Abstract
Ever-more ubiquitous embedded systems provide us with large amounts of data. Performing analysis close to the data source allows for data reduction while giving information when unexpected behavior (i.e. \emph{anomalies} in the system under observation) occurs. This work presents a novel approach to online anomaly detection, based on an ensemble of classifiers that can be executed on distributed embedded systems.
We consider both single and multi-dimensional input classifiers that are based on prediction errors. Predictions of single-dimensional time series input come from either a linear function model or general statistics over a data window. Multi-dimensional input stems from current and historical sensor values as well as predictions.
We combine the classifier outputs in the ensemble using a heuristic method and Fisher's combined probability test.
The proposed framework is tested thoroughly using synthetic and real-world data. The results are compared to known methods for anomaly detection on limited-resource systems. While individual classifiers perform comparably to known methods, our results show that using an ensemble of classifiers increases the overall detection of anomalies considerably.
Original language | English |
---|---|
Title of host publication | 2014 IEEE International Conference on Data Mining Workshop (ICDMW), December 14, 2014, Shenzhen, China |
Place of Publication | Piscataway |
Publisher | Institute of Electrical and Electronics Engineers |
Pages | 525-532 |
ISBN (Print) | 978-1-4799-4274-9/14 |
DOIs | |
Publication status | Published - 2014 |