Incremental Anomaly Detection Approach for Characterizing Unusual Profiles
- 805 Downloads
The detection of unusual profiles or anomalous behavioral characteristics from sensor data is especially complicated in security applications where the threat indicators may or may not be known in advance. Predictive modeling of massive volumes of historical data can yield insights on usual or baseline profiles, which in turn can be utilized to isolate unusual profiles when new data are observed in real-time. Thus, an incremental anomaly detection approach is proposed. This is a two-stage approach in which the first stage processes the available historical data and develops statistics that are in turn used by the second stage in characterizing the new incoming data for real-time decisions. The first stage adopts a mixture model of probabilistic principal component analyzers to quantify each historical observation by probabilistic measures. The second stage is a chi-square based anomaly detection approach that utilizes the probabilistic measures obtained in the first stage to determine if the incoming data is an anomaly. The proposed anomaly detection approach performs satisfactorily on simulated and benchmark datasets. The approach is also illustrated in the context of detecting commercial trucks that may pose safety and security risk. It is able to consistently identified trucks with anomalous features in the scenarios investigated.
KeywordsTransportation security radioactive materials incremental knowledge discovery PPCA chi-square statistics
Unable to display preview. Download preview PDF.
- 1.Kouzes, R.T., Ely, J.H., Geelhood, B.D., Hansen, R.R., Lepel, E.A., Schweppe, J.E., Siciliano, E.R., Strom, D.J., Warner, R.A.: Naturally Occurring Radioactive Materials and Medical Isotopes at Border Crossings. In: IEEE Nuclear Science Symposium Conference Record, vol. 2, pp. 1448–1452 (2003)Google Scholar
- 3.Brennan, S.M., Mielke, A.M., Torney, D.C., Maccabe, A.B.: Radiation Detection with Distributed Sensor Networks. IEEE Computer 37(8), 57–59 (2004)Google Scholar
- 5.Geelhood, B.D., Ely, J.H., Hansen, R.R., Kouzes, R.T., Schweppeand, J.E., Warner, R.A.: Overview of Portal Monitoring at Border Crossings. In: IEEE Nuclear Science Symposium Conference Record, vol. 2, pp. 513–517 (2003)Google Scholar
- 6.Valentine, T.E.: Overview of Nuclear Detection Needs for Homeland Security. In: Proceedings of the American Nuclear Society, PHYSOR 2006, Vancouver, BC, Canada, September 10-14 (2006)Google Scholar
- 8.Agovic, A., Banerjee, A., Ganguly, A.R., Protopopescu, V.A.: Anomaly Detection in Transportation Corridors Using Manifold Embedding. In: Proceedings of the 1st International Workshop on Knowledge Discovery from Sensor Data (2007)Google Scholar