Deep One-Class Classification Model for Anomaly Detection | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Kim, Huy Kang | - |
dc.identifier.doi | 10.53106/160792642021072204017 | - |
dc.identifier.scopusid | 2-s2.0-85113774688 | - |
dc.identifier.wosid | 000682214900017 | - |
dc.identifier.bibliographicCitation | JOURNAL OF INTERNET TECHNOLOGY, v.22, no.4, pp.903 - 911 | - |
dc.relation.isPartOf | JOURNAL OF INTERNET TECHNOLOGY | - |
dc.citation.title | JOURNAL OF INTERNET TECHNOLOGY | - |
dc.citation.volume | 22 | - |
dc.citation.number | 4 | - |
dc.citation.startPage | 903 | - |
dc.citation.endPage | 911 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordPlus | PCA | - |
dc.subject.keywordAuthor | Anomaly detection | - |
dc.subject.keywordAuthor | Knowledge distillation | - |
dc.subject.keywordAuthor | Clustering | - |
dc.subject.keywordAuthor | Deep learning | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.