论文信息 - Improving Satellite Security Through Incremental Anomaly Detection on Large, Static Datasets

Improving Satellite Security Through Incremental Anomaly Detection on Large, Static Datasets

Anomaly detection is a widely used technique to detect system intrusions. Anomaly detection in Intrusion Detection and Prevent Systems (IDPS) works by establishing a baseline of normal behavior and classifying points that are at a farther distance away as outliers. The result is an “anomaly score”, or how much a point is an outlier. Recent work has been performed which has examined use of anomaly detection in data streams [1]. We propose a new incremental anomaly detection algorithm which is up to 57,000x faster than the non-incremental version while slightly sacrificing the accuracy of results. We conclude that our method is suitable for incremental outlier detection on static datasets on low-resource machines such as satellites. Implementation

[1] Hans-Peter Kriegel,et al. LoOP: local outlier probabilities , 2009, CIKM.

[2] VARUN CHANDOLA,et al. Anomaly detection: A survey , 2009, CSUR.

[3] Jason Fritz. Satellite hacking: A guide for the perplexed , 2013 .

[4] Aleksandar Lazarevic,et al. Incremental Connectivity-Based Outlier Factor Algorithm , 2008, BCS Int. Acad. Conf..