Multi-source anomaly detection

Details

Event Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications(JoWUA)

Authors

Hoda Eldardiry
Technical Publications
June 6th 2014
We present robust anomaly detection in multi-dimensional data. We describe information fusion across multiple levels in a layered architecture to ensure accurate and reliable detection of anomalies from heterogeneous data. We consider the problem of detecting anomalous entities (e.g., people) from observation data (e.g., activities) gathered from multiple contexts or information sources over time. We propose two anomaly detection methods. The rst method seeks to identify anomalous behavior that blends within each information source but is inconsistent across sources. A supervised learning approach detects the blend-in anomalies manifested as across-information source inconsistencies. The second method identies unusual changes in behavior over time using a Markov model approach. Finally, we present a fusion approach that integrates evidence from both methods to improve the accuracy and robustness of the anomaly detection system. We illustrate the performance of our proposed approaches on an insider threat detection problem using a real-world work-practice data set.

Citation

Eldardiry, H.; Kumar, S.; Liu, J. J.; Hanley, J.; Price, R.; Brdiczka, O.; Bart, E. Multi-source anomaly detection. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications(JoWUA).

Additional information

Focus Areas

Our work is centered around a series of Focus Areas that we believe are the future of science and technology.

FIND OUT MORE
Licensing & Commercialization Opportunities

We’re continually developing new technologies, many of which are available for¬†Commercialization.

FIND OUT MORE
News

PARC scientists and staffers are active members and contributors to the science and technology communities.

FIND OUT MORE