Search Results (60)

The early detection of brain tumors is critical for improving clinical outcomes and patient survival. However, medical imaging datasets frequently exhibit class imbalance, posing significant challenges for traditional classification algorithms that rely on balanced data distributions. To address this issue, this study employs a One-Class Support Vector Machine (OCSVM) trained exclusively on features extracted from healthy brain MRI images, using both deep learning architectures—such as DenseNet121, VGG16, MobileNetV2, InceptionV3, and ResNet50—and classical feature extraction techniques. Experimental results demonstrate that combining Convolutional Neural Network (CNN)-based feature extraction with OCSVM significantly improves anomaly detection performance compared with simpler handcrafted approaches. DenseNet121 achieved an accuracy of 94.83%, a precision of 99.23%, and a sensitivity of 89.97%, while VGG16 reached an accuracy of 95.33%, a precision of 98.87%, and a sensitivity of 91.32%. MobileNetV2 showed a competitive trade-off between accuracy (92.83%) and computational efficiency, making it suitable for resource-constrained environments. Additionally, the pure CNN model—trained directly for classification without OCSVM—outperformed hybrid methods with an accuracy of 97.83%, highlighting the effectiveness of deep convolutional networks in directly learning discriminative features from MRI data. This approach enables reliable detection of brain tumor anomalies without requiring labeled pathological data, offering a promising solution for clinical contexts where abnormal samples are scarce. Future research will focus on reducing inference time, expanding and diversifying training datasets, and incorporating explainability tools to support clinical integration and trust in AI-based diagnostics. Full article

Objectives: Mouth breathing in children may lead to craniofacial anomalies such as maxillary constriction. Pediatricians play a crucial role in recognizing early signs and making timely referrals. This study aimed to evaluate the awareness of pediatricians regarding mouth breathing and its orthodontic implications and to assess the impact of their treatment attitudes and clinical experience on referral practices. Methods: A 20-item online questionnaire was completed by 110 volunteer pediatricians from various regions of Türkiye via professional networks. The survey included items on awareness, treatment attitudes, referral behaviors, and demographics. Composite scores for awareness and orthodontic treatment attitude were calculated and included in the analysis. Data were analyzed using chi-square tests, Spearman correlation, and binary logistic regression. Results: Most pediatricians were aware of the link between mouth breathing and craniofacial issues (awareness rate: 73.6%), yet only 14.5% were familiar with specific orthodontic treatment approaches such as maxillary expansion. Although 70.9% expressed a desire for further training, only 25.5% reported frequently referring patients for orthodontic evaluation. Referral behavior was significantly associated with both clinical experience (p = 0.004) and orthodontic treatment attitude scores (p = 0.004) but not with awareness scores (p = 0.12). Conclusions: Although pediatricians in Türkiye demonstrate relatively high awareness regarding the consequences of mouth breathing, referral practices remain limited. Attitudinal orientation toward orthodontic treatment may play a more influential role in referral behavior than awareness alone. Full article

The rapid growth of information and communication technologies, in particular big data, artificial intelligence (AI), and the Internet of Things (IoT), has made it possible to make smart cities a tangible reality. In this context, real-time video surveillance plays a crucial role in improving public safety. This article presents a systematic review of studies focused on the detection of acts of aggression and crime in these cities. By studying 100 indexed scientific articles, dating from 2018 to 2024, we examine the most recent methods and techniques, with an emphasis on the use of machine learning and deep learning for the processing of real-time video streams. The works examined cover several technological axes such as convolutional neural networks (CNNs), fog computing, and integrated IoT systems while also addressing issues such as the challenges related to the detection of anomalies, frequently affected by their contextual and uncertain nature. Finally, this article offers suggestions to guide future research, with the aim of improving the accuracy and efficiency of intelligent monitoring systems. Full article

Time-series anomaly detection is a critical task in various domains, including industrial control systems, where the early detection of unusual patterns can prevent system failures and ensure operational reliability. This paper introduces ChaMTeC (CHAnnel Mixing and TEmporal Convolution Network), a novel deep learning framework designed for time-series anomaly detection. ChaMTeC integrates an inverted embedding strategy, multi-layer temporal encoding, and a Mean Squared Error (MSE)-based feedback mechanism with dynamic thresholding to enhance anomaly detection performance. The framework is particularly tailored for industrial environments, where anomalies are rare and often subtle, making detection challenging. We evaluate ChaMTeC on six publicly available datasets and a newly introduced dataset, WaterLog, which is specifically designed to reflect real-world industrial control system scenarios with reduced anomaly rates. The experimental results demonstrate that ChaMTeC outperforms state-of-the-art models, achieving superior performance in terms of F1-CPA (Coverage-based Point-Adjusted F1) scores. The WaterLog dataset, which has been made publicly available, provides a more realistic benchmark for evaluating anomaly detection systems in industrial settings, addressing the limitations of existing datasets that often contain frequent and densely packed anomalies. Our findings highlight the effectiveness of combining channel-mixing techniques with temporal convolutional networks and dynamic thresholding for detecting anomalies in complex industrial environments. The proposed framework offers a robust solution for real-time anomaly detection, contributing to the reliability and sustainability of critical infrastructure systems. Full article

Global estimates suggest that over a billion people worldwide—more than 15% of the global population—live with some form of mobility disability, underscoring the pressing need for innovative technological solutions. Recent advancements in artificial vision systems, driven by deep learning and image processing techniques, offer promising avenues for detecting mobility aids and monitoring gait or posture anomalies. This paper presents a systematic review conducted in accordance with ProKnow-C guidelines, examining key methodologies, datasets, and ethical considerations in mobility impairment detection from 2015 to 2025. Our analysis reveals that convolutional neural network (CNN) approaches, such as YOLO and Faster R-CNN, frequently outperform traditional computer vision methods in accuracy and real-time efficiency, though their success depends on the availability of large, high-quality datasets that capture real-world variability. While synthetic data generation helps mitigate dataset limitations, models trained predominantly on simulated images often exhibit reduced performance in uncontrolled environments due to the domain gap. Moreover, ethical and privacy concerns related to the handling of sensitive visual data remain insufficiently addressed, highlighting the need for robust privacy safeguards, transparent data governance, and effective bias mitigation protocols. Overall, this review emphasizes the potential of artificial vision systems to transform assistive technologies for mobility impairments and calls for multidisciplinary efforts to ensure these systems are technically robust, ethically sound, and widely adoptable. Full article

Cybersecurity researchers and security analysts rely heavily on data to train and test network threat detection models, and to conduct post-breach forensic analyses. Comprehensive data-including network traces, host telemetry, and contextual information-are crucial for these tasks. However, widely used public datasets often suffer from outdated network traffic and features, statistical anomalies, and simulation artifacts. Furthermore, existing data collection systems frequently face architectural and computational limitations, necessitating workarounds that result in incomplete or disconnected data. Currently, no framework provides comprehensive data collection from all network segments without requiring specialized or proprietary hardware or software agents. This paper introduces InDepth, a scalable system employing a distributed, data-link layer architecture that enables comprehensive data acquisition across entire networks. We also present a model cyber range capable of dynamically generating datasets for evaluation. We demonstrate the effectiveness of InDepth using real-world network data. Full article

As technology advances, the services provided by domain servers require new innovative techniques that can be optimized for frequent changes. Man-in-the-Middle (MitM) attacks on Domain Name Servers (DNS) pose a security threat, enabling attackers to intercept, modify, and redirect network traffic to malicious sites or users. This study designed an anomaly-based detection scheme that identifies and mitigates MitM attacks on DNS. The proposed model utilizes machine learning algorithms and statistical analysis techniques to ensure that the analysis of DNS query patterns can efficiently detect anomalies associated with the MitM. By integrating the Cuckoo Search Algorithm, the scheme minimizes false positives while improving the detection rate. The Proposed scheme was evaluated using the Internet of Things Intrusion Detection (IoTID) and Intrusion Detection System (IDS) datasets, achieving a detection accuracy of 99.6% and demonstrating its effectiveness in minimizing the MitM attacks on DNS. Full article

In network intrusion detection systems (NIDS), conventional supervised learning approaches remain constrained by their reliance on labor-intensive labeled datasets, especially in evolving network ecosystems. Although unsupervised learning offers a viable alternative, current methodologies frequently face challenges in managing high-dimensional feature spaces and achieving optimal detection performance. To overcome these limitations, this study proposes a self-organizing maps-assisted variational autoencoder (SOVAE) framework. The SOVAE architecture employs feature correlation graphs combined with the Louvain community detection algorithm to conduct feature selection. The processed data—characterized by reduced dimensionality and clustered structure—is subsequently projected through self-organizing maps to generate cluster-based labels. These labels are further incorporated into the symmetric encoding-decoding reconstruction process of the VAE to enhance data reconstruction quality. Anomaly detection is implemented through quantitative assessment of reconstruction discrepancies and SOM deviations. Experimental results show that SOVAE achieves F1 scores of 0.983 (±0.005) on UNSW-NB15 and 0.875 (±0.008) on CICIDS2017, outperforming mainstream unsupervised baselines. Full article

The Manufacturing Message Specification (MMS) protocol is frequently used to automate processes in IEC 61850-based substations and smart-grid systems. However, it may be susceptible to a variety of cyber-attacks. A frequently used protection strategy is to deploy intrusion detection systems to monitor network traffic for anomalies. Conventional approaches to detecting anomalies require a large number of labeled samples and are therefore incompatible with high-dimensional time series data. This work proposes an anomaly detection method for high-dimensional sequences based on a bidirectional LSTM autoencoder. Additionally, a text-mining strategy based on a TF-IDF vectorizer and truncated SVD is presented for data preparation and feature extraction. The proposed data representation approach outperformed word embeddings (Doc2Vec) by better preserving critical domain-specific keywords in MMS traffic while reducing the complexity of model training. Unlike embeddings, which attempt to capture semantic relationships that may not exist in structured network protocols, TF-IDF focuses on token frequency and importance, making it more suitable for anomaly detection in MMS communications. To address the limitations of existing approaches that rely on labeled samples, the proposed model learns the properties and patterns of a large number of normal samples in an unsupervised manner. The results demonstrate that the proposed approach can learn potential features from high-dimensional time series data while maintaining a high True Positive Rate. Full article

The aging global population requires innovative remote monitoring systems to assist doctors and caregivers in assessing the health of elderly patients. Doctors often lack access to continuous behavioral data, making it difficult to detect deviations from normal patterns when elderly patients arrive for a consultation. Without historical insights into common behaviors and potential anomalies detected with unobtrusive techniques (e.g., non-wearable devices), timely and informed medical interventions become challenging. To address this, we propose an edge-based Internet of Things (IoT) framework that enables real-time monitoring and anomaly detection using non-wearable sensors to assist doctors and caregivers in assessing the health of elderly patients. By processing data locally, the system minimizes privacy concerns and ensures immediate data availability, allowing healthcare professionals to detect unusual behavioral patterns early. The system employs advanced machine learning (ML) models to identify deviations that may indicate potential health risks. A prototype of our system has been developed to test its feasibility and demonstrate, through the application of two of the most frequently used ML models, i.e., isolation forest and Long Short-Term Memory (LSTM) networks, that it can provide scalability, efficiency, and reliability in the context of elderly care. Further, the provided dashboard enables caregivers and healthcare professionals to access real-time alerts and longitudinal trends, facilitating proactive interventions. The proposed approach improves healthcare responsiveness by providing instant insights into patient behavior, facilitating more accurate diagnoses and interventions. This study lays the groundwork for future advancements in the field and offers valuable insights for the research community to harness the full potential of combining edge computing, artificial intelligence (AI), and the IoT in elderly care. Full article

Early fault detection technologies play a decisive role in preventing equipment failures in industrial production. The primary challenges in early fault detection for industrial applications include the severe imbalance of time-series data, where normal operating data vastly outnumber anomalous data, and in some cases, anomalies may be virtually absent. Additionally, the frequent changes in operational modes during machinery operation further complicate the detection process, making it difficult to effectively identify faults across varying conditions. This study proposes a bearing early anomaly detection method based on contrastive learning and reconstruction approaches to address the aforementioned issues. The raw time-domain vibration data, which were collected from sensors mounted on the bearings of the machinery, are first preprocessed using the Ricker wavelet transform to effectively remove noise and extract useful signal components. These processed signals are then fed into a BYOL-based contrastive learning network to learn more discriminative global feature representations. In addition, we design the reconstruction loss to complement contrastive learning. By reconstructing the masked original data, the reconstruction loss forces the model to learn detailed information, thereby emphasizing the preservation and restoration of local details. Our model not only eliminates the reliance on negative samples found in mainstream unsupervised methods but also captures data features more comprehensively, achieving superior fault detection accuracy under different operating conditions compared to related methods. Experiments on the widely used CWRU multi-condition-bearing fault dataset demonstrate that our method achieves an average fault detection accuracy of 96.97%. Moreover, the experimental results show that on the full-cycle IMS dataset, our method detects early faults at least 2.3 h earlier than the other unsupervised methods. Furthermore, the validation results for the full-cycle XJTU-SY dataset further demonstrate its excellent generalization ability. Full article

When cyber–physical systems (CPSs) are connected to the Internet or other CPSs with connectivity, external adversaries can potentially gain access to the CPS and attempt to control the electronic control units (ECUs). In particular, the lack of confidentiality and integrity in the controller area networks (CANs) of CPSs makes it difficult to distinguish malicious data from legitimate data. The security vulnerabilities of CPSs, which are frequently exposed to adversaries, pose the risk of destabilizing the lives of humans. Therefore, we propose a real-time adaptive and lightweight anomaly detection (RALAD) mechanism that efficiently and securely detects anomalies within a given virtual group though verification of the data integrity and key management of stateless synchronization based on a chaotic system while driving. These characteristics prevent an adversary from authenticating maliciously modified messages even though it captures legitimate messages on the CAN bus. RALAD shows a clear difference from others in terms of (1) its unique secret key-sharing method and approach to secret key generation for each message, (2) safe controlling support after detecting anomalies, and (3) its software-based solution that eliminates the need for hardware secure modules. It leads to freedom from the issues of additional cost, weight, and wiring in CPSs. The proposed method achieves real-time anomaly detection, and the experiment results show a 100% detection rate for all attacks. This demonstrates that RALAD maintains high reliability and efficiency, even under various bus load conditions and attack rates. Full article

Anomalies frequently occur during the operation of spacecraft in orbit, and studying anomaly detection methods is crucial to ensure the normal operation of spacecraft. Due to the complexity of spacecraft structures, telemetry data possess characteristics such as high dimensionality, complexity, and large scale. Existing methods frequently ignore or fail to explicitly extract the correlation between variables, and due to the lack of prior knowledge, it is difficult to obtain the initial relationship of variables. To address these issues, this paper proposes a new method, namely spatio-temporal graph learning reconstruction (STGLR), for spacecraft anomaly detection. STGLR employs a dynamic graph learning module to infer the initial relationships among telemetry variables. It then constructs a spatio-temporal feature extraction module to capture complex spatio-temporal dependencies among variables, leveraging a graph sample and aggregation network to learn embedded features and incorporating an attention mechanism to adaptively select salient features. Finally, a reconstruction module is used to learn the latent representations of features, capturing the normal patterns in telemetry data and achieving anomaly detection. To validate the effectiveness of the proposed method, experiments were conducted on two public spacecraft datasets, and the results demonstrate that the performance of the STGLR method surpasses existing anomaly detection methods, with an average F1 score exceeding 0.97. Full article

In recent years, frequent floods caused by heavy rainfall and persistent precipitation have greatly affected changes in groundwater levels. This has not only caused huge economic losses and human casualties, but also had a significant impact on the ecological environment. The aim of this study is to explore the effectiveness of the new method based on Long Short-Term Memory networks (LSTM) and its optimization model in groundwater level prediction compared with the traditional method, to evaluate the prediction accuracy of the different models, and to identify the main factors affecting the changes in groundwater level. Taking Chaoyang City in Liaoning Province as an example, four assessment indicators, R², MAE, RMSE, and MAPE, were used. The results of this study show that the optimized LSTM model outperforms both the traditional method and the underlying LSTM model in all assessment metrics, with the GWO-LSTM model performing the best. It was also found that high water-table anomalies are mainly caused by heavy rainfall or heavy storms. Changes in the water table can negatively affect the ecological environment such as vegetation growth, soil salinization, and geological hazards. The accurate prediction of groundwater levels is of significant scientific importance for the development of sustainable cities and communities, as well as the good health and well-being of human beings. Full article

Insider threats pose significant risks to organizational security, often leading to severe data breaches and operational disruptions. While foundational, traditional detection methods suffer from limitations such as labor-intensive rule creation, lack of scalability, and vulnerability to evasion by sophisticated attackers. Recent advancements in graph-based approaches have shown promise by leveraging behavior analysis for threat detection. However, existing methods frequently oversimplify session behaviors and fail to extract fine-grained features, which are critical for identifying subtle malicious activities. In this paper, we propose a novel approach that integrates session graphs to capture multi-level fine-grained behavioral features. First, seven heuristic rules are defined to transform user activities across different hosts and sessions into an associated session graph while extracting features at both the activity and session levels. Furthermore, to highlight critical nodes in the associated session graph, we introduce a graph node elimination technique to normalize the graph. Finally, a graph convolutional network is employed to extract features from the normalized graph and generate behavior detection results. Extensive experiments on the CERT insider threat dataset demonstrate the superiority of our approach, achieving an accuracy of 99% and an F1-score of 99%, significantly outperforming state-of-the-art models. The ASG method also reduces false positive rates and enhances the detection of subtle malicious behaviors, addressing key limitations of existing graph-based methods. These findings highlight the potential of ASG for real-world applications such as enterprise network monitoring and anomaly detection, and suggest avenues for future research into adaptive learning mechanisms and real-time detection capabilities. Full article