Anomaly detection in sensor networks based on large deviations of Markov chain models

Author

Paschalidis, Ioannis Ch ; Chen, Yin

Author_Institution

Dept. of Electr. & Comput. Eng., Boston Univ., Brookline, MA, USA

fYear

2008

fDate

9-11 Dec. 2008

Firstpage

2338

Lastpage

2343

Abstract

We introduce an anomaly detection framework for wireless sensor networks able to detect statistically significant temporal or spatial changes in either the underlying process the sensor network is monitoring or the network operation itself. We consider a series of Markov models to characterize the behavior of the sensor network, including tree-indexed Markov chains which can model its spatial structure. Large deviations techniques are used to compare the distribution of the Markov model estimated from past anomaly-free traces with its most recent empirical measure. We develop optimal decision rules for each corresponding Markov model to identify anomalies in recent activity. Simulation results validate the effectiveness of the proposed anomaly detection algorithms.

Keywords

Markov processes; statistical distributions; telecommunication security; trees (mathematics); wireless sensor networks; anomaly detection algorithm; network operation monitoring; optimal decision rule; spatial structure model; statistical distribution; tree-indexed Markov chain model; wireless sensor network; Application software; Information security; National security; Patient monitoring; Power system modeling; Probability; Protocols; Sensor phenomena and characterization; Testing; Wireless sensor networks;

fLanguage

English

Publisher

ieee

Conference_Titel

Decision and Control, 2008. CDC 2008. 47th IEEE Conference on

Conference_Location

Cancun

ISSN

0191-2216

Print_ISBN

978-1-4244-3123-6

Electronic_ISBN

0191-2216

Type

conf

DOI

10.1109/CDC.2008.4738773

Filename

4738773