Use this URL to cite or link to this record in EThOS: https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.739561
Title: A general solution to detect anomalies in networked distributed sensing systems
Author: Chen, Po-Yu
ISNI:       0000 0004 7228 4532
Awarding Body: Imperial College London
Current Institution: Imperial College London
Date of Award: 2016
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
Networked distributed sensing systems (NDSSs) have been widely adopted in many real-world applications which can be either described as cyber-physical system (CPS) or indeed the Internet of Things (IoT). The security and trust in such systems are of paramount importance. In practice, sensor readings may be abnormal or faulty due to various unpredictable causes such as the harsh environments in which they are deployed, the sensors are inherently fault-prone, or they experience malicious attacks. However, although a large body of research has been looking at detecting such anomalies, we have yet seen a common solution that can effectively detect all general anomalies in NDSSs. Many current solutions are either simple but limited by rigid assumptions, or powerful but complex and therefore not suited to resource scarce and large-scale NDSSs. To overcome this problem, we have investigated the causes and patterns of anomaly behaviours in NDSS, and propose a lightweight general solution that can identify most general anomalies in resource-limited NDSSs. This solution consists of three different components: feature extraction, sensor grouping, and anomaly classification. In feature extraction, we propose two multi-feature dimensionality reduction algorithms, MFDR and MFDR-N. These algorithms extract distinctive time-series features from raw sensor measurements and provide their dimensionality-reduced (DR) representations. In comparison to traditional time-series approaches, MFDR and MFDR-N can provide multiple types of time-series features which can better approximate the original data with smaller error. In addition, to ensure our solution can scale to different sizes of NDSSs while being able to perform sophisticated detection schemes, we propose a distributed matching-based grouping algorithm, DMGA, which clusters sensors into correlation groups where a strong spatiotemporal correlation exists among all sensors. To the best of our knowledge, this grouping algorithm is the first one to provide performance guarantees in terms of correlation strength. Ultimately, we propose two general anomaly detection classifiers, GAD and FGAD, to capture rapid and gradual pattern changes in sensor measurements, respectively. Both of these are lightweight in terms of computation complexity and can adapt fast to changes in non-stationary environments. Our experimental results show that both GAD and FGAD are very effective against various types of anomalies in real-world NDSS.
Supervisor: McCann, Julie Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.739561  DOI:
Share: