Yue Wang,Hao Peng,Gang Wang,Xianghong Tang,Xuejian Wang,Chunyang Liu

DOI: https://doi.org/10.1016/j.engappai.2023.106144

IF: 8

2023-03-24

Engineering Applications of Artificial Intelligence

Abstract:Massive amounts of industrial data, which are often gathered by industrial control systems (ICS), have been generated by the fast growth of industrial intelligence. One of the hottest topics in ICS is how to extract the most useful information from industrial "Big Data" and provide a more comprehensive service for monitoring the condition of industrial production processes. As the industrial environment gets increasingly complicated, production tasks change often and malicious attacks are on the rise. It remains a grand challenge to perform fine-grained anomaly detection in high-dimensional, noisy industrial data. In response to this problem, we propose a spatio-temporal graph neural network-based anomaly detection framework for fine-grained state monitoring of ICSs. First, based on prior knowledge, we propose a method for feature dimensionality reduction and dynamic graph modeling. After that, the variational mode decomposition (VMD) module is then utilized to remove noise from industrial data. Finally, we propose a spatio-temporal feature extraction module for fine-grained anomaly detection. Numerical experiments are conducted on a real-world ICS dataset called HAI. The results demonstrate that the proposed framework can effectively deal with high-dimensional, high-noise, and imbalanced industrial data. The framework's concepts are interconnected and extensible to various industrial scenarios, including metallurgy, smart shop floors, etc. In terms of recall, precision, and F1 -Score, a comparison between the proposed framework and eight representative methods reveals the merits of the proposed framework.

automation & control systems,computer science, artificial intelligence,engineering, electrical & electronic, multidisciplinary

Huang, Xiangheng,Deng, Ziyue,Huang, Suqun

DOI: https://doi.org/10.1007/s10489-024-05575-y

IF: 5.3

2024-06-12

Applied Intelligence

Abstract:In the industrial Internet, industrial software plays a central role in enhancing the level of intelligent manufacturing. It enables the promotion of digital collaborative services. Effective anomaly detection of multivariate time series can ensure the quality of industrial software. Extensive research has been conducted on time series anomaly detection to identify abnormal data. However, detecting anomalies in multivariate time series, which consist of high-dimensional, high-noise, and random data, poses significant challenges. The states of different timestamps within a time series sample can influence the overall correlation of sensor features. Unfortunately, existing methods often overlook this impact, making it difficult to capture subtle variations in the delayed response of attacked sensors.Consequently, there are false alarms and abnormal omissions. To address these limitations, this paper proposes an anomaly detection method called DGINet. DGINet leverages a dynamic graph attention network and Informer to capture and integrate feature correlation across different time states. By combining GRU and Informer, DGINet effectively captures continuous correlations in long time series. Moreover, DGINet simultaneously optimizes the reconstruction and forecasting modules, enhancing its overall performance. Experimental results on four benchmark datasets demonstrate that DGINet outperforms state-of-the-art methods by achieving up to a 2 improvement in accuracy. Further analysis reveals that DGINet excels in accurately detecting anomalies in long time series and locating candidate abnormal attack points.

computer science, artificial intelligence

Shuaiyi Lu,Kai Wang,Yuliang Wei,Hongri Liu,Qilin Fan,Bailing Wang,Shuaiyi L(y)u

DOI: https://doi.org/10.1145/3620676

IF: 5

2023-09-05

ACM Transactions on Intelligent Systems and Technology

Abstract:Recent adversaries targeting the Industrial Control Systems (ICSs) have started exploiting their sophisticated inherent contextual semantics such as the data associativity among heterogeneous field devices. In light of the subtlety rendered in these semantics, anomalies triggered by such interactions tend to be extremely covert, hence giving rise to extensive challenges in their detection. Driven by the critical demands of securing ICS processes, a Graph-Neural-Network (GNN) based method is presented to tackle these subtle hostilities by leveraging an ICS’s advanced contextual features refined from a universal perspective, rather than exclusively following GNN’s conventional local aggregation paradigm. Specifically, we design and implement the Graph Sample-and-Integrate Network (GSIN), a general chained framework performing node-level anomaly detection via advanced feature integration, which combines a node’s local awareness with the graph’s prominent global properties extracted via process-oriented pooling. The proposed GSIN is evaluated on multiple well-known datasets with different kinds of integration configurations, and results demonstrate its superiority consistently on not only anomaly detection performance (e.g., F1 score and AUPRC) but also runtime efficiency over recent representative baselines.

computer science, information systems, artificial intelligence

Yulei Wu,Hong-Ning Dai,Haina Tang

DOI: https://doi.org/10.1109/jiot.2021.3094295

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:The Industrial Internet of Things (IIoT) plays an important role in digital transformation of traditional industries toward Industry 4.0. By connecting sensors, instruments, and other industry devices to the Internet, IIoT facilitates the data collection, data analysis, and automated control, thereby improving the productivity and efficiency of the business as well as the resulting economic benefits. Due to the complex IIoT infrastructure, anomaly detection becomes an important tool to ensure the success of IIoT. Due to the nature of IIoT, graph-level anomaly detection has been a promising means to detect and predict anomalies in many different domains, such as transportation, energy, and factory, as well as for dynamically evolving networks. This article provides a useful investigation on graph neural networks (GNNs) for anomaly detection in IIoT-enabled smart transportation, smart energy, and smart factory. In addition to the GNN-empowered anomaly detection solutions on point, contextual, and collective types of anomalies, useful data sets, challenges, and open issues for each type of anomalies in the three identified industry sectors (i.e., smart transportation, smart energy, and smart factory) are also provided and discussed, which will be useful for future research in this area. To demonstrate the use of GNN in concrete scenarios, we show three case studies in smart transportation, smart energy, and smart factory, respectively.

computer science, information systems,telecommunications,engineering, electrical & electronic

Haodong Yan,Fudong Li,Jinglong Chen,Zijun Liu,Jun Wang,Yong Feng,Xinwei Zhang

DOI: https://doi.org/10.1016/j.ress.2023.109418

2023-06-09

Abstract:Real-time anomaly detection is essential for the safe launch of some sophisticated equipment, such as liquid rocket engines (LRE), in order to head off disasters. However, the Industrial Internet of Things (IIoT) edge's real-time requirements cannot be addressed by the present methodologies, and the outcome is poor when dealing with a lack of training samples on the device side. We provide a solution for device-side real-time anomaly detection using the architecture known as Graph Embedded in Graph Networks to address these issues (GG-Nets). To fully extract features under insufficient training data, in our method, we learn the temporal relationship of timestamps in the multivariate signal through a time-series graph attention network (T-GAT) and extract features, and use the extracted features to replace the original signal as the information of the sensor attention network (S-GAT) nodes. For efficiency, the signals in the original sample are divided into odd and even sequences, which greatly reduces the number of nodes in the T-GAT. Experiments reveal that the proposed method outperforms other state-of-the-art models on the LRE ignition dataset. Furthermore, the ablation experiment proves that each module of the model improves the effect and extensive discussions explore interpretability. Our code can be found on: https://github.com/yhd-ai/GG-Nets .

engineering, industrial,operations research & management science

Minghui Yang,Jing Liu,Zhiwei Yang,Zhaoyang Wu

DOI: https://doi.org/10.1016/j.patcog.2024.110862

IF: 8

2024-01-01

Pattern Recognition

Abstract:Industrial image anomaly detection under the setting of one-class classification has significant practical value. However, most existing models face challenges in extracting separable feature representations when performing feature embedding and in constructing compact descriptions of normal features when performing one-class classification. One direct consequence is that most models perform poorly in detecting logical anomalies that violate contextual relationships. Focusing on more effective and comprehensive anomaly detection, we propose a network based on self-supervised learning and self-attentive graph convolution (SLSG). SLSG uses a generative pre-training network to assist the encoder in learning the embedding of normal patterns and the reasoning of positional relationships. Subsequently, we introduce pseudo-prior knowledge of anomalies in SLSG using simulated abnormal samples. By comparing the simulated anomalies, SLSG can better summarize the normal patterns and narrow the hypersphere used for one-class classification. In addition, with the construction of a more general graph structure, SLSG comprehensively models the dense and sparse relationships among the elements in an image, which further strengthens the detection of logical anomalies. Extensive experiments on benchmark datasets show that SLSG achieves superior anomaly detection performance, demonstrating the effectiveness of our method.

Minghui Yang,Jing Liu,Zhiwei Yang,Zhaoyang Wu

2023-04-30

Abstract:Industrial image anomaly detection under the setting of one-class classification has significant practical value. However, most existing models struggle to extract separable feature representations when performing feature embedding and struggle to build compact descriptions of normal features when performing one-class classification. One direct consequence of this is that most models perform poorly in detecting logical anomalies which violate contextual relationships. Focusing on more effective and comprehensive anomaly detection, we propose a network based on self-supervised learning and self-attentive graph convolution (SLSG) for anomaly detection. SLSG uses a generative pre-training network to assist the encoder in learning the embedding of normal patterns and the reasoning of position relationships. Subsequently, SLSG introduces the pseudo-prior knowledge of anomaly through simulated abnormal samples. By comparing the simulated anomalies, SLSG can better summarize the normal features and narrow down the hypersphere used for one-class classification. In addition, with the construction of a more general graph structure, SLSG comprehensively models the dense and sparse relationships among elements in the image, which further strengthens the detection of logical anomalies. Extensive experiments on benchmark datasets show that SLSG achieves superior anomaly detection performance, demonstrating the effectiveness of our method.

Computer Vision and Pattern Recognition

Shuo Liang,Dechang Pi,Xiangyan Zhang

DOI: https://doi.org/10.1088/1361-6501/ad545e

IF: 2.398

2024-06-06

Measurement Science and Technology

Abstract:Multivariate time series (MTS) anomaly detection is vital for ensuring the safety and reliability of large-scale industrial systems. However, existing deep learning methods often overlook complex interrelationships between different time series and the study of anomalies has been limited to detection. To address this, we propose an MTS anomaly detection model based on transfer entropy (TE) and graph attention network (GAT). In the graph construction module, by combining modified TE with automatic structure learning, we extract intricate relationships between features. In the prediction module, we modify the GAT to implement the dynamic attention mechanism and non-linear interaction between different features to improve the accuracy of model prediction. Finally, our model combines the modified TE with anomaly detection task, which can be used to provide interpretability for the detected anomalies using the constructed causal graph. Experimental results on both real and public datasets show that our approach outperforms the mainstream methods, in particular, achieving optimal results in terms of F1 scores and recall.

engineering, multidisciplinary,instruments & instrumentation

Jiaqi Liu,Guoyang Xie,Jinbao Wang,Shangnian Li,Chengjie Wang,Feng Zheng,Yaochu Jin

DOI: https://doi.org/10.1007/s11633-023-1459-z

2024-01-17

Machine Intelligence Research

Abstract:The recent rapid development of deep learning has laid a milestone in industrial image anomaly detection (IAD). In this paper, we provide a comprehensive review of deep learning-based image anomaly detection techniques, from the perspectives of neural network architectures, levels of supervision, loss functions, metrics and datasets. In addition, we extract the promising setting from industrial manufacturing and review the current IAD approaches under our proposed setting. Moreover, we highlight several opening challenges for image anomaly detection. The merits and downsides of representative network architectures under varying supervision are discussed. Finally, we summarize the research findings and point out future research directions. More resources are available at https://github.com/M-3LAB/awesome-industrial-anomaly-detection.

English Else

Songtao Peng,Jiaqi Nie,Xincheng Shu,Zhongyuan Ruan,Lei Wang,Yunxuan Sheng,Qi Xuan

DOI: https://doi.org/10.1016/j.comnet.2022.109129

IF: 5.493

2022-01-01

Computer Networks

Abstract:As the default protocol for exchanging routing reachability information on the Internet, the abnormal behavior in traffic of Border Gateway Protocols (BGP) is closely related to Internet anomaly events. The BGP anomalous detection model ensures stable routing services on the Internet through its real-time monitoring and alerting capabilities. Previous studies either focused on the feature selection problem or the memory characteristic in data, while ignoring the relationship between features and the precise time correlation in feature (whether it is long or short term dependence). In this paper, we propose a multi-view model for capturing anomalous behaviors from BGP update traffic, in which Seasonal and Trend decomposition using Loess (STL) method is used to reduce the noise in the original time-series data, and Graph Attention Network (GAT) is used to discover feature relationships and time correlations in feature, respectively. Our results outperform the state-of-the-art methods at the anomaly detection task, with the average F1 score up to 96.3% and 93.2% on the balanced and imbalanced datasets respectively. Meanwhile, our model can be extended to classify multiple anomalous and to detect unknown events.

Mengmeng Zhao,Haipeng Peng,Lixiang Li,Yeqing Ren

DOI: https://doi.org/10.3390/s24051522

IF: 3.9

2024-02-27

Sensors

Abstract:Time series anomaly detection is very important to ensure the security of industrial control systems (ICSs). Many algorithms have performed well in anomaly detection. However, the performance of most of these algorithms decreases sharply with the increase in feature dimension. This paper proposes an anomaly detection scheme based on Graph Attention Network (GAT) and Informer. GAT learns sequential characteristics effectively, and Informer performs excellently in long time series prediction. In addition, long-time forecasting loss and short-time forecasting loss are used to detect multivariate time series anomalies. Short-time forecasting is used to predict the next time value, and long-time forecasting is employed to assist the short-time prediction. We conduct a large number of experiments on industrial control system datasets SWaT and WADI. Compared with most advanced methods, we achieve competitive results, especially on higher-dimensional datasets. Moreover, the proposed method can accurately locate anomalies and realize interpretability.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Weiqiang Wu,Chunyue Song,Jun Zhao,Zuhua Xu

DOI: https://doi.org/10.1016/j.ins.2023.01.136

IF: 8.1

2023-02-12

Information Sciences

Abstract:Industrial cyber-physical systems (ICPSs) play an important role in many critical infrastructures. To ensure the secure and reliable operation of ICPSs, this work presents a novel end-to-end physics-informed gated recurrent graph attention unit network (PGRGAT) for unsupervised anomaly detection. Different from existing data-driven methods, PGRGAT combines prior knowledge with process data to improve the modeling performance and interpretability. Firstly, a physics-informed graph structure learning module is designed to explicitly model the dependencies among variables into a directed graph. This module learns the Bernoulli distribution on graph edges and generates a discrete graph using Gumbel-softmax sampling. Moreover, prior knowledge is introduced as graph regularization which constrains the graph to adhere to the underlying physics. Then, based on the learned graph structure, a novel gated recurrent graph attention unit network is proposed to simultaneously encode the inter-variable structural dependencies and intra-variable temporal dependencies for anomaly detection. By this means, the information of irrelevant variables can be discarded to improve the sensitivity to anomalies. Finally, the effectiveness of the proposed method is verified through two real-world industrial cases.

computer science, information systems

Nanliang Shan,Xinghua Xu,Xianqiang Bao,Chengcheng Xu,Guangyu Zhu,Edmond Q. Wu

DOI: https://doi.org/10.1109/tits.2023.3267462

IF: 8.5

2023-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:In this paper, a graph neural network anomaly detection framework is proposed to improve the safety of linear induction motors, a key component of high-speed maglev trains. In our framework, each sensor sequence is treated as a separate feature. The similarity and correlation between multi-dimensional features are learned as prior knowledge for graph structure learning. The spatial-temporal graph attention network incorporates prior knowledge to learn complex correlations between nodes. Furthermore, the framework optimises a joint model for anomaly detection, avoiding the trap of falling into either local or global optimisation and thus achieving the most stable detection. Experimental results of our method on four real-world datasets show that it is more accurate than other state-of-the-art methods in detecting anomalies and capturing inter-sensor correlations. Further analysis of graph attention weights and visualization subgraphs show that our framework is well interpretable and allowing users to locate the root cause of anomalies.

Tao Yang,Yibo Hu,Yang Li,Wei Hu,Quan Pan

DOI: https://doi.org/10.1109/access.2019.2963144

IF: 3.9

2019-01-01

IEEE Access

Abstract:Industrial control systems (ICS) now usually connect to Wireless Sensor Networks and the Internet, exposing them to security threats resulting from cyber-attacks. However, detecting such attacks is non-trivial task. The high-dimensional network data pose significant challenges on security anomaly detection. In this work, we propose a network flow data processing method, which can make the complex network data more standardized and unified to assist security anomaly detection. Then, data generation method is applied to collect enough training data. We also propose a evaluation method for generated data. Finally, the bidirectional recurrent neural networks with attention mechanism is proposed to extract the latent feature, and give an explainable results in identifying the dominant attributes. Empirical results show our method outperforms the state-of-the-art models.

Chaofan Tang,Lijuan Xu,Bo Yang,Yongwei Tang,Dawei Zhao

DOI: https://doi.org/10.1016/j.cose.2023.103094

2023-01-11

Abstract:Interpretable multivariate time series anomaly detection is an important technology to prevent accidents and ensure the reliable operation of Industrial Control Systems. A key limitation lies in the lack of a model to achieve better detection performance and more reliable interpretability, and keep a balance between performance efficiency and training optimization. In this paper, we propose GRN, a Interpretable Multivariate Time Series Anomaly Detection method based on neural graph networks and gated recurrent units (GRU). GRN can automatically learn potential correlations between sensors from multidimensional industrial control time series data, quickly mine long-term and short-term dependencies, to improve detection performance and help users to infer the root cause of detected anomalies. Based on GRU, GRN preserves the original advantages of processing the sequences and capturing the time series dependencies, moreover solves the problem of gradient disappearance and gradient explosion. We compare the performance of nine state-of-the-art algorithms on two real water treatment datasets (SWaT, WADI). GRN achieves better detection precision and recall. Meanwhile, the comparison of Area Under the Curve (AUC) loss demonstrates that GRN has the effect of maintaining balance between detection performance and training optimization. Compared with a Graph Deviation Network(GDN), GRN has achieved greater interpretability.

computer science, information systems

Yong Feng,Jinglong Chen,Zijun Liu,Haixin Lv,Jun Wang

DOI: https://doi.org/10.1109/jiot.2022.3181737

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:With the increasing automation and integration of equipment, it is urgent to carry out anomaly detection (AD) for the large-scale system to ensure security, in virtue of Industrial Internet of Things (IIoT). Recently developed intelligent methods focus on component-level diagnosis or detection, resulting in difficulty in the health assessment of system with multisource data coupling. In addition, data-driven methods rarely emphasize the use of knowledge from the real physical system. In this article, we propose a full graph autoencoder to perform one-class group AD for the large-scale IIoT system. The proposed model takes as input data of normal status at training and only comprises several normalized graph convolutional layers, thus it is simple and fast. Different from Euclidean-based methods, the proposed model can handle various irregular structures together. For graph learning, multivariate time series are converted into graph data fused with prior knowledge. To achieve AD, we propose to reconstruct the full graph for the first time to obtain a reliable anomaly score. Besides, we extend a variational model to fully learn the graph representation. Moreover, a graph augmentation operation is employed to improve the accuracy and robustness. The proposed models are evaluated on two multisensor data sets from liquid rocket engine (LRE) systems, and the experimental results demonstrate the effectiveness and generalization of the IIoT system.

Zhengqiang Yang,Junwei Tian,Ning Li

DOI: https://doi.org/10.1155/2022/4194714

2022-03-31

Mobile Information Systems

Abstract:In this paper, a flow graph anomaly detection framework based on unsupervised learning is proposed. Compared with traditional anomaly detection, graph anomaly detection faces some problems. Firstly, the training of a reasonable network embedding is challenging. Secondly, the information data in the real world is often dynamically changing. Thirdly, due to the lack of sufficient training labeled data in most cases, anomaly detection models can only use unsupervised learning methods. In order to resolve these problems, three modules in the framework are proposed in this paper: preprocessor, controller, and optimizer. Additionally, a reasonable negative sampling strategy is applied to generate negative samples to deal with the lack of labeled data. Finally, experiments on real-world data sets are conducted, and the experimental results show that the accuracy of the proposed method reaches 87.6%.

computer science, information systems,telecommunications

Shiming He,Qingqing Guo,Genxin Li,Kun Xie,Pradip Kumar Sharma

DOI: https://doi.org/10.1109/tim.2024.3493890

IF: 5.6

2024-01-01

IEEE Transactions on Instrumentation and Measurement

Abstract:Multivariate time series anomaly detection (MTSAD) plays a crucial role in the Internet of things (IoT), identifying device malfunction or system attacks. Graph neural networks (GNNs) are widely applied in MTSAD to capture the spatial features among sensors. However, GNN requires an explicit graph structure and cannot work when spatial relationships are lacking or sensor dependencies are unknown. Hence, graph structure learning (GSL) emerges as a promising solution, which learns graph structures with the downstream tasks without requiring spatial relationships. However, a general cascade effect occurs in the industrial scene. Moreover, an attack event changes sensor data sequentially instead of simultaneously due to the multiple serial process that occur (i.e., delay correlation). Existing GSL-based anomaly detection methods fail to tackle delay correlation and focus on low prediction errors. However, the low prediction error distribution is always dispersed, making it difficult to differentiate between normal and abnormal samples based on a threshold. Therefore, we propose a multivariate time series anomaly detection based on multiple spatio-temporal graph convolution (MSTGAD). MSTGAD utilizes dynamic time warping distance as prior knowledge instead of Euclidean, guiding graph learning to capture delay correlations effectively. MSTGAD designs an ensemble predictor, which utilizes two sub-predictors with a shared and learnable graph to ensure high prediction accuracy while maintaining stable anomaly scores. Furthermore, we conduct extensive experiments to evaluate the MSTGAD method’s effectiveness. Our method outperforms existing GSL-based methods in anomaly detection on four publicly available real-world datasets, demonstrating our proposed approach’s effectiveness. Compared with the best GSL-based method, MSTGAD achieves an additional 0.83% improvement on average.

Shiming He,Qingqing Guo,Genxin Li,Kun Xie,Pradip Kumar Sharma

DOI: https://doi.org/10.1109/tim.2024.3493890

IF: 5.6

2024-12-11

IEEE Transactions on Instrumentation and Measurement

Abstract:Multivariate time series anomaly detection (MTSAD) plays a crucial role in the Internet of Things (IoT), identifying device malfunction or system attacks. Graph neural networks (GNNs) are widely applied in MTSAD to capture the spatial features among sensors. However, GNN requires an explicit graph structure and cannot work when spatial relationships are lacking or sensor dependencies are unknown. Hence, graph structure learning (GSL) emerges as a promising solution, which learns graph structures with the downstream tasks without requiring spatial relationships. However, a general cascade effect occurs in the industrial scene. Moreover, an attack event changes sensor data sequentially instead of simultaneously due to the multiple serial process that occurs (i.e., delay correlation). Existing GSL-based anomaly detection methods fail to tackle delay correlation and focus on low prediction errors. However, the low prediction error distribution is always dispersed, making it difficult to differentiate between normal and abnormal samples based on a threshold. Therefore, we propose an MTSAD based on multiple spatiotemporal graph convolution (MSTGAD). MSTGAD uses dynamic time warping (DTW) distance as prior knowledge instead of Euclidean, guiding graph learning to capture delay correlations effectively. MSTGAD designs an ensemble predictor, which uses two subpredictors with a shared and learnable graph to ensure high prediction accuracy while maintaining stable anomaly scores. Furthermore, we conduct extensive experiments to evaluate the MSTGAD method's effectiveness. Our method outperforms existing GSL-based methods in anomaly detection on four publicly available real-world datasets, demonstrating our proposed approach's effectiveness. Compared with the best GSL-based method, MSTGAD achieves an additional 0.83% improvement on average.

engineering, electrical & electronic,instruments & instrumentation

Yongping He,Tijin Yan,Yufeng Zhan,Zihang Feng,Yuanqing Xia

DOI: https://doi.org/10.1109/JIOT.2024.3439672

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The industrial Internet of Things (IoT) landscape is enriched with a diverse array of sensors, which are configured for real-time monitoring and data collection to improve production efficiency and optimizing industrial processes. The continual monitoring of IoT systems allows for promptly detection of anomalies in these time series data, thereby minimizing economic losses and ensuring the safe operation of the overall system. Existing deep learning-based methods for time series anomaly detection often rely on generative models to learn the normal behavior of the data. However, these methods face challenges related to the speed and quality of data generation, ultimately impacting the overall detection performance of the models. In response to these challenges, this paper proposes a new unsupervised anomaly detection method named SGFM. It combines State Space Models and Graph Neural Networks to extract complex spatio-temporal dependencies in time series, which then serve as guidance to facilitate the learning process of a Flow Matching model, aiming for more refined predictions and consequently enhancing the effectiveness of anomaly detection. The effectiveness of SGFM is validated through experiments on three classic time series datasets. The results exhibits a notable improvement of up to 4% compared to existing methods.