| bibtype |
J -
Journal Article
|
| ARLID |
0577938 |
| utime |
20250310160024.4 |
| mtime |
20231113235959.9 |
| SCOPUS |
85133284278 |
| WOS |
000819338100001 |
| DOI |
10.1007/s00521-022-07506-9 |
| title
(primary) (eng) |
Efficient anomaly detection through surrogate neural networks |
| specification |
| page_count |
15 s. |
| media_type |
P |
|
| serial |
| ARLID |
cav_un_epca*0254460 |
| ISSN |
0941-0643 |
| title
|
Neural Computing & Applications |
| volume_id |
34 |
| volume |
23 (2022) |
| page_num |
20491-20505 |
| publisher |
|
|
| keyword |
Anomaly detector |
| keyword |
Neural network |
| keyword |
Model transfer |
| keyword |
Detector ensemble |
| keyword |
High-performance anomaly detection |
| author
(primary) |
| ARLID |
cav_un_auth*0377825 |
| name1 |
Flusser |
| name2 |
M. |
| country |
CZ |
| garant |
K |
|
| author
|
| ARLID |
cav_un_auth*0101197 |
| name1 |
Somol |
| name2 |
Petr |
| institution |
UTIA-B |
| full_dept (cz) |
Rozpoznávání obrazu |
| full_dept |
Department of Pattern Recognition |
| department (cz) |
RO |
| department |
RO |
| full_dept |
Department of Pattern Recognition |
| fullinstit |
Ústav teorie informace a automatizace AV ČR, v. v. i. |
|
| source |
|
| source |
|
| cas_special |
| abstract
(eng) |
Anomaly Detection can be viewed as an open problem despite the growing plethora of known anomaly detection techniques. The applicability of various anomaly detectors can vary depending on the application area and problem settings. Especially in the Big Data industrial setting, an important problem is inference speed, which may render even a highly accurate anomaly detector useless. In this paper, we propose to address this problem by training a surrogate neural network based on an auxiliary training set approximating the source anomaly detector output. We show that existing anomaly detectors can be approximated with high accuracy and with application-enabling inference speed. We compare our approach to a number of state-of-the-art algorithms: one class k-nearest-neighbors (kNN), local outlier factor, isolation forest, auto-encoder and two types of generative adversarial networks. We perform this comparison in the context of an important problem in cyber-security—the discovery of outlying (and thus suspicious) events in large-scale computer network traffic. Our results show that the proposed approach can successfully replace the most accurate but prohibitively slow kNN. Moreover, we observe that the surrogate neural network may even improve the kNN accuracy. Finally, we discuss various implications that the proposed approach can have while reducing the complexity of applied anomaly detection systems. |
| result_subspec |
WOS |
| RIV |
BD |
| FORD0 |
20000 |
| FORD1 |
20200 |
| FORD2 |
20205 |
| reportyear |
2024 |
| num_of_auth |
2 |
| mrcbC52 |
2 R hod 4 4rh 4 20250310154534.7 4 20250310160024.4 |
| inst_support |
RVO:67985556 |
| permalink |
https://hdl.handle.net/11104/0347645 |
| cooperation |
|
| confidential |
S |
| mrcbC86 |
n.a. Article Computer Science Artificial Intelligence |
| mrcbC91 |
C |
| mrcbT16-e |
COMPUTERSCIENCEARTIFICIALINTELLIGENCE |
| mrcbT16-j |
0.808 |
| mrcbT16-s |
1.169 |
| mrcbT16-D |
Q3 |
| mrcbT16-E |
Q2 |
| arlyear |
2022 |
| mrcbTft |
\nSoubory v repozitáři: somol-0577938.pdf |
| mrcbU14 |
85133284278 SCOPUS |
| mrcbU24 |
PUBMED |
| mrcbU34 |
000819338100001 WOS |
| mrcbU63 |
cav_un_epca*0254460 Neural Computing & Applications 0941-0643 1433-3058 Roč. 34 č. 23 2022 20491 20505 Springer |
|