DepCoS-RELCOMEX 2017: Advances in Dependability Engineering of Complex Systems pp 151-165 | Cite as
Context-Aware Anomaly Detection in Embedded Systems
Abstract
To meet the reliability of embedded systems, fault-tolerant methods are widely used. The first step in many of these methods is detecting faults and anomaly detection is often the primary technique which leads to early indication of faults. In the context of embedded systems, some anomaly detection methods are available however; none of them are adaptable to dynamic environments. All of the previous works attempt to provide anomaly detection systems without considering the context of the data. Contextual anomalies, also referred to as conditional anomalies, have different behavior in different contexts. The purpose of designing a context-aware anomaly detection mechanism is to provide the capability of detecting anomalies while the system’s environment changes. In this paper, a method for detecting anomalies is proposed which adapts itself to the changes in dynamic environments during detection phase. This method first gives the context of a small window in a data flow and then loads corresponding configuration to the anomaly detector. The results have shown an average of 68.83% of true positive rate and 11.41% of false alarm rate.
Keywords
Anomaly Context-aware anomaly detection Categorical data Dependability Embedded systemsReferences
- 1.Budalakoti, S., Srivastava, A.N., Otey, M.E.: Anomaly detection and diagnosis algorithms for discrete symbol sequences with applications to airline safety. IEEE Trans. Syst. Man Cybern. Part C Appl. Rev. 39, 101–113 (2009)CrossRefGoogle Scholar
- 2.Maxion, R., Tan, K.: Anomaly detection in embedded systems. IEEE Trans. Comput. 51, 108–120 (2002)CrossRefGoogle Scholar
- 3.Chandola, V.: Anomaly detection for symbolic sequences and time series data, University of Minnesota (2009)Google Scholar
- 4.Margineantu, D., Bay, S., Chan, P., Lane, T.: Data mining methods for anomaly detection kdd-2005 workshop report. ACM SIGKDD Explor. Newslett. 7, 132–136 (2005)CrossRefGoogle Scholar
- 5.Hancock, E., Pelillo, M.: Similarity-Based Pattern Recognition. Springer, Heidelberg (2011)MATHGoogle Scholar
- 6.Maxion, R., Feather, F.E.: A case study of ethernet anomalies in a distributed computing environment. IEEE Trans. Reliab. 39, 433–443 (1990)CrossRefGoogle Scholar
- 7.McCluskey, A., Lalkhen, A.G.: Statistics I: data and correlations. Continuing Educ. Anaesth. Crit. Care Pain 7, 95–99 (2007)CrossRefGoogle Scholar
- 8.Akoglu, L., Tong, H., Vreeken, J., Faloutsos, C.: Fast and reliable anomaly detection in categorical data. In: Proceedings of the 21st ACM International Conference on Information and Knowledge Management, pp. 415–424 (2012)Google Scholar
- 9.Hayes, M.A., Capretz, M.A.: Contextual anomaly detection framework for big sensor data. J. Big Data 2, 1–22 (2015)CrossRefGoogle Scholar
- 10.Jiang, Y., Zeng, C., Xu, J., Li, T.: Real time contextual collective anomaly detection over multiple data streams. In: Proceedings of the ODD, pp. 23–30 (2014)Google Scholar
- 11.Janakiram, D., Adi Mallikarjuna Reddy, V.: Outlier detection in wireless sensor networks using Bayesian belief networks. In: First International Conference on Communication System Software and Middleware, pp. 1–6 (2006)Google Scholar
- 12.Srivastava, A.N.: Discovering system health anomalies using data mining techniques. In: Proceedings of Joint Army Navy NASA Airforce Conference on Propulsion (2005)Google Scholar
- 13.Warrender, C., Forrest, S., Pearlmutter, B.: Detecting intrusions using system calls: alternative data models. In: Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 133–145 (1999)Google Scholar
- 14.Zandrahimi, M., Zarandi, H.R., Mottaghi, M.H.: Two effective methods to detect anomalies in embedded systems. Microelectron. J. 43, 77–87 (2012)CrossRefGoogle Scholar