An overview of anomaly detection techniques: Existing solutions and latest technological trends

Patcha, Animesh; Park, Jung‐Min

doi:10.1016/j.comnet.2007.02.001

Cited by 1,201 publications

(618 citation statements)

References 39 publications

Supporting

Mentioning

591

Contrasting

Unclassified

Order By: Relevance

“…An overview of various detection techniques presented in [24] shows deviations from the norm through mean functions hitting a threshold and hence indicating a suspicious activity. Additionally, pattern matching is a process were common structure is found to compare and group against.…”

Section: B Threat Detection and Predictionmentioning

confidence: 99%

Proactive Threat Detection for Connected Cars Using Recursive Bayesian Estimation

et al. 2018

View full text Add to dashboard Cite

Abstract-Upcoming disruptive technologies around autonomous driving of connected cars have not yet been matched with appropriate security by design principles and lack approaches to incorporate proactive preventative measures in the wake of increased cyber-threats against such systems. In this paper, we introduce proactive anomaly detection to a use-case of hijacked connected cars to improve cyber-resilience. Firstly, we manifest the opportunity of behavioural profiling for connected cars from recent literature covering related underpinning technologies. Then, we design and utilise a new dataset file for connected cars influenced by the Automatic Dependent Surveillance -Broadcast (ADS-B) surveillance technology used in the aerospace industry to facilitate data collection and sharing. Finally, we simulate the analysis of travel routes in real-time to predict anomalies using predictive modelling. Simulations show the applicability of a Bayesian estimation technique, namely Kalman Filter. With the analysis of future state predictions based on the previous behaviour, cyber-threats can be addressed with a vastly increased time-window for a reaction when encountering anomalies. We discuss that detecting real-time deviations for malicious intent with predictive profiling and behavioural algorithms can be superior in effectiveness than the retrospective comparison of known-good/known-bad behaviour. When quicker action can be taken while connected cars encounter cyber-attacks, more effective engagement or interception of command and control will be achieved.

show abstract

Section: B Threat Detection and Predictionmentioning

confidence: 99%

Proactive Threat Detection for Connected Cars Using Recursive Bayesian Estimation

et al. 2018

View full text Add to dashboard Cite

show abstract

“…Obviously, outlier detection is closely related to the process of sensor data cleaning. The outlier-detection techniques are well-categorized in the survey studies of [51,8].…”

Section: Outlier Detection Modelsmentioning

confidence: 99%

A Survey of Model-based Sensor Data Acquisition and Management

Sathe

Papaioannou

Jeung³

et al. 2012

Managing and Mining Sensor Data

View full text Add to dashboard Cite

In recent years, due to the proliferation of sensor networks, there has been a genuine need of researching techniques for sensor data acquisition and management. To this end, a large number of techniques have emerged that advocate model-based sensor data acquisition and management. These techniques use mathematical models for performing various, day-to-day tasks involved in managing sensor data. In this chapter, we survey the state-of-the-art techniques for model-based sensor data acquisition and management. We start by discussing the techniques for acquiring sensor data. We, then, discuss the application of models in sensor data cleaning; followed by a discussion on model-based meth-

show abstract

“…Several surveys have been published detailing the different methods developed for anomaly detection [2][3][4][5]. For instance, Garcia-Teodoro et al [3] describe anomaly detection as "one-class classification" where the training data are used to build a model of "normal" data.…”

Section: Introduction mentioning

confidence: 99%

Detecting Anomalies in Irregular Data Using K-means Clustered Signal Dictionary

Reyes¹,

Chandra²,

Le³

et al. 2016

CTA

View full text Add to dashboard Cite

Abstract:The critical nature of satellite network traffic provides a challenging environment to detect intrusions. The intrusion detection method presented aims to raise an alert whenever satellite network signals begin to exhibit anomalous patterns determined by Euclidian distance metric. In line with anomaly-based intrusion detection systems, the method presented relies heavily on building a model of "normal" through the creation of a signal dictionary using windowing and k-means clustering. The results of three signals from our case study are discussed to highlight the benefits and drawbacks of the method presented. Our preliminary results demonstrate that the clustering technique used has great potential for intrusion detection for non-periodic satellite network signals.

show abstract

An overview of anomaly detection techniques: Existing solutions and latest technological trends

Cited by 1,201 publications

References 39 publications

Proactive Threat Detection for Connected Cars Using Recursive Bayesian Estimation

Proactive Threat Detection for Connected Cars Using Recursive Bayesian Estimation

A Survey of Model-based Sensor Data Acquisition and Management

Detecting Anomalies in Irregular Data Using K-means Clustered Signal Dictionary

Contact Info

Product

Resources

About