The paper presents two algorithms as a solution to the problem of identifying fraud intentions of a customer. Their purpose is to generate variables that contribute to fraud models’ predictive power improvement. In this article, a novel approach to the feature engineering, based on anomaly detection, is presented. As the choice of statistical model used in the research improves predictive capabilities of a solution to some extent, most of the attention should be paid to the choice of proper predictors. The main finding of the research is that model enrichment with additional predictors leads to the further improvement of predictive power and better interpretability of anti-fraud model. The paper is a contribution to the fraud prediction problem but the method presented may generate variable input to every tool equipped with variableselection algorithm. The cost is the increased complexity of the models obtained. The approach is illustrated on a dataset from one of the European banks.

Acquiring labels in anomaly detection tasks is expensive and challenging. Therefore, as an effective way to improve efficiency, pretraining is widely used in anomaly detection models， which enriches the model's representation capabilities, thereby enhancing both performance and efficiency in anomaly detection. In most pretraining methods, the decoder is typically randomly initialized. Drawing inspiration from the diffusion model, this paper proposed to use denoising as a task to pretrain the decoder in anomaly detection, which is trained to reconstruct the original noise-free input. Denoising requires the model to learn the structure, patterns, and related features of the data, particularly when training samples are limited. This paper explored two approaches on anomaly detection: simultaneous denoising pretraining for encoder and decoder, denoising pretraining for only decoder. Experimental results demonstrate the effectiveness of this method on improving model’s performance. Particularly, when the number of samples is limited, the improvement is more pronounced.

The study aimed to examine the use of Geomagnetic Anomaly Detection (GAD) to locate the buried ferromagnetic pipeline defects without exposing them. However, the accuracy of GAD is limited by the background noise. In the present work, we propose an approximate entropy noise suppression (AENS) method based on Variational Mode Decomposition (VMD) for detection of pipeline defects. The proposed method is capable of reconstructing the magnetic field signals and extracting weak anomaly signals that are submerged in the background noise, which was employed to construct an effective detector of anomalous signals. The internal parameters of VMD were optimized by the Scale–Space algorithm, and their anti-noise performance was compared. The results show that the proposed method can remove the background noise in high-noise background geomagnetic field environments. Experiments were carried out in our laboratory and evaluation results of inspection data were analysed; the feasibility of GAD is validated when used in the application to detection of buried pipeline defects.

Distributed Denial of Service (DDoS) attacks constitute a major threat in the current Internet. These cyber-attacks aim to flood the target system with tailored malicious network traffic overwhelming its service capacity and consequently severely limiting legitimate users from using the service. This paper builds on the state-of-the-art AATAC algorithm (Autonomous Algorithm for Traffic Anomaly Detection) and provides a concept of a dedicated inline DDoS detector capable of real-time monitoring of network traffic and near-real-time anomaly detection.
The inline DDoS detector consists of two main elements: 1) inline probe(s) responsible for link-rate real-time processing and monitoring of network traffic with custom-built packet feature counters, and 2) an analyser that performs the near-real-time statistical analysis of these counters for anomaly detection. These elements communicate asynchronously via the Redis database, facilitating a wide range of deployment scenarios. The inline probes are based on COTS servers and utilise the DPDK framework (Data Plane Development Kit) and parallel packet processing on multiple CPU cores to achieve link rate traffic analysis, including tailored DPI analysis.