Anomaly Detection for Controller Area Network in Braking Control System With Dynamic Ensemble Selection

The controller area networks (CAN) in the braking control system of metro trains are used to transmit the important control instruction and condition information, whose anomaly will endanger the security of trains running seriously. Due to the harsh work environment, there are various known and previously unknown fault types, current scheduled maintenance cannot detect early anomaly in time, and constructing an accurate and stable anomaly detector is a challenging task. In this paper, an anomaly detection approach is proposed to detect anomaly based on a dynamic ensemble selection system (DESS) without the expert knowledge, which involves two-class and one-class classifiers, and the base classifiers are trained with the network features extracted from the physical-layer information. To conduct the fusion, the support function of “distance-based” classifier is redefined as a class-conditional probability density function, and the source competence of base classifier is estimated by the entropy-based method in validate space and extended to entire decision space using the normalized Gaussian potential function. For different fault types, the competence classifiers are selected and the anomaly detection result is finally achieved by weighted majority voting. The comparative experiments are included in this paper to demonstrate the effectiveness and robustness in anomaly detection, including varying fault types.

[1]  Qingfeng Wang,et al.  Health monitoring of controller area network in hybrid excavator based on the message response time , 2014, 2014 IEEE/ASME International Conference on Advanced Intelligent Mechatronics.

[2]  Teuvo Kohonen,et al.  Essentials of the self-organizing map , 2013, Neural Networks.

[3]  Azadeh Faroughi,et al.  CANF: Clustering and anomaly detection method using nearest and farthest neighbor , 2018, Future Gener. Comput. Syst..

[4]  Qing Chang,et al.  Fault Location for the Intermittent Connection Problems on CAN Networks , 2015, IEEE Transactions on Industrial Electronics.

[5]  G. Tutz,et al.  An introduction to recursive partitioning: rationale, application, and characteristics of classification and regression trees, bagging, and random forests. , 2009, Psychological methods.

[6]  Yong Lei,et al.  Controller area network node reliability assessment based on observable node information , 2017, Frontiers of Information Technology & Electronic Engineering.

[7]  Yong Lei,et al.  Fault location identification for localized intermittent connection problems on CAN networks , 2014 .

[8]  Michele Colajanni,et al.  Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms , 2016, 2016 IEEE 2nd International Forum on Research and Technologies for Society and Industry Leveraging a better tomorrow (RTSI).

[9]  Enrico Zio,et al.  Degradation state mining and identification for railway point machines , 2019, Reliab. Eng. Syst. Saf..

[10]  Xiangliang Zhang,et al.  Constructing attribute weights from computer audit data for effective intrusion detection , 2009, J. Syst. Softw..

[11]  Stephan Biller,et al.  DeviceNet network health monitoring using physical layer parameters , 2011, J. Intell. Manuf..

[12]  Philip S. Yu,et al.  Top 10 algorithms in data mining , 2007, Knowledge and Information Systems.

[13]  George D. C. Cavalcanti,et al.  Dynamic classifier selection: Recent advances and perspectives , 2018, Inf. Fusion.

[14]  Xuefeng Yan,et al.  Visual Monitoring of Industrial Operation States Based on Kernel Fisher Vector and Self-organizing Map Networks , 2019, International Journal of Control, Automation and Systems.

[15]  Daniel Curiac,et al.  Ensemble based sensing anomaly detection in wireless sensor networks , 2012, Expert Syst. Appl..

[16]  Christopher Leckie,et al.  High-dimensional and large-scale anomaly detection using a linear one-class SVM with deep learning , 2016, Pattern Recognit..

[17]  Sun Zechang,et al.  Reliability Analysis of CAN nodes under Electromagnetic Interference , 2006, 2006 IEEE International Conference on Vehicular Electronics and Safety.

[18]  Bartlomiej Antosik,et al.  New Measures of Classifier Competence - Heuristics and Application to the Design of Multiple Classifier Systems , 2011, Computer Recognition Systems 4.

[19]  Ludmila I. Kuncheva,et al.  Measures of Diversity in Classifier Ensembles and Their Relationship with the Ensemble Accuracy , 2003, Machine Learning.

[20]  R. Peter Jones,et al.  In-vehicle network level fault diagnostics using fuzzy inference systems , 2011, Appl. Soft Comput..

[21]  Manuel Roveri,et al.  An Ensemble Approach for Cognitive Fault Detection and Isolation in Sensor Networks , 2017, Int. J. Neural Syst..

[22]  Chang Wei,et al.  Outlier Detection in Wireless Sensor Networks Using Model Selection-Based Support Vector Data Descriptions , 2018, Sensors.

[23]  Erik Frisk,et al.  A combined diagnosis system design using model-based and data-driven methods , 2016, 2016 3rd Conference on Control and Fault-Tolerant Systems (SysTol).

[24]  Haiquan Zhao,et al.  Distributed Online One-Class Support Vector Machine for Anomaly Detection Over Networks , 2019, IEEE Transactions on Cybernetics.

[25]  Thomas Nolte,et al.  Integrating reliability and timing analysis of CAN-based systems , 2002, IEEE Trans. Ind. Electron..

[26]  Fabio Roli,et al.  Intrusion detection in computer networks by a modular ensemble of one-class classifiers , 2008, Inf. Fusion.

[27]  Keqin Li,et al.  Sliding Window Optimized Information Entropy Analysis Method for Intrusion Detection on In-Vehicle Networks , 2018, IEEE Access.

[28]  Xiaofeng Zhu,et al.  Efficient kNN Classification With Different Numbers of Nearest Neighbors , 2018, IEEE Transactions on Neural Networks and Learning Systems.

[29]  Yong Lei,et al.  DeviceNet reliability assessment using physical and data link layer parameters , 2010, Qual. Reliab. Eng. Int..

[30]  Hui Song,et al.  Health Evaluation of MVB Based on SVDD and Sample Reduction , 2019, IEEE Access.

[31]  Bogdan Groza,et al.  Efficient Intrusion Detection With Bloom Filtering in Controller Area Networks , 2019, IEEE Transactions on Information Forensics and Security.

[32]  Marek Kurzynski,et al.  A measure of competence based on random classification for dynamic ensemble selection , 2012, Inf. Fusion.

[33]  Enrico Zio,et al.  Identification of the degradation state for condition-based maintenance of insulated gate bipolar transistors: A self-organizing map approach , 2016, Microelectron. Reliab..

[34]  Yong Lei,et al.  Model-Based Detection and Monitoring of the Intermittent Connections for CAN Networks , 2014, IEEE Transactions on Industrial Electronics.

[35]  Ping Wang,et al.  Incorporating unsupervised learning into intrusion detection for wireless sensor networks with structural co-evolvability , 2018, Appl. Soft Comput..

[36]  Bartosz Krawczyk,et al.  Dynamic classifier selection for one-class classification , 2016, Knowl. Based Syst..

[37]  Xiaochun Cheng,et al.  A Distributed Anomaly Detection System for In-Vehicle Network Using HTM , 2018, IEEE Access.

[38]  Bartosz Krawczyk,et al.  Influence of Distance Measures on the Effectiveness of One-Class Classification Ensembles , 2014, Appl. Artif. Intell..

[39]  Dong Hoon Lee,et al.  Identifying ECUs Using Inimitable Characteristics of Signals in Controller Area Networks , 2016, IEEE Transactions on Vehicular Technology.

[40]  Larry D. Hostetler,et al.  Optimization of k nearest neighbor density estimates , 1973, IEEE Trans. Inf. Theory.

[41]  Robert P. W. Duin,et al.  Support vector domain description , 1999, Pattern Recognit. Lett..

[42]  Andreas Theissler,et al.  Detecting known and unknown faults in automotive systems using ensemble-based anomaly detection , 2017, Knowl. Based Syst..