Distributed Anomaly Detection Systems for M2M Applications

PI:Prof. Yuh-Jye Lee

Co-PI:Prof. Hsing-Kuo Kenneth Pao

 

Overview

M2M networks have been extensively used in many applications. Embedding a good anomaly detection mechanism for the protection of an M2M network application has drawn attentions from researchers in related fields. The various anomalies in M2M applications might be caused by sensor malfunction, sensor fault, compromised sensors, or signs of possible attacks on the sensors or on the communication channels. An anomaly detection mechanism is important to monitor whether or not the sensors are working properly and enhance the streaming data quality that is fed in by sensors. Furthermore, one would expect a useful anomaly detector to identify potential anomalies quickly or in real-time. This is the primary research challenge to enable anomaly detection in M2M networks.

 

Challenges

1.Correctly profile “normal” behaviors, and define and identify “clean” data.

2.Distinguish the noise data and anomalies especially when the data are collected in harsh environment.

3.Detect contextual anomaly and understand the spatial and temporal dependency of sensor data.

4.Build a lightweight anomaly detector under resource constraints, such as CPU, memory storage and battery limitation.

5.Collect the data by the front-end detectors in a distributed fashion.

6.In-time anomaly detection to enable real-time response, so that service availability is maintained.

7.Customization of anomaly detector under different environments.

8.Understand evolution of the anomaly/normal behavior over time and detect anomalies in an adversarial environment

 

Goals

The goal of this project is to build an anomaly detection system for M2M applications. The system consists of a rich set of detection algorithms that are suitable for various M2M applications. The tasks of this project are as follows.

•Build a general framework of anomaly detection system for M2M applications

•Complete an anomaly detection toolbox

•Develop an SOP of anomaly detection mechanism for a new M2M network application