Industrial control systems (ICS) are no longer restricted to industrial production. They are also at the heart of safety critical systems and carry out key information that require strong need in terms of availability and integrity. Furthermore, they are gradually connected with the Internet. In the context of Air Traffic Management, safety critical data are generally time series which contain periodic events. Anomalies can hardly be detected as we only have a little knowledge of the traffic characteristic and the kind of anomalies we might encounter. Consequently, detecting them is challenging as it requires high detection accuracy currently unfeasible with traditional methods based on anomaly signatures or predictions. To cope with this issue, we introduce an anomaly detection method for ICS based on Long Short Term Memory (LSTM) that outperforms the accuracy of traditional ones. We experiment and develop our method with one major dataset containing French civil radar aviation data. We then evaluate our scheme with different datasets containing ICS monitoring data (publicly available predictable time series data) and show that our autoencoder can detect anomalies from predictable times series and present a higher detection rate on average than traditional detection methods.
Intrusion Detection Systems (IDS) are capital instruments for protecting ATM networks against intrusion, and subsequently ensuring the integrity of air traffic. An anomaly detection approach in such systems enables the detection of multiple types of attacks with the aid of a threshold as a criterion for differentiating between normal activity and unusual events in the network. IDS with fixed threshold fail to detect the presence of patterns in the data, thus hampering proper detection ability, and requiring regular human intervention. Detection ability of IDS can be improved by establishing an automated system that recognises pattern shifts in evolving data streams and adjusts the threshold accordingly. Our work focuses on designing an algorithm to recognize the occurrence of new patterns and adjust the threshold consequently for enhanced anomaly detection, whilst offering flexibility for different frameworks and scalability to cope with large data streams. In this article, we present an adaptive threshold approach based on extreme value theory, which aims to automatically detect concept drifts in radar data streams. We evaluate our method in a practical scenario of anomaly detection on time series data collected by air traffic radars across France and show that we can achieve a threefold performance improvement over a standard approach using a fixed threshold.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.