面向多维时间序列异常检测的时空图卷积网络

王静; 何苗苗; 丁建立; 李永华

doi:10.19665/j.issn1001-2400.20230804

您当前的位置：

首页 >

文章列表页 >

面向多维时间序列异常检测的时空图卷积网络

网络空间安全 | 更新时间：2024-07-23

- 面向多维时间序列异常检测的时空图卷积网络
- Spatial-temporal graph convolutional networks foranomaly detection in multivariate time series
- 西安电子科技大学学报 2024年51卷第3期页码：170-181
- 作者机构：
  
  1. 中国民航大学安全科学与工程学院,天津 300300
  2. 中国民航大学信息安全测评中心,天津 300300
  3. 中国民航大学计算机科学与技术学院,天津 300300
- 作者简介：
  
  [ "王静(1980—),女,副教授,E-mail:[email protected]" ]
  [ "何苗苗(1998—),女,中国民航大学硕士研究生,E-mail:[email protected]" ]
  [ "丁建立(1963—),男,教授,E-mail:[email protected]" ]
  李永华(1974—),女,讲师,E-mail:[email protected]
- 基金信息：
  
  国家自然科学基金民航联合基金重点课题(U2033205);中国民航大学信息安全测评中心开放基金资助(ISECCA-202006)
- DOI：10.19665/j.issn1001-2400.20230804
  中图分类号： TP391
- 纸质出版日期：2024-06-20，
  
  网络出版日期：2023-11-21，
  
  收稿日期：2023-06-14，
- 稿件说明：
扫描看全文
王静, 何苗苗, 丁建立, 等. 面向多维时间序列异常检测的时空图卷积网络[J]. 西安电子科技大学学报, 2024,51(3):170-181.

Jing WANG, Miaomiao HE, Jianli DING, et al. Spatial-temporal graph convolutional networks foranomaly detection in multivariate time series[J]. Journal of Xidian University, 2024,51(3):170-181.
王静, 何苗苗, 丁建立, 等. 面向多维时间序列异常检测的时空图卷积网络[J]. 西安电子科技大学学报, 2024,51(3):170-181. DOI： 10.19665/j.issn1001-2400.20230804.

Jing WANG, Miaomiao HE, Jianli DING, et al. Spatial-temporal graph convolutional networks foranomaly detection in multivariate time series[J]. Journal of Xidian University, 2024,51(3):170-181. DOI： 10.19665/j.issn1001-2400.20230804.

摘要

针对现有多维时间序列异常检测模型对局部和全局时空依赖性捕获能力不足的问题

提出一种基于时空图卷积网络的多维时间序列异常检测模型。首先

在时间维度上利用扩张因果卷积和多头自注意力机制

分别捕获短期和长期时间依赖性

并且引入通道注意力来学习不同通道的重要性权重;其次

在空间维度上利用静态图学习层根据节点嵌入构建静态图邻接矩阵

旨在捕获多维时间序列数据的全局空间依赖性

同时利用动态图学习层构建一系列演化的图邻接矩阵

旨在建模局部动态的空间依赖性;最后

联合优化重构模型和预测模型

通过重构误差和预测误差计算异常分数

然后比较阈值和异常分数的关系

进而检测异常。在MSL、SMAP和SWaT三个公开数据集上的实验结果表明

该模型在异常检测性能指标F1分数方面优于OmniAnomaly、MTAD-GAT和GDN等相关的基线模型。

Abstract

To address the problem that the existing multivariate time series anomaly detection models have an insufficient ability to capture local and global spatial-temporal dependencies

a multivariate time series anomaly detection model based on spatial-temporal graph convolutional networks is proposed.First

in the temporal dimension

the short-term and long-term temporal dependencies in time series data are captured by using dilated causal convolution and multi-headed self-attention mechanisms

respectively.And the channel attention is introduced to learn the importance weights of different channels.Second

in the spatial dimension

a graph adjacency matrix is constructed by the static graph learning layer according to the node embedding

which is used to model the global spatial dependencies.Meanwhile

a series of evolutionary graph adjacency matrices is constructed by using the dynamic graph learning layer

so as to capture the local dynamic spatial dependencies.Finally

the reconstruction model and the prediction model are jointly optimized

and the anomaly score is calculated by the reconstructed error and the prediction error.Then

the relationship between the threshold and the anomaly score is compared to detect the anomaly.Experimental results on three public datasets

MSL

SMAP

and SwaT

show that the model outperforms the relevant baseline models such as OmniAnomaly

MTAD-GAT

and GDN in terms of the anomaly detection performance metric F1 score.

关键词

图卷积网络时空依赖多维时间序列异常检测

Keywords

graph convolutional networksspatial-temporal dependenciesmultivariate time seriesanomaly detection

references

WENIG P, SCHMIDL S, PAPENBROCK T. TimeEval:A Benchmarking Toolkit for Time Series Anomaly Detection Algorithms[J]. Proceedings of the VLDB Endowment, 2022, 15(12):3678-3681.

丁小欧, 于晟健, 王沐贤, 等. 基于相关性分析的工业时序数据异常检测[J]. 软件学报, 2020, 31(3):726-747.

DING Xiaoou, YU Shengjian, WANG Muxian, et al. Anomaly Detection on Industrial Time Series Based on Correlation Analysis[J]. Journal of Software, 2020, 31(3):726-747.

SCHMIDL S, WENIG P, PAPENBROCK T. Anomaly Detection in Time Series:A Comprehensive Evaluation[J]. Proceedings of the VLDB Endowment, 2022, 15(9):1779-1797.

顾兆军, 刘婷婷, 隋翯. 一种ICS异常检测的优化GAN模型[J]. 西安电子科技大学学报, 2022, 49(2):173-181.

GU Zhaojun, LIU Tingting, SUI He. Latent Feature Reconstruction Generative GAN Model for ICS Anomaly Detection[J]. Journal of Xidian University, 2022, 49(2):173-181.

YU Y, SI X, HU C, et al. A Review of Recurrent Neural Networks:LSTM Cells and Network Architectures[J]. Neural Computation, 2019, 31(7):1235-1270.

PARK D, HOSHI Y, KEMP C C. A Multimodal Anomaly Detector for Robot-Assisted Feeding Using an LSTM-Based Variational Autoencoder[J]. IEEE Robotics and Automation Letters, 2018, 3(3):1544-1551.

SU Y, ZHAO Y, NIU C, et al. Robust Anomaly Detection for Multivariate Time Series Through Stochastic Recurrent Neural Network[C]//Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. New York: ACM, 2019:2828-2837.

LI D, CHEN D, JIN B, et al. MAD-GAN:Multivariate Anomaly Detection for Time Series Data with Generative Adversarial Networks[C]//I nternational Conference on Artificial Neural Networks. Heidelberg:Springer, 2019:703-716.

AUDIBERT J, MICHIARDI P, GUYARD F, et al. USAD:Unsupervised Anomaly Detection on Multivariate Time Series[C]//Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. New York: ACM, 2020:3395-3404.

吴博, 梁循, 张树森, 等. 图神经网络前沿进展与应用[J]. 计算机学报, 2022, 45(1):35-68.

WU Bo, LIANG Xun, ZHANG Shusen, et al. Advances and Applications in Graph Neural Network[J]. Chinese Journal of Computers, 2022, 45(1):35-68.

DENG A, HOOI B. Graph Neural Network-Based Anomaly Detection in Multivariate Time Series[C]//Proceedings of the AAAI Conference on Artificial Intelligence. Palo Alto: AAAI, 2021:4027-4035.

ZHAO H, WANG Y, DUAN J, et al. Multivariate Time-Series Anomaly Detection via Graph Attention Network[C]//2020 IEEE International Conference on Data Mining(ICDM).Piscataway:IEEE, 2020:841-850.

CHEN Z, CHEN D, ZHANG X, et al. Learning Graph Structures with Transformer for Multivariate Time-Series Anomaly Detection in IoT[J]. IEEE Internet of Things Journal, 2021, 9(12):9179-9189.

VASWANI A, SHAZEER N, PARMAR N, et al. Attention is All You Need[C]//Advances in Neural Information Processing Systems(NIPS). San Diego: NIPS, 2017:6000-6010.

KIPF T N, WELLING M. Semi-Supervised Classification with Graph Convolutional Networks(2016)[J/OL].[2016-09-09]. https://arxiv.org/pdf/1609.02907.pdf.https://arxiv.org/pdf/1609.02907.pdfhttps://arxiv.org/pdf/1609.02907.pdf

BAI S, KOLTER J Z, KOLTUN V. An Empirical Evaluation of Generic Convolutional and Recurrent Networks for Sequence Modeling(2018)[J/OL].[2018-03-04]. https://arxiv.org/pdf/1803.01271.pdf.https://arxiv.org/pdf/1803.01271.pdfhttps://arxiv.org/pdf/1803.01271.pdf

WOO S, PARK J, LEE J Y, et al. CBAM:Convolutional Block Attention Module[C]//Proceedings of the European Conference on Computer Vision(ECCV). Heidelberg:Springer, 2018:3-19.

WU Z, PAN S, LONG G, et al. Connecting the Dots:Multivariate Time Series Forecasting with Graph Neural Networks[C]//Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. New York: ACM, 2020:753-763.

FENG C, TIAN P. Time Series Anomaly Detection for Cyber-Physical Systems via Neural System Identification and Bayesian Filtering[C]//Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data Mining. New York: ACM, 2021:2858-2867.

XIE J, CUI Y, HUANG F, et al. MARINA:An MLP-Attention Model for Multivariate Time-Series Analysis[C]//Proceedings of the 31st ACM International Conference on Information & Knowledge Management. New York: ACM, 2022:2230-2239.

KIM S, CHOI K, CHOI H S, et al. Towards a Rigorous Evaluation of Time-Series Anomaly Detection[C]//Proceedings of the AAAI Conference on Artificial Intelligence. Palo Alto: AAAI, 2022:7194-7201.

HAN S, WOO S S. Learning Sparse Latent Graph Representations for Anomaly Detection in Multivariate Time Series[C]//Proceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data Mining. New York: ACM, 2022:2977-2986.

ZHANG Z, LI W, DING W, et al. STAD-GAN:Unsupervised Anomaly Detection on Multivariate Time Series with Self-Training Generative Adversarial Networks[J]. ACM Transactions on Knowledge Discovery from Data, 2023, 17(5):1-18.

ZONG B, SONG Q, MIN M R, et al. Deep Autoencoding Gaussian Mixture Model for Unsupervised Anomaly Detection[C]//International Conference on Learning Representations. Piscataway:IEEE, 2018:1-19.

DING C, SUN S, ZHAO J. MST-GAT:A Multimodal Spatial-Temporal Graph Attention Network for Time Series Anomaly Detection[J]. Information Fusion, 2023, 89:527-536.

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于多尺度特征信息融合的时间序列异常检测

因果图增强的APT攻击检测算法

隐私保护的拜占庭鲁棒联邦学习算法

一种用于交通预测的注意力时空图神经网络

一种ICS异常检测的优化GAN模型