Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (5): 363-373.doi: 10.11896/jsjkx.230300153

• Information Security • Previous Articles     Next Articles

Robust Anomaly Detection Based on Adversarial Samples and AutoEncoder

LI Shasha, XING Hongjie   

  1. Hebei Key Laboratory of Machine Learning and Computational Intelligence,College of Mathematics and Information Science,Hebei University,Baoding,Hebei 071002,China
  • Received:2023-03-18 Revised:2023-07-09 Online:2024-05-15 Published:2024-05-08
  • About author:LI Shasha,born in 1996,postgraduate.Her main research interests include novelty detection,autoencoder and deep learning.
    XING Hongjie,born in 1976,Ph.D,professor,Ph.D supervisor.His main research interests include kernel me-thods,neural networks,novelty detection,and ensemble learning.
  • Supported by:
    National Natural Science Foundation of China(61672205),Natural Science Foundation of Hebei Province,China(F2017201020) and High-Level Talents Research Start-Up Project of Hebei University(521100222002).

PDF (PC)

297

Abstract: The anomaly detection method based on AutoEncoder only uses normal samples for training,so it can effectively reconstruct normal samples,but cannot reconstruct abnormal samples.In addition,when the anomaly detection method based on AutoEncoder is attacked by adversarial attacks,it often obtains wrong detection results.In order to solve the above problems,robust anomaly detection based on adversarial samples and AutoEncoder(RAD-ASAE) method is proposed.RAD-ASAE consists of two parameter-shared encoders and a decoder.First,the normal sample is perturbed slightly to generate the adversarial sample,and normal samples and adversarial samples are used to train the model at the same time to improve the adversarial robustness of the model.Second,the reconstruction error of the adversarial samples is minimized in the sample space,and the mean square error between the normal samples and the reconstructed samples of the adversarial samples is minimized.At the same time,the mean square error between the latent features of the normal samples and the adversarial samples is minimized in the latent space to improve the reconstruction ability of the AutoEncoder.Experimental results on MNIST,Fashion-MNIST and CIFAR-10 show that RAD-ASAE demonstrates better detection performance in comparison with 7 related methods.

Key words: AutoEncoder, Adversarial samples, Anomaly detection, Adversarial attack, Robustness

CLC Number: 

  • TP391.4
[1]WELLER-FAHY D J,BORGHETTI B J,SODEMANN A A.A Survey of Distance and Similarity Measures Used Within Network Intrusion Anomaly Detection [J].IEEE Communications Surveys & Tutorials,2014,17(1):70-91.
[2]GEBREMESKEL G B,YI C,HE Z,et al.Combined Data Mining Techniques Based Patient Data Outlier Detection for Healthcare Safety [J].International Journal of Intelligent Computing and Cybernetics,2016,9(1):42-68.
[3]RAMOTSOELA D,ABU-MAHFOUZ A,HANCKE G.A Survey of Anomaly Detection in Industrial Wireless Sensor Networks With Critical Water System Infrastructure as a Case Study [J].Sensors,2018,18(8):2491.
[4]PIMENTEL M A F,CLIFTON D A,Clifton L,et al.A Review of Novelty Detection [J].Signal Processing,2014,99:215-249.
[5]ILONEN J,PAALANEN P,KAMARAINEN J K,et al.Gaus-sian Mixture Pdf in One-Class Classification:Computing and Utilizing Confidence Values [C]//Proceedings of the 18th International Conference on Pattern Recognition.Hong Kong:IEEE,2006,2:577-580.
[6]ZHANG B W,LIU Z,SANG G M.Anomaly Detection Algo-rithm Based on Kernel Density Fluctuation [J].Computer Engineering and Applications,2021,57(12):132-136.
[7]DING P L.Anomaly Detection Based on K-Nearest NeighborIsolation Forest [J].Computer system application,2023,32(2):199-206.
[8]FAN R,LI N.K-means Clustering Anomaly Detection Method Based on Feature Selection [J].Network Security Technology and Application,2018(4):25-26.
[9]TURKOZ M,KIM S,SON Y,et al.Generalized Support Vector Data Description for Anomaly Detection [J].Pattern Recognition,2020,100:107-119.
[10]KITTIDACHANAN K,MINSAN W,PORNNOPPARATH D,et al.Anomaly Detection Based on GS-OCSVM Classification [C]//Proceedings of the International Conference on Know-ledge and Smart Technology.Phuket:IEEE,2020:64-69.
[11]SINGH S,MARKOU M.An Approach to Novelty DetectionApplied to the Classification of Image Regions [J].IEEE Tran-sactions on Knowledge and Data Engineering,2004,16(4):396-407.
[12]LI W,WANG Y.A Robust Supervised Subspace Learning Approach for Output-Relevant Prediction and Detection Against Outliers [J].Journal of Process Control,2021,106:184-194.
[13]CALLEGARI C,GIORDANO S,PAGANO M.An Information-Theoretic Method for the Detection of Anomalies in Network Traffic [J].Computers & Security,2017,70:351-365.
[14]HINTON G E,SALAKHUTDINOV R R.Reducing the Dimensionality of Data With Neural Networks [J].Science,2006,313(5786):504-507.
[15]GONG D,TAN M,ZHANG Y,et al.Blind Image Deconvolution by Automatic Gradient Activation [C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.Las Vegas:IEEE,2016:1827-1836.
[16]XIA Y,CAO X,WEN F,et al.Learning Discriminative Reconstructions for Unsupervised Outlier Removal [C]//Proceedings of the IEEE International Conference on Computer Vision.Boston:IEEE,2015:1511-1519.
[17]GONG D,LIU L,LE V,et al.Memorizing Normality to Detect Anomaly:Memory-Augmented Deep Autoencoder for Unsupervised Anomaly Detection [C]//Proceedings of the IEEE International Conference on Computer Vision.Seoul:IEEE,2019:1705-1714.
[18]AN J,CHO S.Variational Autoencoder Based Anomaly Detection Using Reconstruction Probability [J].Special lecture on IE,2015,2(1):1-18.
[19]ZHOU C,PAFFENROTH R C.Anomaly Detection With Ro-bust Deep Autoencoders[C]//Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining.Halifax:IEEE,2017:665-674.
[20]SZEGEDY C,ZAREMBA W,SUTSKEVER I,et al.Intriguing,Properties of Neural Networks[C]//Proceedings of the International Conference on Learning Representations.Banff:IEEE:2014.
[21]GOODFELLOW I,SHLENS J,SZEGEDY C.Explaining andHarnessing Adversarial Examples[C]//Proceedings of the International Conference on Learning Representations.San Diego:IEEE,2015.
[22]SALEHI M,ARYA A,PAJOUM B,et al.Arae:Adversarially Robust Training of Autoencoders Improves Novelty Detection [J].Neural Networks,2021,144:726-736.
[23]ROBBINS H,MONRO S.A Stochastic Approximation Method [J].The Annals of Mathematical Statistics,1951,22(3):400-407.
[24]YAN J L,XU Y,ZHANG S C,et al.A Survey of Adversarial Sample Attack and Defense Research on Image Classification Models [J].Computer Engineering and Application,2022,58(23):24-41.
[25]KURAKIN A,GOODFELLOW I J,BENGIO S.Adversarial Examples in the Physical World [M]//Artificial Intelligence Safety and Security.Chapman and Hall/CRC,2018:99-112.
[26]XIAO Y,PUN C M.Improving Adversarial Attacks on Deep Neural Networks Via Constricted Gradient-Based Perturbations[J].Information Sciences,2021,571:104-132.
[27]MADRY A.MAKELOV A,SCHMIDT L,et al.Towards Deep Learning Models Resistant to Adversarial Attacks [C]//Proceedings of the International Conference on Learning Representations.Vancouver:IEEE,2018.
[28]CARLINI N,WAGNER D.Towards Evaluating the Robustness of Neural Networks [C]//2017 IEEE Symposium on Security and Privacy.San Jose:IEEE,2017:39-57.
[29]LIN C,HAN S,ZHU J,et al.Sensitive Region-Aware Black-Box Adversarial Attacks[J].Information Sciences,2023,637:118929.
[30]PAPERNOT N,MCDANIEL P,GOODFELLOW I,et al.Practical Black-Box Attacks Against Machine Learning [C]//Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security.Dallas:ACM,2017:506-519.
[31]ZHOU W,HOU X,CHEN Y,et al.Transferable Adversarial Perturbations [C]//Proceedings of the European Conference on Computer Vision.Munich:Springer,2018:452-467.
[32]ZHAO H,CHANG Y K,WANG W J.Overview of Adversarial Attacks And Defense Methods of Deep Neural Networks [J].Computer Science,2022,49(S2):662-672.
[33]LIAO F,LIANG M,DONG Y,et al.Defense Against Adversa-rial Attacks Using High-Level Representation Guided Denoiser [C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.Salt Lake City,IEEE:2018:1778-1787.
[34]LIU S J,ZHANG Z X,ZHANG Q J.Adversarial Sample Defense Algorithm Based on Adversarial Training and Image Denoising [J].Computer Engineering and Design,2022,43(11):3093-3100.
[35]JIA X,WEI X,CAO X,et al.Comdefend:An Efficient Image Compression Model to Defend Adversarial Examples [C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.Long Beach:IEEE,2019:6084-6092.
[36]PRAKASH A,MORAN N,GARBER S,et al.Deflecting Adversarial Attacks With Pixel Deflection [C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.Salt Lake City:IEEE,2018:8571-8580.
[37]JIA X,ZHANG Y,WU B,et al.LAS-AT:Adversarial Training With Learnable Attack Strategy [C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.New Orleans:IEEE,2022:13398-13408.
[38]PAPERNOT N,MCDANIEL P,WU X,et al.Distillation as aDefense to Adversarial Perturbations Against Deep Neural Networks [C]//Proceedings of the IEEE Symposium on Security and Privacy.San Jose:IEEE,2016:582-597.
[39]SAMANGOUEI P,KABKAB M,CHELLAPPA R.Defense-gan:Protecting Classifiers Against Adversarial Attacks Using Generative Models [C]//Proceedings of the International Conference on Learning Representations.Stockholm:ACM,2018.
[40]MENG D,CHEN H.Magnet:A Two-Pronged Defense Against Adversarial Examples [C]//Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security.Dallas:ACM,2017:135-147.
[41]CHEN R,CHEN J,ZHENG H,et al.Salient Feature Extractorfor Adversarial Defense on Deep Neural Networks[J].Information Sciences,2022,600:118-143.
[42]DENG L.The Mnist Database of Handwritten Digit Images for Machine Learning Research [best of the web[J].IEEE Signal Processing Magazine,2012,29(6):141-142.
[43]XIAO H,RASUL K,VOLLGRAF R.Fashion-Mnist:A NovelImage Dataset for Benchmarking Machine Learning Algorithms [J].arXiv:1708.07747,2017.
[44]THAKKAR V,TEWARY S,CHAKRABORTY C.Batch Normalization in Convolutional Neural Networks-A Comparative Study With CIFAR-10 Data [C]//Proceedings of the International Conference on Emerging Applications of Information Technology.Islamabad:IEEE,2018:1-5.
[45]LIU F T,TING K M,ZHOU Z H.Isolation Forest [C]//Proceedings of the EEE International Conference on Data Mining.Pisa:IEEE,2008:413-422.
[46]RUFF L,VANDERMEULEN R,GOERNITZ N,et al.DeepOne-Class Classification [C]//Proceedings of the International Conference on Machine Learning.Stockholm:ACM,2018:4393-4402.
[47]SCHLEGL T,SEEBÖCK P,WALDSTEIN S M,et al.F-anogan:Fast Unsupervised Anomaly Detection With Generative Adversarial Networks [J].Medical Image Analysis,2019,54:30-44.
[48]AKCAY S,ATAPOUR-ABARGHOUEI A,BRECKON T P.Ganomaly:Semi-Supervised Anomaly Detection Via Adversarial Training [C]//Proceedings of the Asian Conference on Compu-ter Vision.Perth:Springer,2019:622-637.
[49]ZONG B,SONG Q,MIN M R,et al.Deep Autoencoding Gau-ssian Mixture Model for Unsupervised Anomaly Detection [C]//Proceedings of the International Conference on Learning Representations.Vancouver:IEEE,2018.
[50]HE K,ZHANG X,REN S,et al.Delving Deep into Rectifiers:Surpassing Human-Level Performance on Imagenet Classification [C]//Proceedings of the IEEE International Conference on Computer Vision.Santiago:IEEE,2015:1026-1034.
[51]DIEDERIK K AND JIMMY B.Adam:A Method for Stochastic Optimization [C]//Proceedings of the International Conference on Learning Representations(ICLR).San Diego:IEEE,2015.
[52]FAWCETT T.An Introduction to Roc Analysis [J].PatternRecognition Letters,2006,27(8):861-874.
[1] HAN Songyuan, WANG Hongxia, JIANG Ziyu. Robust and Multilayer Excel Document Watermarking for Source Tracing [J]. Computer Science, 2024, 51(5): 374-381.
[2] GE Yinchi, ZHANG Hui, SUN Haohang. Differential Privacy Data Synthesis Method Based on Latent Diffusion Model [J]. Computer Science, 2024, 51(3): 30-38.
[3] CHEN Jinyin, LI Xiao, JIN Haibo, CHEN Ruoxi, ZHENG Haibin, LI Hu. CheatKD:Knowledge Distillation Backdoor Attack Method Based on Poisoned Neuronal Assimilation [J]. Computer Science, 2024, 51(3): 351-359.
[4] HUANG Changxi, ZHAO Chengxin, JIANG Xiaoteng, LING Hefei, LIU Hui. Screen-shooting Resilient DCT Domain Watermarking Method Based on Deep Learning [J]. Computer Science, 2024, 51(2): 343-351.
[5] ZHOU Wenhao, HU Hongtao, CHEN Xu, ZHAO Chunhui. Weakly Supervised Video Anomaly Detection Based on Dual Dynamic Memory Network [J]. Computer Science, 2024, 51(1): 243-251.
[6] GUO Yuxing, YAO Kaixuan, WANG Zhiqiang, WEN Liangliang, LIANG Jiye. Black-box Graph Adversarial Attacks Based on Topology and Feature Fusion [J]. Computer Science, 2024, 51(1): 355-362.
[7] LI Qiaojun, ZHANG Wen, YANG Wei. Fusion Neural Network-based Method for Predicting LncRNA-disease Association [J]. Computer Science, 2023, 50(8): 226-232.
[8] ZHOU Fengfan, LING Hefei, ZHANG Jinyuan, XIA Ziwei, SHI Yuxuan, LI Ping. Facial Physical Adversarial Example Performance Prediction Algorithm Based on Multi-modal Feature Fusion [J]. Computer Science, 2023, 50(8): 280-285.
[9] LI Hui, LI Wengen, GUAN Jihong. Dually Encoded Semi-supervised Anomaly Detection [J]. Computer Science, 2023, 50(7): 53-59.
[10] HENG Hongjun, ZHOU Wenhua. Anomaly Detection Method Based on Context Information Fusion and Noise Adaptation [J]. Computer Science, 2023, 50(7): 237-245.
[11] LI Kun, GUO Wei, ZHANG Fan, DU Jiayu, YANG Meiyue. Adversarial Malware Generation Method Based on Genetic Algorithm [J]. Computer Science, 2023, 50(7): 325-331.
[12] SUN Kaiwei, WANG Zhihao, LIU Hu, RAN Xue. Maximum Overlap Single Target Tracking Algorithm Based on Attention Mechanism [J]. Computer Science, 2023, 50(6A): 220400023-5.
[13] ZHANG Guohua, YAN Xuefeng, GUAN Donghai. Anomaly Detection of Time-series Based on Multi-modal Feature Fusion [J]. Computer Science, 2023, 50(6A): 220700094-7.
[14] SUN Xuekui, DAI Hua, ZHOU Jianguo, YANG Geng, CHEN Yanli. LTTFAD:Log Template Topic Feature-based Anomaly Detection [J]. Computer Science, 2023, 50(6): 313-321.
[15] ZHAO Song, FU Hao, WANG Hongxing. Pseudo-abnormal Sample Selection for Video Anomaly Detection [J]. Computer Science, 2023, 50(5): 146-154.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.