[1]徐丽燕,徐 康*,黄兴挺,等.基于 Transformer 的时序数据异常检测方法[J].计算机技术与发展,2023,33(03):152-160.[doi:10. 3969 / j. issn. 1673-629X. 2023. 03. 023]
 XU Li-yan,XU Kang*,HUANG Xing-ting,et al.Transformer-based Method of Anomaly Detection for Time Series Data[J].,2023,33(03):152-160.[doi:10. 3969 / j. issn. 1673-629X. 2023. 03. 023]
点击复制

基于 Transformer 的时序数据异常检测方法()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
33
期数:
2023年03期
页码:
152-160
栏目:
人工智能
出版日期:
2023-03-10

文章信息/Info

Title:
Transformer-based Method of Anomaly Detection for Time Series Data
文章编号:
1673-629X(2023)03-0152-09
作者:
徐丽燕12 徐 康23* 黄兴挺4 李熠轩3 季学纯12 叶 宁3
1. 智能电网保护和运行控制国家重点实验室,江苏 南京 211106;
2. 南瑞集团(国网电力科学研究院)有限公司,江苏 南京 211106;
3. 南京邮电大学 计算机学院、软件学院、网络空间安全学院,江苏 南京 210003;
4. 南京邮电大学 贝尔英才学院,江苏 南京 210003
Author(s):
XU Li-yan12 XU Kang23* HUANG Xing-ting4 LI Yi-xuan3 JI Xue-chun12 YE Ning3
1. State Key Laboratory of Smart Grid Protection and Control,Nanjing 211106,China;
2. NARI Group Corporation / State Grid Electric Power Research Institute,Nanjing 211106,China;
3. School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210003,China;
4. Bell College of Excellence,Nanjing University of Posts and Telecommunications,Nanjing 210003,China

关键词:
异常检测多头自注意力Transformer时间序列深度学习
Keywords:
anomaly detectionmulti-head self-attentionTransformertime seriesdeep learning
分类号:
TP18
DOI:
10. 3969 / j. issn. 1673-629X. 2023. 03. 023
摘要:
近年来,异常检测在电力系统运维、故障诊断等智能运维场景中起到关键作用。 其中,深度学习在时序数据异常检测上取得了成功的应用。 然而,基于长短期记忆( Long Short-Term Memory,LSTM) 等异常检测方法因其序列学习模式中包含递归运算,导致模型难以并行计算,同时长期依赖性会导致模型性能下降。 因此,提出了一种基于 Transformer 的时序数据异常检测方法,利用自注意力机制并行训练数据捕获内部有效信息,利用编码-解码框架使用端到端的方式通过时序数据生成异常得分。 这个方法 能更完整地提取时序数据的上下文关系,精确地捕获时序数据的异常关系。 经实验证明,基于 Transformer 的时序数据异常检测方法在 WADI、SWaT、KDDCUP99 与 AIOPS18 等数据集上的异常检测表现出比其他方法更优的性能。
Abstract:
In recent years,anomaly detection plays an important role in the scenarios of Artificial Intelligence for IT Operations ( AIOps) ,such as power grid operation and maintenance, fault diagnosis. With the advantages of universality and strong learning ability, deeplearning is widely used in anomaly detection on time series data. However, how to efficiently learn the relationship between a singleanomaly and global information of time series data is still an urgent problem to be solved. The sequential learning model like long short-term memory ( LSTM) is difficult to compute in parallel due to the large number of recursive operations,while long-term dependencecan lead to degradation in model performance. In this paper,we propose a method of anomaly detection for time series data with Transformer. The self-attention mechanism is used to parallelly train the data to capture the effective information,and the encoder-decoderframework is used to transform the time series data into anomaly score in an end-to-end way. This method can not only learn the contextof time series data more completely,but also make full use of the feature matrix to conduct anomaly detection. Experiment shows that anomaly detection method of time series data based on transformer has the best performance compared to the baseline methods in thedatasets of WADI,SWaT,KDDCUP99 and AIOPS18.

相似文献/References:

[1]高峥 陈蜀宇 李国勇.混合入侵检测系统的研究[J].计算机技术与发展,2010,(06):148.
 GAO Zheng,CHEN Shu-yu,LI Guo-yong.Research of a Hybrid Intrusion Detection System[J].,2010,(03):148.
[2]李睿 肖维民.基于孤立点挖掘的异常检测研究[J].计算机技术与发展,2009,(06):168.
 LI Rui,XIAO Wei-min.Research on Anomaly Intrusion Detection Based on Outlier Mining[J].,2009,(03):168.
[3]汪慧敏.基于改进负选择算法的异常检测[J].计算机技术与发展,2009,(08):41.
 WANG Hui-min.Anomaly Detection Using Modified Negative Selection Algorithm[J].,2009,(03):41.
[4]赵辉 张鹏.网络异常的主动检测与特征分析[J].计算机技术与发展,2009,(08):159.
 ZHAO Hui,ZHANG Peng.Active Detection and Feature Analysis About Network Anomaly[J].,2009,(03):159.
[5]陈丹伟 黄秀丽 任勋益.基于人工神经网络入侵检测模型的探讨[J].计算机技术与发展,2009,(12):143.
 CHEN Dan-wei,HUANG Xiu-li,REN Xun-yi.An Approach to IDS Model Based on Artificial Neuron Network[J].,2009,(03):143.
[6]柏海滨 李俊.基于支持向量机的入侵检测系统的研究[J].计算机技术与发展,2008,(04):137.
 BAI Hai-bin,LI Jun.Research of Intrusion Detection System Based on Support Vector Machine[J].,2008,(03):137.
[7]宋连涛 庄卫华.基于异常的入侵检测技术在Snort系统中的应用[J].计算机技术与发展,2006,(06):136.
 SONG Lian-tao,ZHUANG Wei-hua.Application of Anomaly Detection Technology in Snort System[J].,2006,(03):136.
[8]陈平 宋玉蓉 蒋国平.基于多维聚类挖掘的异常检测方法研究[J].计算机技术与发展,2012,(07):136.
 CHEN Ping,SONG Yu-rong,JIANG Guo-ping.Multidimensional Clustering Based Anomaly Detection Research[J].,2012,(03):136.
[9]崔锡鑫,苏伟,刘颖.基于熵的流量分析和异常检测技术研究与实现[J].计算机技术与发展,2013,(05):120.
 CUI Xi-xin,SU Wei,LIU Ying.Research and Implementation of Traffic Analysis and Anomaly Detection Technology Based on Entropy[J].,2013,(03):120.
[10]翁鹤,皮德常. 混沌RBF神经网络异常检测算法[J].计算机技术与发展,2014,24(07):29.
 WENG He,PI De-chang. Chaotic RBF Neural Network Anomaly Detection Algorithm[J].,2014,24(03):29.

更新日期/Last Update: 2023-03-10