Home Publications Research Grants Inventions & Patents Awards Additional Research Activities Faculties & Institutions Research Areas

Towards a Zero-Day Anomaly Detector in Cyber Physical Systems Using a Hybrid VAE-LSTM-OCSVM Model

Yatagha R, Nebebe B, Waedt K, Ruland C (2024)

---

Publication Type: Conference contribution

Publication year: 2024

Publisher: Association for Computing Machinery

Pages Range: 5038-5045

Conference Proceedings Title: International Conference on Information and Knowledge Management, Proceedings

Event location: Boise, ID

ISBN: 9798400704369

DOI: 10.1145/3627673.3680064

Abstract

Despite the growing volume of time series data across various domains, detecting anomalies remains challenging due to the complexity and dynamic nature of the data. Traditional monitoring systems are inefficient in capturing contextual and temporal anomalies that are only viable through time and handling high-dimensional data. From implementation to deployment, this paper presents an anomaly detection system on a cyber-physical system by integrating Variational Autoencoders (VAE) with Long Short-Term Memory (LSTM) networks and One-Class Support Vector Machine (OCSVM), forming a hybrid VAE-LSTM-OCSVM model. The proposed architecture positions itself as a zero-day anomaly detector, by learning the nominal functioning of systems, enabling it to identify deviations from normal operations without prior knowledge of specific anomalies. This capability significantly enhances the model's utility in online monitoring, making it adept at detecting unforeseen operational disruptions. We propose an Adaptive Loss Weight Adjustment Algorithm (ALWAA) to account for Domain incremental learning in our system, as required by the ISO/IEC 42001:2023 and ISO/IEC 23053:2022 standards. The model is evaluated on a dataset including 2 types of anomalies, comparing and demonstrating its superiority over existing methods. The findings suggest that the hybrid VAE-LSTM-OCSVM model offers a promising direction for more effective and efficient anomaly detection in time series data, with its ability to safeguard against known and unknown anomalies.

Involved external institutions

How to cite

APA:

Yatagha, R., Nebebe, B., Waedt, K., & Ruland, C. (2024). Towards a Zero-Day Anomaly Detector in Cyber Physical Systems Using a Hybrid VAE-LSTM-OCSVM Model. In International Conference on Information and Knowledge Management, Proceedings (pp. 5038-5045). Boise, ID, US: Association for Computing Machinery.

MLA:

Yatagha, Romarick, et al. "Towards a Zero-Day Anomaly Detector in Cyber Physical Systems Using a Hybrid VAE-LSTM-OCSVM Model." Proceedings of the 33rd ACM International Conference on Information and Knowledge Management, CIKM 2024, Boise, ID Association for Computing Machinery, 2024. 5038-5045.

BibTeX: Download