Abstract
In this paper, we propose a framework for processing and analysing large-scale spatio-temporal data that uses a battery of machine learning methods based on a meta-data representation of point patterns. Existing spatio-temporal analysis methods do not include a specific mechanism for analysing meta-data (point pattern information). In this work, we extend a spatial point pattern analysis method (the Morisita index) with meta-data analysis, which includes anomaly behaviour detection and unsupervised learning to support spatio-temporal data analysis and demonstrate its practical use. The resulting framework is robust and has the capability to detect anomalies among large-scale spatio-temporal data using meta-data based on point pattern analysis. It returns visualized reports to end users.
Highlights
Detection for analysing spatio-temporal data remains a rapidly growing problem in the wake of an ever-increasing number of advanced sensors that are continuously generating large-scale datasets
We propose a framework to store and process large-scale spatio-temporal data over a “metadata based point pattern” infrastructure, while providing users with a metadata analysis that hides the details of large-scale spatio-temporal data and provides them with a front-end interface that allows them to run a variety of security checks including outlier detection for a single subject, anomaly group detection, anomaly behavior detection and anomaly event detection
We explore tracking data by investigating the spatio-temporal patterns of taxi drivers and twitter users
Summary
Detection for analysing spatio-temporal data remains a rapidly growing problem in the wake of an ever-increasing number of advanced sensors that are continuously generating large-scale datasets. Vehicle GPS tracking, social media, financial network and router logs, and high resolution surveillance cameras all generate a huge amount of spatio-temporal data. This technology is important in the context of cyber security since cyber data carries with it an IP address which can map to a specific geolocation and a timestamp. Current cybersecurity approaches are not able to process this kind of information effectively To illustrate this deficiency, consider the scenario of a distributed denial-of-service (DDoS) attack in which the network packets may come from different IP addresses with sparse locations. Extracting exact patterns from geospatial data is more complicated than doing so with ordinary data sets because of the nature of geospatial data sources and their associated data structures, which refers to the two or three dimensional data structure
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
