公开(公告)号：WO2023059868A1

公开(公告)日：2023-04-13

申请号：PCT/US2022/046020

申请日：2022-10-07

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： TANG, LuAn ,  CHEN, Yuncong ,  CHENG, Wei ,  CHEN, Zhengzhang ,  CHEN, Haifeng ,  KOBAYASHI, Yuji ,  REN, Yuxiang

IPC: G06N3/08 ,  G06N3/04 ,  G06N7/00 ,  B60W2420/42 ,  B60W2540/30 ,  B60W40/09 ,  G06F18/25 ,  G06N3/084

Abstract: Systems and methods for data fusion and analysis of vehicle sensor data, including receiving a multiple modality input data stream from a plurality of different types of vehicle sensors, determining latent features by extracting modality-specific features from the input data stream, and aligning a distribution of the latent features of different modalities by feature-level data fusion. Classification probabilities can be determined for the latent features using a fused modality scene classifier. A tree-organized neural network can be trained to determine path probabilities and issue driving pattern judgments, with the tree-organized neural network including a soft tree model and a hard decision leaf. One or more driving pattern judgments can be issued based on a probability of possible driving patterns derived from the modality-specific features.

公开(公告)号：WO2023059580A1

公开(公告)日：2023-04-13

申请号：PCT/US2022/045602

申请日：2022-10-04

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： CHEN, Haifeng ,  YU, Wenchao ,  CHEN, Yuncong ,  CHEN, Zhengzhang ,  ZHANG, Xuchao ,  TANG, LuAn ,  HE, Zexue

IPC: G06F40/58 ,  G06F40/56 ,  G10L15/26 ,  G10L15/00 ,  G06F3/16 ,  G06N20/00 ,  G06N3/04 ,  G06F40/30 ,  G06F40/47 ,  G06N3/08

Abstract: A computer-implemented method for multi-model representation learning is provided. The method includes encoding, by a trained time series (TS) encoder, an input TS segment into a TS-shared latent representation and a TS-private latent representation. The method further includes generating, by a trained text generator, a natural language text that explains the input TS segment, responsive to the TS-shared latent representation, the TS-private latent representation, and a text-private latent representation.

公开(公告)号：WO2017176676A1

公开(公告)日：2017-10-12

申请号：PCT/US2017/025846

申请日：2017-04-04

Applicant: NEC LABORATORIES AMERICA, INC

Inventor： TANG, LuAn ,  CHEN, Zhengzhang ,  JIANG, Guofei ,  LI, Zhichun ,  CHEN, Haifeng ,  YOSHIHIRA, Kenji

IPC: H04L29/06 ,  H04L12/26

Abstract: Methods and systems for reporting anomalous events include intra-host clustering a set of alerts based on a process graph that models states of process-level events in a network. Hidden relationship clustering is performed on the intra-host clustered alerts based on hidden relationships between alerts in respective clusters. Inter-host clustering is performed on the hidden relationship clustered alerts based on a topology graph that models source and destination relationships between connection events in the network. Inter-host clustered alerts that exceed a threshold level of trustworthiness are reported.

Abstract translation: 用于报告异常事件的方法和系统包括基于对网络中的过程级事件的状态建模的过程图的主机内集群化一组警报。 基于各个群集中警报之间的隐藏关系，在主机内群集警报上执行隐藏关系群集。 基于模拟网络中的连接事件之间的源和目标关系的拓扑图，在隐藏关系群集警报上执行主机间群集。 报告超过可信赖阈值水平的主机间群集警报。

公开(公告)号：WO2023086533A1

公开(公告)日：2023-05-19

申请号：PCT/US2022/049646

申请日：2022-11-11

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： TANG, LuAn ,  CHEN, Yuncong ,  CHENG, Wei ,  CHEN, Haifeng ,  CHEN, Zhengzhang ,  KOBAYASHI, Yuji

IPC: B60W50/02 ,  B60W50/00 ,  B60W60/00 ,  B60W40/02 ,  G07C5/08

Abstract: Systems and methods for defect detection for vehicle operations, including collecting a multiple modality input data stream from a plurality of different types of vehicle sensors, extracting one or more features from the input data stream using a grid-based feature extractor, and retrieving spatial attributes of objects positioned in any of a plurality of cells of the grid-based feature extractor. One or more anomalies are detected based on residual scores generated by each of cross attention-based anomaly detection and time-series-based anomaly detection. One or more defects are identified based on a generated overall defect score determined by integrating the residual scores for the cross attention-based anomaly detection and the time-series based anomaly detection being above a predetermined defect score threshold. Operation of the vehicle is controlled based on the one or more defects identified.

公开(公告)号：WO2022055783A1

公开(公告)日：2022-03-17

申请号：PCT/US2021/048817

申请日：2021-09-02

Applicant: NEC LABORATORIES AMERICA, INC. ,  NEC CORPORATION

Inventor： TANG, LuAn ,  CHENG, Wei ,  CHEN, Haifeng ,  KOBAYASHI, Yuji ,  CHEN, Zhengzhang

IPC: G06F11/20 ,  G06F11/22 ,  G06F11/30 ,  G06N3/08 ,  B60K35/00

Abstract: A method for early warning is provided. The method clusters (810) normal historical data of normal cars into groups based on the car subsystem to which they belong. The method extracts (820) (i) features based on group membership and (ii) feature correlations based on correlation graphs formed from the groups. The method trains (830) an Auto-Encoder and Auto Decoder (AE&AD) model based on the features and the feature correlations to reconstruct the normal historical data with minimum reconstruction errors. The method reconstructs (840), using the trained AE&AD model, historical data of specific car fault types with reconstruction errors, normalizes the reconstruction errors, and selects features of the car faults with a top k large errors as fault signatures. The method reconstructs (850) streaming data of monitored cars using the trained AE&AD model to determine streaming reconstruction errors, comparing the streaming reconstruction errors with the fault signatures to predict and provide alerts for impending known faults.

公开(公告)号：WO2020036850A1

公开(公告)日：2020-02-20

申请号：PCT/US2019/046112

申请日：2019-08-12

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： RHEE, Junghwan ,  TANG, LuAn ,  CHEN, Zhengzhang ,  KIM, Chung ,  LI, Zhichun ,  ZHOU, Ziqiao

IPC: G05B23/02 ,  G05B19/42 ,  G05B19/418

Abstract: A computer-implemented method for implementing protocol-independent anomaly detection within an industrial control system (ICS) includes implementing a detection stage (1400), including performing byte filtering using a byte filtering model based on at least one new network packet associated with the ICS (1430), performing horizontal detection to determine whether a horizontal constraint anomaly exists in the at least one network packet based on the byte filtering and a horizontal model (1440), including analyzing constraints across different bytes of the at least one new network packet, performing message clustering based on the horizontal detection to generate first cluster information (1450), and performing vertical detection to determine whether a vertical anomaly exists based on the first cluster information and a vertical model (1460), including analyzing a temporal pattern of each byte of the at least one new network packet.

公开(公告)号：WO2019084072A1

公开(公告)日：2019-05-02

申请号：PCT/US2018/057198

申请日：2018-10-24

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： TANG, LuAn ,  CHEN, Zhengzhang ,  LI, Zhichun ,  WU, Zhenyu ,  KAMIMURA, Jumpei ,  CHEN, Haifeng

IPC: G06F21/55 ,  G06F21/57

Abstract: A computer-implemented method for implementing alert interpretation in enterprise security systems is presented. The computer-implemented method includes employing a plurality of sensors to monitor streaming data from a plurality of computing devices, generating alerts based on the monitored streaming data, automatically analyzing the alerts, in real-time, by using a graph-based alert interpretation engine employing process-star graph models, retrieving a cause of the alerts, an aftermath of the alerts, and baselines for the alert interpretation, and integrating the cause of the alerts, the aftermath of the alerts, and the baselines to output an alert interpretation graph to a user interface of a user device.

公开(公告)号：WO2017176673A1

公开(公告)日：2017-10-12

申请号：PCT/US2017/025843

申请日：2017-04-04

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： TANG, LuAn ,  CHEN, Zhengzhang ,  JIANG, Guofei ,  LI, Zhichun ,  CHEN, Haifeng ,  YOSHIHIRA, Kenji

IPC: H04L29/06 ,  H04L12/26

Abstract: Methods and systems for reporting anomalous events include building a process graph that models states of process-level events in a network. A topology graph is built that models source and destination relationships between connection events in the network. A set of alerts is clustered based on the process graph and the topology graph. Clustered alerts that exceed a threshold level of trustworthiness are reported.

Abstract translation: 用于报告异常事件的方法和系统包括构建对网络中的过程级事件的状态建模的过程图。 建立一个拓扑图，模拟网络中连接事件之间的源和目标关系。 基于过程图和拓扑图来聚集一组警报。 报告超过可信赖阈值级别的群集警报。

公开(公告)号：WO2022072772A1

公开(公告)日：2022-04-07

申请号：PCT/US2021/053078

申请日：2021-10-01

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： CHEN, Yuncong ,  CHEN, Zhengzhang ,  LUMEZANU, Cristian ,  NATSUMEDA, Masanao ,  YU, Xiao ,  CHENG, Wei ,  MIZOGUCHI, Takehiko ,  CHEN, Haifeng

IPC: G06N3/08 ,  G06N3/04 ,  G06N5/02

Abstract: A method for system metric prediction and influential events identification by concurrently employing metric logs and event logs is presented. The method includes concurrently modeling (1301) multivariate metric series and individual events in event series by a multi-stream recurrent neural network (RNN) to improve prediction of future metrics, where the multi- stream RNN includes a series of RNNs, one RNN for each metric and one RNN for each event sequence and modeling (1303) causality relations between the multivariate metric series and the individual events in the event series by employing an attention mechanism to identify target events most responsible for fluctuations of one or more target metrics.

公开(公告)号：WO2021158409A1

公开(公告)日：2021-08-12

申请号：PCT/US2021/015280

申请日：2021-01-27

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： NI, Jingchao ,  CHEN, Zhengzhang ,  CHENG, Wei ,  ZONG, Bo ,  CHEN, Haifeng

IPC: G06N3/08 ,  G06N3/04 ,  G06T3/40

Abstract: A method interprets a convolutional sequence model. The method converts (610) an input data sequence having input segments into output features. The method clusters (620) the input segments into clusters using respective resolution-controllable class prototypes allocated to each of classes. Each respective class prototype includes a respective output feature subset characterizing a respective associated class. The method calculates (630), using the clusters, similarity scores that indicate a similarity of an output feature to a respective class prototypes responsive to distances between the output feature and the respective class prototypes. The method concatenates (640) the similarity scores to obtain a similarity vector. The method performs (650) a prediction and prediction support operation that provides a value of prediction and an interpretation for the value responsive to the input segments and similarity vector. The interpretation for the value of prediction is provided using only non-negative weights and lacking a weight bias in the fully connected layer.