research-article

Statistical anomaly detection with sensor networks

Authors:

Ioannis Ch. Paschalidis,

Yin ChenAuthors Info & Claims

ACM Transactions on Sensor Networks (TOSN), Volume 7, Issue 2

Article No.: 17, Pages 1 - 23

https://doi.org/10.1145/1824766.1824773

Published: 08 September 2010 Publication History

Get Access

Abstract

We seek to detect statistically significant temporal or spatial changes in either the underlying process the sensor network is monitoring or in the network operation itself. These changes may point to faults, adversarial threats, misbehavior, or other anomalies that require intervention. To that end, we introduce a new statistical anomaly detection framework that uses Markov models to characterize the “normal” behavior of the sensor network. We develop a series of Markov models, including tree-indexed Markov chains which can model its spatial structure. For each model, an anomaly-free probability law is estimated from past traces. We leverage large deviations techniques to develop optimal anomaly detection rules for each corresponding Markov model, assessing whether its most recent empirical measure is consistent with the anomaly-free probability law. A series of simulation results, some with real sensor data, validate the effectiveness of the proposed anomaly detection algorithms.

References

[1]

Chan, H., Perrig, A., and Song, D. 2003. Random key predistribution schemes for sensor networks. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos, CA, 197--213.

Digital Library

Google Scholar

[2]

Dembo, A., Mörters, P., and Sheffield, S. 2005. Large deviations of Markov chains indexed by random trees. Ann. I. H. Poincaré PR-41, 971--996.

Google Scholar

[3]

Dembo, A., and Zeitouni, O. 1998. Large Deviations Techniques and Applications 2nd Ed. Springer-Verlag, Berlin.

Google Scholar

[4]

Friesz, P. J. and Colman, J. A. 2001. Hydrology and trophic ecology of Walden Pond, Concord, Massachusetts: U.S. geological survey water-resources investigations report 01-4153.

Google Scholar

[5]

Hoeffding, W. 1965. Asymptotically optimal tests for multinomial distributions. Ann. Math. Statist. 36, 369--401.

Crossref

Google Scholar

[6]

Hu, Y. C., Perrig, A., and Johnson, D, 2003. Packet leashes: a defense against wormhole attacks in wireless networks. In Proceedings of the 22nd Conference of the IEEE Communications Society (INFOCOM). IEEE Computer Society Press, Los Alamitos, CA.

Crossref

Google Scholar

[7]

Lazos, L., Poovendran, R., Meadows, C., Syverson, P., and Chang, L. W. 2005. Preventing wormhole attacks on wireless ad hoc networks: A graph theoretic approach. In Proceedings of the IEEE Wireless Communications and Networking Conference. IEEE Computer Society Press, Los Alamitos, CA, 1193--1199.

Google Scholar

[8]

Paschalidis, I. and Smaragdakis, S. 2008. Spatio-temporal network anomaly detection by assessing deviations of empirical measures. IEEE/ACM Trans. Network.

Digital Library

Google Scholar

[9]

Paschalidis, I. C., and Guo, D. 2008. Robust and distributed stochastic localization in sensor networks: Theory and experimental results. ACM Trans. Sensor Netw. 5, 4.

Digital Library

Google Scholar

[10]

Perrig, A., Stankovic, J., and Wagner, D. 2004. Security in wireless sensor networks. Comm. ACM 47, 6, 53--57.

Digital Library

Google Scholar

[11]

Perrig, A., Szewczyk, R., Wen, V., Culler, D., and Tygar, J. D. 2002. Spins: Security protocols for sensor networks. Wirel. Networks 5, 521--534.

Digital Library

Google Scholar

[12]

Ray, S., Lai, W., and Paschalidis, I. C. 2006. Statistical location detection with sensor networks. Joint special issue IEEE/ACM Trans. Network. IEEE Trans. Inform. Theory 52, 6, 2670--2683.

Digital Library

Google Scholar

[13]

Subramaniam, S., Palpanas, T., Papadopoulos, D., Kalogeraki, V., and Gunopulos, D. 2006. Online outlier detection in sensor data using non-parametric models. In Proceedings of the International Conference on Very Large Data Bases. ACM, New York, 187--198.

Digital Library

Google Scholar

[14]

Zeitouni, O., Ziv, J., and Merhav, N. 1992. When is the generalized likelihood ratio test optimal&quest; IEEE Trans. Inform. Theory 38, 5, 1597--1602.

Digital Library

Google Scholar

[15]

Zhu, S., Setia, S., and Jajodia, S. 2006. Leap+: Efficient security mechanisms for large-scale distributed sensor networks. ACM Trans. Sensor Netw. 2, 4, 500--528.

Digital Library

Google Scholar

Cited By

View all

Zhang ZYao YHutabarat WFarnsworth MTiwari DTiwari A(2024)Time Series Anomaly Detection in Vehicle Sensors Using Self-Attention MechanismsIEEE Transactions on Intelligent Transportation Systems10.1109/TITS.2024.341543525:11(15964-15976)Online publication date: 1-Nov-2024
https://dl.acm.org/doi/10.1109/TITS.2024.3415435
Cui TZhu YLiu YLiu J(2024)Time Series Anomaly Detection Using Temporal 2D-Variation Multi-Layer Feature Fusion Times Network2024 IEEE 14th International Conference on CYBER Technology in Automation, Control, and Intelligent Systems (CYBER)10.1109/CYBER63482.2024.10748873(726-731)Online publication date: 16-Jul-2024
https://doi.org/10.1109/CYBER63482.2024.10748873
Golchin BRekabdar B(2024)Anomaly Detection In Time Series Data Using Reinforcement Learning, Variational Autoencoder, and Active Learning2024 Conference on AI, Science, Engineering, and Technology (AIxSET)10.1109/AIxSET62544.2024.00007(1-8)Online publication date: 30-Sep-2024
https://doi.org/10.1109/AIxSET62544.2024.00007
Show More Cited By

Index Terms

Statistical anomaly detection with sensor networks
1. Mathematics of computing
  1. Probability and statistics
    1. Probabilistic representations
      1. Markov networks
    2. Stochastic processes
      1. Markov processes
2. Theory of computation
  1. Theory and algorithms for application domains
    1. Machine learning theory
      1. Markov decision processes

Recommendations

Sketch Based Anomaly Detection Scheme in Wireless Sensor Networks
CYBERC '13: Proceedings of the 2013 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery

The constrained capacity of wireless sensor nodes and harsh, unattended deploy environments make the data collected by sensor nodes usually unreliable. In this paper, we propose a sketch based anomaly detection scheme in order to detect the anomaly data ...
Spatial anomaly detection in sensor networks using neighborhood information

A method of neighborhood data fusion in decentralized anomaly detection is proposed.The effects of neighborhood size and spatio-temporal correlation are explored.Performance increases when the system is deployed in a correlated environment.Fusing small ...
Bayesian Statistical Inference in Machine Learning Anomaly Detection
ICCIIS '10: Proceedings of the 2010 International Conference on Communications and Intelligence Information Security

Intrusion Detection is an important component of the security of the Network, through the critical information of the network and host system, it can determine the user’s invasion of illegal and legal acts of the user misuse of resources, and make an ...

Reviews

Reviewer: Ruay-Shiung Chang

When you are entering a dark building at night, the sudden lighting at the door-the sensors at work-may startle you. On a highway, you can speed through a tollgate without stopping because an electronic toll collection (ETC) system senses your car passing and collects the fee automatically. From the above examples, you can see that sensors and their various applications are everywhere. If sensors are equipped with wireless transmission and reception capabilities, they can form a wireless sensor network (WSN). In a WSN, sensors monitor a continuously changing situation-for example, thermal sensors monitor temperature changes and manometers monitor pressure changes-and variations in the monitored data are usually normal. However, changes also occur when there are intruders in the WSN or faults occur. This paper focuses on how to determine if a change in the sensed data is normal or abnormal. In the abstract, the authors describe their work: "We develop a series of Markov models, including tree-indexed Markov chains which can model its spatial structure. For each model, an anomaly-free probability law is estimated from past traces." Although the authors run simulations for validation, the simulation parameters and environments are not clearly stated. Overall, the paper is more about mathematical Markov model analysis than about sensor networks, which just happen to be an area where the Markov model can be applied. The paper could use more examples and real numerical data or traces that illustrate how their model can be applied. Online Computing Reviews Service

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Sensor Networks

ACM Transactions on Sensor Networks Volume 7, Issue 2

August 2010

297 pages

ISSN:1550-4859

EISSN:1550-4867

DOI:10.1145/1824766

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 08 September 2010

Accepted: 01 April 2010

Revised: 01 October 2009

Received: 01 May 2009

Published in TOSN Volume 7, Issue 2

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

27
Total Citations
View Citations
959
Total Downloads

Downloads (Last 12 months)24
Downloads (Last 6 weeks)2

Reflects downloads up to 22 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Zhang ZYao YHutabarat WFarnsworth MTiwari DTiwari A(2024)Time Series Anomaly Detection in Vehicle Sensors Using Self-Attention MechanismsIEEE Transactions on Intelligent Transportation Systems10.1109/TITS.2024.341543525:11(15964-15976)Online publication date: 1-Nov-2024
https://dl.acm.org/doi/10.1109/TITS.2024.3415435
Cui TZhu YLiu YLiu J(2024)Time Series Anomaly Detection Using Temporal 2D-Variation Multi-Layer Feature Fusion Times Network2024 IEEE 14th International Conference on CYBER Technology in Automation, Control, and Intelligent Systems (CYBER)10.1109/CYBER63482.2024.10748873(726-731)Online publication date: 16-Jul-2024
https://doi.org/10.1109/CYBER63482.2024.10748873
Golchin BRekabdar B(2024)Anomaly Detection In Time Series Data Using Reinforcement Learning, Variational Autoencoder, and Active Learning2024 Conference on AI, Science, Engineering, and Technology (AIxSET)10.1109/AIxSET62544.2024.00007(1-8)Online publication date: 30-Sep-2024
https://doi.org/10.1109/AIxSET62544.2024.00007
Jia MXu DYang TYao YLiu Y(2024)Graph-guided masked autoencoder for process anomaly detectionProcess Safety and Environmental Protection10.1016/j.psep.2024.04.052186(1345-1357)Online publication date: Jun-2024
https://doi.org/10.1016/j.psep.2024.04.052
Gao YLin QYe SCheng YZhang TLiang BLu W(2024)Outlier detection in temporal and spatial sequences via correlation analysis based on graph neural networksDisplays10.1016/j.displa.2024.10277584(102775)Online publication date: Sep-2024
https://doi.org/10.1016/j.displa.2024.102775
Diamanti AVilchez JSecci S(2022)An AI-Empowered Framework for Cross-Layer Softwarized Infrastructure State AssessmentIEEE Transactions on Network and Service Management10.1109/TNSM.2022.316187219:4(4434-4448)Online publication date: Dec-2022
https://doi.org/10.1109/TNSM.2022.3161872
Wang SZeng G(2022)A Novel Approach to Select High-Reward Data Items in Big Data Stream Based on Multiarmed BanditIEEE Transactions on Computational Social Systems10.1109/TCSS.2021.31143529:4(1144-1153)Online publication date: Aug-2022
https://doi.org/10.1109/TCSS.2021.3114352
Berjab NLe HYokota H(2021)A Spatiotemporal and Multivariate Attribute Correlation Extraction Scheme for Detecting Abnormal Nodes in WSNsIEEE Access10.1109/ACCESS.2021.31158199(135266-135284)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3115819
Reunanen NRäty TLintonen T(2020)Automatic optimization of outlier detection ensembles using a limited number of outlier examplesInternational Journal of Data Science and Analytics10.1007/s41060-020-00222-4Online publication date: 8-Jun-2020
https://doi.org/10.1007/s41060-020-00222-4
Karthik NAnanthanarayana V(2019)Context Aware Trust Management Scheme for Pervasive HealthcareWireless Personal Communications: An International Journal10.1007/s11277-018-6091-9105:3(725-763)Online publication date: 1-Apr-2019
https://dl.acm.org/doi/10.1007/s11277-018-6091-9
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Sketch Based Anomaly Detection Scheme in Wireless Sensor Networks

Spatial anomaly detection in sensor networks using neighborhood information

Bayesian Statistical Inference in Machine Learning Anomaly Detection

Reviews

Access critical reviews of Computing literature here

Comments

Published In

Publisher

Journal Family

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Sketch Based Anomaly Detection Scheme in Wireless Sensor Networks

Spatial anomaly detection in sensor networks using neighborhood information

Bayesian Statistical Inference in Machine Learning Anomaly Detection

Reviews

Access critical reviews of Computing literature here

Comments

Information

Published In

Publisher

Journal Family

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations