论文信息 - Anomaly detection in sensor networks based on large deviations of Markov chain models

Anomaly detection in sensor networks based on large deviations of Markov chain models

We introduce an anomaly detection framework for wireless sensor networks able to detect statistically significant temporal or spatial changes in either the underlying process the sensor network is monitoring or the network operation itself. We consider a series of Markov models to characterize the behavior of the sensor network, including tree-indexed Markov chains which can model its spatial structure. Large deviations techniques are used to compare the distribution of the Markov model estimated from past anomaly-free traces with its most recent empirical measure. We develop optimal decision rules for each corresponding Markov model to identify anomalies in recent activity. Simulation results validate the effectiveness of the proposed anomaly detection algorithms.

Yin Chen | Ioannis Ch. Paschalidis

[1] Ioannis Ch. Paschalidis,et al. Robust and distributed localization in sensor networks , 2007, 2007 46th IEEE Conference on Decision and Control.

[2] W. Hoeffding. Asymptotically Optimal Tests for Multinomial Distributions , 1965 .

[3] G. Smaragdakis,et al. Spatio-Temporal Network Anomaly Detection by Assessing Deviations of Empirical Measures , 2009, IEEE/ACM Transactions on Networking.

[4] Neri Merhav,et al. When is the generalized likelihood ratio test optimal? , 1992, IEEE Trans. Inf. Theory.

[5] Mukesh Singhal,et al. Security in wireless sensor networks , 2008, Wirel. Commun. Mob. Comput..

[6] Amir Dembo,et al. Large deviations of Markov chains indexed by random trees , 2005 .