Intrusion Detection Systems (IDS) are capital instruments for protecting ATM networks against intrusion, and subsequently ensuring the integrity of air traffic. An anomaly detection approach in such systems enables the detection of multiple types of attacks with the aid of a threshold as a criterion for differentiating between normal activity and unusual events in the network. IDS with fixed threshold fail to detect the presence of patterns in the data, thus hampering proper detection ability, and requiring regular human intervention. Detection ability of IDS can be improved by establishing an automated system that recognises pattern shifts in evolving data streams and adjusts the threshold accordingly. Our work focuses on designing an algorithm to recognize the occurrence of new patterns and adjust the threshold consequently for enhanced anomaly detection, whilst offering flexibility for different frameworks and scalability to cope with large data streams. In this article, we present an adaptive threshold approach based on extreme value theory, which aims to automatically detect concept drifts in radar data streams. We evaluate our method in a practical scenario of anomaly detection on time series data collected by air traffic radars across France and show that we can achieve a threefold performance improvement over a standard approach using a fixed threshold.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.