Wyniki wyszukiwania - BazTech

1

Camera-based PHM method in rotating machinery equipment micro-action scenarios

Junfeng An, Liu Jiqiang, Zhen Hao, Mengmeng Lu

Eksploatacja i Niezawodność

|

2023

|

Vol. 25, no. 1

art. no. 10

EN

The health operation of rotating machinery guarantees safety of the project. To ensure a good operating environment, current subway equipment inspections frequency is high, resulting in a waste of resources. Small abnormal changes in mechanical equipment will also contribute to the development of mechanical component defects, which will ultimately lead to the failure of the equipment. Therefore, mechanical equipment defects should be detected and diagnosed as soon as possible. Through the use of graphic processing and deep learning, this paper proposes Rmcad Framework with three aspects: condition monitoring, anomaly detection, defect early warning. Using a network algorithm, this paper proposes an improved model that has the characteristics of two-stream and multi-loss functions, which improves the accuracy of detection. Additionally, a defect warning method is constructed to improve the perception ability of equipment before failure occurs and reduce the frequency of frequent maintenance by detecting anomalies according to the degree of opening.

2

Deciphering Clinical Narratives - Augmented Intelligence for Decision Making in Healthcare Sector

Dey Lipika, Jana Sudeshna, Dasgupta Tirthankar, Gupta Tanay

Annals of Computer Science and Information Systems

|

2023

|

Vol. 35

11--24

EN

Clinical notes that describe details about diseases, symptoms, treatments and observed reactions of patients to them, are valuable resources to generate insights about the effectiveness of treatments. Their role in designing better clinical decision making systems is being increasingly acknowledged. However, availability of clinical notes is still an issue due to privacy violation concerns. Hence most of the work done are on small datasets and neither the power of machine learning is fully utilized, nor is it possible to vaidate the models properly. With the availability of Medical Information Mart for Intensive Care (MIMIC-III v1.4) dataset for researchers though, the problem has been somewhat eased. In this paper we have presented an overview of our earlier work on designing deep neural models for prediction of outcomes and hospital stay for patients using MIMIC data. We have also presented new work on patient stratification and explanation generation for patient cohorts. This is early work targeted towards studying trajectories for treatment for different cohorts of patients, which can ultimately lead to discovery of low-risk models for individual patients to ensure better outcomes.

3

Method of machining centre sliding system fault detection using torque signals and autoencoder

Augustyn Damian, Fidali Marek

Acta Mechanica et Automatica

|

2023

|

Vol. 17, no. 3

445--451

EN

The sliding system of machining centres often causes maintenance and process problems. Improper operation of the sliding system can result from wear of mechanical parts and drives faults. To detect the faulty operation of the sliding system, measurements of the torque of its servomotors can be used. Servomotor controllers can measure motor current, which can be used to calculate motor torque. For research purposes, the authors used a set of torque signals from the machining centre servomotors that were acquired over a long period. The signals were collected during a diagnostic test programmed in the machining centre controller and performed once per day. In this article, a method for detecting anomalies in torque signals was presented for the condition assessment of the machining centre sliding systems. During the research, an autoencoder was used to detect the anomaly, and the condition was assessed based on the value of the reconstruction error. The results indicate that the anomaly detection method using an autoencoder is an effective solution for detecting damage to the sliding system and can be easily used in a condition monitoring system.

4

Improved detection of chemical threats by sensor data fusion

Kopp Norbert Ludwig, Koch-Eschweiler Helge

Security and Defence Quarterly

|

2022

|

Vol. 37, No. 1

70--93

EN

This paper presents some aspects of sensor data fusion that were derived from the EU-SENSE project of the European Commission (Horizon 2020, Grant Agreement No 787031). The aim of EU-SENSE was to develop a novel network of sensors for CBRNe applications through the exploitation of chemical detector technologies, advanced machine-learning and modelling algorithms. The high-level objectives of the project include improving the detection capabilities of the novel network of chemical sensors through the use of machine learning algorithms and reducing the impact of environmental noise. The focus in this paper is on the detection and data fusion aspects as well as the machine learning approaches that were used as part of the project. Detection (in the sense of detectto-warn) is a classification task and improvement of detection requires enhancing the discriminatory power of the classifier, that is reducing false alarms, false positives, and false negatives. This was achieved by a two-step procedure, that is a sensitive distance-based anomaly/change detection followed by downstream classification, identification and concentration estimation. Bayesian networks proved to be useful when fusing information from multiple sensors. For validation purposes, experimental data was gathered during the project and the developed approaches were applied successfully. Despite the development of several new, helpful tools within the project, the domain of chemical detection remains challenging, particularly regarding provisioning of the necessary prior-knowledge. It might make sense from a coverage point of view to look into integration of stand-off detection techniques into a sensor network, including data fusion too.

5

Anomaly detection in network traffic

Duraj Agnieszka, Bucki Paweł, Drajling Aleksander, Makrocki Robert, Sipiński Mateusz

Przegląd Elektrotechniczny

|

2022

|

R. 98, nr 12

205--208

EN

The authors of this paper faced the problem of detecting anomalies, understood as potential attacks in network traffic occurring on a document-signing computing cluster. In an infrastructure exposed to the public world, it is extremely difficult to distinguish traffic generated by users from traffic generated by a network attack. The solution the authors present, based on the collected data, determines whether the traffic from the selected sample originated from an attack or not, based on ready-made clustering algorithms. The performance of the following algorithms was compared: DBSCAN, LOF, COF, ECOD and PCA.

PL

Autorzy niniejszej pracy stanęli przed problemem wykrywania anomalii, rozumianych jako potencjalne ataki, w ruchu sieciowym zachodzącym na klastrze obliczeniowym podpisującym dokumenty. W infrastrukturze wystawionej na ´swiat publiczny niezwykle trudno odróźnić ruch generowany przez użytkowników od ruchu generowanego w ramach ataku sieciowego. Rozwiązanie jakie autorzy przedstawiają na podstawie zbieranych danych określa, czy ruch z wybranej próbki powstał w wyniku ataku czy nie, na podstawie gotowych algorytmów grupowania. Porównano działanie następujących algorytmów: DBSCAN, LOF, COF, ECOD oraz PCA.

6

Detecting anomalies in advertising web traffic with the use of the variational autoencoder

Gabryel Marcin, Lada Dawid, Filutowicz Zbigniew, Patora-Wysocka Zofia, Kisiel-Dorohinicki Marek, Chen Guang Yi

Journal of Artificial Intelligence and Soft Computing Research

|

2022

|

Vol. 12, No. 4

255--266

EN

This paper presents a neural network model for identifying non-human traffic to a website, which is significantly different from visits made by regular users. Such visits are undesirable from the point of view of the website owner as they are not human activity, and therefore do not bring any value, and, what is more, most often involve costs incurred in connection with the handling of advertising. They are made most often by dishonest publishers using special software (bots) to generate profits. Bots are also used in scraping, which is automatic scanning and downloading of website content, which actually is not in the interest of website authors. The model proposed in this work is learnt by data extracted directly from the web browser during website visits. This data is acquired by using a specially prepared JavaScript that monitors the behavior of the user or bot. The appearance of a bot on a website generates parameter values that are significantly different from those collected during typical visits made by human website users. It is not possible to learn more about the software controlling the bots and to know all the data generated by them. Therefore, this paper proposes a variational autoencoder (VAE) neural network model with modifications to detect the occurrence of abnormal parameter values that deviate from data obtained from human users’ Internet traffic. The algorithm works on the basis of a popular autoencoder method for detecting anomalies, however, a number of original improvements have been implemented. In the study we used authentic data extracted from several large online stores.

7

Double Layered Priority based Gray Wolf Algorithm (PrGWO-SK) for safety management in IoT network through anomaly detection

Agrawal Akhileshwar Prasad, Singh Nanhay

Eksploatacja i Niezawodność

|

2022

|

Vol. 24, no. 4

641--654

EN

For mitigating and managing risk failures due to Internet of Things (IoT) attacks, many Machine Learning (ML) and Deep Learning (DL) solutions have been used to detect attacks but mostly suffer from the problem of high dimensionality. The problem is even more acute for resource starved IoT nodes to work with high dimension data. Motivated by this problem, in the present work a priority based Gray Wolf Optimizer is proposed for effectively reducing the input feature vector of the dataset. At each iteration all the wolves leverage the relative importance of their leader wolves’ position vector for updating their own positions. Also, a new inclusive fitness function is hereby proposed which incorporates all the important quality metrics along with the accuracy measure. In a first, SVM is used to initialize the proposed PrGWO population and kNN is used as the fitness wrapper technique. The proposed approach is tested on NSL-KDD, DS2OS and BoTIoT datasets and the best accuracies are found to be 99.60%, 99.71% and 99.97% with number of features as 12,6 and 9 respectively which are better than most of the existing algorithms.

8

An anomaly detection method based on random convolutional kernel and isolation forest for equipment state monitoring

Shu Xinhao, Zhang Shigang, Li Yue, Chen Mengqiao

Eksploatacja i Niezawodność

|

2022

|

Vol. 24, no. 4

758--770

EN

Anomaly detection plays an essential role in health monitoring and reliability assurance of complex system. However, previous researches suffer from distraction by outliers in training and extensively relying on empiric-based feature engineering, leading to many limitations in the practical application of detection methods. In this paper, we propose an unsupervised anomaly detection method that combines random convolution kernels with isolation forest to tackle the above problems in equipment state monitoring. The random convolution kernels are applied to generate cross-dimensional and multi-scale features for multi-dimensional time series, with combining the time series decomposing method to select abnormally sensitive features for automatic feature extraction. Then, anomaly detection is performed on the obtained features using isolation forests with low requirements for purity of training sample. The verification and comparison on different types of datasets show the performance of the proposed method surpass the traditional methods in accuracy and applicability.

9

Performance measurement with high-performance computer using HW-GA anomaly-detection algorithms for streaming data

Fondaj Jakup, Hasani Zirije, Krrabaj Samedin

Computer Science

|

2022

|

T. 23 (3)

395--410

EN

Anomaly detection for streaming real-time data is very important; more significant is the performance of an algorithm in order to meet real-time requirements. Anomaly detection is very crucial in every sector because, by knowing what is going wrong with data/digital systems, we can make decisions to help in every sector. Dealing with real-time data requires speed; for this reason, the aim of this paper is to measure the performance of our proposed Holt–Winters genetic algorithm (HW-GA) as compared to other anomaly-detection algorithms with a large amount of data as well as to measure how other factors such as visualization and the performance of the testing environment affect the algorithm’s performance. The experiments will be done in R with different data sets such as the as real COVID-19 and IoT sensor data that we collected from Smart Agriculture Libelium sensors and e-dnevnik as well as three benchmarks from the Numenta data sets. The real data has no known anomalies, but the anomalies are known in the benchmark data; this was done in order to evaluate how the algorithm works in both situations. The novelty of this paper is that the performance will be tested on three different computers (in which one is a high-performance computer); also, a large amount of data will be used for our testing, as will how the visualization phase affects the algorithm’s performance.

10

Classical versus deep learning methods for anomaly detection in ECG using wavelet transformation

Osowski Stanislaw, Gołgowski Maciej

Przegląd Elektrotechniczny

|

2021

|

R. 97, nr 6

72--76

EN

The paper describes and compares two forms of wavelet transformation: discrete (DWT) and continuous (CWT) in the analysis of electrocardiograms (ECG) to detect the anomaly. The anomalies have been limited to two types: cardiac and congestive heart failure. Two independent approaches to the problem have been considered. One is based on discrete wavelet transformation and feature generation based on statistical parameters of the results of the transformed ECG signals. These descriptors, after selection, are delivered as the input attributes to different classifiers. The second approach applies continuous wavelet transformation of ECG signals and the resulting two-dimensional image formed in time-frequency dimensions represents the input to the convolutional neural network, which is responsible for the generation of the diagnostic features and final classification. The experiments have been performed on the publically available database Complex Physiologic Signals PhysioNet. The calculations have been done in Python. The results of both approaches: DWT and CWT have been discussed and compared.

PL

Artykuł predstawia dwa podejścia do wykrywania anomalii w sygnalach ECG. Jako anomalie rozważane są: arytmia i zastoinowa niewydolność serca. Podstawą analizy jest sygnał ECG poddany transformacji falkowej w dwu postaciach: transformacja dyskretna oraz transformacja ciągła. W przypadku transformacji dyskretnej sygnał ECG poddany jest dekompozycji falkowej na kilku poziomach a wyniki tej dekompozycji (sygnały szczegółowe i sygnał aproksymacyjny ostatniego poziomu) podlegają opisowi statystycznemu tworząc zbiór deskryptorów numerycznych – potencjalnych cech diagnostycznych. Po przeprowadzonej selekcji stanowią one atrybuty wejściowe dla zespołu 9 klasyfikatorów. W drugim podejściu sygnał ECG jest poddany ciągłej transformacji falkowej generując dwuwymiarową macierz w postaci obrazu. Zbiór takich obrazów podawany jest na wejście głębokiej sieci neuronowej CNN, która w jednej strukturze dokonuje jednocześnie generacji cech diagnostycznych i klasyfikacji. Eksperymenty numeryczne przeprowadzone zostały na ogólnie dostępnej bazie danych Complex Physiologic Signals PhysioNet. Wyniki eksperymentów wykazały przewagę podejścia wykorzystujacego dyskretną transformację falkową.

11

Offline-online pattern recognition for enabling time series anomaly detection on older NC machine tools

Netzer Markus, Palenga Yannic, Goennheimer Philipp, Fleischer Juergen

Journal of Machine Engineering

|

2021

|

Vol. 21, No. 1

98--108

EN

Intelligent IoT functions for increased availability, productivity and component quality offer significant added value to the industry. Unfortunately, many old machines and systems are characterized by insufficient, inconsistent IoT connectivity and heterogeneous parameter naming. Furthermore, the data is only available in unstructured form. In the following, a new approach for standardizing information models from existing plants with machine learning methods is described and an offline-online pattern recognition system for enabling anomaly detection under varying machine conditions is introduced. The system can enable the local calculation of signal thresholds that allow more granular anomaly detection than using only single indexing and aims to improve the detection of anomalous machine behaviour especially in finish machining.

12

An effective data reduction model for machine emergency state detection from big data tree topology structures

Iaremko Iaroslav, Senkerik Roman, Jasek Roman, Lukastik Petr

International Journal of Applied Mathematics and Computer Science

|

2021

|

Vol. 31, no. 4

601--611

EN

This work presents an original model for detecting machine tool anomalies and emergency states through operation data processing. The paper is focused on an elastic hierarchical system for effective data reduction and classification, which encompasses several modules. Firstly, principal component analysis (PCA) is used to perform data reduction of many input signals from big data tree topology structures into two signals representing all of them. Then the technique for segmentation of operating machine data based on dynamic time distortion and hierarchical clustering is used to calculate signal accident characteristics using classifiers such as the maximum level change, a signal trend, the variance of residuals, and others. Data segmentation and analysis techniques enable effective and robust detection of operating machine tool anomalies and emergency states due to almost real-time data collection from strategically placed sensors and results collected from previous production cycles. The emergency state detection model described in this paper could be beneficial for improving the production process, increasing production efficiency by detecting and minimizing machine tool error conditions, as well as improving product quality and overall equipment productivity. The proposed model was tested on H-630 and H-50 machine tools in a real production environment of the Tajmac-ZPS company.

13

Crowdsourced Driving Comfort Monitoring

Badurowicz Marcin, Montusiewicz Jerzy, Przyłucki Sławomir

Advances in Science and Technology. Research Journal

|

2021

|

Vol. 15, no 3

309--317

EN

In this paper, the authors are showing a calculation of the road quality index called Simple Road Quality Index (SRQI) using the weight provided by the amateur drivers to best possibly rate their comfort on driving on that road. The index is calculated from acceleration data acquired by the smartphone application and is aggregated in a crowdsourcing system for the classification of road quality using the fuzzy membership function. The paper shows that the proposed index correctly shows road quality changes over time and may be used as a way to mark roads to be avoided or needs to be repaired. The numerical experiment was based on the same street in Lublin, Poland, in 2015-2021 and is correctly showing that the quality of analyzed roads deteriorated over time, especially in the winter season.

14

Ionospheric anomalies detection using autoregressive integrated moving average (ARIMA) model as an earthquake precursor

Saqib Mohd, Şentürk Erman, Sahu Sanjeev Anand, Adil Muhammad Arqim

Acta Geophysica

|

2021

|

Vol. 69, no. 4

1493--1507

EN

The ARIMA method, time series analysis technique, was proposed to perform short-term ionospheric Total Electron Content (TEC) forecast and to detect TEC anomalies. The success of the method was tested in two major earthquakes that occurred in India (M 7.7 Bhuj EQ, on Jan 26, 2001) and Turkey (M 7.1 Van EQ, on Oct 23, 2011). For ARIMA analysis, we have taken 18 and 29 days of TEC data with a 2-h temporal resolution and train the model with an accuracy of 5.1 and 2.7–2.9 TECU for India and Turkey EQs, respectively. After training the model and optimizing hyper model parameters, we applied on 8 and 9 days’ time-window to observe anomalies. In Bhuj EQ, the negative anomalies are recorded on Jan 19 and 22, 2001. Similarly, positive anomalies are recorded on Jan 23, 24, and 25, 2001. In Van EQ, we recorded a strong positive anomaly on Oct 21, 2011, and in the consecutive days before the earthquake, some weak negative anomalies have also observed. The results showed that ARIMA has an adequate short-term performance of the ionospheric TEC prediction and anomaly detection of the TEC time series.

15

Transfer Learning Methods as a New Approach in Computer Vision Tasks with Small Datasets

Brodzicki Andrzej, Piekarski Michał, Kucharski Dariusz, Jaworek-Korjakowska Joanna, Gorgon Marek

Foundations of Computing and Decision Sciences

|

2020

|

Vol. 45, No. 3

179--193

EN

Deep learning methods, used in machine vision challenges, often face the problem of the amount and quality of data. To address this issue, we investigate the transfer learning method. In this study, we briefly describe the idea and introduce two main strategies of transfer learning. We also present the widely-used neural network models, that in recent years performed best in ImageNet classification challenges. Furthermore, we shortly describe three different experiments from computer vision field, that confirm the developed algorithms ability to classify images with overall accuracy 87.2-95%. Achieved numbers are state-of-the-art results in melanoma thick- ness prediction, anomaly detection and Clostridium difficile cytotoxicity classification problems

16

Detekcja anomalii w plikach za pomocą wybranych algorytmów inspirowanych mechanizmami immunologicznymi

Widuliński Patryk, Wawryn Krzysztof

Zeszyty Naukowe Wydziału Elektroniki i Informatyki Politechniki Koszalińskiej

|

2019

|

Nr 14

23--41

PL

Ochrona systemu operacyjnego przed infekcjami wirusowymi jest zagadnieniem, nad którym od kilku dekad pracują projektanci oprogramowania antywirusowego. Rosnąca w ostatnich latach złożoność szkodliwego oprogramowania skłoniła naukowców do poszukiwania inspiracji w rozwiązaniach naturalnych, takich jak układ immunologiczny ssaków. W artykule przedstawiono system wykrywania intruzów w systemie operacyjnym wykorzystujący algorytm negatywnej selekcji. Algorytm ten wykorzystuje ciągi binarne zwane receptorami do wykrywania zmian w chronionych programach. W systemie zaimplementowano dwie metody generacji receptorów: metodę losową i metodę szablonów. Metody te zostały przetestowane eksperymentalnie. Wyniki działania metod przeanalizowano i porównano, a następnie wyciągnięto wnioski.

EN

Protection of the operating system against virus infections is an area of research which has been worked on by antivirus software designers since several decades. Increasing malware complexity led scientists to seek inspiration in natural solutions, such as the mammal immune system. In the article, an intrusion detection system has been proposed. The system’s inner workings are based on the negative selection algorithm. The algorithm uses binary strings called receptors to detect modifications in the protected programs. In the system, two receptor generation methods have been presented: the random generation method and the template generation method. The methods have been tested experimentally. The results of both methods have been analysed and compared, and conclusions have been drawn.

17

Database security : combining neural networks and classification approach

Skaruz Jarosław

Studia Informatica : systems and information technology

|

2019

|

Vol. 1-2(23)

95--115

EN

In the paper we present a new approach based on application of neural networks to detect SQL attacks. SQL attacks are those attacks that take the advantage of using SQL statements to be performed. The problem of detection of this class of attacks is transformed to time series prediction problem. SQL queries are used as a source of events in a protected environment. To differentiate between normal SQL queries and those sent by an attacker, we divide SQL statements into tokens and pass them to our detection system, which predicts the next token, taking into account previously seen tokens. In the learning phase tokens are passed to a recurrent neural network (RNN) trained by backpropagation through time (BPTT) algorithm. Then, two coefficients of the rule are evaluated. The rule is used to interpret RNN output. In the testing phase RNN with the rule is examined against attacks and legal data to find out how evaluated rule affects efficiency of detecting attacks. All experiments were conducted on Jordan network. Experimental results show the relationship between the rule and a length of SQL queries.

18

Big data for anomaly detection in maritime surveillance: spatial AIS data analysis for tankers

Filipiak D., Stróżyna M., Węcel K., Abramowicz W.

Zeszyty Naukowe Akademii Marynarki Wojennej

|

2018

|

R. 59 nr 4 (215)

5--28

EN

The paper presents results of spatial analysis of huge volume of AIS data with the goal to detect predefined maritime anomalies. The maritime anomalies analysed have been grouped into: traffic analysis, static anomalies, and loitering detection. The analysis was carried out on data describing movement of tankers worldwide in 2015, using sophisticated algorithms and technology capable of handling big data in a fast and efficient manner. The research was conducted as a follow-up of the EDA-funded SIMMO project, which resulted in a maritime surveillance system based on AIS messages enriched with data acquired from open Internet sources.

PL

W artykule zaprezentowano wyniki przestrzennej analizy dużej ilości danych AIS z jednego roku w celu wykrycia wybranych anomalii morskich. Anomalie podzielono na trzy grupy: związane z ruchem, statyczne i wykrywanie tzw. loiteringu-każda z nich została przetestowana na podstawie raportów wysyłanych przez tankowce w 2015 roku. Analizę przeprowadzono przy użyciu zaawansowanych algorytmów i technologii big data pozwalających na szybką ocenę dużych wolumenów danych morskich. Badanie zostało przeprowadzone jako kontynuacja projektu SIMMO, w ramach którego opracowano system nadzoru morskiego oparty na wiadomościach AIS wzbogaconych o dane pozyskiwane z otwartych źródeł internetowych.

19

Najnowsze zastosowania technologii Granular Computing, propozycja taksonomii oraz przydatności w cyberbezpieczeństwie

Pawlicki M., Choraś M., Kozik R.

Przegląd Telekomunikacyjny + Wiadomości Telekomunikacyjne

|

2018

|

nr 8-9

597--600, CD

PL

Wszechobecne ryzyko ataków teleinformatycznych sprawia, że poprawa jakości algorytmów wykrywania staje się sprawą najwyższej wagi. Technologia Granular Computing (GrC) daje nadzieję na nowy sposób polepszenia klasyfikacji ruchu sieciowego, wykrywania włamań i zmniejszenia wymogów obliczeniowych analizy ruchu sieciowego w czasie rzeczywistym. Niniejszy artykuł przedstawia podstawy Granular Computing, propozycję taksonomii oraz dyskusję przydatności technologii do uogólniania danych. Następnie zaprezentowany jest przegląd najnowszych zastosowań Granular Computing.

EN

With the prevailing risk of cybersecurity breaches, improving the detection algorithms is of utmost importance. We look forward to Granular Computing as a novel, promising way to improve network traffic classification, intrusion detection and reduction in the computational cost of real time traffic analysis. In this paper, a quick primer on granular computing is offered, its properties of abstracting data are looked into. Consecutively, a survey of the most recent Granular Computing implementations, and our proposal for taxonomy is presented.

20

Wykrywanie anomalii bazujące na wskazanych przykładach

Kwiatkowski W.

Przegląd Teleinformatyczny

|

2018

|

T. 6, Nr 1-2 (46)

3--21

PL

Rozpatrywany jest problem wykrywania anomalii na podstawie zarejestrowanych obserwacji zachowania systemu. Problem jest sformułowany jako zadanie rozpoznawania wzorców zachowania normalnego i zachowania nietypowego. Obydwa wzorce są określane przez wskazanie odpowiednich przykładów. Osobliwość rozwiązywanego zadania wynika z faktu, że zwykle liczebność przykładów jest dużo mniejsza od wymiaru wektora obserwacji. W artykule zostały przedstawione dwie metody detekcji anomalii bazujące na wyznaczaniu rzutów obserwacji na podprzestrzenie wzorców. Wyróżnikiem pierwszej metody jest wykorzystywanie odległości wektora obserwacji od podprzestrzeni wzorców. Druga metoda polega na przeniesieniu zadania rozpoznawania wzorców do podprzestrzeni wzorców.

EN

The paper considers the issue of anomalies detection based on registered observations of a system behavior. The problem is formulated as recognition of normal and anomalous behavior patterns. Both types of patterns are identified by indication of appropriate examples. A peculiarity of this task is that usually the number of examples is far lower than the dimension of vectors describing the observations. Two methods to solve this task have been presented in the paper, based on projecting the observations on the subspace of examples. The first method is based on a distance of the observation vector from the subspace of examples. The second method is based on transferring the pattern recognition problem to the subspace of examples.