Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
6.8
3.9
Journals
Sensors
Special Issues
Anomaly Detection and Monitoring for Networks and IoT Systems
sensors-logo
Submit to Sensors Review for Sensors Propose a Special Issue

Journal Menu

Journal Menu

Journal Browser

Journal Browser
share announcement

Anomaly Detection and Monitoring for Networks and IoT Systems

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: closed (31 March 2024) | Viewed by 17278

Special Issue Editors

Dr. Jinoh Kim

E-Mail Website
Guest Editor
Department of Computer Science and Information Systems, Texas A&M University-Commerce, Commerce, TX 75428, USA
Interests: systems/network telemetry and analytics; cybersecurity analytics and intelligence; distributed systems; cloud/edge computing; machine learning; big data analytics
Dr. Alexander Sim

E-Mail Website
Guest Editor
Lawrence Berkeley National Laboratory, 1 Cyclotron Road, MS 50B-3238, Berkeley, CA 94720, USA
Interests: autonomic scientific data infrastructure; dynamic resource management; HPC performance modeling; data compression; anomaly detection; machine learning and statistical learning; high-frequency streaming data analysis

Special Issue Information

Dear Colleagues,

It is essential to detect anomalous activities to securing networks and Internet of Things (IoT) systems due to ever-increasing connectivity and malicious groups exploiting various vulnerabilities. There are many critical challenges when it comes to realizing effective monitoring and detection in networks and IoT systems, including detection performance, scalability, quantitative modeling, streaming data support, energy efficiency, communication capabilities, etc. It is also necessary to provide a rich set of functions to support the monitoring process; for example, new logging and measurement techniques may need to be defined in the future with the latest development in communications and storage/archival technologies. In addition, there can be system-/application-specific challenges, which need to be addressed to meet their requirements for the monitoring and detection components.

The purpose of this Special Issue is to highlight the variety of impactful methods and tools designed for fulfilling monitoring and detection functions, as well as to encourage the research community to advance the relevant technologies. We seek contributions with statistical, machine/deep learning, and other data-driven approaches, especially those that demonstrate the significant impact of state-of-the-art algorithms and methodologies.

Dr. Jinoh Kim
Dr. Alexander Sim
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • anomaly detection and monitoring
  • network/system measurement
  • machine/deep learning
  • IoT systems
  • security and reliability

Published Papers (9 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

Jump to: Review

20 pages, 6757 KiB  
Article
GPS-Based Network Synchronization of Wireless Sensors for Extracting Propagation of Disturbance on Structural Systems
by Jesus Ricardo Salazar-Lopez, Jesus Roberto Millan-Almaraz, Jose Ramon Gaxiola-Camacho, Guadalupe Esteban Vazquez-Becerra and Jesus Martin Leal-Graciano
Sensors 2024, 24(1), 199; https://doi.org/10.3390/s24010199 - 29 Dec 2023
Viewed by 736
Abstract
Wireless sensor networks (WSNs) have gained a positive popularity for structural health monitoring (SHM) applications. The underlying reason for using WSNs is the vast number of devices supporting wireless networks available these days. However, some of these devices are expensive. The main objective [...] Read more.
Wireless sensor networks (WSNs) have gained a positive popularity for structural health monitoring (SHM) applications. The underlying reason for using WSNs is the vast number of devices supporting wireless networks available these days. However, some of these devices are expensive. The main objective of this paper is to develop a cost-effective WSN based on low power consumption and long-range radios, which can perform real-time, real-scale acceleration data analyses. Since a detection system for vibration propagation is proposed in this paper, the synchronized monitoring of acceleration data is necessary. To meet this need, a Pulse Per Second (PPS) synchronization method is proposed with the help of GPS (Global Positioning System) receivers, representing an addition to the synchronization method based on real-time clock (RTC). As a result, RTC+PPS is the term used when referring to this method in this paper. In summary, the experiments presented in this research consist in performing specific and synchronized measurements on a full-scale steel I-beam. Finally, it is possible to perform measurements with a synchronization success of 100% in a total of 30 samples, thereby obtaining the propagation of vibrations in the structure under consideration by implementing the RTS+PPS method. Full article
(This article belongs to the Special Issue Anomaly Detection and Monitoring for Networks and IoT Systems)
Show Figures

Figure 1

19 pages, 1599 KiB  
Article
A Data Enhancement Algorithm for DDoS Attacks Using IoT
by Haibin Lv, Yanhui Du, Xing Zhou, Wenkai Ni and Xingbang Ma
Sensors 2023, 23(17), 7496; https://doi.org/10.3390/s23177496 - 29 Aug 2023
Cited by 2 | Viewed by 799
Abstract
With the rapid development of the Internet of Things (IoT), the frequency of attackers using botnets to control IoT devices in order to perform distributed denial-of-service attacks (DDoS) and other cyber attacks on the internet has significantly increased. In the actual attack process, [...] Read more.
With the rapid development of the Internet of Things (IoT), the frequency of attackers using botnets to control IoT devices in order to perform distributed denial-of-service attacks (DDoS) and other cyber attacks on the internet has significantly increased. In the actual attack process, the small percentage of attack packets in IoT leads to low accuracy of intrusion detection. Based on this problem, the paper proposes an oversampling algorithm, KG-SMOTE, based on Gaussian distribution and K-means clustering, which inserts synthetic samples through Gaussian probability distribution, extends the clustering nodes in minority class samples in the same proportion, increases the density of minority class samples, and improves the amount of minority class sample data in order to provide data support for IoT-based DDoS attack detection. Experiments show that the balanced dataset generated by this method effectively improves the intrusion detection accuracy in each category and effectively solves the data imbalance problem. Full article
(This article belongs to the Special Issue Anomaly Detection and Monitoring for Networks and IoT Systems)
Show Figures

Figure 1

17 pages, 6681 KiB  
Article
Leveraging History to Predict Infrequent Abnormal Transfers in Distributed Workflows
by Robin Shao, Alex Sim, Kesheng Wu and Jinoh Kim
Sensors 2023, 23(12), 5485; https://doi.org/10.3390/s23125485 - 10 Jun 2023
Viewed by 858
Abstract
Scientific computing heavily relies on data shared by the community, especially in distributed data-intensive applications. This research focuses on predicting slow connections that create bottlenecks in distributed workflows. In this study, we analyze network traffic logs collected between January 2021 and August 2022 [...] Read more.
Scientific computing heavily relies on data shared by the community, especially in distributed data-intensive applications. This research focuses on predicting slow connections that create bottlenecks in distributed workflows. In this study, we analyze network traffic logs collected between January 2021 and August 2022 at the National Energy Research Scientific Computing Center (NERSC). Based on the observed patterns, we define a set of features primarily based on history for identifying low-performing data transfers. Typically, there are far fewer slow connections on well-maintained networks, which creates difficulty in learning to identify these abnormally slow connections from the normal ones. We devise several stratified sampling techniques to address the class-imbalance challenge and study how they affect the machine learning approaches. Our tests show that a relatively simple technique that undersamples the normal cases to balance the number of samples in two classes (normal and slow) is very effective for model training. This model predicts slow connections with an F1 score of 0.926. Full article
(This article belongs to the Special Issue Anomaly Detection and Monitoring for Networks and IoT Systems)
Show Figures

Figure 1

16 pages, 1368 KiB  
Article
Unsupervised Anomaly Detection for Cars CAN Sensors Time Series Using Small Recurrent and Convolutional Neural Networks
by Yann Cherdo, Benoit Miramond, Alain Pegatoquet and Alain Vallauri
Sensors 2023, 23(11), 5013; https://doi.org/10.3390/s23115013 - 23 May 2023
Cited by 4 | Viewed by 1951
Abstract
Predictive maintenance in the car industry is an active field of research for machine learning and anomaly detection. The capability of cars to produce time series data from sensors is growing as the car industry is heading towards more connected and electric vehicles. [...] Read more.
Predictive maintenance in the car industry is an active field of research for machine learning and anomaly detection. The capability of cars to produce time series data from sensors is growing as the car industry is heading towards more connected and electric vehicles. Unsupervised anomaly detectors are therefore very adapted to process those complex multidimensional time series and highlight abnormal behaviors. We propose to use recurrent and convolutional neural networks based on unsupervised anomaly detectors with simple architectures on real, multidimensional time series generated by the car sensors and extracted from the Controller Area Network bus (CAN). Our method is then evaluated through known specific anomalies. As the computational costs of Machine Learning algorithms are a rising issue regarding embedded scenarios such as car anomaly detection, we also focus on creating anomaly detectors that are as small as possible. Using a state-of-the-art methodology incorporating a time series predictor and a prediction-error-based anomaly detector, we show that we can obtain roughly the same anomaly detection performance with smaller predictors, reducing parameters and calculations by up to 23% and 60%, respectively. Finally, we introduce a method to correlate variables with specific anomalies by using anomaly detector results and labels. Full article
(This article belongs to the Special Issue Anomaly Detection and Monitoring for Networks and IoT Systems)
Show Figures

Figure 1

23 pages, 25892 KiB  
Article
A Multi-Layer Intrusion Detection System for SOME/IP-Based In-Vehicle Network
by Feng Luo, Zhenyu Yang, Zhaojing Zhang, Zitong Wang, Bowen Wang and Mingzhi Wu
Sensors 2023, 23(9), 4376; https://doi.org/10.3390/s23094376 - 28 Apr 2023
Cited by 3 | Viewed by 2358
Abstract
The automotive Ethernet is gradually replacing the traditional controller area network (CAN) as the backbone network of the vehicle. As an essential protocol to solve service-based communication, Scalable service-Oriented MiddlewarE over IP (SOME/IP) is expected to be applied to an in-vehicle network (IVN). [...] Read more.
The automotive Ethernet is gradually replacing the traditional controller area network (CAN) as the backbone network of the vehicle. As an essential protocol to solve service-based communication, Scalable service-Oriented MiddlewarE over IP (SOME/IP) is expected to be applied to an in-vehicle network (IVN). The increasing number of external attack interfaces and the protocol’s vulnerability makes SOME/IP in-vehicle networks vulnerable to intrusion. This paper proposes a multi-layer intrusion detection system (IDS) architecture, including rule-based and artificial intelligence (AI)-based modules. The rule-based module is used to detect the SOME/IP header, SOME/IP-SD message, message interval, and communication process. The AI-based module acts on the payload. We propose a SOME/IP dataset establishment method to evaluate the performance of the proposed multi-layer IDS. Experiments are carried out on a Jetson Xavier NX, showing that the accuracy of AI-based detection reached 99.7761% and that of rule-based detection was 100%. The average detection time per packet is 0.3958 ms with graphics processing unit (GPU) acceleration and 0.6669 ms with only a central processing unit (CPU). After vehicle-level real-time analyses, the proposed IDS can be deployed for distributed or select critical advanced driving assistance system (ADAS) traffic for detection in a centralized layout. Full article
(This article belongs to the Special Issue Anomaly Detection and Monitoring for Networks and IoT Systems)
Show Figures

Figure 1

16 pages, 1277 KiB  
Article
Locating Partial Discharges in Power Transformers with Convolutional Iterative Filtering
by Jonathan Wang, Kesheng Wu, Alex Sim and Seongwook Hwangbo
Sensors 2023, 23(4), 1789; https://doi.org/10.3390/s23041789 - 05 Feb 2023
Cited by 2 | Viewed by 1897
Abstract
The most common source of transformer failure is in the insulation, and the most prevalent warning signal for insulation weakness is partial discharge (PD). Locating the positions of these partial discharges would help repair the transformer to prevent failures. This work investigates algorithms [...] Read more.
The most common source of transformer failure is in the insulation, and the most prevalent warning signal for insulation weakness is partial discharge (PD). Locating the positions of these partial discharges would help repair the transformer to prevent failures. This work investigates algorithms that could be deployed to locate the position of a PD event using data from ultra-high frequency (UHF) sensors inside the transformer. These algorithms typically proceed in two steps: first determining the signal arrival time, and then locating the position based on time differences. This paper reviews available methods for each task and then propose new algorithms: a convolutional iterative filter with thresholding (CIFT) to determine the signal arrival time and a reference table of travel times to resolve the source location. The effectiveness of these algorithms are tested with a set of laboratory-triggered PD events and two sets of simulated PD events inside transformers in production use. Tests show the new approach provides more accurate locations than the best-known data analysis algorithms, and the difference is particularly large, 3.7X, when the signal sources are far from sensors. Full article
(This article belongs to the Special Issue Anomaly Detection and Monitoring for Networks and IoT Systems)
Show Figures

Figure 1

13 pages, 402 KiB  
Article
One-Class Convolutional Neural Networks for Water-Level Anomaly Detection
by Isack Thomas Nicholaus, Jun-Seoung Lee and Dae-Ki Kang
Sensors 2022, 22(22), 8764; https://doi.org/10.3390/s22228764 - 13 Nov 2022
Cited by 1 | Viewed by 1680
Abstract
Companies that own water systems to provide water storage and distribution services always strive to enhance and efficiently distribute water to different places for various purposes. However, these water systems are likely to face problems ranging from leakage to destruction of infrastructures, leading [...] Read more.
Companies that own water systems to provide water storage and distribution services always strive to enhance and efficiently distribute water to different places for various purposes. However, these water systems are likely to face problems ranging from leakage to destruction of infrastructures, leading to economic and life losses. Thus, apprehending the nature of abnormalities that may interrupt or aggravate the service or cause the destruction is at the core of their business model. Normally, companies use sensor networks to monitor these systems and record operational data including any fluctuations in water levels considered abnormalities. Detecting abnormalities allows water companies to enhance the service’s sustainability, quality, and affordability. This study investigates a 2D-CNN-based method for detecting water-level abnormalities as time-series anomaly pattern detection in the One-Class Classification (OCC) problem. Moreover, since abnormal data are usually scarce or unavailable, we explored a cheap method to generate synthetic temporal data and use them as a target class in addition to the normal data to train the CNN model for feature extraction and classification. These settings allow us to train a model to learn relevant pattern representations of the given classes in a binary classification fashion using cross-entropy loss. The ultimate goal of these investigations is to determine if any 2D-CNN-based model can be trained from scratch or if transfer learning of any pre-trained CNN model can be partially trained and used as the base network for one-class classification. The evaluation of the proposed One-Class CNN and previous approaches have shown that our approach has outperformed several state-of-the-art approaches by a significant margin. Additionally, in this paper, we mention two interesting findings: using synthetic data as the pseudo-class is a promising direction, and transfer learning should be dealt with considering that underfitting can happen because the transferred model is too complicated for training data. Full article
(This article belongs to the Special Issue Anomaly Detection and Monitoring for Networks and IoT Systems)
Show Figures

Figure 1

20 pages, 1157 KiB  
Article
A Multi-Tier Trust-Based Security Mechanism for Vehicular Ad-Hoc Network Communications
by Brian Akwirry, Nik Bessis, Hassan Malik and Sarah McHale
Sensors 2022, 22(21), 8285; https://doi.org/10.3390/s22218285 - 28 Oct 2022
Cited by 6 | Viewed by 2279
Abstract
Securing communications in vehicle ad hoc networks is crucial for operations. Messages exchanged in vehicle ad hoc network communications hold critical information such as road safety information, or road accident information and it is essential these packets reach their intended destination without any [...] Read more.
Securing communications in vehicle ad hoc networks is crucial for operations. Messages exchanged in vehicle ad hoc network communications hold critical information such as road safety information, or road accident information and it is essential these packets reach their intended destination without any modification. A significant concern for vehicle ad hoc network communications is that malicious vehicles can intercept or modify messages before reaching their intended destination. This can hamper vehicle ad hoc network operations and create safety concerns. The multi-tier trust management system proposed in this paper addresses the concern of malicious vehicles in the vehicle ad hoc network using three security tiers. The first tier of the proposed system assigns vehicles in the vehicle ad hoc network a trust value based on behaviour such as processing delay, packet loss and prior vehicle behavioural history. This will be done by selecting vehicles as watchdogs to observe the behaviour of neighbouring vehicles and evaluate the trust value. The second tier is to protect the watchdogs, which is done by watchdogs’ behaviour history. The third security tier is to protect the integrity of data used for trust value calculation. Results show that the proposed system is successful in identifying malicious vehicles in the VANET. It also improves the packet delivery ratio and end-to-end delay of the vehicle ad hoc network in the presence of malicious vehicles. Full article
(This article belongs to the Special Issue Anomaly Detection and Monitoring for Networks and IoT Systems)
Show Figures

Figure 1

Review

Jump to: Research

30 pages, 933 KiB  
Review
Review of Botnet Attack Detection in SDN-Enabled IoT Using Machine Learning
by Worku Gachena Negera, Friedhelm Schwenker, Taye Girma Debelee, Henock Mulugeta Melaku and Yehualashet Megeresa Ayano
Sensors 2022, 22(24), 9837; https://doi.org/10.3390/s22249837 - 14 Dec 2022
Cited by 8 | Viewed by 3194
Abstract
The orchestration of software-defined networks (SDN) and the internet of things (IoT) has revolutionized the computing fields. These include the broad spectrum of connectivity to sensors and electronic appliances beyond standard computing devices. However, these networks are still vulnerable to botnet attacks such [...] Read more.
The orchestration of software-defined networks (SDN) and the internet of things (IoT) has revolutionized the computing fields. These include the broad spectrum of connectivity to sensors and electronic appliances beyond standard computing devices. However, these networks are still vulnerable to botnet attacks such as distributed denial of service, network probing, backdoors, information stealing, and phishing attacks. These attacks can disrupt and sometimes cause irreversible damage to several sectors of the economy. As a result, several machine learning-based solutions have been proposed to improve the real-time detection of botnet attacks in SDN-enabled IoT networks. The aim of this review is to investigate research studies that applied machine learning techniques for deterring botnet attacks in SDN-enabled IoT networks. Initially the first major botnet attacks in SDN-IoT networks have been thoroughly discussed. Secondly a commonly used machine learning techniques for detecting and mitigating botnet attacks in SDN-IoT networks are discussed. Finally, the performance of these machine learning techniques in detecting and mitigating botnet attacks is presented in terms of commonly used machine learning models’ performance metrics. Both classical machine learning (ML) and deep learning (DL) techniques have comparable performance in botnet attack detection. However, the classical ML techniques require extensive feature engineering to achieve optimal features for efficient botnet attack detection. Besides, they fall short of detecting unforeseen botnet attacks. Furthermore, timely detection, real-time monitoring, and adaptability to new types of attacks are still challenging tasks in classical ML techniques. These are mainly because classical machine learning techniques use signatures of the already known malware both in training and after deployment. Full article
(This article belongs to the Special Issue Anomaly Detection and Monitoring for Networks and IoT Systems)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-9
Back to TopTop