TY - GEN
T1 - IntruMine
T2 - 12th SIAM International Conference on Data Mining, SDM 2012
AU - Tang, Lu An
AU - Gu, Quanquan
AU - Yu, Xiao
AU - Han, Jiawei
AU - La Porta, Thomas
AU - Leung, Alice
AU - Abdelzaher, Tarek
AU - Kaplan, Lance
PY - 2012
Y1 - 2012
N2 - A Cyber-Physical System (CPS) integrates physical (i.e., sensor) devices with cyber (i.e., informational) components to form a situation-aware system that re- sponds intelligently to dynamic changes in real-world. It has wide application to scenarios of traffic control, en- vironment monitoring and battlefield surveillance. This study investigates the specific problem of intruder min- ing in CPS: With a large number of sensors deployed in a designated area, the task is real time detection of intruders who enter the area, based on untrustworthy data. We propose a method called IntruMine to detect and verify the intruders. IntruMine constructs monitor- ing graphs to model the relationships between sensors and possible intruders, and computes the position and energy of each intruder with the link information from these monitoring graphs. Finally, a confidence rating is calculated for each potential detection, reducing false positives in the results. IntruMine is a generalized ap- proach. Two classical methods of intruder detection can be seen as special cases of IntruMine under certain con- ditions. We conduct extensive experiments to evaluate the performance of IntruMine on both synthetic and real datasets and the experimental results show that IntruMine has better effectiveness and e±ciency than existing methods.
AB - A Cyber-Physical System (CPS) integrates physical (i.e., sensor) devices with cyber (i.e., informational) components to form a situation-aware system that re- sponds intelligently to dynamic changes in real-world. It has wide application to scenarios of traffic control, en- vironment monitoring and battlefield surveillance. This study investigates the specific problem of intruder min- ing in CPS: With a large number of sensors deployed in a designated area, the task is real time detection of intruders who enter the area, based on untrustworthy data. We propose a method called IntruMine to detect and verify the intruders. IntruMine constructs monitor- ing graphs to model the relationships between sensors and possible intruders, and computes the position and energy of each intruder with the link information from these monitoring graphs. Finally, a confidence rating is calculated for each potential detection, reducing false positives in the results. IntruMine is a generalized ap- proach. Two classical methods of intruder detection can be seen as special cases of IntruMine under certain con- ditions. We conduct extensive experiments to evaluate the performance of IntruMine on both synthetic and real datasets and the experimental results show that IntruMine has better effectiveness and e±ciency than existing methods.
UR - http://www.scopus.com/inward/record.url?scp=84862271526&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84862271526&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84862271526
SN - 9781611972320
T3 - Proceedings of the 12th SIAM International Conference on Data Mining, SDM 2012
SP - 600
EP - 611
BT - Proceedings of the 12th SIAM International Conference on Data Mining, SDM 2012
Y2 - 26 April 2012 through 28 April 2012
ER -