Graph Attention Network and Informer for Multivariate Time Series Anomaly Detection
Time series anomaly detection is very important to ensure the security of industrial control systems (ICSs). Many algorithms have performed well in anomaly detection. However, the performance of most of these algorithms decreases sharply with the increase in feature dimension. This paper proposes an...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2024-02-01
|
| Series: | Sensors |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1424-8220/24/5/1522 |
| _version_ | 1827319374787117056 |
|---|---|
| author | Mengmeng Zhao Haipeng Peng Lixiang Li Yeqing Ren |
| author_facet | Mengmeng Zhao Haipeng Peng Lixiang Li Yeqing Ren |
| author_sort | Mengmeng Zhao |
| collection | DOAJ |
| description | Time series anomaly detection is very important to ensure the security of industrial control systems (ICSs). Many algorithms have performed well in anomaly detection. However, the performance of most of these algorithms decreases sharply with the increase in feature dimension. This paper proposes an anomaly detection scheme based on Graph Attention Network (GAT) and Informer. GAT learns sequential characteristics effectively, and Informer performs excellently in long time series prediction. In addition, long-time forecasting loss and short-time forecasting loss are used to detect multivariate time series anomalies. Short-time forecasting is used to predict the next time value, and long-time forecasting is employed to assist the short-time prediction. We conduct a large number of experiments on industrial control system datasets SWaT and WADI. Compared with most advanced methods, we achieve competitive results, especially on higher-dimensional datasets. Moreover, the proposed method can accurately locate anomalies and realize interpretability. |
| first_indexed | 2024-04-25T00:20:20Z |
| format | Article |
| id | doaj.art-aab3a3494fd3417abd647a975e7d2508 |
| institution | Directory Open Access Journal |
| issn | 1424-8220 |
| language | English |
| last_indexed | 2024-04-25T00:20:20Z |
| publishDate | 2024-02-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Sensors |
| spelling | doaj.art-aab3a3494fd3417abd647a975e7d25082024-03-12T16:55:05ZengMDPI AGSensors1424-82202024-02-01245152210.3390/s24051522Graph Attention Network and Informer for Multivariate Time Series Anomaly DetectionMengmeng Zhao0Haipeng Peng1Lixiang Li2Yeqing Ren3Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, ChinaInformation Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, ChinaInformation Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, ChinaInformation Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, ChinaTime series anomaly detection is very important to ensure the security of industrial control systems (ICSs). Many algorithms have performed well in anomaly detection. However, the performance of most of these algorithms decreases sharply with the increase in feature dimension. This paper proposes an anomaly detection scheme based on Graph Attention Network (GAT) and Informer. GAT learns sequential characteristics effectively, and Informer performs excellently in long time series prediction. In addition, long-time forecasting loss and short-time forecasting loss are used to detect multivariate time series anomalies. Short-time forecasting is used to predict the next time value, and long-time forecasting is employed to assist the short-time prediction. We conduct a large number of experiments on industrial control system datasets SWaT and WADI. Compared with most advanced methods, we achieve competitive results, especially on higher-dimensional datasets. Moreover, the proposed method can accurately locate anomalies and realize interpretability.https://www.mdpi.com/1424-8220/24/5/1522anomaly detectionmutlivariate time seriesgraph attention networkInformerindustrial control systems |
| spellingShingle | Mengmeng Zhao Haipeng Peng Lixiang Li Yeqing Ren Graph Attention Network and Informer for Multivariate Time Series Anomaly Detection Sensors anomaly detection mutlivariate time series graph attention network Informer industrial control systems |
| title | Graph Attention Network and Informer for Multivariate Time Series Anomaly Detection |
| title_full | Graph Attention Network and Informer for Multivariate Time Series Anomaly Detection |
| title_fullStr | Graph Attention Network and Informer for Multivariate Time Series Anomaly Detection |
| title_full_unstemmed | Graph Attention Network and Informer for Multivariate Time Series Anomaly Detection |
| title_short | Graph Attention Network and Informer for Multivariate Time Series Anomaly Detection |
| title_sort | graph attention network and informer for multivariate time series anomaly detection |
| topic | anomaly detection mutlivariate time series graph attention network Informer industrial control systems |
| url | https://www.mdpi.com/1424-8220/24/5/1522 |
| work_keys_str_mv | AT mengmengzhao graphattentionnetworkandinformerformultivariatetimeseriesanomalydetection AT haipengpeng graphattentionnetworkandinformerformultivariatetimeseriesanomalydetection AT lixiangli graphattentionnetworkandinformerformultivariatetimeseriesanomalydetection AT yeqingren graphattentionnetworkandinformerformultivariatetimeseriesanomalydetection |