Detecting Anomalies over Message Streams in Railway Communication Systems

This work focuses on the detection of anomalies in a railway communication system. We present the detection method as well as the architecture of the system supporting it. The method is based on two preliminary stages to collect and aggregate the data. It then combines the use of a multidimensional indexation tree (i.e., iSax tree) to store time series, and the computation of an anomaly detection score (i.e., CFOF score). The information stored in the indexation tree enables a fast estimation of the anomaly score, that can therefore be computed on the fly over the stream of messages in the communication system. We show by mean of experiments that this estimation is close to the exact score. We describe the platform that has been implemented, and we show that it is effective to support abnormal behaviour detection in the real stream of messages within the communication system of the French Railway Company (SNCF).

[1]  Raymond T. Ng,et al.  Algorithms for Mining Distance-Based Outliers in Large Datasets , 1998, VLDB.

[2]  Zhi-Hua Zhou,et al.  Isolation Forest , 2008, 2008 Eighth IEEE International Conference on Data Mining.

[3]  Rubel Biswas,et al.  Automatic detection of defective rail anchors , 2014, 17th International IEEE Conference on Intelligent Transportation Systems (ITSC).

[4]  Fan Zhang,et al.  Detecting illegal pickups of intercity buses from their GPS traces , 2014, 17th International IEEE Conference on Intelligent Transportation Systems (ITSC).

[5]  Eamonn J. Keogh,et al.  iSAX: indexing and mining terabyte sized time series , 2008, KDD.

[6]  Andrew H. Sung,et al.  Intrusion detection using neural networks and support vector machines , 2002, Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No.02CH37290).

[7]  M. Abràmoff,et al.  Improved Automated Detection of Diabetic Retinopathy on a Publicly Available Dataset Through Integration of Deep Learning. , 2016, Investigative ophthalmology & visual science.

[8]  Sangkyum Kim,et al.  ROAM: Rule- and Motif-Based Anomaly Detection in Massive Moving Object Data Sets , 2007, SDM.

[9]  Alfredo Núñez,et al.  Monitoring the railway infrastructure: Detection of surface defects using wavelets , 2013, 16th International IEEE Conference on Intelligent Transportation Systems (ITSC 2013).

[10]  A. Madansky Identification of Outliers , 1988 .

[11]  Hans-Peter Kriegel,et al.  LOF: identifying density-based local outliers , 2000, SIGMOD '00.

[12]  Eamonn J. Keogh,et al.  iSAX: disk-aware mining and indexing of massive time series datasets , 2009, Data Mining and Knowledge Discovery.

[13]  Fabrizio Angiulli,et al.  Concentration Free Outlier Detection , 2017, ECML/PKDD.

[14]  Vipin Kumar,et al.  Anomaly Detection for Discrete Sequences: A Survey , 2012, IEEE Transactions on Knowledge and Data Engineering.

[15]  Charu C. Aggarwal,et al.  Outlier Analysis , 2013, Springer New York.

[16]  Thomas J. Veasey,et al.  Anomaly Detection in Application Performance Monitoring Data , 2014 .

[17]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.