Global ETD Search

281	Anomaly detection in surveillance camera data Semerenska, Viktoriia January 2023 (has links) The importance of detecting anomalies in surveillance camera data cannot be overemphasized. With the increasing availability of surveillance cameras in public and private locations, the need for reliable and effective methods to detect anomalous behavior has become critical to public safety. Anomaly detection algorithms can help identify potential threats in real time, allowing for rapid intervention and prevention of criminal activity. The examples of anomalies that can be detected by analyzing surveillance camera data include suspicious loitering or lingering, unattended bags or packages, crowd gatherings or dispersals, trespassing or unauthorized access, vandalism or property damage, violence or aggressive behavior, abnormal traffic patterns, missing or abducted persons, unusual pedestrian behavior, environmental anomalies. Detecting these anomalies in surveillance camera data can enable law enforcement, security personnel, and other relevant authorities to respond quickly and effectively to potential threats, ultimately contributing to a safer environment for all. Surveillance camera data contains a large amount of information that is difficult for humans to analyze in real time. In addition, the sheer volume of data generated by surveillance cameras makes manual analysis impractical. Therefore, the development of automated anomaly detection algorithms is crucial for effective and efficient surveillance. The goal of this master's thesis is to detect anomalies using video cameras with an embedded machine learning processor and video analytics, such as human behavior. For this purpose, the most appropriate machine learning techniques will be selected and after comparing the results of these techniques, the best anomaly detection technique for the given circumstances will be identified. To gather the evidence needed to answer the research questions, I will use a combination of methods appropriate to the study design. The study will follow a mixed-methods approach, combining a systematic literature review (SLR) and a formal experiment. In this study, we investigated the effectiveness of various machine learning algorithms in detecting anomalous human behavior in video surveillance data. Anomaly detection Machine Learning Supervised learning Video Analytics Artificial Intelligence Computer Systems Datorsystem Communication Systems Kommunikationssystem Telecommunications Telekommunikation
282	Federated Learning for Market Surveillance / Federerat Lärande för Marknadsövervakning Song, Philip January 2022 (has links) The increasing complexity of trading strategies, when combined with machine learning models, forces market surveillance corporations to develop increasingly sophisticated methods for recognizing potential misuse. One strategy is to employ traders’ weapons against themselves, namely machine learning. However, the data utilized in market surveillance is highly sensitive, what may be available for machine learning is limited. In this thesis, we examine how federated learning for time series data can be used to identify potential market abuse while maintaining client privacy and data security. We are interested in developing a time-series-specific neural network employing federated learning. We demonstrate that when this strategy is used, the performance of detecting potential market abuse is comparable to that of the standard data centralized approach. Specifically, a non-federated model, a federated model, and a federated model with extra data privacy and security protection are evaluated and compared. Each model utilize an LSTM autoencoder to identify market abuse. The results demonstrate that a federated model’s performance in detecting possible market abuse is comparable to that of a non-federated model. Moreover, a federated approach with extra data privacy and security experienced a slight performance loss but is still a competitive model in comparison to the other models. Although this approach results in increased privacy and security, there is a limit to how much privacy and security can be ensured, as excessive privacy led to extremely poor performance. Federated learning offers the ability to increase data privacy and security with little performance decrease. / Den ökande komplexiteten handelsstrategier, i kombination med maskininlärning modeller, tvingar marknadsövervakning företag att utveckla allt mer sofistikerade metoder för att identifiera potentiellt marknadsmissbruk. En strategi är att använda handlarnas vapen mot sig själva, nämligen maskininlärning. Däremot, data som används inom marknadsövervakning är mycket känslig och vad som kan finnas tillgängligt för maskininlärning är begränsat.I den här studien undersöker vi hur federerat lärande för tidsseriedata kan användas till att identifiera potentiellt marknadsmissbruk samtidigt som klienternas integritet och datasäkerhet bibehålls. Vi är intresserade av att utveckla ett tidsserie-specifikt neuralt nätverk med hjälp av federated inlärning. Vi visar att när denna strategi används är prestanda för att upptäcka potentiellt marknadsmissbruk jämförbart med det för den vanliga data-centraliserade metoden. Specifikt, en icke-federerad modell, en federerad modell och en federerad modell med extra dataintegritet och säkerhet utvärderas och jämförs. Varje modell använder en LSTM-Autoencoder för att identifiera marknadsmissbruk. Resultaten visar att en federerad modells prestanda när det gäller att upptäcka eventuellt marknadsmissbruk är jämförbar med en icke-federerad modell. Dessutom, ett federerat tillvägagångssätt med extra dataintegritet upplevde en liten prestandaförlust men är fortfarande en konkurrenskraftig modell i jämförelse med andra modeller. Även om detta tillvägagångssätt resulterar i ökad integritet och säkerhet, finns det en gräns för hur mycket som kan säkerställas. Federated learning möjliggör ökad datasekretess och säkerhet med liten prestandasänkning. Federated Learning Machine Learning Market Surveillance Anomaly Detection LSTMAutoencoder Federated Learning Maskininlärning Marknadsövervakning Anomaliupptäckande LSTMAutoencoder Computer Sciences Datavetenskap (datalogi)
283	Investigating Attacks on Vehicular Platooning and Cooperative Adaptive Cruise Control / Undersökning av attacker på fordonståg och kollaborativ adaptiv farthållning Kalogiannis, Konstantinos January 2020 (has links) Autonomous vehicles are a rising technology that aims to change the way people think about mobility in the future. A crucial step towards that goal is the assurance that malicious actors cannot instigate accidents that could lead to damages or loss of life. Currently, vehicle platoons, that is vehicles cooperating together to increase fuel saving and driver comfort, are used in limited environments and are the focus of research aimed to make them suitable for real-world wide usage. In that regard, guaranteeing that the vehicle is able to operate alongside other entities, autonomous or not, in the traditional sense is not adequate. The computer systems involved can be the target or the source of a malicious act without the knowledge of the operator in either case. In the context of platooning, these acts can have devastating effects and can originate either from other vehicles on the road or from within, from compromised vehicles that are part of the formation. In this thesis, the focus is centered around the latter. We investigate jamming and data falsification attacks that aim to either destabilize the platoon, thus, reducing its benefits or provoke an accident. These attacks are more difficult to discern and will range from simple falsification attacks to more complex ones that aim to bypass defensive mechanisms. In that sense, we direct our experiments against the platoon maneuvers that are a core functionality of platooning and are required for its nominal operation. The results of this analysis show that several attacks can lead to accidents with position falsification being the most productive. It is also demonstrated that a malicious leader can pose a serious threat to the viability of the platoon because of his unique capability of interacting with all the platoon members. Attacks during the platoon maneuvers are demonstrated to pose a threat, not only to the stability of the formation but also the nature of the platooning application itself. This is achieved by effectively isolating the platoon from potential joiners. / Självkörande fordon är en framväxande teknologi med mål att ändra människors framtida inställning till mobilitet. Ett kritiskt steg mot målet är att försäkra sig om att aktörer med ont uppsåt inte kan orsaka olyckor som kan leda till skador eller dödsfall. För närvarande används fordonståg, alltså fordon som samarbetar för att minska bränsleförbrukning och öka körkomfort, i avgränsade miljöer med fokus på att anpassa dessa för verklig användning. Att garantera att fordonet kan köras tillsammans med andra enheter är då inte tillräckligt eftersom dessa system kan bli mål för externa och interna attacker som kan ha förödande konsekvenser. Denna uppsats fokuserar på det senare fallet och undersöker interna datafalsifierings- och frekvensstörningsattacker avsedda att destabilisera fordonståg i syfte att minska deras fördelar eller provocera fram en olycka. Dessa attacker är svåra att urskilja och inkluderar allt från enkla falsifikationsattacker till komplexa attacker som syftar till att kringgå specifika försvarsmekanismer. Med det i åtanke inriktar vi våra experiment mot de manövrar som är en del av fordonstågens grundfunktionalitet och krävs för deras nominella drift. Resultaten av arbetet visar att under fordonstågmanövrar så kan flertalet av de utvärderade attackerna orsaka olyckor och att attacker genom förfalskning av position var speciellt förödande. Vi har även påvisat att en fordonstågsledare med ont uppsåt utgör ett speciellt allvarligt hot mot fordonstågets funktionalitet på grund av dennes unika möjlighet att interagera med alla medlemmar. Attacker under manövrar har visats utgöra ett hot, inte bara mot stabiliteten av formationen, men även mot de grundläggande egenskaperna hos systemet själv såsom att isolera fordonståget från nya medlemmar. V2V security Injection Attacks CACC Anomaly Detection V2V säkerhet Falsifieringsattacker CACC Avvikelse Upptäckt Computer and Information Sciences Data- och informationsvetenskap
284	Anomaly Detection on Satellite Time-Series Tennberg, Moa, Ekeroot, Lovisa January 2021 (has links) In this thesis, anomalies are defined as data points whose value differs significantly from the normal pattern of the data set. Anomalousobservations on time series measured on satellites has a growing need of being detected directly on board the space-orbit systems to for example prevent malfunction and have efficient data management. Unibap's service Spacecloud Framework (SCFW) is developed to allow the deployment of machine learning applications directly on the satellite systems. Neural Networks (NNs) is therefore a candidate for the possibility to predict anomalies on satellite time series. The work described in this reportaims to implement and create a benchmark for Convolutional Autoencoder NN (CNN) and a Long Short-term Memory Autoencoder NN (LSTM). These implementations are used to determine which NN can be applied in Unibap's SCFW and detect anomalies with accuracy. The NNs are trained and tested using a public data-sets which containreal and artificial time-series with labelled anomalies. The anomaliesare detected by reconstructing the time series and creating a threshold between the output and the input. The algorithms classify a data pointas an anomaly if it lies above the threshold. The networks are evaluated based on accuracy, execution time and size, to assess whether they are suited for implementation in SCFW. The results from the NNs indicatethat CNN is best suited for further application. On this basis, anattempt to implement CNN in SCFW is performed, but failed due to time and documentation limitations. Therefore, further research is needed to identify whether CNN can be implemented in SCFW and successfully detect anomalies. Anomaly Detection Time-Series Satellites Autoencoder Convolutional Neural Network Long Short-Term Memory Neural Network Engineering and Technology Teknik och teknologier
285	CURVILINEAR STRUCTURE DETECTION IN IMAGES BY CONNECTED-TUBE MARKED POINT PROCESS AND ANOMALY DETECTION IN TIME SERIES Tianyu Li (15349048) 26 April 2023 (has links) <p><em>Curvilinear structure detection in images has been investigated for decades. In general, the detection of curvilinear structures includes two aspects, binary segmentation of the image and inference of the graph representation of the curvilinear network. In our work, we propose a connected-tube model based on a marked point process (MPP) for addressing the two issues. The proposed tube model is applied to fiber detection in microscopy images by combining connected-tube and ellipse models. Moreover, a tube-based segmentation algorithm has been proposed to improve the segmentation accuracy. Experiments on fiber-reinforced polymer images, satellite images, and retinal vessel images will be presented. Additionally, we extend the 2D tube model to a 3D tube model, with each tube be modeled as a cylinder. To investigate the supervised curvilinear structure detection method, we focus on the application of road detection in satellite images and propose a two-stage learning strategy for road segmentation. A probability map is generated in the first stage by a selected neural network, then we attach the probability map image to the original RGB images and feed the resulting four images to a U-Net-like network in the second stage to get a refined result.</em></p> <p><br></p> <p><em>Anomaly detection in time series is a key step in diagnosing abnormal behavior in some systems. Long Short-Term Memory networks (LSTMs) have been demonstrated to be useful for anomaly detection in time series, due to their predictive power. However, for a system with thousands of different time sequences, a single LSTM predictor may not perform well for all the sequences. To enhance adaptability, we propose a stacked predictor framework. Also, we propose a novel dynamic thresholding algorithm based on the prediction errors to extract the potential anomalies. To further improve the accuracy of anomaly detection, we propose a post-detection verification method based on a fast and accurate time series subsequence matching algorithm.</em></p> <p><br></p> <p><em>To detect anomalies from multi-channel time series, a bi-directional transformer-based predictor is applied to generate the prediction error sequences, and a statistical model referred as an anomaly marked point process (Anomaly-MPP) is proposed to extract the anomalies from the error sequences. The effectiveness of our methods is demonstrated by testing on a variety of time series datasets.</em></p> Signal processing Curvilinear Structure Detection Marked Point Process Convolutional Neural Network Anomaly Detection
286	Root-cause analysis with data-driven methods and machine learning in lithium-ion battery tests : Master's thesis about detecting deviations with PCA Rademacher, Frans January 2022 (has links) The increased demand of energy storage systems and electric vehicles on the market result in high demand of lithium-ion batteries. As a lithium-ion battery manufacturer, Northvolt runs quality tests on the products to assess their performance, life and safety. Batteries that are tested are most often behaving as expected, but sometimes deviations occur. Anomaly detection is today most often performed by plotting and comparing produced data to other test-data to find which parameters that are deviating. The purpose of this thesis is to automatize anomaly detection and a proposed solution is to use state-of-the-art machine learning methods. These include using supervised and unsupervised machine learning. Before applying machine learning, the feature engineering is presented. It describes what parameters are extracted from the experiment data sets. Then the supervised machine learning framework is described. For the unsupervised machine learning, a principal component analysis is presented to locate deviations. This thesis also presents a differential capacity analysis, as this could be incorporated with the features in the future. The results shows that the subset of labeled data for supervised learning is too small to produce a model that predicts future deviations. The extracted features are also used in the principal component analysis, where the results show deviations (outliers) and aid targeting the anomalies. These can then be used to determine the root-cause of particular anomalies and mitigate future deviations. Machine learning Li-ion batteries PCA deviations anomaly detection root-cause analysis differential capacity feature engineering Embedded Systems Inbäddad systemteknik
287	Fraud Detection on Unlabeled Data with Unsupervised Machine Learning / Bedrägeridetektering på omärkt data med oövervakad maskininlärning Renström, Martin, Holmsten, Timothy January 2018 (has links) A common problem in systems handling user interaction was the risk for fraudulent behaviour. As an example, in a system with credit card transactions it could have been a person using a another user's account for purchases, or in a system with advertisment it could be bots clicking on ads. These malicious attacks were often disguised as normal interactions and could be difficult to detect. It was especially challenging when working with datasets that did not contain so called labels, which showed if the data point was fraudulent or not. This meant that there were no data that had previously been classified as fraud, which in turn made it difficult to develop an algorithm that could distinguish between normal and fraudulent behavior. In this thesis, the area of anomaly detection was explored with the intent of detecting fraudulent behavior without labeled data. Three neural network based prototypes were developed in this study. All three prototypes were some sort of variation of autoencoders. The first prototype which served as a baseline was a simple three layer autoencoder, the second prototype was a novel autoencoder which was called stacked autoencoder, the third prototype was a variational autoencoder. The prototypes were then trained and evaluated on two different datasets which both contained non fraudulent and fraudulent data. In this study it was found that the proposed stacked autoencoder architecture achieved better performance scores in recall, accuracy and NPV in the tests that were designed to simulate a real world scenario. / Ett vanligt problem med användares interaktioner i ett system var risken för bedrägeri. För ett system som hanterarade dataset med kreditkortstransaktioner så kunde ett exempel vara att en person använde en annans identitet för kortköp, eller i system som hanterade reklam så skulle det kunna ha varit en automatiserad mjukvara som simulerade interaktioner. Dessa attacker var ofta maskerade som normala interaktioner och kunde därmed vara svåra att upptäcka. Inom dataset som inte har korrekt märkt data så skulle det vara speciellt svårt att utveckla en algoritm som kan skilja på om interaktionen var avvikande eller inte. I denna avhandling så utforskas ämnet att upptäcka anomalier i dataset utan specifik data som tyder på att det var bedrägeri. Tre prototyper av neurala nätverk användes i denna studie som tränades och utvärderades på två dataset som innehöll både data som sade att det var bedrägeri och inte bedrägeri. Den första prototypen som fungerade som en bas var en simpel autoencoder med tre lager, den andra prototypen var en ny autoencoder som har fått namnet staplad autoencoder och den tredje prototypen var en variationell autoencoder. För denna studie så gav den föreslagna staplade autoencodern bäst resultat för återkallelse, noggrannhet och NPV i de test som var designade att efterlikna ett verkligt scenario. Anomaly detection fraud detection unsupervised machine learning autoencoder Anomali detektering bedrägeri detektering oövervakad maskininlärning autoencoder Computer Sciences Datavetenskap (datalogi)
288	Anomaly Detection for Temporal Data using Long Short-Term Memory (LSTM) Singh, Akash January 2017 (has links) We explore the use of Long short-term memory (LSTM) for anomaly detection in temporal data. Due to the challenges in obtaining labeled anomaly datasets, an unsupervised approach is employed. We train recurrent neural networks (RNNs) with LSTM units to learn the normal time series patterns and predict future values. The resulting prediction errors are modeled to give anomaly scores. We investigate different ways of maintaining LSTM state, and the effect of using a fixed number of time steps on LSTM prediction and detection performance. LSTMs are also compared to feed-forward neural networks with fixed size time windows over inputs. Our experiments, with three real-world datasets, show that while LSTM RNNs are suitable for general purpose time series modeling and anomaly detection, maintaining LSTM state is crucial for getting desired results. Moreover, LSTMs may not be required at all for simple time series. / Vi undersöker Long short-term memory (LSTM) för avvikelsedetektion i tidsseriedata. På grund av svårigheterna i att hitta data med etiketter så har ett oövervakat an-greppssätt använts. Vi tränar rekursiva neuronnät (RNN) med LSTM-noder för att lära modellen det normala tidsseriemönstret och prediktera framtida värden. Vi undersö-ker olika sätt av att behålla LSTM-tillståndet och effekter av att använda ett konstant antal tidssteg på LSTM-prediktionen och avvikelsedetektionsprestandan. LSTM är också jämförda med vanliga neuronnät med fasta tidsfönster över indata. Våra experiment med tre verkliga datasetvisar att även om LSTM RNN är tillämpbara för generell tidsseriemodellering och avvikelsedetektion så är det avgörande att behålla LSTM-tillståndet för att få de önskaderesultaten. Dessutom är det inte nödvändigt att använda LSTM för enkla tidsserier. Computer Sciences Datavetenskap (datalogi)
289	Anomaly Detection in Microservice Infrastructures / Anomalitetsdetektering i microservice-infrastrukturer Ohlsson, Jonathan January 2018 (has links) Anomaly detection in time series is a broad field with many application areas, and has been researched for many years. In recent years the need for monitoring and DevOps has increased, partly due to the increased usage of microservice infrastructures. Applying time series anomaly detection to the metrics emitted by these microservices can yield new insights into the system health and could enable detecting anomalous conditions before they are escalated into a full incident. This thesis investigates how two proposed anomaly detectors, one based on the RPCA algorithm and the other on the HTM neural network, perform on metrics emitted by a microservice infrastructure, with the goal of enhancing the infrastructure monitoring. The detectors are evaluated against a random sample of metrics from a digital rights management company’s microservice infrastructure, as well as the open source NAB dataset. It is illustrated that both algorithms are able to detect every known incident in the company metrics tested. Their ability to detect anomalies is shown to be dependent on the defined threshold value for what qualifies as an outlier. The RPCA Detector proved to be better at detecting anomalies on the company microservice metrics, however the HTM detector performed better on the NAB dataset. Findings also highlight the difficulty of manually annotating anomalies even with domain knowledge. An issue found to be true for both the dataset created for this project, and the NAB dataset. The thesis concludes that the proposed detectors possess different abilities, both having their respective trade-offs. Although they are similar in detection accuracy and false positive rates, each has different inert abilities to perform tasks such as continuous monitoring or ease of deployment in an existing monitoring setup. / Anomalitetsdetektering i tidsserier är ett brett område med många användningsområden och har undersökts under många år. De senaste åren har behovet av övervakning och DevOps ökat, delvis på grund av ökad användning av microservice-infrastrukturer. Att tillämpa tidsserieanomalitetsdetektering på de mätvärden som emitteras av dessa microservices kan ge nya insikter i systemhälsan och kan möjliggöra detektering av avvikande förhållanden innan de eskaleras till en fullständig incident. Denna avhandling undersöker hur två föreslagna anomalitetsdetektorer, en baserad på RPCA-algoritmen och den andra på HTM neurala nätverk, presterar på mätvärden som emitteras av en microservice-infrastruktur, med målet att förbättra infrastrukturövervakningen. Detektorerna utvärderas mot ett slumpmässigt urval av mätvärden från en microservice-infrastruktur på en digital underhållningstjänst, och från det öppet tillgängliga NAB-dataset. Det illustreras att båda algoritmerna kunde upptäcka alla kända incidenter i de testade underhållningstjänst-mätvärdena. Deras förmåga att upptäcka avvikelser visar sig vara beroende av det definierade tröskelvärdet för vad som kvalificeras som en anomali. RPCA-detektorn visade sig bättre på att upptäcka anomalier i underhållningstjänstens mätvärden, men HTM-detektorn presterade bättre på NAB-datasetet. Fynden markerar också svårigheten med att manuellt annotera avvikelser, även med domänkunskaper. Ett problem som visat sig vara sant för datasetet skapat för detta projekt och NAB-datasetet. Avhandlingen slutleder att de föreslagna detektorerna har olikaförmågor, vilka båda har sina respektive avvägningar. De har liknande detekteringsnoggrannhet, men har olika inerta förmågor för att utföra uppgifter som kontinuerlig övervakning, eller enkelhet att installera i en befintlig övervakningsinstallation. Engineering and Technology Teknik och teknologier Computer Systems Datorsystem
290	Scalable And Efficient Outlier Detection In Large Distributed Data Sets With Mixed-type Attributes Koufakou, Anna 01 January 2009 (has links) An important problem that appears often when analyzing data involves identifying irregular or abnormal data points called outliers. This problem broadly arises under two scenarios: when outliers are to be removed from the data before analysis, and when useful information or knowledge can be extracted by the outliers themselves. Outlier Detection in the context of the second scenario is a research field that has attracted significant attention in a broad range of useful applications. For example, in credit card transaction data, outliers might indicate potential fraud; in network traffic data, outliers might represent potential intrusion attempts. The basis of deciding if a data point is an outlier is often some measure or notion of dissimilarity between the data point under consideration and the rest. Traditional outlier detection methods assume numerical or ordinal data, and compute pair-wise distances between data points. However, the notion of distance or similarity for categorical data is more difficult to define. Moreover, the size of currently available data sets dictates the need for fast and scalable outlier detection methods, thus precluding distance computations. Additionally, these methods must be applicable to data which might be distributed among different locations. In this work, we propose novel strategies to efficiently deal with large distributed data containing mixed-type attributes. Specifically, we first propose a fast and scalable algorithm for categorical data (AVF), and its parallel version based on MapReduce (MR-AVF). We extend AVF and introduce a fast outlier detection algorithm for large distributed data with mixed-type attributes (ODMAD). Finally, we modify ODMAD in order to deal with very high-dimensional categorical data. Experiments with large real-world and synthetic data show that the proposed methods exhibit large performance gains and high scalability compared to the state-of-the-art, while achieving similar accuracy detection rates. Data Mining Outlier Detection Anomaly Detection Distributed Datasets Categorical Datasets Mixed-Type Attribute Datasets Computer Engineering Engineering

Search results