Comparative Analysis of Anomaly Detection Techniques Using Generative Adversarial Network

Imran Ullah Khan; Shah Noor; Ahthasham Sajid; Junaid Javaid; Iqra Tabasusum

doi:10.33317/ssurj.615

Authors

Imran Ullah Khan Harbin Engineering University, Heilongjiang, Harbin, China
Shah Noor
Ahthasham Sajid
Junaid Javaid
Iqra Tabasusum

DOI:

https://doi.org/10.33317/ssurj.615

Keywords:

GAN – Generative Adversarial Net, Anomaly Detection Techniques

Abstract

Anomaly detection in a piece of data is a challenging task. Researchers use different approaches to classify data as anomalous. These include traditional, supervised, unsupervised, and semi-supervised techniques. A more recently introduced technique is Generative Adversarial Network (GAN), which is a deep learning-based technique. However, it is difficult to choose one anomaly detection algorithm over another because each algorithm stands out with its own performance. Therefore, this paper aims to provide a structured and comprehensive understanding of machine-learning based anomaly detection techniques. This paper carries out a survey of the existing literature on machine learning-based algorithms for anomaly detection. This paper places a special emphasis on Generative Adversarial Network-based algorithms for anomaly detection, since it is the most widely used machine-learning based algorithm for anomaly detection.

References

Chandola, V., Banerjee, A., & Kumar, V. (2009). Anomaly detection: A survey. ACM Computing Surveys (CSUR), 41(3), 1-58. DOI: https://doi.org/10.1145/1541880.1541882

Spence, C., Parra, L., & Sajda, P. (2001, December). Detection, synthesis, and compression in mammographic image analysis with a hierarchical image probability model. In Proceedings IEEE workshop on mathematical methods in biomedical image analysis (MMBIA 2001) (pp. 3-10). IEEE.

Aleskerov, E., Freisleben, B., & Rao, B. (1997, March). Cardwatch: A neural network based database mining system for credit card fraud detection. In Proceedings of the IEEE/IAFE 1997 computational intelligence for financial engineering (CIFEr) (pp. 220-226). IEEE.

Ahmed, M., Mahmood, A. N., & Islam, M. R. (2016). A survey of anomaly detection techniques in financial domain. Future Generation Computer Systems, 55, 278-288. DOI: https://doi.org/10.1016/j.future.2015.01.001

Chandola, V., Banerjee, A., & Kumar, V. (2010). Anomaly detection for discrete sequences: A survey. IEEE transactions on knowledge and data engineering, 24(5), 823-839. DOI: https://doi.org/10.1109/TKDE.2010.235

Song, X., Wu, M., Jermaine, C., & Ranka, S. (2007). Conditional anomaly detection. IEEE Transactions on knowledge and Data Engineering, 19(5), 631-645. DOI: https://doi.org/10.1109/TKDE.2007.1009

Ye, N., Vilbert, S., & Chen, Q. (2003). Computer intrusion detection through EWMA for autocorrelated and uncorrelated data. IEEE transactions on reliability, 52(1), 75-82. DOI: https://doi.org/10.1109/TR.2002.805796

Ryan, T. P. (2011). Statistical methods for quality improvement. John Wiley & Sons. DOI: https://doi.org/10.1002/9781118058114

Ye, N., & Chen, Q. (2001). An anomaly detection technique based on a chi‐square statistic for detecting intrusions into information systems. Quality and reliability engineering international, 17(2), 105-112. DOI: https://doi.org/10.1002/qre.392

Koturwar, P., Girase, S., & Mukhopadhyay, D. (2015). A survey of classification techniques in the area of big data. arXiv preprint arXiv:1503.07477.

Xiao, F., Zhao, Y., Wen, J., & Wang, S. (2014). Bayesian network based FDD strategy for variable air volume terminals. Automation in Construction, 41, 106-118. DOI: https://doi.org/10.1016/j.autcon.2013.10.019

Li, D., Zhou, Y., Hu, G., & Spanos, C. J. (2016). Fault detection and diagnosis for building cooling system with a tree-structured learning method. Energy and Buildings, 127, 540-551. DOI: https://doi.org/10.1016/j.enbuild.2016.06.017

Mustafaraj, G., Chen, J., & Lowry, G. (2010). Development of room temperature and relative humidity linear parametric models for an open office using BMS data. Energy and Buildings, 42(3), 348-356. DOI: https://doi.org/10.1016/j.enbuild.2009.10.001

Jaikumar, P., Gacic, A., Andrews, B., & Dambier, M. (2011, May). Detection of anomalous events from unlabeled sensor data in smart building environments. In 2011 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) (pp. 2268-2271). IEEE. DOI: https://doi.org/10.1109/ICASSP.2011.5946934

Mulumba, T., Afshari, A., Yan, K., Shen, W., & Norford, L. K. (2015). Robust model-based fault diagnosis for air handling units. Energy and Buildings, 86, 698-707. DOI: https://doi.org/10.1016/j.enbuild.2014.10.069

Li, S., & Wen, J. (2014). A model-based fault detection and diagnostic methodology based on PCA method and wavelet transform. Energy and Buildings, 68, 63-71. DOI: https://doi.org/10.1016/j.enbuild.2013.08.044

He, X., Wang, Z., Liu, Y., & Zhou, D. H. (2013). Least-squares fault detection and diagnosis for networked sensing systems using a direct state estimation approach. IEEE Transactions on Industrial Informatics, 9(3), 1670-1679. DOI: https://doi.org/10.1109/TII.2013.2251891

Dai, X., & Gao, Z. (2013). From model, signal to knowledge: A data-driven perspective of fault detection and diagnosis. IEEE Transactions on Industrial Informatics, 9(4), 2226-2238. DOI: https://doi.org/10.1109/TII.2013.2243743

Krizhevsky, A., Sutskever, I., & Hinton, G. E. (2017). ImageNet classification with deep convolutional neural networks. Communications of the ACM, 60(6), 84-90. DOI: https://doi.org/10.1145/3065386

Bahdanau, D., Cho, K., & Bengio, Y. (2014). Neural machine translation by jointly learning to align and translate. arXiv preprint arXiv:1409.0473.

Sutskever, I., Vinyals, O., & Le, Q. V. (2014). Sequence to sequence learning with neural networks. Advances in neural information processing systems, 27.

Goodfellow, I., Pouget-Abadie, J., Mirza, M., Xu, B., Warde-Farley, D., Ozair, S., ... & Bengio, Y. (2020). Generative adversarial networks. Communications of the ACM, 63(11), 139-144. DOI: https://doi.org/10.1145/3422622

Schlegl, T., Seeböck, P., Waldstein, S. M., Schmidt-Erfurth, U., & Langs, G. (2017, May). Unsupervised anomaly detection with generative adversarial networks to guide marker discovery. In International conference on information processing in medical imaging (pp. 146-157). Cham: Springer International Publishing. DOI: https://doi.org/10.1007/978-3-319-59050-9_12

Zenati, H., Foo, C. S., Lecouat, B., Manek, G., & Chandrasekhar, V. R. (2018). Efficient gan-based anomaly detection. arXiv preprint arXiv:1802.06222.

Intrator, Y., Katz, G., & Shabtai, A. (2018). Mdgan: Boosting anomaly detection usingmulti-discriminator generative adversarial networks. arXiv preprint arXiv:1810.05221.

Li, D., Chen, D., Goh, J., & Ng, S. K. (2018). Anomaly detection with generative adversarial networks for multivariate time series. arXiv preprint arXiv:1809.04758.

Kumarage, T., Ranathunga, S., Kuruppu, C., De Silva, N., & Ranawaka, M. (2019, July). Generative adversarial networks (GAN) based anomaly detection in industrial software systems. In 2019 Moratuwa Engineering Research Conference (MERCon) (pp. 43-48). IEEE. DOI: https://doi.org/10.1109/MERCon.2019.8818750

Dong, F., Zhang, Y., & Nie, X. (2020). Dual discriminator generative adversarial network for video anomaly detection. IEEE Access, 8, 88170-88176. DOI: https://doi.org/10.1109/ACCESS.2020.2993373

Xia, B., Bai, Y., Yin, J., Li, Y., & Xu, J. (2021). Loggan: a log-level generative adversarial network for anomaly detection using permutation event modeling. Information Systems Frontiers, 23, 285-298. DOI: https://doi.org/10.1007/s10796-020-10026-3

Truong-Huu, T., Dheenadhayalan, N., Pratim Kundu, P., Ramnath, V., Liao, J., Teo, S. G., & Praveen Kadiyala, S. (2020, October). An empirical study on unsupervised network anomaly detection using generative adversarial networks. In Proceedings of the 1st ACM Workshop on Security and Privacy on Artificial Intelligence (pp. 20-29). DOI: https://doi.org/10.1145/3385003.3410924

Bashar, M. A., & Nayak, R. (2020, December). TAnoGAN: Time series anomaly detection with generative adversarial networks. In 2020 IEEE Symposium Series on Computational Intelligence (SSCI) (pp. 1778-1785). IEEE. DOI: https://doi.org/10.1109/SSCI47803.2020.9308512

Kulyadi, S. P., Mohandas, P., Kumar, S. K. S., Raman, M. S., & Vasan, V. S. (2021, July). Anomaly detection using generative adversarial networks on firewall log message data. In 2021 13th International Conference on Electronics, Computers and Artificial Intelligence (ECAI) (pp. 1-6). IEEE. DOI: https://doi.org/10.1109/ECAI52376.2021.9515086

Sevyeri, L. R., & Fevens, T. (2021). On the effectiveness of generative adversarial network on anomaly detection. arXiv preprint arXiv:2112.15541. DOI: https://doi.org/10.1007/978-3-031-06427-2_27

Farzad, A., & Gulliver, T. A. (2019). Oversampling log messages using a sequence generative adversarial network for anomaly detection and classification. arXiv preprint arXiv:1912.04747. DOI: https://doi.org/10.5121/csit.2020.100515

Chen, L., Li, Y., Deng, X., Liu, Z., Lv, M., & Zhang, H. (2022). Dual auto-encoder GAN-based anomaly detection for industrial control system. Applied Sciences, 12(10), 4986. DOI: https://doi.org/10.3390/app12104986

Patil, R., Biradar, R., Ravi, V., Biradar, P., & Ghosh, U. (2022). Network traffic anomaly detection using PCA and BiGAN. Internet Technology Letters, 5(1), e235. DOI: https://doi.org/10.1002/itl2.235

Jadidi, Z., Muthukkumarasamy, V., Sithirasenan, E., & Sheikhan, M. (2013, July). Flow-based anomaly detection using neural network optimized with GSA algorithm. In 2013 IEEE 33rd international conference on distributed computing systems workshops (pp. 76-81). IEEE. DOI: https://doi.org/10.1109/ICDCSW.2013.40

Amor, N. B., Benferhat, S., & Elouedi, Z. (2004, March). Naive bayes vs decision trees in intrusion detection systems. In Proceedings of the 2004 ACM symposium on Applied computing (pp. 420-424). DOI: https://doi.org/10.1145/967900.967989

Zhang, R., Zhang, S., Lan, Y., & Jiang, J. (2008, March). Network anomaly detection using one class support vector machine. In Proceedings of the International MultiConference of Engineers and Computer Scientists (Vol. 1).

Duffield, N., Haffner, P., Krishnamurthy, B., & Ringberg, H. A. (2016). Systems and methods for rule-based anomaly detection on IP network flow. U.S. Patent No. 9,258,217. Washington, DC: U.S. Patent and Trademark Office.

Zhao, M., & Saligrama, V. (2009). Anomaly detection with score functions based on nearest neighbor graphs. Advances in neural information processing systems, 22.

Kiss, I., Genge, B., Haller, P., & Sebestyén, G. (2014, September). Data clustering-based anomaly detection in industrial control systems. In 2014 IEEE 10th International Conference on Intelligent Computer Communication and Processing (ICCP) (pp. 275-281). IEEE. DOI: https://doi.org/10.1109/ICCP.2014.6937009

Yip, S. C., Wong, K., Hew, W. P., Gan, M. T., Phan, R. C. W., & Tan, S. W. (2017). Detection of energy theft and defective smart meters in smart grids using linear regression. International Journal of Electrical Power & Energy Systems, 91, 230-240. DOI: https://doi.org/10.1016/j.ijepes.2017.04.005

Smrithy, G. S., Munirathinam, S., & Balakrishnan, R. (2016, December). Online anomaly detection using non-parametric technique for big data streams in cloud collaborative environment. In 2016 IEEE International Conference on Big Data (Big Data) (pp. 1950-1955). IEEE. DOI: https://doi.org/10.1109/BigData.2016.7840816

Lee, W., & Xiang, D. (2000, May). Information-theoretic measures for anomaly detection. In Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 (pp. 130-143). IEEE.

Callegari, C., Giordano, S., & Pagano, M. (2017). An information-theoretic method for the detection of anomalies in network traffic. Computers & Security, 70, 351-365. DOI: https://doi.org/10.1016/j.cose.2017.07.004

Egilmez, H. E., & Ortega, A. (2014, May). Spectral anomaly detection using graph-based filtering for wireless sensor networks. In 2014 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) (pp. 1085-1089). IEEE. DOI: https://doi.org/10.1109/ICASSP.2014.6853764

Akoglu, L., Tong, H., & Koutra, D. (2015). Graph based anomaly detection and description: a survey. Data mining and knowledge discovery, 29(3), 626-688. DOI: https://doi.org/10.1007/s10618-014-0365-y

Vasseur, J. P., Mermoud, G., & Mota, J. C. (2016). Event correlation in a network merging local graph models from distributed nodes . U.S. Patent Application No. 14/605,916.

Van, N. T., & Thinh, T. N. (2017, July). An anomaly-based network intrusion detection system using deep learning. In 2017 international conference on system science and engineering (ICSSE) (pp. 210-214). IEEE.

Erfani, S. M., Rajasegarar, S., Karunasekera, S., & Leckie, C. (2016). High-dimensional and large-scale anomaly detection using a linear one-class SVM with deep learning. Pattern Recognition, 58, 121-134. DOI: https://doi.org/10.1016/j.patcog.2016.03.028

Maimó, L. F., Gómez, Á. L. P., Clemente, F. J. G., Pérez, M. G., & Pérez, G. M. (2018). A self-adaptive deep learning-based system for anomaly detection in 5G networks. IEEE Access, 6, 7700-7712. DOI: https://doi.org/10.1109/ACCESS.2018.2803446

Garcia, S., Grill, M., Stiborek, J., & Zunino, A. (2014). An empirical comparison of botnet detection methods. Computers & Security, 45, 100-123. DOI: https://doi.org/10.1016/j.cose.2014.05.011

Malaiya, R. K., Kwon, D., Kim, J., Suh, S. C., Kim, H., & Kim, I. (2018, March). An Empirical Evaluation of Deep Learning for Network Anomaly Detection. In 2018 International Conference on Computing, Networking and Communications (ICNC) (pp. 893-898). IEEE. DOI: https://doi.org/10.1109/ICCNC.2018.8390278

Tian, Y., Mirzabagheri, M., Bamakan, S. M. H., Wang, H., & Qu, Q. (2018). Ramp loss one-class support vector machine; a robust and effective approach to anomaly detection problems. Neurocomputing, 310, 223-235. DOI: https://doi.org/10.1016/j.neucom.2018.05.027

Anil, S., & Remya, R. (2013, July). A hybrid method based on genetic algorithm, self-organised feature map, and support vector machine for better network anomaly detection. In 2013 Fourth international conference on computing, communications and networking technologies (ICCCNT) (pp. 1-5). IEEE. DOI: https://doi.org/10.1109/ICCCNT.2013.6726604

Harrou, F., Dairi, A., Taghezouit, B., & Sun, Y. (2019). An unsupervised monitoring procedure for detecting anomalies in photovoltaic systems using a one-class support vector machine. Solar Energy, 179, 48-58. DOI: https://doi.org/10.1016/j.solener.2018.12.045

Miao, X., Liu, Y., Zhao, H., & Li, C. (2018). Distributed online one-class support vector machine for anomaly detection over networks. IEEE transactions on cybernetics, 49(4), 1475-1488. DOI: https://doi.org/10.1109/TCYB.2018.2804940

Gopal, R. K., & Meher, S. K. (2007, November). A rule-based approach for anomaly detection in subscriber usage pattern. In Proceedings of World Academy of Science, Engineering and Technology (pp. 396-399).

Zhao, M., & Saligrama, V. (2009). Anomaly detection with score functions based on nearest neighbor graphs. Advances in neural information processing systems, 22.

Zhang, R., Zhang, S., Lan, Y., & Jiang, J. (2008, March). Network anomaly detection using one class support vector machine. In Proceedings of the International MultiConference of Engineers and Computer Scientists (Vol. 1).

Mascaro, S., Nicholso, A. E., & Korb, K. B. (2014). Anomaly detection in vessel tracks using Bayesian networks. International Journal of Approximate Reasoning, 55(1), 84-98. DOI: https://doi.org/10.1016/j.ijar.2013.03.012

Valdes, A. D. J., Fong, M. W., & Porras, P. A. (2008). Prioritizing Bayes network alerts. U.S. Patent No. 7,379,993. Washington, DC: U.S. Patent and Trademark Office.

Tian, J., Azarian, M. H., & Pecht, M. (2014). Anomaly detection using self-organizing maps-based k-nearest neighbor algorithm. In PHM society European conference (Vol. 2, No. 1).

Su, M. Y. (2011). Real-time anomaly detection systems for Denial-of-Service attacks by weighted k-nearest-neighbor classifiers. Expert Systems with Applications, 38(4), 3492-3498. DOI: https://doi.org/10.1016/j.eswa.2010.08.137

Hu, J., Ma, F., & Wu, S. (2018). Anomaly identification of foundation uplift pressures of gravity dams based on DTW and LOF. Structural control and health monitoring, 25(5), e2153. DOI: https://doi.org/10.1002/stc.2153

Song, B., & Suh, Y. (2019). Narrative texts-based anomaly detection using accident report documents: The case of chemical process safety. Journal of Loss Prevention in the Process Industries, 57, 47-54. DOI: https://doi.org/10.1016/j.jlp.2018.08.010

Marcos Alvarez, A., Yamada, M., Kimura, A., & Iwata, T. (2013, October). Clustering-based anomaly detection in multi-view data. In Proceedings of the 22nd ACM international conference on Information & Knowledge Management (pp. 1545-1548). DOI: https://doi.org/10.1145/2505515.2507840

Saeedi Emadi, H., & Mazinani, S. M. (2018). A novel anomaly detection algorithm using DBSCAN and SVM in wireless sensor networks. Wireless Personal Communications, 98, 2025-2035. DOI: https://doi.org/10.1007/s11277-017-4961-1

Pandeeswari, N., & Kumar, G. (2016). Anomaly detection system in cloud environment using fuzzy clustering based ANN. Mobile Networks and Applications, 21, 494-505. DOI: https://doi.org/10.1007/s11036-015-0644-x

Bronte, R., Shahriar, H., & Haddad, H. (2016, June). Information theoretic anomaly detection framework for web application. In 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC) (Vol. 2, pp. 394-399). IEEE. DOI: https://doi.org/10.1109/COMPSAC.2016.139

Marchetti, M., Stabili, D., Guido, A., & Colajanni, M. (2016, September). Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms. In 2016 IEEE 2nd International Forum on Research and Technologies for Society and Industry Leveraging a better tomorrow (RTSI) (pp. 1-6). IEEE. DOI: https://doi.org/10.1109/RTSI.2016.7740627

Salem, O., Guerassimov, A., Mehaoua, A., Marcus, A., & Furht, B. (2014). Anomaly detection in medical wireless sensor networks using SVM and linear regression models. International Journal of E-Health and Medical Communications (IJEHMC), 5(1), 20-45. DOI: https://doi.org/10.4018/ijehmc.2014010102

Sakurada, M., & Yairi, T. (2014, December). Anomaly detection using autoencoders with nonlinear dimensionality reduction. In Proceedings of the MLSDA 2014 2nd workshop on machine learning for sensory data analysis (pp. 4-11). DOI: https://doi.org/10.1145/2689746.2689747

Zong, B., Song, Q., Min, M. R., Cheng, W., Lumezanu, C., Cho, D., & Chen, H. (2018, February). Deep autoencoding gaussian mixture model for unsupervised anomaly detection. In International conference on learning representations.

Akoglu, L., & Faloutsos, C. (2010, December). Event detection in time series of mobile communication graphs. In Army science conference (Vol. 1, p. 141).