Subscribe
Issue No.08 - Aug. (2013 vol.24)
pp: 1661-1670
Miao Xie , Curtin University, Perth
Jiankun Hu , University of New South Wales at the Australian Defence Force Academy, Canberra
Song Han , Curtin University, Perth
Hsiao-Hwa Chen , National Cheng Kung University, Tainan City
ABSTRACT
Online anomaly detection (AD) is an important technique for monitoring wireless sensor networks (WSNs), which protects WSNs from cyberattacks and random faults. As a scalable and parameter-free unsupervised AD technique, $(k)$-nearest neighbor (kNN) algorithm has attracted a lot of attention for its applications in computer networks and WSNs. However, the nature of lazy-learning makes the kNN-based AD schemes difficult to be used in an online manner, especially when communication cost is constrained. In this paper, a new kNN-based AD scheme based on hypergrid intuition is proposed for WSN applications to overcome the lazy-learning problem. Through redefining anomaly from a hypersphere detection region (DR) to a hypercube DR, the computational complexity is reduced significantly. At the same time, an attached coefficient is used to convert a hypergrid structure into a positive coordinate space in order to retain the redundancy for online update and tailor for bit operation. In addition, distributed computing is taken into account, and position of the hypercube is encoded by a few bits only using the bit operation. As a result, the new scheme is able to work successfully in any environment without human interventions. Finally, the experiments with a real WSN data set demonstrate that the proposed scheme is effective and robust.
INDEX TERMS
Wireless sensor networks, Training data, Monitoring, Real time systems, Detectors, Encoding, Complexity theory, distributed computing, Wireless sensor networks, Training data, Monitoring, Real time systems, Detectors, Encoding, Complexity theory, parameter selection, Wireless sensor network, k-nearest neighbor, anomaly detection
CITATION
Miao Xie, Jiankun Hu, Song Han, Hsiao-Hwa Chen, "Scalable Hypergrid k-NN-Based Online Anomaly Detection in Wireless Sensor Networks", IEEE Transactions on Parallel & Distributed Systems, vol.24, no. 8, pp. 1661-1670, Aug. 2013, doi:10.1109/TPDS.2012.261
REFERENCES
 [1] K. Ioannis, T. Dimitriou, and F.C. Freiling, "Towards Intrusion Detection in Wireless Sensor Networks," Proc. 13th European Wireless Conf., Apr. 2007. [2] V. Chandola, A. Banerjee, and V. Kumar, "Anomaly Detection: A Survey," ACM Computing Surveys, vol. 41, no. 3,article 15, July 2009. [3] V.J. Hodge and J. Justin, "A Survey of Outlier Detection Methodologies," Artificial Intelligence Rev., vol. 22, no. 2, pp. 85-126, 2004. [4] Y. Zhang, N. Meratnia, and P. Havinga, "Outlier Detection Techniques for Wireless Sensor Networks: A Survey," IEEE Comm. Surveys & Tutorials, vol. 12, no. 2, pp. 159-170, Second Quarter 2010. [5] I.F. Akyildiz, M.C. Vuran, and A.B. Akan, "On Exploiting Spatial and Temporal Correlation in Wireless Sensor Networks," Proc. Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks, pp. 71-80, 2004. [6] I.F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, "Wireless Sensor Networks: A Survey," Computer Networks, vol. 38, no. 4, pp. 393-422, Mar. 2002. [7] V. Raghunathan, C. Schurgers, S. Park, and M.B. Srivastava, "Energy-Aware Wireless Microsensor Networks," IEEE Signal Processing Magazine, vol. 19, no. 2, pp. 40-50, Mar. 2002. [8] M. Xie, S. Han, B. Tian, and S. Parvin, "Anomaly Detection in Wireless Sensor Networks: A Survey," J. Network and Computer Applications, vol. 34, no. 4, pp. 1302-1325, Jul. 2011. [9] A.P.R.d. Silva, M.H. Martins, B.P. Rocha, A.A. Loureiro, L.B. Ruiz, and H.C. Wong, "Decentralized Intrusion Detection in Wireless Sensor Networks," Proc. First ACM Int'l Workshop Quality of Service and Security in Wireless and Mobile Networks, 2005. [10] S. Rajasegarar, C. Leckie, J.C. Bezdek, and M. Palaniswami, "Centered Hyperspherical and Hyperellipsoidal One-Class Support Vector Machines for Anomaly Detection in Sensor Networks," IEEE Trans. Information Forensics and Security, vol. 5, no. 3, pp. 518-533, Sept. 2010. [11] S. Rajasegarar, C. Leckie, M. Palaniswami, and J.C. Bezdek, "Quarter Sphere Based Distributed Anomaly Detection in Wireless Sensor Networks," Proc. IEEE Int'l Conf. Comm., pp. 3864-3869, June 2007. [12] Y. Zhang, N. Meratnia, and P. Havinga, "Adaptive and Online Oneclass Support Vector Machine-Based Outlier Detection Techniques for Wireless Sensor Networks," Proc. IEEE 23rd Int'l Conf. Advanced Information Networking and Applications Workshops, pp. 990-995, May 2009. [13] S. Rajasegarar, C. Leckie, M. Palaniswami, and J.C. Bezdek, "Distributed Anomaly Detection in Wireless Sensor Networks," Proc. IEEE 10th Singapore Int'l Conf. Comm. Systems, pp. 1-5, Oct. 2006. [14] C.E. Loo, M.Y. Ng, C. Leckie, and M. Palaniswami, "Intrusion Detection for Routing Attacks in Sensor Networks," Int'l J. Distributed Sensor Networks, vol. 2, no. 4, pp. 313-332, 2006. [15] F. Liu, X. Cheng, and D. Chen, "Insider Attacker Detection in Wireless Sensor Networks," Proc. IEEE 26th Int'l Conf. Computer Comm., pp. 1937-1945, May 2007. [16] T. Palpanas, D. Papadopoulos, V. Kalogeraki, and D. Gunopulos, "Distributed Deviation Detection in Sensor Networks," SIGMOD Record, vol. 32, no. 4, pp. 77-82, Dec. 2003. [17] S. Subramaniam, T. Palpanas, D. Papadopoulos, V. Kalogeraki, and D. Gunopulos, "Online Outlier Detection in Sensor Data Using Non-Parametric Models," Proc. 32nd Int'l Conf. Very Large Data Bases, Sept. 2006. [18] G.H. Orair, C.H.C. Teixeira, W. MeiraJr., Y. Wang, and S. Parthasarathy, "Distance-Based Outlier Detection: Consolidation and Renewed Bearing," Proc. VLDB Endowment, vol. 3, no. 1/2, pp. 1469-1480, Sept. 2010. [19] M.M. Breunig, H.-P. Kriegel, R.T. Ng, and J. Sander, "LOF: Identifying Density-Based Local Outliers," Proc. ACM SIGMOD Int'l Conf. Management of Data, 2000. [20] J. Tang, Z. Chen, A.W.-c. Fu, and D.W. Cheung, "Enhancing Effectiveness of Outlier Detections for Low Density Patterns," Proc. Pacific-Asia Conf. Knowledge Discovery and Data Mining, pp. 535-548, 2002. [21] S. Ramaswamy, R. Rastogi, and K. Shim, "Efficient Algorithms for Mining Outliers from Large Data Sets," ACM SIGMOD Record, vol. 29, no. 2, pp. 427-438, June 2000. [22] M.J. Prerau and E. Eskin, "Unsupervised Anomaly Detection Using an Optimized K-Nearest Neighbors Algorithm," PhD dissertation, Dec. 2000. [23] M. Wu and C. Jermaine, "Outlier Detection by Sampling with Accuracy Guarantees," Proc. 12th ACM SIGKDD Int'l Conf. Knowledge Discovery and Data Mining, Aug. 2006. [24] J. Branch, B. Szymanski, C. Giannella, R. Wolff, and H. Kargupta, "In-Network Outlier Detection in Wireless Sensor Networks," Proc. IEEE 26th Int'l Conf. Distributed Computing Systems, 2006. [25] K. Zhang, S. Shi, H. Gao, and J. Li, "Unsupervised Outlier Detection in Sensor Networks Using Aggregation Tree," Proc. Third Int'l Conf. Advanced Data Mining and Applications, 2007. [26] M.-Y. Su, "Real-Time Anomaly Detection Systems for Denial-of-Service Attacks by Weighted K-Nearest-Neighbor Classifiers," Expert Systems with Applications, vol. 38, no. 4, pp. 3492-3498, Apr. 2011. [27] C.-F. Tsai and C.-Y. Lin, "A Triangle Area Based Nearest Neighbors Approach to Intrusion Detection," Pattern Recognition, vol. 43, no. 1, pp. 222-229, Jan. 2010. [28] E.M. Knorr, R.T. Ng, and V. Tucakov, "Distance-Based Outliers: Algorithms and Applications," The Int'l J. Very Large Data Bases, vol. 8, no. 3/4, pp. 237-253, Feb. 2000. [29] I. Onat and A. Miri, "An Intrusion Detection System for Wireless Sensor Networks," Proc. IEEE Int'l Conf. Wireless and Mobile Computing, Networking and Comm., vol. 3, pp. 253-259, Aug. 2005. [30] D.W. Scott, Multivariate Density Estimation: Theory, Practice, and Visualization. John Wiley & Sons, 1992.