Abstract
Anomaly detection is important for the correct functioning of wireless sensor networks. Recent studies have shown that node mobility along with spatial correlation of the monitored phenomenon in sensor networks can lead to observation data that have long range dependency, which could significantly increase the difficulty of anomaly detection. In this article, we develop an anomaly detection scheme based on multiscale analysis of the long-range dependent traffic to address this challenge. In this proposed detection scheme, the discrete wavelet transform is used to approximately de-correlate the traffic data and capture data characteristics in different timescales. The remaining dependencies are then captured by a multilevel hidden Markov model in the wavelet domain. To estimate the model parameters, we develop an online discounting expectation maximization (EM) algorithm, which also tracks variations of the estimated models over time. Network anomalies are detected as abrupt changes in the tracked model variation scores. Statistical properties of our detection scheme are evaluated numerically using long-range dependent time series. We also evaluate our detection scheme in malicious scenarios simulated using the NS-2 network simulator.
Submitted Version (
Free)
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call