Chao Liu,Sambuddha Ghosal,Zhanhong Jiang,Soumik Sarkar

DOI: https://doi.org/10.1109/iccps.2016.7479069

2016-01-01

Abstract:Modern distributed cyber-physical systems (CPSs) encounter a large variety of physical faults and cyber anomalies and in many cases, they are vulnerable to catastrophic fault propagation scenarios due to strong connectivity among the sub-systems. This paper presents a new data-driven framework for system-wide anomaly detection for addressing such issues. The framework is based on a spatiotemporal feature extraction scheme built on the concept of symbolic dynamics for discovering and representing causal interactions among the subsystems of a CPS. The extracted spatiotemporal features are then used to learn system-wide patterns via a Restricted Boltzmann Machine (RBM). The results show that: (1) the RBM free energy in the off-nominal conditions is different from that in the nominal conditions and can be used for anomaly detection; (2) the framework can capture multiple nominal modes with one graphical model; (3) the case studies with simulated data and an integrated building system validate the proposed approach.

Mayra Alexandra Macas Carrasco,Chunming Wu

DOI: https://doi.org/10.1109/icmla.2019.00212

2019-01-01

Abstract:Current Cyber-Physical Systems (CPSs) are sophisticated, complex, and equipped with networked sensors and actuators. As such, they have become further exposed to cyber-attacks. Recent catastrophic events have demonstrated that standard, human-based management of anomaly detection in complex systems is not efficient enough and have underlined the significance of automated detection, intelligent and rapid response. Nevertheless, existing anomaly detection frameworks usually are not capable of dealing with the dynamic and complicated nature of the CPSs. In this study, we introduce an unsupervised framework for anomaly detection based on an Attention-based Spatio-Temporal Autoencoder. In particular, we first construct statistical correlation matrices to characterize the system status across different time steps. Next, a 2D convolutional encoder is employed to encode the patterns of the correlation matrices, whereas an Attention-based Convolutional LSTM Encoder-Decoder (ConvLSTM-ED) is used to capture the temporal dependencies. More precisely, we introduce an input attention mechanism to adaptively select the most significant input features at each time step. Finally, the 2D convolutional decoder reconstructs the correlation matrices. The differences between the reconstructed correlation matrices and the original ones are used as indicators of anomalies. Extensive experimental analysis on data collected from all six stages of Secure Water Treatment (SWaT) testbed, a scaled-down version of a real-world industrial water treatment plant, demonstrates that the proposed model outperforms the state-of-the-art baseline techniques.

Wenguang Yang,Chao Liu,Dongxiang Jiang

DOI: https://doi.org/10.1016/j.renene.2018.04.059

IF: 8.7

2018-01-01

Renewable Energy

Abstract:The vast installment of wind turbines and the development of condition monitoring system provides large amounts of operational data for condition monitoring and health management, while the lack of labeled data becomes one of the major challenges for the data analytics. To address this issue, this work presents an unsupervised anomaly detection approach for wind turbine condition monitoring, where a spatiotemporal graphical modeling method, spatiotemporal pattern network (STPN), is applied to extract the spatial and temporal features between the variables in the system, and an energy-based model, stacked Restricted Boltzmann Machine (RBM) is used to capture the system-wide patterns and then applied for condition monitoring. Case studies on three data sets are carried out including: (1) anomaly detection on a benchmark model for fault detection and isolation, (2) anomaly detection on an experimental data set with the normal condition and 11 fault conditions and (3) online condition monitoring using real data from a wind farm in northwest China. The results show that the proposed approach is capable of detecting the anomalies without the need for labeling data.

Chao Liu,Kin Gwn Lore,Zhanhong Jiang,Soumik Sarkar

DOI: https://doi.org/10.1016/j.knosys.2020.106527

2021-01-01

Abstract:Performance monitoring, anomaly detection, and root-cause analysis in complex cyber–physical systems (CPSs) are often highly intractable due to widely diverse operational modes, disparate data types, and complex fault propagation mechanisms. This paper presents a new data-driven framework for root-cause analysis, based on a spatiotemporal graphical modeling approach built on the concept of symbolic dynamics for discovering and representing causal interactions among sub-systems of complex CPSs. We formulate the root-cause analysis problem as a minimization problem via the proposed inference based metric and present two approximate approaches for root-cause analysis, namely the sequential state switching (S3, based on free energy concept of a restricted Boltzmann machine, RBM) and artificial anomaly association (A3, a classification framework using deep neural networks, DNN). Synthetic data from cases with failed pattern(s) and anomalous node(s) are simulated to validate the proposed approaches. Real dataset based on Tennessee Eastman process (TEP) is also used for comparison with other approaches. The results show that: (1) S3 and A3 approaches can obtain high accuracy in root-cause analysis under both pattern-based and node-based fault scenarios, in addition to successfully handling multiple nominal operating modes, (2) the proposed tool-chain is shown to be scalable while maintaining high accuracy, and (3) the proposed framework is robust and adaptive in different fault conditions and performs better in comparison with the state-of-the-art methods.

computer science, artificial intelligence

Chao Liu,Kin Gwn Lore,Soumik Sarkar

DOI: https://doi.org/10.1109/cdc.2017.8264527

2017-01-01

Abstract:Modern distributed cyber-physical systems encounter a large variety of anomalies and in many cases, they are vulnerable to catastrophic fault propagation scenarios due to strong connectivity among the sub-systems. In this regard, root-cause analysis becomes highly intractable due to complex fault propagation mechanisms in combination with diverse operating modes. This paper presents a new data-driven framework for root-cause analysis for addressing such issues. The framework is based on a spatiotemporal feature extraction scheme for distributed cyber-physical systems built on the concept of symbolic dynamics for discovering and representing causal interactions among subsystems of a complex system. We present two approaches for root-cause analysis, namely the sequential state switching (S-3, based on free energy concept of a Restricted Boltzmann Machine, RBM) and artificial anomaly association (A(3), a multi-class classification framework using deep neural networks, DNN). Synthetic data from cases with failed pattern(s) and anomalous node are simulated to validate the proposed approaches, then compared with the performance of vector autoregressive (VAR) model-based root-cause analysis. Real dataset based on Tennessee Eastman process (TEP) is also used for validation. The results show that: (1) S-3 and A(3) approaches can obtain high accuracy in root-cause analysis and successfully handle multiple nominal operation modes, and (2) the proposed tool-chain is shown to be scalable while maintaining high accuracy.

Zilong He,Pengfei Chen,Xiaoyun Li,Yongfeng Wang,Guangba Yu,Cailin Chen,Xinrui Li,Zibin Zheng

DOI: https://doi.org/10.1109/TNNLS.2020.3027736

Abstract:Anomaly detection is a critical task for maintaining the performance of a cloud system. Using data-driven methods to address this issue is the mainstream in recent years. However, due to the lack of labeled data for training in practice, it is necessary to enable an anomaly detection model trained on contaminated data in an unsupervised way. Besides, with the increasing complexity of cloud systems, effectively organizing data collected from a wide range of components of a system and modeling spatiotemporal dependence among them become a challenge. In this article, we propose TopoMAD, a stochastic seq2seq model which can robustly model spatial and temporal dependence among contaminated data. We include system topological information to organize metrics from different components and apply sliding windows over metrics collected continuously to capture the temporal dependence. We extract spatial features with the help of graph neural networks and temporal features with long short-term memory networks. Moreover, we develop our model based on variational auto-encoder, enabling it to work well robustly even when trained on contaminated data. Our approach is validated on the run-time performance data collected from two representative cloud systems, namely, a big data batch processing system and a microservice-based transaction processing system. The experimental results show that TopoMAD outperforms some state-of-the-art methods on these two data sets.

Chenlong Feng,Chao Liu,Dongxiang Jiang

DOI: https://doi.org/10.1016/j.renene.2023.02.053

IF: 8.7

2023-02-18

Renewable Energy

Abstract:Efficient and feasible anomaly detection scheme that could utilize data collected by supervisory-control-and-data-acquisition (SCADA) system is essential for wind turbines, which could greatly increase the amount of available condition monitoring data, and improve the power generation efficiency and reduce maintenance costs. While it is also very challenging as condition estimation with such massive field data is difficult to tackle, especially the SCADA data is not labeled in most cases. This work presents an unsupervised anomaly detection framework for wind turbines incorporating physical-statistical feature fusion and graph neural networks (GNNs), realizing dimensionality reduction, temporal dependence extraction, and latent nonlinear correlation capture of high-dimensional data. Firstly, graphical modeling for SCADA data of wind turbines is presented. Secondly, the physical-statistical feature fusion is implemented via local-global mutual information maximization. Finally, anomaly detection is realized with an energy-based method to learn patterns in the updated nodes' feature matrix. The results show that i) the features designed by physical information can reasonably represent equipment's state and reduce the information-redundancy, ii) the time-series based graph structure can effectively express the dataset structure information and extract temporal dependence, iii) and the anomaly detection model can fully use the physical-statistical information and local-global information, which outperforms comparison methods.

energy & fuels,green & sustainable science & technology

Le Zhang,Wei Cheng,Ji Xing,Xuefeng Chen,Zelin Nie,Shuo Zhang,Junying Hong,Zhao Xu

DOI: https://doi.org/10.1109/tim.2023.3323989

IF: 5.6

2023-10-28

IEEE Transactions on Instrumentation and Measurement

Abstract:Unsupervised anomaly detection (AD) methods, either reconstruction based or prediction based, determine anomalies based on residuals. Occasional mutations in a single variable can cause the residuals to exceed the limits. Indeed, such mutations are not variations in the operating mechanism of the system. Thus, system-level anomalies are challenging to characterize. Complex networks (or "graphs") are well adapted for modeling and characterizing the laws of evolution of complex systems. However, most industrial scenarios are without graphs. Hence, a self-supervised variational graph autoencoders (SS-VGAE) method is proposed. First, the multisource sensor dynamic graph is constructed through detrended cross-correlation analysis (DCCA). Second, target and self-supervised learning tasks are designed. The target task is to reconstruct the input graph structure to minimize the reconstruction loss. The self-supervised task is to learn the optimal center of the hypersphere in the latent space such that the mean features are gathered toward the center as much as possible. Multitask joint optimization allows high- and low-dimensional space features to be considered simultaneously, thereby improving the reliability of anomaly scores. Then, the distribution of anomaly scores is calculated and integrated into a system health indicator (HI). The system HI is more applicable to assist decision making. Finally, the superiority of the proposed method, namely, better detection accuracy and robustness, is demonstrated by nuclear personal computer transient analyzer (PCTRAN) simulation data and Skoltech anomaly benchmark (SKAB) data. Last but not least, systematic anomalies are found to make the correlation between the variables stronger.

engineering, electrical & electronic,instruments & instrumentation

Sangwoong Yoon,Young-Uk Jin,Yung-Kyun Noh,Frank C. Park

2023-10-28

Abstract:We present a new method of training energy-based models (EBMs) for anomaly detection that leverages low-dimensional structures within data. The proposed algorithm, Manifold Projection-Diffusion Recovery (MPDR), first perturbs a data point along a low-dimensional manifold that approximates the training dataset. Then, EBM is trained to maximize the probability of recovering the original data. The training involves the generation of negative samples via MCMC, as in conventional EBM training, but from a different distribution concentrated near the manifold. The resulting near-manifold negative samples are highly informative, reflecting relevant modes of variation in data. An energy function of MPDR effectively learns accurate boundaries of the training data distribution and excels at detecting out-of-distribution samples. Experimental results show that MPDR exhibits strong performance across various anomaly detection tasks involving diverse data types, such as images, vectors, and acoustic signals.

Machine Learning

Zhe Zhang,Yuhao Chen,Huixue Wang,Qiming Fu,Jianping Chen,You Lu

DOI: https://doi.org/10.1371/journal.pone.0286770

IF: 3.7

2023-06-09

PLoS ONE

Abstract:A critical issue in intelligent building control is detecting energy consumption anomalies based on intelligent device status data. The building field is plagued by energy consumption anomalies caused by a number of factors, many of which are associated with one another in apparent temporal relationships. For the detection of abnormalities, most traditional detection methods rely solely on a single variable of energy consumption data and its time series changes. Therefore, they are unable to examine the correlation between the multiple characteristic factors that affect energy consumption anomalies and their relationship in time. The outcomes of anomaly detection are one-sided. To address the above problems, this paper proposes an anomaly detection method based on multivariate time series. Firstly, in order to extract the correlation between different feature variables affecting energy consumption, this paper introduces a graph convolutional network to build an anomaly detection framework. Secondly, as different feature variables have different influences on each other, the framework is enhanced by a graph attention mechanism so that time series features with higher influence on energy consumption are given more attention weights, resulting in better anomaly detection of building energy consumption. Finally, the effectiveness of this paper's method and existing methods for detecting energy consumption anomalies in smart buildings are compared using standard data sets. The experimental results show that the model has better detection accuracy.

multidisciplinary sciences

Chao Liu,Kin Gwn Lore,Soumik Sarkar

2016-01-01

Abstract:Modern distributed cyber-physical systems encounter a large variety of anomalies and in many cases, they are vulnerable to catastrophic fault propagation scenarios due to strong connectivity among the sub-systems. In this regard, root-cause analysis becomes highly intractable due to complex fault propagation mechanisms in combination with diverse operating modes. This paper presents a new data-driven framework for root-cause analysis for addressing such issues. The framework is based on a spatiotemporal feature extraction scheme for multivariate time series built on the concept of symbolic dynamics for discovering and representing causal interactions among subsystems of a complex system. We propose sequential state switching ($S^3$) and artificial anomaly association ($A^3$) methods to implement root-cause analysis in an unsupervised and semi-supervised manner respectively. Synthetic data from cases with failed pattern(s) and anomalous node are simulated to validate the proposed approaches, then compared with the performance of vector autoregressive (VAR) model-based root-cause analysis. The results show that: (1) $S^3$ and $A^3$ approaches can obtain high accuracy in root-cause analysis and successfully handle multiple nominal operation modes, and (2) the proposed tool-chain is shown to be scalable while maintaining high accuracy.

DunHuang Shi,Tao Zhang,Lei Sun

DOI: https://doi.org/10.1145/3674700.3674705

2024-01-01

Abstract:The widespread adoption of information technology has led to the proliferation of data applications, underscoring the importance of identifying potential anomalies within datasets. However, developing anomaly detection models for intricate data presents a formidable challenge. Issues such as the scarcity and inferior quality of anomaly data hinder the effectiveness of supervised models, necessitating the exploration of unsupervised detection methods. This manuscript proposes an unsupervised learning-based multivariate anomaly detection method for dynamic attention graphs (ADDAG), which combines the characteristics of graph convolutional neural networks that fuse the relationships between data while updating their own nodes to reconstruct the data and extract the anomalous data. Compared with the traditional static attention graph, the use of dynamic attention graph enhances the ability to express the features of complex associated time-series variables. In the experimental part, the performance of the proposed method in this paper outperforms conventional anomaly detection algorithms when tested on multiple datasets.

Kursat Rasim Mestav,Xinyi Wang,Lang Tong

DOI: https://doi.org/10.48550/arXiv.2012.05163

2021-06-23

Abstract:A deep learning approach is proposed to detect data and system anomalies using high-resolution continuous point-on-wave (CPOW) or phasor measurements. Both the anomaly and anomaly-free measurement models are assumed to have unknown temporal dependencies and probability distributions. Historical training samples are assumed for the anomaly-free model, while no training samples are available for the anomaly measurements. By transforming the anomaly-free observations into uniform independent and identically distributed sequences via a generative adversarial network, the proposed approach deploys a uniformity test for anomaly detection at the sensor level. A distributed detection scheme that combines sensor level detections at the control center is also proposed that combines local detections to form more reliable detections. Numerical results demonstrate significant improvement over the state-of-the-art solutions for various bad-data cases using real and synthetic CPOW and PMU data sets.

Systems and Control,Machine Learning,Signal Processing

Shuo Liang,Dechang Pi,Xiangyan Zhang

DOI: https://doi.org/10.1088/1361-6501/ad545e

IF: 2.398

2024-06-06

Measurement Science and Technology

Abstract:Multivariate time series (MTS) anomaly detection is vital for ensuring the safety and reliability of large-scale industrial systems. However, existing deep learning methods often overlook complex interrelationships between different time series and the study of anomalies has been limited to detection. To address this, we propose an MTS anomaly detection model based on transfer entropy (TE) and graph attention network (GAT). In the graph construction module, by combining modified TE with automatic structure learning, we extract intricate relationships between features. In the prediction module, we modify the GAT to implement the dynamic attention mechanism and non-linear interaction between different features to improve the accuracy of model prediction. Finally, our model combines the modified TE with anomaly detection task, which can be used to provide interpretability for the detected anomalies using the constructed causal graph. Experimental results on both real and public datasets show that our approach outperforms the mainstream methods, in particular, achieving optimal results in terms of F1 scores and recall.

engineering, multidisciplinary,instruments & instrumentation

Zexi Chen,Dongqiang Jia,Yushu Sun,Lin Yang,Wenjie Jin,Ruoxi Liu

DOI: https://doi.org/10.26599/tst.2023.9010073

2024-02-13

Tsinghua Science & Technology

Abstract:In order to support the perception and defense of the operation risk of the medium and low voltage distribution system, it is crucial to conduct data mining on the time series generated by the system to learn anomalous patterns, and carry out accurate and timely anomaly detection for timely discovery of anomalous conditions and early alerting. And edge computing has been widely used in the processing of Internet of Things (IoT) data. The key challenge of univariate time series anomaly detection is how to model complex nonlinear time dependence. However, most of the previous works only model the short-term time dependence, without considering the periodic long-term time dependence. Therefore, we propose a new Hierarchical Attention Network (HAN), which introduces seven day-level attention networks to capture fine-grained short-term time dependence, and uses a week-level attention network to model the periodic long-term time dependence. Then we combine the day-level feature learned by day-level attention network and week-level feature learned by week-level attention network to obtain the high-level time feature, according to which we can calculate the anomaly probability and further detect the anomaly. Extensive experiments on a public anomaly detection dataset, and deployment in a real-world medium and low voltage distribution system show the superiority of our proposed framework over state-of-the-arts.

computer science, information systems,engineering, electrical & electronic, software engineering

Srishti Mishra,Tvarita Jain,Dinkar Sitaram

DOI: https://doi.org/10.48550/arXiv.2210.15030

IF: 5.414

2022-10-26

Machine Learning

Abstract:Anomaly detection to recognize unusual events in large scale systems in a time sensitive manner is critical in many industries, eg. bank fraud, enterprise systems, medical alerts, etc. Large-scale systems often grow in size and complexity over time, and anomaly detection algorithms need to adapt to changing structures. A hierarchical approach takes advantage of the implicit relationships in complex systems and localized context. The features in complex systems may vary drastically in data distribution, capturing different aspects from multiple data sources, and when put together provide a more complete view of the system. In this paper, two datasets are considered, the 1st comprising of system metrics from machines running on a cloud service, and the 2nd of application metrics from a large-scale distributed software system with inherent hierarchies and interconnections amongst its system nodes. Comparing algorithms, across the changepoint based PELT algorithm, cognitive learning-based Hierarchical Temporal Memory algorithms, Support Vector Machines and Conditional Random Fields provides a basis for proposing a Hierarchical Global-Local Conditional Random Field approach to accurately capture anomalies in complex systems across various features. Hierarchical algorithms can learn both the intricacies of specific features, and utilize these in a global abstracted representation to detect anomalous patterns robustly across multi-source feature data and distributed systems. A graphical network analysis on complex systems can further fine-tune datasets to mine relationships based on available features, which can benefit hierarchical models. Furthermore, hierarchical solutions can adapt well to changes at a localized level, learning on new data and changing environments when parts of a system are over-hauled, and translate these learnings to a global view of the system over time.

Hang Zhao,Yujing Wang,Juanyong Duan,Congrui Huang,Defu Cao,Yunhai Tong,Bixiong Xu,Jing Bai,Jie Tong,Qi Zhang

DOI: https://doi.org/10.1109/icdm50108.2020.00093

2020-11-01

Abstract:Anomaly detection on multivariate time-series is of great importance in both data mining research and industrial applications. Recent approaches have achieved significant progress in this topic, but there is remaining limitations. One major limitation is that they do not capture the relationships between different time-series explicitly, resulting in inevitable false alarms. In this paper, we propose a novel self-supervised framework for multivariate time-series anomaly detection to address this issue. Our framework considers each univariate time-series as an individual feature and includes two graph attention layers in parallel to learn the complex dependencies of multivariate time-series in both temporal and feature dimensions. In addition, our approach jointly optimizes a forecasting-based model and a reconstruction-based model, obtaining better time-series representations through a combination of single-timestamp prediction and reconstruction of the entire time-series. We demonstrate the efficacy of our model through extensive experiments. The proposed method outperforms other state-of-the-art models on three real-world datasets. Further analysis shows that our method has good interpretability and is useful for anomaly diagnosis.

Tingting Huang,Chao Liu,Anuj Sharma,Soumik Sarkar

DOI: https://doi.org/10.36001/ijphm.2018.v9i1.2671

2020-01-01

International Journal of Prognostics and Health Management

Abstract:Traffic dynamics in the urban interstate system are critical in terms of highway safety and mobility. This paper proposes a systematic data mining technique to detect traffic system-level anomalies in a batch-processing fashion. Built on the concepts of symbolic dynamics, a spatiotemporal pattern network (STPN) architecture is developed to capture the system characteristics. This novel spatiotemporal graphical modeling approach is shown to be able to extract salient time series features and discover spatial and temporal patterns for a traffic system. An information-theoretic metric is used to quantify the causal relationships between sub-systems. By comparing the structural similarity of the information-theoretic metrics of the STPNs learnt from each day, a day with anomalous system characteristics can be identified. A case study is conducted on an urban interstate in Iowa, USA, with 11 roadside radar sensors collecting 20-second resolution speed and volume data. After applying the proposed methods on one-month data (Feb. 2017), several system-level anomalies are detected. The potential causes that include inclement weather condition and non-recurring congestion are also verified to demonstrate the efficacies of the proposed technique. Compared to the traditional predefined performance measures for the traffic systems, the proposed framework has advantages in capturing spatiotemporal features in a fast and scalable manner.

Di Ge,Yuhang Cheng,Shuangshuang Cao,Yanmei Ma,Yanwen Wu

DOI: https://doi.org/10.1007/s40747-023-01306-x

IF: 6.7

2024-01-06

Complex & Intelligent Systems

Abstract:Abstract The detection of anomalies in high-dimensional time-series has always played a crucial role in the domain of system security. Recently, with rapid advancements in transformer model and graph neural network (GNN) technologies, spatiotemporal modeling approaches for anomaly detection tasks have been greatly improved. However, most methods focus on optimizing upstream time-series prediction tasks by leveraging joint spatiotemporal features. Through experiments, we found that this modeling approach not only risks the loss of some original anomaly information during data preprocessing, but also focuses on optimizing the performance of the upstream prediction task and does not directly enhance the performance of the downstream detection task. We propose a spatiotemporal anomaly detection model that incorporates an improved attention mechanism in the process of temporal modeling. We adopt a heterogeneous graph contrastive learning approach in spatio modeling to compensate for the representation of anomalous behavioral information, thereby guiding the model through thorough training. Through validation on two widely used real-world datasets, we demonstrate that our model outperforms baseline methods. We also explore the impact of multivariate time-series prediction tasks on the detection task, and visualize the reasons behind the benefits gained by our model.

computer science, artificial intelligence

Dong Wang,Therese Enlund,Johan Trygg,Mats Tysklind,Lili Jiang

DOI: https://doi.org/10.1109/access.2022.3160170

IF: 3.9

2022-01-01

IEEE Access

Abstract:Buildings are highly energy-consuming and therefore are largely accountable for environmental degradation. Detecting anomalous energy consumption is one of the effective ways to reduce energy consumption. Besides, it can contribute to the safety and robustness of building systems since anomalies in the energy data are usually the reflection of malfunctions in building systems. As the most flexible and applicable type of anomaly detection approach, unsupervised anomaly detection has been implemented in several studies for building energy data. However, no studies have investigated the joint influence of data structures and algorithms' mechanisms on the performance of unsupervised anomaly detection for building energy data. Thus, we put forward a novel workflow based on two levels, data structure level and algorithm mechanism level, to effectively detect the imperceptible anomalies in the energy consumption profiles of buildings. The proposed workflow was implemented in a case study for identifying the anomalies in three real-world energy consumption datasets from two types of commercial buildings. Two aims were achieved through the case study. First, it precisely detected the contextual anomalies concealed beneath the time variation of the energy consumption profiles of the three buildings. The performance in terms of areas under the precision-recall curves (AUC_PR) for the three given datasets were 0.989, 0.941, and 0.957, respectively. Second, more broadly, the joint effect of the two levels was examined. On the data level, all four detectors on the contextualized data were superior to their counterparts on the original data. On the algorithm level, there was a consistent ranking of detectors regarding their detecting performances on the contextualized data. The consistent ranking suggests that local approaches outperform global approaches in the scenarios where the goal is to detect the instances deviating from their contextu-l neighbors rather than the rest of the entire data.

computer science, information systems,telecommunications,engineering, electrical & electronic