Anomalous behaviour detection using heterogeneous data

Anomaly detection is one of the most important methods to process and find abnormal data, as this method can distinguish between normal and abnormal behaviour. Anomaly detection has been applied in many areas such as the medical sector, fraud detection in finance, fault detection in machines, intrusion detection in networks, surveillance systems for security, as well as forensic investigations. Abnormal behaviour can give information or answer questions when an investigator is performing an investigation. Anomaly detection is one way to simplify big data by focusing on data that have been grouped or clustered by the anomaly detection method. Forensic data usually consists of heterogeneous data which have several data forms or types such as qualitative or quantitative, structured or unstructured, and primary or secondary. For example, when a crime takes place, the evidence can be in the form of various types of data. The combination of all the data types can produce rich information insights. Nowadays, data has become ‘big’ because it is generated every second of every day and processing has become time-consuming and tedious. Therefore, in this study, a new method to detect abnormal behaviour is proposed using heterogeneous data and combining the data using data fusion technique. Vast challenge data and image data are applied to demonstrate the heterogeneous data. The first contribution in this study is applying the heterogeneous data to detect an anomaly. The recently introduced anomaly detection technique which is known as Empirical Data Analytics (EDA) is applied to detect the abnormal behaviour based on the data sets. Standardised eccentricity (a newly introduced within EDA measure offering a new simplified form of the well-known Chebyshev Inequality) can be applied to any data distribution. Then, the second contribution is applying image data. The image data is processed using pre-trained deep learning network, and classification is done using a support vector machine (SVM). After that, the last contribution is combining anomaly result from heterogeneous data and image recognition using new data fusion technique. There are five types of data with three different modalities and different dimensionalities. The data cannot be simply combined and integrated. Therefore, the new data fusion technique first analyses the abnormality in each data type separately and determines the degree of suspicious between 0 and 1 and sums up all the degrees of suspicion data afterwards. This method is not intended to be a fully automatic system that resolves investigations, which would likely be unacceptable in any case. The aim is rather to simplify the role of the humans so that they can focus on a small number of cases to be looked in more detail. The proposed approach does simplify the processing of such huge amounts of data. Later, this method can assist human experts in their investigations and making final decisions.

[1]  Damminda Alahakoon,et al.  Building Multi-modal Crime Profiles with Growing Self Organising Maps , 2014, Computational Intelligence in Digital Forensics.

[2]  Xiong Luo,et al.  A kernel machine-based secure data sensing and fusion scheme in wireless sensor networks for the cyber-physical systems , 2016, Future Gener. Comput. Syst..

[3]  Yu Zheng,et al.  Trajectory Data Mining , 2015, ACM Trans. Intell. Syst. Technol..

[4]  Fakhri Karray,et al.  Multisensor data fusion: A review of the state-of-the-art , 2013, Inf. Fusion.

[5]  Rob Fergus,et al.  Visualizing and Understanding Convolutional Networks , 2013, ECCV.

[6]  Kim-Kwang Raymond Choo,et al.  Impacts of increasing volume of digital forensic data: A survey and future research challenges , 2014, Digit. Investig..

[7]  Aníbal Ollero,et al.  A Ground Control Station for a Multi-UAV Surveillance System , 2013, J. Intell. Robotic Syst..

[8]  Oscar Castillo,et al.  Modular granular neural networks optimization with Multi-Objective Hierarchical Genetic Algorithm for human recognition based on iris biometric , 2013, 2013 IEEE Congress on Evolutionary Computation.

[9]  Sonia,et al.  A Voting-Based Sensor Fusion Approach for Human Presence Detection , 2016, IHCI.

[10]  Dariusz Frejlichowski,et al.  Intelligent video surveillance systems for public spaces – a survey , 2014 .

[11]  Edward J. Delp,et al.  Automatic detection of abnormal human events on train platforms , 2014, NAECON 2014 - IEEE National Aerospace and Electronics Conference.

[12]  Plamen Angelov Autonomous Learning Systems , 2013 .

[13]  Plamen Angelov,et al.  Anomalous behaviour detection based on heterogeneous data and data fusion , 2018, Soft Comput..

[14]  Guigang Zhang,et al.  Deep Learning , 2016, Int. J. Semantic Comput..

[15]  Plamen P. Angelov,et al.  Evolving fuzzy systems , 2008, Scholarpedia.

[16]  Shashi Bhushan,et al.  GAIT RECOGNITION OF HUMAN USING SVM AND BPNN CLASSIFIERS , 2014 .

[17]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[18]  Md. Abu Naser Bikas,et al.  An Implementation of Intrusion Detection System Using Genetic Algorithm , 2012, ArXiv.

[19]  Plamen Angelov,et al.  Real-Time Fault Detection Using Recursive Density Estimation , 2014, Journal of Control, Automation and Electrical Systems.

[20]  Han Wang,et al.  AcFR: Active Face Recognition Using Convolutional Neural Networks , 2017, 2017 IEEE Conference on Computer Vision and Pattern Recognition Workshops (CVPRW).

[21]  Georgi Gluhchev,et al.  Neural Network and kNN Classifiers for On-Line Signature Verification , 2014, BIOMET.

[22]  Borko Furht,et al.  Sensor fault and patient anomaly detection and classification in medical wireless sensor networks , 2013, 2013 IEEE International Conference on Communications (ICC).

[23]  Anil A. Bharath,et al.  A data augmentation methodology for training machine/deep learning gait recognition algorithms , 2016, BMVC.

[24]  Andrew Beng Jin Teoh,et al.  Keystroke dynamics in password authentication enhancement , 2010, Expert Syst. Appl..

[25]  Plamen Angelov,et al.  An Approach to Autonomous Self-localization of a Mobile Robot in Completely Unknown Environment using Evolving Fuzzy Rule-based Classifier , 2007 .

[26]  José García Rodríguez,et al.  Building Visual Surveillance Systems with Neural Networks , 2012, Computational Intelligence for Privacy and Security.

[27]  Cüneyt Güzelis,et al.  A new facial expression recognition based on curvelet transform and online sequential extreme learning machine initialized with spherical clustering , 2014, Neural Computing and Applications.

[28]  V Jyothsna,et al.  A Review of Anomaly based Intrusion Detection Systems , 2011 .

[29]  Hari Om,et al.  A hybrid system for reducing the false alarm rate of anomaly intrusion detection system , 2012, 2012 1st International Conference on Recent Advances in Information Technology (RAIT).

[30]  Plamen Angelov,et al.  Applications of evolving intelligent systems to oil and gas industry. , 2010 .

[31]  Aboul Ella Hassanien,et al.  Impact of Some Biometric Modalities on Forensic Science , 2014, Computational Intelligence in Digital Forensics.

[32]  Plamen P. Angelov,et al.  Handling drifts and shifts in on-line data streams with evolving fuzzy systems , 2011, Appl. Soft Comput..

[33]  Geoffrey E. Hinton,et al.  ImageNet classification with deep convolutional neural networks , 2012, Commun. ACM.

[34]  Eamonn J. Keogh,et al.  Finding Unusual Medical Time-Series Subsequences: Algorithms and Applications , 2006, IEEE Transactions on Information Technology in Biomedicine.

[35]  Araceli Sanchis,et al.  Modelling evolving user behaviours , 2009, 2009 IEEE Workshop on Evolving and Self-Developing Intelligent Systems.

[36]  Ling Shao,et al.  Transfer Learning for Visual Categorization: A Survey , 2015, IEEE Transactions on Neural Networks and Learning Systems.

[37]  T. V. Pollet,et al.  To Remove or not to Remove: the Impact of Outlier Handling on Significance Testing in Testosterone Data , 2017 .

[38]  Yingqin Zheng,et al.  Intelligence Techniques in Computer Security and Forensics: At the Boundaries of Ethics and Law , 2012, Computational Intelligence for Privacy and Security.

[39]  Plamen P. Angelov,et al.  Simplified fuzzy rule-based systems using non-parametric antecedents and relative data density , 2011, 2011 IEEE Workshop on Evolving and Adaptive Intelligent Systems (EAIS).

[40]  Plamen P. Angelov,et al.  Online fault detection based on Typicality and Eccentricity Data Analytics , 2015, 2015 International Joint Conference on Neural Networks (IJCNN).

[41]  James Llinas,et al.  Handbook of Multisensor Data Fusion : Theory and Practice, Second Edition , 2008 .

[42]  Plamen Angelov,et al.  A fully autonomous Data Density based Clustering technique , 2014, 2014 IEEE Symposium on Evolving and Autonomous Learning Systems (EALS).

[43]  S. Ross :Scholarship in the Digital Age: Information, Infrastructure, and the Internet , 2009 .

[44]  Claus Vielhauer,et al.  Latent fingerprint detection using a spectral texture feature , 2011, MM&Sec '11.

[45]  Yongbum Kim,et al.  Development of an Anomaly Detection Model for a Bank's Transitory Account System , 2014, J. Inf. Syst..

[46]  Igor Skrjanc,et al.  A Robust Evolving Cloud-Based Controller , 2015, Handbook of Computational Intelligence.

[47]  Plamen Angelov,et al.  Outside the box: an alternative data analytics framework , 2014, J. Autom. Mob. Robotics Intell. Syst..

[48]  Plamen P. Angelov,et al.  A real-time approach for novelty detection and trajectories analysis for anomaly recognition in video surveillance systems , 2012, 2012 IEEE Conference on Evolving and Adaptive Intelligent Systems.

[49]  Ibrahim Khalil,et al.  ECG biometric using multilayer perceptron and radial basis function neural networks , 2011, 2011 Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[50]  Gajendra Singh Chandel,et al.  Identification of People by Iris Recognition , 2014 .

[51]  B. S. Manjunath,et al.  Detection and Localization of Image Forgeries Using Resampling Features and Deep Learning , 2017, 2017 IEEE Conference on Computer Vision and Pattern Recognition Workshops (CVPRW).

[52]  Hiroaki Yoshida,et al.  Human identification from brain EEG signals using advanced machine learning method EEG-based biometrics , 2016, 2016 IEEE EMBS Conference on Biomedical Engineering and Sciences (IECBES).

[53]  Kelly Reynolds,et al.  Using Machine Learning to Detect Cyberbullying , 2011, 2011 10th International Conference on Machine Learning and Applications and Workshops.

[54]  Igor Skrjanc,et al.  Robust evolving cloud-based PID control adjusted by gradient learning method , 2014, 2014 IEEE Conference on Evolving and Adaptive Intelligent Systems (EAIS).

[55]  W. Horng,et al.  Classification of Age Groups Based on Facial Features , 2001 .

[56]  Samir Mbarki,et al.  A survey of Haar-Like feature representation , 2014, 2014 International Conference on Multimedia Computing and Systems (ICMCS).

[57]  Patricia Melin,et al.  Optimization of modular granular neural networks using hierarchical genetic algorithms for human recognition using the ear biometric measure , 2014, Eng. Appl. Artif. Intell..

[58]  Faye Rona Mitchell,et al.  An Overview of Artificial Intelligence Based Pattern Matching in a Security and Digital Forensic Context , 2014, Cyberpatterns.

[59]  Nikola Kasabov,et al.  Evolving Connectionist Systems: Methods and Applications in Bioinformatics, Brain Study and Intelligent Machines , 2002, IEEE Transactions on Neural Networks.

[60]  Ajith Abraham,et al.  Computational Intelligence in Digital Forensics , 2014, Computational Intelligence in Digital Forensics.

[61]  Markus Goldstein,et al.  Anomaly Detection in Large Datasets , 2014 .

[62]  Plamen Angelov,et al.  Anomaly detection based on eccentricity analysis , 2014, 2014 IEEE Symposium on Evolving and Autonomous Learning Systems (EALS).

[63]  Robert LIN,et al.  NOTE ON FUZZY SETS , 2014 .

[64]  Plamen P. Angelov,et al.  Adaptive Inferential Sensors Based on Evolving Fuzzy Models , 2010, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[65]  Jemal H. Abawajy,et al.  A Data Fusion Method in Wireless Sensor Networks , 2015, Sensors.

[66]  F. Klawonn,et al.  Evolving Fuzzy Rule-based Classifiers , 2007, 2007 IEEE Symposium on Computational Intelligence in Image and Signal Processing.

[67]  Frank Klawonn,et al.  Computational Intelligence: A Methodological Introduction , 2015, Texts in Computer Science.

[68]  Junyong Liu,et al.  Big Data Management in Digital Forensics , 2014, 2014 IEEE 17th International Conference on Computational Science and Engineering.

[69]  Tomohiro Shirakawa,et al.  Gait analysis and machine learning classification on healthy subjects in normal walking , 2015 .

[70]  Paul A. Viola,et al.  Robust Real-Time Face Detection , 2001, Proceedings Eighth IEEE International Conference on Computer Vision. ICCV 2001.

[71]  David A. Elizondo,et al.  An Introduction to the Use of Neural Networks for Network Intrusion Detection , 2012, Computational Intelligence for Privacy and Security.

[72]  Barbara Martini,et al.  The Data Revolution. Big Data, Open Data, Data Infrastructures and Their Consequences , 2016 .

[73]  Andrzej Bargiela,et al.  Local receptive field constrained deep networks , 2016, Inf. Sci..

[74]  Plamen P. Angelov,et al.  Empirical data analysis: A new tool for data analytics , 2016, 2016 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[75]  Enrico Grosso,et al.  Biometrics in Forensic Science: Challenges, Lessons and New Technologies , 2014, BIOMET.

[76]  Tal Hassner,et al.  Age and gender classification using convolutional neural networks , 2015, 2015 IEEE Conference on Computer Vision and Pattern Recognition Workshops (CVPRW).

[77]  Patricia Melin,et al.  Development of modular neural networks with fuzzy logic response integration for signature recognition , 2009 .

[78]  Sulaiman Al Amro,et al.  Application of Fuzzy Logic in Computer Security and Forensics , 2012, Computational Intelligence for Privacy and Security.

[79]  Vasant Dhar,et al.  Data science and prediction , 2012, CACM.

[80]  John Vincent Atanasoff Advent of Electronic Digital Computing , 1984, Annals of the History of Computing.

[81]  Anazida Zainal,et al.  Fraud detection system: A survey , 2016, J. Netw. Comput. Appl..

[82]  Plamen Angelov,et al.  Evolving Intelligent Systems: Methodology and Applications , 2010 .

[83]  Taghi M. Khoshgoftaar,et al.  Intrusion detection and Big Heterogeneous Data: a Survey , 2015, Journal of Big Data.

[84]  Christian Jutten,et al.  Multimodal Data Fusion: An Overview of Methods, Challenges, and Prospects , 2015, Proceedings of the IEEE.

[85]  Ren C. Luo,et al.  Multisensor fusion and integration: approaches, applications, and future research directions , 2002 .

[86]  M. Akila,et al.  Biometric personal authentication using keystroke dynamics: A review , 2011, Appl. Soft Comput..

[87]  Xiaofeng Wang,et al.  Gender and Age Classification of Human Faces for Automatic Detection of Anomalous Human Behaviour , 2017, 2017 3rd IEEE International Conference on Cybernetics (CYBCON).

[88]  J. Alberto Espinosa,et al.  Big Data: Issues and Challenges Moving Forward , 2013, 2013 46th Hawaii International Conference on System Sciences.

[89]  Tom Ziemke,et al.  On the Definition of Information Fusion as a Field of Research , 2007 .

[90]  Pedro Isasi Viñuela,et al.  Evolutionary Computation in computer security and cryptography , 2005, New Generation Computing.

[91]  T. Ferryman,et al.  Data outlier detection using the Chebyshev theorem , 2005, 2005 IEEE Aerospace Conference.

[92]  James Llinas,et al.  A framework for dynamic hard/soft fusion , 2008, 2008 11th International Conference on Information Fusion.

[93]  Federico Castanedo,et al.  A Review of Data Fusion Techniques , 2013, TheScientificWorldJournal.

[94]  Ramin Ramezani,et al.  A real-time approach to autonomous novelty detection and object tracking in video stream , 2011 .

[95]  Carsten Maple,et al.  A Machine Learning Framework to Detect and Document Text-Based Cyberstalking , 2015, LWA.

[96]  Magne Setnes,et al.  Compact and transparent fuzzy models and classifiers through iterative complexity reduction , 2001, IEEE Trans. Fuzzy Syst..

[97]  Xiaowei Gu,et al.  Detecting Anomalous Behaviour Using Heterogeneous Data , 2016, UKCI.

[98]  Tomaso A. Poggio,et al.  A general framework for object detection , 1998, Sixth International Conference on Computer Vision (IEEE Cat. No.98CH36271).

[99]  José Carlos Príncipe,et al.  Cognitive Architectures for Sensory Processing , 2014, Proceedings of the IEEE.

[100]  Harry Timmermans,et al.  Car drivers’ characteristics and the maximum walking distance between parking facility and final destination , 2015 .

[101]  Mita Nasipuri,et al.  Hand Biometrics in Digital Forensics , 2014, Computational Intelligence in Digital Forensics.

[102]  Xiaowei Gu,et al.  Empirical Data Analytics , 2017, Int. J. Intell. Syst..

[103]  Fadi N. Sibai,et al.  Iris recognition using artificial neural networks , 2011, Expert Syst. Appl..

[104]  Ying Wu,et al.  Topology Preserving Mapping for Maritime Anomaly Detection , 2014, ICCSA.

[105]  Marco Grangetto,et al.  Human Classification Using Gait Features , 2014, BIOMET.

[106]  Imed Bouchrika,et al.  On Using Gait in Forensic Biometrics , 2011, Journal of forensic sciences.

[107]  Asif Ullah Khan,et al.  Fast Image Retrieval Method based on Controlled Self Organization Map Neural Network on Biometric Feature , 2014 .

[108]  P. Angelov,et al.  Evolving rule-based models: A tool for intelligent adaptation , 2001, Proceedings Joint 9th IFSA World Congress and 20th NAFIPS International Conference (Cat. No. 01TH8569).

[109]  Fabian Nater Abnormal behavior detection in surveillance videos , 2012 .

[110]  Wei Jiang,et al.  On-line outlier detection and data cleaning , 2004, Comput. Chem. Eng..

[111]  David Connah,et al.  Automatic age and gender classification using supervised appearance model , 2016, J. Electronic Imaging.

[112]  Mahmoud Reza Hashemi,et al.  An adaptive profile based fraud detection framework for handling concept drift , 2013, 2013 10th International ISC Conference on Information Security and Cryptology (ISCISC).

[113]  Yu Qiao,et al.  A Discriminative Feature Learning Approach for Deep Face Recognition , 2016, ECCV.

[114]  Plamen Angelov Typicality distribution function — A new density-based data analytics tool , 2015, 2015 International Joint Conference on Neural Networks (IJCNN).

[115]  Plamen P. Angelov,et al.  DEC: Dynamically Evolving Clustering and Its Application to Structure Identification of Evolving Fuzzy Models , 2014, IEEE Transactions on Cybernetics.

[116]  Jignesh M. Patel,et al.  Big data and its technical challenges , 2014, CACM.

[117]  Umapada Pal,et al.  Signature-Based Biometric Authentication , 2014, Computational Intelligence in Digital Forensics.

[118]  S. Jenkins The Income Distribution in the UK , 2016 .

[119]  Alessandro Guarino,et al.  Digital Forensics as a Big Data Challenge , 2013, ISSE.

[120]  Arun Ross,et al.  An introduction to biometric recognition , 2004, IEEE Transactions on Circuits and Systems for Video Technology.

[121]  Antonio Barrientos,et al.  Human Detection from a Mobile Robot Using Fusion of Laser and Vision Information , 2013, Sensors.

[122]  Michele Vespe,et al.  Vessel Pattern Knowledge Discovery from AIS Data: A Framework for Anomaly Detection and Route Prediction , 2013, Entropy.

[123]  Plamen P. Angelov,et al.  A Nested Hierarchy of Dynamically Evolving Clouds for Big Data Structuring and Searching , 2015, INNS Conference on Big Data.

[124]  Nicolas Goix,et al.  How to Evaluate the Quality of Unsupervised Anomaly Detection Algorithms? , 2016, ArXiv.

[125]  R. Segurado,et al.  Prenatal detection of structural cardiac defects and presence of associated anomalies: a retrospective observational study of 1262 fetal echocardiograms , 2015, Prenatal diagnosis.

[126]  Nicole Beebe,et al.  Clustering digital forensic string search output , 2014, Digit. Investig..

[127]  Philippe Terrier,et al.  Determinants of gait stability while walking on a treadmill: A machine learning approach. , 2017, Journal of biomechanics.

[129]  David Navega,et al.  Sex estimation from the tarsal bones in a Portuguese sample: a machine learning approach , 2015, International Journal of Legal Medicine.

[130]  Christophe Champod,et al.  Linkages between Biometrics and Forensic Science , 2008 .

[131]  Belhassen Bayar,et al.  A Deep Learning Approach to Universal Image Manipulation Detection Using a New Convolutional Layer , 2016, IH&MMSec.

[132]  P. Angelov,et al.  A fast approach to novelty detection in video streams using recursive density estimation , 2008, 2008 4th International IEEE Conference Intelligent Systems.

[133]  Plamen Angelov,et al.  Applying Computational Intelligence to Community Policing and Forensic Investigations , 2017 .

[134]  Vince D. Calhoun,et al.  Multimodal Data Fusion Using Source Separation: Application to Medical Imaging , 2015, Proceedings of the IEEE.

[135]  Gaston L'Huillier,et al.  SVM-Based Feature Selection and Classification for Email Filtering , 2013 .

[136]  Daniel T. Larose,et al.  Discovering Knowledge in Data: An Introduction to Data Mining , 2005 .

[137]  Jinbo Bi,et al.  Machine learning identification of EEG features predicting working memory performance in schizophrenia and healthy adults , 2016, Neuropsychiatric electrophysiology.

[138]  Plamen P. Angelov,et al.  Evolving local means method for clustering of streaming data , 2012, 2012 IEEE International Conference on Fuzzy Systems.

[139]  Ashish Khare,et al.  Fusion of multimodal medical images using Daubechies complex wavelet transform - A multiresolution approach , 2014, Inf. Fusion.

[140]  Plamen P. Angelov,et al.  Creating Evolving User Behavior Profiles Automatically , 2012, IEEE Transactions on Knowledge and Data Engineering.

[141]  Dimitar Filev,et al.  On-Line Evolution of Takagi-Sugeno Fuzzy Models , 2004, IFAC Proceedings Volumes.

[142]  Nuno Vasconcelos,et al.  Anomaly Detection and Localization in Crowded Scenes , 2014, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[143]  Francesco Palmieri,et al.  A distributed approach to network anomaly detection based on independent component analysis , 2014, Concurr. Comput. Pract. Exp..

[144]  Ana Carolina Lorena,et al.  A systematic review on keystroke dynamics , 2013, Journal of the Brazilian Computer Society.

[145]  Kasturi Dewi Varathan,et al.  Cybercrime detection in online communications: The experimental case of cyberbullying detection in the Twitter network , 2016, Comput. Hum. Behav..