Yilixiati Abudurexiti , Guangjie Han , Fan Zhang , Li Liu
{"title":"An explainable unsupervised anomaly detection framework for Industrial Internet of Things","authors":"Yilixiati Abudurexiti , Guangjie Han , Fan Zhang , Li Liu","doi":"10.1016/j.cose.2024.104130","DOIUrl":null,"url":null,"abstract":"<div><div>Industrial Internet of Things (IIoT) systems require effective anomaly detection techniques to ensure optimal operational efficiency. However, constructing a suitable anomaly detection framework for IIoT poses challenges due to the scarcity of labeled data. Additionally, most existing anomaly detection frameworks lack interpretability. To tackle these issues, an innovative unsupervised framework based on time series data analysis is proposed. This framework initially detects anomalous patterns in IIoT sensor data by extracting local features. An improved Time Convolutional Network (TCN) and Kolmogorov–Arnold Network (KAN) based Variational Auto-Encoder (VAE) is then constructed to capture long-term dependencies. The framework is trained in an unsupervised manner and interpreted using Explainable Artificial Intelligence (XAI) techniques. This approach offers insightful explanations regarding the importance of features, thereby facilitating informed decision-making and enhancements. Experimental results demonstrate that the framework is capable of extracting informative features and capturing long-term dependencies. This enables efficient anomaly detection in complex, dynamic industrial systems, surpassing other unsupervised methods.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"148 ","pages":"Article 104130"},"PeriodicalIF":4.8000,"publicationDate":"2024-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824004358","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Industrial Internet of Things (IIoT) systems require effective anomaly detection techniques to ensure optimal operational efficiency. However, constructing a suitable anomaly detection framework for IIoT poses challenges due to the scarcity of labeled data. Additionally, most existing anomaly detection frameworks lack interpretability. To tackle these issues, an innovative unsupervised framework based on time series data analysis is proposed. This framework initially detects anomalous patterns in IIoT sensor data by extracting local features. An improved Time Convolutional Network (TCN) and Kolmogorov–Arnold Network (KAN) based Variational Auto-Encoder (VAE) is then constructed to capture long-term dependencies. The framework is trained in an unsupervised manner and interpreted using Explainable Artificial Intelligence (XAI) techniques. This approach offers insightful explanations regarding the importance of features, thereby facilitating informed decision-making and enhancements. Experimental results demonstrate that the framework is capable of extracting informative features and capturing long-term dependencies. This enables efficient anomaly detection in complex, dynamic industrial systems, surpassing other unsupervised methods.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.