|
|
 |
|
IEEE
Computational Intelligence Society
Ottawa
Chapter
|
|
|
|
Next Meetings/Events
Date |
Wednesday November 23, 2011 |
Time |
9:30-11:30 (EDT) |
Location |
Building M-50, NRC Auditorium, 1200 Montreal Road |
Title |
Anomaly Detection in Wireless Sensor Networks: Visual Assessment and Clustering in Environmental Monitoring Systems |
Speaker |
|
| |
Retired |
| |
Milton, FL, USA
|
| |
|
Abstract
A. General information about wireless sensor networks (WSNs). There are four categories of
network anomalies: isolated and epoch anomalies are aberrant behavior internal to a single
node; second order anomalies are atypical behavior of an entire node; and higher order
anomalies are one or more subtrees of nodes in the network that exhibit anomalous behavior.
We discuss two types of models to detect anomalies; DCAD models that use data capture by
level sets of elliptical summaries; and ESAD models that rely on visual assessment of elliptical
summaries, with detection based on single linkage clustering.
B. We define and illustrate three (DCAD) models that use data capture by level sets of
ellipsoids having effective radii chosen with differing assumptions (viz., % of points captured,
% of points within k standard deviations from the mean, and % of points captured based on
the chi-squared distribution. Examples are given using real WSN data from the Intel Berkeley
Research Lab (IBRL).
C. The ESAD models use visual assessment of elliptical summaries for anomaly detection.
These models begin with four measures of similarity on sets of ellipsoids, namely compound
normalized, transformation energy, Bhattacharya distance and focal dissimilarity. We define
the four measures and compare them with some simple two-dimensional examples that reveal
some surprising differences between human and mathematical assessment of elliptical
similarities.
D. The similarities in C easily become dissimilarities, so we can apply visual assessment
techniques (the recursive iVAT method of talk R1.C) to images of the (dis)similarity data.
These images enable us to assess cluster tendency amongst the set of ellipsoids, and estimate
the number of clusters (of elliptical summaries) in the data.
E. We show that these images are capable of detecting each of the anomalous behaviors
defined in A with numerical examples using both real WSN and artificial data. The real data
include the IBRL network, the Great Barrier Reef Ocean Observation System, and the Grand
St. Bernard network for wind monitoring in a mountain pass on the border between France and
Switzerland. Our model reliable detects first and second order anomalies in each of the three
real data sets that are caused by Cyclone Hamish and node drift. These examples illustrate
the real effectiveness of the ESAD model for detecting unusual events in environmental
monitoring networks. |
| |
Speaker Bio
Jim received the PhD in Applied
Mathematics from Cornell University in
1973. Jim is past president of NAFIPS
(North American Fuzzy Information
Processing Society), IFSA (International
Fuzzy Systems Association) and the IEEE
CIS (Computational Intelligence Society):
founding editor the Int'l. Jo. Approximate
Reasoning and the IEEE Transactions on
Fuzzy Systems: Life fellow of the IEEE
and IFSA; and a recipient of the IEEE 3rd
Millennium, IEEE CIS Fuzzy Systems
Pioneer, and IEEE technical field award
Rosenblatt medals. Jim's interests:
woodworking, optimization, motorcycles,
pattern recognition, cigars, clustering in
very large data, fishing, co-clustering,
blues music, wireless sensor networks,
poker and visual clustering. Jim retired in
2007, and will be coming to a university
near you soon.
|
|
|
|
