WorldWideScience

Sample records for anomaly detection system

  1. Ferret Workflow Anomaly Detection System

    National Research Council Canada - National Science Library

    Smith, Timothy J; Bryant, Stephany

    2005-01-01

    The Ferret workflow anomaly detection system project 2003-2004 has provided validation and anomaly detection in accredited workflows in secure knowledge management systems through the use of continuous, automated audits...

  2. Road Anomalies Detection System Evaluation.

    Science.gov (United States)

    Silva, Nuno; Shah, Vaibhav; Soares, João; Rodrigues, Helena

    2018-06-21

    Anomalies on road pavement cause discomfort to drivers and passengers, and may cause mechanical failure or even accidents. Governments spend millions of Euros every year on road maintenance, often causing traffic jams and congestion on urban roads on a daily basis. This paper analyses the difference between the deployment of a road anomalies detection and identification system in a “conditioned” and a real world setup, where the system performed worse compared to the “conditioned” setup. It also presents a system performance analysis based on the analysis of the training data sets; on the analysis of the attributes complexity, through the application of PCA techniques; and on the analysis of the attributes in the context of each anomaly type, using acceleration standard deviation attributes to observe how different anomalies classes are distributed in the Cartesian coordinates system. Overall, in this paper, we describe the main insights on road anomalies detection challenges to support the design and deployment of a new iteration of our system towards the deployment of a road anomaly detection service to provide information about roads condition to drivers and government entities.

  3. Detection of cardiovascular anomalies: Hybrid systems approach

    KAUST Repository

    Ledezma, Fernando; Laleg-Kirati, Taous-Meriem

    2012-01-01

    In this paper, we propose a hybrid interpretation of the cardiovascular system. Based on a model proposed by Simaan et al. (2009), we study the problem of detecting cardiovascular anomalies that can be caused by variations in some physiological

  4. Detection of cardiovascular anomalies: Hybrid systems approach

    KAUST Repository

    Ledezma, Fernando

    2012-06-06

    In this paper, we propose a hybrid interpretation of the cardiovascular system. Based on a model proposed by Simaan et al. (2009), we study the problem of detecting cardiovascular anomalies that can be caused by variations in some physiological parameters, using an observerbased approach. We present the first numerical results obtained. © 2012 IFAC.

  5. Anomaly Detection for Complex Systems

    Data.gov (United States)

    National Aeronautics and Space Administration — In performance maintenance in large, complex systems, sensor information from sub-components tends to be readily available, and can be used to make predictions about...

  6. System and method for anomaly detection

    Science.gov (United States)

    Scherrer, Chad

    2010-06-15

    A system and method for detecting one or more anomalies in a plurality of observations is provided. In one illustrative embodiment, the observations are real-time network observations collected from a stream of network traffic. The method includes performing a discrete decomposition of the observations, and introducing derived variables to increase storage and query efficiencies. A mathematical model, such as a conditional independence model, is then generated from the formatted data. The formatted data is also used to construct frequency tables which maintain an accurate count of specific variable occurrence as indicated by the model generation process. The formatted data is then applied to the mathematical model to generate scored data. The scored data is then analyzed to detect anomalies.

  7. Suboptimal processor for anomaly detection for system surveillance and diagnosis

    Energy Technology Data Exchange (ETDEWEB)

    Ciftcioglu, Oe.; Hoogenboom, J.E.; Dam, H. van

    1989-06-01

    Anomaly detection for nuclear reactor surveillance and diagnosis is described. The residual noise obtained as a result of autoregressive (AR) modelling is essential to obtain high sensitivity for anomaly detection. By means of the method of hypothesis testing a suboptimal anomaly detection processor is devised for system surveillance and diagnosis. Experiments are carried out to investigate the performance of the processor, which is in particular of interest for on-line and real-time applications.

  8. Clustering and Recurring Anomaly Identification: Recurring Anomaly Detection System (ReADS)

    Science.gov (United States)

    McIntosh, Dawn

    2006-01-01

    This viewgraph presentation reviews the Recurring Anomaly Detection System (ReADS). The Recurring Anomaly Detection System is a tool to analyze text reports, such as aviation reports and maintenance records: (1) Text clustering algorithms group large quantities of reports and documents; Reduces human error and fatigue (2) Identifies interconnected reports; Automates the discovery of possible recurring anomalies; (3) Provides a visualization of the clusters and recurring anomalies We have illustrated our techniques on data from Shuttle and ISS discrepancy reports, as well as ASRS data. ReADS has been integrated with a secure online search

  9. A New Anomaly Detection System for School Electricity Consumption Data

    Directory of Open Access Journals (Sweden)

    Wenqiang Cui

    2017-11-01

    Full Text Available Anomaly detection has been widely used in a variety of research and application domains, such as network intrusion detection, insurance/credit card fraud detection, health-care informatics, industrial damage detection, image processing and novel topic detection in text mining. In this paper, we focus on remote facilities management that identifies anomalous events in buildings by detecting anomalies in building electricity consumption data. We investigated five models within electricity consumption data from different schools to detect anomalies in the data. Furthermore, we proposed a hybrid model that combines polynomial regression and Gaussian distribution, which detects anomalies in the data with 0 false negative and an average precision higher than 91%. Based on the proposed model, we developed a data detection and visualization system for a facilities management company to detect and visualize anomalies in school electricity consumption data. The system is tested and evaluated by facilities managers. According to the evaluation, our system has improved the efficiency of facilities managers to identify anomalies in the data.

  10. Structural material anomaly detection system using water chemistry data

    International Nuclear Information System (INIS)

    Asakura, Yamato; Nagase, Makoto; Uchida, Shunsuke; Ohsumi, Katsumi.

    1992-01-01

    The concept of an advanced water chemistry diagnosis system for detection of anomalies and preventive maintenance of system components is proposed and put into a concrete form. Using the analogy to a medical inspection system, analyses of water chemistry change will make it possible to detect symptoms of anomalies in system components. Then, correlations between water chemistry change and anomaly occurrence in the components of the BWR primary cooling system are analyzed theoretically. These fragmentary correlations are organized and reduced to an algorithm for the on-line diagnosis system using on-line monitoring data, pH and conductivity. By using actual plant data, the on-line diagnosis model system is verified to be applicable for early and automatic finding of the anomaly cause and for timely supply of much diagnostic information to plant operators. (author)

  11. A Survey on Anomaly Based Host Intrusion Detection System

    Science.gov (United States)

    Jose, Shijoe; Malathi, D.; Reddy, Bharath; Jayaseeli, Dorathi

    2018-04-01

    An intrusion detection system (IDS) is hardware, software or a combination of two, for monitoring network or system activities to detect malicious signs. In computer security, designing a robust intrusion detection system is one of the most fundamental and important problems. The primary function of system is detecting intrusion and gives alerts when user tries to intrusion on timely manner. In these techniques when IDS find out intrusion it will send alert massage to the system administrator. Anomaly detection is an important problem that has been researched within diverse research areas and application domains. This survey tries to provide a structured and comprehensive overview of the research on anomaly detection. From the existing anomaly detection techniques, each technique has relative strengths and weaknesses. The current state of the experiment practice in the field of anomaly-based intrusion detection is reviewed and survey recent studies in this. This survey provides a study of existing anomaly detection techniques, and how the techniques used in one area can be applied in another application domain.

  12. Approaches in anomaly-based network intrusion detection systems

    NARCIS (Netherlands)

    Bolzoni, D.; Etalle, S.; Di Pietro, R.; Mancini, L.V.

    2008-01-01

    Anomaly-based network intrusion detection systems (NIDSs) can take into consideration packet headers, the payload, or a combination of both. We argue that payload-based approaches are becoming the most effective methods to detect attacks. Nowadays, attacks aim mainly to exploit vulnerabilities at

  13. Approaches in Anomaly-based Network Intrusion Detection Systems

    NARCIS (Netherlands)

    Bolzoni, D.; Etalle, Sandro

    Anomaly-based network intrusion detection systems (NIDSs) can take into consideration packet headers, the payload, or a combination of both. We argue that payload-based approaches are becoming the most effective methods to detect attacks. Nowadays, attacks aim mainly to exploit vulnerabilities at

  14. Probabilistic Anomaly Detection Based On System Calls Analysis

    Directory of Open Access Journals (Sweden)

    Przemysław Maciołek

    2007-01-01

    Full Text Available We present an application of probabilistic approach to the anomaly detection (PAD. Byanalyzing selected system calls (and their arguments, the chosen applications are monitoredin the Linux environment. This allows us to estimate “(abnormality” of their behavior (bycomparison to previously collected profiles. We’ve attached results of threat detection ina typical computer environment.

  15. Monitoring water supply systems for anomaly detection and response

    NARCIS (Netherlands)

    Bakker, M.; Lapikas, T.; Tangena, B.H.; Vreeburg, J.H.G.

    2012-01-01

    Water supply systems are vulnerable to damage caused by unintended or intended human actions, or due to aging of the system. In order to minimize the damages and the inconvenience for the customers, a software tool was developed to detect anomalies at an early stage, and to support the responsible

  16. Advanced Ground Systems Maintenance Anomaly Detection

    Data.gov (United States)

    National Aeronautics and Space Administration — The Inductive Monitoring System (IMS) software utilizes techniques from the fields of model-based reasoning, machine learning, and data mining to build system...

  17. Anomaly Detection in a Fleet of Systems

    Data.gov (United States)

    National Aeronautics and Space Administration — A fleet is a group of systems (e.g., cars, aircraft) that are designed and manufactured the same way and are intended to be used the same way. For example, a fleet...

  18. Anomaly-based intrusion detection for SCADA systems

    International Nuclear Information System (INIS)

    Yang, D.; Usynin, A.; Hines, J. W.

    2006-01-01

    Most critical infrastructure such as chemical processing plants, electrical generation and distribution networks, and gas distribution is monitored and controlled by Supervisory Control and Data Acquisition Systems (SCADA. These systems have been the focus of increased security and there are concerns that they could be the target of international terrorists. With the constantly growing number of internet related computer attacks, there is evidence that our critical infrastructure may also be vulnerable. Researchers estimate that malicious online actions may cause $75 billion at 2007. One of the interesting countermeasures for enhancing information system security is called intrusion detection. This paper will briefly discuss the history of research in intrusion detection techniques and introduce the two basic detection approaches: signature detection and anomaly detection. Finally, it presents the application of techniques developed for monitoring critical process systems, such as nuclear power plants, to anomaly intrusion detection. The method uses an auto-associative kernel regression (AAKR) model coupled with the statistical probability ratio test (SPRT) and applied to a simulated SCADA system. The results show that these methods can be generally used to detect a variety of common attacks. (authors)

  19. Using Physical Models for Anomaly Detection in Control Systems

    Science.gov (United States)

    Svendsen, Nils; Wolthusen, Stephen

    Supervisory control and data acquisition (SCADA) systems are increasingly used to operate critical infrastructure assets. However, the inclusion of advanced information technology and communications components and elaborate control strategies in SCADA systems increase the threat surface for external and subversion-type attacks. The problems are exacerbated by site-specific properties of SCADA environments that make subversion detection impractical; and by sensor noise and feedback characteristics that degrade conventional anomaly detection systems. Moreover, potential attack mechanisms are ill-defined and may include both physical and logical aspects.

  20. Anomaly Detection in the Bitcoin System - A Network Perspective

    OpenAIRE

    Pham, Thai; Lee, Steven

    2016-01-01

    The problem of anomaly detection has been studied for a long time, and many Network Analysis techniques have been proposed as solutions. Although some results appear to be quite promising, no method is clearly to be superior to the rest. In this paper, we particularly consider anomaly detection in the Bitcoin transaction network. Our goal is to detect which users and transactions are the most suspicious; in this case, anomalous behavior is a proxy for suspicious behavior. To this end, we use ...

  1. Rule-based expert system for maritime anomaly detection

    Science.gov (United States)

    Roy, Jean

    2010-04-01

    Maritime domain operators/analysts have a mandate to be aware of all that is happening within their areas of responsibility. This mandate derives from the needs to defend sovereignty, protect infrastructures, counter terrorism, detect illegal activities, etc., and it has become more challenging in the past decade, as commercial shipping turned into a potential threat. In particular, a huge portion of the data and information made available to the operators/analysts is mundane, from maritime platforms going about normal, legitimate activities, and it is very challenging for them to detect and identify the non-mundane. To achieve such anomaly detection, they must establish numerous relevant situational facts from a variety of sensor data streams. Unfortunately, many of the facts of interest just cannot be observed; the operators/analysts thus use their knowledge of the maritime domain and their reasoning faculties to infer these facts. As they are often overwhelmed by the large amount of data and information, automated reasoning tools could be used to support them by inferring the necessary facts, ultimately providing indications and warning on a small number of anomalous events worthy of their attention. Along this line of thought, this paper describes a proof-of-concept prototype of a rule-based expert system implementing automated rule-based reasoning in support of maritime anomaly detection.

  2. Anomaly detection in an automated safeguards system using neural networks

    International Nuclear Information System (INIS)

    Whiteson, R.; Howell, J.A.

    1992-01-01

    An automated safeguards system must be able to detect an anomalous event, identify the nature of the event, and recommend a corrective action. Neural networks represent a new way of thinking about basic computational mechanisms for intelligent information processing. In this paper, we discuss the issues involved in applying a neural network model to the first step of this process: anomaly detection in materials accounting systems. We extend our previous model to a 3-tank problem and compare different neural network architectures and algorithms. We evaluate the computational difficulties in training neural networks and explore how certain design principles affect the problems. The issues involved in building a neural network architecture include how the information flows, how the network is trained, how the neurons in a network are connected, how the neurons process information, and how the connections between neurons are modified. Our approach is based on the demonstrated ability of neural networks to model complex, nonlinear, real-time processes. By modeling the normal behavior of the processes, we can predict how a system should be behaving and, therefore, detect when an abnormality occurs

  3. Anomaly Detection in Gas Turbine Fuel Systems Using a Sequential Symbolic Method

    Directory of Open Access Journals (Sweden)

    Fei Li

    2017-05-01

    Full Text Available Anomaly detection plays a significant role in helping gas turbines run reliably and economically. Considering the collective anomalous data and both sensitivity and robustness of the anomaly detection model, a sequential symbolic anomaly detection method is proposed and applied to the gas turbine fuel system. A structural Finite State Machine is used to evaluate posterior probabilities of observing symbolic sequences and the most probable state sequences they may locate. Hence an estimation-based model and a decoding-based model are used to identify anomalies in two different ways. Experimental results indicate that both models have both ideal performance overall, but the estimation-based model has a strong robustness ability, whereas the decoding-based model has a strong accuracy ability, particularly in a certain range of sequence lengths. Therefore, the proposed method can facilitate well existing symbolic dynamic analysis- based anomaly detection methods, especially in the gas turbine domain.

  4. Revisiting Anomaly-based Network Intrusion Detection Systems

    NARCIS (Netherlands)

    Bolzoni, D.

    2009-01-01

    Intrusion detection systems (IDSs) are well-known and widely-deployed security tools to detect cyber-attacks and malicious activities in computer systems and networks. A signature-based IDS works similar to anti-virus software. It employs a signature database of known attacks, and a successful match

  5. Anomaly Detection in Sequences

    Data.gov (United States)

    National Aeronautics and Space Administration — We present a set of novel algorithms which we call sequenceMiner, that detect and characterize anomalies in large sets of high-dimensional symbol sequences that...

  6. Implementation of a General Real-Time Visual Anomaly Detection System Via Soft Computing

    Science.gov (United States)

    Dominguez, Jesus A.; Klinko, Steve; Ferrell, Bob; Steinrock, Todd (Technical Monitor)

    2001-01-01

    The intelligent visual system detects anomalies or defects in real time under normal lighting operating conditions. The application is basically a learning machine that integrates fuzzy logic (FL), artificial neural network (ANN), and generic algorithm (GA) schemes to process the image, run the learning process, and finally detect the anomalies or defects. The system acquires the image, performs segmentation to separate the object being tested from the background, preprocesses the image using fuzzy reasoning, performs the final segmentation using fuzzy reasoning techniques to retrieve regions with potential anomalies or defects, and finally retrieves them using a learning model built via ANN and GA techniques. FL provides a powerful framework for knowledge representation and overcomes uncertainty and vagueness typically found in image analysis. ANN provides learning capabilities, and GA leads to robust learning results. An application prototype currently runs on a regular PC under Windows NT, and preliminary work has been performed to build an embedded version with multiple image processors. The application prototype is being tested at the Kennedy Space Center (KSC), Florida, to visually detect anomalies along slide basket cables utilized by the astronauts to evacuate the NASA Shuttle launch pad in an emergency. The potential applications of this anomaly detection system in an open environment are quite wide. Another current, potentially viable application at NASA is in detecting anomalies of the NASA Space Shuttle Orbiter's radiator panels.

  7. Dynamic analysis methods for detecting anomalies in asynchronously interacting systems

    Energy Technology Data Exchange (ETDEWEB)

    Kumar, Akshat; Solis, John Hector; Matschke, Benjamin

    2014-01-01

    Detecting modifications to digital system designs, whether malicious or benign, is problematic due to the complexity of the systems being analyzed. Moreover, static analysis techniques and tools can only be used during the initial design and implementation phases to verify safety and liveness properties. It is computationally intractable to guarantee that any previously verified properties still hold after a system, or even a single component, has been produced by a third-party manufacturer. In this paper we explore new approaches for creating a robust system design by investigating highly-structured computational models that simplify verification and analysis. Our approach avoids the need to fully reconstruct the implemented system by incorporating a small verification component that dynamically detects for deviations from the design specification at run-time. The first approach encodes information extracted from the original system design algebraically into a verification component. During run-time this component randomly queries the implementation for trace information and verifies that no design-level properties have been violated. If any deviation is detected then a pre-specified fail-safe or notification behavior is triggered. Our second approach utilizes a partitioning methodology to view liveness and safety properties as a distributed decision task and the implementation as a proposed protocol that solves this task. Thus the problem of verifying safety and liveness properties is translated to that of verifying that the implementation solves the associated decision task. We develop upon results from distributed systems and algebraic topology to construct a learning mechanism for verifying safety and liveness properties from samples of run-time executions.

  8. Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

    NARCIS (Netherlands)

    Bolzoni, D.; Etalle, Sandro; Hartel, Pieter H.; Kirda, E.; Jha, S.; Balzarotti, D.

    Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

  9. Panacea : Automating attack classification for anomaly-based network intrusion detection systems

    NARCIS (Netherlands)

    Bolzoni, D.; Etalle, S.; Hartel, P.H.; Kirda, E.; Jha, S.; Balzarotti, D.

    2009-01-01

    Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attacks, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

  10. Panacea : Automating attack classification for anomaly-based network intrusion detection systems

    NARCIS (Netherlands)

    Bolzoni, D.; Etalle, S.; Hartel, P.H.

    2009-01-01

    Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

  11. Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

    NARCIS (Netherlands)

    Bolzoni, D.; Etalle, Sandro; Hartel, Pieter H.

    2009-01-01

    Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

  12. PLAT: An Automated Fault and Behavioural Anomaly Detection Tool for PLC Controlled Manufacturing Systems

    Directory of Open Access Journals (Sweden)

    Arup Ghosh

    2016-01-01

    Full Text Available Operational faults and behavioural anomalies associated with PLC control processes take place often in a manufacturing system. Real time identification of these operational faults and behavioural anomalies is necessary in the manufacturing industry. In this paper, we present an automated tool, called PLC Log-Data Analysis Tool (PLAT that can detect them by using log-data records of the PLC signals. PLAT automatically creates a nominal model of the PLC control process and employs a novel hash table based indexing and searching scheme to satisfy those purposes. Our experiments show that PLAT is significantly fast, provides real time identification of operational faults and behavioural anomalies, and can execute within a small memory footprint. In addition, PLAT can easily handle a large manufacturing system with a reasonable computing configuration and can be installed in parallel to the data logging system to identify operational faults and behavioural anomalies effectively.

  13. PLAT: An Automated Fault and Behavioural Anomaly Detection Tool for PLC Controlled Manufacturing Systems.

    Science.gov (United States)

    Ghosh, Arup; Qin, Shiming; Lee, Jooyeoun; Wang, Gi-Nam

    2016-01-01

    Operational faults and behavioural anomalies associated with PLC control processes take place often in a manufacturing system. Real time identification of these operational faults and behavioural anomalies is necessary in the manufacturing industry. In this paper, we present an automated tool, called PLC Log-Data Analysis Tool (PLAT) that can detect them by using log-data records of the PLC signals. PLAT automatically creates a nominal model of the PLC control process and employs a novel hash table based indexing and searching scheme to satisfy those purposes. Our experiments show that PLAT is significantly fast, provides real time identification of operational faults and behavioural anomalies, and can execute within a small memory footprint. In addition, PLAT can easily handle a large manufacturing system with a reasonable computing configuration and can be installed in parallel to the data logging system to identify operational faults and behavioural anomalies effectively.

  14. A Bayesian model for anomaly detection in SQL databases for security systems

    NARCIS (Netherlands)

    Drugan, M.M.

    2017-01-01

    We focus on automatic anomaly detection in SQL databases for security systems. Many logs of database systems, here the Townhall database, contain detailed information about users, like the SQL queries and the response of the database. A database is a list of log instances, where each log instance is

  15. Space Shuttle Main Propulsion System Anomaly Detection: A Case Study

    Data.gov (United States)

    National Aeronautics and Space Administration — The space shuttle main engine (SSME) is part of the Main Propnlsion System (MPS) which is an extremely complex system containing several sub-systems and components,...

  16. Structural material anomaly detection system using water chemistry data, (7)

    International Nuclear Information System (INIS)

    Nagase, Makoto; Uchida, Shunsuke; Asakura, Yamato; Ohsumi, Katsumi.

    1993-01-01

    A method to detect small changes in water quality and diagnose their causes by analyzing on-line conductivity and pH data was proposed. Laboratory tests showed that effective noise reduction of measured on-line data could be got by using median filter to detect small changes of conductivity ; a relative change of 0.001 μS/cm was distinguishable. By simulating the changes of pH and conductivity in the reactor water against a small concentration change of sodium ion or sulfate ion in the feedwater, it was found that an adequate elapsed time for the diagnosis was 4 h from the start of the concentration change. A conductivity difference of 0.001 μS/cm in the reactor water made it theoretically possible to distinguish between a sodium ion concentration change of 4.6 ppt and a sulfate ion concentration change of 9.6 ppt in the feedwater. (author)

  17. JACoW Model learning algorithms for anomaly detection in CERN control systems

    CERN Document Server

    Tilaro, Filippo; Gonzalez-Berges, Manuel; Roshchin, Mikhail; Varela, Fernando

    2018-01-01

    The CERN automation infrastructure consists of over 600 heterogeneous industrial control systems with around 45 million deployed sensors, actuators and control objects. Therefore, it is evident that the monitoring of such huge system represents a challenging and complex task. This paper describes three different mathematical approaches that have been designed and developed to detect anomalies in any of the CERN control systems. Specifically, one of these algorithms is purely based on expert knowledge; the other two mine the historical generated data to create a simple model of the system; this model is then used to detect faulty sensors measurements. The presented methods can be categorized as dynamic unsupervised anomaly detection; “dynamic” since the behaviour of the system and the evolution of its attributes are observed and changing in time. They are “unsupervised” because we are trying to predict faulty events without examples in the data history. So, the described strategies involve monitoring t...

  18. HPNAIDM: The High-Performance Network Anomaly/Intrusion Detection and Mitigation System

    Energy Technology Data Exchange (ETDEWEB)

    Chen, Yan [Northwesten University

    2013-12-05

    Identifying traffic anomalies and attacks rapidly and accurately is critical for large network operators. With the rapid growth of network bandwidth, such as the next generation DOE UltraScience Network, and fast emergence of new attacks/virus/worms, existing network intrusion detection systems (IDS) are insufficient because they: • Are mostly host-based and not scalable to high-performance networks; • Are mostly signature-based and unable to adaptively recognize flow-level unknown attacks; • Cannot differentiate malicious events from the unintentional anomalies. To address these challenges, we proposed and developed a new paradigm called high-performance network anomaly/intrustion detection and mitigation (HPNAIDM) system. The new paradigm is significantly different from existing IDSes with the following features (research thrusts). • Online traffic recording and analysis on high-speed networks; • Online adaptive flow-level anomaly/intrusion detection and mitigation; • Integrated approach for false positive reduction. Our research prototype and evaluation demonstrate that the HPNAIDM system is highly effective and economically feasible. Beyond satisfying the pre-set goals, we even exceed that significantly (see more details in the next section). Overall, our project harvested 23 publications (2 book chapters, 6 journal papers and 15 peer-reviewed conference/workshop papers). Besides, we built a website for technique dissemination, which hosts two system prototype release to the research community. We also filed a patent application and developed strong international and domestic collaborations which span both academia and industry.

  19. Network Traffic Features for Anomaly Detection in Specific Industrial Control System Network

    Directory of Open Access Journals (Sweden)

    Matti Mantere

    2013-09-01

    Full Text Available The deterministic and restricted nature of industrial control system networks sets them apart from more open networks, such as local area networks in office environments. This improves the usability of network security, monitoring approaches that would be less feasible in more open environments. One of such approaches is machine learning based anomaly detection. Without proper customization for the special requirements of the industrial control system network environment, many existing anomaly or misuse detection systems will perform sub-optimally. A machine learning based approach could reduce the amount of manual customization required for different industrial control system networks. In this paper we analyze a possible set of features to be used in a machine learning based anomaly detection system in the real world industrial control system network environment under investigation. The network under investigation is represented by architectural drawing and results derived from network trace analysis. The network trace is captured from a live running industrial process control network and includes both control data and the data flowing between the control network and the office network. We limit the investigation to the IP traffic in the traces.

  20. Signal anomaly detection and characterization

    International Nuclear Information System (INIS)

    Morgenstern, V.M.; Upadhyaya, B.R.; Gloeckler, O.

    1988-08-01

    As part of a comprehensive signal validation system, we have developed a signal anomaly detector, without specifically establishing the cause of the anomaly. A signal recorded from process instrumentation is said to have an anomaly, if during steady-state operation, the deviation in the level of the signal, its root-mean-square (RMS) value, or its statistical distribution changes by a preset value. This deviation could be an unacceptable increase or a decrease in the quantity being monitored. An anomaly in a signal may be characterized by wideband or single-frequency noise, bias error, pulse-type error, nonsymmetric behavior, or a change in the signal bandwidth. Various signatures can be easily computed from data samples and compared against specified threshold values. We want to point out that in real processes, pulses can appear with different time widths, and at different rates of change of the signal. Thus, in characterizing an anomaly as a pulse-type, the fastest pulse width is constrained by the signal sampling interval. For example, if a signal is sampled at 100 Hz, we will not be able to detect pulses occurring at kHz rates. Discussion with utility and Combustion Engineering personnel indicated that it is not practical to detect pulses having a narrow time width. 9 refs., 11 figs., 8 tabs

  1. Improvement of statistical methods for detecting anomalies in climate and environmental monitoring systems

    Science.gov (United States)

    Yakunin, A. G.; Hussein, H. M.

    2018-01-01

    The article shows how the known statistical methods, which are widely used in solving financial problems and a number of other fields of science and technology, can be effectively applied after minor modification for solving such problems in climate and environment monitoring systems, as the detection of anomalies in the form of abrupt changes in signal levels, the occurrence of positive and negative outliers and the violation of the cycle form in periodic processes.

  2. Seasonal ARMA-based SPC charts for anomaly detection: Application to emergency department systems

    KAUST Repository

    Kadri, Farid

    2015-10-22

    Monitoring complex production systems is primordial to ensure management, reliability and safety as well as maintaining the desired product quality. Early detection of emergent abnormal behaviour in monitored systems allows pre-emptive action to prevent more serious consequences, to improve system operations and to reduce manufacturing and/or service costs. This study reports the design of a new methodology for the detection of abnormal situations based on the integration of time-series analysis models and statistical process control (SPC) tools for the joint development of a monitoring system to help supervising of the behaviour of emergency department services (EDs). The monitoring system developed is able to provide early alerts in the event of abnormal situations. The seasonal autoregressive moving average (SARMA)-based exponentially weighted moving average (EWMA) anomaly detection scheme proposed was successfully applied to the practical data collected from the database of the paediatric emergency department (PED) at Lille regional hospital centre, France. The method developed utilizes SARMA as a modelling framework and EWMA for anomaly detection. The EWMA control chart is applied to the uncorrelated residuals obtained from the SARMA model. The detection results of the EWMA chart are compared with two other commonly applied residual-based tests: a Shewhart individuals chart and a Cumulative Sum (CUSUM) control chart.

  3. Seasonal ARMA-based SPC charts for anomaly detection: Application to emergency department systems

    KAUST Repository

    Kadri, Farid; Harrou, Fouzi; Chaabane, Sondè s; Sun, Ying; Tahon, Christian

    2015-01-01

    Monitoring complex production systems is primordial to ensure management, reliability and safety as well as maintaining the desired product quality. Early detection of emergent abnormal behaviour in monitored systems allows pre-emptive action to prevent more serious consequences, to improve system operations and to reduce manufacturing and/or service costs. This study reports the design of a new methodology for the detection of abnormal situations based on the integration of time-series analysis models and statistical process control (SPC) tools for the joint development of a monitoring system to help supervising of the behaviour of emergency department services (EDs). The monitoring system developed is able to provide early alerts in the event of abnormal situations. The seasonal autoregressive moving average (SARMA)-based exponentially weighted moving average (EWMA) anomaly detection scheme proposed was successfully applied to the practical data collected from the database of the paediatric emergency department (PED) at Lille regional hospital centre, France. The method developed utilizes SARMA as a modelling framework and EWMA for anomaly detection. The EWMA control chart is applied to the uncorrelated residuals obtained from the SARMA model. The detection results of the EWMA chart are compared with two other commonly applied residual-based tests: a Shewhart individuals chart and a Cumulative Sum (CUSUM) control chart.

  4. Improved detection of incipient anomalies via multivariate memory monitoring charts: Application to an air flow heating system

    KAUST Repository

    Harrou, Fouzi; Madakyaru, Muddu; Sun, Ying; Khadraoui, Sofiane

    2016-01-01

    Detecting anomalies is important for reliable operation of several engineering systems. Multivariate statistical monitoring charts are an efficient tool for checking the quality of a process by identifying abnormalities. Principal component analysis

  5. Item Anomaly Detection Based on Dynamic Partition for Time Series in Recommender Systems.

    Science.gov (United States)

    Gao, Min; Tian, Renli; Wen, Junhao; Xiong, Qingyu; Ling, Bin; Yang, Linda

    2015-01-01

    In recent years, recommender systems have become an effective method to process information overload. However, recommendation technology still suffers from many problems. One of the problems is shilling attacks-attackers inject spam user profiles to disturb the list of recommendation items. There are two characteristics of all types of shilling attacks: 1) Item abnormality: The rating of target items is always maximum or minimum; and 2) Attack promptness: It takes only a very short period time to inject attack profiles. Some papers have proposed item anomaly detection methods based on these two characteristics, but their detection rate, false alarm rate, and universality need to be further improved. To solve these problems, this paper proposes an item anomaly detection method based on dynamic partitioning for time series. This method first dynamically partitions item-rating time series based on important points. Then, we use chi square distribution (χ2) to detect abnormal intervals. The experimental results on MovieLens 100K and 1M indicate that this approach has a high detection rate and a low false alarm rate and is stable toward different attack models and filler sizes.

  6. Item Anomaly Detection Based on Dynamic Partition for Time Series in Recommender Systems

    Science.gov (United States)

    Gao, Min; Tian, Renli; Wen, Junhao; Xiong, Qingyu; Ling, Bin; Yang, Linda

    2015-01-01

    In recent years, recommender systems have become an effective method to process information overload. However, recommendation technology still suffers from many problems. One of the problems is shilling attacks-attackers inject spam user profiles to disturb the list of recommendation items. There are two characteristics of all types of shilling attacks: 1) Item abnormality: The rating of target items is always maximum or minimum; and 2) Attack promptness: It takes only a very short period time to inject attack profiles. Some papers have proposed item anomaly detection methods based on these two characteristics, but their detection rate, false alarm rate, and universality need to be further improved. To solve these problems, this paper proposes an item anomaly detection method based on dynamic partitioning for time series. This method first dynamically partitions item-rating time series based on important points. Then, we use chi square distribution (χ2) to detect abnormal intervals. The experimental results on MovieLens 100K and 1M indicate that this approach has a high detection rate and a low false alarm rate and is stable toward different attack models and filler sizes. PMID:26267477

  7. Residual generator for cardiovascular anomalies detection

    KAUST Repository

    Belkhatir, Zehor; Laleg-Kirati, Taous-Meriem; Tadjine, Mohamed

    2014-01-01

    This paper discusses the possibility of using observer-based approaches for cardiovascular anomalies detection and isolation. We consider a lumped parameter model of the cardiovascular system that can be written in a form of nonlinear state

  8. Amalgamation of Anomaly-Detection Indices for Enhanced Process Monitoring

    KAUST Repository

    Harrou, Fouzi; Sun, Ying; Khadraoui, Sofiane

    2016-01-01

    Accurate and effective anomaly detection and diagnosis of modern industrial systems are crucial for ensuring reliability and safety and for maintaining desired product quality. Anomaly detection based on principal component analysis (PCA) has been

  9. Improved detection of incipient anomalies via multivariate memory monitoring charts: Application to an air flow heating system

    KAUST Repository

    Harrou, Fouzi

    2016-08-11

    Detecting anomalies is important for reliable operation of several engineering systems. Multivariate statistical monitoring charts are an efficient tool for checking the quality of a process by identifying abnormalities. Principal component analysis (PCA) was shown effective in monitoring processes with highly correlated data. Traditional PCA-based methods, nevertheless, often are relatively inefficient at detecting incipient anomalies. Here, we propose a statistical approach that exploits the advantages of PCA and those of multivariate memory monitoring schemes, like the multivariate cumulative sum (MCUSUM) and multivariate exponentially weighted moving average (MEWMA) monitoring schemes to better detect incipient anomalies. Memory monitoring charts are sensitive to incipient anomalies in process mean, which significantly improve the performance of PCA method and enlarge its profitability, and to utilize these improvements in various applications. The performance of PCA-based MEWMA and MCUSUM control techniques are demonstrated and compared with traditional PCA-based monitoring methods. Using practical data gathered from a heating air-flow system, we demonstrate the greater sensitivity and efficiency of the developed method over the traditional PCA-based methods. Results indicate that the proposed techniques have potential for detecting incipient anomalies in multivariate data. © 2016 Elsevier Ltd

  10. Anomaly detection in diurnal data

    NARCIS (Netherlands)

    Mata, F.; Zuraniewski, P.W.; Mandjes, M.; Mellia, M.

    2014-01-01

    In this paper we present methodological advances in anomaly detection tailored to discover abnormal traffic patterns under the presence of seasonal trends in data. In our setup we impose specific assumptions on the traffic type and nature; our study features VoIP call counts, for which several

  11. Data Mining for Anomaly Detection

    Science.gov (United States)

    Biswas, Gautam; Mack, Daniel; Mylaraswamy, Dinkar; Bharadwaj, Raj

    2013-01-01

    The Vehicle Integrated Prognostics Reasoner (VIPR) program describes methods for enhanced diagnostics as well as a prognostic extension to current state of art Aircraft Diagnostic and Maintenance System (ADMS). VIPR introduced a new anomaly detection function for discovering previously undetected and undocumented situations, where there are clear deviations from nominal behavior. Once a baseline (nominal model of operations) is established, the detection and analysis is split between on-aircraft outlier generation and off-aircraft expert analysis to characterize and classify events that may not have been anticipated by individual system providers. Offline expert analysis is supported by data curation and data mining algorithms that can be applied in the contexts of supervised learning methods and unsupervised learning. In this report, we discuss efficient methods to implement the Kolmogorov complexity measure using compression algorithms, and run a systematic empirical analysis to determine the best compression measure. Our experiments established that the combination of the DZIP compression algorithm and CiDM distance measure provides the best results for capturing relevant properties of time series data encountered in aircraft operations. This combination was used as the basis for developing an unsupervised learning algorithm to define "nominal" flight segments using historical flight segments.

  12. Anomaly-based online intrusion detection system as a sensor for cyber security situational awareness system

    OpenAIRE

    Kokkonen, Tero

    2016-01-01

    Almost all the organisations and even individuals rely on complex structures of data networks and networked computer systems. That complex data ensemble, the cyber domain, provides great opportunities, but at the same time it offers many possible attack vectors that can be abused for cyber vandalism, cyber crime, cyber espionage or cyber terrorism. Those threats produce requirements for cyber security situational awareness and intrusion detection capability. This dissertation conc...

  13. Anomaly-based Network Intrusion Detection Methods

    Directory of Open Access Journals (Sweden)

    Pavel Nevlud

    2013-01-01

    Full Text Available The article deals with detection of network anomalies. Network anomalies include everything that is quite different from the normal operation. For detection of anomalies were used machine learning systems. Machine learning can be considered as a support or a limited type of artificial intelligence. A machine learning system usually starts with some knowledge and a corresponding knowledge organization so that it can interpret, analyse, and test the knowledge acquired. There are several machine learning techniques available. We tested Decision tree learning and Bayesian networks. The open source data-mining framework WEKA was the tool we used for testing the classify, cluster, association algorithms and for visualization of our results. The WEKA is a collection of machine learning algorithms for data mining tasks.

  14. Apparatus and method for detecting a magnetic anomaly contiguous to remote location by SQUID gradiometer and magnetometer systems

    Science.gov (United States)

    Overton, W.C. Jr.; Steyert, W.A. Jr.

    1981-05-22

    A superconducting quantum interference device (SQUID) magnetic detection apparatus detects magnetic fields, signals, and anomalies at remote locations. Two remotely rotatable SQUID gradiometers may be housed in a cryogenic environment to search for and locate unambiguously magnetic anomalies. The SQUID magnetic detection apparatus can be used to determine the azimuth of a hydrofracture by first flooding the hydrofracture with a ferrofluid to create an artificial magnetic anomaly therein.

  15. Improving Accuracy of Dempster-Shafer Theory Based Anomaly Detection Systems

    Directory of Open Access Journals (Sweden)

    Ling Zou

    2014-07-01

    Full Text Available While the Dempster-Shafer theory of evidence has been widely used in anomaly detection, there are some issues with them. Dempster-Shafer theory of evidence trusts evidences equally which does not hold in distributed-sensor ADS. Moreover, evidences are dependent with each other sometimes which will lead to false alert. We propose improving by incorporating two algorithms. Features selection algorithm employs Gaussian Graphical Models to discover correlation between some candidate features. A group of suitable ADS were selected to detect and detection result were send to the fusion engine. Information gain is applied to set weight for every feature on Weights estimated algorithm. A weighted Dempster-Shafer theory of evidence combined the detection results to achieve a better accuracy. We evaluate our detection prototype through a set of experiments that were conducted with standard benchmark Wisconsin Breast Cancer Dataset and real Internet traffic. Evaluations on the Wisconsin Breast Cancer Dataset show that our prototype can find the correlation in nine features and improve the detection rate without affecting the false positive rate. Evaluations on Internet traffic show that Weights estimated algorithm can improve the detection performance significantly.

  16. Network Anomaly Detection Based on Wavelet Analysis

    Directory of Open Access Journals (Sweden)

    Ali A. Ghorbani

    2008-11-01

    Full Text Available Signal processing techniques have been applied recently for analyzing and detecting network anomalies due to their potential to find novel or unknown intrusions. In this paper, we propose a new network signal modelling technique for detecting network anomalies, combining the wavelet approximation and system identification theory. In order to characterize network traffic behaviors, we present fifteen features and use them as the input signals in our system. We then evaluate our approach with the 1999 DARPA intrusion detection dataset and conduct a comprehensive analysis of the intrusions in the dataset. Evaluation results show that the approach achieves high-detection rates in terms of both attack instances and attack types. Furthermore, we conduct a full day's evaluation in a real large-scale WiFi ISP network where five attack types are successfully detected from over 30 millions flows.

  17. Network Anomaly Detection Based on Wavelet Analysis

    Science.gov (United States)

    Lu, Wei; Ghorbani, Ali A.

    2008-12-01

    Signal processing techniques have been applied recently for analyzing and detecting network anomalies due to their potential to find novel or unknown intrusions. In this paper, we propose a new network signal modelling technique for detecting network anomalies, combining the wavelet approximation and system identification theory. In order to characterize network traffic behaviors, we present fifteen features and use them as the input signals in our system. We then evaluate our approach with the 1999 DARPA intrusion detection dataset and conduct a comprehensive analysis of the intrusions in the dataset. Evaluation results show that the approach achieves high-detection rates in terms of both attack instances and attack types. Furthermore, we conduct a full day's evaluation in a real large-scale WiFi ISP network where five attack types are successfully detected from over 30 millions flows.

  18. Network anomaly detection a machine learning perspective

    CERN Document Server

    Bhattacharyya, Dhruba Kumar

    2013-01-01

    With the rapid rise in the ubiquity and sophistication of Internet technology and the accompanying growth in the number of network attacks, network intrusion detection has become increasingly important. Anomaly-based network intrusion detection refers to finding exceptional or nonconforming patterns in network traffic data compared to normal behavior. Finding these anomalies has extensive applications in areas such as cyber security, credit card and insurance fraud detection, and military surveillance for enemy activities. Network Anomaly Detection: A Machine Learning Perspective presents mach

  19. Analysis of a SCADA System Anomaly Detection Model Based on Information Entropy

    Science.gov (United States)

    2014-03-27

    Gerard, 2005:3) The NTSB report lists alarm management as one of the top five areas for improvement in pipeline SCADA systems (Gerard, 2005:1...Zhang, Qin, Wang, and Liang for leak detection in a SCADA -run pipeline system. A concept derived from information theory improved leak detection...System for West Products Pipeline . Journal of Loss Prevention in the Process Industries, 22(6), 981-989. Zhu, B., & Sastry, S. (2010). SCADA

  20. Anomaly detection in wide area network mesh using two machine learning anomaly detection algorithms

    OpenAIRE

    Zhang, James; Vukotic, Ilija; Gardner, Robert

    2018-01-01

    Anomaly detection is the practice of identifying items or events that do not conform to an expected behavior or do not correlate with other items in a dataset. It has previously been applied to areas such as intrusion detection, system health monitoring, and fraud detection in credit card transactions. In this paper, we describe a new method for detecting anomalous behavior over network performance data, gathered by perfSONAR, using two machine learning algorithms: Boosted Decision Trees (BDT...

  1. Anomaly Detection in Dynamic Networks

    Energy Technology Data Exchange (ETDEWEB)

    Turcotte, Melissa [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2014-10-14

    Anomaly detection in dynamic communication networks has many important security applications. These networks can be extremely large and so detecting any changes in their structure can be computationally challenging; hence, computationally fast, parallelisable methods for monitoring the network are paramount. For this reason the methods presented here use independent node and edge based models to detect locally anomalous substructures within communication networks. As a first stage, the aim is to detect changes in the data streams arising from node or edge communications. Throughout the thesis simple, conjugate Bayesian models for counting processes are used to model these data streams. A second stage of analysis can then be performed on a much reduced subset of the network comprising nodes and edges which have been identified as potentially anomalous in the first stage. The first method assumes communications in a network arise from an inhomogeneous Poisson process with piecewise constant intensity. Anomaly detection is then treated as a changepoint problem on the intensities. The changepoint model is extended to incorporate seasonal behavior inherent in communication networks. This seasonal behavior is also viewed as a changepoint problem acting on a piecewise constant Poisson process. In a static time frame, inference is made on this extended model via a Gibbs sampling strategy. In a sequential time frame, where the data arrive as a stream, a novel, fast Sequential Monte Carlo (SMC) algorithm is introduced to sample from the sequence of posterior distributions of the change points over time. A second method is considered for monitoring communications in a large scale computer network. The usage patterns in these types of networks are very bursty in nature and don’t fit a Poisson process model. For tractable inference, discrete time models are considered, where the data are aggregated into discrete time periods and probability models are fitted to the

  2. Algorithms for Anomaly Detection - Lecture 1

    CERN Multimedia

    CERN. Geneva

    2017-01-01

    The concept of statistical anomalies, or outliers, has fascinated experimentalists since the earliest attempts to interpret data. We want to know why some data points don’t seem to belong with the others: perhaps we want to eliminate spurious or unrepresentative data from our model. Or, the anomalies themselves may be what we are interested in: an outlier could represent the symptom of a disease, an attack on a computer network, a scientific discovery, or even an unfaithful partner. We start with some general considerations, such as the relationship between clustering and anomaly detection, the choice between supervised and unsupervised methods, and the difference between global and local anomalies. Then we will survey the most representative anomaly detection algorithms, highlighting what kind of data each approach is best suited to, and discussing their limitations. We will finish with a discussion of the difficulties of anomaly detection in high-dimensional data and some new directions for anomaly detec...

  3. Algorithms for Anomaly Detection - Lecture 2

    CERN Multimedia

    CERN. Geneva

    2017-01-01

    The concept of statistical anomalies, or outliers, has fascinated experimentalists since the earliest attempts to interpret data. We want to know why some data points don’t seem to belong with the others: perhaps we want to eliminate spurious or unrepresentative data from our model. Or, the anomalies themselves may be what we are interested in: an outlier could represent the symptom of a disease, an attack on a computer network, a scientific discovery, or even an unfaithful partner. We start with some general considerations, such as the relationship between clustering and anomaly detection, the choice between supervised and unsupervised methods, and the difference between global and local anomalies. Then we will survey the most representative anomaly detection algorithms, highlighting what kind of data each approach is best suited to, and discussing their limitations. We will finish with a discussion of the difficulties of anomaly detection in high-dimensional data and some new directions for anomaly detec...

  4. Anomaly detection through information sharing under different topologies

    NARCIS (Netherlands)

    Gallos, Lazaros K.; Korczynski, M.T.; Fefferman, Nina H.

    2017-01-01

    Early detection of traffic anomalies in networks increases the probability of effective intervention/mitigation actions, thereby improving the stability of system function. Centralized methods of anomaly detection are subject to inherent constraints: (1) they create a communication burden on the

  5. An anomaly analysis framework for database systems

    NARCIS (Netherlands)

    Vavilis, S.; Egner, A.I.; Petkovic, M.; Zannone, N.

    2015-01-01

    Anomaly detection systems are usually employed to monitor database activities in order to detect security incidents. These systems raise an alert when anomalous activities are detected. The raised alerts have to be analyzed to timely respond to the security incidents. Their analysis, however, is

  6. An Entropy-Based Network Anomaly Detection Method

    Directory of Open Access Journals (Sweden)

    Przemysław Bereziński

    2015-04-01

    Full Text Available Data mining is an interdisciplinary subfield of computer science involving methods at the intersection of artificial intelligence, machine learning and statistics. One of the data mining tasks is anomaly detection which is the analysis of large quantities of data to identify items, events or observations which do not conform to an expected pattern. Anomaly detection is applicable in a variety of domains, e.g., fraud detection, fault detection, system health monitoring but this article focuses on application of anomaly detection in the field of network intrusion detection.The main goal of the article is to prove that an entropy-based approach is suitable to detect modern botnet-like malware based on anomalous patterns in network. This aim is achieved by realization of the following points: (i preparation of a concept of original entropy-based network anomaly detection method, (ii implementation of the method, (iii preparation of original dataset, (iv evaluation of the method.

  7. Improved prenatal detection of chromosomal anomalies

    DEFF Research Database (Denmark)

    Frøslev-Friis, Christina; Hjort-Pedersen, Karina; Henriques, Carsten U

    2011-01-01

    Prenatal screening for karyotype anomalies takes place in most European countries. In Denmark, the screening method was changed in 2005. The aim of this study was to study the trends in prevalence and prenatal detection rates of chromosome anomalies and Down syndrome (DS) over a 22-year period....

  8. Quantum machine learning for quantum anomaly detection

    Science.gov (United States)

    Liu, Nana; Rebentrost, Patrick

    2018-04-01

    Anomaly detection is used for identifying data that deviate from "normal" data patterns. Its usage on classical data finds diverse applications in many important areas such as finance, fraud detection, medical diagnoses, data cleaning, and surveillance. With the advent of quantum technologies, anomaly detection of quantum data, in the form of quantum states, may become an important component of quantum applications. Machine-learning algorithms are playing pivotal roles in anomaly detection using classical data. Two widely used algorithms are the kernel principal component analysis and the one-class support vector machine. We find corresponding quantum algorithms to detect anomalies in quantum states. We show that these two quantum algorithms can be performed using resources that are logarithmic in the dimensionality of quantum states. For pure quantum states, these resources can also be logarithmic in the number of quantum states used for training the machine-learning algorithm. This makes these algorithms potentially applicable to big quantum data applications.

  9. Residual generator for cardiovascular anomalies detection

    KAUST Repository

    Belkhatir, Zehor

    2014-06-01

    This paper discusses the possibility of using observer-based approaches for cardiovascular anomalies detection and isolation. We consider a lumped parameter model of the cardiovascular system that can be written in a form of nonlinear state-space representation. We show that residuals that are sensitive to variations in some cardiovascular parameters and to abnormal opening and closure of the valves, can be generated. Since the whole state is not easily available for measurement, we propose to associate the residual generator to a robust extended kalman filter. Numerical results performed on synthetic data are provided.

  10. ANOMALY DETECTION IN NETWORKING USING HYBRID ARTIFICIAL IMMUNE ALGORITHM

    Directory of Open Access Journals (Sweden)

    D. Amutha Guka

    2012-01-01

    Full Text Available Especially in today’s network scenario, when computers are interconnected through internet, security of an information system is very important issue. Because no system can be absolutely secure, the timely and accurate detection of anomalies is necessary. The main aim of this research paper is to improve the anomaly detection by using Hybrid Artificial Immune Algorithm (HAIA which is based on Artificial Immune Systems (AIS and Genetic Algorithm (GA. In this research work, HAIA approach is used to develop Network Anomaly Detection System (NADS. The detector set is generated by using GA and the anomalies are identified using Negative Selection Algorithm (NSA which is based on AIS. The HAIA algorithm is tested with KDD Cup 99 benchmark dataset. The detection rate is used to measure the effectiveness of the NADS. The results and consistency of the HAIA are compared with earlier approaches and the results are presented. The proposed algorithm gives best results when compared to the earlier approaches.

  11. Anomaly based intrusion detection for a biometric identification system using neural networks

    CSIR Research Space (South Africa)

    Mgabile, T

    2012-10-01

    Full Text Available detection technique that analyses the fingerprint biometric network traffic for evidence of intrusion. The neural network algorithm that imitates the way a human brain works is used in this study to classify normal traffic and learn the correct traffic...

  12. Anomaly Detection for Resilient Control Systems Using Fuzzy-Neural Data Fusion Engine

    Energy Technology Data Exchange (ETDEWEB)

    Ondrej Linda; Milos Manic; Timothy R. McJunkin

    2011-08-01

    Resilient control systems in critical infrastructures require increased cyber-security and state-awareness. One of the necessary conditions for achieving the desired high level of resiliency is timely reporting and understanding of the status and behavioral trends of the control system. This paper describes the design and development of a neural-network based data-fusion system for increased state-awareness of resilient control systems. The proposed system consists of a dedicated data-fusion engine for each component of the control system. Each data-fusion engine implements three-layered alarm system consisting of: (1) conventional threshold-based alarms, (2) anomalous behavior detector using self-organizing maps, and (3) prediction error based alarms using neural network based signal forecasting. The proposed system was integrated with a model of the Idaho National Laboratory Hytest facility, which is a testing facility for hybrid energy systems. Experimental results demonstrate that the implemented data fusion system provides timely plant performance monitoring and cyber-state reporting.

  13. Reducing customer minutes lost by anomaly detection?

    NARCIS (Netherlands)

    Bakker, M.; Vreeburg, J.H.G.; Rietveld, L.C.; van der Roer, M.

    2012-01-01

    An method which compares measured and predicted water demands to detect anomalies, was developed and tested on three data sets of water demand of three years in which and 25 pipe bursts were reported. The method proved to be able to detect bursts where the water loss exceeds 30% of the average water

  14. Condition Parameter Modeling for Anomaly Detection in Wind Turbines

    Directory of Open Access Journals (Sweden)

    Yonglong Yan

    2014-05-01

    Full Text Available Data collected from the supervisory control and data acquisition (SCADA system, used widely in wind farms to obtain operational and condition information about wind turbines (WTs, is of important significance for anomaly detection in wind turbines. The paper presents a novel model for wind turbine anomaly detection mainly based on SCADA data and a back-propagation neural network (BPNN for automatic selection of the condition parameters. The SCADA data sets are determined through analysis of the cumulative probability distribution of wind speed and the relationship between output power and wind speed. The automatic BPNN-based parameter selection is for reduction of redundant parameters for anomaly detection in wind turbines. Through investigation of cases of WT faults, the validity of the automatic parameter selection-based model for WT anomaly detection is verified.

  15. Run-time anomaly detection and mitigation in information-rich cyber-physical systems

    Data.gov (United States)

    National Aeronautics and Space Administration — Next generation space missions require autonomous systems to operate without human intervention for long periods of times in highly dynamic environments. Such...

  16. Bio-Inspired Autonomous Communications Systems with Anomaly Detection Monitoring, Phase I

    Data.gov (United States)

    National Aeronautics and Space Administration — We propose to develop and demonstrate BioComm, a bio-inspired autonomous communications system (ACS) aimed at dynamically reconfiguring and redeploying autonomous...

  17. System modeling based on machine learning for anomaly detection and predictive maintenance in industrial plants

    OpenAIRE

    Kroll, Björn; Schaffranek, David; Schriegel, Sebastian; Niggemann, Oliver

    2014-01-01

    Electricity, water or air are some Industrial energy carriers which are struggling under the prices of primary energy carriers. The European Union for example used more 20.000.000 GWh electricity in 2011 based on the IEA Report [1]. Cyber Physical Production Systems (CPPS) are able to reduce this amount, but they also help to increase the efficiency of machines above expectations which results in a more cost efficient production. Especially in the field of improving industrial plants, one of ...

  18. Attention focussing and anomaly detection in real-time systems monitoring

    Science.gov (United States)

    Doyle, Richard J.; Chien, Steve A.; Fayyad, Usama M.; Porta, Harry J.

    1993-01-01

    In real-time monitoring situations, more information is not necessarily better. When faced with complex emergency situations, operators can experience information overload and a compromising of their ability to react quickly and correctly. We describe an approach to focusing operator attention in real-time systems monitoring based on a set of empirical and model-based measures for determining the relative importance of sensor data.

  19. Online Anomaly Energy Consumption Detection Using Lambda Architecture

    DEFF Research Database (Denmark)

    Liu, Xiufeng; Iftikhar, Nadeem; Nielsen, Per Sieverts

    2016-01-01

    problem, which does data mining on a large amount of parallel data streams from smart meters. In this paper, we propose a supervised learning and statistical-based anomaly detection method, and implement a Lambda system using the in-memory distributed computing framework, Spark and its extension Spark...... of the lambda detection system....

  20. Development of a Computer Architecture to Support the Optical Plume Anomaly Detection (OPAD) System

    Science.gov (United States)

    Katsinis, Constantine

    1996-01-01

    The NASA OPAD spectrometer system relies heavily on extensive software which repetitively extracts spectral information from the engine plume and reports the amounts of metals which are present in the plume. The development of this software is at a sufficiently advanced stage where it can be used in actual engine tests to provide valuable data on engine operation and health. This activity will continue and, in addition, the OPAD system is planned to be used in flight aboard space vehicles. The two implementations, test-stand and in-flight, may have some differing requirements. For example, the data stored during a test-stand experiment are much more extensive than in the in-flight case. In both cases though, the majority of the requirements are similar. New data from the spectrograph is generated at a rate of once every 0.5 sec or faster. All processing must be completed within this period of time to maintain real-time performance. Every 0.5 sec, the OPAD system must report the amounts of specific metals within the engine plume, given the spectral data. At present, the software in the OPAD system performs this function by solving the inverse problem. It uses powerful physics-based computational models (the SPECTRA code), which receive amounts of metals as inputs to produce the spectral data that would have been observed, had the same metal amounts been present in the engine plume. During the experiment, for every spectrum that is observed, an initial approximation is performed using neural networks to establish an initial metal composition which approximates as accurately as possible the real one. Then, using optimization techniques, the SPECTRA code is repetitively used to produce a fit to the data, by adjusting the metal input amounts until the produced spectrum matches the observed one to within a given level of tolerance. This iterative solution to the original problem of determining the metal composition in the plume requires a relatively long period of time

  1. A Diagnostics Tool to detect ensemble forecast system anomaly and guide operational decisions

    Science.gov (United States)

    Park, G. H.; Srivastava, A.; Shrestha, E.; Thiemann, M.; Day, G. N.; Draijer, S.

    2017-12-01

    The hydrologic community is moving toward using ensemble forecasts to take uncertainty into account during the decision-making process. The New York City Department of Environmental Protection (DEP) implements several types of ensemble forecasts in their decision-making process: ensemble products for a statistical model (Hirsch and enhanced Hirsch); the National Weather Service (NWS) Advanced Hydrologic Prediction Service (AHPS) forecasts based on the classical Ensemble Streamflow Prediction (ESP) technique; and the new NWS Hydrologic Ensemble Forecasting Service (HEFS) forecasts. To remove structural error and apply the forecasts to additional forecast points, the DEP post processes both the AHPS and the HEFS forecasts. These ensemble forecasts provide mass quantities of complex data, and drawing conclusions from these forecasts is time-consuming and difficult. The complexity of these forecasts also makes it difficult to identify system failures resulting from poor data, missing forecasts, and server breakdowns. To address these issues, we developed a diagnostic tool that summarizes ensemble forecasts and provides additional information such as historical forecast statistics, forecast skill, and model forcing statistics. This additional information highlights the key information that enables operators to evaluate the forecast in real-time, dynamically interact with the data, and review additional statistics, if needed, to make better decisions. We used Bokeh, a Python interactive visualization library, and a multi-database management system to create this interactive tool. This tool compiles and stores data into HTML pages that allows operators to readily analyze the data with built-in user interaction features. This paper will present a brief description of the ensemble forecasts, forecast verification results, and the intended applications for the diagnostic tool.

  2. Fusion and normalization to enhance anomaly detection

    Science.gov (United States)

    Mayer, R.; Atkinson, G.; Antoniades, J.; Baumback, M.; Chester, D.; Edwards, J.; Goldstein, A.; Haas, D.; Henderson, S.; Liu, L.

    2009-05-01

    This study examines normalizing the imagery and the optimization metrics to enhance anomaly and change detection, respectively. The RX algorithm, the standard anomaly detector for hyperspectral imagery, more successfully extracts bright rather than dark man-made objects when applied to visible hyperspectral imagery. However, normalizing the imagery prior to applying the anomaly detector can help detect some of the problematic dark objects, but can also miss some bright objects. This study jointly fuses images of RX applied to normalized and unnormalized imagery and has a single decision surface. The technique was tested using imagery of commercial vehicles in urban environment gathered by a hyperspectral visible/near IR sensor mounted in an airborne platform. Combining detections first requires converting the detector output to a target probability. The observed anomaly detections were fitted with a linear combination of chi square distributions and these weights were used to help compute the target probability. Receiver Operator Characteristic (ROC) quantitatively assessed the target detection performance. The target detection performance is highly variable depending on the relative number of candidate bright and dark targets and false alarms and controlled in this study by using vegetation and street line masks. The joint Boolean OR and AND operations also generate variable performance depending on the scene. The joint SUM operation provides a reasonable compromise between OR and AND operations and has good target detection performance. In addition, new transforms based on normalizing correlation coefficient and least squares generate new transforms related to canonical correlation analysis (CCA) and a normalized image regression (NIR). Transforms based on CCA and NIR performed better than the standard approaches. Only RX detection of the unnormalized of the difference imagery in change detection provides adequate change detection performance.

  3. A Semiparametric Model for Hyperspectral Anomaly Detection

    Science.gov (United States)

    2012-01-01

    treeline ) in the presence of natural background clutter (e.g., trees, dirt roads, grasses). Each target consists of about 7 × 4 pixels, and each pixel...vehicles near the treeline in Cube 1 (Figure 1) constitutes the target set, but, since anomaly detectors are not designed to detect a particular target

  4. Anomaly Detection with Text Mining

    Data.gov (United States)

    National Aeronautics and Space Administration — Many existing complex space systems have a significant amount of historical maintenance and problem data bases that are stored in unstructured text forms. The...

  5. Detection Range of Airborne Magnetometers in Magnetic Anomaly Detection

    Directory of Open Access Journals (Sweden)

    Chengjing Li

    2015-11-01

    Full Text Available Airborne magnetometers are utilized for the small-range search, precise positioning, and identification of the ferromagnetic properties of underwater targets. As an important performance parameter of sensors, the detection range of airborne magnetometers is commonly set as a fixed value in references regardless of the influences of environment noise, target magnetic properties, and platform features in a classical model to detect airborne magnetic anomalies. As a consequence, deviation in detection ability analysis is observed. In this study, a novel detection range model is proposed on the basis of classic detection range models of airborne magnetometers. In this model, probability distribution is applied, and the magnetic properties of targets and the environment noise properties of a moving submarine are considered. The detection range model is also constructed by considering the distribution of the moving submarine during detection. A cell-averaging greatest-of-constant false alarm rate test method is also used to calculate the detection range of the model at a desired false alarm rate. The detection range model is then used to establish typical submarine search probabilistic models. Results show that the model can be used to evaluate not only the effects of ambient magnetic noise but also the moving and geomagnetic features of the target and airborne detection platform. The model can also be utilized to display the actual operating range of sensor systems.

  6. Amalgamation of Anomaly-Detection Indices for Enhanced Process Monitoring

    KAUST Repository

    Harrou, Fouzi

    2016-01-29

    Accurate and effective anomaly detection and diagnosis of modern industrial systems are crucial for ensuring reliability and safety and for maintaining desired product quality. Anomaly detection based on principal component analysis (PCA) has been studied intensively and largely applied to multivariate processes with highly cross-correlated process variables; howver conventional PCA-based methods often fail to detect small or moderate anomalies. In this paper, the proposed approach integrates two popular process-monitoring detection tools, the conventional PCA-based monitoring indices Hotelling’s T2 and Q and the exponentially weighted moving average (EWMA). We develop two EWMA tools based on the Q and T2 statistics, T2-EWMA and Q-EWMA, to detect anomalies in the process mean. The performances of the proposed methods were compared with that of conventional PCA-based anomaly-detection methods by applying each method to two examples: a synthetic data set and experimental data collected from a flow heating system. The results clearly show the benefits and effectiveness of the proposed methods over conventional PCA-based methods.

  7. Anomaly detection in real-time gross payment data

    NARCIS (Netherlands)

    Triepels, Ron; Daniels, Hennie; Heijmans, R.; Camp, Olivier; Filipe, Joaquim

    2017-01-01

    We discuss how an autoencoder can detect system-level anomalies in a real-time gross settlement system by reconstructing a set of liquidity vectors. A liquidity vector is an aggregated representation of the underlying payment network of a settlement system for a particular time interval.

  8. Potential tank waste material anomalies located near the liquid observation wells: Model predicted responses of a neutron moisture detection system

    International Nuclear Information System (INIS)

    Finfrock, S.H.; Toffer, H.; Watson, W.T.

    1994-09-01

    Extensive analyses have been completed to demonstrate that a neutron moisture probe can be used to recognize anomalies in materials and geometry surrounding the liquid observation wells (LOWs). Furthermore, techniques can be developed that will permit the interpretation of detector readings, perturbed by the presence of anomalies, as more accurate moisture concentrations. This analysis effort extends the usefulness of a neutron moisture probe system significantly, especially in the complicated geometries and material conditions that may be encountered in the waste tanks. Both static-source and pulsed-source neutron probes were considered in the analyses. Four different detector configurations were investigated: Thermal and epithermal neutron detectors located in both the near and far field

  9. Anomaly Detection using the "Isolation Forest" algorithm

    CERN Multimedia

    CERN. Geneva

    2015-01-01

    Anomaly detection can provide clues about an outlying minority class in your data: hackers in a set of network events, fraudsters in a set of credit card transactions, or exotic particles in a set of high-energy collisions. In this talk, we analyze a real dataset of breast tissue biopsies, with malignant results forming the minority class. The "Isolation Forest" algorithm finds anomalies by deliberately “overfitting” models that memorize each data point. Since outliers have more empty space around them, they take fewer steps to memorize. Intuitively, a house in the country can be identified simply as “that house out by the farm”, while a house in the city needs a longer description like “that house in Brooklyn, near Prospect Park, on Union Street, between the firehouse and the library, not far from the French restaurant”. We first use anomaly detection to find outliers in the biopsy data, then apply traditional predictive modeling to discover rules that separate anomalies from normal data...

  10. A hybrid approach for efficient anomaly detection using metaheuristic methods

    Directory of Open Access Journals (Sweden)

    Tamer F. Ghanem

    2015-07-01

    Full Text Available Network intrusion detection based on anomaly detection techniques has a significant role in protecting networks and systems against harmful activities. Different metaheuristic techniques have been used for anomaly detector generation. Yet, reported literature has not studied the use of the multi-start metaheuristic method for detector generation. This paper proposes a hybrid approach for anomaly detection in large scale datasets using detectors generated based on multi-start metaheuristic method and genetic algorithms. The proposed approach has taken some inspiration of negative selection-based detector generation. The evaluation of this approach is performed using NSL-KDD dataset which is a modified version of the widely used KDD CUP 99 dataset. The results show its effectiveness in generating a suitable number of detectors with an accuracy of 96.1% compared to other competitors of machine learning algorithms.

  11. Anomaly Detection Based on Sensor Data in Petroleum Industry Applications

    Directory of Open Access Journals (Sweden)

    Luis Martí

    2015-01-01

    Full Text Available Anomaly detection is the problem of finding patterns in data that do not conform to an a priori expected behavior. This is related to the problem in which some samples are distant, in terms of a given metric, from the rest of the dataset, where these anomalous samples are indicated as outliers. Anomaly detection has recently attracted the attention of the research community, because of its relevance in real-world applications, like intrusion detection, fraud detection, fault detection and system health monitoring, among many others. Anomalies themselves can have a positive or negative nature, depending on their context and interpretation. However, in either case, it is important for decision makers to be able to detect them in order to take appropriate actions. The petroleum industry is one of the application contexts where these problems are present. The correct detection of such types of unusual information empowers the decision maker with the capacity to act on the system in order to correctly avoid, correct or react to the situations associated with them. In that application context, heavy extraction machines for pumping and generation operations, like turbomachines, are intensively monitored by hundreds of sensors each that send measurements with a high frequency for damage prevention. In this paper, we propose a combination of yet another segmentation algorithm (YASA, a novel fast and high quality segmentation algorithm, with a one-class support vector machine approach for efficient anomaly detection in turbomachines. The proposal is meant for dealing with the aforementioned task and to cope with the lack of labeled training data. As a result, we perform a series of empirical studies comparing our approach to other methods applied to benchmark problems and a real-life application related to oil platform turbomachinery anomaly detection.

  12. Application of process monitoring to anomaly detection in nuclear material processing systems via system-centric event interpretation of data from multiple sensors of varying reliability

    International Nuclear Information System (INIS)

    Garcia, Humberto E.; Simpson, Michael F.; Lin, Wen-Chiao; Carlson, Reed B.; Yoo, Tae-Sic

    2017-01-01

    Highlights: • Process monitoring can strengthen nuclear safeguards and material accountancy. • Assessment is conducted at a system-centric level to improve safeguards effectiveness. • Anomaly detection is improved by integrating process and operation relationships. • Decision making is benefited from using sensor and event sequence information. • Formal framework enables optimization of sensor and data processing resources. - Abstract: In this paper, we apply an advanced safeguards approach and associated methods for process monitoring to a hypothetical nuclear material processing system. The assessment regarding the state of the processing facility is conducted at a system-centric level formulated in a hybrid framework. This utilizes architecture for integrating both time- and event-driven data and analysis for decision making. While the time-driven layers of the proposed architecture encompass more traditional process monitoring methods based on time series data and analysis, the event-driven layers encompass operation monitoring methods based on discrete event data and analysis. By integrating process- and operation-related information and methodologies within a unified framework, the task of anomaly detection is greatly improved. This is because decision-making can benefit from not only known time-series relationships among measured signals but also from known event sequence relationships among generated events. This available knowledge at both time series and discrete event layers can then be effectively used to synthesize observation solutions that optimally balance sensor and data processing requirements. The application of the proposed approach is then implemented on an illustrative monitored system based on pyroprocessing and results are discussed.

  13. Fuzzy Kernel k-Medoids algorithm for anomaly detection problems

    Science.gov (United States)

    Rustam, Z.; Talita, A. S.

    2017-07-01

    Intrusion Detection System (IDS) is an essential part of security systems to strengthen the security of information systems. IDS can be used to detect the abuse by intruders who try to get into the network system in order to access and utilize the available data sources in the system. There are two approaches of IDS, Misuse Detection and Anomaly Detection (behavior-based intrusion detection). Fuzzy clustering-based methods have been widely used to solve Anomaly Detection problems. Other than using fuzzy membership concept to determine the object to a cluster, other approaches as in combining fuzzy and possibilistic membership or feature-weighted based methods are also used. We propose Fuzzy Kernel k-Medoids that combining fuzzy and possibilistic membership as a powerful method to solve anomaly detection problem since on numerical experiment it is able to classify IDS benchmark data into five different classes simultaneously. We classify IDS benchmark data KDDCup'99 data set into five different classes simultaneously with the best performance was achieved by using 30 % of training data with clustering accuracy reached 90.28 percent.

  14. Detection of data taking anomalies for the ATLAS experiment

    CERN Document Server

    De Castro Vargas Fernandes, Julio; The ATLAS collaboration; Lehmann Miotto, Giovanna

    2015-01-01

    The physics signals produced by the ATLAS detector at the Large Hadron Collider (LHC) at CERN are acquired and selected by a distributed Trigger and Data AcQuistition (TDAQ) system, comprising a large number of hardware devices and software components. In this work, we focus on the problem of online detection of anomalies along the data taking period. Anomalies, in this context, are defined as an unexpected behaviour of the TDAQ system that result in a loss of data taking efficiency: the causes for those anomalies may come from the TDAQ itself or from external sources. While the TDAQ system operates, it publishes several useful information (trigger rates, dead times, memory usage…). Such information over time creates a set of time series that can be monitored in order to detect (and react to) problems (or anomalies). Here, we approach TDAQ operation monitoring through a data quality perspective, i.e, an anomaly is seen as a loss of quality (an outlier) and it is reported: this information can be used to rea...

  15. Evaluation of Anomaly Detection Techniques for SCADA Communication Resilience

    OpenAIRE

    Shirazi, Syed Noor Ul Hassan; Gouglidis, Antonios; Syeda, Kanza Noor; Simpson, Steven; Mauthe, Andreas Ulrich; Stephanakis, Ioannis M.; Hutchison, David

    2016-01-01

    Attacks on critical infrastructures’ Supervisory Control and Data Acquisition (SCADA) systems are beginning to increase. They are often initiated by highly skilled attackers, who are capable of deploying sophisticated attacks to exfiltrate data or even to cause physical damage. In this paper, we rehearse the rationale for protecting against cyber attacks and evaluate a set of Anomaly Detection (AD) techniques in detecting attacks by analysing traffic captured in a SCADA network. For this purp...

  16. Development of early core anomaly detection system by using in-sodium microphone in JOYO. Fundamental characteristics test of in-sodium microphone in water and examination of improvement of detection accuracy

    International Nuclear Information System (INIS)

    Komai, Masafumi

    2001-07-01

    Fast reactor core anomalies can be detected in near real-time with acoustic sensors. An acoustic detection system senses an in-core anomaly immediately from the fast acoustic signals that propagate through the sodium coolant. One example of a detectable anomaly is sodium boiling due to local blockage in a sub-assembly; the slight change in background acoustic signals can be detected. A key advantage of the acoustic detector is that it can be located outside the core. The location of the anomaly in the core can be determined by correlating multiple acoustic signals. This report describes the testing and fundamental characteristics of a microphone suitable for use in the sodium coolant and examines methods to improve the system's S/N ratio. Testing in water confirmed that the in-sodium microphone has good impulse and wide band frequency responses. These tests used impulse and white noise signals that imitate acoustic signals from boiling sodium. Correlation processing of multiple microphone signals to improve S/N ratio is also described. (author)

  17. Anomaly Detection for Next-Generation Space Launch Ground Operations

    Science.gov (United States)

    Spirkovska, Lilly; Iverson, David L.; Hall, David R.; Taylor, William M.; Patterson-Hine, Ann; Brown, Barbara; Ferrell, Bob A.; Waterman, Robert D.

    2010-01-01

    NASA is developing new capabilities that will enable future human exploration missions while reducing mission risk and cost. The Fault Detection, Isolation, and Recovery (FDIR) project aims to demonstrate the utility of integrated vehicle health management (IVHM) tools in the domain of ground support equipment (GSE) to be used for the next generation launch vehicles. In addition to demonstrating the utility of IVHM tools for GSE, FDIR aims to mature promising tools for use on future missions and document the level of effort - and hence cost - required to implement an application with each selected tool. One of the FDIR capabilities is anomaly detection, i.e., detecting off-nominal behavior. The tool we selected for this task uses a data-driven approach. Unlike rule-based and model-based systems that require manual extraction of system knowledge, data-driven systems take a radically different approach to reasoning. At the basic level, they start with data that represent nominal functioning of the system and automatically learn expected system behavior. The behavior is encoded in a knowledge base that represents "in-family" system operations. During real-time system monitoring or during post-flight analysis, incoming data is compared to that nominal system operating behavior knowledge base; a distance representing deviation from nominal is computed, providing a measure of how far "out of family" current behavior is. We describe the selected tool for FDIR anomaly detection - Inductive Monitoring System (IMS), how it fits into the FDIR architecture, the operations concept for the GSE anomaly monitoring, and some preliminary results of applying IMS to a Space Shuttle GSE anomaly.

  18. Boiling anomaly detection by various signal characterization methods

    International Nuclear Information System (INIS)

    Sakuma, M.; Kozma, R.; Kitamura, M.; Schoonewelle, H.; Hoogenboom, J.E.

    1996-01-01

    In order to detect anomalies in the early stage for complex dynamical systems like nuclear power plants, it is important to characterize various statistical features of the data acquired in normal operating condition. In this paper, concept of hierarchical anomaly monitoring method is outlined, which is based on the diversification principle. In addition to usual time and frequency domain analysis (FFT, APDF, MAR-SPRT), other analysis (wavelet, fractal, etc.) are performed. As soon as any inconsistency arises in the results of the analysis on the upper level, a thorough analysis is initiated. A comparison among these methods is performed and the efficiency of the diversification approach has been demonstrated through simulated boiling anomalies in nuclear reactors. (authors)

  19. Development of anomaly detection models for deep subsurface monitoring

    Science.gov (United States)

    Sun, A. Y.

    2017-12-01

    Deep subsurface repositories are used for waste disposal and carbon sequestration. Monitoring deep subsurface repositories for potential anomalies is challenging, not only because the number of sensor networks and the quality of data are often limited, but also because of the lack of labeled data needed to train and validate machine learning (ML) algorithms. Although physical simulation models may be applied to predict anomalies (or the system's nominal state for that sake), the accuracy of such predictions may be limited by inherent conceptual and parameter uncertainties. The main objective of this study was to demonstrate the potential of data-driven models for leakage detection in carbon sequestration repositories. Monitoring data collected during an artificial CO2 release test at a carbon sequestration repository were used, which include both scalar time series (pressure) and vector time series (distributed temperature sensing). For each type of data, separate online anomaly detection algorithms were developed using the baseline experiment data (no leak) and then tested on the leak experiment data. Performance of a number of different online algorithms was compared. Results show the importance of including contextual information in the dataset to mitigate the impact of reservoir noise and reduce false positive rate. The developed algorithms were integrated into a generic Web-based platform for real-time anomaly detection.

  20. Unsupervised Anomaly Detection for Liquid-Fueled Rocket Prop...

    Data.gov (United States)

    National Aeronautics and Space Administration — Title: Unsupervised Anomaly Detection for Liquid-Fueled Rocket Propulsion Health Monitoring. Abstract: This article describes the results of applying four...

  1. Mobile gamma-ray scanning system for detecting radiation anomalies associated with 226Ra-bearing materials

    International Nuclear Information System (INIS)

    Myrick, T.E.; Blair, M.S.; Doane, R.W.; Goldsmith, W.A.

    1982-11-01

    A mobile gamma-ray scanning system has been developed by Oak Ridge National Laboratory for use in the Department of Energy's remedial action survey programs. The unit consists of a NaI(T1) detection system housed in a specially-equipped van. The system is operator controlled through an on-board mini-computer, with data output provided on the computer video screen, strip chart recorders, and an on-line printer. Data storage is provided by a floppy disk system. Multichannel analysis capabilities are included for qualitative radionuclide identification. A 226 Ra-specific algorithm is employed to identify locations containing residual radium-bearing materials. This report presents the details of the system description, software development, and scanning methods utilized with the ORNL system. Laboratory calibration and field testing have established the system sensitivity, field of view, and other performance characteristics, the results of which are also presented. Documentation of the instrumentation and computer programs are included

  2. DeepAnomaly: Combining Background Subtraction and Deep Learning for Detecting Obstacles and Anomalies in an Agricultural Field

    Directory of Open Access Journals (Sweden)

    Peter Christiansen

    2016-11-01

    Full Text Available Convolutional neural network (CNN-based systems are increasingly used in autonomous vehicles for detecting obstacles. CNN-based object detection and per-pixel classification (semantic segmentation algorithms are trained for detecting and classifying a predefined set of object types. These algorithms have difficulties in detecting distant and heavily occluded objects and are, by definition, not capable of detecting unknown object types or unusual scenarios. The visual characteristics of an agriculture field is homogeneous, and obstacles, like people, animals and other obstacles, occur rarely and are of distinct appearance compared to the field. This paper introduces DeepAnomaly, an algorithm combining deep learning and anomaly detection to exploit the homogenous characteristics of a field to perform anomaly detection. We demonstrate DeepAnomaly as a fast state-of-the-art detector for obstacles that are distant, heavily occluded and unknown. DeepAnomaly is compared to state-of-the-art obstacle detectors including “Faster R-CNN: Towards Real-Time Object Detection with Region Proposal Networks” (RCNN. In a human detector test case, we demonstrate that DeepAnomaly detects humans at longer ranges (45–90 m than RCNN. RCNN has a similar performance at a short range (0–30 m. However, DeepAnomaly has much fewer model parameters and (182 ms/25 ms = a 7.28-times faster processing time per image. Unlike most CNN-based methods, the high accuracy, the low computation time and the low memory footprint make it suitable for a real-time system running on a embedded GPU (Graphics Processing Unit.

  3. Profile-based adaptive anomaly detection for network security.

    Energy Technology Data Exchange (ETDEWEB)

    Zhang, Pengchu C. (Sandia National Laboratories, Albuquerque, NM); Durgin, Nancy Ann

    2005-11-01

    As information systems become increasingly complex and pervasive, they become inextricably intertwined with the critical infrastructure of national, public, and private organizations. The problem of recognizing and evaluating threats against these complex, heterogeneous networks of cyber and physical components is a difficult one, yet a solution is vital to ensuring security. In this paper we investigate profile-based anomaly detection techniques that can be used to address this problem. We focus primarily on the area of network anomaly detection, but the approach could be extended to other problem domains. We investigate using several data analysis techniques to create profiles of network hosts and perform anomaly detection using those profiles. The ''profiles'' reduce multi-dimensional vectors representing ''normal behavior'' into fewer dimensions, thus allowing pattern and cluster discovery. New events are compared against the profiles, producing a quantitative measure of how ''anomalous'' the event is. Most network intrusion detection systems (IDSs) detect malicious behavior by searching for known patterns in the network traffic. This approach suffers from several weaknesses, including a lack of generalizability, an inability to detect stealthy or novel attacks, and lack of flexibility regarding alarm thresholds. Our research focuses on enhancing current IDS capabilities by addressing some of these shortcomings. We identify and evaluate promising techniques for data mining and machine-learning. The algorithms are ''trained'' by providing them with a series of data-points from ''normal'' network traffic. A successful algorithm can be trained automatically and efficiently, will have a low error rate (low false alarm and miss rates), and will be able to identify anomalies in ''pseudo real-time'' (i.e., while the intrusion is still in progress

  4. Detection of Cardiovascular Anomalies: An Observer-Based Approach

    KAUST Repository

    Ledezma, Fernando

    2012-07-01

    In this thesis, a methodology for the detection of anomalies in the cardiovascular system is presented. The cardiovascular system is one of the most fascinating and complex physiological systems. Nowadays, cardiovascular diseases constitute one of the most important causes of mortality in the world. For instance, an estimate of 17.3 million people died in 2008 from cardiovascular diseases. Therefore, many studies have been devoted to modeling the cardiovascular system in order to better understand its behavior and find new reliable diagnosis techniques. The lumped parameter model of the cardiovascular system proposed in [1] is restructured using a hybrid systems approach in order to include a discrete input vector that represents the influence of the mitral and aortic valves in the different phases of the cardiac cycle. Parting from this model, a Taylor expansion around the nominal values of a vector of parameters is conducted. This expansion serves as the foundation for a component fault detection process to detect changes in the physiological parameters of the cardiovascular system which could be associated with cardiovascular anomalies such as atherosclerosis, aneurysm, high blood pressure, etc. An Extended Kalman Filter is used in order to achieve a joint estimation of the state vector and the changes in the considered parameters. Finally, a bank of filters is, as in [2], used in order to detect the appearance of heart valve diseases, particularly stenosis and regurgitation. The first numerical results obtained are presented.

  5. Spectral anomaly methods for aerial detection using KUT nuisance rejection

    International Nuclear Information System (INIS)

    Detwiler, R.S.; Pfund, D.M.; Myjak, M.J.; Kulisek, J.A.; Seifert, C.E.

    2015-01-01

    This work discusses the application and optimization of a spectral anomaly method for the real-time detection of gamma radiation sources from an aerial helicopter platform. Aerial detection presents several key challenges over ground-based detection. For one, larger and more rapid background fluctuations are typical due to higher speeds, larger field of view, and geographically induced background changes. As well, the possible large altitude or stand-off distance variations cause significant steps in background count rate as well as spectral changes due to increased gamma-ray scatter with detection at higher altitudes. The work here details the adaptation and optimization of the PNNL-developed algorithm Nuisance-Rejecting Spectral Comparison Ratios for Anomaly Detection (NSCRAD), a spectral anomaly method previously developed for ground-based applications, for an aerial platform. The algorithm has been optimized for two multi-detector systems; a NaI(Tl)-detector-based system and a CsI detector array. The optimization here details the adaptation of the spectral windows for a particular set of target sources to aerial detection and the tailoring for the specific detectors. As well, the methodology and results for background rejection methods optimized for the aerial gamma-ray detection using Potassium, Uranium and Thorium (KUT) nuisance rejection are shown. Results indicate that use of a realistic KUT nuisance rejection may eliminate metric rises due to background magnitude and spectral steps encountered in aerial detection due to altitude changes and geographically induced steps such as at land–water interfaces

  6. Signal anomaly detection using modified CUSUM [cumulative sum] method

    International Nuclear Information System (INIS)

    Morgenstern, V.; Upadhyaya, B.R.; Benedetti, M.

    1988-01-01

    An important aspect of detection of anomalies in signals is the identification of changes in signal behavior caused by noise, jumps, changes in band-width, sudden pulses and signal bias. A methodology is developed to identify, isolate and characterize these anomalies using a modification of the cumulative sum (CUSUM) approach. The new algorithm performs anomaly detection at three levels and is implemented on a general purpose computer. 7 refs., 4 figs

  7. Multicriteria Similarity-Based Anomaly Detection Using Pareto Depth Analysis.

    Science.gov (United States)

    Hsiao, Ko-Jen; Xu, Kevin S; Calder, Jeff; Hero, Alfred O

    2016-06-01

    We consider the problem of identifying patterns in a data set that exhibits anomalous behavior, often referred to as anomaly detection. Similarity-based anomaly detection algorithms detect abnormally large amounts of similarity or dissimilarity, e.g., as measured by the nearest neighbor Euclidean distances between a test sample and the training samples. In many application domains, there may not exist a single dissimilarity measure that captures all possible anomalous patterns. In such cases, multiple dissimilarity measures can be defined, including nonmetric measures, and one can test for anomalies by scalarizing using a nonnegative linear combination of them. If the relative importance of the different dissimilarity measures are not known in advance, as in many anomaly detection applications, the anomaly detection algorithm may need to be executed multiple times with different choices of weights in the linear combination. In this paper, we propose a method for similarity-based anomaly detection using a novel multicriteria dissimilarity measure, the Pareto depth. The proposed Pareto depth analysis (PDA) anomaly detection algorithm uses the concept of Pareto optimality to detect anomalies under multiple criteria without having to run an algorithm multiple times with different choices of weights. The proposed PDA approach is provably better than using linear combinations of the criteria, and shows superior performance on experiments with synthetic and real data sets.

  8. Generative adversarial networks for anomaly detection in images

    OpenAIRE

    Batiste Ros, Guillem

    2018-01-01

    Anomaly detection is used to identify abnormal observations that don t follow a normal pattern. Inthis work, we use the power of Generative Adversarial Networks in sampling from image distributionsto perform anomaly detection with images and to identify local anomalous segments within thisimages. Also, we explore potential application of this method to support pathological analysis ofbiological tissues

  9. Learning Multimodal Deep Representations for Crowd Anomaly Event Detection

    Directory of Open Access Journals (Sweden)

    Shaonian Huang

    2018-01-01

    Full Text Available Anomaly event detection in crowd scenes is extremely important; however, the majority of existing studies merely use hand-crafted features to detect anomalies. In this study, a novel unsupervised deep learning framework is proposed to detect anomaly events in crowded scenes. Specifically, low-level visual features, energy features, and motion map features are simultaneously extracted based on spatiotemporal energy measurements. Three convolutional restricted Boltzmann machines are trained to model the mid-level feature representation of normal patterns. Then a multimodal fusion scheme is utilized to learn the deep representation of crowd patterns. Based on the learned deep representation, a one-class support vector machine model is used to detect anomaly events. The proposed method is evaluated using two available public datasets and compared with state-of-the-art methods. The experimental results show its competitive performance for anomaly event detection in video surveillance.

  10. Occurrence and Detectability of Thermal Anomalies on Europa

    Science.gov (United States)

    Hayne, Paul O.; Christensen, Philip R.; Spencer, John R.; Abramov, Oleg; Howett, Carly; Mellon, Michael; Nimmo, Francis; Piqueux, Sylvain; Rathbun, Julie A.

    2017-10-01

    Endogenic activity is likely on Europa, given its young surface age of and ongoing tidal heating by Jupiter. Temperature is a fundamental signature of activity, as witnessed on Enceladus, where plumes emanate from vents with strongly elevated temperatures. Recent observations suggest the presence of similar water plumes at Europa. Even if plumes are uncommon, resurfacing may produce elevated surface temperatures, perhaps due to near-surface liquid water. Detecting endogenic activity on Europa is one of the primary mission objectives of NASA’s planned Europa Clipper flyby mission.Here, we use a probabilistic model to assess the likelihood of detectable thermal anomalies on the surface of Europa. The Europa Thermal Emission Imaging System (E-THEMIS) investigation is designed to characterize Europa’s thermal behavior and identify any thermal anomalies due to recent or ongoing activity. We define “detectability” on the basis of expected E-THEMIS measurements, which include multi-spectral infrared emission, both day and night.Thermal anomalies on Europa may take a variety of forms, depending on the resurfacing style, frequency, and duration of events: 1) subsurface melting due to hot spots, 2) shear heating on faults, and 3) eruptions of liquid water or warm ice on the surface. We use numerical and analytical models to estimate temperatures for these features. Once activity ceases, lifetimes of thermal anomalies are estimated to be 100 - 1000 yr. On average, Europa’s 10 - 100 Myr surface age implies a resurfacing rate of ~3 - 30 km2/yr. The typical size of resurfacing features determines their frequency of occurrence. For example, if ~100 km2 chaos features dominate recent resurfacing, we expect one event every few years to decades. Smaller features, such as double-ridges, may be active much more frequently. We model each feature type as a statistically independent event, with probabilities weighted by their observed coverage of Europa’s surface. Our results

  11. EUROCAT website data on prenatal detection rates of congenital anomalies

    NARCIS (Netherlands)

    Garne, Ester; Dolk, Helen; Loane, Maria; Boyd, Patricia A.

    2010-01-01

    The EUROCAT website www.eurocat-network.eu publishes prenatal detection rates for major congenital anomalies using data from European population-based congenital anomaly registers, covering 28% of the EU population as well as non-EU countries. Data are updated annually. This information can be

  12. EUROCAT website data on prenatal detection rates of congenital anomalies

    DEFF Research Database (Denmark)

    Garne, Ester; Dolk, Helen; Loane, Maria

    2010-01-01

    The EUROCAT website www.eurocat-network.eu publishes prenatal detection rates for major congenital anomalies using data from European population-based congenital anomaly registers, covering 28% of the EU population as well as non-EU countries. Data are updated annually. This information can be us...

  13. Towards Reliable Evaluation of Anomaly-Based Intrusion Detection Performance

    Science.gov (United States)

    Viswanathan, Arun

    2012-01-01

    This report describes the results of research into the effects of environment-induced noise on the evaluation process for anomaly detectors in the cyber security domain. This research was conducted during a 10-week summer internship program from the 19th of August, 2012 to the 23rd of August, 2012 at the Jet Propulsion Laboratory in Pasadena, California. The research performed lies within the larger context of the Los Angeles Department of Water and Power (LADWP) Smart Grid cyber security project, a Department of Energy (DoE) funded effort involving the Jet Propulsion Laboratory, California Institute of Technology and the University of Southern California/ Information Sciences Institute. The results of the present effort constitute an important contribution towards building more rigorous evaluation paradigms for anomaly-based intrusion detectors in complex cyber physical systems such as the Smart Grid. Anomaly detection is a key strategy for cyber intrusion detection and operates by identifying deviations from profiles of nominal behavior and are thus conceptually appealing for detecting "novel" attacks. Evaluating the performance of such a detector requires assessing: (a) how well it captures the model of nominal behavior, and (b) how well it detects attacks (deviations from normality). Current evaluation methods produce results that give insufficient insight into the operation of a detector, inevitably resulting in a significantly poor characterization of a detectors performance. In this work, we first describe a preliminary taxonomy of key evaluation constructs that are necessary for establishing rigor in the evaluation regime of an anomaly detector. We then focus on clarifying the impact of the operational environment on the manifestation of attacks in monitored data. We show how dynamic and evolving environments can introduce high variability into the data stream perturbing detector performance. Prior research has focused on understanding the impact of this

  14. Detection of Anomalies in Hydrometric Data Using Artificial Intelligence Techniques

    Science.gov (United States)

    Lauzon, N.; Lence, B. J.

    2002-12-01

    This work focuses on the detection of anomalies in hydrometric data sequences, such as 1) outliers, which are individual data having statistical properties that differ from those of the overall population; 2) shifts, which are sudden changes over time in the statistical properties of the historical records of data; and 3) trends, which are systematic changes over time in the statistical properties. For the purpose of the design and management of water resources systems, it is important to be aware of these anomalies in hydrometric data, for they can induce a bias in the estimation of water quantity and quality parameters. These anomalies may be viewed as specific patterns affecting the data, and therefore pattern recognition techniques can be used for identifying them. However, the number of possible patterns is very large for each type of anomaly and consequently large computing capacities are required to account for all possibilities using the standard statistical techniques, such as cluster analysis. Artificial intelligence techniques, such as the Kohonen neural network and fuzzy c-means, are clustering techniques commonly used for pattern recognition in several areas of engineering and have recently begun to be used for the analysis of natural systems. They require much less computing capacity than the standard statistical techniques, and therefore are well suited for the identification of outliers, shifts and trends in hydrometric data. This work constitutes a preliminary study, using synthetic data representing hydrometric data that can be found in Canada. The analysis of the results obtained shows that the Kohonen neural network and fuzzy c-means are reasonably successful in identifying anomalies. This work also addresses the problem of uncertainties inherent to the calibration procedures that fit the clusters to the possible patterns for both the Kohonen neural network and fuzzy c-means. Indeed, for the same database, different sets of clusters can be

  15. Detection of short-term anomaly using parasitic discrete wavelet transform

    International Nuclear Information System (INIS)

    Nagamatsu, Takashi; Gofuku, Akio

    2013-01-01

    A parasitic discrete wavelet transform (P-DWT) that has a large flexibility in design of the mother wavelet (MW) and a high processing speed was applied for simulation and measured anomalies. First, we applied the P-DWT to detection of the short-term anomalies. Second, we applied the P-DWT to detection of the collision of pump using the pump diagnostic experiment equipment that was designed taking into consideration the structure of the pump used for the water-steam system of the fast breeder reactor 'Monju'. The vibration signals were measured by the vibration sensor attached to the pump when injecting four types of small objects (sphere, small sphere, cube, and rectangular parallelepiped). Anomaly detection was performed by calculating the fast wavelet instantaneous correlation using the parasitic filter that was constructed on the basis of the measured signals. The results suggested that the anomalies could be detected for all types of the supposed anomalies. (author)

  16. Using statistical anomaly detection models to find clinical decision support malfunctions.

    Science.gov (United States)

    Ray, Soumi; McEvoy, Dustin S; Aaron, Skye; Hickman, Thu-Trang; Wright, Adam

    2018-05-11

    Malfunctions in Clinical Decision Support (CDS) systems occur due to a multitude of reasons, and often go unnoticed, leading to potentially poor outcomes. Our goal was to identify malfunctions within CDS systems. We evaluated 6 anomaly detection models: (1) Poisson Changepoint Model, (2) Autoregressive Integrated Moving Average (ARIMA) Model, (3) Hierarchical Divisive Changepoint (HDC) Model, (4) Bayesian Changepoint Model, (5) Seasonal Hybrid Extreme Studentized Deviate (SHESD) Model, and (6) E-Divisive with Median (EDM) Model and characterized their ability to find known anomalies. We analyzed 4 CDS alerts with known malfunctions from the Longitudinal Medical Record (LMR) and Epic® (Epic Systems Corporation, Madison, WI, USA) at Brigham and Women's Hospital, Boston, MA. The 4 rules recommend lead testing in children, aspirin therapy in patients with coronary artery disease, pneumococcal vaccination in immunocompromised adults and thyroid testing in patients taking amiodarone. Poisson changepoint, ARIMA, HDC, Bayesian changepoint and the SHESD model were able to detect anomalies in an alert for lead screening in children and in an alert for pneumococcal conjugate vaccine in immunocompromised adults. EDM was able to detect anomalies in an alert for monitoring thyroid function in patients on amiodarone. Malfunctions/anomalies occur frequently in CDS alert systems. It is important to be able to detect such anomalies promptly. Anomaly detection models are useful tools to aid such detections.

  17. In-Flight Diagnosis and Anomaly Detection, Phase I

    Data.gov (United States)

    National Aeronautics and Space Administration — In flight diagnosis and anomaly detection is a difficult challenge that requires sufficient observation and real-time processing of health information. Our approach...

  18. Detection of sinkholes or anomalies using full seismic wave fields.

    Science.gov (United States)

    2013-04-01

    This research presents an application of two-dimensional (2-D) time-domain waveform tomography for detection of embedded sinkholes and anomalies. The measured seismic surface wave fields were inverted using a full waveform inversion (FWI) technique, ...

  19. Anomaly Detection and Diagnosis Algorithms for Discrete Symbols

    Data.gov (United States)

    National Aeronautics and Space Administration — We present a set of novel algorithms which we call sequenceMiner that detect and characterize anomalies in large sets of high-dimensional symbol sequences that arise...

  20. Solving a prisoner's dilemma in distributed anomaly detection

    Data.gov (United States)

    National Aeronautics and Space Administration — Anomaly detection has recently become an important problem in many industrial and financial applications. In several instances, the data to be analyzed for possible...

  1. Detecting Anomalies by Fusing Voice and Operations Data, Phase I

    Data.gov (United States)

    National Aeronautics and Space Administration — Our innovation will detect, in near real-time, NAS operational anomalies by uniquely combing with analytical methods our existing Microsoft Azure based TFMData...

  2. Kullback-Leibler distance-based enhanced detection of incipient anomalies

    KAUST Repository

    Harrou, Fouzi; Sun, Ying; Madakyaru, Muddu

    2016-01-01

    Accurate and effective anomaly detection and diagnosis of modern engineering systems by monitoring processes ensure reliability and safety of a product while maintaining desired quality. In this paper, an innovative method based on Kullback

  3. Hyperspectral Imagery Target Detection Using Improved Anomaly Detection and Signature Matching Methods

    National Research Council Canada - National Science Library

    Smetek, Timothy E

    2007-01-01

    This research extends the field of hyperspectral target detection by developing autonomous anomaly detection and signature matching methodologies that reduce false alarms relative to existing benchmark detectors...

  4. Detecting Traffic Anomalies in Urban Areas Using Taxi GPS Data

    Directory of Open Access Journals (Sweden)

    Weiming Kuang

    2015-01-01

    Full Text Available Large-scale GPS data contain hidden information and provide us with the opportunity to discover knowledge that may be useful for transportation systems using advanced data mining techniques. In major metropolitan cities, many taxicabs are equipped with GPS devices. Because taxies operate continuously for nearly 24 hours per day, they can be used as reliable sensors for the perceived traffic state. In this paper, the entire city was divided into subregions by roads, and taxi GPS data were transformed into traffic flow data to build a traffic flow matrix. In addition, a highly efficient anomaly detection method was proposed based on wavelet transform and PCA (principal component analysis for detecting anomalous traffic events in urban regions. The traffic anomaly is considered to occur in a subregion when the values of the corresponding indicators deviate significantly from the expected values. This method was evaluated using a GPS dataset that was generated by more than 15,000 taxies over a period of half a year in Harbin, China. The results show that this detection method is effective and efficient.

  5. Anomaly detection using magnetic flux leakage technology

    Energy Technology Data Exchange (ETDEWEB)

    Rempel, Raymond G. [BJ Pipeline Inspection Services, Alberta (Canada)

    2005-07-01

    There are many aspects to properly assessing the integrity of a pipeline. In-line-Inspection (ILI) tools, in particular those that employ the advanced use of Magnetic Flux Leakage (MFL) technology, provide a valuable means of achieving required up-to-date knowledge of a pipeline. More prevalent use of High Resolution MFL In-Line-Inspection tools is growing the knowledge base that leads to more reliable and accurate identification of anomalies in a pipeline, thus, minimizing the need for expensive verification excavations. Accurate assessment of pipeline anomalies can improve the decision making process within an Integrity Management Program and excavation programs can then focus on required repairs instead of calibration or exploratory digs. Utilizing the information from an MFL ILI inspection is not only cost effective but, as well, can also prove to be an extremely valuable building block of a Pipeline Integrity Management Program. (author)

  6. Low Count Anomaly Detection at Large Standoff Distances

    Science.gov (United States)

    Pfund, David Michael; Jarman, Kenneth D.; Milbrath, Brian D.; Kiff, Scott D.; Sidor, Daniel E.

    2010-02-01

    Searching for hidden illicit sources of gamma radiation in an urban environment is difficult. Background radiation profiles are variable and cluttered with transient acquisitions from naturally occurring radioactive materials and medical isotopes. Potentially threatening sources likely will be nearly hidden in this noise and encountered at high standoff distances and low threat count rates. We discuss an anomaly detection algorithm that characterizes low count sources as threatening or non-threatening and operates well in the presence of high benign source variability. We discuss the algorithm parameters needed to reliably find sources both close to the detector and far away from it. These parameters include the cutoff frequencies of background tracking filters and the integration time of the spectrometer. This work is part of the development of the Standoff Radiation Imaging System (SORIS) as part of DNDO's Standoff Radiation Detection System Advanced Technology Demonstration (SORDS-ATD) program.

  7. Unsupervised Ensemble Anomaly Detection Using Time-Periodic Packet Sampling

    Science.gov (United States)

    Uchida, Masato; Nawata, Shuichi; Gu, Yu; Tsuru, Masato; Oie, Yuji

    We propose an anomaly detection method for finding patterns in network traffic that do not conform to legitimate (i.e., normal) behavior. The proposed method trains a baseline model describing the normal behavior of network traffic without using manually labeled traffic data. The trained baseline model is used as the basis for comparison with the audit network traffic. This anomaly detection works in an unsupervised manner through the use of time-periodic packet sampling, which is used in a manner that differs from its intended purpose — the lossy nature of packet sampling is used to extract normal packets from the unlabeled original traffic data. Evaluation using actual traffic traces showed that the proposed method has false positive and false negative rates in the detection of anomalies regarding TCP SYN packets comparable to those of a conventional method that uses manually labeled traffic data to train the baseline model. Performance variation due to the probabilistic nature of sampled traffic data is mitigated by using ensemble anomaly detection that collectively exploits multiple baseline models in parallel. Alarm sensitivity is adjusted for the intended use by using maximum- and minimum-based anomaly detection that effectively take advantage of the performance variations among the multiple baseline models. Testing using actual traffic traces showed that the proposed anomaly detection method performs as well as one using manually labeled traffic data and better than one using randomly sampled (unlabeled) traffic data.

  8. Fetal central nervous system anomalies: fast MRI vs ultrasonography

    International Nuclear Information System (INIS)

    Yang Wenzhong; Xia Liming; Yang Minjie; Feng Dingyi; Hu Junwu; Zou Mingli; Wang Chengyuan; Chen Xinlin; Yang Xiaohong

    2006-01-01

    Objective: To evaluate the ability of fast MRI to detect fetal central nervous system (CNS) anomalies and to compare its performance with that of prenatal ultrasonography (US). Methods Forty-eight pregnant women were detected by conventional prenatal US and MRI. Twenty-two fetuses with CNS anomalies were conformed by autopsy and follow-up. The MR and US appearances of fetal CNS structure were compared to each other and to that of autopsy. Results: A total of 26 CNS anomalies were identified by autopsy (n=17) and follow-up (n=9) including anencephaly (n=6), rachischisis (n=2), encephalocele (n=3), congenital hydrocephalus (n=7), alobar holoprosencephaly (n=1), porencephalia (n=3), arachnoid cyst (n=2) and choroids plexus cyst (n=2). US diagnosed 24 CNS anomalies, the correct diagnostic rate was 92.3%, the false-positive rate was 3.8%, the missed-diagnostic rate was 3.8%. MRI diagnosed 23 CNS anomalies, the correct-diagnostic rate was 88.5%, the false-positive rate was 3.8% ,the missed-diagnostic rate was 7.7%. There was no difference between US and MRI (P>0.05), but MRI have larger FOV, higher tissues resolution, and can demonstrate gray-white matter in detail. Conclusions: MR imaging has a similar sensitivity to that of US in the detection of fetal CNS anomalies. (authors)

  9. A New Method for Early Anomaly Detection of BWR Instabilities

    International Nuclear Information System (INIS)

    Ivanov, K.N.

    2005-01-01

    The objective of the performed research is to develop an early anomaly detection methodology so as to enhance safety, availability, and operational flexibility of Boiling Water Reactor (BWR) nuclear power plants. The technical approach relies on suppression of potential power oscillations in BWRs by detecting small anomalies at an early stage and taking appropriate prognostic actions based on an anticipated operation schedule. The research utilizes a model of coupled (two-phase) thermal-hydraulic and neutron flux dynamics, which is used as a generator of time series data for anomaly detection at an early stage. The model captures critical nonlinear features of coupled thermal-hydraulic and nuclear reactor dynamics and (slow time-scale) evolution of the anomalies as non-stationary parameters. The time series data derived from this nonlinear non-stationary model serves as the source of information for generating the symbolic dynamics for characterization of model parameter changes that quantitatively represent small anomalies. The major focus of the presented research activity was on developing and qualifying algorithms of pattern recognition for power instability based on anomaly detection from time series data, which later can be used to formulate real-time decision and control algorithms for suppression of power oscillations for a variety of anticipated operating conditions. The research being performed in the framework of this project is essential to make significant improvement in the capability of thermal instability analyses for enhancing safety, availability, and operational flexibility of currently operating and next generation BWRs.

  10. A first approach on fault detection and isolation for cardiovascular anomalies detection

    KAUST Repository

    Ledezma, Fernando

    2015-07-01

    In this paper, we use an extended version of the cardiovascular system\\'s state space model presented by [1] and propose a fault detection and isolation methodology to study the problem of detecting cardiovascular anomalies that can originate from variations in physiological parameters and deviations in the performance of the heart\\'s mitral and aortic valves. An observer-based approach is discussed as the basis of the method. The approach contemplates a bank of Extended Kalman Filters to achieve joint estimation of the model\\'s states and parameters and to detect malfunctions in the valves\\' performance. © 2015 American Automatic Control Council.

  11. An incremental anomaly detection model for virtual machines

    Science.gov (United States)

    Zhang, Hancui; Chen, Shuyu; Liu, Jun; Zhou, Zhen; Wu, Tianshu

    2017-01-01

    Self-Organizing Map (SOM) algorithm as an unsupervised learning method has been applied in anomaly detection due to its capabilities of self-organizing and automatic anomaly prediction. However, because of the algorithm is initialized in random, it takes a long time to train a detection model. Besides, the Cloud platforms with large scale virtual machines are prone to performance anomalies due to their high dynamic and resource sharing characters, which makes the algorithm present a low accuracy and a low scalability. To address these problems, an Improved Incremental Self-Organizing Map (IISOM) model is proposed for anomaly detection of virtual machines. In this model, a heuristic-based initialization algorithm and a Weighted Euclidean Distance (WED) algorithm are introduced into SOM to speed up the training process and improve model quality. Meanwhile, a neighborhood-based searching algorithm is presented to accelerate the detection time by taking into account the large scale and high dynamic features of virtual machines on cloud platform. To demonstrate the effectiveness, experiments on a common benchmark KDD Cup dataset and a real dataset have been performed. Results suggest that IISOM has advantages in accuracy and convergence velocity of anomaly detection for virtual machines on cloud platform. PMID:29117245

  12. An incremental anomaly detection model for virtual machines.

    Directory of Open Access Journals (Sweden)

    Hancui Zhang

    Full Text Available Self-Organizing Map (SOM algorithm as an unsupervised learning method has been applied in anomaly detection due to its capabilities of self-organizing and automatic anomaly prediction. However, because of the algorithm is initialized in random, it takes a long time to train a detection model. Besides, the Cloud platforms with large scale virtual machines are prone to performance anomalies due to their high dynamic and resource sharing characters, which makes the algorithm present a low accuracy and a low scalability. To address these problems, an Improved Incremental Self-Organizing Map (IISOM model is proposed for anomaly detection of virtual machines. In this model, a heuristic-based initialization algorithm and a Weighted Euclidean Distance (WED algorithm are introduced into SOM to speed up the training process and improve model quality. Meanwhile, a neighborhood-based searching algorithm is presented to accelerate the detection time by taking into account the large scale and high dynamic features of virtual machines on cloud platform. To demonstrate the effectiveness, experiments on a common benchmark KDD Cup dataset and a real dataset have been performed. Results suggest that IISOM has advantages in accuracy and convergence velocity of anomaly detection for virtual machines on cloud platform.

  13. Effective Sensor Selection and Data Anomaly Detection for Condition Monitoring of Aircraft Engines

    Directory of Open Access Journals (Sweden)

    Liansheng Liu

    2016-04-01

    Full Text Available In a complex system, condition monitoring (CM can collect the system working status. The condition is mainly sensed by the pre-deployed sensors in/on the system. Most existing works study how to utilize the condition information to predict the upcoming anomalies, faults, or failures. There is also some research which focuses on the faults or anomalies of the sensing element (i.e., sensor to enhance the system reliability. However, existing approaches ignore the correlation between sensor selecting strategy and data anomaly detection, which can also improve the system reliability. To address this issue, we study a new scheme which includes sensor selection strategy and data anomaly detection by utilizing information theory and Gaussian Process Regression (GPR. The sensors that are more appropriate for the system CM are first selected. Then, mutual information is utilized to weight the correlation among different sensors. The anomaly detection is carried out by using the correlation of sensor data. The sensor data sets that are utilized to carry out the evaluation are provided by National Aeronautics and Space Administration (NASA Ames Research Center and have been used as Prognostics and Health Management (PHM challenge data in 2008. By comparing the two different sensor selection strategies, the effectiveness of selection method on data anomaly detection is proved.

  14. Anomaly Detection In Additively Manufactured Parts Using Laser Doppler Vibrometery

    Energy Technology Data Exchange (ETDEWEB)

    Hernandez, Carlos A. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

    2015-09-29

    Additively manufactured parts are susceptible to non-uniform structure caused by the unique manufacturing process. This can lead to structural weakness or catastrophic failure. Using laser Doppler vibrometry and frequency response analysis, non-contact detection of anomalies in additively manufactured parts may be possible. Preliminary tests show promise for small scale detection, but more future work is necessary.

  15. Early Detection and Identification of Anomalies in Chemical Regime

    International Nuclear Information System (INIS)

    Figedy, Stefan; Smiesko, Ivan

    2011-01-01

    This paper provides a brief information about the basic features of a newly developed diagnostic system for early detection and identification of anomalies incoming in the water chemistry regime of the primary and secondary circuit of VVER-440 reactor. This system, called SACHER (System of Analysis of CHEmical Regime) is being installed within the major modernization project at the NPP-V2 Bohunice in the Slovak Republic. System SACHER has been developed fully in MATLAB environment. The availability of prompt information about the chemical conditions of the primary and secondary circuit is very important to prevent the undue corrosion and deposit build-up. The typical chemical information systems that exist and work at the NPPs give the user values of the measured quantities together with their time trends and other derived values. It is then the experienced user's role to recognize the situation the monitored process is in and make the subsequent decisions and take the measures. The SACHER system, based on the computational intelligence techniques, inserts the elements of intelligence into the overall chemical information system. It has the modular structure with the following most important modules: normality module- its aim is to recognize that the process starts to deviate from the normal one and serves as the early warning to the staff to take the adequate measures, fuzzy identification module- its aim is to identify the anomaly on the basis of a set of fuzzy rules, time-prediction module- its aim is to predict the behavior/trend of selected chemical quantities 8 hours ahead in 15 min step from the moment of request, validation module- its aim is to validate the measured quantities, trend module- this module serves for showing the trends of the acquired quantities

  16. Ensemble regression model-based anomaly detection for cyber-physical intrusion detection in smart grids

    DEFF Research Database (Denmark)

    Kosek, Anna Magdalena; Gehrke, Oliver

    2016-01-01

    The shift from centralised large production to distributed energy production has several consequences for current power system operation. The replacement of large power plants by growing numbers of distributed energy resources (DERs) increases the dependency of the power system on small scale......, distributed production. Many of these DERs can be accessed and controlled remotely, posing a cybersecurity risk. This paper investigates an intrusion detection system which evaluates the DER operation in order to discover unauthorized control actions. The proposed anomaly detection method is based...

  17. Identifying Threats Using Graph-based Anomaly Detection

    Science.gov (United States)

    Eberle, William; Holder, Lawrence; Cook, Diane

    Much of the data collected during the monitoring of cyber and other infrastructures is structural in nature, consisting of various types of entities and relationships between them. The detection of threatening anomalies in such data is crucial to protecting these infrastructures. We present an approach to detecting anomalies in a graph-based representation of such data that explicitly represents these entities and relationships. The approach consists of first finding normative patterns in the data using graph-based data mining and then searching for small, unexpected deviations to these normative patterns, assuming illicit behavior tries to mimic legitimate, normative behavior. The approach is evaluated using several synthetic and real-world datasets. Results show that the approach has high truepositive rates, low false-positive rates, and is capable of detecting complex structural anomalies in real-world domains including email communications, cellphone calls and network traffic.

  18. Improved Principal Component Analysis for Anomaly Detection: Application to an Emergency Department

    KAUST Repository

    Harrou, Fouzi; Kadri, Farid; Chaabane, Sondé s; Tahon, Christian; Sun, Ying

    2015-01-01

    Monitoring of production systems, such as those in hospitals, is primordial for ensuring the best management and maintenance desired product quality. Detection of emergent abnormalities allows preemptive actions that can prevent more serious consequences. Principal component analysis (PCA)-based anomaly-detection approach has been used successfully for monitoring systems with highly correlated variables. However, conventional PCA-based detection indices, such as the Hotelling’s T2T2 and the Q statistics, are ill suited to detect small abnormalities because they use only information from the most recent observations. Other multivariate statistical metrics, such as the multivariate cumulative sum (MCUSUM) control scheme, are more suitable for detection small anomalies. In this paper, a generic anomaly detection scheme based on PCA is proposed to monitor demands to an emergency department. In such a framework, the MCUSUM control chart is applied to the uncorrelated residuals obtained from the PCA model. The proposed PCA-based MCUSUM anomaly detection strategy is successfully applied to the practical data collected from the database of the pediatric emergency department in the Lille Regional Hospital Centre, France. The detection results evidence that the proposed method is more effective than the conventional PCA-based anomaly-detection methods.

  19. Improved Principal Component Analysis for Anomaly Detection: Application to an Emergency Department

    KAUST Repository

    Harrou, Fouzi

    2015-07-03

    Monitoring of production systems, such as those in hospitals, is primordial for ensuring the best management and maintenance desired product quality. Detection of emergent abnormalities allows preemptive actions that can prevent more serious consequences. Principal component analysis (PCA)-based anomaly-detection approach has been used successfully for monitoring systems with highly correlated variables. However, conventional PCA-based detection indices, such as the Hotelling’s T2T2 and the Q statistics, are ill suited to detect small abnormalities because they use only information from the most recent observations. Other multivariate statistical metrics, such as the multivariate cumulative sum (MCUSUM) control scheme, are more suitable for detection small anomalies. In this paper, a generic anomaly detection scheme based on PCA is proposed to monitor demands to an emergency department. In such a framework, the MCUSUM control chart is applied to the uncorrelated residuals obtained from the PCA model. The proposed PCA-based MCUSUM anomaly detection strategy is successfully applied to the practical data collected from the database of the pediatric emergency department in the Lille Regional Hospital Centre, France. The detection results evidence that the proposed method is more effective than the conventional PCA-based anomaly-detection methods.

  20. Anomalies

    International Nuclear Information System (INIS)

    Bardeen, W.A.

    1985-08-01

    Anomalies have a diverse impact on many aspects of physical phenomena. The role of anomalies in determining physical structure from the amplitude for π 0 decay to the foundations of superstring theory will be reviewed. 36 refs

  1. Genetically caused congenital anomalies of reproductive system

    Directory of Open Access Journals (Sweden)

    L. F. Kurilo

    2013-01-01

    Full Text Available Classification of congenital disorders, their frequency of occurrence in populations, and some terminology questions discussed in the review. Genetically caused congenital anomalies of reproductive system are outlined. Full information about genetic syndromes is stated in the book: Kozlova S.I., Demikova N.S. Hereditary syndromes and genetic counseling. M., 2007.

  2. On-line intermittent connector anomaly detection

    Data.gov (United States)

    National Aeronautics and Space Administration — This paper investigates a non-traditional use of differential current sensor and current sensor to detect intermittent disconnection problems in connectors. An...

  3. Multivariate anomaly detection for Earth observations: a comparison of algorithms and feature extraction techniques

    Directory of Open Access Journals (Sweden)

    M. Flach

    2017-08-01

    Full Text Available Today, many processes at the Earth's surface are constantly monitored by multiple data streams. These observations have become central to advancing our understanding of vegetation dynamics in response to climate or land use change. Another set of important applications is monitoring effects of extreme climatic events, other disturbances such as fires, or abrupt land transitions. One important methodological question is how to reliably detect anomalies in an automated and generic way within multivariate data streams, which typically vary seasonally and are interconnected across variables. Although many algorithms have been proposed for detecting anomalies in multivariate data, only a few have been investigated in the context of Earth system science applications. In this study, we systematically combine and compare feature extraction and anomaly detection algorithms for detecting anomalous events. Our aim is to identify suitable workflows for automatically detecting anomalous patterns in multivariate Earth system data streams. We rely on artificial data that mimic typical properties and anomalies in multivariate spatiotemporal Earth observations like sudden changes in basic characteristics of time series such as the sample mean, the variance, changes in the cycle amplitude, and trends. This artificial experiment is needed as there is no gold standard for the identification of anomalies in real Earth observations. Our results show that a well-chosen feature extraction step (e.g., subtracting seasonal cycles, or dimensionality reduction is more important than the choice of a particular anomaly detection algorithm. Nevertheless, we identify three detection algorithms (k-nearest neighbors mean distance, kernel density estimation, a recurrence approach and their combinations (ensembles that outperform other multivariate approaches as well as univariate extreme-event detection methods. Our results therefore provide an effective workflow to

  4. Gravitational anomalies in the solar system?

    Science.gov (United States)

    Iorio, Lorenzo

    2015-02-01

    Mindful of the anomalous perihelion precession of Mercury discovered by Le Verrier in the second half of the nineteenth century and its successful explanation by Einstein with his General Theory of Relativity in the early years of the twentieth century, discrepancies among observed effects in our Solar system and their theoretical predictions on the basis of the currently accepted laws of gravitation applied to known matter-energy distributions have the potential of paving the way for remarkable advances in fundamental physics. This is particularly important now more than ever, given that most of the universe seems to be made of unknown substances dubbed Dark Matter and Dark Energy. Should this not be directly the case, Solar system's anomalies could anyhow lead to advancements in either cumulative science, as shown to us by the discovery of Neptune in the first half of the nineteenth century, and technology itself. Moreover, investigations in one of such directions can serendipitously enrich the other one as well. The current status of some alleged gravitational anomalies in the Solar system is critically reviewed. They are: (a) Possible anomalous advances of planetary perihelia. (b) Unexplained orbital residuals of a recently discovered moon of Uranus (Mab). (c) The lingering unexplained secular increase of the eccentricity of the orbit of the Moon. (d) The so-called Faint Young Sun Paradox. (e) The secular decrease of the mass parameter of the Sun. (f) The Flyby Anomaly. (g) The Pioneer Anomaly. (h) The anomalous secular increase of the astronomical unit.

  5. Unsupervised topic discovery by anomaly detection

    OpenAIRE

    Cheng, Leon

    2013-01-01

    Approved for public release; distribution is unlimited With the vast amount of information and public comment available online, it is of increasing interest to understand what is being said and what topics are trending online. Government agencies, for example, want to know what policies concern the public without having to look through thousands of comments manually. Topic detection provides automatic identification of topics in documents based on the information content and enhances many ...

  6. FLEAD: online frequency likelihood estimation anomaly detection for mobile sensing

    NARCIS (Netherlands)

    Le Viet Duc, L Duc; Scholten, Johan; Havinga, Paul J.M.

    With the rise of smartphone platforms, adaptive sensing becomes an predominant key to overcome intricate constraints such as smartphone's capabilities and dynamic data. One way to do this is estimating the event probability based on anomaly detection to invoke heavy processes, such as switching on

  7. Searching for Complex Patterns Using Disjunctive Anomaly Detection

    OpenAIRE

    Sabhnani, Maheshkumar; Dubrawski, Artur; Schneider, Jeff

    2013-01-01

    Objective Disjunctive anomaly detection (DAD) algorithm [1] can efficiently search across multidimensional biosurveillance data to find multiple simultaneously occurring (in time) and overlapping (across different data dimensions) anomalous clusters. We introduce extensions of DAD to handle rich cluster interactions and diverse data distributions. Introduction Modern biosurveillance data contains thousands of unique time series defined across various categorical dimensions (zipcode, age group...

  8. Hyperspectral anomaly detection using Sony PlayStation 3

    Science.gov (United States)

    Rosario, Dalton; Romano, João; Sepulveda, Rene

    2009-05-01

    We present a proof-of-principle demonstration using Sony's IBM Cell processor-based PlayStation 3 (PS3) to run-in near real-time-a hyperspectral anomaly detection algorithm (HADA) on real hyperspectral (HS) long-wave infrared imagery. The PS3 console proved to be ideal for doing precisely the kind of heavy computational lifting HS based algorithms require, and the fact that it is a relatively open platform makes programming scientific applications feasible. The PS3 HADA is a unique parallel-random sampling based anomaly detection approach that does not require prior spectra of the clutter background. The PS3 HADA is designed to handle known underlying difficulties (e.g., target shape/scale uncertainties) often ignored in the development of autonomous anomaly detection algorithms. The effort is part of an ongoing cooperative contribution between the Army Research Laboratory and the Army's Armament, Research, Development and Engineering Center, which aims at demonstrating performance of innovative algorithmic approaches for applications requiring autonomous anomaly detection using passive sensors.

  9. Anomaly detection in VoIP traffic with trends

    NARCIS (Netherlands)

    Mata, F.; Zuraniewski, P.W.; Mandjes, M.; Mellia, M.

    2012-01-01

    In this paper we present methodological advances in anomaly detection, which, among other purposes, can be used to discover abnormal traffic patterns under the presence of deterministic trends in data, given that specific assumptions about the traffic type and nature are met. A performance study of

  10. Sensor Anomaly Detection in Wireless Sensor Networks for Healthcare

    Science.gov (United States)

    Haque, Shah Ahsanul; Rahman, Mustafizur; Aziz, Syed Mahfuzul

    2015-01-01

    Wireless Sensor Networks (WSN) are vulnerable to various sensor faults and faulty measurements. This vulnerability hinders efficient and timely response in various WSN applications, such as healthcare. For example, faulty measurements can create false alarms which may require unnecessary intervention from healthcare personnel. Therefore, an approach to differentiate between real medical conditions and false alarms will improve remote patient monitoring systems and quality of healthcare service afforded by WSN. In this paper, a novel approach is proposed to detect sensor anomaly by analyzing collected physiological data from medical sensors. The objective of this method is to effectively distinguish false alarms from true alarms. It predicts a sensor value from historic values and compares it with the actual sensed value for a particular instance. The difference is compared against a threshold value, which is dynamically adjusted, to ascertain whether the sensor value is anomalous. The proposed approach has been applied to real healthcare datasets and compared with existing approaches. Experimental results demonstrate the effectiveness of the proposed system, providing high Detection Rate (DR) and low False Positive Rate (FPR). PMID:25884786

  11. Tactile sensor of hardness recognition based on magnetic anomaly detection

    Science.gov (United States)

    Xue, Lingyun; Zhang, Dongfang; Chen, Qingguang; Rao, Huanle; Xu, Ping

    2018-03-01

    Hardness, as one kind of tactile sensing, plays an important role in the field of intelligent robot application such as gripping, agricultural harvesting, prosthetic hand and so on. Recently, with the rapid development of magnetic field sensing technology with high performance, a number of magnetic sensors have been developed for intelligent application. The tunnel Magnetoresistance(TMR) based on magnetoresistance principal works as the sensitive element to detect the magnetic field and it has proven its excellent ability of weak magnetic detection. In the paper, a new method based on magnetic anomaly detection was proposed to detect the hardness in the tactile way. The sensor is composed of elastic body, ferrous probe, TMR element, permanent magnet. When the elastic body embedded with ferrous probe touches the object under the certain size of force, deformation of elastic body will produce. Correspondingly, the ferrous probe will be forced to displace and the background magnetic field will be distorted. The distorted magnetic field was detected by TMR elements and the output signal at different time can be sampled. The slope of magnetic signal with the sampling time is different for object with different hardness. The result indicated that the magnetic anomaly sensor can recognize the hardness rapidly within 150ms after the tactile moment. The hardness sensor based on magnetic anomaly detection principal proposed in the paper has the advantages of simple structure, low cost, rapid response and it has shown great application potential in the field of intelligent robot.

  12. Implementation of anomaly detection algorithms for detecting transmission control protocol synchronized flooding attacks

    CSIR Research Space (South Africa)

    Mkuzangwe, NNP

    2015-08-01

    Full Text Available This work implements two anomaly detection algorithms for detecting Transmission Control Protocol Synchronized (TCP SYN) flooding attack. The two algorithms are an adaptive threshold algorithm and a cumulative sum (CUSUM) based algorithm...

  13. Automatic detection of anomalies in screening mammograms

    Science.gov (United States)

    2013-01-01

    Background Diagnostic performance in breast screening programs may be influenced by the prior probability of disease. Since breast cancer incidence is roughly half a percent in the general population there is a large probability that the screening exam will be normal. That factor may contribute to false negatives. Screening programs typically exhibit about 83% sensitivity and 91% specificity. This investigation was undertaken to determine if a system could be developed to pre-sort screening-images into normal and suspicious bins based on their likelihood to contain disease. Wavelets were investigated as a method to parse the image data, potentially removing confounding information. The development of a classification system based on features extracted from wavelet transformed mammograms is reported. Methods In the multi-step procedure images were processed using 2D discrete wavelet transforms to create a set of maps at different size scales. Next, statistical features were computed from each map, and a subset of these features was the input for a concerted-effort set of naïve Bayesian classifiers. The classifier network was constructed to calculate the probability that the parent mammography image contained an abnormality. The abnormalities were not identified, nor were they regionalized. The algorithm was tested on two publicly available databases: the Digital Database for Screening Mammography (DDSM) and the Mammographic Images Analysis Society’s database (MIAS). These databases contain radiologist-verified images and feature common abnormalities including: spiculations, masses, geometric deformations and fibroid tissues. Results The classifier-network designs tested achieved sensitivities and specificities sufficient to be potentially useful in a clinical setting. This first series of tests identified networks with 100% sensitivity and up to 79% specificity for abnormalities. This performance significantly exceeds the mean sensitivity reported in literature

  14. A comparison of three time-domain anomaly detection methods

    Energy Technology Data Exchange (ETDEWEB)

    Schoonewelle, H.; Hagen, T.H.J.J. van der; Hoogenboom, J.E. [Delft University of Technology (Netherlands). Interfaculty Reactor Institute

    1996-01-01

    Three anomaly detection methods based on a comparison of signal values with predictions from an autoregressive model are presented. These methods are: the extremes method, the {chi}{sup 2} method and the sequential probability ratio test. The methods are used to detect a change of the standard deviation of the residual noise obtained from applying an autoregressive model. They are fast and can be used in on-line applications. For each method some important anomaly detection parameters are determined by calculation or simulation. These parameters are: the false alarm rate, the average time to alarm and - being of minor importance -the alarm failure rate. Each method is optimized with respect to the average time to alarm for a given value of the false alarm rate. The methods are compared with each other, resulting in the sequential probability ratio test being clearly superior. (author).

  15. A comparison of three time-domain anomaly detection methods

    International Nuclear Information System (INIS)

    Schoonewelle, H.; Hagen, T.H.J.J. van der; Hoogenboom, J.E.

    1996-01-01

    Three anomaly detection methods based on a comparison of signal values with predictions from an autoregressive model are presented. These methods are: the extremes method, the χ 2 method and the sequential probability ratio test. The methods are used to detect a change of the standard deviation of the residual noise obtained from applying an autoregressive model. They are fast and can be used in on-line applications. For each method some important anomaly detection parameters are determined by calculation or simulation. These parameters are: the false alarm rate, the average time to alarm and - being of minor importance -the alarm failure rate. Each method is optimized with respect to the average time to alarm for a given value of the false alarm rate. The methods are compared with each other, resulting in the sequential probability ratio test being clearly superior. (author)

  16. Anomaly Detection and Life Pattern Estimation for the Elderly Based on Categorization of Accumulated Data

    Science.gov (United States)

    Mori, Taketoshi; Ishino, Takahito; Noguchi, Hiroshi; Shimosaka, Masamichi; Sato, Tomomasa

    2011-06-01

    We propose a life pattern estimation method and an anomaly detection method for elderly people living alone. In our observation system for such people, we deploy some pyroelectric sensors into the house and measure the person's activities all the time in order to grasp the person's life pattern. The data are transferred successively to the operation center and displayed to the nurses in the center in a precise way. Then, the nurses decide whether the data is the anomaly or not. In the system, the people whose features in their life resemble each other are categorized as the same group. Anomalies occurred in the past are shared in the group and utilized in the anomaly detection algorithm. This algorithm is based on "anomaly score." The "anomaly score" is figured out by utilizing the activeness of the person. This activeness is approximately proportional to the frequency of the sensor response in a minute. The "anomaly score" is calculated from the difference between the activeness in the present and the past one averaged in the long term. Thus, the score is positive if the activeness in the present is higher than the average in the past, and the score is negative if the value in the present is lower than the average. If the score exceeds a certain threshold, it means that an anomaly event occurs. Moreover, we developed an activity estimation algorithm. This algorithm estimates the residents' basic activities such as uprising, outing, and so on. The estimation is shown to the nurses with the "anomaly score" of the residents. The nurses can understand the residents' health conditions by combining these two information.

  17. Stochastic pattern recognition techniques and artificial intelligence for nuclear power plant surveillance and anomaly detection

    Energy Technology Data Exchange (ETDEWEB)

    Kemeny, L.G

    1998-12-31

    In this paper a theoretical and system conceptual model is outlined for the instrumentation, core assessment and surveillance and anomaly detection of a nuclear power plant. The system specified is based on the statistical on-line analysis of optimally placed instrumentation sensed fluctuating signals in terms of such variates as coherence, correlation function, zero-crossing and spectral density

  18. Stochastic pattern recognition techniques and artificial intelligence for nuclear power plant surveillance and anomaly detection

    International Nuclear Information System (INIS)

    Kemeny, L.G.

    1998-01-01

    In this paper a theoretical and system conceptual model is outlined for the instrumentation, core assessment and surveillance and anomaly detection of a nuclear power plant. The system specified is based on the statistical on-line analysis of optimally placed instrumentation sensed fluctuating signals in terms of such variates as coherence, correlation function, zero-crossing and spectral density

  19. Detecting Anomaly in Traffic Flow from Road Similarity Analysis

    KAUST Repository

    Liu, Xinran

    2016-06-02

    Taxies equipped with GPS devices are considered as 24-hour moving sensors widely distributed in urban road networks. Plenty of accurate and realtime trajectories of taxi are recorded by GPS devices and are commonly studied for understanding traffic dynamics. This paper focuses on anomaly detection in traffic volume, especially the non-recurrent traffic anomaly caused by unexpected or transient incidents, such as traffic accidents, celebrations and disasters. It is important to detect such sharp changes of traffic status for sensing abnormal events and planning their impact on the smooth volume of traffic. Unlike existing anomaly detection approaches that mainly monitor the derivation of current traffic status from history in the past, the proposed method in this paper evaluates the abnormal score of traffic on one road by comparing its current traffic volume with not only its historical data but also its neighbors. We define the neighbors as the roads that are close in sense of both geo-location and traffic patterns, which are extracted by matrix factorization. The evaluation results on trajectories data of 12,286 taxies over four weeks in Beijing show that our approach outperforms other baseline methods with higher precision and recall.

  20. Energy detection based on undecimated discrete wavelet transform and its application in magnetic anomaly detection.

    Directory of Open Access Journals (Sweden)

    Xinhua Nie

    Full Text Available Magnetic anomaly detection (MAD is a passive approach for detection of a ferromagnetic target, and its performance is often limited by external noises. In consideration of one major noise source is the fractal noise (or called 1/f noise with a power spectral density of 1/fa (0detection method based on undecimated discrete wavelet transform (UDWT is proposed in this paper. Firstly, the foundations of magnetic anomaly detection and UDWT are introduced in brief, while a possible detection system based on giant magneto-impedance (GMI magnetic sensor is also given out. Then our proposed energy detection based on UDWT is described in detail, and the probabilities of false alarm and detection for given the detection threshold in theory are presented. It is noticeable that no a priori assumptions regarding the ferromagnetic target or the magnetic noise probability are necessary for our method, and different from the discrete wavelet transform (DWT, the UDWT is shift invariant. Finally, some simulations are performed and the results show that the detection performance of our proposed detector is better than that of the conventional energy detector even utilized in the Gaussian white noise, especially when the spectral parameter α is less than 1.0. In addition, a real-world experiment was done to demonstrate the advantages of the proposed method.

  1. Incidence of Congenital Spinal Abnormalities Among Pediatric Patients and Their Association With Scoliosis and Systemic Anomalies.

    Science.gov (United States)

    Passias, Peter G; Poorman, Gregory W; Jalai, Cyrus M; Diebo, Bassel G; Vira, Shaleen; Horn, Samantha R; Baker, Joseph F; Shenoy, Kartik; Hasan, Saqib; Buza, John; Bronson, Wesley; Paul, Justin C; Kaye, Ian; Foster, Norah A; Cassilly, Ryan T; Oren, Jonathan H; Moskovich, Ronald; Line, Breton; Oh, Cheongeun; Bess, Shay; LaFage, Virginie; Errico, Thomas J

    2017-10-09

    Congenital abnormalities when present, according to VACTERL theory, occur nonrandomly with other congenital anomalies. This study estimates the prevalence of congenital spinal anomalies, and their concurrence with other systemic anomalies. A retrospective cohort analysis on Health care Cost and Utilization Project's Kids Inpatient Database (KID), years 2000, 2003, 2006, 2009 was performed. ICD-9 coding identified congenital anomalies of the spine and other body systems. Overall incidence of congenital spinal abnormalities in pediatric patients, and the concurrence of spinal anomaly diagnoses with other organ system anomalies. Frequencies of congenital spine anomalies were estimated using KID hospital-and-year-adjusted weights. Poisson distribution in contingency tables tabulated concurrence of other congenital anomalies, grouped by body system. Of 12,039,432 patients, rates per 100,000 cases were: 9.1 hemivertebra, 4.3 Klippel-Fiel, 56.3 Chiari malformation, 52.6 tethered cord, 83.4 spina bifida, 1.2 absence of vertebra, and 6.2 diastematomyelia. Diastematomyelia had the highest concurrence of other anomalies: 70.1% of diastematomyelia patients had at least one other congenital anomaly. Next, 63.2% of hemivertebra, and 35.2% of Klippel-Fiel patients had concurrent anomalies. Of the other systems deformities cooccuring, cardiac system had the highest concurrent incidence (6.5% overall). In light of VACTERL's definition of a patient being diagnosed with at least 3 VACTERL anomalies, hemivertebra patients had the highest cooccurrence of ≥3 anomalies (31.3%). With detailed analysis of hemivertebra patients, secundum ASD (14.49%), atresia of large intestine (10.2%), renal agenesis (7.43%) frequently cooccured. Congenital abnormalities of the spine are associated with serious systemic anomalies that may have delayed presentations. These patients continue to be at a very high, and maybe higher than previously thought, risk for comorbidities that can cause devastating

  2. CT diagnosis of congenital anomalies of the central nervous system

    International Nuclear Information System (INIS)

    Mori, Koreaki

    1980-01-01

    In the diagnosis of central nervous system congenital anomalies, understanding of embryology of the central nervous system and pathophysiology of each anomaly are essential. It is important for clinical approach to central nervous system congenital anomalies to evaluate the size of the head and tention of the anterior fontanelle. Accurate diagnosis of congenital anomalies depends on a correlation of CT findings to clinical pictures. Clinical diagnosis of congenital anomalies should include prediction of treatability and prognosis, in addition to recognition of a disease. (author)

  3. Inflight and Preflight Detection of Pitot Tube Anomalies

    Science.gov (United States)

    Mitchell, Darrell W.

    2014-01-01

    The health and integrity of aircraft sensors play a critical role in aviation safety. Inaccurate or false readings from these sensors can lead to improper decision making, resulting in serious and sometimes fatal consequences. This project demonstrated the feasibility of using advanced data analysis techniques to identify anomalies in Pitot tubes resulting from blockage such as icing, moisture, or foreign objects. The core technology used in this project is referred to as noise analysis because it relates sensors' response time to the dynamic component (noise) found in the signal of these same sensors. This analysis technique has used existing electrical signals of Pitot tube sensors that result from measured processes during inflight conditions and/or induced signals in preflight conditions to detect anomalies in the sensor readings. Analysis and Measurement Services Corporation (AMS Corp.) has routinely used this technology to determine the health of pressure transmitters in nuclear power plants. The application of this technology for the detection of aircraft anomalies is innovative. Instead of determining the health of process monitoring at a steady-state condition, this technology will be used to quickly inform the pilot when an air-speed indication becomes faulty under any flight condition as well as during preflight preparation.

  4. BEARS: a multi-mission anomaly response system

    Science.gov (United States)

    Roberts, Bryce A.

    2009-05-01

    The Mission Operations Group at UC Berkeley's Space Sciences Laboratory operates a highly automated ground station and presently a fleet of seven satellites, each with its own associated command and control console. However, the requirement for prompt anomaly detection and resolution is shared commonly between the ground segment and all spacecraft. The efficient, low-cost operation and "lights-out" staffing of the Mission Operations Group requires that controllers and engineers be notified of spacecraft and ground system problems around the clock. The Berkeley Emergency Anomaly and Response System (BEARS) is an in-house developed web- and paging-based software system that meets this need. BEARS was developed as a replacement for an existing emergency reporting software system that was too closedsource, platform-specific, expensive, and antiquated to expand or maintain. To avoid these limitations, the new system design leverages cross-platform, open-source software products such as MySQL, PHP, and Qt. Anomaly notifications and responses make use of the two-way paging capabilities of modern smart phones.

  5. Kullback-Leibler distance-based enhanced detection of incipient anomalies

    KAUST Repository

    Harrou, Fouzi

    2016-09-09

    Accurate and effective anomaly detection and diagnosis of modern engineering systems by monitoring processes ensure reliability and safety of a product while maintaining desired quality. In this paper, an innovative method based on Kullback-Leibler divergence for detecting incipient anomalies in highly correlated multivariate data is presented. We use a partial least square (PLS) method as a modeling framework and a symmetrized Kullback-Leibler distance (KLD) as an anomaly indicator, where it is used to quantify the dissimilarity between current PLS-based residual and reference probability distributions obtained using fault-free data. Furthermore, this paper reports the development of two monitoring charts based on the KLD. The first approach is a KLD-Shewhart chart, where the Shewhart monitoring chart with a three sigma rule is used to monitor the KLD of the response variables residuals from the PLS model. The second approach integrates the KLD statistic into the exponentially weighted moving average monitoring chart. The performance of the PLS-based KLD anomaly-detection methods is illustrated and compared to that of conventional PLS-based anomaly detection methods. Using synthetic data and simulated distillation column data, we demonstrate the greater sensitivity and effectiveness of the developed method over the conventional PLS-based methods, especially when data are highly correlated and small anomalies are of interest. Results indicate that the proposed chart is a very promising KLD-based method because KLD-based charts are, in practice, designed to detect small shifts in process parameters. © 2016 Elsevier Ltd

  6. Anomaly depth detection in trans-admittance mammography: a formula independent of anomaly size or admittivity contrast

    International Nuclear Information System (INIS)

    Zhang, Tingting; Lee, Eunjung; Seo, Jin Keun

    2014-01-01

    Trans-admittance mammography (TAM) is a bioimpedance technique for breast cancer detection. It is based on the comparison of tissue conductivity: cancerous tissue is identified by its higher conductivity in comparison with the surrounding normal tissue. In TAM, the breast is compressed between two electrical plates (in a similar architecture to x-ray mammography). The bottom plate has many sensing point electrodes that provide two-dimensional images (trans-admittance maps) that are induced by voltage differences between the two plates. Multi-frequency admittance data (Neumann data) are measured over the range 50 Hz–500 kHz. TAM aims to determine the location and size of any anomaly from the multi-frequency admittance data. Various anomaly detection algorithms can be used to process TAM data to determine the transverse positions of anomalies. However, existing methods cannot reliably determine the depth or size of an anomaly. Breast cancer detection using TAM would be improved if the depth or size of an anomaly could also be estimated, properties that are independent of the admittivity contrast. A formula is proposed here that can estimate the depth of an anomaly independent of its size and the admittivity contrast. This depth estimation can also be used to derive an estimation of the size of the anomaly. The proposed estimations are verified rigorously under a simplified model. Numerical simulation shows that the proposed method also works well in general settings. (paper)

  7. Detecting errors and anomalies in computerized materials control and accountability databases

    International Nuclear Information System (INIS)

    Whiteson, R.; Hench, K.; Yarbro, T.; Baumgart, C.

    1998-01-01

    The Automated MC and A Database Assessment project is aimed at improving anomaly and error detection in materials control and accountability (MC and A) databases and increasing confidence in the data that they contain. Anomalous data resulting in poor categorization of nuclear material inventories greatly reduces the value of the database information to users. Therefore it is essential that MC and A data be assessed periodically for anomalies or errors. Anomaly detection can identify errors in databases and thus provide assurance of the integrity of data. An expert system has been developed at Los Alamos National Laboratory that examines these large databases for anomalous or erroneous data. For several years, MC and A subject matter experts at Los Alamos have been using this automated system to examine the large amounts of accountability data that the Los Alamos Plutonium Facility generates. These data are collected and managed by the Material Accountability and Safeguards System, a near-real-time computerized nuclear material accountability and safeguards system. This year they have expanded the user base, customizing the anomaly detector for the varying requirements of different groups of users. This paper describes the progress in customizing the expert systems to the needs of the users of the data and reports on their results

  8. Mobile Anomaly Detection Based on Improved Self-Organizing Maps

    Directory of Open Access Journals (Sweden)

    Chunyong Yin

    2017-01-01

    Full Text Available Anomaly detection has always been the focus of researchers and especially, the developments of mobile devices raise new challenges of anomaly detection. For example, mobile devices can keep connection with Internet and they are rarely turned off even at night. This means mobile devices can attack nodes or be attacked at night without being perceived by users and they have different characteristics from Internet behaviors. The introduction of data mining has made leaps forward in this field. Self-organizing maps, one of famous clustering algorithms, are affected by initial weight vectors and the clustering result is unstable. The optimal method of selecting initial clustering centers is transplanted from K-means to SOM. To evaluate the performance of improved SOM, we utilize diverse datasets and KDD Cup99 dataset to compare it with traditional one. The experimental results show that improved SOM can get higher accuracy rate for universal datasets. As for KDD Cup99 dataset, it achieves higher recall rate and precision rate.

  9. Statistical methods for anomaly detection in the complex process; Methodes statistiques de detection d'anomalies de fonctionnement dans les processus complexes

    Energy Technology Data Exchange (ETDEWEB)

    Al Mouhamed, Mayez

    1977-09-15

    In a number of complex physical systems the accessible signals are often characterized by random fluctuations about a mean value. The fluctuations (signature) often transmit information about the state of the system that the mean value cannot predict. This study is undertaken to elaborate statistical methods of anomaly detection on the basis of signature analysis of the noise inherent in the process. The algorithm presented first learns the characteristics of normal operation of a complex process. Then it detects small deviations from the normal behavior. The algorithm can be implemented in a medium-sized computer for on line application. (author) [French] Dans de nombreux systemes physiques complexes les grandeurs accessibles a l'homme sont souvent caracterisees par des fluctuations aleatoires autour d'une valeur moyenne. Les fluctuations (signatures) transmettent souvent des informations sur l'etat du systeme que la valeur moyenne ne peut predire. Cette etude est entreprise pour elaborer des methodes statistiques de detection d'anomalies de fonctionnement sur la base de l'analyse des signatures contenues dans les signaux de bruit provenant du processus. L'algorithme presente est capable de: 1/ Apprendre les caracteristiques des operations normales dans un processus complexe. 2/ Detecter des petites deviations par rapport a la conduite normale du processus. L'algorithme peut etre implante sur un calculateur de taille moyenne pour les applications en ligne. (auteur)

  10. Anomaly detection of microstructural defects in continuous fiber reinforced composites

    Science.gov (United States)

    Bricker, Stephen; Simmons, J. P.; Przybyla, Craig; Hardie, Russell

    2015-03-01

    Ceramic matrix composites (CMC) with continuous fiber reinforcements have the potential to enable the next generation of high speed hypersonic vehicles and/or significant improvements in gas turbine engine performance due to their exhibited toughness when subjected to high mechanical loads at extreme temperatures (2200F+). Reinforced fiber composites (RFC) provide increased fracture toughness, crack growth resistance, and strength, though little is known about how stochastic variation and imperfections in the material effect material properties. In this work, tools are developed for quantifying anomalies within the microstructure at several scales. The detection and characterization of anomalous microstructure is a critical step in linking production techniques to properties, as well as in accurate material simulation and property prediction for the integrated computation materials engineering (ICME) of RFC based components. It is desired to find statistical outliers for any number of material characteristics such as fibers, fiber coatings, and pores. Here, fiber orientation, or `velocity', and `velocity' gradient are developed and examined for anomalous behavior. Categorizing anomalous behavior in the CMC is approached by multivariate Gaussian mixture modeling. A Gaussian mixture is employed to estimate the probability density function (PDF) of the features in question, and anomalies are classified by their likelihood of belonging to the statistical normal behavior for that feature.

  11. Support vector machines for TEC seismo-ionospheric anomalies detection

    Directory of Open Access Journals (Sweden)

    M. Akhoondzadeh

    2013-02-01

    Full Text Available Using time series prediction methods, it is possible to pursue the behaviors of earthquake precursors in the future and to announce early warnings when the differences between the predicted value and the observed value exceed the predefined threshold value. Support Vector Machines (SVMs are widely used due to their many advantages for classification and regression tasks. This study is concerned with investigating the Total Electron Content (TEC time series by using a SVM to detect seismo-ionospheric anomalous variations induced by the three powerful earthquakes of Tohoku (11 March 2011, Haiti (12 January 2010 and Samoa (29 September 2009. The duration of TEC time series dataset is 49, 46 and 71 days, for Tohoku, Haiti and Samoa earthquakes, respectively, with each at time resolution of 2 h. In the case of Tohoku earthquake, the results show that the difference between the predicted value obtained from the SVM method and the observed value reaches the maximum value (i.e., 129.31 TECU at earthquake time in a period of high geomagnetic activities. The SVM method detected a considerable number of anomalous occurrences 1 and 2 days prior to the Haiti earthquake and also 1 and 5 days before the Samoa earthquake in a period of low geomagnetic activities. In order to show that the method is acting sensibly with regard to the results extracted during nonevent and event TEC data, i.e., to perform some null-hypothesis tests in which the methods would also be calibrated, the same period of data from the previous year of the Samoa earthquake date has been taken into the account. Further to this, in this study, the detected TEC anomalies using the SVM method were compared to the previous results (Akhoondzadeh and Saradjian, 2011; Akhoondzadeh, 2012 obtained from the mean, median, wavelet and Kalman filter methods. The SVM detected anomalies are similar to those detected using the previous methods. It can be concluded that SVM can be a suitable learning method

  12. OceanXtremes: Scalable Anomaly Detection in Oceanographic Time-Series

    Science.gov (United States)

    Wilson, B. D.; Armstrong, E. M.; Chin, T. M.; Gill, K. M.; Greguska, F. R., III; Huang, T.; Jacob, J. C.; Quach, N.

    2016-12-01

    The oceanographic community must meet the challenge to rapidly identify features and anomalies in complex and voluminous observations to further science and improve decision support. Given this data-intensive reality, we are developing an anomaly detection system, called OceanXtremes, powered by an intelligent, elastic Cloud-based analytic service backend that enables execution of domain-specific, multi-scale anomaly and feature detection algorithms across the entire archive of 15 to 30-year ocean science datasets.Our parallel analytics engine is extending the NEXUS system and exploits multiple open-source technologies: Apache Cassandra as a distributed spatial "tile" cache, Apache Spark for in-memory parallel computation, and Apache Solr for spatial search and storing pre-computed tile statistics and other metadata. OceanXtremes provides these key capabilities: Parallel generation (Spark on a compute cluster) of 15 to 30-year Ocean Climatologies (e.g. sea surface temperature or SST) in hours or overnight, using simple pixel averages or customizable Gaussian-weighted "smoothing" over latitude, longitude, and time; Parallel pre-computation, tiling, and caching of anomaly fields (daily variables minus a chosen climatology) with pre-computed tile statistics; Parallel detection (over the time-series of tiles) of anomalies or phenomena by regional area-averages exceeding a specified threshold (e.g. high SST in El Nino or SST "blob" regions), or more complex, custom data mining algorithms; Shared discovery and exploration of ocean phenomena and anomalies (facet search using Solr), along with unexpected correlations between key measured variables; Scalable execution for all capabilities on a hybrid Cloud, using our on-premise OpenStack Cloud cluster or at Amazon. The key idea is that the parallel data-mining operations will be run "near" the ocean data archives (a local "network" hop) so that we can efficiently access the thousands of files making up a three decade time

  13. A new approach for structural health monitoring by applying anomaly detection on strain sensor data

    Science.gov (United States)

    Trichias, Konstantinos; Pijpers, Richard; Meeuwissen, Erik

    2014-03-01

    Structural Health Monitoring (SHM) systems help to monitor critical infrastructures (bridges, tunnels, etc.) remotely and provide up-to-date information about their physical condition. In addition, it helps to predict the structure's life and required maintenance in a cost-efficient way. Typically, inspection data gives insight in the structural health. The global structural behavior, and predominantly the structural loading, is generally measured with vibration and strain sensors. Acoustic emission sensors are more and more used for measuring global crack activity near critical locations. In this paper, we present a procedure for local structural health monitoring by applying Anomaly Detection (AD) on strain sensor data for sensors that are applied in expected crack path. Sensor data is analyzed by automatic anomaly detection in order to find crack activity at an early stage. This approach targets the monitoring of critical structural locations, such as welds, near which strain sensors can be applied during construction and/or locations with limited inspection possibilities during structural operation. We investigate several anomaly detection techniques to detect changes in statistical properties, indicating structural degradation. The most effective one is a novel polynomial fitting technique, which tracks slow changes in sensor data. Our approach has been tested on a representative test structure (bridge deck) in a lab environment, under constant and variable amplitude fatigue loading. In both cases, the evolving cracks at the monitored locations were successfully detected, autonomously, by our AD monitoring tool.

  14. Behavior Drift Detection Based on Anomalies Identification in Home Living Quantitative Indicators

    OpenAIRE

    Fabio Veronese; Andrea Masciadri; Sara Comai; Matteo Matteucci; Fabio Salice

    2018-01-01

    Home Automation and Smart Homes diffusion are providing an interesting opportunity to implement elderly monitoring. This is a new valid technological support to allow in-place aging of seniors by means of a detection system to notify potential anomalies. Monitoring has been implemented by means of Complex Event Processing on live streams of home automation data: this allows the analysis of the behavior of the house inhabitant through quantitative indicators. Different kinds of quantitative in...

  15. Road Traffic Anomaly Detection via Collaborative Path Inference from GPS Snippets

    Directory of Open Access Journals (Sweden)

    Hongtao Wang

    2017-03-01

    Full Text Available Road traffic anomaly denotes a road segment that is anomalous in terms of traffic flow of vehicles. Detecting road traffic anomalies from GPS (Global Position System snippets data is becoming critical in urban computing since they often suggest underlying events. However, the noisy ands parse nature of GPS snippets data have ushered multiple problems, which have prompted the detection of road traffic anomalies to be very challenging. To address these issues, we propose a two-stage solution which consists of two components: a Collaborative Path Inference (CPI model and a Road Anomaly Test (RAT model. CPI model performs path inference incorporating both static and dynamic features into a Conditional Random Field (CRF. Dynamic context features are learned collaboratively from large GPS snippets via a tensor decomposition technique. Then RAT calculates the anomalous degree for each road segment from the inferred fine-grained trajectories in given time intervals. We evaluated our method using a large scale real world dataset, which includes one-month GPS location data from more than eight thousand taxi cabs in Beijing. The evaluation results show the advantages of our method beyond other baseline techniques.

  16. A primitive study on unsupervised anomaly detection with an autoencoder in emergency head CT volumes

    Science.gov (United States)

    Sato, Daisuke; Hanaoka, Shouhei; Nomura, Yukihiro; Takenaga, Tomomi; Miki, Soichiro; Yoshikawa, Takeharu; Hayashi, Naoto; Abe, Osamu

    2018-02-01

    Purpose: The target disorders of emergency head CT are wide-ranging. Therefore, people working in an emergency department desire a computer-aided detection system for general disorders. In this study, we proposed an unsupervised anomaly detection method in emergency head CT using an autoencoder and evaluated the anomaly detection performance of our method in emergency head CT. Methods: We used a 3D convolutional autoencoder (3D-CAE), which contains 11 layers in the convolution block and 6 layers in the deconvolution block. In the training phase, we trained the 3D-CAE using 10,000 3D patches extracted from 50 normal cases. In the test phase, we calculated abnormalities of each voxel in 38 emergency head CT volumes (22 abnormal cases and 16 normal cases) for evaluation and evaluated the likelihood of lesion existence. Results: Our method achieved a sensitivity of 68% and a specificity of 88%, with an area under the curve of the receiver operating characteristic curve of 0.87. It shows that this method has a moderate accuracy to distinguish normal CT cases to abnormal ones. Conclusion: Our method has potentialities for anomaly detection in emergency head CT.

  17. Temporal Data-Driven Sleep Scheduling and Spatial Data-Driven Anomaly Detection for Clustered Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Gang Li

    2016-09-01

    Full Text Available The spatial–temporal correlation is an important feature of sensor data in wireless sensor networks (WSNs. Most of the existing works based on the spatial–temporal correlation can be divided into two parts: redundancy reduction and anomaly detection. These two parts are pursued separately in existing works. In this work, the combination of temporal data-driven sleep scheduling (TDSS and spatial data-driven anomaly detection is proposed, where TDSS can reduce data redundancy. The TDSS model is inspired by transmission control protocol (TCP congestion control. Based on long and linear cluster structure in the tunnel monitoring system, cooperative TDSS and spatial data-driven anomaly detection are then proposed. To realize synchronous acquisition in the same ring for analyzing the situation of every ring, TDSS is implemented in a cooperative way in the cluster. To keep the precision of sensor data, spatial data-driven anomaly detection based on the spatial correlation and Kriging method is realized to generate an anomaly indicator. The experiment results show that cooperative TDSS can realize non-uniform sensing effectively to reduce the energy consumption. In addition, spatial data-driven anomaly detection is quite significant for maintaining and improving the precision of sensor data.

  18. Radon anomalies: When are they possible to be detected?

    Science.gov (United States)

    Passarelli, Luigi; Woith, Heiko; Seyis, Cemil; Nikkhoo, Mehdi; Donner, Reik

    2017-04-01

    Records of the Radon noble gas in different environments like soil, air, groundwater, rock, caves, and tunnels, typically display cyclic variations including diurnal (S1), semidiurnal (S2) and seasonal components. But there are also cases where theses cycles are absent. Interestingly, radon emission can also be affected by transient processes, which inhibit or enhance the radon carrying process at the surface. This results in transient changes in the radon emission rate, which are superimposed on the low and high frequency cycles. The complexity in the spectral contents of the radon time-series makes any statistical analysis aiming at understanding the physical driving processes a challenging task. In the past decades there have been several attempts to relate changes in radon emission rate with physical triggering processes such as earthquake occurrence. One of the problems in this type of investigation is to objectively detect anomalies in the radon time-series. In the present work, we propose a simple and objective statistical method for detecting changes in the radon emission rate time-series. The method uses non-parametric statistical tests (e.g., Kolmogorov-Smirnov) to compare empirical distributions of radon emission rate by sequentially applying various time window to the time-series. The statistical test indicates whether two empirical distributions of data originate from the same distribution at a desired significance level. We test the algorithm on synthetic data in order to explore the sensitivity of the statistical test to the sample size. We successively apply the test to six radon emission rate recordings from stations located around the Marmara Sea obtained within the MARsite project (MARsite has received funding from the European Union's Seventh Programme for research, technological development and demonstration under grant agreement No 308417). We conclude that the test performs relatively well on identify transient changes in the radon emission

  19. Autonomic intrusion detection: Adaptively detecting anomalies over unlabeled audit data streams in computer networks

    KAUST Repository

    Wang, Wei; Guyet, Thomas; Quiniou, René ; Cordier, Marie-Odile; Masseglia, Florent; Zhang, Xiangliang

    2014-01-01

    In this work, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-managing: self-labeling, self-updating and self-adapting. Our framework employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies. Two large real HTTP traffic streams collected in our institute as well as a set of benchmark KDD’99 data are used to validate the framework and the method. The test results show that the autonomic model achieves better results in terms of effectiveness and efficiency compared to adaptive Sequential Karhunen–Loeve method and static AP as well as three other static anomaly detection methods, namely, k-NN, PCA and SVM.

  20. Autonomic intrusion detection: Adaptively detecting anomalies over unlabeled audit data streams in computer networks

    KAUST Repository

    Wang, Wei

    2014-06-22

    In this work, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-managing: self-labeling, self-updating and self-adapting. Our framework employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies. Two large real HTTP traffic streams collected in our institute as well as a set of benchmark KDD’99 data are used to validate the framework and the method. The test results show that the autonomic model achieves better results in terms of effectiveness and efficiency compared to adaptive Sequential Karhunen–Loeve method and static AP as well as three other static anomaly detection methods, namely, k-NN, PCA and SVM.

  1. Optimize the Coverage Probability of Prediction Interval for Anomaly Detection of Sensor-Based Monitoring Series

    Directory of Open Access Journals (Sweden)

    Jingyue Pang

    2018-03-01

    Full Text Available Effective anomaly detection of sensing data is essential for identifying potential system failures. Because they require no prior knowledge or accumulated labels, and provide uncertainty presentation, the probability prediction methods (e.g., Gaussian process regression (GPR and relevance vector machine (RVM are especially adaptable to perform anomaly detection for sensing series. Generally, one key parameter of prediction models is coverage probability (CP, which controls the judging threshold of the testing sample and is generally set to a default value (e.g., 90% or 95%. There are few criteria to determine the optimal CP for anomaly detection. Therefore, this paper designs a graphic indicator of the receiver operating characteristic curve of prediction interval (ROC-PI based on the definition of the ROC curve which can depict the trade-off between the PI width and PI coverage probability across a series of cut-off points. Furthermore, the Youden index is modified to assess the performance of different CPs, by the minimization of which the optimal CP is derived by the simulated annealing (SA algorithm. Experiments conducted on two simulation datasets demonstrate the validity of the proposed method. Especially, an actual case study on sensing series from an on-orbit satellite illustrates its significant performance in practical application.

  2. Clusters versus GPUs for Parallel Target and Anomaly Detection in Hyperspectral Images

    Directory of Open Access Journals (Sweden)

    Antonio Plaza

    2010-01-01

    Full Text Available Remotely sensed hyperspectral sensors provide image data containing rich information in both the spatial and the spectral domain, and this information can be used to address detection tasks in many applications. In many surveillance applications, the size of the objects (targets searched for constitutes a very small fraction of the total search area and the spectral signatures associated to the targets are generally different from those of the background, hence the targets can be seen as anomalies. In hyperspectral imaging, many algorithms have been proposed for automatic target and anomaly detection. Given the dimensionality of hyperspectral scenes, these techniques can be time-consuming and difficult to apply in applications requiring real-time performance. In this paper, we develop several new parallel implementations of automatic target and anomaly detection algorithms. The proposed parallel algorithms are quantitatively evaluated using hyperspectral data collected by the NASA's Airborne Visible Infra-Red Imaging Spectrometer (AVIRIS system over theWorld Trade Center (WTC in New York, five days after the terrorist attacks that collapsed the two main towers in theWTC complex.

  3. Clusters versus GPUs for Parallel Target and Anomaly Detection in Hyperspectral Images

    Directory of Open Access Journals (Sweden)

    Paz Abel

    2010-01-01

    Full Text Available Abstract Remotely sensed hyperspectral sensors provide image data containing rich information in both the spatial and the spectral domain, and this information can be used to address detection tasks in many applications. In many surveillance applications, the size of the objects (targets searched for constitutes a very small fraction of the total search area and the spectral signatures associated to the targets are generally different from those of the background, hence the targets can be seen as anomalies. In hyperspectral imaging, many algorithms have been proposed for automatic target and anomaly detection. Given the dimensionality of hyperspectral scenes, these techniques can be time-consuming and difficult to apply in applications requiring real-time performance. In this paper, we develop several new parallel implementations of automatic target and anomaly detection algorithms. The proposed parallel algorithms are quantitatively evaluated using hyperspectral data collected by the NASA's Airborne Visible Infra-Red Imaging Spectrometer (AVIRIS system over theWorld Trade Center (WTC in New York, five days after the terrorist attacks that collapsed the two main towers in theWTC complex.

  4. Trajectory Shape Analysis and Anomaly Detection Utilizing Information Theory Tools

    Directory of Open Access Journals (Sweden)

    Yuejun Guo

    2017-06-01

    Full Text Available In this paper, we propose to improve trajectory shape analysis by explicitly considering the speed attribute of trajectory data, and to successfully achieve anomaly detection. The shape of object motion trajectory is modeled using Kernel Density Estimation (KDE, making use of both the angle attribute of the trajectory and the speed of the moving object. An unsupervised clustering algorithm, based on the Information Bottleneck (IB method, is employed for trajectory learning to obtain an adaptive number of trajectory clusters through maximizing the Mutual Information (MI between the clustering result and a feature set of the trajectory data. Furthermore, we propose to effectively enhance the performance of IB by taking into account the clustering quality in each iteration of the clustering procedure. The trajectories are determined as either abnormal (infrequently observed or normal by a measure based on Shannon entropy. Extensive tests on real-world and synthetic data show that the proposed technique behaves very well and outperforms the state-of-the-art methods.

  5. An anomaly detection and isolation scheme with instance-based learning and sequential analysis

    International Nuclear Information System (INIS)

    Yoo, T. S.; Garcia, H. E.

    2006-01-01

    This paper presents an online anomaly detection and isolation (FDI) technique using an instance-based learning method combined with a sequential change detection and isolation algorithm. The proposed method uses kernel density estimation techniques to build statistical models of the given empirical data (null hypothesis). The null hypothesis is associated with the set of alternative hypotheses modeling the abnormalities of the systems. A decision procedure involves a sequential change detection and isolation algorithm. Notably, the proposed method enjoys asymptotic optimality as the applied change detection and isolation algorithm is optimal in minimizing the worst mean detection/isolation delay for a given mean time before a false alarm or a false isolation. Applicability of this methodology is illustrated with redundant sensor data set and its performance. (authors)

  6. Data-Driven Anomaly Detection Performance for the Ares I-X Ground Diagnostic Prototype

    Science.gov (United States)

    Martin, Rodney A.; Schwabacher, Mark A.; Matthews, Bryan L.

    2010-01-01

    In this paper, we will assess the performance of a data-driven anomaly detection algorithm, the Inductive Monitoring System (IMS), which can be used to detect simulated Thrust Vector Control (TVC) system failures. However, the ability of IMS to detect these failures in a true operational setting may be related to the realistic nature of how they are simulated. As such, we will investigate both a low fidelity and high fidelity approach to simulating such failures, with the latter based upon the underlying physics. Furthermore, the ability of IMS to detect anomalies that were previously unknown and not previously simulated will be studied in earnest, as well as apparent deficiencies or misapplications that result from using the data-driven paradigm. Our conclusions indicate that robust detection performance of simulated failures using IMS is not appreciably affected by the use of a high fidelity simulation. However, we have found that the inclusion of a data-driven algorithm such as IMS into a suite of deployable health management technologies does add significant value.

  7. A Comparative Evaluation of Unsupervised Anomaly Detection Algorithms for Multivariate Data

    Science.gov (United States)

    Goldstein, Markus; Uchida, Seiichi

    2016-01-01

    Anomaly detection is the process of identifying unexpected items or events in datasets, which differ from the norm. In contrast to standard classification tasks, anomaly detection is often applied on unlabeled data, taking only the internal structure of the dataset into account. This challenge is known as unsupervised anomaly detection and is addressed in many practical applications, for example in network intrusion detection, fraud detection as well as in the life science and medical domain. Dozens of algorithms have been proposed in this area, but unfortunately the research community still lacks a comparative universal evaluation as well as common publicly available datasets. These shortcomings are addressed in this study, where 19 different unsupervised anomaly detection algorithms are evaluated on 10 different datasets from multiple application domains. By publishing the source code and the datasets, this paper aims to be a new well-funded basis for unsupervised anomaly detection research. Additionally, this evaluation reveals the strengths and weaknesses of the different approaches for the first time. Besides the anomaly detection performance, computational effort, the impact of parameter settings as well as the global/local anomaly detection behavior is outlined. As a conclusion, we give an advise on algorithm selection for typical real-world tasks. PMID:27093601

  8. Multiple Kernel Learning for Heterogeneous Anomaly Detection: Algorithm and Aviation Safety Case Study

    Science.gov (United States)

    Das, Santanu; Srivastava, Ashok N.; Matthews, Bryan L.; Oza, Nikunj C.

    2010-01-01

    The world-wide aviation system is one of the most complex dynamical systems ever developed and is generating data at an extremely rapid rate. Most modern commercial aircraft record several hundred flight parameters including information from the guidance, navigation, and control systems, the avionics and propulsion systems, and the pilot inputs into the aircraft. These parameters may be continuous measurements or binary or categorical measurements recorded in one second intervals for the duration of the flight. Currently, most approaches to aviation safety are reactive, meaning that they are designed to react to an aviation safety incident or accident. In this paper, we discuss a novel approach based on the theory of multiple kernel learning to detect potential safety anomalies in very large data bases of discrete and continuous data from world-wide operations of commercial fleets. We pose a general anomaly detection problem which includes both discrete and continuous data streams, where we assume that the discrete streams have a causal influence on the continuous streams. We also assume that atypical sequence of events in the discrete streams can lead to off-nominal system performance. We discuss the application domain, novel algorithms, and also discuss results on real-world data sets. Our algorithm uncovers operationally significant events in high dimensional data streams in the aviation industry which are not detectable using state of the art methods

  9. Detecting Distributed Network Traffic Anomaly with Network-Wide Correlation Analysis

    Directory of Open Access Journals (Sweden)

    Yang Dan

    2008-12-01

    Full Text Available Distributed network traffic anomaly refers to a traffic abnormal behavior involving many links of a network and caused by the same source (e.g., DDoS attack, worm propagation. The anomaly transiting in a single link might be unnoticeable and hard to detect, while the anomalous aggregation from many links can be prevailing, and does more harm to the networks. Aiming at the similar features of distributed traffic anomaly on many links, this paper proposes a network-wide detection method by performing anomalous correlation analysis of traffic signals' instantaneous parameters. In our method, traffic signals' instantaneous parameters are firstly computed, and their network-wide anomalous space is then extracted via traffic prediction. Finally, an anomaly is detected by a global correlation coefficient of anomalous space. Our evaluation using Abilene traffic traces demonstrates the excellent performance of this approach for distributed traffic anomaly detection.

  10. Anomaly Detection for Temporal Data using Long Short-Term Memory (LSTM)

    OpenAIRE

    Singh, Akash

    2017-01-01

    We explore the use of Long short-term memory (LSTM) for anomaly detection in temporal data. Due to the challenges in obtaining labeled anomaly datasets, an unsupervised approach is employed. We train recurrent neural networks (RNNs) with LSTM units to learn the normal time series patterns and predict future values. The resulting prediction errors are modeled to give anomaly scores. We investigate different ways of maintaining LSTM state, and the effect of using a fixed number of time steps on...

  11. On-road anomaly detection by multimodal sensor analysis and multimedia processing

    Science.gov (United States)

    Orhan, Fatih; Eren, P. E.

    2014-03-01

    The use of smartphones in Intelligent Transportation Systems is gaining popularity, yet many challenges exist in developing functional applications. Due to the dynamic nature of transportation, vehicular social applications face complexities such as developing robust sensor management, performing signal and image processing tasks, and sharing information among users. This study utilizes a multimodal sensor analysis framework which enables the analysis of sensors in multimodal aspect. It also provides plugin-based analyzing interfaces to develop sensor and image processing based applications, and connects its users via a centralized application as well as to social networks to facilitate communication and socialization. With the usage of this framework, an on-road anomaly detector is being developed and tested. The detector utilizes the sensors of a mobile device and is able to identify anomalies such as hard brake, pothole crossing, and speed bump crossing. Upon such detection, the video portion containing the anomaly is automatically extracted in order to enable further image processing analysis. The detection results are shared on a central portal application for online traffic condition monitoring.

  12. Small-scale anomaly detection in panoramic imaging using neural models of low-level vision

    Science.gov (United States)

    Casey, Matthew C.; Hickman, Duncan L.; Pavlou, Athanasios; Sadler, James R. E.

    2011-06-01

    Our understanding of sensory processing in animals has reached the stage where we can exploit neurobiological principles in commercial systems. In human vision, one brain structure that offers insight into how we might detect anomalies in real-time imaging is the superior colliculus (SC). The SC is a small structure that rapidly orients our eyes to a movement, sound or touch that it detects, even when the stimulus may be on a small-scale; think of a camouflaged movement or the rustle of leaves. This automatic orientation allows us to prioritize the use of our eyes to raise awareness of a potential threat, such as a predator approaching stealthily. In this paper we describe the application of a neural network model of the SC to the detection of anomalies in panoramic imaging. The neural approach consists of a mosaic of topographic maps that are each trained using competitive Hebbian learning to rapidly detect image features of a pre-defined shape and scale. What makes this approach interesting is the ability of the competition between neurons to automatically filter noise, yet with the capability of generalizing the desired shape and scale. We will present the results of this technique applied to the real-time detection of obscured targets in visible-band panoramic CCTV images. Using background subtraction to highlight potential movement, the technique is able to correctly identify targets which span as little as 3 pixels wide while filtering small-scale noise.

  13. Adaptive cancellation of geomagnetic background noise for magnetic anomaly detection using coherence

    International Nuclear Information System (INIS)

    Liu, Dunge; Xu, Xin; Huang, Chao; Zhu, Wanhua; Liu, Xiaojun; Fang, Guangyou; Yu, Gang

    2015-01-01

    Magnetic anomaly detection (MAD) is an effective method for the detection of ferromagnetic targets against background magnetic fields. Currently, the performance of MAD systems is mainly limited by the background geomagnetic noise. Several techniques have been developed to detect target signatures, such as the synchronous reference subtraction (SRS) method. In this paper, we propose an adaptive coherent noise suppression (ACNS) method. The proposed method is capable of evaluating and detecting weak anomaly signals buried in background geomagnetic noise. Tests with real-world recorded magnetic signals show that the ACNS method can excellently remove the background geomagnetic noise by about 21 dB or more in high background geomagnetic field environments. Additionally, as a general form of the SRS method, the ACNS method offers appreciable advantages over the existing algorithms. Compared to the SRS method, the ACNS algorithm can eliminate the false target signals and represents a noise suppressing capability improvement of 6.4 dB. The positive outcomes in terms of intelligibility make this method a potential candidate for application in MAD systems. (paper)

  14. A robust background regression based score estimation algorithm for hyperspectral anomaly detection

    Science.gov (United States)

    Zhao, Rui; Du, Bo; Zhang, Liangpei; Zhang, Lefei

    2016-12-01

    Anomaly detection has become a hot topic in the hyperspectral image analysis and processing fields in recent years. The most important issue for hyperspectral anomaly detection is the background estimation and suppression. Unreasonable or non-robust background estimation usually leads to unsatisfactory anomaly detection results. Furthermore, the inherent nonlinearity of hyperspectral images may cover up the intrinsic data structure in the anomaly detection. In order to implement robust background estimation, as well as to explore the intrinsic data structure of the hyperspectral image, we propose a robust background regression based score estimation algorithm (RBRSE) for hyperspectral anomaly detection. The Robust Background Regression (RBR) is actually a label assignment procedure which segments the hyperspectral data into a robust background dataset and a potential anomaly dataset with an intersection boundary. In the RBR, a kernel expansion technique, which explores the nonlinear structure of the hyperspectral data in a reproducing kernel Hilbert space, is utilized to formulate the data as a density feature representation. A minimum squared loss relationship is constructed between the data density feature and the corresponding assigned labels of the hyperspectral data, to formulate the foundation of the regression. Furthermore, a manifold regularization term which explores the manifold smoothness of the hyperspectral data, and a maximization term of the robust background average density, which suppresses the bias caused by the potential anomalies, are jointly appended in the RBR procedure. After this, a paired-dataset based k-nn score estimation method is undertaken on the robust background and potential anomaly datasets, to implement the detection output. The experimental results show that RBRSE achieves superior ROC curves, AUC values, and background-anomaly separation than some of the other state-of-the-art anomaly detection methods, and is easy to implement

  15. A Mobile Device System for Early Warning of ECG Anomalies

    Directory of Open Access Journals (Sweden)

    Adam Szczepański

    2014-06-01

    Full Text Available With the rapid increase in computational power of mobile devices the amount of ambient intelligence-based smart environment systems has increased greatly in recent years. A proposition of such a solution is described in this paper, namely real time monitoring of an electrocardiogram (ECG signal during everyday activities for identification of life threatening situations. The paper, being both research and review, describes previous work of the authors, current state of the art in the context of the authors’ work and the proposed aforementioned system. Although parts of the solution were described in earlier publications of the authors, the whole concept is presented completely for the first time along with the prototype implementation on mobile device—a Windows 8 tablet with Modern UI. The system has three main purposes. The first goal is the detection of sudden rapid cardiac malfunctions and informing the people in the patient’s surroundings, family and friends and the nearest emergency station about the deteriorating health of the monitored person. The second goal is a monitoring of ECG signals under non-clinical conditions to detect anomalies that are typically not found during diagnostic tests. The third goal is to register and analyze repeatable, long-term disturbances in the regular signal and finding their patterns.

  16. Radiation anomaly detection algorithms for field-acquired gamma energy spectra

    Science.gov (United States)

    Mukhopadhyay, Sanjoy; Maurer, Richard; Wolff, Ron; Guss, Paul; Mitchell, Stephen

    2015-08-01

    The Remote Sensing Laboratory (RSL) is developing a tactical, networked radiation detection system that will be agile, reconfigurable, and capable of rapid threat assessment with high degree of fidelity and certainty. Our design is driven by the needs of users such as law enforcement personnel who must make decisions by evaluating threat signatures in urban settings. The most efficient tool available to identify the nature of the threat object is real-time gamma spectroscopic analysis, as it is fast and has a very low probability of producing false positive alarm conditions. Urban radiological searches are inherently challenged by the rapid and large spatial variation of background gamma radiation, the presence of benign radioactive materials in terms of the normally occurring radioactive materials (NORM), and shielded and/or masked threat sources. Multiple spectral anomaly detection algorithms have been developed by national laboratories and commercial vendors. For example, the Gamma Detector Response and Analysis Software (GADRAS) a one-dimensional deterministic radiation transport software capable of calculating gamma ray spectra using physics-based detector response functions was developed at Sandia National Laboratories. The nuisance-rejection spectral comparison ratio anomaly detection algorithm (or NSCRAD), developed at Pacific Northwest National Laboratory, uses spectral comparison ratios to detect deviation from benign medical and NORM radiation source and can work in spite of strong presence of NORM and or medical sources. RSL has developed its own wavelet-based gamma energy spectral anomaly detection algorithm called WAVRAD. Test results and relative merits of these different algorithms will be discussed and demonstrated.

  17. A Multi-Agent Framework for Anomalies Detection on Distributed Firewalls Using Data Mining Techniques

    Science.gov (United States)

    Karoui, Kamel; Ftima, Fakher Ben; Ghezala, Henda Ben

    The Agents and Data Mining integration has emerged as a promising area for disributed problems solving. Applying this integration on distributed firewalls will facilitate the anomalies detection process. In this chapter, we present a set of algorithms and mining techniques to analyse, manage and detect anomalies on distributed firewalls' policy rules using the multi-agent approach; first, for each firewall, a static agent will execute a set of data mining techniques to generate a new set of efficient firewall policy rules. Then, a mobile agent will exploit these sets of optimized rules to detect eventual anomalies on a specific firewall (intra-firewalls anomalies) or between firewalls (inter-firewalls anomalies). An experimental case study will be presented to demonstrate the usefulness of our approach.

  18. EXCEPTIONALLY RARE VARIANTS OF THE URINARY SYSTEM ANOMALIES - ROENTGEN PRESENTATION

    Directory of Open Access Journals (Sweden)

    Rade R. Babić

    2002-07-01

    Full Text Available The results of the radiological study of the urinary system anomalies are presented on the material consisting of 8,568 urographies done from 1990 to 2001 at the Institute for Radiology, Niš. The paper shows exceptionally rare anomalies of the urinary system: a horse-shoe shaped kidney with pyelocaliceal systems in its arms and isthmus, heterolateral ectopia of the kidney with fusion, abdominal-medial ectopia of the kidney with ventral malrotation and cup hyperplasia, hypoplastic cup, triple pyeolcaliceal system, M. Lenarduzzi and blind-ending of the Y-shaped urethra. The author concludes that, for the sake of performing every day professional work, it is necessary to possess detailed knowledge of the rarest urinary system anomalies.

  19. Aircraft Anomaly Detection Using Performance Models Trained on Fleet Data

    Science.gov (United States)

    Gorinevsky, Dimitry; Matthews, Bryan L.; Martin, Rodney

    2012-01-01

    This paper describes an application of data mining technology called Distributed Fleet Monitoring (DFM) to Flight Operational Quality Assurance (FOQA) data collected from a fleet of commercial aircraft. DFM transforms the data into aircraft performance models, flight-to-flight trends, and individual flight anomalies by fitting a multi-level regression model to the data. The model represents aircraft flight performance and takes into account fixed effects: flight-to-flight and vehicle-to-vehicle variability. The regression parameters include aerodynamic coefficients and other aircraft performance parameters that are usually identified by aircraft manufacturers in flight tests. Using DFM, the multi-terabyte FOQA data set with half-million flights was processed in a few hours. The anomalies found include wrong values of competed variables, (e.g., aircraft weight), sensor failures and baises, failures, biases, and trends in flight actuators. These anomalies were missed by the existing airline monitoring of FOQA data exceedances.

  20. Anomaly Detection for Beam Loss Maps in the Large Hadron Collider

    Science.gov (United States)

    Valentino, Gianluca; Bruce, Roderik; Redaelli, Stefano; Rossi, Roberto; Theodoropoulos, Panagiotis; Jaster-Merz, Sonja

    2017-07-01

    In the LHC, beam loss maps are used to validate collimator settings for cleaning and machine protection. This is done by monitoring the loss distribution in the ring during infrequent controlled loss map campaigns, as well as in standard operation. Due to the complexity of the system, consisting of more than 50 collimators per beam, it is difficult to identify small changes in the collimation hierarchy, which may be due to setting errors or beam orbit drifts with such methods. A technique based on Principal Component Analysis and Local Outlier Factor is presented to detect anomalies in the loss maps and therefore provide an automatic check of the collimation hierarchy.

  1. Anomaly Detection for Beam Loss Maps in the Large Hadron Collider

    International Nuclear Information System (INIS)

    Valentino, Gianluca; Bruce, Roderik; Redaelli, Stefano; Rossi, Roberto; Theodoropoulos, Panagiotis; Jaster-Merz, Sonja

    2017-01-01

    In the LHC, beam loss maps are used to validate collimator settings for cleaning and machine protection. This is done by monitoring the loss distribution in the ring during infrequent controlled loss map campaigns, as well as in standard operation. Due to the complexity of the system, consisting of more than 50 collimators per beam, it is difficult to identify small changes in the collimation hierarchy, which may be due to setting errors or beam orbit drifts with such methods. A technique based on Principal Component Analysis and Local Outlier Factor is presented to detect anomalies in the loss maps and therefore provide an automatic check of the collimation hierarchy. (paper)

  2. A measurement-based technique for incipient anomaly detection

    KAUST Repository

    Harrou, Fouzi; Sun, Ying

    2016-01-01

    Fault detection is essential for safe operation of various engineering systems. Principal component analysis (PCA) has been widely used in monitoring highly correlated process variables. Conventional PCA-based methods, nevertheless, often fail to detect small or incipient faults. In this paper, we develop new PCA-based monitoring charts, combining PCA with multivariate memory control charts, such as the multivariate cumulative sum (MCUSUM) and multivariate exponentially weighted moving average (MEWMA) monitoring schemes. The multivariate control charts with memory are sensitive to small and moderate faults in the process mean, which significantly improves the performance of PCA methods and widen their applicability in practice. Using simulated data, we demonstrate that the proposed PCA-based MEWMA and MCUSUM control charts are more effective in detecting small shifts in the mean of the multivariate process variables, and outperform the conventional PCA-based monitoring charts. © 2015 IEEE.

  3. A measurement-based technique for incipient anomaly detection

    KAUST Repository

    Harrou, Fouzi

    2016-06-13

    Fault detection is essential for safe operation of various engineering systems. Principal component analysis (PCA) has been widely used in monitoring highly correlated process variables. Conventional PCA-based methods, nevertheless, often fail to detect small or incipient faults. In this paper, we develop new PCA-based monitoring charts, combining PCA with multivariate memory control charts, such as the multivariate cumulative sum (MCUSUM) and multivariate exponentially weighted moving average (MEWMA) monitoring schemes. The multivariate control charts with memory are sensitive to small and moderate faults in the process mean, which significantly improves the performance of PCA methods and widen their applicability in practice. Using simulated data, we demonstrate that the proposed PCA-based MEWMA and MCUSUM control charts are more effective in detecting small shifts in the mean of the multivariate process variables, and outperform the conventional PCA-based monitoring charts. © 2015 IEEE.

  4. Design of a Fuzzy Logic based Framework for Comprehensive Anomaly Detection in Real-World Energy Consumption Data

    NARCIS (Netherlands)

    Hol, M.; Bilgin, A.; Bosse, T.; Bredeweg, B.

    2017-01-01

    Due to the rapid growth of energy consumption worldwide, it has become a necessity that the energy waste caused by buildings is explicated by the aid of automated systems that can identify anomalous behaviour. Comprehensible anomaly detection, however, is a challenging task considering the lack of

  5. An Anomaly Detection Algorithm of Cloud Platform Based on Self-Organizing Maps

    Directory of Open Access Journals (Sweden)

    Jun Liu

    2016-01-01

    Full Text Available Virtual machines (VM on a Cloud platform can be influenced by a variety of factors which can lead to decreased performance and downtime, affecting the reliability of the Cloud platform. Traditional anomaly detection algorithms and strategies for Cloud platforms have some flaws in their accuracy of detection, detection speed, and adaptability. In this paper, a dynamic and adaptive anomaly detection algorithm based on Self-Organizing Maps (SOM for virtual machines is proposed. A unified modeling method based on SOM to detect the machine performance within the detection region is presented, which avoids the cost of modeling a single virtual machine and enhances the detection speed and reliability of large-scale virtual machines in Cloud platform. The important parameters that affect the modeling speed are optimized in the SOM process to significantly improve the accuracy of the SOM modeling and therefore the anomaly detection accuracy of the virtual machine.

  6. Solar system anomalies: Revisiting Hubble's law

    Science.gov (United States)

    Plamondon, R.

    2017-12-01

    This paper investigates the impact of a new metric recently published [R. Plamondon and C. Ouellet-Plamondon, in On Recent Developments in Theoretical and Experimental General Relativity, Astrophysics, and Relativistic Field Theories, edited by K. Rosquist, R. T. Jantzen, and R. Ruffini (World Scientific, Singapore, 2015), p. 1301] for studying the space-time geometry of a static symmetric massive object. This metric depends on a complementary error function (erfc) potential that characterizes the emergent gravitation field predicted by the model. This results in two types of deviations as compared to computations made on the basis of a Newtonian potential: a constant and a radial outcome. One key feature of the metric is that it postulates the existence of an intrinsic physical constant σ , the massive object-specific proper length that scales measurements in its surroundings. Although σ must be evaluated experimentally, we use a heuristic to estimate its value and point out some latent relationships between the Hubble constant, the secular increase in the astronomical unit, and the Pioneers delay. Indeed, highlighting the systematic errors that emerge when the effect of σ is neglected, one can link the Hubble constant H 0 to σ Sun and the secular increase V AU to σ Earth . The accuracy of the resulting numerical predictions, H 0 = 74 . 42 ( 0 . 02 ) ( km / s ) / Mpc and V AU ≅ 7.8 cm yr-1 , calls for more investigations of this new metric by specific experts. Moreover, we investigate the expected impacts of the new metric on the flyby anomalies, and we revisit the Pioneers delay. It is shown that both phenomena could be partly taken into account within the context of this unifying paradigm, with quite accurate numerical predictions. A correction for the osculating asymptotic velocity at the perigee of the order of 10 mm/s and an inward radial acceleration of 8 . 34 × 10 - 10 m / s 2 affecting the Pioneer ! space crafts could be explained by this new model.

  7. OceanXtremes: Oceanographic Data-Intensive Anomaly Detection and Analysis Portal

    Data.gov (United States)

    National Aeronautics and Space Administration — Anomaly detection is a process of identifying items, events or observations, which do not conform to an expected pattern in a dataset or time series. Current and...

  8. Early detection and identification of anomalies in chemical regime based on computational intelligence techniques

    International Nuclear Information System (INIS)

    Figedy, Stefan; Smiesko, Ivan

    2012-01-01

    This article provides brief information about the fundamental features of a newly-developed diagnostic system for early detection and identification of anomalies being generated in water chemistry regime of the primary and secondary circuit of the VVER-440 reactor. This system, which is called SACHER (System of Analysis of CHEmical Regime), was installed within the major modernization project at the NPP-V2 Bohunice in the Slovak Republic. The SACHER system has been fully developed on MATLAB environment. It is based on computational intelligence techniques and inserts various elements of intelligent data processing modules for clustering, diagnosing, future prediction, signal validation, etc, into the overall chemical information system. The application of SACHER would essentially assist chemists to identify the current situation regarding anomalies being generated in the primary and secondary circuit water chemistry. This system is to be used for diagnostics and data handling, however it is not intended to fully replace the presence of experienced chemists to decide upon corrective actions. (author)

  9. Anomaly detection in OECD Benchmark data using co-variance methods

    International Nuclear Information System (INIS)

    Srinivasan, G.S.; Krinizs, K.; Por, G.

    1993-02-01

    OECD Benchmark data distributed for the SMORN VI Specialists Meeting in Reactor Noise were investigated for anomaly detection in artificially generated reactor noise benchmark analysis. It was observed that statistical features extracted from covariance matrix of frequency components are very sensitive in terms of the anomaly detection level. It is possible to create well defined alarm levels. (R.P.) 5 refs.; 23 figs.; 1 tab

  10. Detecting and modeling persistent self-potential anomalies from underground nuclear explosions at the Nevada Test Site

    International Nuclear Information System (INIS)

    McKague, H.L.; Kansa, E.; Kasameyer, P.W.

    1992-01-01

    Self-potential anomalies are naturally occurring, nearly stationary electric fields that are detected by measuring the potential difference between two points on (or in) the ground. SP anomalies arise from a number of causes: principally electrochemical reactions, and heat and fluid flows. SP is routinely used to locate mineral deposits, geothermal systems, and zones of seepage. This paper is a progress report on our work toward detecting explosion-related SP signals at the Nevada Test Site (NTS) and in understanding the physics of these anomalies that persist and continue changing over periods of time that range from months to years. As background, we also include a brief description of how SP signals arise, and we mention their use in other areas such as exploring for geothermal resources and locating seepage through dams. Between the years 1988 and 1991, we surveyed the areas around seven underground nuclear tests for persistent SP anomalies. We not only detected anomalies, but we also found that various phenomena could be contributing to them and that we did not know which of these were actually occurring. We analyzed our new data with existing steady state codes and with a newly developed time-dependent thermal modeling code. Our results with the new code showed that the conductive decay of the thermal pulse from an underground nuclear test could produce many of the observed signals, and that others are probably caused by movement of fluid induced by the explosion. 25 refs

  11. Multivariate diagnostics and anomaly detection for nuclear safeguards

    International Nuclear Information System (INIS)

    Burr, T.

    1994-01-01

    For process control and other reasons, new and future nuclear reprocessing plants are expected to be increasingly more automated than older plants. As a consequence of this automation, the quantity of data potentially available for safeguards may be much greater in future reprocessing plants than in current plants. The authors first review recent literature that applies multivariate Shewhart and multivariate cumulative sum (Cusum) tests to detect anomalous data. These tests are used to evaluate residuals obtained from a simulated three-tank problem in which five variables (volume, density, and concentrations of uranium, plutonium, and nitric acid) in each tank are modeled and measured. They then present results from several simulations involving transfers between the tanks and between the tanks and the environment. Residuals from a no-fault problem in which the measurements and model predictions are both correct are used to develop Cusum test parameters which are then used to test for faults for several simulated anomalous situations, such as an unknown leak or diversion of material from one of the tanks. The leak can be detected by comparing measurements, which estimate the true state of the tank system, with the model predictions, which estimate the state of the tank system as it ''should'' be. The no-fault simulation compares false alarm behavior for the various tests, whereas the anomalous problems allow one to compare the power of the various tests to detect faults under possible diversion scenarios. For comparison with the multivariate tests, univariate tests are also applied to the residuals

  12. Bio-Inspired Distributed Decision Algorithms for Anomaly Detection

    Science.gov (United States)

    2017-03-01

    Generation Services (ETG) 3. Replay of Traffic Traces (RTT) BTG creates “ norm ” traffic background with pre-specified distribution, BTG takes in a...a cap on the IP counter to offset this artificial effect. For this reason, we also evaluated the dependence of DIAMoND performance on the IP counter... cap . 3.3.2.10 Performance Evaluation Metrics. Given the local anomaly detector is based on TCP session negotiation protocols, it is natural to

  13. Detection of Airway Anomalies in?Pediatric?Patients with Cardiovascular Anomalies with Low Dose Prospective ECG-Gated Dual-Source CT

    OpenAIRE

    Jiao, Hui; Xu, Zhuodong; Wu, Lebin; Cheng, Zhaoping; Ji, Xiaopeng; Zhong, Hai; Meng, Chen

    2013-01-01

    OBJECTIVES: To assess the feasibility of low-dose prospective ECG-gated dual-source CT (DSCT) in detecting airway anomalies in pediatric patients with cardiovascular anomalies compared with flexible tracheobronchoscopy (FTB). METHODS: 33 pediatrics with respiratory symptoms who had been revealed cardiovascular anomalies by transthoracic echocardiography underwent FTB and contrast material-enhanced prospective ECG-triggering CT were enrolled. The study was approved by our institution review bo...

  14. Lunar magnetic anomalies detected by the Apollo substatellite magnetometers

    Science.gov (United States)

    Hood, L.L.; Coleman, P.J.; Russell, C.T.; Wilhelms, D.E.

    1979-01-01

    Properties of lunar crustal magnetization thus far deduced from Apollo subsatellite magnetometer data are reviewed using two of the most accurate presently available magnetic anomaly maps - one covering a portion of the lunar near side and the other a part of the far side. The largest single anomaly found within the region of coverage on the near-side map correlates exactly with a conspicuous, light-colored marking in western Oceanus Procellarum called Reiner Gamma. This feature is interpreted as an unusual deposit of ejecta from secondary craters of the large nearby primary impact crater Cavalerius. An age for Cavalerius (and, by implication, for Reiner Gamma) of 3.2 ?? 0.2 ?? 109 y is estimated. The main (30 ?? 60 km) Reiner Gamma deposit is nearly uniformly magnetized in a single direction, with a minimum mean magnetization intensity of ???7 ?? 10-2 G cm3/g (assuming a density of 3 g/cm3), or about 700 times the stable magnetization component of the most magnetic returned samples. Additional medium-amplitude anomalies exist over the Fra Mauro Formation (Imbrium basin ejecta emplaced ???3.9 ?? 109 y ago) where it has not been flooded by mare basalt flows, but are nearly absent over the maria and over the craters Copernicus, Kepler, and Reiner and their encircling ejecta mantles. The mean altitude of the far-side anomaly gap is much higher than that of the near-side map and the surface geology is more complex, so individual anomaly sources have not yet been identified. However, it is clear that a concentration of especially strong sources exists in the vicinity of the craters Van de Graaff and Aitken. Numerical modeling of the associated fields reveals that the source locations do not correspond with the larger primary impact craters of the region and, by analogy with Reiner Gamma, may be less conspicuous secondary crater ejecta deposits. The reason for a special concentration of strong sources in the Van de Graaff-Aitken region is unknown, but may be indirectly

  15. Recurring Anomaly Detection System (ReADS)

    Data.gov (United States)

    National Aeronautics and Space Administration — Overview: ReADS can analyze text reports, such as aviation reports and problem or maintenance records. ReADS uses text clustering algorithms to group loosely related...

  16. Multi-Level Anomaly Detection on Time-Varying Graph Data

    Energy Technology Data Exchange (ETDEWEB)

    Bridges, Robert A [ORNL; Collins, John P [ORNL; Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Sullivan, Blair D [ORNL

    2015-01-01

    This work presents a novel modeling and analysis framework for graph sequences which addresses the challenge of detecting and contextualizing anomalies in labelled, streaming graph data. We introduce a generalization of the BTER model of Seshadhri et al. by adding flexibility to community structure, and use this model to perform multi-scale graph anomaly detection. Specifically, probability models describing coarse subgraphs are built by aggregating probabilities at finer levels, and these closely related hierarchical models simultaneously detect deviations from expectation. This technique provides insight into a graph's structure and internal context that may shed light on a detected event. Additionally, this multi-scale analysis facilitates intuitive visualizations by allowing users to narrow focus from an anomalous graph to particular subgraphs or nodes causing the anomaly. For evaluation, two hierarchical anomaly detectors are tested against a baseline Gaussian method on a series of sampled graphs. We demonstrate that our graph statistics-based approach outperforms both a distribution-based detector and the baseline in a labeled setting with community structure, and it accurately detects anomalies in synthetic and real-world datasets at the node, subgraph, and graph levels. To illustrate the accessibility of information made possible via this technique, the anomaly detector and an associated interactive visualization tool are tested on NCAA football data, where teams and conferences that moved within the league are identified with perfect recall, and precision greater than 0.786.

  17. Insider Anomaly Measurement Processing System (IAMPS)

    National Research Council Canada - National Science Library

    McCallam, Dennis

    2002-01-01

    .... Several forms of authentication information and types of sensors were considered as part of the IAMPS suite, with the goal of using common COTS sensors to enhance transfer of IAMPS technology into real world systems...

  18. Duplicated Renal System with H Shaped Ureter: An Extraordinary Anomaly

    Directory of Open Access Journals (Sweden)

    Fatih Akbulut

    2016-01-01

    Full Text Available Duplex collecting systems are the most commonly encountered anomaly of the urinary system. Complete duplex system with an H shaped ureter is a very rare situation. There are only two reported H ureter cases in the literature. Herein, we aimed to present an H shaped ureter case, which was identified while performing ureterorenoscopy to a 48-year-old female patient due to a right distal ureteral stone.

  19. Implementing Operational Analytics using Big Data Technologies to Detect and Predict Sensor Anomalies

    Science.gov (United States)

    Coughlin, J.; Mital, R.; Nittur, S.; SanNicolas, B.; Wolf, C.; Jusufi, R.

    2016-09-01

    Operational analytics when combined with Big Data technologies and predictive techniques have been shown to be valuable in detecting mission critical sensor anomalies that might be missed by conventional analytical techniques. Our approach helps analysts and leaders make informed and rapid decisions by analyzing large volumes of complex data in near real-time and presenting it in a manner that facilitates decision making. It provides cost savings by being able to alert and predict when sensor degradations pass a critical threshold and impact mission operations. Operational analytics, which uses Big Data tools and technologies, can process very large data sets containing a variety of data types to uncover hidden patterns, unknown correlations, and other relevant information. When combined with predictive techniques, it provides a mechanism to monitor and visualize these data sets and provide insight into degradations encountered in large sensor systems such as the space surveillance network. In this study, data from a notional sensor is simulated and we use big data technologies, predictive algorithms and operational analytics to process the data and predict sensor degradations. This study uses data products that would commonly be analyzed at a site. This study builds on a big data architecture that has previously been proven valuable in detecting anomalies. This paper outlines our methodology of implementing an operational analytic solution through data discovery, learning and training of data modeling and predictive techniques, and deployment. Through this methodology, we implement a functional architecture focused on exploring available big data sets and determine practical analytic, visualization, and predictive technologies.

  20. Detection of anomaly in human retina using Laplacian Eigenmaps and vectorized matched filtering

    Science.gov (United States)

    Yacoubou Djima, Karamatou A.; Simonelli, Lucia D.; Cunningham, Denise; Czaja, Wojciech

    2015-03-01

    We present a novel method for automated anomaly detection on auto fluorescent data provided by the National Institute of Health (NIH). This is motivated by the need for new tools to improve the capability of diagnosing macular degeneration in its early stages, track the progression over time, and test the effectiveness of new treatment methods. In previous work, macular anomalies have been detected automatically through multiscale analysis procedures such as wavelet analysis or dimensionality reduction algorithms followed by a classification algorithm, e.g., Support Vector Machine. The method that we propose is a Vectorized Matched Filtering (VMF) algorithm combined with Laplacian Eigenmaps (LE), a nonlinear dimensionality reduction algorithm with locality preserving properties. By applying LE, we are able to represent the data in the form of eigenimages, some of which accentuate the visibility of anomalies. We pick significant eigenimages and proceed with the VMF algorithm that classifies anomalies across all of these eigenimages simultaneously. To evaluate our performance, we compare our method to two other schemes: a matched filtering algorithm based on anomaly detection on single images and a combination of PCA and VMF. LE combined with VMF algorithm performs best, yielding a high rate of accurate anomaly detection. This shows the advantage of using a nonlinear approach to represent the data and the effectiveness of VMF, which operates on the images as a data cube rather than individual images.

  1. A Hybrid Semi-Supervised Anomaly Detection Model for High-Dimensional Data

    Directory of Open Access Journals (Sweden)

    Hongchao Song

    2017-01-01

    Full Text Available Anomaly detection, which aims to identify observations that deviate from a nominal sample, is a challenging task for high-dimensional data. Traditional distance-based anomaly detection methods compute the neighborhood distance between each observation and suffer from the curse of dimensionality in high-dimensional space; for example, the distances between any pair of samples are similar and each sample may perform like an outlier. In this paper, we propose a hybrid semi-supervised anomaly detection model for high-dimensional data that consists of two parts: a deep autoencoder (DAE and an ensemble k-nearest neighbor graphs- (K-NNG- based anomaly detector. Benefiting from the ability of nonlinear mapping, the DAE is first trained to learn the intrinsic features of a high-dimensional dataset to represent the high-dimensional data in a more compact subspace. Several nonparametric KNN-based anomaly detectors are then built from different subsets that are randomly sampled from the whole dataset. The final prediction is made by all the anomaly detectors. The performance of the proposed method is evaluated on several real-life datasets, and the results confirm that the proposed hybrid model improves the detection accuracy and reduces the computational complexity.

  2. Theoretical and numerical investigations into the SPRT method for anomaly detection

    Energy Technology Data Exchange (ETDEWEB)

    Schoonewelle, H.; Hagen, T.H.J.J. van der; Hoogenboom, J.E. [Interuniversitair Reactor Inst., Delft (Netherlands)

    1995-11-01

    The sequential probability ratio test developed by Wald is a powerful method of testing an alternative hypothesis against a null hypothesis. This makes the method applicable for anomaly detection. In this paper the method is used to detect a change of the standard deviation of a Gaussian distributed white noise signal. The false alarm probability, the alarm failure probability and the average time to alarm of the method, which are important parameters for anomaly detection, are determined by simulation and compared with theoretical results. Each of the three parameters is presented in dependence of the other two and the ratio of the standard deviation of the anomalous signal and that of the normal signal. Results show that the method is very well suited for anomaly detection. It can detect for example a 50% change in standard deviation within 1 second with a false alarm and alarm failure rate of less than once per month. (author).

  3. Theoretical and numerical investigations into the SPRT method for anomaly detection

    International Nuclear Information System (INIS)

    Schoonewelle, H.; Hagen, T.H.J.J. van der; Hoogenboom, J.E.

    1995-01-01

    The sequential probability ratio test developed by Wald is a powerful method of testing an alternative hypothesis against a null hypothesis. This makes the method applicable for anomaly detection. In this paper the method is used to detect a change of the standard deviation of a Gaussian distributed white noise signal. The false alarm probability, the alarm failure probability and the average time to alarm of the method, which are important parameters for anomaly detection, are determined by simulation and compared with theoretical results. Each of the three parameters is presented in dependence of the other two and the ratio of the standard deviation of the anomalous signal and that of the normal signal. Results show that the method is very well suited for anomaly detection. It can detect for example a 50% change in standard deviation within 1 second with a false alarm and alarm failure rate of less than once per month. (author)

  4. SUSY anomaly in quantum-mechanical systems

    International Nuclear Information System (INIS)

    Smilga, A.V.

    1987-01-01

    Explicit examples of supersymmetric systems involving finite numbers of degrees of freedom where quantum supersymmetry algebra cannot be preserved on the classical level, are constructed. Resolving the ordering ambiguities in different ways leads either to a modified algebra or to a reduced algebra, or totally destroys supersymmetry

  5. Superconducting gap anomaly in heavy fermion systems

    Indian Academy of Sciences (India)

    of a pseudo-gap due to superconductivity and the signature of a hybridization gap at the. Fermi level. For the choice of the model parameters, the DOS shows that the HFS is a metal and undergoes a transition to the gap-less superconducting state. Keywords. Heavy fermion superconductor; Narrow band system; Valence ...

  6. MedMon: securing medical devices through wireless monitoring and anomaly detection.

    Science.gov (United States)

    Zhang, Meng; Raghunathan, Anand; Jha, Niraj K

    2013-12-01

    Rapid advances in personal healthcare systems based on implantable and wearable medical devices promise to greatly improve the quality of diagnosis and treatment for a range of medical conditions. However, the increasing programmability and wireless connectivity of medical devices also open up opportunities for malicious attackers. Unfortunately, implantable/wearable medical devices come with extreme size and power constraints, and unique usage models, making it infeasible to simply borrow conventional security solutions such as cryptography. We propose a general framework for securing medical devices based on wireless channel monitoring and anomaly detection. Our proposal is based on a medical security monitor (MedMon) that snoops on all the radio-frequency wireless communications to/from medical devices and uses multi-layered anomaly detection to identify potentially malicious transactions. Upon detection of a malicious transaction, MedMon takes appropriate response actions, which could range from passive (notifying the user) to active (jamming the packets so that they do not reach the medical device). A key benefit of MedMon is that it is applicable to existing medical devices that are in use by patients, with no hardware or software modifications to them. Consequently, it also leads to zero power overheads on these devices. We demonstrate the feasibility of our proposal by developing a prototype implementation for an insulin delivery system using off-the-shelf components (USRP software-defined radio). We evaluate its effectiveness under several attack scenarios. Our results show that MedMon can detect virtually all naive attacks and a large fraction of more sophisticated attacks, suggesting that it is an effective approach to enhancing the security of medical devices.

  7. A new comparison of hyperspectral anomaly detection algorithms for real-time applications

    Science.gov (United States)

    Díaz, María.; López, Sebastián.; Sarmiento, Roberto

    2016-10-01

    Due to the high spectral resolution that remotely sensed hyperspectral images provide, there has been an increasing interest in anomaly detection. The aim of anomaly detection is to stand over pixels whose spectral signature differs significantly from the background spectra. Basically, anomaly detectors mark pixels with a certain score, considering as anomalies those whose scores are higher than a threshold. Receiver Operating Characteristic (ROC) curves have been widely used as an assessment measure in order to compare the performance of different algorithms. ROC curves are graphical plots which illustrate the trade- off between false positive and true positive rates. However, they are limited in order to make deep comparisons due to the fact that they discard relevant factors required in real-time applications such as run times, costs of misclassification and the competence to mark anomalies with high scores. This last fact is fundamental in anomaly detection in order to distinguish them easily from the background without any posterior processing. An extensive set of simulations have been made using different anomaly detection algorithms, comparing their performances and efficiencies using several extra metrics in order to complement ROC curves analysis. Results support our proposal and demonstrate that ROC curves do not provide a good visualization of detection performances for themselves. Moreover, a figure of merit has been proposed in this paper which encompasses in a single global metric all the measures yielded for the proposed additional metrics. Therefore, this figure, named Detection Efficiency (DE), takes into account several crucial types of performance assessment that ROC curves do not consider. Results demonstrate that algorithms with the best detection performances according to ROC curves do not have the highest DE values. Consequently, the recommendation of using extra measures to properly evaluate performances have been supported and justified by

  8. Global Anomaly Detection in Two-Dimensional Symmetry-Protected Topological Phases

    Science.gov (United States)

    Bultinck, Nick; Vanhove, Robijn; Haegeman, Jutho; Verstraete, Frank

    2018-04-01

    Edge theories of symmetry-protected topological phases are well known to possess global symmetry anomalies. In this Letter we focus on two-dimensional bosonic phases protected by an on-site symmetry and analyze the corresponding edge anomalies in more detail. Physical interpretations of the anomaly in terms of an obstruction to orbifolding and constructing symmetry-preserving boundaries are connected to the cohomology classification of symmetry-protected phases in two dimensions. Using the tensor network and matrix product state formalism we numerically illustrate our arguments and discuss computational detection schemes to identify symmetry-protected order in a ground state wave function.

  9. Advancements of Data Anomaly Detection Research in Wireless Sensor Networks: A Survey and Open Issues

    Directory of Open Access Journals (Sweden)

    Mohd Aizaini Maarof

    2013-08-01

    Full Text Available Wireless Sensor Networks (WSNs are important and necessary platforms for the future as the concept “Internet of Things” has emerged lately. They are used for monitoring, tracking, or controlling of many applications in industry, health care, habitat, and military. However, the quality of data collected by sensor nodes is affected by anomalies that occur due to various reasons, such as node failures, reading errors, unusual events, and malicious attacks. Therefore, anomaly detection is a necessary process to ensure the quality of sensor data before it is utilized for making decisions. In this review, we present the challenges of anomaly detection in WSNs and state the requirements to design efficient and effective anomaly detection models. We then review the latest advancements of data anomaly detection research in WSNs and classify current detection approaches in five main classes based on the detection methods used to design these approaches. Varieties of the state-of-the-art models for each class are covered and their limitations are highlighted to provide ideas for potential future works. Furthermore, the reviewed approaches are compared and evaluated based on how well they meet the stated requirements. Finally, the general limitations of current approaches are mentioned and further research opportunities are suggested and discussed.

  10. Advancements of Data Anomaly Detection Research in Wireless Sensor Networks: A Survey and Open Issues

    Science.gov (United States)

    Rassam, Murad A.; Zainal, Anazida; Maarof, Mohd Aizaini

    2013-01-01

    Wireless Sensor Networks (WSNs) are important and necessary platforms for the future as the concept “Internet of Things” has emerged lately. They are used for monitoring, tracking, or controlling of many applications in industry, health care, habitat, and military. However, the quality of data collected by sensor nodes is affected by anomalies that occur due to various reasons, such as node failures, reading errors, unusual events, and malicious attacks. Therefore, anomaly detection is a necessary process to ensure the quality of sensor data before it is utilized for making decisions. In this review, we present the challenges of anomaly detection in WSNs and state the requirements to design efficient and effective anomaly detection models. We then review the latest advancements of data anomaly detection research in WSNs and classify current detection approaches in five main classes based on the detection methods used to design these approaches. Varieties of the state-of-the-art models for each class are covered and their limitations are highlighted to provide ideas for potential future works. Furthermore, the reviewed approaches are compared and evaluated based on how well they meet the stated requirements. Finally, the general limitations of current approaches are mentioned and further research opportunities are suggested and discussed. PMID:23966182

  11. A New Unified Intrusion Anomaly Detection in Identifying Unseen Web Attacks

    Directory of Open Access Journals (Sweden)

    Muhammad Hilmi Kamarudin

    2017-01-01

    Full Text Available The global usage of more sophisticated web-based application systems is obviously growing very rapidly. Major usage includes the storing and transporting of sensitive data over the Internet. The growth has consequently opened up a serious need for more secured network and application security protection devices. Security experts normally equip their databases with a large number of signatures to help in the detection of known web-based threats. In reality, it is almost impossible to keep updating the database with the newly identified web vulnerabilities. As such, new attacks are invisible. This research presents a novel approach of Intrusion Detection System (IDS in detecting unknown attacks on web servers using the Unified Intrusion Anomaly Detection (UIAD approach. The unified approach consists of three components (preprocessing, statistical analysis, and classification. Initially, the process starts with the removal of irrelevant and redundant features using a novel hybrid feature selection method. Thereafter, the process continues with the application of a statistical approach to identifying traffic abnormality. We performed Relative Percentage Ratio (RPR coupled with Euclidean Distance Analysis (EDA and the Chebyshev Inequality Theorem (CIT to calculate the normality score and generate a finest threshold. Finally, Logitboost (LB is employed alongside Random Forest (RF as a weak classifier, with the aim of minimising the final false alarm rate. The experiment has demonstrated that our approach has successfully identified unknown attacks with greater than a 95% detection rate and less than a 1% false alarm rate for both the DARPA 1999 and the ISCX 2012 datasets.

  12. Toward Bulk Synchronous Parallel-Based Machine Learning Techniques for Anomaly Detection in High-Speed Big Data Networks

    Directory of Open Access Journals (Sweden)

    Kamran Siddique

    2017-09-01

    Full Text Available Anomaly detection systems, also known as intrusion detection systems (IDSs, continuously monitor network traffic aiming to identify malicious actions. Extensive research has been conducted to build efficient IDSs emphasizing two essential characteristics. The first is concerned with finding optimal feature selection, while another deals with employing robust classification schemes. However, the advent of big data concepts in anomaly detection domain and the appearance of sophisticated network attacks in the modern era require some fundamental methodological revisions to develop IDSs. Therefore, we first identify two more significant characteristics in addition to the ones mentioned above. These refer to the need for employing specialized big data processing frameworks and utilizing appropriate datasets for validating system’s performance, which is largely overlooked in existing studies. Afterwards, we set out to develop an anomaly detection system that comprehensively follows these four identified characteristics, i.e., the proposed system (i performs feature ranking and selection using information gain and automated branch-and-bound algorithms respectively; (ii employs logistic regression and extreme gradient boosting techniques for classification; (iii introduces bulk synchronous parallel processing to cater computational requirements of high-speed big data networks; and; (iv uses the Infromation Security Centre of Excellence, of the University of Brunswick real-time contemporary dataset for performance evaluation. We present experimental results that verify the efficacy of the proposed system.

  13. Detection of admittivity anomaly on high-contrast heterogeneous backgrounds using frequency difference EIT.

    Science.gov (United States)

    Jang, J; Seo, J K

    2015-06-01

    This paper describes a multiple background subtraction method in frequency difference electrical impedance tomography (fdEIT) to detect an admittivity anomaly from a high-contrast background conductivity distribution. The proposed method expands the use of the conventional weighted frequency difference EIT method, which has been used limitedly to detect admittivity anomalies in a roughly homogeneous background. The proposed method can be viewed as multiple weighted difference imaging in fdEIT. Although the spatial resolutions of the output images by fdEIT are very low due to the inherent ill-posedness, numerical simulations and phantom experiments of the proposed method demonstrate its feasibility to detect anomalies. It has potential application in stroke detection in a head model, which is highly heterogeneous due to the skull.

  14. Superconducting gap anomaly in heavy fermion systems

    International Nuclear Information System (INIS)

    Rout, G.C.; Ojha, M.S.; Behera, S.N.

    2008-01-01

    The heavy fermion system (HFS) is described by the periodic Anderson model (PAM), treating the Coulomb correlation between the f-electrons in the mean-field Hartree-Fock approximation. Superconductivity is introduced by a BCS-type pairing term among the conduction electrons. Within this approximation the equation for the superconducting gap is derived, which depends on the effective position of the energy level of the f-electrons relative to the Fermi level. The latter in turn depends on the occupation probability n f of the f-electrons. The gap equation is solved self-consistently with the equation for n f ; and their temperature dependences are studied for different positions of the bare f-electron energy level, with respect to the Fermi level. The dependence of the superconducting gap on the hybridization leads to a re-entrant behaviour with increasing strength. The induced pairing between the f-electrons and the pairing of mixed conduction and f-electrons due to hybridization are also determined. The temperature dependence of the hybridization parameter, which characterizes the number of electrons with mixed character and represents the number of heavy electrons is studied. This number is shown to be small. The quasi-particle density of states (DOS) shows the existence of a pseudo-gap due to superconductivity and the signature of a hybridization gap at the Fermi level. For the choice of the model parameters, the DOS shows that the HFS is a metal and undergoes a transition to the gap-less superconducting state. (author)

  15. GLRT Based Anomaly Detection for Sensor Network Monitoring

    KAUST Repository

    Harrou, Fouzi

    2015-12-07

    Proper operation of antenna arrays requires continuously monitoring their performances. When a fault occurs in an antenna array, the radiation pattern changes and can significantly deviate from the desired design performance specifications. In this paper, the problem of fault detection in linear antenna arrays is addressed within a statistical framework. Specifically, a statistical fault detection method based on the generalized likelihood ratio (GLR) principle is utilized for detecting potential faults in linear antenna arrays. The proposed method relies on detecting deviations in the radiation pattern of the monitored array with respect to a reference (fault-free) one. To assess the abilities of the GLR based fault detection method, three case studies involving different types of faults have been performed. The simulation results clearly illustrate the effectiveness of the GLR-based fault detection method in monitoring the performance of linear antenna arrays.

  16. GLRT Based Anomaly Detection for Sensor Network Monitoring

    KAUST Repository

    Harrou, Fouzi; Sun, Ying

    2015-01-01

    Proper operation of antenna arrays requires continuously monitoring their performances. When a fault occurs in an antenna array, the radiation pattern changes and can significantly deviate from the desired design performance specifications. In this paper, the problem of fault detection in linear antenna arrays is addressed within a statistical framework. Specifically, a statistical fault detection method based on the generalized likelihood ratio (GLR) principle is utilized for detecting potential faults in linear antenna arrays. The proposed method relies on detecting deviations in the radiation pattern of the monitored array with respect to a reference (fault-free) one. To assess the abilities of the GLR based fault detection method, three case studies involving different types of faults have been performed. The simulation results clearly illustrate the effectiveness of the GLR-based fault detection method in monitoring the performance of linear antenna arrays.

  17. Anomaly Detection and Mitigation at Internet Scale: A Survey

    NARCIS (Netherlands)

    Steinberger, Jessica; Schehlmann, Lisa; Abt, Sebastian; Baier, Harald; Doyen, Guillaume; Waldburger, Martin; Celeda, Pavel; Sperotto, Anna; Stiller, Burkhard

    Network-based attacks pose a strong threat to the Internet landscape. There are different possibilities to encounter these threats. On the one hand attack detection operated at the end-users' side, on the other hand attack detection implemented at network operators' infrastructures. An obvious

  18. Anomaly detection in random heterogeneous media Feynman-Kac formulae, stochastic homogenization and statistical inversion

    CERN Document Server

    Simon, Martin

    2015-01-01

    This monograph is concerned with the analysis and numerical solution of a stochastic inverse anomaly detection problem in electrical impedance tomography (EIT). Martin Simon studies the problem of detecting a parameterized anomaly in an isotropic, stationary and ergodic conductivity random field whose realizations are rapidly oscillating. For this purpose, he derives Feynman-Kac formulae to rigorously justify stochastic homogenization in the case of the underlying stochastic boundary value problem. The author combines techniques from the theory of partial differential equations and functional analysis with probabilistic ideas, paving the way to new mathematical theorems which may be fruitfully used in the treatment of the problem at hand. Moreover, the author proposes an efficient numerical method in the framework of Bayesian inversion for the practical solution of the stochastic inverse anomaly detection problem.   Contents Feynman-Kac formulae Stochastic homogenization Statistical inverse problems  Targe...

  19. RFID-Based Human Behavior Modeling and Anomaly Detection for Elderly Care

    Directory of Open Access Journals (Sweden)

    Hui-Huang Hsu

    2010-01-01

    Full Text Available This research aimed at building an intelligent system that can detect abnormal behavior for the elderly at home. Active RFID tags can be deployed at home to help collect daily movement data of the elderly who carries an RFID reader. When the reader detects the signals from the tags, RSSI values that represent signal strength are obtained. The RSSI values are reversely related to the distance between the tags and the reader and they are recorded following the movement of the user. The movement patterns, not the exact locations, of the user are the major concern. With the movement data (RSSI values, the clustering technique is then used to build a personalized model of normal behavior. After the model is built, any incoming datum outside the model can be viewed as abnormal and an alarm can be raised by the system. In this paper, we present the system architecture for RFID data collection and preprocessing, clustering for anomaly detection, and experimental results. The results show that this novel approach is promising.

  20. WE-H-BRC-06: A Unified Machine-Learning Based Probabilistic Model for Automated Anomaly Detection in the Treatment Plan Data

    International Nuclear Information System (INIS)

    Chang, X; Liu, S; Kalet, A; Yang, D

    2016-01-01

    Purpose: The purpose of this work was to investigate the ability of a machine-learning based probabilistic approach to detect radiotherapy treatment plan anomalies given initial disease classes information. Methods In total we obtained 1112 unique treatment plans with five plan parameters and disease information from a Mosaiq treatment management system database for use in the study. The plan parameters include prescription dose, fractions, fields, modality and techniques. The disease information includes disease site, and T, M and N disease stages. A Bayesian network method was employed to model the probabilistic relationships between tumor disease information, plan parameters and an anomaly flag. A Bayesian learning method with Dirichlet prior was useed to learn the joint probabilities between dependent variables in error-free plan data and data with artificially induced anomalies. In the study, we randomly sampled data with anomaly in a specified anomaly space.We tested the approach with three groups of plan anomalies – improper concurrence of values of all five plan parameters and values of any two out of five parameters, and all single plan parameter value anomalies. Totally, 16 types of plan anomalies were covered by the study. For each type, we trained an individual Bayesian network. Results: We found that the true positive rate (recall) and positive predictive value (precision) to detect concurrence anomalies of five plan parameters in new patient cases were 94.45±0.26% and 93.76±0.39% respectively. To detect other 15 types of plan anomalies, the average recall and precision were 93.61±2.57% and 93.78±3.54% respectively. The computation time to detect the plan anomaly of each type in a new plan is ∼0.08 seconds. Conclusion: The proposed method for treatment plan anomaly detection was found effective in the initial tests. The results suggest that this type of models could be applied to develop plan anomaly detection tools to assist manual and

  1. WE-H-BRC-06: A Unified Machine-Learning Based Probabilistic Model for Automated Anomaly Detection in the Treatment Plan Data

    Energy Technology Data Exchange (ETDEWEB)

    Chang, X; Liu, S [Washington University in St. Louis, St. Louis, MO (United States); Kalet, A [University of Washington Medical Center, Seattle, WA (United States); Yang, D [Washington University in St Louis, St Louis, MO (United States)

    2016-06-15

    Purpose: The purpose of this work was to investigate the ability of a machine-learning based probabilistic approach to detect radiotherapy treatment plan anomalies given initial disease classes information. Methods In total we obtained 1112 unique treatment plans with five plan parameters and disease information from a Mosaiq treatment management system database for use in the study. The plan parameters include prescription dose, fractions, fields, modality and techniques. The disease information includes disease site, and T, M and N disease stages. A Bayesian network method was employed to model the probabilistic relationships between tumor disease information, plan parameters and an anomaly flag. A Bayesian learning method with Dirichlet prior was useed to learn the joint probabilities between dependent variables in error-free plan data and data with artificially induced anomalies. In the study, we randomly sampled data with anomaly in a specified anomaly space.We tested the approach with three groups of plan anomalies – improper concurrence of values of all five plan parameters and values of any two out of five parameters, and all single plan parameter value anomalies. Totally, 16 types of plan anomalies were covered by the study. For each type, we trained an individual Bayesian network. Results: We found that the true positive rate (recall) and positive predictive value (precision) to detect concurrence anomalies of five plan parameters in new patient cases were 94.45±0.26% and 93.76±0.39% respectively. To detect other 15 types of plan anomalies, the average recall and precision were 93.61±2.57% and 93.78±3.54% respectively. The computation time to detect the plan anomaly of each type in a new plan is ∼0.08 seconds. Conclusion: The proposed method for treatment plan anomaly detection was found effective in the initial tests. The results suggest that this type of models could be applied to develop plan anomaly detection tools to assist manual and

  2. Stochastic anomaly detection in eye-tracking data for quantification of motor symptoms in Parkinson's disease

    Science.gov (United States)

    Jansson, Daniel; Medvedev, Alexander; Axelson, Hans; Nyholm, Dag

    2013-10-01

    Two methods for distinguishing between healthy controls and patients diagnosed with Parkinson's disease by means of recorded smooth pursuit eye movements are presented and evaluated. Both methods are based on the principles of stochastic anomaly detection and make use of orthogonal series approximation for probability distribution estimation. The first method relies on the identification of a Wiener-type model of the smooth pursuit system and attempts to find statistically significant differences between the estimated parameters in healthy controls and patientts with Parkinson's disease. The second method applies the same statistical method to distinguish between the gaze trajectories of healthy and Parkinson subjects attempting to track visual stimuli. Both methods show promising results, where healthy controls and patients with Parkinson's disease are effectively separated in terms of the considered metric. The results are preliminary because of the small number of participating test subjects, but they are indicative of the potential of the presented methods as diagnosing or staging tools for Parkinson's disease.

  3. Statistical Techniques For Real-time Anomaly Detection Using Spark Over Multi-source VMware Performance Data

    Energy Technology Data Exchange (ETDEWEB)

    Solaimani, Mohiuddin [Univ. of Texas-Dallas, Richardson, TX (United States); Iftekhar, Mohammed [Univ. of Texas-Dallas, Richardson, TX (United States); Khan, Latifur [Univ. of Texas-Dallas, Richardson, TX (United States); Thuraisingham, Bhavani [Univ. of Texas-Dallas, Richardson, TX (United States); Ingram, Joey Burton [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-09-01

    Anomaly detection refers to the identi cation of an irregular or unusual pat- tern which deviates from what is standard, normal, or expected. Such deviated patterns typically correspond to samples of interest and are assigned different labels in different domains, such as outliers, anomalies, exceptions, or malware. Detecting anomalies in fast, voluminous streams of data is a formidable chal- lenge. This paper presents a novel, generic, real-time distributed anomaly detection framework for heterogeneous streaming data where anomalies appear as a group. We have developed a distributed statistical approach to build a model and later use it to detect anomaly. As a case study, we investigate group anomaly de- tection for a VMware-based cloud data center, which maintains a large number of virtual machines (VMs). We have built our framework using Apache Spark to get higher throughput and lower data processing time on streaming data. We have developed a window-based statistical anomaly detection technique to detect anomalies that appear sporadically. We then relaxed this constraint with higher accuracy by implementing a cluster-based technique to detect sporadic and continuous anomalies. We conclude that our cluster-based technique out- performs other statistical techniques with higher accuracy and lower processing time.

  4. Robust and Accurate Anomaly Detection in ECG Artifacts Using Time Series Motif Discovery

    Science.gov (United States)

    Sivaraks, Haemwaan

    2015-01-01

    Electrocardiogram (ECG) anomaly detection is an important technique for detecting dissimilar heartbeats which helps identify abnormal ECGs before the diagnosis process. Currently available ECG anomaly detection methods, ranging from academic research to commercial ECG machines, still suffer from a high false alarm rate because these methods are not able to differentiate ECG artifacts from real ECG signal, especially, in ECG artifacts that are similar to ECG signals in terms of shape and/or frequency. The problem leads to high vigilance for physicians and misinterpretation risk for nonspecialists. Therefore, this work proposes a novel anomaly detection technique that is highly robust and accurate in the presence of ECG artifacts which can effectively reduce the false alarm rate. Expert knowledge from cardiologists and motif discovery technique is utilized in our design. In addition, every step of the algorithm conforms to the interpretation of cardiologists. Our method can be utilized to both single-lead ECGs and multilead ECGs. Our experiment results on real ECG datasets are interpreted and evaluated by cardiologists. Our proposed algorithm can mostly achieve 100% of accuracy on detection (AoD), sensitivity, specificity, and positive predictive value with 0% false alarm rate. The results demonstrate that our proposed method is highly accurate and robust to artifacts, compared with competitive anomaly detection methods. PMID:25688284

  5. Time series analysis of infrared satellite data for detecting thermal anomalies: a hybrid approach

    Science.gov (United States)

    Koeppen, W. C.; Pilger, E.; Wright, R.

    2011-07-01

    We developed and tested an automated algorithm that analyzes thermal infrared satellite time series data to detect and quantify the excess energy radiated from thermal anomalies such as active volcanoes. Our algorithm enhances the previously developed MODVOLC approach, a simple point operation, by adding a more complex time series component based on the methods of the Robust Satellite Techniques (RST) algorithm. Using test sites at Anatahan and Kīlauea volcanoes, the hybrid time series approach detected ~15% more thermal anomalies than MODVOLC with very few, if any, known false detections. We also tested gas flares in the Cantarell oil field in the Gulf of Mexico as an end-member scenario representing very persistent thermal anomalies. At Cantarell, the hybrid algorithm showed only a slight improvement, but it did identify flares that were undetected by MODVOLC. We estimate that at least 80 MODIS images for each calendar month are required to create good reference images necessary for the time series analysis of the hybrid algorithm. The improved performance of the new algorithm over MODVOLC will result in the detection of low temperature thermal anomalies that will be useful in improving our ability to document Earth's volcanic eruptions, as well as detecting low temperature thermal precursors to larger eruptions.

  6. Anomaly Detection in Nanofibrous Materials by CNN-Based Self-Similarity

    Directory of Open Access Journals (Sweden)

    Paolo Napoletano

    2018-01-01

    Full Text Available Automatic detection and localization of anomalies in nanofibrous materials help to reduce the cost of the production process and the time of the post-production visual inspection process. Amongst all the monitoring methods, those exploiting Scanning Electron Microscope (SEM imaging are the most effective. In this paper, we propose a region-based method for the detection and localization of anomalies in SEM images, based on Convolutional Neural Networks (CNNs and self-similarity. The method evaluates the degree of abnormality of each subregion of an image under consideration by computing a CNN-based visual similarity with respect to a dictionary of anomaly-free subregions belonging to a training set. The proposed method outperforms the state of the art.

  7. Radio Frequency Based Programmable Logic Controller Anomaly Detection

    Science.gov (United States)

    2013-09-01

    105 viii List of Figures Figure Page 1.1 OSI Network Model...Information Technology . . . . . . . . . . . . . . . . . . 1 LAN Local Area Network . . . . . . . . . . . . . . . . . . . . 22 LFS Learning From...18 OS Operating System . . . . . . . . . . . . . . . . . . . . . 6 OSI Open Systems Interconnect

  8. The antilock braking system anomaly: a drinking driver problem?

    Science.gov (United States)

    Harless, David W; Hoffer, George E

    2002-05-01

    Antilock braking systems (ABS) have held promise for reducing the incidence of accidents because they reduce stopping times on slippery surfaces and allow drivers to maintain steering control during emergency braking. Farmer et al. (Accident Anal. Prevent. 29 (1997) 745) provide evidence that antilock brakes are beneficial to nonoccupants: a set of 1992 model General Motors vehicles equipped with antilock brakes were involved in significantly fewer fatal crashes in which occupants of other vehicles, pedestrians, or bicyclists were killed. But, perversely, the risk of death for occupants of vehicles equipped with antilock brakes increased significantly after adoption. Farmer (Accident Anal. Prevent. 33 (2001) 361) updates the analysis for 1996- 1998 and finds a significant attenuation in the ABS anomaly. Researchers have put forward two hypotheses to explain this antilock brake anomaly: risk compensation and improper operation of antilock brake-equipped vehicles. We provide strong evidence for the improper operation hypothesis by showing that the antilock brake anomaly is confined largely to drinking drivers. Further, we show that the attenuation phenomenon occurs consistently after the first three to four years of vehicle service.

  9. Using new edges for anomaly detection in computer networks

    Science.gov (United States)

    Neil, Joshua Charles

    2015-05-19

    Creation of new edges in a network may be used as an indication of a potential attack on the network. Historical data of a frequency with which nodes in a network create and receive new edges may be analyzed. Baseline models of behavior among the edges in the network may be established based on the analysis of the historical data. A new edge that deviates from a respective baseline model by more than a predetermined threshold during a time window may be detected. The new edge may be flagged as potentially anomalous when the deviation from the respective baseline model is detected. Probabilities for both new and existing edges may be obtained for all edges in a path or other subgraph. The probabilities may then be combined to obtain a score for the path or other subgraph. A threshold may be obtained by calculating an empirical distribution of the scores under historical conditions.

  10. Anomaly Detection for Internet of Vehicles: A Trust Management Scheme with Affinity Propagation

    Directory of Open Access Journals (Sweden)

    Shu Yang

    2016-01-01

    Full Text Available Anomaly detection is critical for intelligent vehicle (IV collaboration. Forming clusters/platoons, IVs can work together to accomplish complex jobs that they are unable to perform individually. To improve security and efficiency of Internet of Vehicles, IVs’ anomaly detection has been extensively studied and a number of trust-based approaches have been proposed. However, most of these proposals either pay little attention to leader-based detection algorithm or ignore the utility of networked Roadside-Units (RSUs. In this paper, we introduce a trust-based anomaly detection scheme for IVs, where some malicious or incapable vehicles are existing on roads. The proposed scheme works by allowing IVs to detect abnormal vehicles, communicate with each other, and finally converge to some trustworthy cluster heads (CHs. Periodically, the CHs take responsibility for intracluster trust management. Moreover, the scheme is enhanced with a distributed supervising mechanism and a central reputation arbitrator to assure robustness and fairness in detecting process. The simulation results show that our scheme can achieve a low detection failure rate below 1%, demonstrating its ability to detect and filter the abnormal vehicles.

  11. Spatial anomaly detection in sensor networks using neighborhood information

    NARCIS (Netherlands)

    Bosman, H.H.W.J.; Iacca, G.; Tejada, A.; Wörtche, H.J.; Liotta, A.

    2016-01-01

    The field of wireless sensor networks (WSNs), embedded systems with sensing and networking capabil- ity, has now matured after a decade-long research effort and technological advances in electronics and networked systems. An important remaining challenge now is to extract meaningful information from

  12. Spatial anomaly detection in sensor networks using neighborhood information

    NARCIS (Netherlands)

    Bosman, H.H.W.J.; Iacca, G.; Tejada, A.; Wörtche, H.J.; Liotta, A.

    The field of wireless sensor networks (WSNs), embedded systems with sensing and networking capability, has now matured after a decade-long research effort and technological advances in electronics and networked systems. An important remaining challenge now is to extract meaningful information from

  13. A white-box anomaly-based framework for database leakage detection

    NARCIS (Netherlands)

    Costante, E.; den Hartog, J.; Petkovic, M.; Etalle, S.; Pechenizkiy, M.

    2017-01-01

    Data leakage is at the heart most of the privacy breaches worldwide. In this paper we present a white-box approach to detect potential data leakage by spotting anomalies in database transactions. We refer to our solution as white-box because it builds self explanatory profiles that are easy to

  14. Fleet Level Anomaly Detection of Aviation Safety Data

    Data.gov (United States)

    National Aeronautics and Space Administration — For the purposes of this paper, the National Airspace System (NAS) encompasses the operations of all aircraft which are subject to air traffic control procedures....

  15. Anomaly Detection to Improve Airspace Safety and Efficiency, Phase I

    Data.gov (United States)

    National Aeronautics and Space Administration — As the air transportation system becomes increasingly autonomous over the next twenty years, there will be an increasing need for monitoring capabilities that...

  16. An angle-based subspace anomaly detection approach to high-dimensional data: With an application to industrial fault detection

    International Nuclear Information System (INIS)

    Zhang, Liangwei; Lin, Jing; Karim, Ramin

    2015-01-01

    The accuracy of traditional anomaly detection techniques implemented on full-dimensional spaces degrades significantly as dimensionality increases, thereby hampering many real-world applications. This work proposes an approach to selecting meaningful feature subspace and conducting anomaly detection in the corresponding subspace projection. The aim is to maintain the detection accuracy in high-dimensional circumstances. The suggested approach assesses the angle between all pairs of two lines for one specific anomaly candidate: the first line is connected by the relevant data point and the center of its adjacent points; the other line is one of the axis-parallel lines. Those dimensions which have a relatively small angle with the first line are then chosen to constitute the axis-parallel subspace for the candidate. Next, a normalized Mahalanobis distance is introduced to measure the local outlier-ness of an object in the subspace projection. To comprehensively compare the proposed algorithm with several existing anomaly detection techniques, we constructed artificial datasets with various high-dimensional settings and found the algorithm displayed superior accuracy. A further experiment on an industrial dataset demonstrated the applicability of the proposed algorithm in fault detection tasks and highlighted another of its merits, namely, to provide preliminary interpretation of abnormality through feature ordering in relevant subspaces. - Highlights: • An anomaly detection approach for high-dimensional reliability data is proposed. • The approach selects relevant subspaces by assessing vectorial angles. • The novel ABSAD approach displays superior accuracy over other alternatives. • Numerical illustration approves its efficacy in fault detection applications

  17. Detecting ship targets in spaceborne infrared image based on modeling radiation anomalies

    Science.gov (United States)

    Wang, Haibo; Zou, Zhengxia; Shi, Zhenwei; Li, Bo

    2017-09-01

    Using infrared imaging sensors to detect ship target in the ocean environment has many advantages compared to other sensor modalities, such as better thermal sensitivity and all-weather detection capability. We propose a new ship detection method by modeling radiation anomalies for spaceborne infrared image. The proposed method can be decomposed into two stages, where in the first stage, a test infrared image is densely divided into a set of image patches and the radiation anomaly of each patch is estimated by a Gaussian Mixture Model (GMM), and thereby target candidates are obtained from anomaly image patches. In the second stage, target candidates are further checked by a more discriminative criterion to obtain the final detection result. The main innovation of the proposed method is inspired by the biological mechanism that human eyes are sensitive to the unusual and anomalous patches among complex background. The experimental result on short wavelength infrared band (1.560 - 2.300 μm) and long wavelength infrared band (10.30 - 12.50 μm) of Landsat-8 satellite shows the proposed method achieves a desired ship detection accuracy with higher recall than other classical ship detection methods.

  18. Temporal anomaly detection: an artificial immune approach based on T cell activation, clonal size regulation and homeostasis.

    Science.gov (United States)

    Antunes, Mário J; Correia, Manuel E

    2010-01-01

    This paper presents an artificial immune system (AIS) based on Grossman's tunable activation threshold (TAT) for temporal anomaly detection. We describe the generic AIS framework and the TAT model adopted for simulating T Cells behaviour, emphasizing two novel important features: the temporal dynamic adjustment of T Cells clonal size and its associated homeostasis mechanism. We also present some promising results obtained with artificially generated data sets, aiming to test the appropriateness of using TAT in dynamic changing environments, to distinguish new unseen patterns as part of what should be detected as normal or as anomalous. We conclude by discussing results obtained thus far with artificially generated data sets.

  19. GNSS reflectometry aboard the International Space Station: phase-altimetry simulation to detect ocean topography anomalies

    Science.gov (United States)

    Semmling, Maximilian; Leister, Vera; Saynisch, Jan; Zus, Florian; Wickert, Jens

    2016-04-01

    An ocean altimetry experiment using Earth reflected GNSS signals has been proposed to the European Space Agency (ESA). It is part of the GNSS Reflectometry Radio Occultation Scatterometry (GEROS) mission that is planned aboard the International Space Station (ISS). Altimetric simulations are presented that examine the detection of ocean topography anomalies assuming GNSS phase delay observations. Such delay measurements are well established for positioning and are possible due to a sufficient synchronization of GNSS receiver and transmitter. For altimetric purpose delays of Earth reflected GNSS signals can be observed similar to radar altimeter signals. The advantage of GNSS is the synchronized separation of transmitter and receiver that allow a significantly increased number of observation per receiver due to more than 70 GNSS transmitters currently in orbit. The altimetric concept has already been applied successfully to flight data recorded over the Mediterranean Sea. The presented altimetric simulation considers anomalies in the Agulhas current region which are obtained from the Region Ocean Model System (ROMS). Suitable reflection events in an elevation range between 3° and 30° last about 10min with ground track's length >3000km. Typical along-track footprints (1s signal integration time) have a length of about 5km. The reflection's Fresnel zone limits the footprint of coherent observations to a major axis extention between 1 to 6km dependent on the elevation. The altimetric performance depends on the signal-to-noise ratio (SNR) of the reflection. Simulation results show that precision is better than 10cm for SNR of 30dB. Whereas, it is worse than 0.5m if SNR goes down to 10dB. Precision, in general, improves towards higher elevation angles. Critical biases are introduced by atmospheric and ionospheric refraction. Corresponding correction strategies are still under investigation.

  20. Behavior Drift Detection Based on Anomalies Identification in Home Living Quantitative Indicators

    Directory of Open Access Journals (Sweden)

    Fabio Veronese

    2018-01-01

    Full Text Available Home Automation and Smart Homes diffusion are providing an interesting opportunity to implement elderly monitoring. This is a new valid technological support to allow in-place aging of seniors by means of a detection system to notify potential anomalies. Monitoring has been implemented by means of Complex Event Processing on live streams of home automation data: this allows the analysis of the behavior of the house inhabitant through quantitative indicators. Different kinds of quantitative indicators for monitoring and behavior drift detection have been identified and implemented using the Esper complex event processing engine. The chosen solution permits us not only to exploit the queries when run “online”, but enables also “offline” (re-execution for testing and a posteriori analysis. Indicators were developed on both real world data and on realistic simulations. Tests were made on a dataset of 180 days: the obtained results prove that it is possible to evidence behavior changes for an evaluation of a person’s condition.

  1. Detecting anomalies in crowded scenes via locality-constrained affine subspace coding

    Science.gov (United States)

    Fan, Yaxiang; Wen, Gongjian; Qiu, Shaohua; Li, Deren

    2017-07-01

    Video anomaly event detection is the process of finding an abnormal event deviation compared with the majority of normal or usual events. The main challenges are the high structure redundancy and the dynamic changes in the scenes that are in surveillance videos. To address these problems, we present a framework for anomaly detection and localization in videos that is based on locality-constrained affine subspace coding (LASC) and a model updating procedure. In our algorithm, LASC attempts to reconstruct the test sample by its top-k nearest subspaces, which are obtained by segmenting the normal samples space using a clustering method. A sample with a large reconstruction cost is detected as abnormal by setting a threshold. To adapt to the scene changes over time, a model updating strategy is proposed. We experiment on two public datasets: the UCSD dataset and the Avenue dataset. The results demonstrate that our method achieves competitive performance at a 700 fps on a single desktop PC.

  2. A scalable architecture for online anomaly detection of WLCG batch jobs

    Science.gov (United States)

    Kuehn, E.; Fischer, M.; Giffels, M.; Jung, C.; Petzold, A.

    2016-10-01

    For data centres it is increasingly important to monitor the network usage, and learn from network usage patterns. Especially configuration issues or misbehaving batch jobs preventing a smooth operation need to be detected as early as possible. At the GridKa data and computing centre we therefore operate a tool BPNetMon for monitoring traffic data and characteristics of WLCG batch jobs and pilots locally on different worker nodes. On the one hand local information itself are not sufficient to detect anomalies for several reasons, e.g. the underlying job distribution on a single worker node might change or there might be a local misconfiguration. On the other hand a centralised anomaly detection approach does not scale regarding network communication as well as computational costs. We therefore propose a scalable architecture based on concepts of a super-peer network.

  3. Detection of a weak meddy-like anomaly from high-resolution satellite SST maps

    Directory of Open Access Journals (Sweden)

    Mikhail Emelianov

    2012-09-01

    Full Text Available Despite the considerable impact of meddies on climate through the long-distance transport of properties, a consistent observation of meddy generation and propagation in the ocean is rather elusive. Meddies propagate at about 1000 m below the ocean surface, so satellite sensors are not able to detect them directly and finding them in the open ocean is more fortuitous than intentional. However, a consistent census of meddies and their paths is required in order to gain knowledge about their role in transporting properties such as heat and salt. In this paper we propose a new methodology for processing high-resolution sea surface temperature maps in order to detect meddy-like anomalies in the open ocean on a near-real-time basis. We present an example of detection, involving an atypical meddy-like anomaly that was confirmed as such by in situ measurements.

  4. Improved anomaly detection using multi-scale PLS and generalized likelihood ratio test

    KAUST Repository

    Madakyaru, Muddu

    2017-02-16

    Process monitoring has a central role in the process industry to enhance productivity, efficiency, and safety, and to avoid expensive maintenance. In this paper, a statistical approach that exploit the advantages of multiscale PLS models (MSPLS) and those of a generalized likelihood ratio (GLR) test to better detect anomalies is proposed. Specifically, to consider the multivariate and multi-scale nature of process dynamics, a MSPLS algorithm combining PLS and wavelet analysis is used as modeling framework. Then, GLR hypothesis testing is applied using the uncorrelated residuals obtained from MSPLS model to improve the anomaly detection abilities of these latent variable based fault detection methods even further. Applications to a simulated distillation column data are used to evaluate the proposed MSPLS-GLR algorithm.

  5. Improved anomaly detection using multi-scale PLS and generalized likelihood ratio test

    KAUST Repository

    Madakyaru, Muddu; Harrou, Fouzi; Sun, Ying

    2017-01-01

    Process monitoring has a central role in the process industry to enhance productivity, efficiency, and safety, and to avoid expensive maintenance. In this paper, a statistical approach that exploit the advantages of multiscale PLS models (MSPLS) and those of a generalized likelihood ratio (GLR) test to better detect anomalies is proposed. Specifically, to consider the multivariate and multi-scale nature of process dynamics, a MSPLS algorithm combining PLS and wavelet analysis is used as modeling framework. Then, GLR hypothesis testing is applied using the uncorrelated residuals obtained from MSPLS model to improve the anomaly detection abilities of these latent variable based fault detection methods even further. Applications to a simulated distillation column data are used to evaluate the proposed MSPLS-GLR algorithm.

  6. Using Low Resolution Satellite Imagery for Yield Prediction and Yield Anomaly Detection

    Directory of Open Access Journals (Sweden)

    Oscar Rojas

    2013-04-01

    Full Text Available Low resolution satellite imagery has been extensively used for crop monitoring and yield forecasting for over 30 years and plays an important role in a growing number of operational systems. The combination of their high temporal frequency with their extended geographical coverage generally associated with low costs per area unit makes these images a convenient choice at both national and regional scales. Several qualitative and quantitative approaches can be clearly distinguished, going from the use of low resolution satellite imagery as the main predictor of final crop yield to complex crop growth models where remote sensing-derived indicators play different roles, depending on the nature of the model and on the availability of data measured on the ground. Vegetation performance anomaly detection with low resolution images continues to be a fundamental component of early warning and drought monitoring systems at the regional scale. For applications at more detailed scales, the limitations created by the mixed nature of low resolution pixels are being progressively reduced by the higher resolution offered by new sensors, while the continuity of existing systems remains crucial for ensuring the availability of long time series as needed by the majority of the yield prediction methods used today.

  7. Online Detection of Anomalous Sub-trajectories: A Sliding Window Approach Based on Conformal Anomaly Detection and Local Outlier Factor

    OpenAIRE

    Laxhammar , Rikard; Falkman , Göran

    2012-01-01

    Part 4: First Conformal Prediction and Its Applications Workshop (COPA 2012); International audience; Automated detection of anomalous trajectories is an important problem in the surveillance domain. Various algorithms based on learning of normal trajectory patterns have been proposed for this problem. Yet, these algorithms suffer from one or more of the following limitations: First, they are essentially designed for offline anomaly detection in databases. Second, they are insensitive to loca...

  8. Detecting an atomic clock frequency anomaly using an adaptive Kalman filter algorithm

    Science.gov (United States)

    Song, Huijie; Dong, Shaowu; Wu, Wenjun; Jiang, Meng; Wang, Weixiong

    2018-06-01

    The abnormal frequencies of an atomic clock mainly include frequency jump and frequency drift jump. Atomic clock frequency anomaly detection is a key technique in time-keeping. The Kalman filter algorithm, as a linear optimal algorithm, has been widely used in real-time detection for abnormal frequency. In order to obtain an optimal state estimation, the observation model and dynamic model of the Kalman filter algorithm should satisfy Gaussian white noise conditions. The detection performance is degraded if anomalies affect the observation model or dynamic model. The idea of the adaptive Kalman filter algorithm, applied to clock frequency anomaly detection, uses the residuals given by the prediction for building ‘an adaptive factor’ the prediction state covariance matrix is real-time corrected by the adaptive factor. The results show that the model error is reduced and the detection performance is improved. The effectiveness of the algorithm is verified by the frequency jump simulation, the frequency drift jump simulation and the measured data of the atomic clock by using the chi-square test.

  9. Using Generalized Entropies and OC-SVM with Mahalanobis Kernel for Detection and Classification of Anomalies in Network Traffic

    Directory of Open Access Journals (Sweden)

    Jayro Santiago-Paz

    2015-09-01

    Full Text Available Network anomaly detection and classification is an important open issue in network security. Several approaches and systems based on different mathematical tools have been studied and developed, among them, the Anomaly-Network Intrusion Detection System (A-NIDS, which monitors network traffic and compares it against an established baseline of a “normal” traffic profile. Then, it is necessary to characterize the “normal” Internet traffic. This paper presents an approach for anomaly detection and classification based on Shannon, Rényi and Tsallis entropies of selected features, and the construction of regions from entropy data employing the Mahalanobis distance (MD, and One Class Support Vector Machine (OC-SVM with different kernels (Radial Basis Function (RBF and Mahalanobis Kernel (MK for “normal” and abnormal traffic. Regular and non-regular regions built from “normal” traffic profiles allow anomaly detection, while the classification is performed under the assumption that regions corresponding to the attack classes have been previously characterized. Although this approach allows the use of as many features as required, only four well-known significant features were selected in our case. In order to evaluate our approach, two different data sets were used: one set of real traffic obtained from an Academic Local Area Network (LAN, and the other a subset of the 1998 MIT-DARPA set. For these data sets, a True positive rate up to 99.35%, a True negative rate up to 99.83% and a False negative rate at about 0.16% were yielded. Experimental results show that certain q-values of the generalized entropies and the use of OC-SVM with RBF kernel improve the detection rate in the detection stage, while the novel inclusion of MK kernel in OC-SVM and k-temporal nearest neighbors improve accuracy in classification. In addition, the results show that using the Box-Cox transformation, the Mahalanobis distance yielded high detection rates with

  10. Automatic metal parts inspection: Use of thermographic images and anomaly detection algorithms

    Science.gov (United States)

    Benmoussat, M. S.; Guillaume, M.; Caulier, Y.; Spinnler, K.

    2013-11-01

    A fully-automatic approach based on the use of induction thermography and detection algorithms is proposed to inspect industrial metallic parts containing different surface and sub-surface anomalies such as open cracks, open and closed notches with different sizes and depths. A practical experimental setup is developed, where lock-in and pulsed thermography (LT and PT, respectively) techniques are used to establish a dataset of thermal images for three different mockups. Data cubes are constructed by stacking up the temporal sequence of thermogram images. After the reduction of the data space dimension by means of denoising and dimensionality reduction methods; anomaly detection algorithms are applied on the reduced data cubes. The dimensions of the reduced data spaces are automatically calculated with arbitrary criterion. The results show that, when reduced data cubes are used, the anomaly detection algorithms originally developed for hyperspectral data, the well-known Reed and Xiaoli Yu detector (RX) and the regularized adaptive RX (RARX), give good detection performances for both surface and sub-surface defects in a non-supervised way.

  11. Evidence for consciousness-related anomalies in random physical systems

    Science.gov (United States)

    Radin, Dean I.; Nelson, Roger D.

    1989-12-01

    Speculations about the role of consciousness in physical systems are frequently observed in the literature concerned with the interpretation of quantum mechanics. While only three experimental investigations can be found on this topic in physics journals, more than 800 relevant experiments have been reported in the literature of parapsychology. A well-defined body of empirical evidence from this domain was reviewed using meta-analytic techniques to assess methodological quality and overall effect size. Results showed effects conforming to chance expectation in control conditions and unequivocal non-chance effects in experimental conditions. This quantitative literature review agrees with the findings of two earlier reviews, suggesting the existence of some form of consciousness-related anomaly in random physical systems.

  12. Capacitance probe for detection of anomalies in non-metallic plastic pipe

    Science.gov (United States)

    Mathur, Mahendra P.; Spenik, James L.; Condon, Christopher M.; Anderson, Rodney; Driscoll, Daniel J.; Fincham, Jr., William L.; Monazam, Esmail R.

    2010-11-23

    The disclosure relates to analysis of materials using a capacitive sensor to detect anomalies through comparison of measured capacitances. The capacitive sensor is used in conjunction with a capacitance measurement device, a location device, and a processor in order to generate a capacitance versus location output which may be inspected for the detection and localization of anomalies within the material under test. The components may be carried as payload on an inspection vehicle which may traverse through a pipe interior, allowing evaluation of nonmetallic or plastic pipes when the piping exterior is not accessible. In an embodiment, supporting components are solid-state devices powered by a low voltage on-board power supply, providing for use in environments where voltage levels may be restricted.

  13. Thermal anomalies detection before strong earthquakes (M > 6.0 using interquartile, wavelet and Kalman filter methods

    Directory of Open Access Journals (Sweden)

    M. Akhoondzadeh

    2011-04-01

    Full Text Available Thermal anomaly is known as a significant precursor of strong earthquakes, therefore Land Surface Temperature (LST time series have been analyzed in this study to locate relevant anomalous variations prior to the Bam (26 December 2003, Zarand (22 February 2005 and Borujerd (31 March 2006 earthquakes. The duration of the three datasets which are comprised of MODIS LST images is 44, 28 and 46 days for the Bam, Zarand and Borujerd earthquakes, respectively. In order to exclude variations of LST from temperature seasonal effects, Air Temperature (AT data derived from the meteorological stations close to the earthquakes epicenters have been taken into account. The detection of thermal anomalies has been assessed using interquartile, wavelet transform and Kalman filter methods, each presenting its own independent property in anomaly detection. The interquartile method has been used to construct the higher and lower bounds in LST data to detect disturbed states outside the bounds which might be associated with impending earthquakes. The wavelet transform method has been used to locate local maxima within each time series of LST data for identifying earthquake anomalies by a predefined threshold. Also, the prediction property of the Kalman filter has been used in the detection process of prominent LST anomalies. The results concerning the methodology indicate that the interquartile method is capable of detecting the highest intensity anomaly values, the wavelet transform is sensitive to sudden changes, and the Kalman filter method significantly detects the highest unpredictable variations of LST. The three methods detected anomalous occurrences during 1 to 20 days prior to the earthquakes showing close agreement in results found between the different applied methods on LST data in the detection of pre-seismic anomalies. The proposed method for anomaly detection was also applied on regions irrelevant to earthquakes for which no anomaly was detected

  14. Application of Kalman filter in detecting pre-earthquake ionospheric TEC anomaly

    Directory of Open Access Journals (Sweden)

    Zhu Fuying

    2011-05-01

    Full Text Available : As an attempt, the Kalman filter was used to study the anomalous variations of ionospheric Total Electron Content (TEC before and after Wenchuan Ms8.0 earthquake, these TEC data were calculated from the GPS data observed by the Crustal Movement Observation Network of China. The result indicates that this method is reasonable and reliable in detecting TEC anomalies associated with large earthquakes.

  15. Setup Instructions for the Applied Anomaly Detection Tool (AADT) Web Server

    Science.gov (United States)

    2016-09-01

    tool has been developed for many platforms: Android , iOS, and Windows. The Windows version has been developed as a web server that allows the...Microsoft Windows. 15. SUBJECT TERMS Applied Anomaly Detection Tool, AADT, Windows, server, web service, installation 16. SECURITY CLASSIFICATION OF: 17...instructional information about identifying them as groups and individually. The software has been developed for several different platforms: Android

  16. A Model-Based Anomaly Detection Approach for Analyzing Streaming Aircraft Engine Measurement Data

    Science.gov (United States)

    Simon, Donald L.; Rinehart, Aidan Walker

    2015-01-01

    This paper presents a model-based anomaly detection architecture designed for analyzing streaming transient aircraft engine measurement data. The technique calculates and monitors residuals between sensed engine outputs and model predicted outputs for anomaly detection purposes. Pivotal to the performance of this technique is the ability to construct a model that accurately reflects the nominal operating performance of the engine. The dynamic model applied in the architecture is a piecewise linear design comprising steady-state trim points and dynamic state space matrices. A simple curve-fitting technique for updating the model trim point information based on steadystate information extracted from available nominal engine measurement data is presented. Results from the application of the model-based approach for processing actual engine test data are shown. These include both nominal fault-free test case data and seeded fault test case data. The results indicate that the updates applied to improve the model trim point information also improve anomaly detection performance. Recommendations for follow-on enhancements to the technique are also presented and discussed.

  17. Using an autonomous Wave Glider to detect seawater anomalies related to submarine groundwater discharge - engineering challenge

    Science.gov (United States)

    Leibold, P.; Brueckmann, W.; Schmidt, M.; Balushi, H. A.; Abri, O. A.

    2017-12-01

    Coastal aquifer systems are amongst the most precious and vulnerable water resources worldwide. While differing in lateral and vertical extent they commonly show a complex interaction with the marine realm. Excessive groundwater extraction can cause saltwater intrusion from the sea into the aquifers, having a strongly negative impact on the groundwater quality. While the reverse pathway, the discharge of groundwater into the sea is well understood in principle, it's mechanisms and quantities not well constrained. We will present a project that combines onshore monitoring and modeling of groundwater in the coastal plain of Salalah, Oman with an offshore autonomous robotic monitoring system, the Liquid Robotics Wave Glider. Eventually, fluxes detected by the Wave Glider system and the onshore monitoring of groundwater will be combined into a 3-D flow model of the coastal and deeper aquifers. The main tool for offshore SGD investigation project is a Wave Glider, an autonomous vehicle based on a new propulsion technology. The Wave Glider is a low-cost satellite-connected marine craft, consisting of a combination of a sea-surface and an underwater component which is propelled by the conversion of ocean wave energy into forward thrust. While the wave energy propulsion system is purely mechanical, electrical energy for onboard computers, communication and sensors is provided by photovoltaic cells. For the project the SGD Wave Glider is being equipped with dedicated sensors to measure temperature, conductivity, Radon isotope (222Rn, 220Rn) activity concentration as well as other tracers of groundwater discharge. Dedicated software using this data input will eventually allow the Wave Glider to autonomously collect information and actively adapt its search pattern to hunt for spatial and temporal anomalies. Our presentation will focus on the engineering and operational challenges ofdetecting submarine groundwater discharges with the Wave Glider system in the Bay of Salalah

  18. Theory and experiments in model-based space system anomaly management

    Science.gov (United States)

    Kitts, Christopher Adam

    This research program consists of an experimental study of model-based reasoning methods for detecting, diagnosing and resolving anomalies that occur when operating a comprehensive space system. Using a first principles approach, several extensions were made to the existing field of model-based fault detection and diagnosis in order to develop a general theory of model-based anomaly management. Based on this theory, a suite of algorithms were developed and computationally implemented in order to detect, diagnose and identify resolutions for anomalous conditions occurring within an engineering system. The theory and software suite were experimentally verified and validated in the context of a simple but comprehensive, student-developed, end-to-end space system, which was developed specifically to support such demonstrations. This space system consisted of the Sapphire microsatellite which was launched in 2001, several geographically distributed and Internet-enabled communication ground stations, and a centralized mission control complex located in the Space Technology Center in the NASA Ames Research Park. Results of both ground-based and on-board experiments demonstrate the speed, accuracy, and value of the algorithms compared to human operators, and they highlight future improvements required to mature this technology.

  19. Robust and Agile System against Fault and Anomaly Traffic in Software Defined Networks

    Directory of Open Access Journals (Sweden)

    Mihui Kim

    2017-03-01

    Full Text Available The main advantage of software defined networking (SDN is that it allows intelligent control and management of networking though programmability in real time. It enables efficient utilization of network resources through traffic engineering, and offers potential attack defense methods when abnormalities arise. However, previous studies have only identified individual solutions for respective problems, instead of finding a more global solution in real time that is capable of addressing multiple situations in network status. To cover diverse network conditions, this paper presents a comprehensive reactive system for simultaneously monitoring failures, anomalies, and attacks for high availability and reliability. We design three main modules in the SDN controller for a robust and agile defense (RAD system against network anomalies: a traffic analyzer, a traffic engineer, and a rule manager. RAD provides reactive flow rule generation to control traffic while detecting network failures, anomalies, high traffic volume (elephant flows, and attacks. The traffic analyzer identifies elephant flows, traffic anomalies, and attacks based on attack signatures and network monitoring. The traffic engineer module measures network utilization and delay in order to determine the best path for multi-dimensional routing and load balancing under any circumstances. Finally, the rule manager generates and installs a flow rule for the selected best path to control traffic. We implement the proposed RAD system based on Floodlight, an open source project for the SDN controller. We evaluate our system using simulation with and without the aforementioned RAD modules. Experimental results show that our approach is both practical and feasible, and can successfully augment an existing SDN controller in terms of agility, robustness, and efficiency, even in the face of link failures, attacks, and elephant flows.

  20. An expert system for diagnosing environmentally induced spacecraft anomalies

    Science.gov (United States)

    Rolincik, Mark; Lauriente, Michael; Koons, Harry C.; Gorney, David

    1992-01-01

    A new rule-based, machine independent analytical tool was designed for diagnosing spacecraft anomalies using an expert system. Expert systems provide an effective method for saving knowledge, allow computers to sift through large amounts of data pinpointing significant parts, and most importantly, use heuristics in addition to algorithms, which allow approximate reasoning and inference and the ability to attack problems not rigidly defined. The knowledge base consists of over two-hundred (200) rules and provides links to historical and environmental databases. The environmental causes considered are bulk charging, single event upsets (SEU), surface charging, and total radiation dose. The system's driver translates forward chaining rules into a backward chaining sequence, prompting the user for information pertinent to the causes considered. The use of heuristics frees the user from searching through large amounts of irrelevant information and allows the user to input partial information (varying degrees of confidence in an answer) or 'unknown' to any question. The modularity of the expert system allows for easy updates and modifications. It not only provides scientists with needed risk analysis and confidence not found in algorithmic programs, but is also an effective learning tool, and the window implementation makes it very easy to use. The system currently runs on a Micro VAX II at Goddard Space Flight Center (GSFC). The inference engine used is NASA's C Language Integrated Production System (CLIPS).

  1. Attack Pattern Analysis Framework for a Multiagent Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Krzysztof Juszczyszyn

    2008-08-01

    Full Text Available The paper proposes the use of attack pattern ontology and formal framework for network traffic anomalies detection within a distributed multi-agent Intrusion Detection System architecture. Our framework assumes ontology-based attack definition and distributed processing scheme with exchange of communicates between agents. The role of traffic anomalies detection was presented then it has been discussed how some specific values characterizing network communication can be used to detect network anomalies caused by security incidents (worm attack, virus spreading. Finally, it has been defined how to use the proposed techniques in distributed IDS using attack pattern ontology.

  2. Improving Anomaly Detection for Text-Based Protocols by Exploiting Message Structures

    Directory of Open Access Journals (Sweden)

    Christian M. Mueller

    2010-12-01

    Full Text Available Service platforms using text-based protocols need to be protected against attacks. Machine-learning algorithms with pattern matching can be used to detect even previously unknown attacks. In this paper, we present an extension to known Support Vector Machine (SVM based anomaly detection algorithms for the Session Initiation Protocol (SIP. Our contribution is to extend the amount of different features used for classification (feature space by exploiting the structure of SIP messages, which reduces the false positive rate. Additionally, we show how combining our approach with attribute reduction significantly improves throughput.

  3. Entropy Measures for Stochastic Processes with Applications in Functional Anomaly Detection

    Directory of Open Access Journals (Sweden)

    Gabriel Martos

    2018-01-01

    Full Text Available We propose a definition of entropy for stochastic processes. We provide a reproducing kernel Hilbert space model to estimate entropy from a random sample of realizations of a stochastic process, namely functional data, and introduce two approaches to estimate minimum entropy sets. These sets are relevant to detect anomalous or outlier functional data. A numerical experiment illustrates the performance of the proposed method; in addition, we conduct an analysis of mortality rate curves as an interesting application in a real-data context to explore functional anomaly detection.

  4. Isotope anomalies in oxygen isotope exchange equilibrium systems

    International Nuclear Information System (INIS)

    Kotaka, M.

    1997-01-01

    The purpose of the present work is to elucidate the isotope anomalies in oxygen isotope exchange equilibrium systems, according to the calculations of the equilibrium constants for oxygen isotopic exchange reactions, and the calculations of the oxygen isotope separation factors between two phases. The equilibrium constants (K65, K67, K68 and K69) of 16 O- 15 O, 16 O 17 O, 16 O- 18 O, and 16 O- 19 O exchange reactions between diatomic oxides were calculated in a wide temperature range on the basis of quantum statistical mechanics. Many equilibrium constants showed the anomalous mass effects, and then had the crossover temperatures and the mass independent fractionation (MIF) temperatures which held K67 = K65, K67 = K68, or K67 = K69, etc. For example, the equilibrium constants for the reactions between OH and the other diatomic oxides (MO) showed the anomalous mass effects, when M was Li, Na, Mg, K, Fe, Al, Ge, Zr, Pt, etc. The 16 O 15 O, 16 O 17 O, 16 O- 18 O, and 16 O- 19 O oxygen isotope separation factors (S65, S67, S68 and S69) between two phases were calculated, when OH and CO were in the first phase, and SiO was in the second phase. Although the oxygen isotopic exchange equilibria in the two phases had no MIF and crossover temperatures, the separation factors showed the anomalous mass effects and had the temperatures. According to what is called the normal mass effects for the equilibrium constant of isotopic exchange reaction, the value of InK68/InK67 is 1.885. Therefore, the value of InS68/InS67 should be 1.885 too. The value calculated, however, widely changed. It can be concluded from the results obtained in the present work that some oxygen isotopic exchange equilibria cause the anomalous mass effects, the anomalous oxygen isotope separation factors, and then isotope anomalies

  5. Anomaly Detection for Aviation Safety Based on an Improved KPCA Algorithm

    Directory of Open Access Journals (Sweden)

    Xiaoyu Zhang

    2017-01-01

    Full Text Available Thousands of flights datasets should be analyzed per day for a moderate sized fleet; therefore, flight datasets are very large. In this paper, an improved kernel principal component analysis (KPCA method is proposed to search for signatures of anomalies in flight datasets through the squared prediction error statistics, in which the number of principal components and the confidence for the confidence limit are automatically determined by OpenMP-based K-fold cross-validation algorithm and the parameter in the radial basis function (RBF is optimized by GPU-based kernel learning method. Performed on Nvidia GeForce GTX 660, the computation of the proposed GPU-based RBF parameter is 112.9 times (average 82.6 times faster than that of sequential CPU task execution. The OpenMP-based K-fold cross-validation process for training KPCA anomaly detection model becomes 2.4 times (average 1.5 times faster than that of sequential CPU task execution. Experiments show that the proposed approach can effectively detect the anomalies with the accuracy of 93.57% and false positive alarm rate of 1.11%.

  6. Illustration, detection and prevention of sleep deprivation anomaly in mobile ad hoc networks

    International Nuclear Information System (INIS)

    Nadeem, A.; Ahsan, K.; Sarim, M.

    2017-01-01

    MANETs (Mobile Ad Hoc Networks) have applications in various walks of life from rescue operations to battle field operations, personal and commercial. However, routing operations in MANETs are still vulnerable to anomalies and DoS (Denial of Service) attacks such as sleep deprivation. In SD (Sleep Deprivation) attack malicious node exploits the vulnerability in the route discovery function of the reactive routing protocol for example AODV (Ad Hoc On-Demand Distance Vector). In this paper, we first illustrate the SD anomaly in MANETs and then propose a SD detection and prevention algorithm which efficiently deals with this attack. We assess the performance of our proposed approach through simulation, evaluating its successfulness using different network scenarios. (author)

  7. Caldera unrest detected with seawater temperature anomalies at Deception Island, Antarctic Peninsula

    Science.gov (United States)

    Berrocoso, M.; Prates, G.; Fernández-Ros, A.; Peci, L. M.; de Gil, A.; Rosado, B.; Páez, R.; Jigena, B.

    2018-04-01

    Increased thermal activity was detected to coincide with the onset of volcano inflation in the seawater-filled caldera at Deception Island. This thermal activity was manifested in pulses of high water temperature that coincided with ocean tide cycles. The seawater temperature anomalies were detected by a thermometric sensor attached to the tide gauge (bottom pressure sensor). This was installed where the seawater circulation and the locations of known thermal anomalies, fumaroles and thermal springs, together favor the detection of water warmed within the caldera. Detection of the increased thermal activity was also possible because sea ice, which covers the entire caldera during the austral winter months, insulates the water and thus reduces temperature exchange between seawater and atmosphere. In these conditions, the water temperature data has been shown to provide significant information about Deception volcano activity. The detected seawater temperature increase, also observed in soil temperature readings, suggests rapid and near-simultaneous increase in geothermal activity with onset of caldera inflation and an increased number of seismic events observed in the following austral summer.

  8. PROBABILITY CALIBRATION BY THE MINIMUM AND MAXIMUM PROBABILITY SCORES IN ONE-CLASS BAYES LEARNING FOR ANOMALY DETECTION

    Data.gov (United States)

    National Aeronautics and Space Administration — PROBABILITY CALIBRATION BY THE MINIMUM AND MAXIMUM PROBABILITY SCORES IN ONE-CLASS BAYES LEARNING FOR ANOMALY DETECTION GUICHONG LI, NATHALIE JAPKOWICZ, IAN HOFFMAN,...

  9. Freezing of Gait Detection in Parkinson's Disease: A Subject-Independent Detector Using Anomaly Scores.

    Science.gov (United States)

    Pham, Thuy T; Moore, Steven T; Lewis, Simon John Geoffrey; Nguyen, Diep N; Dutkiewicz, Eryk; Fuglevand, Andrew J; McEwan, Alistair L; Leong, Philip H W

    2017-11-01

    Freezing of gait (FoG) is common in Parkinsonian gait and strongly relates to falls. Current clinical FoG assessments are patients' self-report diaries and experts' manual video analysis. Both are subjective and yield moderate reliability. Existing detection algorithms have been predominantly designed in subject-dependent settings. In this paper, we aim to develop an automated FoG detector for subject independent. After extracting highly relevant features, we apply anomaly detection techniques to detect FoG events. Specifically, feature selection is performed using correlation and clusterability metrics. From a list of 244 feature candidates, 36 candidates were selected using saliency and robustness criteria. We develop an anomaly score detector with adaptive thresholding to identify FoG events. Then, using accuracy metrics, we reduce the feature list to seven candidates. Our novel multichannel freezing index was the most selective across all window sizes, achieving sensitivity (specificity) of (). On the other hand, freezing index from the vertical axis was the best choice for a single input, achieving sensitivity (specificity) of () for ankle and () for back sensors. Our subject-independent method is not only significantly more accurate than those previously reported, but also uses a much smaller window (e.g., versus ) and/or lower tolerance (e.g., versus ).Freezing of gait (FoG) is common in Parkinsonian gait and strongly relates to falls. Current clinical FoG assessments are patients' self-report diaries and experts' manual video analysis. Both are subjective and yield moderate reliability. Existing detection algorithms have been predominantly designed in subject-dependent settings. In this paper, we aim to develop an automated FoG detector for subject independent. After extracting highly relevant features, we apply anomaly detection techniques to detect FoG events. Specifically, feature selection is performed using correlation and clusterability metrics. From

  10. A robust anomaly based change detection method for time-series remote sensing images

    Science.gov (United States)

    Shoujing, Yin; Qiao, Wang; Chuanqing, Wu; Xiaoling, Chen; Wandong, Ma; Huiqin, Mao

    2014-03-01

    Time-series remote sensing images record changes happening on the earth surface, which include not only abnormal changes like human activities and emergencies (e.g. fire, drought, insect pest etc.), but also changes caused by vegetation phenology and climate changes. Yet, challenges occur in analyzing global environment changes and even the internal forces. This paper proposes a robust Anomaly Based Change Detection method (ABCD) for time-series images analysis by detecting abnormal points in data sets, which do not need to follow a normal distribution. With ABCD we can detect when and where changes occur, which is the prerequisite condition of global change studies. ABCD was tested initially with 10-day SPOT VGT NDVI (Normalized Difference Vegetation Index) times series tracking land cover type changes, seasonality and noise, then validated to real data in a large area in Jiangxi, south of China. Initial results show that ABCD can precisely detect spatial and temporal changes from long time series images rapidly.

  11. Anomaly Detection in Smart Metering Infrastructure with the Use of Time Series Analysis

    Directory of Open Access Journals (Sweden)

    Tomasz Andrysiak

    2017-01-01

    Full Text Available The article presents solutions to anomaly detection in network traffic for critical smart metering infrastructure, realized with the use of radio sensory network. The structure of the examined smart meter network and the key security aspects which have influence on the correct performance of an advanced metering infrastructure (possibility of passive and active cyberattacks are described. An effective and quick anomaly detection method is proposed. At its initial stage, Cook’s distance was used for detection and elimination of outlier observations. So prepared data was used to estimate standard statistical models based on exponential smoothing, that is, Brown’s, Holt’s, and Winters’ models. To estimate possible fluctuations in forecasts of the implemented models, properly parameterized Bollinger Bands was used. Next, statistical relations between the estimated traffic model and its real variability were examined to detect abnormal behavior, which could indicate a cyberattack attempt. An update procedure of standard models in case there were significant real network traffic fluctuations was also proposed. The choice of optimal parameter values of statistical models was realized as forecast error minimization. The results confirmed efficiency of the presented method and accuracy of choice of the proper statistical model for the analyzed time series.

  12. Development of an expert system for analysis of Shuttle atmospheric revitalization and pressure control subsystem anomalies

    Science.gov (United States)

    Lafuse, Sharon A.

    1991-01-01

    The paper describes the Shuttle Leak Management Expert System (SLMES), a preprototype expert system developed to enable the ECLSS subsystem manager to analyze subsystem anomalies and to formulate flight procedures based on flight data. The SLMES combines the rule-based expert system technology with the traditional FORTRAN-based software into an integrated system. SLMES analyzes the data using rules, and, when it detects a problem that requires simulation, it sets up the input for the FORTRAN-based simulation program ARPCS2AT2, which predicts the cabin total pressure and composition as a function of time. The program simulates the pressure control system, the crew oxygen masks, the airlock repress/depress valves, and the leakage. When the simulation has completed, other SLMES rules are triggered to examine the results of simulation contrary to flight data and to suggest methods for correcting the problem. Results are then presented in form of graphs and tables.

  13. Validity and efficiency of conformal anomaly detection on big distributed data

    Directory of Open Access Journals (Sweden)

    Ilia Nouretdinov

    2017-05-01

    Full Text Available Conformal Prediction is a recently developed framework for reliable confident predictions. In this work we discuss its possible application to big data coming from different, possibly heterogeneous data sources. On example of anomaly detection problem, we study the question of saving validity of Conformal Prediction in this case. We show that the straight forward averaging approach is invalid, while its easy alternative of maximizing is not very efficient because of its conservativeness. We propose the third compromised approach that is valid, but much less conservative. It is supported by both theoretical justification and experimental results in the area of energy engineering.

  14. Fiber Optic Bragg Grating Sensors for Thermographic Detection of Subsurface Anomalies

    Science.gov (United States)

    Allison, Sidney G.; Winfree, William P.; Wu, Meng-Chou

    2009-01-01

    Conventional thermography with an infrared imager has been shown to be an extremely viable technique for nondestructively detecting subsurface anomalies such as thickness variations due to corrosion. A recently developed technique using fiber optic sensors to measure temperature holds potential for performing similar inspections without requiring an infrared imager. The structure is heated using a heat source such as a quartz lamp with fiber Bragg grating (FBG) sensors at the surface of the structure to detect temperature. Investigated structures include a stainless steel plate with thickness variations simulated by small platelets attached to the back side using thermal grease. A relationship is shown between the FBG sensor thermal response and variations in material thickness. For comparison, finite element modeling was performed and found to agree closely with the fiber optic thermography results. This technique shows potential for applications where FBG sensors are already bonded to structures for Integrated Vehicle Health Monitoring (IVHM) strain measurements and can serve dual-use by also performing thermographic detection of subsurface anomalies.

  15. SQL injection detection system

    OpenAIRE

    Vargonas, Vytautas

    2017-01-01

    SQL injection detection system Programmers do not always ensure security of developed systems. That is why it is important to look for solutions outside being reliant on developers. In this work SQL injection detection system is proposed. The system analyzes HTTP request parameters and detects intrusions. It is based on unsupervised machine learning. Trained by regular request data system detects outlier user parameters. Since training is not reliant on previous knowledge of SQL injections, t...

  16. Portable modular detection system

    Science.gov (United States)

    Brennan, James S [Rodeo, CA; Singh, Anup [Danville, CA; Throckmorton, Daniel J [Tracy, CA; Stamps, James F [Livermore, CA

    2009-10-13

    Disclosed herein are portable and modular detection devices and systems for detecting electromagnetic radiation, such as fluorescence, from an analyte which comprises at least one optical element removably attached to at least one alignment rail. Also disclosed are modular detection devices and systems having an integrated lock-in amplifier and spatial filter and assay methods using the portable and modular detection devices.

  17. Model-based temperature noise monitoring methods for LMFBR core anomaly detection

    International Nuclear Information System (INIS)

    Tamaoki, Tetsuo; Sonoda, Yukio; Sato, Masuo; Takahashi, Ryoichi.

    1994-01-01

    Temperature noise, measured by thermocouples mounted at each core fuel subassembly, is considered to be the most useful signal for detecting and locating local cooling anomalies in an LMFBR core. However, the core outlet temperature noise contains background noise due to fluctuations in the operating parameters including reactor power. It is therefore necessary to reduce this background noise for highly sensitive anomaly detection by subtracting predictable components from the measured signal. In the present study, both a physical model and an autoregressive model were applied to noise data measured in the experimental fast reactor JOYO. The results indicate that the autoregressive model has a higher precision than the physical model in background noise prediction. Based on these results, an 'autoregressive model modification method' is proposed, in which a temporary autoregressive model is generated by interpolation or extrapolation of reference models identified under a small number of different operating conditions. The generated autoregressive model has shown sufficient precision over a wide range of reactor power in applications to artificial noise data produced by an LMFBR noise simulator even when the coolant flow rate was changed to keep a constant power-to-flow ratio. (author)

  18. Anomaly detection using temporal data mining in a smart home environment.

    Science.gov (United States)

    Jakkula, V; Cook, D J

    2008-01-01

    To many people, home is a sanctuary. With the maturing of smart home technologies, many people with cognitive and physical disabilities can lead independent lives in their own homes for extended periods of time. In this paper, we investigate the design of machine learning algorithms that support this goal. We hypothesize that machine learning algorithms can be designed to automatically learn models of resident behavior in a smart home, and that the results can be used to perform automated health monitoring and to detect anomalies. Specifically, our algorithms draw upon the temporal nature of sensor data collected in a smart home to build a model of expected activities and to detect unexpected, and possibly health-critical, events in the home. We validate our algorithms using synthetic data and real activity data collected from volunteers in an automated smart environment. The results from our experiments support our hypothesis that a model can be learned from observed smart home data and used to report anomalies, as they occur, in a smart home.

  19. Intrusion detection system elements

    International Nuclear Information System (INIS)

    Eaton, M.J.; Mangan, D.L.

    1980-09-01

    This report highlights elements required for an intrusion detection system and discusses problems which can be encountered in attempting to make the elements effective. Topics discussed include: sensors, both for exterior detection and interior detection; alarm assessment systems, with the discussion focused on video assessment; and alarm reporting systems, including alarm communication systems and dislay/console considerations. Guidance on careful planning and design of a new or to-be-improved system is presented

  20. An Overview of Deep Learning Based Methods for Unsupervised and Semi-Supervised Anomaly Detection in Videos

    Directory of Open Access Journals (Sweden)

    B. Ravi Kiran

    2018-02-01

    Full Text Available Videos represent the primary source of information for surveillance applications. Video material is often available in large quantities but in most cases it contains little or no annotation for supervised learning. This article reviews the state-of-the-art deep learning based methods for video anomaly detection and categorizes them based on the type of model and criteria of detection. We also perform simple studies to understand the different approaches and provide the criteria of evaluation for spatio-temporal anomaly detection.

  1. Anomaly-Based Intrusion Detection Systems Utilizing System Call Data

    Science.gov (United States)

    2012-03-01

    52 Table 7. Place Reachability Statistics for Low Level CPN...54 Table 8. Place Reachability Statistics for High Level CPN................................................. 55 Table 9. Password Stealing...the efficiency of traditional anti-virus software tools that are dependent on gigantic , continuously updated databases. Fortunately, Intrusion

  2. Anomaly detection in heterogeneous media via saliency analysis of propagating wavefields

    Science.gov (United States)

    Druce, Jeffrey M.; Haupt, Jarvis D.; Gonella, Stefano

    2014-03-01

    This work investigates the problem of anomaly detection by means of an agnostic inference strategy based on the concepts of spatial saliency and data sparsity. Specifically, it addresses the implementation and experimental validation aspects of a salient feature extraction methodology that was recently proposed for laser-based diagnostics and leverages the wavefield spatial reconstruction capability offered by scanning laser vibrometers. The methodology consists of two steps. The first is a spatiotemporal windowing strategy designed to partition the structural domain in small sub-domains and replicate impinging wave conditions at each location. The second is the construction of a low-rank-plus-outlier model of the regional data set using principal component analysis. Regions are labeled salient when their behavior does not belong to a common low-dimensional subspace that successfully describes the typical behavior of the anomaly-free portion of the surrounding medium. The most at­ tractive feature of this method is that it requires virtually no knowledge of the structural and material properties of the medium. This property makes it a powerful diagnostic tool for the inspection of media with pronounced heterogeneity or with unknown or unreliable material property distributions, e.g., as a result of severe material degradation over large portions of their domain.

  3. Detection of Anomalies in Citrus Leaves Using Laser-Induced Breakdown Spectroscopy (LIBS).

    Science.gov (United States)

    Sankaran, Sindhuja; Ehsani, Reza; Morgan, Kelly T

    2015-08-01

    Nutrient assessment and management are important to maintain productivity in citrus orchards. In this study, laser-induced breakdown spectroscopy (LIBS) was applied for rapid and real-time detection of citrus anomalies. Laser-induced breakdown spectroscopy spectra were collected from citrus leaves with anomalies such as diseases (Huanglongbing, citrus canker) and nutrient deficiencies (iron, manganese, magnesium, zinc), and compared with those of healthy leaves. Baseline correction, wavelet multivariate denoising, and normalization techniques were applied to the LIBS spectra before analysis. After spectral pre-processing, features were extracted using principal component analysis and classified using two models, quadratic discriminant analysis and support vector machine (SVM). The SVM resulted in a high average classification accuracy of 97.5%, with high average canker classification accuracy (96.5%). LIBS peak analysis indicated that high intensities at 229.7, 247.9, 280.3, 393.5, 397.0, and 769.8 nm were observed of 11 peaks found in all the samples. Future studies using controlled experiments with variable nutrient applications are required for quantification of foliar nutrients by using LIBS-based sensing.

  4. Sirenomelia with associated systemic anomalies: an autopsy pathologic illustration of a series of four cases.

    Science.gov (United States)

    Chikkannaiah, Panduranga; Mahadevan, Anita; Gosavi, Manasi; Kangle, Ranjit; Anuradha; Shankar, S K

    2014-07-01

    Sirenomelia, a developmental defect involving the caudal region of the body, is associated with several internal visceral anomalies. We report a detailed spectrum of anomalies in an autopsy study of four fetuses with sirenomelia (gestational ages - 20, 21, 22.4, and 22.5 weeks). Three of the fetuses had single umbilical artery, with genitourinary and gastrointestinal anomalies. Central nervous system anomalies were evident in two of the fetuses, with alobar holoprosencephaly in one and lumbar meningomyelocele in another. The most common gastrointestinal anomaly was blind ended gut (imperforate anus), while esophageal atresia and omphalocele were noted in one case each. Renal hypoplasia was seen in two fetuses, renal agenesis in one and cystic renal dysplasia was noted in one case. Literature regarding pathogenesis of this condition is briefly discussed. Copyright © 2014 Elsevier GmbH. All rights reserved.

  5. Interior intrusion detection systems

    Energy Technology Data Exchange (ETDEWEB)

    Rodriguez, J.R.; Matter, J.C. (Sandia National Labs., Albuquerque, NM (United States)); Dry, B. (BE, Inc., Barnwell, SC (United States))

    1991-10-01

    The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs.

  6. Interior intrusion detection systems

    International Nuclear Information System (INIS)

    Rodriguez, J.R.; Matter, J.C.; Dry, B.

    1991-10-01

    The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs

  7. Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

    Energy Technology Data Exchange (ETDEWEB)

    Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

    2011-04-01

    Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

  8. Adaptive hidden Markov model with anomaly States for price manipulation detection.

    Science.gov (United States)

    Cao, Yi; Li, Yuhua; Coleman, Sonya; Belatreche, Ammar; McGinnity, Thomas Martin

    2015-02-01

    Price manipulation refers to the activities of those traders who use carefully designed trading behaviors to manually push up or down the underlying equity prices for making profits. With increasing volumes and frequency of trading, price manipulation can be extremely damaging to the proper functioning and integrity of capital markets. The existing literature focuses on either empirical studies of market abuse cases or analysis of particular manipulation types based on certain assumptions. Effective approaches for analyzing and detecting price manipulation in real time are yet to be developed. This paper proposes a novel approach, called adaptive hidden Markov model with anomaly states (AHMMAS) for modeling and detecting price manipulation activities. Together with wavelet transformations and gradients as the feature extraction methods, the AHMMAS model caters to price manipulation detection and basic manipulation type recognition. The evaluation experiments conducted on seven stock tick data from NASDAQ and the London Stock Exchange and 10 simulated stock prices by stochastic differential equation show that the proposed AHMMAS model can effectively detect price manipulation patterns and outperforms the selected benchmark models.

  9. Real-time progressive hyperspectral image processing endmember finding and anomaly detection

    CERN Document Server

    Chang, Chein-I

    2016-01-01

    The book covers the most crucial parts of real-time hyperspectral image processing: causality and real-time capability. Recently, two new concepts of real time hyperspectral image processing, Progressive Hyperspectral Imaging (PHSI) and Recursive Hyperspectral Imaging (RHSI). Both of these can be used to design algorithms and also form an integral part of real time hyperpsectral image processing. This book focuses on progressive nature in algorithms on their real-time and causal processing implementation in two major applications, endmember finding and anomaly detection, both of which are fundamental tasks in hyperspectral imaging but generally not encountered in multispectral imaging. This book is written to particularly address PHSI in real time processing, while a book, Recursive Hyperspectral Sample and Band Processing: Algorithm Architecture and Implementation (Springer 2016) can be considered as its companion book. Includes preliminary background which is essential to those who work in hyperspectral ima...

  10. Bootstrap Prediction Intervals in Non-Parametric Regression with Applications to Anomaly Detection

    Science.gov (United States)

    Kumar, Sricharan; Srivistava, Ashok N.

    2012-01-01

    Prediction intervals provide a measure of the probable interval in which the outputs of a regression model can be expected to occur. Subsequently, these prediction intervals can be used to determine if the observed output is anomalous or not, conditioned on the input. In this paper, a procedure for determining prediction intervals for outputs of nonparametric regression models using bootstrap methods is proposed. Bootstrap methods allow for a non-parametric approach to computing prediction intervals with no specific assumptions about the sampling distribution of the noise or the data. The asymptotic fidelity of the proposed prediction intervals is theoretically proved. Subsequently, the validity of the bootstrap based prediction intervals is illustrated via simulations. Finally, the bootstrap prediction intervals are applied to the problem of anomaly detection on aviation data.

  11. Clustering and Support Vector Regression for Water Demand Forecasting and Anomaly Detection

    Directory of Open Access Journals (Sweden)

    Antonio Candelieri

    2017-03-01

    Full Text Available This paper presents a completely data-driven and machine-learning-based approach, in two stages, to first characterize and then forecast hourly water demand in the short term with applications of two different data sources: urban water demand (SCADA data and individual customer water consumption (AMR data. In the first case, reliable forecasting can be used to optimize operations, particularly the pumping schedule, in order to reduce energy-related costs, while in the second case, the comparison between forecast and actual values may support the online detection of anomalies, such as smart meter faults, fraud or possible cyber-physical attacks. Results are presented for a real case: the water distribution network in Milan.

  12. Reliable detection of fluence anomalies in EPID-based IMRT pretreatment quality assurance using pixel intensity deviations

    International Nuclear Information System (INIS)

    Gordon, J. J.; Gardner, J. K.; Wang, S.; Siebers, J. V.

    2012-01-01

    Purpose: This work uses repeat images of intensity modulated radiation therapy (IMRT) fields to quantify fluence anomalies (i.e., delivery errors) that can be reliably detected in electronic portal images used for IMRT pretreatment quality assurance. Methods: Repeat images of 11 clinical IMRT fields are acquired on a Varian Trilogy linear accelerator at energies of 6 MV and 18 MV. Acquired images are corrected for output variations and registered to minimize the impact of linear accelerator and electronic portal imaging device (EPID) positioning deviations. Detection studies are performed in which rectangular anomalies of various sizes are inserted into the images. The performance of detection strategies based on pixel intensity deviations (PIDs) and gamma indices is evaluated using receiver operating characteristic analysis. Results: Residual differences between registered images are due to interfraction positional deviations of jaws and multileaf collimator leaves, plus imager noise. Positional deviations produce large intensity differences that degrade anomaly detection. Gradient effects are suppressed in PIDs using gradient scaling. Background noise is suppressed using median filtering. In the majority of images, PID-based detection strategies can reliably detect fluence anomalies of ≥5% in ∼1 mm 2 areas and ≥2% in ∼20 mm 2 areas. Conclusions: The ability to detect small dose differences (≤2%) depends strongly on the level of background noise. This in turn depends on the accuracy of image registration, the quality of the reference image, and field properties. The longer term aim of this work is to develop accurate and reliable methods of detecting IMRT delivery errors and variations. The ability to resolve small anomalies will allow the accuracy of advanced treatment techniques, such as image guided, adaptive, and arc therapies, to be quantified.

  13. The Use of Hidden Markov Models for Anomaly Detection in Nuclear Core Condition Monitoring

    Science.gov (United States)

    Stephen, Bruce; West, Graeme M.; Galloway, Stuart; McArthur, Stephen D. J.; McDonald, James R.; Towle, Dave

    2009-04-01

    Unplanned outages can be especially costly for generation companies operating nuclear facilities. Early detection of deviations from expected performance through condition monitoring can allow a more proactive and managed approach to dealing with ageing plant. This paper proposes an anomaly detection framework incorporating the use of the Hidden Markov Model (HMM) to support the analysis of nuclear reactor core condition monitoring data. Fuel Grab Load Trace (FGLT) data gathered within the UK during routine refueling operations has been seen to provide information relating to the condition of the graphite bricks that comprise the core. Although manual analysis of this data is time consuming and requires considerable expertise, this paper demonstrates how techniques such as the HMM can provide analysis support by providing a benchmark model of expected behavior against which future refueling events may be compared. The presence of anomalous behavior in candidate traces is inferred through the underlying statistical foundation of the HMM which gives an observation likelihood averaged along the length of the input sequence. Using this likelihood measure, the engineer can be alerted to anomalous behaviour, indicating data which might require further detailed examination. It is proposed that this data analysis technique is used in conjunction with other intelligent analysis techniques currently employed to analyse FGLT to provide a greater confidence measure in detecting anomalous behaviour from FGLT data.

  14. The 2014-2015 warming anomaly in the Southern California Current System observed by underwater gliders

    Science.gov (United States)

    Zaba, Katherine D.; Rudnick, Daniel L.

    2016-02-01

    Large-scale patterns of positive temperature anomalies persisted throughout the surface waters of the North Pacific Ocean during 2014-2015. In the Southern California Current System, measurements by our sustained network of underwater gliders reveal the coastal effects of the recent warming. Regional upper ocean temperature anomalies were greatest since the initiation of the glider network in 2006. Additional observed physical anomalies included a depressed thermocline, high stratification, and freshening; induced biological consequences included changes in the vertical distribution of chlorophyll fluorescence. Contemporaneous surface heat flux and wind strength perturbations suggest that local anomalous atmospheric forcing caused the unusual oceanic conditions.

  15. DEVELOPMENT AND TESTING OF PROCEDURES FOR CARRYING OUT EMERGENCY PHYSICAL INVENTORY TAKING AFTER DETECTING ANOMALY EVENTS CONCERNING NM SECURITY

    International Nuclear Information System (INIS)

    VALENTE, J.; FISHBONE, L.

    2003-01-01

    In the State Scientific Center of Russian Federation - Institute of Physics and Power Engineering (SSC RF-IPPE, Obninsk), which is under Minatom jurisdiction, the procedures for carrying out emergency physical inventory taking (EPIT) were developed and tested in cooperation with the Brookhaven National Laboratory (USA). Here the emergency physical inventory taking means the PIT, which is carried out in case of symptoms indicating a possibility of NM loss (theft). Such PIT often requires a verification of attributes and quantitative characteristics for all the NM items located in a specific Material Balance Area (MBA). In order to carry out the exercise, an MBA was selected where many thousands of NM items containing highly enriched uranium are used. Three clients of the computerized material accounting system (CMAS) are installed in this MBA. Labels with unique (within IPPE site) identification numbers in the form of digit combinations and an appropriate bar code have been applied on the NM items, containers and authorized locations. All the data to be checked during the EPIT are stored in the CMAS database. Five variants of anomalies initiating EPIT and requiring different types of activities on EPIT organization are considered. Automatic working places (AWP) were created on the basis of the client computers in order to carry out a large number of measurements within a reasonable time. In addition to a CMAS client computer, the main components of an AWP include a bar-code reader, an electronic scale and an enrichment meter with NaI--detector--the lMCA Inspector (manufactured by the Canberra Company). All these devices work together with a client computer in the on-line mode. Special computer code (Emergency Inventory Software-EIS) was developed. All the algorithms of interaction between the operator and the system, as well as algorithms of data exchange during the measurements and data comparison, are implemented in this software. Registration of detected

  16. MODELLING EARTH SYSTEM CHANGES THROUGH THE SHURUM-WONOKA ANOMALY

    DEFF Research Database (Denmark)

    Bjerrum, Christian J.; Canfield, D. E.

    the oxygen isotope record is considered to be more sensitive to post depositional diagenesis. The Neoproterozoic d13CIC record, however, reveals prolonged excursions to less than mantle values that cannot be explained by our normal understanding of the carbon cycle. We present a quantitative model...... a powerful greenhouse gas, methane increased temperature and melted icecaps. These combined to produce a negative 18O anomaly, while the higher temperatures also accelerated the weathering of continental rocks, drawing down atmospheric CO2. Lower CO2, in turn, reduced the isotope fractionation between DIC...

  17. Paternal psychological response after ultrasonographic detection of structural fetal anomalies with a comparison to maternal response: a cohort study.

    Science.gov (United States)

    Kaasen, Anne; Helbig, Anne; Malt, Ulrik Fredrik; Naes, Tormod; Skari, Hans; Haugen, Guttorm Nils

    2013-07-12

    In Norway almost all pregnant women attend one routine ultrasound examination. Detection of fetal structural anomalies triggers psychological stress responses in the women affected. Despite the frequent use of ultrasound examination in pregnancy, little attention has been devoted to the psychological response of the expectant father following the detection of fetal anomalies. This is important for later fatherhood and the psychological interaction within the couple. We aimed to describe paternal psychological responses shortly after detection of structural fetal anomalies by ultrasonography, and to compare paternal and maternal responses within the same couple. A prospective observational study was performed at a tertiary referral centre for fetal medicine. Pregnant women with a structural fetal anomaly detected by ultrasound and their partners (study group,n=155) and 100 with normal ultrasound findings (comparison group) were included shortly after sonographic examination (inclusion period: May 2006-February 2009). Gestational age was >12 weeks. We used psychometric questionnaires to assess self-reported social dysfunction, health perception, and psychological distress (intrusion, avoidance, arousal, anxiety, and depression): Impact of Event Scale. General Health Questionnaire and Edinburgh Postnatal Depression Scale. Fetal anomalies were classified according to severity and diagnostic or prognostic ambiguity at the time of assessment. Median (range) gestational age at inclusion in the study and comparison group was 19 (12-38) and 19 (13-22) weeks, respectively. Men and women in the study group had significantly higher levels of psychological distress than men and women in the comparison group on all psychometric endpoints. The lowest level of distress in the study group was associated with the least severe anomalies with no diagnostic or prognostic ambiguity (p < 0.033). Men had lower scores than women on all psychometric outcome variables. The correlation in

  18. Value of Ultrasound in Detecting Urinary Tract Anomalies After First Febrile Urinary Tract Infection in Children.

    Science.gov (United States)

    Ghobrial, Emad E; Abdelaziz, Doaa M; Sheba, Maha F; Abdel-Azeem, Yasser S

    2016-05-01

    Background Urinary tract infection (UTI) is an infection that affects part of the urinary tract. Ultrasound is a noninvasive test that can demonstrate the size and shape of kidneys, presence of dilatation of the ureters, and the existence of anatomic abnormalities. The aim of the study is to estimate the value of ultrasound in detecting urinary tract anomalies after first attack of UTI. Methods This study was conducted at the Nephrology Clinic, New Children's Hospital, Faculty of Medicine, Cairo University, from August 2012 to March 2013, and included 30 children who presented with first attack of acute febrile UTI. All patients were subjected to urine analysis, urine culture and sensitivity, serum creatinine, complete blood count, and imaging in the form of renal ultrasound, voiding cysto-urethrography, and renal scan. Results All the patients had fever with a mean of 38.96°C ± 0.44°C and the mean duration of illness was 6.23 ± 5.64 days. Nineteen patients (63.3%) had an ultrasound abnormality. The commonest abnormalities were kidney stones (15.8%). Only 2 patients who had abnormal ultrasound had also vesicoureteric reflux on cystourethrography. Sensitivity of ultrasound was 66.7%, specificity was 37.5%, positive predictive value was 21.1%, negative predictive value was 81.8%, and total accuracy was 43.33%. Conclusion We concluded that ultrasound alone was not of much value in diagnosing and putting a plan of first attack of febrile UTI. It is recommended that combined investigations are the best way to confirm diagnosis of urinary tract anomalies. © The Author(s) 2015.

  19. Airborne detection of magnetic anomalies associated with soils on the Oak Ridge Reservation, Tennessee

    International Nuclear Information System (INIS)

    Doll, W.E.; Beard, L.P.; Helm, J.M.

    1995-01-01

    Reconnaissance airborne geophysical data acquired over the 35,000-acre Oak Ridge Reservation (ORR), TN, show several magnetic anomalies over undisturbed areas mapped as Copper Ridge Dolomite (CRD). The anomalies of interest are most apparent in magnetic gradient maps where they exceed 0.06 nT/m and in some cases exceed 0.5 nT/m. Anomalies as large as 25nT are seen on maps. Some of the anomalies correlate with known or suspected karst, or with apparent conductivity anomalies calculated from electromagnetic data acquired contemporaneously with the magnetic data. Some of the anomalies have a strong correlation with topographic lows or closed depressions. Surface magnetic data have been acquired over some of these sites and have confirmed the existence of the anomalies. Ground inspections in the vicinity of several of the anomalies has not led to any discoveries of manmade surface materials of sufficient size to generate the observed anomalies. One would expect an anomaly of approximately 1 nT for a pickup truck from 200 ft altitude. Typical residual magnetic anomalies have magnitudes of 5--10 nT, and some are as large as 25nT. The absence of roads or other indications of culture (past or present) near the anomalies and the modeling of anomalies in data acquired with surface instruments indicate that man-made metallic objects are unlikely to be responsible for the anomaly. The authors show that observed anomalies in the CRD can reasonably be associated with thickening of the soil layer. The occurrence of the anomalies in areas where evidences of karstification are seen would follow because sediment deposition would occur in topographic lows. Linear groups of anomalies on the maps may be associated with fracture zones which were eroded more than adjacent rocks and were subsequently covered with a thicker blanket of sediment. This study indicates that airborne magnetic data may be of use in other sites where fracture zones or buried collapse structures are of interest

  20. Network Intrusion Detection System using Apache Storm

    Directory of Open Access Journals (Sweden)

    Muhammad Asif Manzoor

    2017-06-01

    Full Text Available Network security implements various strategies for the identification and prevention of security breaches. Network intrusion detection is a critical component of network management for security, quality of service and other purposes. These systems allow early detection of network intrusion and malicious activities; so that the Network Security infrastructure can react to mitigate these threats. Various systems are proposed to enhance the network security. We are proposing to use anomaly based network intrusion detection system in this work. Anomaly based intrusion detection system can identify the new network threats. We also propose to use Real-time Big Data Stream Processing Framework, Apache Storm, for the implementation of network intrusion detection system. Apache Storm can help to manage the network traffic which is generated at enormous speed and size and the network traffic speed and size is constantly increasing. We have used Support Vector Machine in this work. We use Knowledge Discovery and Data Mining 1999 (KDD’99 dataset to test and evaluate our proposed solution.

  1. An Analysis of Mechanical Constraints when Using Superconducting Gravimeters for Far-Field Pre-Seismic Anomaly Detection

    Directory of Open Access Journals (Sweden)

    Shyh-Chin Lan

    2011-01-01

    Full Text Available Pre-seismic gravity anomalies from records obtained at a 1 Hz sampling rate from superconducting gravimeters (SG around East Asia are analyzed. A comparison of gravity anomalies to the source parameters of associated earthquakes shows that the detection of pre-seismic gravity anomalies is constrained by several mechanical conditions of the seismic fault plane. The constraints of the far-field pre-seismic gravity amplitude perturbation were examined and the critical spatial relationship between the SG station and the epicenter precursory signal for detection was determined. The results show that: (1 the pre-seismic amplitude perturbation of gravity is inversely proportional to distance; (2 the transfer path from the epicenter to the SG station that crosses a tectonic boundary has a relatively low pre-seismic gravity anomaly amplitude; (3 the pre-seismic gravity perturbation amplitude is also affected by the attitude between the location of an SG station and the strike of the ruptured fault plane. The removal of typhoon effects and the selection of SG stations within a certain intersection angle to the strike of the fault plane are essential for obtaining reliable pre-seismic gravity anomaly results.

  2. Hypergraph-based anomaly detection of high-dimensional co-occurrences.

    Science.gov (United States)

    Silva, Jorge; Willett, Rebecca

    2009-03-01

    This paper addresses the problem of detecting anomalous multivariate co-occurrences using a limited number of unlabeled training observations. A novel method based on using a hypergraph representation of the data is proposed to deal with this very high-dimensional problem. Hypergraphs constitute an important extension of graphs which allow edges to connect more than two vertices simultaneously. A variational Expectation-Maximization algorithm for detecting anomalies directly on the hypergraph domain without any feature selection or dimensionality reduction is presented. The resulting estimate can be used to calculate a measure of anomalousness based on the False Discovery Rate. The algorithm has O(np) computational complexity, where n is the number of training observations and p is the number of potential participants in each co-occurrence event. This efficiency makes the method ideally suited for very high-dimensional settings, and requires no tuning, bandwidth or regularization parameters. The proposed approach is validated on both high-dimensional synthetic data and the Enron email database, where p > 75,000, and it is shown that it can outperform other state-of-the-art methods.

  3. Detecting geothermal anomalies and evaluating LST geothermal component by combining thermal remote sensing time series and land surface model data

    NARCIS (Netherlands)

    Romaguera, M.; Vaughan, R. G.; Ettema, J.; Izquierdo-Verdiguier, E.; Hecker, C. A.; van der Meer, F. D.

    This paper explores for the first time the possibilities to use two land surface temperature (LST) time series of different origins (geostationary Meteosat Second Generation satellite data and Noah land surface modelling, LSM), to detect geothermal anomalies and extract the geothermal component of

  4. Detecting geothermal anomalies and evaluating LST geothermal component by combining thermal remote sensing time series and land surface model data

    NARCIS (Netherlands)

    Romaguera, M.; Vaughan, R. G.; Ettema, J.; Izquierdo-Verdiguier, E.; Hecker, C. A.; van der Meer, F. D.

    2017-01-01

    This paper explores for the first time the possibilities to use two land surface temperature (LST) time series of different origins (geostationary Meteosat Second Generation satellite data and Noah land surface modelling, LSM), to detect geothermal anomalies and extract the geothermal component of

  5. Possibility of detecting triple gluon coupling and Adler-Bell-Jackiw anomaly in polarized deep inelastic scattering

    International Nuclear Information System (INIS)

    Lam, C.S.; Li, B.A.

    1980-05-01

    A way to detect experimentally the existence of triple gluon coupling and the Adler-Bell-Jackiw anomaly is to measure the Q 2 -dependence of polarized deep inelastic scattering. These effects lead to a ln ln Q 2 term which we calculate by introducing a new gluon operator in the Wilson expansion

  6. Estimation of the Potential Detection of Diatom Assemblages Based on Ocean Color Radiance Anomalies in the North Sea

    Directory of Open Access Journals (Sweden)

    Anne-Hélène Rêve-Lamarche

    2017-12-01

    Full Text Available Over the past years, a large number of new approaches in the domain of ocean-color have been developed, leading to a variety of innovative descriptors for phytoplankton communities. One of these methods, named PHYSAT, currently allows for the qualitative detection of five main phytoplankton groups from ocean-color measurements. Even though PHYSAT products are widely used in various applications and projects, the approach is limited by the fact it identifies only dominant phytoplankton groups. This current limitation is due to the use of biomarker pigment ratios for establishing empirical relationships between in-situ information and specific ocean-color radiance anomalies in open ocean waters. However, theoretical explanations of PHYSAT suggests that it could be possible to detect more than dominance cases but move more toward phytoplanktonic assemblage detection. Thus, to evaluate the potential of PHYSAT for the detection of phytoplankton assemblages, we took advantage of the Continuous Plankton Recorder (CPR survey, collected in both the English Channel and the North Sea. The available CPR dataset contains information on diatom abundance in two large areas of the North Sea for the period 1998-2010. Using this unique dataset, recurrent diatom assemblages were retrieved based on classification of CPR samples. Six diatom assemblages were identified in-situ, each having indicators taxa or species. Once this first step was completed, the in-situ analysis was used to empirically associate the diatom assemblages with specific PHYSAT spectral anomalies. This step was facilitated by the use of previous classifications of regional radiance anomalies in terms of shape and amplitude, coupled with phenological tools. Through a matchup exercise, three CPR assemblages were associated with specific radiance anomalies. The maps of detection of these specific radiances anomalies are in close agreement with current in-situ ecological knowledge.

  7. Semiconductor radiation detection systems

    CERN Document Server

    2010-01-01

    Covers research in semiconductor detector and integrated circuit design in the context of medical imaging using ionizing radiation. This book explores other applications of semiconductor radiation detection systems in security applications such as luggage scanning, dirty bomb detection and border control.

  8. Confabulation Based Real-time Anomaly Detection for Wide-area Surveillance Using Heterogeneous High Performance Computing Architecture

    Science.gov (United States)

    2015-06-01

    CONFABULATION BASED REAL-TIME ANOMALY DETECTION FOR WIDE-AREA SURVEILLANCE USING HETEROGENEOUS HIGH PERFORMANCE COMPUTING ARCHITECTURE SYRACUSE...DETECTION FOR WIDE-AREA SURVEILLANCE USING HETEROGENEOUS HIGH PERFORMANCE COMPUTING ARCHITECTURE 5a. CONTRACT NUMBER FA8750-12-1-0251 5b. GRANT...processors including graphic processor units (GPUs) and Intel Xeon Phi processors. Experimental results showed significant speedups, which can enable

  9. System Detects Vibrational Instabilities

    Science.gov (United States)

    Bozeman, Richard J., Jr.

    1990-01-01

    Sustained vibrations at two critical frequencies trigger diagnostic response or shutdown. Vibration-analyzing electronic system detects instabilities of combustion in rocket engine. Controls pulse-mode firing of engine and identifies vibrations above threshold amplitude at 5.9 and/or 12kHz. Adapted to other detection and/or control schemes involving simultaneous real-time detection of signals above or below preset amplitudes at two or more specified frequencies. Potential applications include rotating machinery and encoders and decoders in security systems.

  10. Application of Ground-Penetrating Radar for Detecting Internal Anomalies in Tree Trunks with Irregular Contours.

    Science.gov (United States)

    Li, Weilin; Wen, Jian; Xiao, Zhongliang; Xu, Shengxia

    2018-02-22

    To assess the health conditions of tree trunks, it is necessary to estimate the layers and anomalies of their internal structure. The main objective of this paper is to investigate the internal part of tree trunks considering their irregular contour. In this respect, we used ground penetrating radar (GPR) for non-invasive detection of defects and deteriorations in living trees trunks. The Hilbert transform algorithm and the reflection amplitudes were used to estimate the relative dielectric constant. The point cloud data technique was applied as well to extract the irregular contours of trunks. The feasibility and accuracy of the methods were examined through numerical simulations, laboratory and field measurements. The results demonstrated that the applied methodology allowed for accurate characterizations of the internal inhomogeneity. Furthermore, the point cloud technique resolved the trunk well by providing high-precision coordinate information. This study also demonstrated that cross-section tomography provided images with high resolution and accuracy. These integrated techniques thus proved to be promising for observing tree trunks and other cylindrical objects. The applied approaches offer a great promise for future 3D reconstruction of tomographic images with radar wave.

  11. A Comparative Study of Anomaly Detection Techniques for Smart City Wireless Sensor Networks.

    Science.gov (United States)

    Garcia-Font, Victor; Garrigues, Carles; Rifà-Pous, Helena

    2016-06-13

    In many countries around the world, smart cities are becoming a reality. These cities contribute to improving citizens' quality of life by providing services that are normally based on data extracted from wireless sensor networks (WSN) and other elements of the Internet of Things. Additionally, public administration uses these smart city data to increase its efficiency, to reduce costs and to provide additional services. However, the information received at smart city data centers is not always accurate, because WSNs are sometimes prone to error and are exposed to physical and computer attacks. In this article, we use real data from the smart city of Barcelona to simulate WSNs and implement typical attacks. Then, we compare frequently used anomaly detection techniques to disclose these attacks. We evaluate the algorithms under different requirements on the available network status information. As a result of this study, we conclude that one-class Support Vector Machines is the most appropriate technique. We achieve a true positive rate at least 56% higher than the rates achieved with the other compared techniques in a scenario with a maximum false positive rate of 5% and a 26% higher in a scenario with a false positive rate of 15%.

  12. Visualizing histopathologic deep learning classification and anomaly detection using nonlinear feature space dimensionality reduction.

    Science.gov (United States)

    Faust, Kevin; Xie, Quin; Han, Dominick; Goyle, Kartikay; Volynskaya, Zoya; Djuric, Ugljesa; Diamandis, Phedias

    2018-05-16

    There is growing interest in utilizing artificial intelligence, and particularly deep learning, for computer vision in histopathology. While accumulating studies highlight expert-level performance of convolutional neural networks (CNNs) on focused classification tasks, most studies rely on probability distribution scores with empirically defined cutoff values based on post-hoc analysis. More generalizable tools that allow humans to visualize histology-based deep learning inferences and decision making are scarce. Here, we leverage t-distributed Stochastic Neighbor Embedding (t-SNE) to reduce dimensionality and depict how CNNs organize histomorphologic information. Unique to our workflow, we develop a quantitative and transparent approach to visualizing classification decisions prior to softmax compression. By discretizing the relationships between classes on the t-SNE plot, we show we can super-impose randomly sampled regions of test images and use their distribution to render statistically-driven classifications. Therefore, in addition to providing intuitive outputs for human review, this visual approach can carry out automated and objective multi-class classifications similar to more traditional and less-transparent categorical probability distribution scores. Importantly, this novel classification approach is driven by a priori statistically defined cutoffs. It therefore serves as a generalizable classification and anomaly detection tool less reliant on post-hoc tuning. Routine incorporation of this convenient approach for quantitative visualization and error reduction in histopathology aims to accelerate early adoption of CNNs into generalized real-world applications where unanticipated and previously untrained classes are often encountered.

  13. A Comparative Study of Anomaly Detection Techniques for Smart City Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Victor Garcia-Font

    2016-06-01

    Full Text Available In many countries around the world, smart cities are becoming a reality. These cities contribute to improving citizens’ quality of life by providing services that are normally based on data extracted from wireless sensor networks (WSN and other elements of the Internet of Things. Additionally, public administration uses these smart city data to increase its efficiency, to reduce costs and to provide additional services. However, the information received at smart city data centers is not always accurate, because WSNs are sometimes prone to error and are exposed to physical and computer attacks. In this article, we use real data from the smart city of Barcelona to simulate WSNs and implement typical attacks. Then, we compare frequently used anomaly detection techniques to disclose these attacks. We evaluate the algorithms under different requirements on the available network status information. As a result of this study, we conclude that one-class Support Vector Machines is the most appropriate technique. We achieve a true positive rate at least 56% higher than the rates achieved with the other compared techniques in a scenario with a maximum false positive rate of 5% and a 26% higher in a scenario with a false positive rate of 15%.

  14. π0 detection system

    International Nuclear Information System (INIS)

    Suzuki, Yoichiro

    1977-01-01

    A π-zero meson detection system used for the measurement of charge exchange reaction is described. The detection of π-zero is made by observing the coincidence events of two gamma-ray emission following the decay of π-zero meson. The angles of the emitted gamma-rays are detected with a wire spark chamber system, and the energies of the gamma-rays are measured with hodoscope type lead glass Cherenkov counters. In front of the π-zero counter system, a lead converter is set, and the incident gamma-rays convert to electron positron pairs, which can be detected with the wire spark chambers. The system is a multi-track detection system. The high voltage pulser of the wire spark chamber system is a charge line thyratron pulser, and the chamber itself is a transmission line type. Read-out can be made by a mag-line system. Wave forms and efficiencies were measured. The three-track efficiency was about 90% by the condenser method and 95% by the charge line method. (Kato, T.)

  15. Edge detection of magnetic anomalies using analytic signal of tilt angle (ASTA)

    Science.gov (United States)

    Alamdar, K.; Ansari, A. H.; Ghorbani, A.

    2009-04-01

    Magnetic is a commonly used geophysical technique to identify and image potential subsurface targets. Interpretation of magnetic anomalies is a complex process due to the superposition of multiple magnetic sources, presence of geologic and cultural noise and acquisition and positioning error. Both the vertical and horizontal derivatives of potential field data are useful; horizontal derivative, enhance edges whereas vertical derivative narrow the width of anomaly and so locate source bodies more accurately. We can combine vertical and horizontal derivative of magnetic field to achieve analytic signal which is independent to body magnetization direction and maximum value of this lies over edges of body directly. Tilt angle filter is phased-base filter and is defined as angle between vertical derivative and total horizontal derivative. Tilt angle value differ from +90 degree to -90 degree and its zero value lies over body edge. One of disadvantage of this filter is when encountering with deep sources the detected edge is blurred. For overcome this problem many authors introduced new filters such as total horizontal derivative of tilt angle or vertical derivative of tilt angle which Because of using high-order derivative in these filters results may be too noisy. If we combine analytic signal and tilt angle, a new filter termed (ASTA) is produced which its maximum value lies directly over body edge and is easer than tilt angle to delineate body edge and no complicity of tilt angle. In this work new filter has been demonstrated on magnetic data from an area in Sar- Cheshme region in Iran. This area is located in 55 degree longitude and 32 degree latitude and is a copper potential region. The main formation in this area is Andesith and Trachyandezite. Magnetic surveying was employed to separate the boundaries of Andezite and Trachyandezite from adjacent area. In this regard a variety of filters such as analytic signal, tilt angle and ASTA filter have been applied which

  16. Anomaly detection for medical images based on a one-class classification

    Science.gov (United States)

    Wei, Qi; Ren, Yinhao; Hou, Rui; Shi, Bibo; Lo, Joseph Y.; Carin, Lawrence

    2018-02-01

    Detecting an anomaly such as a malignant tumor or a nodule from medical images including mammogram, CT or PET images is still an ongoing research problem drawing a lot of attention with applications in medical diagnosis. A conventional way to address this is to learn a discriminative model using training datasets of negative and positive samples. The learned model can be used to classify a testing sample into a positive or negative class. However, in medical applications, the high unbalance between negative and positive samples poses a difficulty for learning algorithms, as they will be biased towards the majority group, i.e., the negative one. To address this imbalanced data issue as well as leverage the huge amount of negative samples, i.e., normal medical images, we propose to learn an unsupervised model to characterize the negative class. To make the learned model more flexible and extendable for medical images of different scales, we have designed an autoencoder based on a deep neural network to characterize the negative patches decomposed from large medical images. A testing image is decomposed into patches and then fed into the learned autoencoder to reconstruct these patches themselves. The reconstruction error of one patch is used to classify this patch into a binary class, i.e., a positive or a negative one, leading to a one-class classifier. The positive patches highlight the suspicious areas containing anomalies in a large medical image. The proposed method has been tested on InBreast dataset and achieves an AUC of 0.84. The main contribution of our work can be summarized as follows. 1) The proposed one-class learning requires only data from one class, i.e., the negative data; 2) The patch-based learning makes the proposed method scalable to images of different sizes and helps avoid the large scale problem for medical images; 3) The training of the proposed deep convolutional neural network (DCNN) based auto-encoder is fast and stable.

  17. Forward looking anomaly detection via fusion of infrared and color imagery

    Science.gov (United States)

    Stone, K.; Keller, J. M.; Popescu, M.; Havens, T. C.; Ho, K. C.

    2010-04-01

    This paper develops algorithms for the detection of interesting and abnormal objects in color and infrared imagery taken from cameras mounted on a moving vehicle, observing a fixed scene. The primary purpose of detection is to cue a human-in-the-loop detection system. Algorithms for direct detection and change detection are investigated, as well as fusion of the two. Both methods use temporal information to reduce the number of false alarms. The direct detection algorithm uses image self-similarity computed between local neighborhoods to determine interesting, or unique, parts of an image. Neighborhood similarity is computed using Euclidean distance in CIELAB color space for the color imagery, and Euclidean distance between grey levels in the infrared imagery. The change detection algorithm uses the affine scale-invariant feature transform (ASIFT) to transform multiple background frames into the current image space. Each transformed image is then compared to the current image, and the multiple outputs are fused to produce a single difference image. Changes in lighting and contrast between the background run and the current run are adjusted for in both color and infrared imagery. Frame-to-frame motion is modeled using a perspective transformation, the parameters of which are computed using scale-invariant feature transform (SIFT) keypoint correspondences. This information is used to perform temporal accumulation of single frame detections for both the direct detection and change detection algorithms. Performance of the proposed algorithms is evaluated on multiple lanes from a data collection at a US Army test site.

  18. ORP and pH measurements to detect redox and acid-base anomalies from hydrothermal activity

    Science.gov (United States)

    Santana-Casiano, J. M.; González-Dávila, M.; Fraile-Nuez, E.

    2017-12-01

    The Tagoro submarine volcano is located 1.8 km south of the Island of El Hierro at 350 m depth and rises up to 88 m below sea level. It was erupting melting material for five months, from October 2011 to March 2012, changing drastically the physical-chemical properties of the water column in the area. After this eruption, the system evolved to a hydrothermal system. The character of both reduced and acid of the hydrothermal emissions in the Tagoro submarine volcano allowed us to detect anomalies related with changes in the chemical potential and the proton concentration using ORP and pH sensors, respectively. Tow-yos using a CTD-rosette with these two sensors provided the locations of the emissions plotting δ(ORP)/δt and ΔpH versus the latitude or longitude. The ORP sensor responds very quickly to the presence of reduced chemicals in the water column. Changes in potential are proportional to the amount of reduced chemical species present in the water. The magnitude of these changes are examined by the time derivative of ORP, δ(ORP)/δt. To detect changes in the pH, the mean pH for each depth at a reference station in an area not affected by the vent emission is subtracted from each point measured near the volcanic edifice, defining in this way ΔpH. Detailed surveys of the volcanic edifice were carried out between 2014 and 2016 using several CTD-pH-ORP tow-yo studies, localizing the ORP and pH changes, which were used to obtain surface maps of anomalies. Moreover, meridional tow-yos were used to calculate the amount of volcanic CO2 added to the water column. The inputs of CO2 along multiple sections combined with measurements of oceanic currents produced an estimated volcanic CO2 flux = 6.0 105 ± 1.1 105 kg d-1 which increases the acidity above the volcano by 20%. Sites like the Tagoro submarine volcano, in its degasification stage, provide an excellent opportunity to study the carbonate system in a high CO2 world, the volcanic contribution to the global

  19. Novel ST-MUSIC-based spectral analysis for detection of ULF geomagnetic signals anomalies associated with seismic events in Mexico

    Directory of Open Access Journals (Sweden)

    Omar Chavez

    2016-05-01

    Full Text Available Recently, the analysis of ultra-low-frequency (ULF geomagnetic signals in order to detect seismic anomalies has been reported in several works. Yet, they, although having promising results, present problems for their detection since these anomalies are generally too much weak and embedded in high noise levels. In this work, a short-time multiple signal classification (ST-MUSIC, which is a technique with high-frequency resolution and noise immunity, is proposed for the detection of seismic anomalies in the ULF geomagnetic signals. Besides, the energy (E of geomagnetic signals processed by ST-MUSIC is also presented as a complementary parameter to measure the fluctuations between seismic activity and seismic calm period. The usefulness and effectiveness of the proposal are demonstrated through the analysis of a synthetic signal and five real signals with earthquakes. The analysed ULF geomagnetic signals have been obtained using a tri-axial fluxgate magnetometer at the Juriquilla station, which is localized in Queretaro, Mexico (geographic coordinates: longitude 100.45° E and latitude 20.70° N. The results obtained show the detection of seismic perturbations before, during, and after the main shock, making the proposal a suitable tool for detecting seismic precursors.

  20. Methods for computational disease surveillance in infection prevention and control: Statistical process control versus Twitter's anomaly and breakout detection algorithms.

    Science.gov (United States)

    Wiemken, Timothy L; Furmanek, Stephen P; Mattingly, William A; Wright, Marc-Oliver; Persaud, Annuradha K; Guinn, Brian E; Carrico, Ruth M; Arnold, Forest W; Ramirez, Julio A

    2018-02-01

    Although not all health care-associated infections (HAIs) are preventable, reducing HAIs through targeted intervention is key to a successful infection prevention program. To identify areas in need of targeted intervention, robust statistical methods must be used when analyzing surveillance data. The objective of this study was to compare and contrast statistical process control (SPC) charts with Twitter's anomaly and breakout detection algorithms. SPC and anomaly/breakout detection (ABD) charts were created for vancomycin-resistant Enterococcus, Acinetobacter baumannii, catheter-associated urinary tract infection, and central line-associated bloodstream infection data. Both SPC and ABD charts detected similar data points as anomalous/out of control on most charts. The vancomycin-resistant Enterococcus ABD chart detected an extra anomalous point that appeared to be higher than the same time period in prior years. Using a small subset of the central line-associated bloodstream infection data, the ABD chart was able to detect anomalies where the SPC chart was not. SPC charts and ABD charts both performed well, although ABD charts appeared to work better in the context of seasonal variation and autocorrelation. Because they account for common statistical issues in HAI data, ABD charts may be useful for practitioners for analysis of HAI surveillance data. Copyright © 2018 Association for Professionals in Infection Control and Epidemiology, Inc. Published by Elsevier Inc. All rights reserved.

  1. Discovering System Health Anomalies using Data Mining Techniques

    Data.gov (United States)

    National Aeronautics and Space Administration — We discuss a statistical framework that underlies envelope detection schemes as well as dynamical models based on Hidden Markov Models (HMM) that can encompass both...

  2. Solar system fault detection

    Science.gov (United States)

    Farrington, R.B.; Pruett, J.C. Jr.

    1984-05-14

    A fault detecting apparatus and method are provided for use with an active solar system. The apparatus provides an indication as to whether one or more predetermined faults have occurred in the solar system. The apparatus includes a plurality of sensors, each sensor being used in determining whether a predetermined condition is present. The outputs of the sensors are combined in a pre-established manner in accordance with the kind of predetermined faults to be detected. Indicators communicate with the outputs generated by combining the sensor outputs to give the user of the solar system and the apparatus an indication as to whether a predetermined fault has occurred. Upon detection and indication of any predetermined fault, the user can take appropriate corrective action so that the overall reliability and efficiency of the active solar system are increased.

  3. Detection of sinkholes or anomalies using full seismic wave fields : phase II.

    Science.gov (United States)

    2016-08-01

    A new 2-D Full Waveform Inversion (FWI) software code was developed to characterize layering and anomalies beneath the ground surface using seismic testing. The software is capable of assessing the shear and compression wave velocities (Vs and Vp) fo...

  4. An investigation of scalable anomaly detection techniques for a large network of Wi-Fi hotspots

    CSIR Research Space (South Africa)

    Machaka, P

    2015-01-01

    Full Text Available . The Neural Networks, Bayesian Networks and Artificial Immune Systems were used for this experiment. Using a set of data extracted from a live network of Wi-Fi hotspots managed by an ISP; we integrated algorithms into a data collection system to detect...

  5. Idaho Explosives Detection System

    International Nuclear Information System (INIS)

    Reber, Edward L.; Blackwood, Larry G.; Edwards, Andrew J.; Jewell, J. Keith; Rohde, Kenneth W.; Seabury, Edward H.; Klinger, Jeffery B.

    2005-01-01

    The Idaho Explosives Detection System was developed at the Idaho National Laboratory (INL) to respond to threats imposed by delivery trucks potentially carrying explosives into military bases. A full-scale prototype system has been built and is currently undergoing testing. The system consists of two racks, one on each side of a subject vehicle. Each rack includes a neutron generator and an array of NaI detectors. The two neutron generators are pulsed and synchronized. A laptop computer controls the entire system. The control software is easily operable by minimally trained staff. The system was developed to detect explosives in a medium size truck within a 5-min measurement time. System performance was successfully demonstrated with explosives at the INL in June 2004 and at Andrews Air Force Base in July 2004

  6. Idaho Explosives Detection System

    Energy Technology Data Exchange (ETDEWEB)

    Reber, Edward L. [Idaho National Laboratory, 2525 N. Freemont Ave., Idaho Falls, ID 83415-2114 (United States)]. E-mail: reber@inel.gov; Blackwood, Larry G. [Idaho National Laboratory, 2525 N. Freemont Ave., Idaho Falls, ID 83415-2114 (United States); Edwards, Andrew J. [Idaho National Laboratory, 2525 N. Freemont Ave., Idaho Falls, ID 83415-2114 (United States); Jewell, J. Keith [Idaho National Laboratory, 2525 N. Freemont Ave., Idaho Falls, ID 83415-2114 (United States); Rohde, Kenneth W. [Idaho National Laboratory, 2525 N. Freemont Ave., Idaho Falls, ID 83415-2114 (United States); Seabury, Edward H. [Idaho National Laboratory, 2525 N. Freemont Ave., Idaho Falls, ID 83415-2114 (United States); Klinger, Jeffery B. [Idaho National Laboratory, 2525 N. Freemont Ave., Idaho Falls, ID 83415-2114 (United States)

    2005-12-15

    The Idaho Explosives Detection System was developed at the Idaho National Laboratory (INL) to respond to threats imposed by delivery trucks potentially carrying explosives into military bases. A full-scale prototype system has been built and is currently undergoing testing. The system consists of two racks, one on each side of a subject vehicle. Each rack includes a neutron generator and an array of NaI detectors. The two neutron generators are pulsed and synchronized. A laptop computer controls the entire system. The control software is easily operable by minimally trained staff. The system was developed to detect explosives in a medium size truck within a 5-min measurement time. System performance was successfully demonstrated with explosives at the INL in June 2004 and at Andrews Air Force Base in July 2004.

  7. MODVOLC2: A Hybrid Time Series Analysis for Detecting Thermal Anomalies Applied to Thermal Infrared Satellite Data

    Science.gov (United States)

    Koeppen, W. C.; Wright, R.; Pilger, E.

    2009-12-01

    We developed and tested a new, automated algorithm, MODVOLC2, which analyzes thermal infrared satellite time series data to detect and quantify the excess energy radiated from thermal anomalies such as active volcanoes, fires, and gas flares. MODVOLC2 combines two previously developed algorithms, a simple point operation algorithm (MODVOLC) and a more complex time series analysis (Robust AVHRR Techniques, or RAT) to overcome the limitations of using each approach alone. MODVOLC2 has four main steps: (1) it uses the original MODVOLC algorithm to process the satellite data on a pixel-by-pixel basis and remove thermal outliers, (2) it uses the remaining data to calculate reference and variability images for each calendar month, (3) it compares the original satellite data and any newly acquired data to the reference images normalized by their variability, and it detects pixels that fall outside the envelope of normal thermal behavior, (4) it adds any pixels detected by MODVOLC to those detected in the time series analysis. Using test sites at Anatahan and Kilauea volcanoes, we show that MODVOLC2 was able to detect ~15% more thermal anomalies than using MODVOLC alone, with very few, if any, known false detections. Using gas flares from the Cantarell oil field in the Gulf of Mexico, we show that MODVOLC2 provided results that were unattainable using a time series-only approach. Some thermal anomalies (e.g., Cantarell oil field flares) are so persistent that an additional, semi-automated 12-µm correction must be applied in order to correctly estimate both the number of anomalies and the total excess radiance being emitted by them. Although all available data should be included to make the best possible reference and variability images necessary for the MODVOLC2, we estimate that at least 80 images per calendar month are required to generate relatively good statistics from which to run MODVOLC2, a condition now globally met by a decade of MODIS observations. We also found

  8. The 2014-2015 Warming Anomaly in the Southern California Current System: Glider Observations

    Science.gov (United States)

    Zaba, K. D.; Rudnick, D. L.

    2016-02-01

    During 2014-2015, basin-wide patterns of oceanic and atmospheric anomalies affected surface waters throughout the North Pacific Ocean. We present regional physical and biological effects of the warming, as observed by our autonomous underwater gliders in the southern California Current System (SCCS). Established in 2006, the California Glider Network provides sustained subsurface observations for monitoring the coastal effects of large-scale climate variability. Along repeat sections that extend to 350-500 km in offshore distance and 500 m in depth, Spray gliders have continuously occupied CalCOFI lines 66.7, 80, and 90 for nearly nine years. Following a sawtooth trajectory, the gliders complete each dive in approximately 3 hours and over 3 km. Measured variables include pressure, temperature, salinity, chlorophyll fluorescence, and velocity. For each of the three lines, a comprehensive climatology has been constructed from the multiyear timeseries. The ongoing surface-intensified warming anomaly, which began locally in early 2014 and persists through present, is unprecedented in the glider climatology. Reaching up to 5°C, positive temperature anomalies have been generally confined to the upper 50 m and persistent for over 20 months. The timing of the warming was in phase along each glider line but out of phase with equatorial SST anomalies, suggesting a decoupling of tropical and mid-latitude dynamics. Concurrent physical oceanographic anomalies included a depressed thermocline and high stratification. An induced biological response was apparent in the deepening of the subsurface chlorophyll fluorescence maximum. Ancillary atmospheric data from the NCEP North American Mesoscale (NAM) model indicate that a combination of surface forcing anomalies, namely high downward heat flux and weak wind stress magnitude, caused the unusual warm, downwelling conditions. With a strong El Niño event in the forecast for winter 2015-2016, our sustained glider network will

  9. Proximity detection system underground

    Energy Technology Data Exchange (ETDEWEB)

    Denis Kent [Mine Site Technologies (Australia)

    2008-04-15

    Mine Site Technologies (MST) with the support ACARP and Xstrata Coal NSW, as well as assistance from Centennial Coal, has developed a Proximity Detection System to proof of concept stage as per plan. The basic aim of the project was to develop a system to reduce the risk of the people coming into contact with vehicles in an uncontrolled manner (i.e. being 'run over'). The potential to extend the developed technology into other areas, such as controls for vehicle-vehicle collisions and restricting access of vehicle or people into certain zones (e.g. non FLP vehicles into Hazardous Zones/ERZ) was also assessed. The project leveraged off MST's existing Intellectual Property and experience gained with our ImPact TRACKER tagging technology, allowing the development to be fast tracked. The basic concept developed uses active RFID Tags worn by miners underground to be detected by vehicle mounted Readers. These Readers in turn provide outputs that can be used to alert a driver (e.g. by light and/or audible alarm) that a person (Tag) approaching within their vicinity. The prototype/test kit developed proved the concept and technology, the four main components being: Active RFID Tags to send out signals for detection by vehicle mounted receivers; Receiver electronics to detect RFID Tags approaching within the vicinity of the unit to create a long range detection system (60 m to 120 m); A transmitting/exciter device to enable inner detection zone (within 5 m to 20 m); and A software/hardware device to process & log incoming Tags reads and create certain outputs. Tests undertaken in the laboratory and at a number of mine sites, confirmed the technology path taken could form the basis of a reliable Proximity Detection/Alert System.

  10. Detection of geothermal anomalies in Tengchong, Yunnan Province, China from MODIS multi-temporal night LST imagery

    Science.gov (United States)

    Li, H.; Kusky, T. M.; Peng, S.; Zhu, M.

    2012-12-01

    Thermal infrared (TIR) remote sensing is an important technique in the exploration of geothermal resources. In this study, a geothermal survey is conducted in Tengchong area of Yunnan province in China using multi-temporal MODIS LST (Land Surface Temperature). The monthly night MODIS LST data from Mar. 2000 to Mar. 2011 of the study area were collected and analyzed. The 132 month average LST map was derived and three geothermal anomalies were identified. The findings of this study agree well with the results from relative geothermal gradient measurements. Finally, we conclude that TIR remote sensing is a cost-effective technique to detect geothermal anomalies. Combining TIR remote sensing with geological analysis and the understanding of geothermal mechanism is an accurate and efficient approach to geothermal area detection.

  11. Gas detection system

    International Nuclear Information System (INIS)

    Allan, C.J.; Bayly, J.G.

    1975-01-01

    The gas detection system provides for the effective detection of gas leaks over a large area. It includes a laser which has a laser line corresponding to an absorption line of the gas to be detected. A He-Xe laser scans a number of retroreflectors which are strategically located around a D 2 O plant to detect H 2 S leaks. The reflected beam is focused by a telescope, filtered, and passed into an infrared detector. The laser may be made to emit two frequencies, one of which corresponds with an H 2 S absorption line; or it may be modulated on and off the H 2 S absorption line. The relative amplitude of the absorbed light will be a measure of the H 2 S present

  12. Concavity anomalies, topology of events and phase transitions in finite systems

    International Nuclear Information System (INIS)

    Gulminelli, F.; Chomaz, P.H.

    2001-02-01

    We propose a definition of first order phase transitions in finite systems based on topology anomalies of the event distribution in the space of observations. This generalizes the definitions based on the curvature anomalies of thermodynamical potentials, provides a natural definition of order parameters and can be related to the Yang Lee theorem in the thermodynamical limit. It is directly operational from the experimental point of view. It allows to study phase transitions in Gibbs equilibria as well as in other ensembles such as the Tsallis ensemble. (authors)

  13. Research on Healthy Anomaly Detection Model Based on Deep Learning from Multiple Time-Series Physiological Signals

    Directory of Open Access Journals (Sweden)

    Kai Wang

    2016-01-01

    Full Text Available Health is vital to every human being. To further improve its already respectable medical technology, the medical community is transitioning towards a proactive approach which anticipates and mitigates risks before getting ill. This approach requires measuring the physiological signals of human and analyzes these data at regular intervals. In this paper, we present a novel approach to apply deep learning in physiological signals analysis that allows doctor to identify latent risks. However, extracting high level information from physiological time-series data is a hard problem faced by the machine learning communities. Therefore, in this approach, we apply model based on convolutional neural network that can automatically learn features from raw physiological signals in an unsupervised manner and then based on the learned features use multivariate Gauss distribution anomaly detection method to detect anomaly data. Our experiment is shown to have a significant performance in physiological signals anomaly detection. So it is a promising tool for doctor to identify early signs of illness even if the criteria are unknown a priori.

  14. Remote detection system

    International Nuclear Information System (INIS)

    Nixon, K.V.; France, S.W.; Garcia, C.; Hastings, R.D.

    1981-05-01

    A newly designed remote detection system has been developed at Los Alamos that allows the collection of high-resolution gamma-ray spectra and neutron data from a remote location. The system consists of the remote unit and a command unit. The remote unit collects data in a potentially hostile environment while the operator controls the unit by either radio or wire link from a safe position. Both units are battery powered and are housed in metal carrying cases

  15. Enhanced Anomaly Detection Via PLS Regression Models and Information Entropy Theory

    KAUST Repository

    Harrou, Fouzi

    2015-12-07

    Accurate and effective fault detection and diagnosis of modern engineering systems is crucial for ensuring reliability, safety and maintaining the desired product quality. In this work, we propose an innovative method for detecting small faults in the highly correlated multivariate data. The developed method utilizes partial least square (PLS) method as a modelling framework, and the symmetrized Kullback-Leibler divergence (KLD) as a monitoring index, where it is used to quantify the dissimilarity between probability distributions of current PLS-based residual and reference one obtained using fault-free data. The performance of the PLS-based KLD fault detection algorithm is illustrated and compared to the conventional PLS-based fault detection methods. Using synthetic data, we have demonstrated the greater sensitivity and effectiveness of the developed method over the conventional methods, especially when data are highly correlated and small faults are of interest.

  16. Enhanced Anomaly Detection Via PLS Regression Models and Information Entropy Theory

    KAUST Repository

    Harrou, Fouzi; Sun, Ying

    2015-01-01

    Accurate and effective fault detection and diagnosis of modern engineering systems is crucial for ensuring reliability, safety and maintaining the desired product quality. In this work, we propose an innovative method for detecting small faults in the highly correlated multivariate data. The developed method utilizes partial least square (PLS) method as a modelling framework, and the symmetrized Kullback-Leibler divergence (KLD) as a monitoring index, where it is used to quantify the dissimilarity between probability distributions of current PLS-based residual and reference one obtained using fault-free data. The performance of the PLS-based KLD fault detection algorithm is illustrated and compared to the conventional PLS-based fault detection methods. Using synthetic data, we have demonstrated the greater sensitivity and effectiveness of the developed method over the conventional methods, especially when data are highly correlated and small faults are of interest.

  17. Remote Voice Detection System

    National Research Council Canada - National Science Library

    Blackmon, Fletcher A

    2007-01-01

    A device and system to remotely detect vocalizations of speech. The skin located on the throat region of a speaking person or a reflective layer on the skin on the throat region vibrates in response to vocalizations of speech by the person...

  18. Detecting Attacks in CyberManufacturing Systems: Additive Manufacturing Example

    Directory of Open Access Journals (Sweden)

    Wu Mingtao

    2017-01-01

    Full Text Available CyberManufacturing System is a vision for future manufacturing where physical components are fully integrated with computational processes in a connected environment. However, realizing the vision requires that its security be adequately ensured. This paper presents a vision-based system to detect intentional attacks on additive manufacturing processes, utilizing machine learning techniques. Particularly, additive manufacturing systems have unique vulnerabilities to malicious attacks, which can result in defective infills but without affecting the exterior. In order to detect such infill defects, the research uses simulated 3D printing process images as well as actual 3D printing process images to compare accuracies of machine learning algorithms in classifying, clustering and detecting anomalies on different types of infills. Three algorithms - (i random forest, (ii k nearest neighbor, and (iii anomaly detection - have been adopted in the research and shown to be effective in detecting such defects.

  19. Moving Sources Detection System

    International Nuclear Information System (INIS)

    Coulon, Romain; Kondrasovs, Vladimir; Boudergui, Karim; Normand, Stephane

    2013-06-01

    To monitor radioactivity passing through a pipe or in a given container such as a train or a truck, radiation detection systems are commonly employed. These detectors could be used in a network set along the source track to increase the overall detection efficiency. However detection methods are based on counting statistics analysis. The method usually implemented consists in trigging an alarm when an individual signal rises over a threshold initially estimated in regards to the natural background signal. The detection efficiency is then proportional to the number of detectors in use, due to the fact that each sensor is taken as a standalone sensor. A new approach is presented in this paper taking into account the temporal periodicity of the signals taken by all distributed sensors as a whole. This detection method is not based only on counting statistics but also on the temporal series analysis aspect. Therefore, a specific algorithm is then developed in our lab for this kind of applications and shows a significant improvement, especially in terms of detection efficiency and false alarms reduction. We also plan on extracting information from the source vector. This paper presents the theoretical approach and some preliminary results obtain in our laboratory. (authors)

  20. Ionospheric anomalies detected by ionosonde and possibly related to crustal earthquakes in Greece

    Science.gov (United States)

    Perrone, Loredana; De Santis, Angelo; Abbattista, Cristoforo; Alfonsi, Lucilla; Amoruso, Leonardo; Carbone, Marianna; Cesaroni, Claudio; Cianchini, Gianfranco; De Franceschi, Giorgiana; De Santis, Anna; Di Giovambattista, Rita; Marchetti, Dedalo; Pavòn-Carrasco, Francisco J.; Piscini, Alessandro; Spogli, Luca; Santoro, Francesca

    2018-03-01

    Ionosonde data and crustal earthquakes with magnitude M ≥ 6.0 observed in Greece during the 2003-2015 period were examined to check if the relationships obtained earlier between precursory ionospheric anomalies and earthquakes in Japan and central Italy are also valid for Greek earthquakes. The ionospheric anomalies are identified on the observed variations of the sporadic E-layer parameters (h'Es, foEs) and foF2 at the ionospheric station of Athens. The corresponding empirical relationships between the seismo-ionospheric disturbances and the earthquake magnitude and the epicentral distance are obtained and found to be similar to those previously published for other case studies. The large lead times found for the ionospheric anomalies occurrence may confirm a rather long earthquake preparation period. The possibility of using the relationships obtained for earthquake prediction is finally discussed.

  1. Ionospheric anomalies detected by ionosonde and possibly related to crustal earthquakes in Greece

    Directory of Open Access Journals (Sweden)

    L. Perrone

    2018-03-01

    Full Text Available Ionosonde data and crustal earthquakes with magnitude M ≥ 6.0 observed in Greece during the 2003–2015 period were examined to check if the relationships obtained earlier between precursory ionospheric anomalies and earthquakes in Japan and central Italy are also valid for Greek earthquakes. The ionospheric anomalies are identified on the observed variations of the sporadic E-layer parameters (h′Es, foEs and foF2 at the ionospheric station of Athens. The corresponding empirical relationships between the seismo-ionospheric disturbances and the earthquake magnitude and the epicentral distance are obtained and found to be similar to those previously published for other case studies. The large lead times found for the ionospheric anomalies occurrence may confirm a rather long earthquake preparation period. The possibility of using the relationships obtained for earthquake prediction is finally discussed.

  2. Anomaly Detection in SCADA Systems - A Network Based Approach

    NARCIS (Netherlands)

    Barbosa, R.R.R.

    2014-01-01

    Supervisory Control and Data Acquisition (SCADA) networks are commonly deployed to aid the operation of large industrial facilities, such as water treatment facilities. Historically, these networks were composed by special-purpose embedded devices communicating through proprietary protocols.

  3. Anomaly detection in SCADA systems: a network based approach

    NARCIS (Netherlands)

    Barbosa, R.R.R.

    2014-01-01

    Supervisory Control and Data Acquisition (SCADA) networks are commonly deployed to aid the operation of large industrial facilities, such as water treatment facilities. Historically, these networks were composed by special-purpose embedded devices communicating through proprietary protocols.

  4. Application of Inductive Monitoring System to Plug Load Anomaly Detection

    Data.gov (United States)

    National Aeronautics and Space Administration — NASA Ames Research Center’s Sustainability Base is a new 50,000 sq. ft. LEED Platinum office building. Plug loads are expected to account for a significant portion...

  5. Development of references of anomalies detection on P91 material using Self-Magnetic Leakage Field (SMLF) technique

    Science.gov (United States)

    Husin, Shuib; Afiq Pauzi, Ahmad; Yunus, Salmi Mohd; Ghafar, Mohd Hafiz Abdul; Adilin Sekari, Saiful

    2017-10-01

    This technical paper demonstrates the successful of the application of self-magnetic leakage field (SMLF) technique in detecting anomalies in weldment of a thick P91 materials joint (1 inch thickness). Boiler components such as boiler tubes, stub boiler at penthouse and energy piping such as hot reheat pipe (HRP) and H-balance energy piping to turbine are made of P91 material. P91 is ferromagnetic material, therefore the technique of self-magnetic leakage field (SMLF) is applicable for P91 in detecting anomalies within material (internal defects). The technique is categorized under non-destructive technique (NDT). It is the second passive method after acoustic emission (AE), at which the information on structures radiation (magnetic field and energy waves) is used. The measured magnetic leakage field of a product or component is a magnetic leakage field occurring on the component’s surface in the zone of dislocation stable slipbands under the influence of operational (in-service) or residual stresses or in zones of maximum inhomogeneity of metal structure in new products or components. Inter-granular and trans-granular cracks, inclusion, void, cavity and corrosion are considered types of inhomogeneity and discontinuity in material where obviously the output of magnetic leakage field will be shown when using this technique. The technique does not required surface preparation for the component to be inspected. This technique is contact-type inspection, which means the sensor has to touch or in-contact to the component’s surface during inspection. The results of application of SMLF technique on the developed P91 reference blocks have demonstrated that the technique is practical to be used for anomaly inspection and detection as well as identification of anomalies’ location. The evaluation of this passive self-magnetic leakage field (SMLF) technique has been verified by other conventional non-destructive tests (NDTs) on the reference blocks where simulated

  6. Early detection and diagnosis of plant anomalies using parallel simulation and knowledge engineering techniques

    International Nuclear Information System (INIS)

    Ness, E.; Berg, Oe.; Soerenssen, A.

    1990-01-01

    A conventional alarm system in a nuclear power plant surveys pressures, temperatures and similar physical quantities and triggers if they get too high or too low. To avoid false alarms for a dynamic process, the alarm limits should be rather wide. This means that a disturbance may develop quite a bit before it is detected. In order to get warnings sufficiently early to avoid taking drastic countermeasures in restoring normal plant conditions, the alarm limits should be put close to the desired operating points. As a extension of several years' activity on alarm reduction methods, the OECD Halden Reactor Project started in 1985 to develop a fault detection system based on the application of reference models for process sections. The system looks at groups of variables rather than single variables. In this way each variable within the group may have a legal value, but the group as a whole may indicate that something is wrong. Therefore faults are detected earlier than by conventional alarm systems, even in dynamic situations. Reference models for the feedwater system of a PWR nuclear power plant have been successfully evaluated with real process data. A test installation is now running on the Loviisa NPP, Finland

  7. Hybrid Intrusion Detection System for DDoS Attacks

    Directory of Open Access Journals (Sweden)

    Özge Cepheli

    2016-01-01

    Full Text Available Distributed denial-of-service (DDoS attacks are one of the major threats and possibly the hardest security problem for today’s Internet. In this paper we propose a hybrid detection system, referred to as hybrid intrusion detection system (H-IDS, for detection of DDoS attacks. Our proposed detection system makes use of both anomaly-based and signature-based detection methods separately but in an integrated fashion and combines the outcomes of both detectors to enhance the overall detection accuracy. We apply two distinct datasets to our proposed system in order to test the detection performance of H-IDS and conclude that the proposed hybrid system gives better results than the systems based on nonhybrid detection.

  8. Anomalies in the detection of change: When changes in sample size are mistaken for changes in proportions.

    Science.gov (United States)

    Fiedler, Klaus; Kareev, Yaakov; Avrahami, Judith; Beier, Susanne; Kutzner, Florian; Hütter, Mandy

    2016-01-01

    Detecting changes, in performance, sales, markets, risks, social relations, or public opinions, constitutes an important adaptive function. In a sequential paradigm devised to investigate detection of change, every trial provides a sample of binary outcomes (e.g., correct vs. incorrect student responses). Participants have to decide whether the proportion of a focal feature (e.g., correct responses) in the population from which the sample is drawn has decreased, remained constant, or increased. Strong and persistent anomalies in change detection arise when changes in proportional quantities vary orthogonally to changes in absolute sample size. Proportional increases are readily detected and nonchanges are erroneously perceived as increases when absolute sample size increases. Conversely, decreasing sample size facilitates the correct detection of proportional decreases and the erroneous perception of nonchanges as decreases. These anomalies are however confined to experienced samples of elementary raw events from which proportions have to be inferred inductively. They disappear when sample proportions are described as percentages in a normalized probability format. To explain these challenging findings, it is essential to understand the inductive-learning constraints imposed on decisions from experience.

  9. SIP threats detection system

    OpenAIRE

    Vozňák, Miroslav; Řezáč, Filip

    2010-01-01

    The paper deals with detection of threats in IP telephony, the authors developed a penetration testing system that is able to check up the level of protection from security threats in IP telephony. The SIP server is a key komponent of VoIP infrastructure and often becomes the aim of attacks and providers have to ensure the appropriate level of security. We have developed web-based penetration system which is able to check the SIP server if can face to the most common attacks.The d...

  10. [The eye, the optic system and its anomalies].

    Science.gov (United States)

    Cohen, S Y

    1993-09-15

    The eye is a perceptive system with extremely complex physiology, although its optical properties can be assimilated to those of spherical diopters. Various approximations make it possible to reduce the eyeball to a single convex diopter. With a normal eye the image of an object situated ad infinitum focuses on the retina. The normal eye is called emmetropic. Otherwise, the eye is called ametropic. Several types of ametropy exist. When the image focuses in front of the retina the eye is said to be myopic. When the image focuses behind the retina the eye is called hypermetropic (or hyperopic). When the image of an object differs according to various focusing axes, the eye is said to be astigmatic.

  11. Big Data Analytics for Flow-based Anomaly Detection in High-Speed Networks

    OpenAIRE

    Garofalo, Mauro

    2017-01-01

    The Cisco VNI Complete Forecast Highlights clearly states that the Internet traffic is growing in three different directions, Volume, Velocity, and Variety, bringing computer network into the big data era. At the same time, sophisticated network attacks are growing exponentially. Such growth making the existing signature-based security tools, like firewall and traditional intrusion detection systems, ineffective against new kind of attacks or variations of known attacks. In this dissertati...

  12. Clinical Observation of Concomitant Congenital Heart Disease and Anomaly of the Urinary System in Adolescent

    Directory of Open Access Journals (Sweden)

    M.P. Limarenko

    2014-08-01

    Full Text Available The article presents the clinical observation of multiple malformations in a child: combination of congenital heart disease with an anomaly of the urinary system on the background of undifferentiated connective tissue dysplasia syndrome of maximum severity. This case report is of interest to pediatricians. Children with defects of the heart and urinary system often have other malformations, so in these patients it is important to conduct a full multisystem examination.

  13. Gas Flow Detection System

    Science.gov (United States)

    Moss, Thomas; Ihlefeld, Curtis; Slack, Barry

    2010-01-01

    This system provides a portable means to detect gas flow through a thin-walled tube without breaking into the tubing system. The flow detection system was specifically designed to detect flow through two parallel branches of a manifold with only one inlet and outlet, and is a means for verifying a space shuttle program requirement that saves time and reduces the risk of flight hardware damage compared to the current means of requirement verification. The prototype Purge Vent and Drain Window Cavity Conditioning System (PVD WCCS) Flow Detection System consists of a heater and a temperature-sensing thermistor attached to a piece of Velcro to be attached to each branch of a WCCS manifold for the duration of the requirement verification test. The heaters and thermistors are connected to a shielded cable and then to an electronics enclosure, which contains the power supplies, relays, and circuit board to provide power, signal conditioning, and control. The electronics enclosure is then connected to a commercial data acquisition box to provide analog to digital conversion as well as digital control. This data acquisition box is then connected to a commercial laptop running a custom application created using National Instruments LabVIEW. The operation of the PVD WCCS Flow Detection System consists of first attaching a heater/thermistor assembly to each of the two branches of one manifold while there is no flow through the manifold. Next, the software application running on the laptop is used to turn on the heaters and to monitor the manifold branch temperatures. When the system has reached thermal equilibrium, the software application s graphical user interface (GUI) will indicate that the branch temperatures are stable. The operator can then physically open the flow control valve to initiate the test flow of gaseous nitrogen (GN2) through the manifold. Next, the software user interface will be monitored for stable temperature indications when the system is again at

  14. An anomaly detector applied to a materials control and accounting system

    International Nuclear Information System (INIS)

    Whiteson, R.; Kelso, F.; Baumgart, C.; Tunnell, T.W.

    1994-01-01

    Large amounts of safeguards data are automatically gathered and stored by monitoring instruments used in nuclear chemical processing plants, nuclear material storage facilities, and nuclear fuel fabrication facilities. An integrated safeguards approach requires the ability to identify anomalous activities or states in these data. Anomalies in the data could be indications of error, theft, or diversion of material. The large volume of the data makes analysis and evaluation by human experts very tedious, and the complex and diverse nature of the data makes these tasks difficult to automate. This paper describes the early work in the development of analysis tools to automate the anomaly detection process. Using data from accounting databases, the authors are modeling the normal behavior of processes. From these models they hope to be able to identify activities or data that deviate from that norm. Such tools would be used to reveal trends, identify errors, and recognize unusual data. Thus the expert's attention can be focused directly on significant phenomena

  15. Single particle detecting telescope system

    International Nuclear Information System (INIS)

    Yamamoto, I.; Tomiyama, T.; Iga, Y.; Komatsubara, T.; Kanada, M.; Yamashita, Y.; Wada, T.; Furukawa, S.

    1981-01-01

    We constructed the single particle detecting telescope system for detecting a fractionally charged particle. The telescope consists of position detecting counters, wall-less multi-cell chambers, single detecting circuits and microcomputer system as data I/0 processor. Especially, a frequency of double particle is compared the case of the single particle detecting with the case of an ordinary measurement

  16. Isotopic anomalies and the early history of the solar system

    International Nuclear Information System (INIS)

    Begemann, F.

    1981-01-01

    Three elements are discussed in some detail. Inclusions from carbonaceous chondrites contain quite normal minerals where the oxygen is enriched by up to 5% in 16 O. The oxygen is neither in isotopic equilibrium with that of the bulk meteorites nor are the different minerals of a single inclusion isotopically homogenized. The xenon in acid-insoluble residues from carbonaceous chondrites contains at least two distinct anomalous components. One consists essentially of the middle-weight isotopes only; the abundance pattern is as expected for Xe produced in the s-process of nucleosynthesis. The second type is to some extent complementary to this s-xenon; it is characterized by an overabundance of the light and the heavy isotopes by up to 100%. Its origin is controversial. Direct production in a supernova has been suggested as well as a superposition of strongly mass-fractionated xenon, favouring the light isotopes, and fission xenon from the decay of (a) superheavy element (s), which in turn would presumably have to be produced in a supernova as well. Neon being more than 99% pure 22 Ne is most convincingly accounted for by in situ-decay of 2.6a 22 Na which implies a condensation of Na-bearing host phases within 10 years or so of the production of 22 Na. It is not clear at present whether this condensation took place in the expanding envelope of an exploding star or within the solar system, with the onset of the collapse of the pre-solar nebula being triggered by such an explosion. (orig./WL)

  17. Arc fault detection system

    Science.gov (United States)

    Jha, K.N.

    1999-05-18

    An arc fault detection system for use on ungrounded or high-resistance-grounded power distribution systems is provided which can be retrofitted outside electrical switchboard circuits having limited space constraints. The system includes a differential current relay that senses a current differential between current flowing from secondary windings located in a current transformer coupled to a power supply side of a switchboard, and a total current induced in secondary windings coupled to a load side of the switchboard. When such a current differential is experienced, a current travels through a operating coil of the differential current relay, which in turn opens an upstream circuit breaker located between the switchboard and a power supply to remove the supply of power to the switchboard. 1 fig.

  18. Arc fault detection system

    Science.gov (United States)

    Jha, Kamal N.

    1999-01-01

    An arc fault detection system for use on ungrounded or high-resistance-grounded power distribution systems is provided which can be retrofitted outside electrical switchboard circuits having limited space constraints. The system includes a differential current relay that senses a current differential between current flowing from secondary windings located in a current transformer coupled to a power supply side of a switchboard, and a total current induced in secondary windings coupled to a load side of the switchboard. When such a current differential is experienced, a current travels through a operating coil of the differential current relay, which in turn opens an upstream circuit breaker located between the switchboard and a power supply to remove the supply of power to the switchboard.

  19. Detection and analysis of anomalies in the brightness temperature difference field using MSG rapid scan data

    Czech Academy of Sciences Publication Activity Database

    Šťástka, J.; Radová, Michaela

    2013-01-01

    Roč. 123, SI (2013), s. 354-359 ISSN 0169-8095 R&D Projects: GA ČR GA205/07/0905 Institutional support: RVO:68378289 Keywords : brightness temperature difference (BTD) * BTD anomaly * cloud-top brightness temperature (BT) * convective storm * MSG Subject RIV: DG - Athmosphere Sciences, Meteorology OBOR OECD: Meteorology and atmospheric sciences Impact factor: 2.421, year: 2013 https://www.sciencedirect.com/science/article/pii/S0169809512001548

  20. Mesoscale convective system surface pressure anomalies responsible for meteotsunamis along the U.S. East Coast on June 13th, 2013.

    Science.gov (United States)

    Wertman, Christina A; Yablonsky, Richard M; Shen, Yang; Merrill, John; Kincaid, Christopher R; Pockalny, Robert A

    2014-11-25

    Two destructive high-frequency sea level oscillation events occurred on June 13th, 2013 along the U.S. East Coast. Seafloor processes can be dismissed as the sources, as no concurrent offshore earthquakes or landslides were detected. Here, we present evidence that these tsunami-like events were generated by atmospheric mesoscale convective systems (MCSs) propagating from inland to offshore. The USArray Transportable Array inland and NOAA tide gauges along the coast recorded the pressure anomalies associated with the MCSs. Once offshore, the pressure anomalies generated shallow water waves, which were amplified by the resonance between the water column and atmospheric forcing. Analysis of the tidal data reveals that these waves reflected off the continental shelf break and reached the coast, where bathymetry and coastal geometry contributed to their hazard potential. This study demonstrates that monitoring MCS pressure anomalies in the interior of the U.S. provides important observations for early warnings of MCS-generated tsunamis.

  1. Properties of the geoelectric structure that promote the detection of electrotelluric anomalies. The case of Ioannina, Greece

    Energy Technology Data Exchange (ETDEWEB)

    Makris, J. P. [Technological Educational Institute of Crete, Dept. of Electronics (Branch of Chania), Chalepa, Chania, Crete (Greece)

    2001-04-01

    The reliable detection and identification of electrotelluric anomalies that could be considered as precursory phenomena of earthquakes become fundamental aspects of earthquake prediction research. Special arrangements, in local and/or regional scale, of the geoelectric structure beneath the measuring point, may act as natural realtime filters on the ULF electrotelluric data improving considerably the signal to magnetotelluric-noise ratio of anomalies originated by probably non-magnetotelluric sources. Linear polarization, i.e. local channelling of the electric field on the surface is expected in cases where 3D-local inhomogeneities, producing strong shear distortion, are present in the vicinity of the monitoring site and/or when a 2D-regional geoelectrical setting exhibits high anisotropy. By assuming different generation mechanisms and modes of propagation for the electrotelluric anomalies that could be considered earthquake precursory phenomena, a rotationally originated residual electrotelluric field results, eliminating background magnetotelluric-noise and revealing hidden transient variations that could be associated to earthquakes. The suggested method is applicable in real-time data collection, thus simplifies and accelerates the tedious task of identification of suspicious signals. As an indicative example, the case of Ioannina (located in Northwestern Greece) is presented. The local polarization of the electrotelluric field varies dramatically even at neighboring points although the regional geoelectric strike direction does not change.

  2. Detection of Anomalies and Changes of Rainfall in the Yellow River Basin, China, through Two Graphical Methods

    Directory of Open Access Journals (Sweden)

    Hao Wu

    2017-12-01

    Full Text Available This study aims to reveal rainfall anomalies and changes over the Yellow River Basin due to the fragile ecosystem and rainfall-related disasters. Common trend analyses relate to overall trends in mean values. Therefore, we used two graphical methods: the quantile perturbation method (QPM was used to investigate anomalies over time in extreme rainfall, and the partial trend method (PTM was used to analyze rainfall changes at different intensities. A nonparametric bootstrap procedure is proposed in order to identify significant PTM indices. The QPM indicated prevailing positive anomalies in extreme daily rainfall 50 years ago and in the middle reaches during the 1970s and 1980s. The PTM detected significant decreases in annual rainfall mainly in the latter half of the middle reaches, two-thirds of which occurred in high and heavy rainfall. Most stations in the middle and lower reaches showed significant decreases in rainy days. Daily rainfall intensity had a significant increase at 13 stations, where rainy days were generally decreasing. The combined effect of these opposing changes explains the prevailing absence of change in annual rainfall, and the observed decreases in annual rainfall can be attributed to the decreasing number of rainy days. The changes in rainy days and rainfall intensity were dominated by the wet season and dry season, respectively.

  3. Detection of anomalies in radio tomography of asteroids: Source count and forward errors

    Science.gov (United States)

    Pursiainen, S.; Kaasalainen, M.

    2014-09-01

    The purpose of this study was to advance numerical methods for radio tomography in which asteroid's internal electric permittivity distribution is to be recovered from radio frequency data gathered by an orbiter. The focus was on signal generation via multiple sources (transponders) providing one potential, or even essential, scenario to be implemented in a challenging in situ measurement environment and within tight payload limits. As a novel feature, the effects of forward errors including noise and a priori uncertainty of the forward (data) simulation were examined through a combination of the iterative alternating sequential (IAS) inverse algorithm and finite-difference time-domain (FDTD) simulation of time evolution data. Single and multiple source scenarios were compared in two-dimensional localization of permittivity anomalies. Three different anomaly strengths and four levels of total noise were tested. Results suggest, among other things, that multiple sources can be necessary to obtain appropriate results, for example, to distinguish three separate anomalies with permittivity less or equal than half of the background value, relevant in recovery of internal cavities.

  4. Counterbalanced radiation detection system

    International Nuclear Information System (INIS)

    Platz, W.

    1987-01-01

    A counterbalanced radiation detection system is described comprising: (a) a stand; (b) a first radiation detector; (c) a first radiation detector arm means for tiltably connecting the first radiation detector with the stand; (d) a second radiation detector; (e) a second radiation detector arm means for tiltably connecting the second radiation detector with the stand, whereby the tilting angles of the radiation detector arm means define a distance between the radiation detectors; and (f) a torque transforming means connected between the first and second radiation detector arm means for transforming the torque created by one of the radiation detectors in a sense opposed to the torque created by the other radiation detector

  5. Time series of GNSS-derived ionospheric maps to detect anomalies as possible precursors of high magnitude earthquakes

    Science.gov (United States)

    Barbarella, M.; De Giglio, M.; Galeandro, A.; Mancini, F.

    2012-04-01

    The modification of some atmospheric physical properties prior to a high magnitude earthquake has been recently debated within the Lithosphere-Atmosphere-Ionosphere (LAI) Coupling model. Among this variety of phenomena the ionization of air at the higher level of the atmosphere, called ionosphere, is investigated in this work. Such a ionization occurrences could be caused by possible leaking of gases from earth crust and their presence was detected around the time of high magnitude earthquakes by several authors. However, the spatial scale and temporal domain over which such a disturbances come into evidence is still a controversial item. Even thought the ionospheric activity could be investigated by different methodologies (satellite or terrestrial measurements), we selected the production of ionospheric maps by the analysis of GNSS (Global Navigation Satellite Data) data as possible way to detect anomalies prior of a seismic event over a wide area around the epicentre. It is well known that, in the GNSS sciences, the ionospheric activity could be probed by the analysis of refraction phenomena occurred on the dual frequency signals along the satellite to receiver path. The analysis of refraction phenomena affecting data acquired by the GNSS permanent trackers is able to produce daily to hourly maps representing the spatial distribution of the ionospheric Total Electron Content (TEC) as an index of the ionization degree in the upper atmosphere. The presence of large ionospheric anomalies could be therefore interpreted in the LAI Coupling model like a precursor signal of a strong earthquake, especially when the appearance of other different precursors (thermal anomalies and/or gas fluxes) could be detected. In this work, a six-month long series of ionospheric maps produced from GNSS data collected by a network of 49 GPS permanent stations distributed within an area around the city of L'Aquila (Abruzzi, Italy), where an earthquake (M = 6.3) occurred on April 6, 2009

  6. Radiation detection system

    International Nuclear Information System (INIS)

    Haeuszer, F.A.

    1976-01-01

    A circuit is disclosed that detects radiation transients and provides a clamping signal in response to each transient. The clamping signal is present from the time the transient rises above a given threshold level and for a known duration thereafter. The system includes radiation sensors, a blocking oscillator that generates a pulse in response to each sensor signal, and an output pulse duration control circuit. The oscillator pulses are fed simultaneously to the output pulse duration control circuit and to an OR gate, the output of which comprises the system output. The output pulse duration is controlled by the time required to magnetize a magnetic core to saturation in first one direction and then the other

  7. The Monitoring, Detection, Isolation and Assessment of Information Warfare Attacks Through Multi-Level, Multi-Scale System Modeling and Model Based Technology

    Science.gov (United States)

    2004-01-01

    login identity to the one under which the system call is executed, the parameters of the system call execution - file names including full path...Anomaly detection COAST-EIMDT Distributed on target hosts EMERALD Distributed on target hosts and security servers Signature recognition Anomaly...uses a centralized architecture, and employs an anomaly detection technique for intrusion detection. The EMERALD project [80] proposes a

  8. Utilizing Stable Isotopes and Isotopic Anomalies to Study Early Solar System Formation Processes

    Science.gov (United States)

    Simon, Justin

    2017-01-01

    Chondritic meteorites contain a diversity of particle components, i.e., chondrules and calcium-, aluminum-rich refractory inclusions (CAIs), that have survived since the formation of the Solar System. The chemical and isotopic compositions of these materials provide a record of the conditions present in the protoplanetary disk where they formed and can aid our understanding of the processes and reservoirs in which solids formed in the solar nebula, an important step leading to the accretion of planetesimals. Isotopic anomalies associated with nucleosynthetic processes are observed in these discrete materials, and can be compared to astronomical observations and astrophysical formation models of stars and more recently proplyds. The existence and size of these isotopic anomalies are typically thought to reflect a significant state of isotopic heterogeneity in the earliest Solar System, likely left over from molecular cloud heterogeneities on the grain scale, but some could also be due to late stellar injection. The homogenization of these isotopic anomalies towards planetary values can be used to track the efficiency and timescales of disk wide mixing,

  9. A new segmentation strategy for processing magnetic anomaly detection data of shallow depth ferromagnetic pipeline

    Science.gov (United States)

    Feng, Shuo; Liu, Dejun; Cheng, Xing; Fang, Huafeng; Li, Caifang

    2017-04-01

    Magnetic anomalies produced by underground ferromagnetic pipelines because of the polarization of earth's magnetic field are used to obtain the information on the location, buried depth and other parameters of pipelines. In order to achieve a fast inversion and interpretation of measured data, it is necessary to develop a fast and stable forward method. Magnetic dipole reconstruction (MDR), as a kind of integration numerical method, is well suited for simulating a thin pipeline anomaly. In MDR the pipeline model must be cut into small magnetic dipoles through different segmentation methods. The segmentation method has an impact on the stability and speed of forward calculation. Rapid and accurate simulation of deep-buried pipelines has been achieved by exciting segmentation method. However, in practical measurement, the depth of underground pipe is uncertain. When it comes to the shallow-buried pipeline, the present segmentation may generate significant errors. This paper aims at solving this problem in three stages. First, the cause of inaccuracy is analyzed by simulation experiment. Secondly, new variable interval section segmentation is proposed based on the existing segmentation. It can help MDR method to obtain simulation results in a fast way under the premise of ensuring the accuracy of different depth models. Finally, the measured data is inversed based on new segmentation method. The result proves that the inversion based on the new segmentation can achieve fast and accurate inversion of depth parameters of underground pipes without being limited by pipeline depth.

  10. Prenatal detection of structural cardiac defects and presence of associated anomalies: a retrospective observational study of 1262 fetal echocardiograms.

    Science.gov (United States)

    Mone, Fionnuala; Walsh, Colin; Mulcahy, Cecelia; McMahon, Colin J; Farrell, Sinead; MacTiernan, Aoife; Segurado, Ricardo; Mahony, Rhona; Higgins, Shane; Carroll, Stephen; McParland, Peter; McAuliffe, Fionnuala M

    2015-06-01

    The aim of this study is to document the detection of fetal congenital heart defect (CHD) in relation to the following: (1) indication for referral, (2) chromosomal and (3) extracardiac abnormalities. All fetal echocardiograms performed in our institution from 2007 to 2011 were reviewed retrospectively. Indication for referral, cardiac diagnosis based on the World Health Organization International Classification of Diseases tenth revision criteria and the presence of chromosomal and extracardiac defects were recorded. Of 1262 echocardiograms, 287 (22.7%) had CHD. Abnormal anatomy scan in pregnancies originally considered to be at low risk of CHD was the best indicator for detecting CHD (91.2% of positive cardiac diagnoses), compared with other indications of family history (5.6%) or maternal medical disorder (3.1%). Congenital anomalies of the cardiac septa comprised the largest category (n = 89), within which atrioventricular septal defects were the most common anomaly (n = 36). Invasive prenatal testing was performed for 126 of 287 cases, of which 44% (n = 55) had a chromosomal abnormality. Of 232 fetuses without chromosomal abnormalities, 31% had an extracardiac defect (n = 76). Most CHDs occur in pregnancies regarded to be at low risk, highlighting the importance of a routine midtrimester fetal anatomy scan. Frequent association of fetal CHD and chromosomal and extracardiac pathology emphasises the importance of thorough evaluation of any fetus with CHD. © 2015 John Wiley & Sons, Ltd.

  11. A Review of Anomaly Detection Techniques and Distributed Denial of Service (DDoS on Software Defined Network (SDN

    Directory of Open Access Journals (Sweden)

    M. H. H. Khairi

    2018-04-01

    Full Text Available Software defined network (SDN is a network architecture in which the network traffic may be operated and managed dynamically according to user requirements and demands. Issue of security is one of the big challenges of SDN because different attacks may affect performance and these attacks can be classified into different types. One of the famous attacks is distributed denial of service (DDoS. SDN is a new networking approach that is introduced with the goal to simplify the network management by separating the data and control planes. However, the separation leads to the emergence of new types of distributed denial-of-service (DDOS attacks on SDN networks. The centralized role of the controller in SDN makes it a perfect target for the attackers. Such attacks can easily bring down the entire network by bringing down the controller. This research explains DDoS attacks and the anomaly detection as one of the famous detection techniques for intelligent networks.

  12. Sensitivity Verification of PWR Monitoring System Using Neuro-Expert For LOCA Detection

    International Nuclear Information System (INIS)

    Muhammad Subekti

    2009-01-01

    Sensitivity Verification of PWR Monitoring System Using Neuro-Expert For LOCA Detection. The present research was done for verification of previous developed method on Loss of Coolant Accident (LOCA) detection and perform simulations for knowing the sensitivity of the PWR monitoring system that applied neuro-expert method. The previous research continuing on present research, has developed and has tested the neuro-expert method for several anomaly detections in Nuclear Power Plant (NPP) typed Pressurized Water Reactor (PWR). Neuro-expert can detect the LOCA anomaly with sensitivity of primary coolant leakage of 7 gallon/min and the conventional method could not detect the primary coolant leakage of 30 gallon/min. Neuro expert method detects significantly LOCA anomaly faster than conventional system in Surry-1 NPP as well so that the impact risk is reducible. (author)

  13. Introduction to detection systems

    DEFF Research Database (Denmark)

    Larsen, Jan

    Presentation of the information processing pipleline for detection including discussing of various issues and the use of mathematical modeling. A simple example of detection a signal in noise illustrated that simple modeling outperforms human visual and auditory perception. Particiants are going...... to discuss issues in detection which is followed by an auditory object recognition exercise. The results of the exercise and its relation to issues in the information processing pipleline is also discussed....

  14. Reading between the fields: practical, effective intrusion detection for industrial control systems

    NARCIS (Netherlands)

    Yüksel, Ömer; den Hartog, Jeremy; Etalle, Sandro

    2016-01-01

    Detection of previously unknown attacks and malicious messages is a challenging problem faced by modern network intrusion detection systems. Anomaly-based solutions, despite being able to detect unknown attacks, have not been used often in practice due to their high false positive rate, and because

  15. Risk of developing palatally displaced canines in patients with early detectable dental anomalies: a retrospective cohort study.

    Science.gov (United States)

    Garib, Daniela Gamba; Lancia, Melissa; Kato, Renata Mayumi; Oliveira, Thais Marchini; Neves, Lucimara Teixeira das

    2016-01-01

    To estimate the risk of PDC occurrence in children with dental anomalies identified early during mixed dentition. The sample comprised 730 longitudinal orthodontic records from children (448 females and 282 males) with an initial mean age of 8.3 years (SD=1.36). The dental anomaly group (DA) included 263 records of patients with at least one dental anomaly identified in the initial or middle mixed dentition. The non-dental anomaly group (NDA) was composed of 467 records of patients with no dental anomalies. The occurrence of PDC in both groups was diagnosed using panoramic and periapical radiographs taken in the late mixed dentition or early permanent dentition. The prevalence of PDC in patients with and without early diagnosed dental anomalies was compared using the chi-square test (pdental anomalies diagnosed during early mixed dentition have an approximately two and a half fold increased risk of developing PDC during late mixed dentition compared with children without dental anomalies.

  16. Evaluating the SEVIRI Fire Thermal Anomaly Detection Algorithm across the Central African Republic Using the MODIS Active Fire Product

    Directory of Open Access Journals (Sweden)

    Patrick H. Freeborn

    2014-02-01

    Full Text Available Satellite-based remote sensing of active fires is the only practical way to consistently and continuously monitor diurnal fluctuations in biomass burning from regional, to continental, to global scales. Failure to understand, quantify, and communicate the performance of an active fire detection algorithm, however, can lead to improper interpretations of the spatiotemporal distribution of biomass burning, and flawed estimates of fuel consumption and trace gas and aerosol emissions. This work evaluates the performance of the Spinning Enhanced Visible and Infrared Imager (SEVIRI Fire Thermal Anomaly (FTA detection algorithm using seven months of active fire pixels detected by the Moderate Resolution Imaging Spectroradiometer (MODIS across the Central African Republic (CAR. Results indicate that the omission rate of the SEVIRI FTA detection algorithm relative to MODIS varies spatially across the CAR, ranging from 25% in the south to 74% in the east. In the absence of confounding artifacts such as sunglint, uncertainties in the background thermal characterization, and cloud cover, the regional variation in SEVIRI’s omission rate can be attributed to a coupling between SEVIRI’s low spatial resolution detection bias (i.e., the inability to detect fires below a certain size and intensity and a strong geographic gradient in active fire characteristics across the CAR. SEVIRI’s commission rate relative to MODIS increases from 9% when evaluated near MODIS nadir to 53% near the MODIS scene edges, indicating that SEVIRI errors of commission at the MODIS scene edges may not be false alarms but rather true fires that MODIS failed to detect as a result of larger pixel sizes at extreme MODIS scan angles. Results from this work are expected to facilitate (i future improvements to the SEVIRI FTA detection algorithm; (ii the assimilation of the SEVIRI and MODIS active fire products; and (iii the potential inclusion of SEVIRI into a network of geostationary

  17. Theoretical implications of the resonance anomalies in the e+-e- system

    International Nuclear Information System (INIS)

    Pakvasa, S.; Rajasekaran, G.; Tuan, S.F.

    1975-01-01

    The phenomenological properties of the recent resonance anomalies at 3.1 GeV and 3.7 GeV in e + -e - systems are confronted in a fairly systematic way with models presently known to us. These include charm-related models, neutral-intermediate-boson-type hypotheses, gauge-related models, and exotic suggestions that the resonant states may have abnormal C parity or that the electromagnetic current has a color triplet piece. We conclude that none of the schemes proposed represents a really satisfactory interpretation of the data

  18. Detection of Congenital Mullerian Anomalies Using Real-Time 3D Sonography

    Directory of Open Access Journals (Sweden)

    Firoozeh Ahmadi

    2011-01-01

    Full Text Available A 35 year-old woman referred to Royan Institute (Reproductive Biomedicine Research Center for infertilitytreatment. She had an eleven-year history of primary infertility with a normal abdominal ultrasound.Hysterosalpingography (HSG was obtained one month prior to referral in another center (Fig A.The HSG finding of an apparent unicorn uterus followed by a normal vaginal ultrasound led us toperform a three-dimensional vaginal ultrasound before resorting to hysteroscopy. Results of thethree-dimensional vaginal ultrasound revealed a normal uterus (Fig B, C.Accurate characterization of congenital Mullerian anomalies (MDAs such as an arcuate, unicornuate,didelphys, bicornuate or septate uterus is challenging. While HSG has been the standard test in the diagnosisof MDAs, some limitations may favor the use of three-dimensional ultrasound. The most difficult partof HSG is interpreting the two-dimensional radiographic image into a complex, three-dimensional livingorgan (1. A variety of technical problems may occur while performing HSG. In this case, only an obliqueview could lead to a correct interpretation. It is advisable for the interpreter to perform the procedure ratherthan to inspect only the finished radiographic images (2.One of the most useful scan planes obtained on three-dimensional ultrasound is the coronal view ofthe uterus. This view is known to be a valuable problem-solving tool that assists in differentiatingbetween various types of MDAs due to the high level of agreement between three-dimensionalultrasound and HSG (3, 4.Recently, three-dimensional ultrasound has become the sole mandatory step in the initial investigationof MDAs due to its superiority to other techniques that have been used for the same purpose (5.

  19. Rapid Anomaly Detection and Tracking via Compressive Time-Spectra Measurement

    Science.gov (United States)

    2016-02-12

    characteristic and precision recall curves. New 1. REPORT DATE (DD-MM-YYYY) 4. TITLE AND SUBTITLE 13. SUPPLEMENTARY NOTES 12. DISTRIBUTION...detection on data in the compressed domain. Detection performance was analyzed using receiver operating characteristic and precision recall curves. New...following categories: (b) Papers published in non-peer-reviewed journals (N/A for none) (c) Presentations Received Paper TOTAL : Received Paper TOTAL

  20. MEASURE/ANOMTEST. Anomaly detection software package for the Dodewaard power plant facility. Supplement 1. Extension of measurement analysis part, addition of plot package

    International Nuclear Information System (INIS)

    Schoonewelle, H.

    1995-01-01

    The anomaly detection software package installed at the Dodewaard nuclear power plant has been revised with respect to the part of the measurement analysis. A plot package has been added to the package. Signals in which an anomaly has been detected are automatically plotted including the uncertainty margins of the signals. This report gives a description of the revised measurement analysis part and the plot package. Each new routine of the plot package is described briefly and the new input and output files are given. (orig.)

  1. Development of the anomaly diagnosis system for transformers using trace constituents in oil; Yuchu biryo seibun ni yoru hen`atsuki ijo shindan hoho no kaihatsu

    Energy Technology Data Exchange (ETDEWEB)

    Ono, H.; Ono, S. [Chugoku Electric Power Co. Inc., Hiroshima (Japan)

    1997-03-21

    In order to complement an anomaly diagnosis system by analysis of gases in oil for transformers, the analysis/diagnosis method of trace constituents in oil was developed. Liquid-liquid solvent extraction using methanol aqueous solution as extract, and high-speed liquid chromatography were adopted to analyze decomposed products dissolved into oil by over heating as trace constituents. The relation between over heat temperature and the amount of decomposed products by over heating was studied by simulation experiment of over heat anomaly. The detectable duration of anomaly after its generation was also studied by examining the adsorption phenomenon of the thermal decomposed products onto insulating materials. As a result, the criterion of the analysis/diagnosis method was prepared by using 5-hydroxymethylfurfural as index constituent of over heating anomaly. Although furfural was also effective as index constituent, it was excluded from the index constituent because furfural is formed by deterioration of transformers even during normal operation. 2 refs., 19 figs., 7 tabs.

  2. Anomalies in the Spectra of the Uncorrelated Components of the Electric Field of the Earth at Frequencies that are Multiples of the Frequencies of Rotation of Relativistic Binary Star Systems

    Science.gov (United States)

    Grunskaya, L. V.; Isakevich, V. V.; Isakevich, D. V.

    2018-05-01

    A system is constructed, which, on the basis of extensive experimental material and the use of eigenoscopy, has allowed us to detect anomalies in the spectra of uncorrelated components localized near the rotation frequencies and twice the rotation frequencies of relativistic binary star systems with vanishingly low probability of false alarm, not exceeding 10-17.

  3. A complete low cost radon detection system

    International Nuclear Information System (INIS)

    Bayrak, A.; Barlas, E.; Emirhan, E.; Kutlu, Ç.; Ozben, C.S.

    2013-01-01

    Monitoring the 222 Rn activity through the 1200 km long Northern Anatolian fault line, for the purpose of earthquake precursory, requires large number of cost effective radon detectors. We have designed, produced and successfully tested a low cost radon detection system (a radon monitor). In the detector circuit of this monitor, First Sensor PS100-7-CER-2 windowless PIN photodiode and a custom made transempedence/shaping amplifier were used. In order to collect the naturally ionized radon progeny to the surface of the PIN photodiode, a potential of 3500 V was applied between the conductive hemi-spherical shell and the PIN photodiode. In addition to the count rate of the radon progeny, absolute pressure, humidity and temperature were logged during the measurements. A GSM modem was integrated to the system for transferring the measurements from the remote locations to the data process center. - Author-Highlights: • Low cost radon detection. • Integrated GSM modem for early warning of radon anomalies. • Radon detection in environment

  4. Highly macroscopically degenerated single-point ground states as source of specific heat capacity anomalies in magnetic frustrated systems

    Science.gov (United States)

    Jurčišinová, E.; Jurčišin, M.

    2018-04-01

    Anomalies of the specific heat capacity are investigated in the framework of the exactly solvable antiferromagnetic spin- 1 / 2 Ising model in the external magnetic field on the geometrically frustrated tetrahedron recursive lattice. It is shown that the Schottky-type anomaly in the behavior of the specific heat capacity is related to the existence of unique highly macroscopically degenerated single-point ground states which are formed on the borders between neighboring plateau-like ground states. It is also shown that the very existence of these single-point ground states with large residual entropies predicts the appearance of another anomaly in the behavior of the specific heat capacity for low temperatures, namely, the field-induced double-peak structure, which exists, and should be observed experimentally, along with the Schottky-type anomaly in various frustrated magnetic system.

  5. Antigen detection systems

    Science.gov (United States)

    Infectious agents or their constituent parts (antigens or nucleic acids) can be detected in fresh, frozen, or fixed tissues or other specimens, using a variety of direct or indirect assays. The assays can be modified to yield the greatest sensitivity and specificity but in most cases a particular m...

  6. Detection and counting systems

    International Nuclear Information System (INIS)

    Abreu, M.A.N. de

    1976-01-01

    Detection devices based on gaseous ionization are analysed, such as: electroscopes ionization chambers, proportional counters and Geiger-Mueller counters. Scintillation methods are also commented. A revision of the basic concepts in electronics is done and the main equipment for counting is detailed. In the study of gama spectrometry, scintillation and semiconductor detectors are analysed [pt

  7. Multi-level anomaly detection: Relevance of big data analytics in ...

    Indian Academy of Sciences (India)

    The Internet has become a vital source of information; internal and exter- .... (iii) DDos detection: Distributed Denial of Service (DDoS) is a common malicious ...... Guirguis M, Bestavros A, Matta I and Zhang Y 2005a Reduction of quality (roq) ...

  8. USBeSafe: Applying One Class SVM for Effective USB Event Anomaly Detection

    Science.gov (United States)

    2016-04-25

    2012. [5] Phil Muncaster. Indian navy computers stormed by malware-ridden USBs. 2012. [6] Ponemon. 2011 Second Annual Cost of Cyber Crime Study...Zhang, and Shanshan Sun. “A mixed unsu- pervised clustering-based intrusion detection model”. In: Genetic and Evolutionary Computing, 2009. WGEC’09

  9. Anomaly Detection in Liquid Pipelines Using Modeling, Co-Simulation and Dynamical Estimation

    OpenAIRE

    Alajlouni , Saed; Rao , Vittal

    2013-01-01

    Part 3: Infrastructure Security; International audience; Historically, supervisory control and data acquisition (SCADA) systems have relied on obscurity to safeguard against attacks. Indeed, external attackers lacked knowledge about proprietary system designs and software to access systems and execute attacks. The trend to interconnect to the Internet and incorporate standardized protocols, however, has resulted in an increase in the attack surface – attackers can now target SCADA systems and...

  10. Study of the threshold anomaly in systems involving weakly bound nuclei

    International Nuclear Information System (INIS)

    Figueira, J.M.; Niello, J.O. Fernandez; Abelof, G.A.; Arazi, A.; Barmak, D.H.; Capurro, O.A.; Carnelli, P.; Fimiani, L.; Marti, G.V.; Heimann, D. Martinez; Negri, A.E.; Pacheco, A.J.; Gomes, P.R.S.; Lubian, J.; Monteiro, D.S.

    2009-01-01

    Full text: One of the dominant mechanisms in systems involving weakly bound nuclei is the break-up channel; however, the dynamics of this process remains poorly understood. In elastic scattering of strongly bound nuclei it is clearly established that there is always a threshold anomaly (TA) in the optical potential. The TA is characterized by a localized peak in the real part of the potential and by a decrease of the imaginary part of the potential as the bombarding energy decreases towards the Coulomb barrier. But when at least one of the nuclei is weakly bound the results are different for different systems. Three kinds of situations have been reported: the usual TA is observed; the usual TA is not observed because the potentials are almost constant even close to the Coulomb barrier; the so-called Break up Threshold Anomaly (BTA), where the imaginary potential increases as the bombarding energy decreases towards the Coulomb barrier. The BTA is attributed to a strong coupling of the elastic channel with the breakup process, which might have a much larger cross section than fusion at sub-barrier energies. In order to understand how those differences are affected by the system properties it is important to have data of new systems available. In this work we contribute original elastic scattering data of the weakly bound 6,7 Li projectiles on 144 Sm at near coulomb barrier energies. The measurements have been performed at the TANDAR Laboratory using 6 Li and 7 Li beams and a 100 μg/cm 2 thick 144 Sm target. Eleven different bombarding energies between 21 and 42.3 MeV were used for each projectile. The results are analyzed using phenomenological optical potentials and compared with results from other systems involving weakly bound nuclei. (author)

  11. Rapid deployment intrusion detection system

    International Nuclear Information System (INIS)

    Graham, R.H.

    1997-01-01

    A rapidly deployable security system is one that provides intrusion detection, assessment, communications, and annunciation capabilities; is easy to install and configure; can be rapidly deployed, and is reusable. A rapidly deployable intrusion detection system (RADIDS) has many potential applications within the DOE Complex: back-up protection for failed zones in a perimeter intrusion detection and assessment system, intrusion detection and assessment capabilities in temporary locations, protection of assets during Complex reconfiguration, and protection in hazardous locations, protection of assets during Complex reconfiguration, and protection in hazardous locations. Many DOE user-need documents have indicated an interest in a rapidly deployable intrusion detection system. The purpose of the RADIDS project is to design, develop, and implement such a system. 2 figs

  12. Value of prenatal MRI in early evaluation of fetal central nervous system anomalies

    Energy Technology Data Exchange (ETDEWEB)

    Kobayashi, Keiichi [Kugayama Hospital, Tokyo (Japan); Nakamura, Masanao; Hino, Ken [Kyorin Univ., Mitaka, Tokyo (Japan). School of Medicine] [and others

    2002-08-01

    Advances in technology and the need for accurate prenatal diagnoses have produced great improvements in fetal diagnosis by MRI. However, there are still many problems with diagnosis of central nervous system (CNS) anomalies using MRI (e.g., time of diagnosis, factors limiting diagnostic ability. Fifteen cases referred to our clinic from 1992 to 2001 and examined using intrauterine ultrasound, prenatal MRI and postnatal MRI were reviewed retrospectively. All clinical records and findings from prenatal MRI, postnatal MRI and ultrasound were reviewed. Prenatal MRI was found to be equal in diagnostic power to ultrasound and postnatal MRI in 10 of the 15 cases. In the remaining 5 fetuses, the findings of prenatal MRI were not the same to those of prenatal ultrasound and postnatal MRI. Our goal was to determine the value of prenatal MRI in diagnosis of fetal CNS anomalies, to ascertain how this information might be used for counseling, and to assess its impact on pregnancy management. Prenatal MRI provided useful information for support personnel (e.g., physicians, nurses, caseworkers, religious advisers). (author)

  13. Anomaly Detection in Log Data using Graph Databases and Machine Learning to Defend Advanced Persistent Threats

    OpenAIRE

    Schindler, Timo

    2018-01-01

    Advanced Persistent Threats (APTs) are a main impendence in cyber security of computer networks. In 2015, a successful breach remains undetected 146 days on average, reported by [Fi16].With our work we demonstrate a feasible and fast way to analyse real world log data to detect breaches or breach attempts. By adapting well-known kill chain mechanisms and a combine of a time series database and an abstracted graph approach, it is possible to create flexible attack profiles. Using this approach...

  14. Anomaly detection in forward looking infrared imaging using one-class classifiers

    Science.gov (United States)

    Popescu, Mihail; Stone, Kevin; Havens, Timothy; Ho, Dominic; Keller, James

    2010-04-01

    In this paper we describe a method for generating cues of possible abnormal objects present in the field of view of an infrared (IR) camera installed on a moving vehicle. The proposed method has two steps. In the first step, for each frame, we generate a set of possible points of interest using a corner detection algorithm. In the second step, the points related to the background are discarded from the point set using an one class classifier (OCC) trained on features extracted from a local neighborhood of each point. The advantage of using an OCC is that we do not need examples from the "abnormal object" class to train the classifier. Instead, OCC is trained using corner points from images known to be abnormal object free, i.e., that contain only background scenes. To further reduce the number of false alarms we use a temporal fusion procedure: a region has to be detected as "interesting" in m out of n, mGM). The comparison is performed using a set of about 900 background point neighborhoods for training and 400 for testing. The best performing OCC is then used to detect abnormal objects in a set of IR video sequences obtained on a 1 mile long country road.

  15. A Fusion of Multiagent Functionalities for Effective Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Dhanalakshmi Krishnan Sadhasivan

    2017-01-01

    Full Text Available Provision of high security is one of the active research areas in the network applications. The failure in the centralized system based on the attacks provides less protection. Besides, the lack of update of new attacks arrival leads to the minimum accuracy of detection. The major focus of this paper is to improve the detection performance through the adaptive update of attacking information to the database. We propose an Adaptive Rule-Based Multiagent Intrusion Detection System (ARMA-IDS to detect the anomalies in the real-time datasets such as KDD and SCADA. Besides, the feedback loop provides the necessary update of attacks in the database that leads to the improvement in the detection accuracy. The combination of the rules and responsibilities for multiagents effectively detects the anomaly behavior, misuse of response, or relay reports of gas/water pipeline data in KDD and SCADA, respectively. The comparative analysis of the proposed ARMA-IDS with the various existing path mining methods, namely, random forest, JRip, a combination of AdaBoost/JRip, and common path mining on the SCADA dataset conveys that the effectiveness of the proposed ARMA-IDS in the real-time fault monitoring. Moreover, the proposed ARMA-IDS offers the higher detection rate in the SCADA and KDD cup 1999 datasets.

  16. Particle detection systems and methods

    Science.gov (United States)

    Morris, Christopher L.; Makela, Mark F.

    2010-05-11

    Techniques, apparatus and systems for detecting particles such as muons and neutrons. In one implementation, a particle detection system employs a plurality of drift cells, which can be for example sealed gas-filled drift tubes, arranged on sides of a volume to be scanned to track incoming and outgoing charged particles, such as cosmic ray-produced muons. The drift cells can include a neutron sensitive medium to enable concurrent counting of neutrons. The system can selectively detect devices or materials, such as iron, lead, gold, uranium, plutonium, and/or tungsten, occupying the volume from multiple scattering of the charged particles passing through the volume and can concurrently detect any unshielded neutron sources occupying the volume from neutrons emitted therefrom. If necessary, the drift cells can be used to also detect gamma rays. The system can be employed to inspect occupied vehicles at border crossings for nuclear threat objects.

  17. An automated computer misuse detection system for UNICOS

    Energy Technology Data Exchange (ETDEWEB)

    Jackson, K.A.; Neuman, M.C.; Simmonds, D.D.; Stallings, C.A.; Thompson, J.L.; Christoph, G.G.

    1994-09-27

    An effective method for detecting computer misuse is the automatic monitoring and analysis of on-line user activity. This activity is reflected in the system audit record, in the system vulnerability posture, and in other evidence found through active testing of the system. During the last several years we have implemented an automatic misuse detection system at Los Alamos. This is the Network Anomaly Detection and Intrusion Reporter (NADIR). We are currently expanding NADIR to include processing of the Cray UNICOS operating system. This new component is called the UNICOS Realtime NADIR, or UNICORN. UNICORN summarizes user activity and system configuration in statistical profiles. It compares these profiles to expert rules that define security policy and improper or suspicious behavior. It reports suspicious behavior to security auditors and provides tools to aid in follow-up investigations. The first phase of UNICORN development is nearing completion, and will be operational in late 1994.

  18. Gravitational anomalies

    Energy Technology Data Exchange (ETDEWEB)

    Leutwyler, H; Mallik, S

    1986-12-01

    The effective action for fermions moving in external gravitational and gauge fields is analyzed in terms of the corresponding external field propagator. The central object in our approach is the covariant energy-momentum tensor which is extracted from the regular part of the propagator at short distances. It is shown that the Lorentz anomaly, the conformal anomaly and the gauge anomaly can be expressed in terms of the local polynomials which determine the singular part of the propagator. (There are no coordinate anomalies). Except for the conformal anomaly, for which we give explicit representations only in dless than or equal to4, we consider an arbitrary number of dimensions.

  19. Accuracy Analysis Comparison of Supervised Classification Methods for Anomaly Detection on Levees Using SAR Imagery

    Directory of Open Access Journals (Sweden)

    Ramakalavathi Marapareddy

    2017-10-01

    Full Text Available This paper analyzes the use of a synthetic aperture radar (SAR imagery to support levee condition assessment by detecting potential slide areas in an efficient and cost-effective manner. Levees are prone to a failure in the form of internal erosion within the earthen structure and landslides (also called slough or slump slides. If not repaired, slough slides may lead to levee failures. In this paper, we compare the accuracy of the supervised classification methods minimum distance (MD using Euclidean and Mahalanobis distance, support vector machine (SVM, and maximum likelihood (ML, using SAR technology to detect slough slides on earthen levees. In this work, the effectiveness of the algorithms was demonstrated using quad-polarimetric L-band SAR imagery from the NASA Jet Propulsion Laboratory’s (JPL’s uninhabited aerial vehicle synthetic aperture radar (UAVSAR. The study area is a section of the lower Mississippi River valley in the Southern USA, where earthen flood control levees are maintained by the US Army Corps of Engineers.

  20. Demand pattern analysis of taxi trip data for anomalies detection and explanation

    DEFF Research Database (Denmark)

    Markou, Ioulia; Rodrigues, Filipe; Pereira, Francisco Camara

    2017-01-01

    Due to environmental and economic stress, strong investment exists now towards adaptive transport systems that can efficiently utilize capacity, minimizing costs and environmental impacts. The common vision is a system that dynamically changes itself (the supply) to anticipate traveler needs (the...... demand). In some occasions, unexpected and unwanted demand patterns are noticed in the traffic network that lead to system failures and cost implications. Significantly low speeds or excessively low flows at an unforeseeable time are only some of the phenomena that are often noticed and need...

  1. Rotor health monitoring combining spin tests and data-driven anomaly detection methods

    Data.gov (United States)

    National Aeronautics and Space Administration — Health monitoring is highly dependent on sensor systems that are capable of performing in various engine environmental conditions and able to transmit a signal upon...

  2. A Survey of Visualization Tools Assessed for Anomaly-Based Intrusion Detection Analysis

    Science.gov (United States)

    2014-04-01

    includes Complex System SCILAB Toolbox, GraphViz, Igraph, NetDraw, Network Workbench, OpenDX, Prefuse, Sci² Tool, and Visualization Toolkit (VTK...Kits’ Capabilities Name Web Sites (all accessed 01/29/2014 Strengths Weaknesses Complex Systems SCILAB Tool http://www.randomfactory.com/openastro...osx/ scilab -info.html Measures graph parameters Academic Free License (AFL); works on UNIX and Windows; programming language is MATLAB; no

  3. A Comparative Study of Data Mining Algorithms for High Detection Rate in Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Nabeela Ashraf

    2018-01-01

    Full Text Available Due to the fast growth and tradition of the internet over the last decades, the network security problems are increasing vigorously. Humans can not handle the speed of processes and the huge amount of data required to handle network anomalies. Therefore, it needs substantial automation in both speed and accuracy. Intrusion Detection System is one of the approaches to recognize illegal access and rare attacks to secure networks. In this proposed paper, Naive Bayes, J48 and Random Forest classifiers are compared to compute the detection rate and accuracy of IDS. For experiments, the KDD_NSL dataset is used.

  4. A support vector machine integrated system for the classification of operation anomalies in nuclear components and systems

    International Nuclear Information System (INIS)

    Rocco S, Claudio M.; Zio, Enrico

    2007-01-01

    A support vector machine (SVM) approach to the classification of transients in nuclear power plants is presented. SVM is a machine-learning algorithm that has been successfully used in pattern recognition for cluster analysis. In the present work, single- and multiclass SVM are combined into a hierarchical structure for distinguishing among transients in nuclear systems on the basis of measured data. An example of application of the approach is presented with respect to the classification of anomalies and malfunctions occurring in the feedwater system of a boiling water reactor. The data used in the example are provided by the HAMBO simulator of the Halden Reactor Project

  5. Fraud Detection in Credit Card Transactions; Using Parallel Processing of Anomalies in Big Data

    Directory of Open Access Journals (Sweden)

    Mohammad Reza Taghva

    2016-10-01

    Full Text Available In parallel to the increasing use of electronic cards, especially in the banking industry, the volume of transactions using these cards has grown rapidly. Moreover, the financial nature of these cards has led to the desirability of fraud in this area. The present study with Map Reduce approach and parallel processing, applied the Kohonen neural network model to detect abnormalities in bank card transactions. For this purpose, firstly it was proposed to classify all transactions into the fraudulent and legal which showed better performance compared with other methods. In the next step, we transformed the Kohonen model into the form of parallel task which demonstrated appropriate performance in terms of time; as expected to be well implemented in transactions with Big Data assumptions.

  6. Detecting geothermal anomalies and evaluating LST geothermal component by combining thermal remote sensing time series and land surface model data

    Science.gov (United States)

    Romaguera, Mireia; Vaughan, R. Greg; Ettema, J.; Izquierdo-Verdiguier, E.; Hecker, C. A.; van der Meer, F.D.

    2018-01-01

    This paper explores for the first time the possibilities to use two land surface temperature (LST) time series of different origins (geostationary Meteosat Second Generation satellite data and Noah land surface modelling, LSM), to detect geothermal anomalies and extract the geothermal component of LST, the LSTgt. We hypothesize that in geothermal areas the LSM time series will underestimate the LST as compared to the remote sensing data, since the former does not account for the geothermal component in its model.In order to extract LSTgt, two approaches of different nature (physical based and data mining) were developed and tested in an area of about 560 × 560 km2 centered at the Kenyan Rift. Pre-dawn data in the study area during the first 45 days of 2012 were analyzed.The results show consistent spatial and temporal LSTgt patterns between the two approaches, and systematic differences of about 2 K. A geothermal area map from surface studies was used to assess LSTgt inside and outside the geothermal boundaries. Spatial means were found to be higher inside the geothermal limits, as well as the relative frequency of occurrence of high LSTgt. Results further show that areas with strong topography can result in anomalously high LSTgt values (false positives), which suggests the need for a slope and aspect correction in the inputs to achieve realistic results in those areas. The uncertainty analysis indicates that large uncertainties of the input parameters may limit detection of LSTgt anomalies. To validate the approaches, higher spatial resolution images from the Advanced Spaceborne Thermal Emission and Reflection Radiometer (ASTER) data over the Olkaria geothermal field were used. An established method to estimate radiant geothermal flux was applied providing values between 9 and 24 W/m2 in the geothermal area, which coincides with the LSTgt flux rates obtained with the proposed approaches.The proposed approaches are a first step in estimating LSTgt

  7. Preliminary study of gravimetric anomalies in the Magallanes-Fagnano fault system, South America

    Directory of Open Access Journals (Sweden)

    Juan Manuel Alcacer

    2018-01-01

    Full Text Available The main objective of this research is to recognize several geological structures associated with the shear zones of the MFFS (Magallanes – Fagnano fault system by the analysis and interpretation of gravimetric anomalies. Besides, to compare the gravimetrical response of the cortical blocks that integrate the region under study, which is related to the different morphotectonic domains recognized in the region. This research was developed employing data obtained from World Gravity 1.0, which includes earth and satellite gravity data derived from the EGM2008 model. The study and interpretation of the MFFS from the analysis and processing of the gravimetric data, allowed appreciation of a noticeable correlation with the most superficial cortical structure.

  8. Radiation detecting system

    International Nuclear Information System (INIS)

    1975-01-01

    In spectrophotometry systems, a usual arrangement for modulating the radiation is a rotating disc having one or more sectors removed. A beam of radiation may be blocked by the disc except when a cut-away sector is in the path of the beam. With a double-beam system, a cut-away sector of 180 0 may be used so that when the first path is blocked, the second is allowed through, and vice versa. One or both sides of the disc may be formed as mirrors to facilitate beam switching and to allow use of more than two beams for background compensation purposes or for analysis of more than one substance within a sample. (G.T.H.)

  9. Radiation detection system

    Science.gov (United States)

    Whited, R.C.

    A system for obtaining improved resolution in relatively thick semiconductor radiation detectors, such as HgI/sub 2/, which exhibit significant hole trapping. Two amplifiers are used: the first measures the charge collected and the second the contribution of the electrons to the charge collected. The outputs of the two amplifiers are utilized to unfold the total charge generated within the detector in response to a radiation event.

  10. Heavy metal anomalies in the Tinto and Odiel River and estuary system, Spain

    Science.gov (United States)

    Nelson, C.H.; Lamothe, P.J.

    1993-01-01

    The Tinto and Odiel rivers drain 100 km from the Rio Tinto sulphide mining district, and join at a 20-km long estuary entering the Atlantic Ocean. A reconnaissance study of heavy metal anomalies in channel sand and overbank mud of the river and estuary by semi-quantitative emission dc-arc spectrographic analysis shows the following upstream to downstream ranges in ppm (??g g-1): As 3,000 to TOC), sandysilty overbank clay has been analyzed to represent suspended load materials. The high content of heavy metals in the overbank clay throughout the river and estuary systems indicates the importance of suspended sediment transport for dispersing heavy metals from natural erosion and anthropogenic mining activities of the sulfide deposit. The organic-poor (0.21-0.37% TOC) river bed sand has been analyzed to represent bedload transport of naturally-occurring sulfide minerals. The sand has high concentrations of metals upstream but these decrease an order of magnitude in the lower estuary. Although heavy metal contamination of estuary mouth beach sand has been diluted to background levels estuary mud exhibits increased contamination apparently related to finer grain size, higher organic carbon content, precipitation of river-borne dissolved solids, and input of anthropogenic heavy metals from industrial sources. The contaminated estuary mud disperses to the inner shelf mud belt and offshore suspended sediment, which exhibit metal anomalies from natural erosion and mining of upstream Rio Tinto sulphide lode sources (Pb, Cu, Zn) and industrial activities within the estuary (Fe, Cr, Ti). Because heavy metal contamination of Tinto-Odiel river sediment reaches or exceeds the highest levels encountered in other river sediments of Spain and Europe, a detailed analysis of metals in water and suspended sediment throughout the system, and epidemiological analysis of heavy metal effects in humans is appropriate. ?? 1993 Estuarine Research Federation.

  11. Sensitivity of susceptibility-weighted imaging in detecting developmental venous anomalies and associated cavernomas and microhemorrhages in children

    International Nuclear Information System (INIS)

    Young, Allen; Bosemani, Thangamadhan; Goel, Reema; Huisman, Thierry A.G.M.; Poretti, Andrea

    2017-01-01

    Developmental venous anomalies (DVA) are common neuroimaging abnormalities that are traditionally diagnosed by contrast-enhanced T1-weighted images as the gold standard. We aimed to evaluate the sensitivity of SWI in detecting DVA and associated cavernous malformations (CM) and microhemorrhages in children in order to determine if SWI may replace contrast-enhanced MRI sequences. Contrast-enhanced T1-weighted images were used as diagnostic gold standard for DVA. The presence of DVA was qualitatively assessed on axial SWI and T2-weighted images by an experienced pediatric neuroradiologist. In addition, the presence of CM and microhemorrhages was evaluated on SWI and contrast-enhanced T1-weighted images. Fifty-seven children with DVA (34 males, mean age at neuroimaging 11.2 years, range 1 month to 17.9 years) were included in this study. Forty-nine out of 57 DVA were identified on SWI (sensitivity of 86%) and 16 out of 57 DVA were detected on T2-weighted images (sensitivity of 28.1%). General anesthesia-related changes in brain hemodynamics and oxygenation were most likely responsible for the majority of SWI false negative. CM were detected in 12 patients on axial SWI, but only in six on contrast-enhanced T1-weighted images. Associated microhemorrhages could be identified in four patients on both axial SWI and contrast-enhanced T1-weighted images, although more numerous and conspicuous on SWI. SWI can identify DVA and associated cavernous malformations and microhemorrhages with high sensitivity, obviating the need for contrast-enhanced MRI sequences. (orig.)

  12. Sensitivity of susceptibility-weighted imaging in detecting developmental venous anomalies and associated cavernomas and microhemorrhages in children

    Energy Technology Data Exchange (ETDEWEB)

    Young, Allen; Bosemani, Thangamadhan; Goel, Reema; Huisman, Thierry A.G.M. [The Johns Hopkins School of Medicine, Charlotte R. Bloomberg Children' s Center, Division of Pediatric Radiology and Pediatric Neuroradiology, The Russell H. Morgan Department of Radiology and Radiological Science, Baltimore, MD (United States); Poretti, Andrea [The Johns Hopkins School of Medicine, Charlotte R. Bloomberg Children' s Center, Division of Pediatric Radiology and Pediatric Neuroradiology, The Russell H. Morgan Department of Radiology and Radiological Science, Baltimore, MD (United States); Kennedy Krieger Institute, Department of Neurogenetics, Baltimore, MD (United States)

    2017-08-15

    Developmental venous anomalies (DVA) are common neuroimaging abnormalities that are traditionally diagnosed by contrast-enhanced T1-weighted images as the gold standard. We aimed to evaluate the sensitivity of SWI in detecting DVA and associated cavernous malformations (CM) and microhemorrhages in children in order to determine if SWI may replace contrast-enhanced MRI sequences. Contrast-enhanced T1-weighted images were used as diagnostic gold standard for DVA. The presence of DVA was qualitatively assessed on axial SWI and T2-weighted images by an experienced pediatric neuroradiologist. In addition, the presence of CM and microhemorrhages was evaluated on SWI and contrast-enhanced T1-weighted images. Fifty-seven children with DVA (34 males, mean age at neuroimaging 11.2 years, range 1 month to 17.9 years) were included in this study. Forty-nine out of 57 DVA were identified on SWI (sensitivity of 86%) and 16 out of 57 DVA were detected on T2-weighted images (sensitivity of 28.1%). General anesthesia-related changes in brain hemodynamics and oxygenation were most likely responsible for the majority of SWI false negative. CM were detected in 12 patients on axial SWI, but only in six on contrast-enhanced T1-weighted images. Associated microhemorrhages could be identified in four patients on both axial SWI and contrast-enhanced T1-weighted images, although more numerous and conspicuous on SWI. SWI can identify DVA and associated cavernous malformations and microhemorrhages with high sensitivity, obviating the need for contrast-enhanced MRI sequences. (orig.)

  13. Boosting Web Intrusion Detection Systems by Inferring Positive Signatures

    NARCIS (Netherlands)

    Bolzoni, D.; Etalle, Sandro

    2008-01-01

    We present a new approach to anomaly-based network intrusion detection for web applications. This approach is based on dividing the input parameters of the monitored web application in two groups: the "regular" and the "irregular" ones, and applying a new method for anomaly detection on the

  14. An Investigation of Techniques for Detecting Data Anomalies in Earned Value Management Data

    Science.gov (United States)

    2011-12-01

    Management Studio Harte Hanks Trillium Software Trillium Software System IBM Info Sphere Foundation Tools Informatica Data Explorer Informatica ...Analyst Informatica Developer Informatica Administrator Pitney Bowes Business Insight Spectrum SAP BusinessObjects Data Quality Management DataFlux...menting quality monitoring efforts and tracking data quality improvements Informatica http://www.informatica.com/products_services/Pages/index.aspx

  15. System and Method for Outlier Detection via Estimating Clusters

    Science.gov (United States)

    Iverson, David J. (Inventor)

    2016-01-01

    An efficient method and system for real-time or offline analysis of multivariate sensor data for use in anomaly detection, fault detection, and system health monitoring is provided. Models automatically derived from training data, typically nominal system data acquired from sensors in normally operating conditions or from detailed simulations, are used to identify unusual, out of family data samples (outliers) that indicate possible system failure or degradation. Outliers are determined through analyzing a degree of deviation of current system behavior from the models formed from the nominal system data. The deviation of current system behavior is presented as an easy to interpret numerical score along with a measure of the relative contribution of each system parameter to any off-nominal deviation. The techniques described herein may also be used to "clean" the training data.

  16. Right-sided superior vena cava draining into the left atrium: a rare anomaly of systemic venous return

    International Nuclear Information System (INIS)

    Aminololama-Shakeri, Shadi; Wootton-Gorges, Sandra L.; Reyes, Melissa; Moore, Elizabeth H.; Pretzlaff, Robert K.

    2007-01-01

    The most commonly encountered systemic thoracic venous anomaly is a persistent left superior vena cava that drains into the right atrium via the coronary sinus. A much rarer systemic venous anomaly is that of isolated anomalous drainage of a normally positioned right superior vena cava (RSVC) into the left atrium (LA). This has been reported in approximately 20 patients with the diagnosis usually being made by cardiac catheterization. We report the case of a toddler with asymptomatic hypoxemia resulting from anomalous drainage of a normal RSVC into his LA. This was diagnosed non-invasively by contrast-enhanced chest CT. (orig.)

  17. ANOMALY DETECTION AND COMPARATIVE ANALYSIS OF HYDROTHERMAL ALTERATION MATERIALS TROUGH HYPERSPECTRAL MULTISENSOR DATA IN THE TURRIALBA VOLCANO

    Directory of Open Access Journals (Sweden)

    J. G. Rejas

    2012-07-01

    Full Text Available The aim of this work is the comparative study of the presence of hydrothermal alteration materials in the Turrialba volcano (Costa Rica in relation with computed spectral anomalies from multitemporal and multisensor data adquired in spectral ranges of the visible (VIS, short wave infrared (SWIR and thermal infrared (TIR. We used for this purposes hyperspectral and multispectral images from the HyMAP and MASTER airborne sensors, and ASTER and Hyperion scenes in a period between 2002 and 2010. Field radiometry was applied in order to remove the atmospheric contribution in an empirical line method. HyMAP and MASTER images were georeferenced directly thanks to positioning and orientation data that were measured at the same time in the acquisition campaign from an inertial system based on GPS/IMU. These two important steps were allowed the identification of spectral diagnostic bands of hydrothermal alteration minerals and the accuracy spatial correlation. Enviromental impact of the volcano activity has been studied through different vegetation indexes and soil patterns. Have been mapped hydrothermal materials in the crater of the volcano, in fact currently active, and their surrounding carrying out a principal components analysis differentiated for a high and low absorption bands to characterize accumulations of kaolinite, illite, alunite and kaolinite+smectite, delimitating zones with the presence of these minerals. Spectral anomalies have been calculated on a comparative study of methods pixel and subpixel focused in thermal bands fused with high-resolution images. Results are presented as an approach based on expert whose main interest lies in the automated identification of patterns of hydrothermal altered materials without prior knowledge or poor information on the area.

  18. Anomaly Detection and Comparative Analysis of Hydrothermal Alteration Materials Trough Hyperspectral Multisensor Data in the Turrialba Volcano

    Science.gov (United States)

    Rejas, J. G.; Martínez-Frías, J.; Bonatti, J.; Martínez, R.; Marchamalo, M.

    2012-07-01

    The aim of this work is the comparative study of the presence of hydrothermal alteration materials in the Turrialba volcano (Costa Rica) in relation with computed spectral anomalies from multitemporal and multisensor data adquired in spectral ranges of the visible (VIS), short wave infrared (SWIR) and thermal infrared (TIR). We used for this purposes hyperspectral and multispectral images from the HyMAP and MASTER airborne sensors, and ASTER and Hyperion scenes in a period between 2002 and 2010. Field radiometry was applied in order to remove the atmospheric contribution in an empirical line method. HyMAP and MASTER images were georeferenced directly thanks to positioning and orientation data that were measured at the same time in the acquisition campaign from an inertial system based on GPS/IMU. These two important steps were allowed the identification of spectral diagnostic bands of hydrothermal alteration minerals and the accuracy spatial correlation. Enviromental impact of the volcano activity has been studied through different vegetation indexes and soil patterns. Have been mapped hydrothermal materials in the crater of the volcano, in fact currently active, and their surrounding carrying out a principal components analysis differentiated for a high and low absorption bands to characterize accumulations of kaolinite, illite, alunite and kaolinite+smectite, delimitating zones with the presence of these minerals. Spectral anomalies have been calculated on a comparative study of methods pixel and subpixel focused in thermal bands fused with high-resolution images. Results are presented as an approach based on expert whose main interest lies in the automated identification of patterns of hydrothermal altered materials without prior knowledge or poor information on the area.

  19. An environmental monitoring detection system

    International Nuclear Information System (INIS)

    Leli Yuniarsari; Istofa; Sukandar

    2015-01-01

    Is part of radiation detection of the nuclear facilities engineering activities within nuclear facilities. The system comprised of gamma-ray radiation detector and weather detection which includes anemometer to detect the wind direction and speed, as well as rain gauge to measure the rainfall in a period of time. Data acquisition of the output is processed by Arduino Uno system which transformed the data into a particular standard and then displayed online in the website. The radiation detection system uses gamma-ray detector of NaI(Tl) and GM which convert the radiation detected into electric pulse to be fed into a pre-amp and amplifier and modified into square pulse. The weather detection system on the other hand works based on switch principle. For example, the wind with a certain speed could turn on a switch in the system and produce a voltage or pulse which can be measured. This value will then be interpreted as the wind direction and speed. Likewise for the rainfall gauge, the volume of water entering the bucket will turn the switch on, at the same time producing 1 pulse. The result of the experiment shows that for radiation detection system the output is a square pulse 4 volts by using detector NaI(Tl) and 4.4 volts by using detector GM. For weather detection system, basically was able to detect the wind direction, wind speed and rainfall just to find out further research is needed accuracy and the results compared with the standard tools available in BMKG. (author)

  20. Anomaly detection using simulated MTI data cubes derived from HYDICE data

    International Nuclear Information System (INIS)

    Moya, M.M.; Taylor, J.G.; Stallard, B.R.; Motomatsu, S.E.

    1998-01-01

    The US Department of Energy is funding the development of the Multi-spectral Thermal Imager (MTI), a satellite-based multi-spectral (MS) thermal imaging sensor scheduled for launch in October 1999. MTI is a research and development (R and D) platform to test the applicability of multispectral and thermal imaging technology for detecting and monitoring signs of proliferation of weapons of mass destruction. During its three-year mission, MTI will periodically record images of participating government, industrial and natural sites in fifteen visible and infrared spectral bands to provide a variety of image data associated with weapons production activities. The MTI satellite will have spatial resolution in the visible bands that is five times better than LANDSAT TM in each dimension and will have five thermal bands. In this work, the authors quantify the separability between specific materials and the natural background by applying Receiver Operating Curve (ROC) analysis to the residual errors from a linear unmixing. The authors apply the ROC analysis to quantify performance of the MTI. They describe the MTI imager and simulate its data by filtering HYDICE hyperspectral imagery both spatially and spectrally and by introducing atmospheric effects corresponding to the MTI satellite altitude. They compare and contrast the individual effects on performance of spectral resolution, spatial resolution, atmospheric corrections, and varying atmospheric conditions

  1. Multi-scale structure and topological anomaly detection via a new network statistic: The onion decomposition.

    Science.gov (United States)

    Hébert-Dufresne, Laurent; Grochow, Joshua A; Allard, Antoine

    2016-08-18

    We introduce a network statistic that measures structural properties at the micro-, meso-, and macroscopic scales, while still being easy to compute and interpretable at a glance. Our statistic, the onion spectrum, is based on the onion decomposition, which refines the k-core decomposition, a standard network fingerprinting method. The onion spectrum is exactly as easy to compute as the k-cores: It is based on the stages at which each vertex gets removed from a graph in the standard algorithm for computing the k-cores. Yet, the onion spectrum reveals much more information about a network, and at multiple scales; for example, it can be used to quantify node heterogeneity, degree correlations, centrality, and tree- or lattice-likeness. Furthermore, unlike the k-core decomposition, the combined degree-onion spectrum immediately gives a clear local picture of the network around each node which allows the detection of interesting subgraphs whose topological structure differs from the global network organization. This local description can also be leveraged to easily generate samples from the ensemble of networks with a given joint degree-onion distribution. We demonstrate the utility of the onion spectrum for understanding both static and dynamic properties on several standard graph models and on many real-world networks.

  2. Trench Parallel Bouguer Anomaly (TPBA): A robust measure for statically detecting asperities along the forearc of subduction zones

    Science.gov (United States)

    Raeesi, M.

    2009-05-01

    During 1970s some researchers noticed that large earthquakes occur repeatedly at the same locations. These observations led to the asperity hypothesis. At the same times some researchers noticed that there was a relationship between the location of great interplate earthquakes and the submarine structures, basins in particular, over the rupture area in the forearc regions. Despite these observations there was no comprehensive and reliable hypothesis explaining the relationship. There were numerous cons and pros to the various hypotheses given in this regard. In their pioneering study, Song and Simons (2003) approached the problem using gravity data. This was a turning point in seismology. Although their approach was correct, appropriate gravity anomaly had to be used in order to reveal the location and extent of the asperities. Following the method of Song and Simons (2003) but using the Bouguer gravity anomaly that we called "Trench Parallel Bouguer Anomaly", TPBA, we found strong, logical, and convincing relation between the TPBA-derived asperities and the slip distribution as well as earthquake distribution, foreshocks and aftershocks in particular. Various parameters with different levels of importance are known that affect the contact between the subducting and the overriding plates, We found that the TPBA can show which are the important factors. Because the TPBA-derived asperities are based on static physical properties (gravity and elevation), they do not suffer from instabilities due to the trade-offs, as it happens for asperities derived in dynamic studies such as waveform inversion. Comparison of the TPBA-derived asperities with rupture processes of the well-studied great earthquakes, reveals the high level of accuracy of the TPBA. This new measure opens a forensic viewpoint on the rupture process along the subduction zones. The TPBA reveals the reason behind 9+ earthquakes and it explains where and why they occur. The TPBA reveals the areas that can

  3. An architecture for the analysis and detection of anomalies in smart city WSNs

    OpenAIRE

    Garcia Font, Víctor; Garrigues Olivella, Carles; Rifà Pous, Helena

    2015-01-01

    Peer-reviewed In the last few years, Wireless Sensor Networks (WSN) are gaining importance as a data collection mechanism for smart city systems. The development, deployment and operation of these networks involve a wide and heterogeneous set of technologies and participants. In many cases, city councils have outsourced the implementations of their WSNs to different external providers. This has resulted in a loss of control and visibility over the security of each individual WSN and, as...

  4. Ferromagnetic Objects Magnetovision Detection System.

    Science.gov (United States)

    Nowicki, Michał; Szewczyk, Roman

    2013-12-02

    This paper presents the application of a weak magnetic fields magnetovision scanning system for detection of dangerous ferromagnetic objects. A measurement system was developed and built to study the magnetic field vector distributions. The measurements of the Earth's field distortions caused by various ferromagnetic objects were carried out. The ability for passive detection of hidden or buried dangerous objects and the determination of their location was demonstrated.

  5. Ferromagnetic Objects Magnetovision Detection System

    Directory of Open Access Journals (Sweden)

    Michał Nowicki

    2013-12-01

    Full Text Available This paper presents the application of a weak magnetic fields magnetovision scanning system for detection of dangerous ferromagnetic objects. A measurement system was developed and built to study the magnetic field vector distributions. The measurements of the Earth’s field distortions caused by various ferromagnetic objects were carried out. The ability for passive detection of hidden or buried dangerous objects and the determination of their location was demonstrated.

  6. Knowledge-based verification of clinical guidelines by detection of anomalies.

    Science.gov (United States)

    Duftschmid, G; Miksch, S

    2001-04-01

    As shown in numerous studies, a significant part of published clinical guidelines is tainted with different types of semantical errors that interfere with their practical application. The adaptation of generic guidelines, necessitated by circumstances such as resource limitations within the applying organization or unexpected events arising in the course of patient care, further promotes the introduction of defects. Still, most current approaches for the automation of clinical guidelines are lacking mechanisms, which check the overall correctness of their output. In the domain of software engineering in general and in the domain of knowledge-based systems (KBS) in particular, a common strategy to examine a system for potential defects consists in its verification. The focus of this work is to present an approach, which helps to ensure the semantical correctness of clinical guidelines in a three-step process. We use a particular guideline specification language called Asbru to demonstrate our verification mechanism. A scenario-based evaluation of our method is provided based on a guideline for the artificial ventilation of newborn infants. The described approach is kept sufficiently general in order to allow its application to several other guideline representation formats.

  7. Fuzzy Based Advanced Hybrid Intrusion Detection System to Detect Malicious Nodes in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Rupinder Singh

    2017-01-01

    Full Text Available In this paper, an Advanced Hybrid Intrusion Detection System (AHIDS that automatically detects the WSNs attacks is proposed. AHIDS makes use of cluster-based architecture with enhanced LEACH protocol that intends to reduce the level of energy consumption by the sensor nodes. AHIDS uses anomaly detection and misuse detection based on fuzzy rule sets along with the Multilayer Perceptron Neural Network. The Feed Forward Neural Network along with the Backpropagation Neural Network are utilized to integrate the detection results and indicate the different types of attackers (i.e., Sybil attack, wormhole attack, and hello flood attack. For detection of Sybil attack, Advanced Sybil Attack Detection Algorithm is developed while the detection of wormhole attack is done by Wormhole Resistant Hybrid Technique. The detection of hello flood attack is done by using signal strength and distance. An experimental analysis is carried out in a set of nodes; 13.33% of the nodes are determined as misbehaving nodes, which classified attackers along with a detection rate of the true positive rate and false positive rate. Sybil attack is detected at a rate of 99,40%; hello flood attack has a detection rate of 98, 20%; and wormhole attack has a detection rate of 99, 20%.

  8. Real-Time Monitoring and Analysis of Zebrafish Electrocardiogram with Anomaly Detection

    Directory of Open Access Journals (Sweden)

    Michael Lenning

    2017-12-01

    Full Text Available Heart disease is the leading cause of mortality in the U.S. with approximately 610,000 people dying every year. Effective therapies for many cardiac diseases are lacking, largely due to an incomplete understanding of their genetic basis and underlying molecular mechanisms. Zebrafish (Danio rerio are an excellent model system for studying heart disease as they enable a forward genetic approach to tackle this unmet medical need. In recent years, our team has been employing electrocardiogram (ECG as an efficient tool to study the zebrafish heart along with conventional approaches, such as immunohistochemistry, DNA and protein analyses. We have overcome various challenges in the small size and aquatic environment of zebrafish in order to obtain ECG signals with favorable signal-to-noise ratio (SNR, and high spatial and temporal resolution. In this paper, we highlight our recent efforts in zebrafish ECG acquisition with a cost-effective simplified microelectrode array (MEA membrane providing multi-channel recording, a novel multi-chamber apparatus for simultaneous screening, and a LabVIEW program to facilitate recording and processing. We also demonstrate the use of machine learning-based programs to recognize specific ECG patterns, yielding promising results with our current limited amount of zebrafish data. Our solutions hold promise to carry out numerous studies of heart diseases, drug screening, stem cell-based therapy validation, and regenerative medicine.

  9. Holonomy anomalies

    International Nuclear Information System (INIS)

    Bagger, J.; Nemeschansky, D.; Yankielowicz, S.

    1985-05-01

    A new type of anomaly is discussed that afflicts certain non-linear sigma models with fermions. This anomaly is similar to the ordinary gauge and gravitational anomalies since it reflects a topological obstruction to the reparametrization invariance of the quantum effective action. Nonlinear sigma models are constructed based on homogeneous spaces G/H. Anomalies arising when the fermions are chiral are shown to be cancelled sometimes by Chern-Simons terms. Nonlinear sigma models are considered based on general Riemannian manifolds. 9 refs

  10. Intrusion Detection in NEAR System by Anti-denoising Traffic Data Series using Discrete Wavelet Transform

    Directory of Open Access Journals (Sweden)

    VANCEA, F.

    2014-11-01

    Full Text Available The paper presents two methods for detecting anomalies in data series derived from network traffic. Intrusion detection systems based on network traffic analysis are able to respond to incidents never seen before by detecting anomalies in data series extracted from the traffic. Some anomalies manifest themselves as pulses of various sizes and shapes, superimposed on series corresponding to normal traffic. In order to detect those impulses we propose two methods based on discrete wavelet transformation. Their effectiveness expressed in relative thresholds on pulse amplitude for no false negatives and no false positives is then evaluated against pulse duration and Hurst characteristic of original series. Different base functions are also evaluated for efficiency in the context of the proposed methods.

  11. An experimental study on a training support system utilizing trainee's eye gaze point and think aloud protocol for diagnosing nuclear power plant anomalies

    International Nuclear Information System (INIS)

    Ozawa, Takahisa; Samejima, Ryouta; Shimoda, Hiroshi; Yoshikawa, Hidekazu

    2003-01-01

    An experimental system has been developed for aiming at supporting the simulator training of diagnosis nuclear power plant anomaly, where an expert provides the instructions to a trainee by his/her own educational and experienced point of view. This system has several characteristics as follows: (1) the expert can provide the instruction through the local area network or the Internet, (2) the training task is the detection of the primary cause of plant anomaly, which is not including the plant operation but requires only thinking, and (3) the system can automatically detects the trainee's view-point and think aloud protocols and provide these two types of information to the expert in real time for supporting his/her instruction. A laboratory experiment using this system was conducted, where an expert, who had really engaged in plant operation as a chief operator, was employed as the instructor for novice students. As the result of analyzing the experimental data, it was found that the two types of information, trainee's viewpoints and his verbal protocols, have some potential of effectiveness for supporting the instructor to estimate the trainees diagnostic thinking process and provide the instruction. (author)

  12. Contextual anomaly detection for cyber-physical security in Smart Grids based on an artificial neural network model

    DEFF Research Database (Denmark)

    Kosek, Anna Magdalena

    2016-01-01

    control. An intrusion detection system observes distributed energy resource’s behaviour, control actions and the power system impact, and is tested together with an ongoing voltage control attack in a co-simulation set-up. The simulation results obtained with a real photovoltaic rooftop power plant data...

  13. Risk of developing palatally displaced canines in patients with early detectable dental anomalies: a retrospective cohort study

    Directory of Open Access Journals (Sweden)

    Daniela Gamba GARIB

    Full Text Available ABSTRACT The early recognition of risk factors for the occurrence of palatally displaced canines (PDC can increase the possibility of impaction prevention. Objective To estimate the risk of PDC occurrence in children with dental anomalies identified early during mixed dentition. Material and Methods The sample comprised 730 longitudinal orthodontic records from children (448 females and 282 males with an initial mean age of 8.3 years (SD=1.36. The dental anomaly group (DA included 263 records of patients with at least one dental anomaly identified in the initial or middle mixed dentition. The non-dental anomaly group (NDA was composed of 467 records of patients with no dental anomalies. The occurrence of PDC in both groups was diagnosed using panoramic and periapical radiographs taken in the late mixed dentition or early permanent dentition. The prevalence of PDC in patients with and without early diagnosed dental anomalies was compared using the chi-square test (p<0.01, relative risk assessments (RR, and positive and negative predictive values (PPV and NPV. Results PDC frequency was 16.35% and 6.2% in DA and NDA groups, respectively. A statistically significant difference was observed between groups (p<0.01, with greater risk of PDC development in the DA group (RR=2.63. The PPV and NPV was 16% and 93%, respectively. Small maxillary lateral incisors, deciduous molar infraocclusion, and mandibular second premolar distoangulation were associated with PDC. Conclusion Children with dental anomalies diagnosed during early mixed dentition have an approximately two and a half fold increased risk of developing PDC during late mixed dentition compared with children without dental anomalies.

  14. Risk of developing palatally displaced canines in patients with early detectable dental anomalies: a retrospective cohort study

    OpenAIRE

    GARIB, Daniela Gamba; LANCIA, Melissa; KATO, Renata Mayumi; OLIVEIRA, Thais Marchini; NEVES, Lucimara Teixeira das

    2016-01-01

    ABSTRACT The early recognition of risk factors for the occurrence of palatally displaced canines (PDC) can increase the possibility of impaction prevention. Objective To estimate the risk of PDC occurrence in children with dental anomalies identified early during mixed dentition. Material and Methods The sample comprised 730 longitudinal orthodontic records from children (448 females and 282 males) with an initial mean age of 8.3 years (SD=1.36). The dental anomaly group (DA) included 263...

  15. Risk of developing palatally displaced canines in patients with early detectable dental anomalies: a retrospective cohort study

    Science.gov (United States)

    GARIB, Daniela Gamba; LANCIA, Melissa; KATO, Renata Mayumi; OLIVEIRA, Thais Marchini; NEVES, Lucimara Teixeira das

    2016-01-01

    ABSTRACT The early recognition of risk factors for the occurrence of palatally displaced canines (PDC) can increase the possibility of impaction prevention. Objective To estimate the risk of PDC occurrence in children with dental anomalies identified early during mixed dentition. Material and Methods The sample comprised 730 longitudinal orthodontic records from children (448 females and 282 males) with an initial mean age of 8.3 years (SD=1.36). The dental anomaly group (DA) included 263 records of patients with at least one dental anomaly identified in the initial or middle mixed dentition. The non-dental anomaly group (NDA) was composed of 467 records of patients with no dental anomalies. The occurrence of PDC in both groups was diagnosed using panoramic and periapical radiographs taken in the late mixed dentition or early permanent dentition. The prevalence of PDC in patients with and without early diagnosed dental anomalies was compared using the chi-square test (p<0.01), relative risk assessments (RR), and positive and negative predictive values (PPV and NPV). Results PDC frequency was 16.35% and 6.2% in DA and NDA groups, respectively. A statistically significant difference was observed between groups (p<0.01), with greater risk of PDC development in the DA group (RR=2.63). The PPV and NPV was 16% and 93%, respectively. Small maxillary lateral incisors, deciduous molar infraocclusion, and mandibular second premolar distoangulation were associated with PDC. Conclusion Children with dental anomalies diagnosed during early mixed dentition have an approximately two and a half fold increased risk of developing PDC during late mixed dentition compared with children without dental anomalies. PMID:28076458

  16. Incipient-signature identification of mechanical anomalies in a ship-borne satellite antenna system using an ensemble multiwavelet

    International Nuclear Information System (INIS)

    He, Shuilong; Zi, Yanyang; Chen, Jinglong; Chen, Binqiang; He, Zhengjia; Zhao, Chenlu; Yuan, Jing

    2014-01-01

    The instrumented tracking and telemetry ship with a ship-borne satellite antenna (SSA) is the critical device to ensure high quality of space exploration work. To effectively detect mechanical anomalies that can lead to unexpected downtime of the SSA, an ensemble multiwavelet (EM) is presented for identifying the anomaly related incipient-signatures within the measured dynamic signals. Rather than using a predetermined basis as in a conventional multiwavelet, an EM optimizes the matching basis which satisfactorily adapts to the anomaly related incipient-signatures. The construction technique of an EM is based on the conjunction of a two-scale similarity transform (TST) and lifting scheme (LS). For the technique above, the TST improves the regularity by increasing the approximation order of multiscaling functions, while subsequently the LS enhances the smoothness and localizability via utilizing the vanishing moment of multiwavelet functions. Moreover, combining the Hilbert transform with EM decomposition, we identify the incipient-signatures induced by the mechanical anomalies from the measured dynamic signals. A numerical simulation and two successful applications of diagnosis cases (a planetary gearbox and a roller bearing) demonstrate that the proposed technique is capable of dealing with the challenging incipient-signature identification task even though spectral complexity, as well as the strong amplitude/frequency modulation effect, is present in the dynamic signals. (paper)

  17. ATLANTIDES: An Architecture for Alert Verification in Network Intrusion Detection Systems

    NARCIS (Netherlands)

    Bolzoni, D.; Crispo, Bruno; Etalle, Sandro

    2007-01-01

    We present an architecture designed for alert verification (i.e., to reduce false positives) in network intrusion-detection systems. Our technique is based on a systematic (and automatic) anomaly-based analysis of the system output, which provides useful context information regarding the network

  18. Tribal Odisha Eye Disease Study (TOES # 2 Rayagada school screening program: efficacy of multistage screening of school teachers in detection of impaired vision and other ocular anomalies

    Directory of Open Access Journals (Sweden)

    Panda L

    2018-06-01

    Full Text Available Lapam Panda,1 Taraprasad Das,1 Suryasmita Nayak,1 Umasankar Barik,2 Bikash C Mohanta,1 Jachin Williams,3 Vivekanand Warkad,4 Guha Poonam Tapas Kumar,5 Rohit C Khanna3 1Indian Oil Center for Rural Eye Health, GPR ICARE, L V Prasad Eye Institute, MTC Campus, Bhubaneswar, India; 2Naraindas Morbai Budhrani Eye Centre, L V Prasad Eye Institute, Rayagada, India; 3Gullapalli Pratibha Rao International Center for Advancement of Rural Eye Care, L V Prasad Eye Institute, KAR Campus, Hyderabad, India; 4Miriam Hyman Children Eye Care Center, L V Prasad Eye Institute, MTC Campus, Bhubaneswar, India; 5District Administration, Government of Odisha, Rayagada, India Purpose: To describe program planning and effectiveness of multistage school eye screening and assess accuracy of teachers in vision screening and detection of other ocular anomalies in Rayagada District School Sight Program, Odisha, India.Methods: This multistage screening of students included as follows: stage I: screening for vision and other ocular anomalies by school teachers in the school; stage II: photorefraction, subjective correction and other ocular anomaly confirmation by optometrists in the school; stage III: comprehensive ophthalmologist examination in secondary eye center; and stage IV: pediatric ophthalmologist examination in tertiary eye center. Sensitivity, specificity, positive predictive value (PPV and negative predictive value (NPV of teachers for vision screening and other ocular anomaly detection were calculated vis-à-vis optometrist (gold standard.Results: In the study, 216 teachers examined 153,107 (95.7% of enrolled students aged 5–15 years. Teachers referred 8,363 (5.4% of examined students and 5,990 (71.6% of referred were examined in stage II. After prescribing spectacles to 443, optometrists referred 883 students to stage III. The sensitivity (80.51% and PPV (93.05% of teachers for vision screening were high, but specificity (53.29% and NPV (26.02% were low. The

  19. Integrated multisensor perimeter detection systems

    Science.gov (United States)

    Kent, P. J.; Fretwell, P.; Barrett, D. J.; Faulkner, D. A.

    2007-10-01

    The report describes the results of a multi-year programme of research aimed at the development of an integrated multi-sensor perimeter detection system capable of being deployed at an operational site. The research was driven by end user requirements in protective security, particularly in threat detection and assessment, where effective capability was either not available or prohibitively expensive. Novel video analytics have been designed to provide robust detection of pedestrians in clutter while new radar detection and tracking algorithms provide wide area day/night surveillance. A modular integrated architecture based on commercially available components has been developed. A graphical user interface allows intuitive interaction and visualisation with the sensors. The fusion of video, radar and other sensor data provides the basis of a threat detection capability for real life conditions. The system was designed to be modular and extendable in order to accommodate future and legacy surveillance sensors. The current sensor mix includes stereoscopic video cameras, mmWave ground movement radar, CCTV and a commercially available perimeter detection cable. The paper outlines the development of the system and describes the lessons learnt after deployment in a pilot trial.

  20. [The advantages of early midtrimester targeted fetal systematic organ screening for the detection of fetal anomalies--will a global change start in Israel?].

    Science.gov (United States)

    Bronshtein, Moshe; Solt, Ido; Blumenfeld, Zeev

    2014-06-01

    Despite more than three decades of universal popularity of fetal sonography as an integral part of pregnancy evaluation, there is still no unequivocal agreement regarding the optimal dating of fetal sonographic screening and the type of ultrasound (transvaginal vs abdominal). TransvaginaL systematic sonography at 14-17 weeks for fetal organ screening. The evaluation of over 72.000 early (14-17 weeks) and late (18-24 weeks) fetal ultrasonographic systematic organ screenings revealed that 96% of the malformations are detectable in the early screening with an incidence of 1:50 gestations. Only 4% of the fetal anomalies are diagnosed later in pregnancy. Over 99% of the fetal cardiac anomalies are detectable in the early screening and most of them appear in low risk gestations. Therefore, we suggest a new platform of fetal sonographic evaluation and follow-up: The extensive systematic fetal organ screening should be performed by an expert sonographer who has been trained in the detection of fetal malformations, at 14-17 weeks gestation. This examination should also include fetal cardiac echography Three additional ultrasound examinations are suggested during pregnancy: the first, performed by the patient's obstetrician at 6-7 weeks for the exclusion of ectopic pregnancy, confirmation of fetal viability, dating, assessment of chorionicity in multiple gestations, and visualization of maternal adnexae. The other two, at 22-26 and 32-34 weeks, require less training and should be performed by an obstetrician who has been qualified in the sonographic detection of fetal anomalies. The advantages of early midtrimester targeted fetal systematic organ screening for the detection of fetal anomalies may dictate a global change.

  1. Detecting Patterns of Anomalies

    Science.gov (United States)

    2009-03-01

    notwithstanding any other provision of law, no person shall be subject to a penalty for failing to comply with a collection of information if it does...Report (SAR) 18. NUMBER OF PAGES 174 19a. NAME OF RESPONSIBLE PERSON a. REPORT unclassified b. ABSTRACT unclassified c. THIS PAGE unclassified...Tillett and I. L. Spencer. Influenza surveillance in england and wales using routine statistics. Journal of Hygine , 88:83–94, 1982. Shobha Venkataraman

  2. System to provide 3D information on geological anomaly zone in deep subsea

    Science.gov (United States)

    Kim, W.; Kwon, O.; Kim, D.

    2017-12-01

    The study on building the ultra long and deep subsea tunnel of which length is 50km and depth is 200m at least, respectively, is underway in Korea. To analyze the geotechnical information required for designing and building subsea tunnel, topographic/geologiccal information analysis using 2D seabed geophysical prospecting and topographic, geologic, exploration and boring data were analyzed comprehensively and as a result, automation method to identify the geological structure zone under seabed which is needed to design the deep and long seabed tunnel was developed using geostatistical analysis. In addition, software using 3D visualized ground information to provide the information includes Gocad, MVS, Vulcan and DIMINE. This study is intended to analyze the geological anomaly zone for ultra deep seabed l and visualize the geological investigation result so as to develop the exclusive system for processing the ground investigation information which is convenient for the users. Particularly it's compatible depending on file of geophysical prospecting result and is realizable in Layer form and for 3D view as well. The data to be processed by 3D seabed information system includes (1) deep seabed topographic information, (2) geological anomaly zone, (3) geophysical prospecting, (4) boring investigation result and (5) 3D visualization of the section on seabed tunnel route. Each data has own characteristics depending on data and interface to allow interlocking with other data is granted. In each detail function, input data is displayed in a single space and each element is selectable to identify the further information as a project. Program creates the project when initially implemented and all output from detail information is stored by project unit. Each element representing detail information is stored in image file and is supported to store in text file as well. It also has the function to transfer, expand/reduce and rotate the model. To represent the all elements in

  3. Spectral analysis of geological materials in the Central Volcanic Range of Costa Rica and its relationship to the remote detection of anomalies

    OpenAIRE

    Rejas, J. G.; Martínez-Frías, J.; Martínez, R.; Bonatti, J.

    2014-01-01

    The aim of this work is the comparative study of methods for calculating spectral anomalies from imaging spectrometry in several test areas of the Central Volcanic Range (CVR) of Costa Rica. In the detection of anomalous responses it is assumed no prior knowledge of the targets, so that the pixels are automatically separated according to their spectral information significantly differentiated with respect to a background to be estimated, either globally for the full scene, either locally by i...

  4. Pathogenesis of developmental anomalies of the central nervous system induced by congenital cytomegalovirus infection.

    Science.gov (United States)

    Kawasaki, Hideya; Kosugi, Isao; Meguro, Shiori; Iwashita, Toshihide

    2017-02-01

    In humans, the herpes virus family member cytomegalovirus (CMV) is the most prevalent mediator of intrauterine infection-induced congenital defect. Central nervous system (CNS) dysfunction is a distinguishing symptom of CMV infection, and characterized by ventriculoencephalitis and microglial nodular encephalitis. Reports on the initial distribution of CMV particles and its receptors on the blood brain barrier (BBB) are rare. Nevertheless, several factors are suggested to affect CMV etiology. Viral particle size is the primary factor in determining the pattern of CNS infections, followed by the expression of integrin β1 in endothelial cells, pericytes, meninges, choroid plexus, and neural stem progenitor cells (NSPCs), which are the primary targets of CMV infection. After initial infection, CMV disrupts BBB structural integrity to facilitate the spread of viral particles into parenchyma. Then, the initial meningitis and vasculitis eventually reaches NSPC-dense areas such as ventricular zone and subventricular zone, where viral infection inhibits NSPC proliferation and differentiation and results in neuronal cell loss. These cellular events clinically manifest as brain malformations such as a microcephaly. The purpose of this review is to clearly delineate the pathophysiological basis of congenital CNS anomalies caused by CMV. © 2017 Japanese Society of Pathology and John Wiley & Sons Australia, Ltd.

  5. Basis UST leak detection systems

    International Nuclear Information System (INIS)

    Silveria, V.

    1992-01-01

    This paper reports that gasoline and other petroleum products are leaking from underground storage tanks (USTs) at an alarming rate, seeping into soil and groundwater. Buried pipes are an even greater culprit, accounting for most suspected and detected leaks according to Environmental Protection Agency (EPA) estimates. In response to this problem, the EPA issued regulations setting standards for preventing, detecting, reporting, and cleaning up leaks, as well as fiscal responsibility. However, federal regulations are only a minimum; some states have cracked down even harder Plant managers and engineers have a big job ahead of them. The EPA estimates that there are more than 75,000 fuel USTs at US industrial facilities. When considering leak detection systems, the person responsible for making the decision has five primary choices: inventory reconciliation combined with regular precision tightness tests; automatic tank gauging; groundwater monitoring; interstitial monitoring of double containment systems; and vapor monitoring

  6. Wide range neutron detection system

    International Nuclear Information System (INIS)

    Todt, W.H. Sr.

    1978-01-01

    A neutron detection system for reactor control is described which is operable over a wide range of neutron flux levels. The system includes a fission type ionization chamber neutron detector, means for gamma and alpha signal compensation, and means for operating the neutron detector in the pulse counting mode for low neutron flux levels, and in the direct current mode for high neutron flux levels

  7. Diagnostic value and clinical problems of MR imaging in congenital anomalies of the central nervous system, 1

    International Nuclear Information System (INIS)

    Oi, Shizuo; Asano, Noboru; Urui, Seishiro; Masumura, Michio; Shose, Yoshiteru; Matsumoto, Satoshi.

    1987-01-01

    Various forms of cerebral dysgenesis were studied by means of MR Imaging (MRI) in order to determine the diagnostic efficacy of MRI in comparison with conventional diagnostic procedures. All subjects have been diagnosed during the last 16 months at the National Kagawa Children's Hospital with conventional methods and then referred to MRI study at the Shinsuma Hospital, where a MRI system of a regular-conducting magnet operating at a field strength of 1.5 KG (Picker International Corp., U.S.A.) has been installed. Using the two-dimensional Fourier transform technique, three radiofrequency pulse sequences; inversion recovery: IR 2100/500, and spin-echo: SE 2100/40 or 2100/80, were routinely applied. Compared with X-ray CT, MR proved to be advantageous in the more precise detection of the pathoanatomical relation and in providing information about the myelinating process. The analysis of the myelinating process by MRI in such cerebral dysgeneses as lissencephaly, frontal-lobe dysgenesis, agenesis of the corpus callosum, and microcephalic hydrocephalus was very important for the detection of further functional cerebral developments. The pathoanatomical analysis by MRI, in particular with the midline sagittal view, is extremely advantageous in the diagnosis of Chiari malformation, holoprosencephaly, the Dandy-Walker syndrome, congenital dermal sinus, syringobulbia, and others. The disadvantages or weak points of MRI were also identified in this study. The CSF dynamics in both the major and minor fluid pathways as analyzed by metrizamide CT cisternography or ventriculography is much superior to the information revealed by MRI, although the SE technique can demonstrate some fluid distribution in the brain parenchyma and a different signal intensity in the fluid movements. The information about the bony structure in dysraphic states and calcifications in associated anomalies was also poor. (J.P.N.)

  8. Tape Cassette Bacteria Detection System

    Science.gov (United States)

    1973-01-01

    The design, fabrication, and testing of an automatic bacteria detection system with a zero-g capability and based on the filter-capsule approach is described. This system is intended for monitoring the sterility of regenerated water in a spacecraft. The principle of detection is based on measuring the increase in chemiluminescence produced by the action of bacterial porphyrins (i.e., catalase, cytochromes, etc.) on a luminol-hydrogen peroxide mixture. Since viable as well as nonviable organisms initiate this luminescence, viable organisms are detected by comparing the signal of an incubated water sample with an unincubated control. Higher signals for the former indicate the presence of viable organisms. System features include disposable sealed sterile capsules, each containing a filter membrane, for processing discrete water samples and a tape transport for moving these capsules through a processing sequence which involves sample concentration, nutrient addition, incubation, a 4 Molar Urea wash and reaction with luminol-hydrogen peroxide in front of a photomultiplier tube. Liquids are introduced by means of a syringe needle which pierces a rubber septum contained in the wall of the capsule. Detection thresholds obtained with this unit towards E. coli and S. marcescens assuming a 400 ml water sample are indicated.

  9. Networked gamma radiation detection system for tactical deployment

    Science.gov (United States)

    Mukhopadhyay, Sanjoy; Maurer, Richard; Wolff, Ronald; Smith, Ethan; Guss, Paul; Mitchell, Stephen

    2015-08-01

    A networked gamma radiation detection system with directional sensitivity and energy spectral data acquisition capability is being developed by the National Security Technologies, LLC, Remote Sensing Laboratory to support the close and intense tactical engagement of law enforcement who carry out counterterrorism missions. In the proposed design, three clusters of 2″ × 4″ × 16″ sodium iodide crystals (4 each) with digiBASE-E (for list mode data collection) would be placed on the passenger side of a minivan. To enhance localization and facilitate rapid identification of isotopes, advanced smart real-time localization and radioisotope identification algorithms like WAVRAD (wavelet-assisted variance reduction for anomaly detection) and NSCRAD (nuisance-rejection spectral comparison ratio anomaly detection) will be incorporated. We will test a collection of algorithms and analysis that centers on the problem of radiation detection with a distributed sensor network. We will study the basic characteristics of a radiation sensor network and focus on the trade-offs between false positive alarm rates, true positive alarm rates, and time to detect multiple radiation sources in a large area. Empirical and simulation analyses of critical system parameters, such as number of sensors, sensor placement, and sensor response functions, will be examined. This networked system will provide an integrated radiation detection architecture and framework with (i) a large nationally recognized search database equivalent that would help generate a common operational picture in a major radiological crisis; (ii) a robust reach back connectivity for search data to be evaluated by home teams; and, finally, (iii) a possibility of integrating search data from multi-agency responders.

  10. DIRADTM - a system for real time detection and identification of radioactive objects

    International Nuclear Information System (INIS)

    Guillot, L.; Reboli, A.

    2009-01-01

    The authors present the DIRAD system (DIRAD stands for Detection and Identification of Radionuclides), an automatic system for real time identification of a radioactive anomaly and its interpretation in terms of risk level. It can be adapted to different contexts: pedestrian control, parcel or luggage control, road traffic control, and so on. In case of risk detection, an alert is transmitted in real time to a supervision station along with the whole set of spectral data

  11. Lightning Protection and Detection System

    Science.gov (United States)

    Dudley, Kenneth L. (Inventor); Szatkowski, George N. (Inventor); Woodard, Marie (Inventor); Nguyen, Truong X. (Inventor); Ely, Jay J. (Inventor); Wang, Chuantong (Inventor); Mielnik, John J. (Inventor); Koppen, Sandra V. (Inventor); Smith, Laura J. (Inventor)

    2017-01-01

    A lightning protection and detection system includes a non-conductive substrate material of an apparatus; a sensor formed of a conductive material and deposited on the non-conductive substrate material of the apparatus. The sensor includes a conductive trace formed in a continuous spiral winding starting at a first end at a center region of the sensor and ending at a second end at an outer corner region of the sensor, the first and second ends being open and unconnected. An electrical measurement system is in communication with the sensor and receives a resonant response from the sensor, to perform detection, in real-time, of lightning strike occurrences and damage therefrom to the sensor and the non-conductive substrate material.

  12. Optical detection in microfluidic systems

    DEFF Research Database (Denmark)

    Mogensen, Klaus Bo; Kutter, Jörg Peter

    2009-01-01

    Optical detection schemes continue to be favoured for measurements in microfluidic systems. A selection of the latest progress mainly within the last two years is critically reviewed. Emphasis is on integrated solutions, such as planar waveguides, coupling schemes to the outside world, evanescent...... to ease commercialisation of the devices. This work will hopefully result in more commercial products that benefit from integrated optics, because the impact on commercial devices so far has been modest....

  13. A comparison of classical and intelligent methods to detect potential thermal anomalies before the 11 August 2012 Varzeghan, Iran, earthquake (Mw = 6.4)

    Science.gov (United States)

    Akhoondzadeh, M.

    2013-04-01

    In this paper, a number of classical and intelligent methods, including interquartile, autoregressive integrated moving average (ARIMA), artificial neural network (ANN) and support vector machine (SVM), have been proposed to quantify potential thermal anomalies around the time of the 11 August 2012 Varzeghan, Iran, earthquake (Mw = 6.4). The duration of the data set, which is comprised of Aqua-MODIS land surface temperature (LST) night-time snapshot images, is 62 days. In order to quantify variations of LST data obtained from satellite images, the air temperature (AT) data derived from the meteorological station close to the earthquake epicenter has been taken into account. For the models examined here, results indicate the following: (i) ARIMA models, which are the most widely used in the time series community for short-term forecasting, are quickly and easily implemented, and can efficiently act through linear solutions. (ii) A multilayer perceptron (MLP) feed-forward neural network can be a suitable non-parametric method to detect the anomalous changes of a non-linear time series such as variations of LST. (iii) Since SVMs are often used due to their many advantages for classification and regression tasks, it can be shown that, if the difference between the predicted value using the SVM method and the observed value exceeds the pre-defined threshold value, then the observed value could be regarded as an anomaly. (iv) ANN and SVM methods could be powerful tools in modeling complex phenomena such as earthquake precursor time series where we may not know what the underlying data generating process is. There is good agreement in the results obtained from the different methods for quantifying potential anomalies in a given LST time series. This paper indicates that the detection of the potential thermal anomalies derive credibility from the overall efficiencies and potentialities of the four integrated methods.

  14. Nucleic acid detection system and method for detecting influenza

    Science.gov (United States)

    Cai, Hong; Song, Jian

    2015-03-17

    The invention provides a rapid, sensitive and specific nucleic acid detection system which utilizes isothermal nucleic acid amplification in combination with a lateral flow chromatographic device, or DNA dipstick, for DNA-hybridization detection. The system of the invention requires no complex instrumentation or electronic hardware, and provides a low cost nucleic acid detection system suitable for highly sensitive pathogen detection. Hybridization to single-stranded DNA amplification products using the system of the invention provides a sensitive and specific means by which assays can be multiplexed for the detection of multiple target sequences.

  15. Path scanning for the detection of anomalous subgraphs and use of DNS requests and host agents for anomaly/change detection and network situational awareness

    Science.gov (United States)

    Neil, Joshua Charles; Fisk, Michael Edward; Brugh, Alexander William; Hash, Curtis Lee; Storlie, Curtis Byron; Uphoff, Benjamin; Kent, Alexander

    2017-11-21

    A system, apparatus, computer-readable medium, and computer-implemented method are provided for detecting anomalous behavior in a network. Historical parameters of the network are determined in order to determine normal activity levels. A plurality of paths in the network are enumerated as part of a graph representing the network, where each computing system in the network may be a node in the graph and the sequence of connections between two computing systems may be a directed edge in the graph. A statistical model is applied to the plurality of paths in the graph on a sliding window basis to detect anomalous behavior. Data collected by a Unified Host Collection Agent ("UHCA") may also be used to detect anomalous behavior.

  16. Compensated intruder-detection systems

    Science.gov (United States)

    McNeilly, David R.; Miller, William R.

    1984-01-01

    Intruder-detection systems in which intruder-induced signals are transmitted through a medium also receive spurious signals induced by changes in a climatic condition affecting the medium. To combat this, signals received from the detection medium are converted to a first signal. The system also provides a reference signal proportional to climate-induced changes in the medium. The first signal and the reference signal are combined for generating therefrom an output signal which is insensitive to the climatic changes in the medium. An alarm is energized if the output signal exceeds a preselected value. In one embodiment, an acoustic cable is coupled to a fence to generate a first electrical signal proportional to movements thereof. False alarms resulting from wind-induced movements of the fence (detection medium) are eliminated by providing an anemometer-driven voltage generator to provide a reference voltage proportional to the velocity of wind incident on the fence. An analog divider receives the first electrical signal and the reference signal as its numerator and denominator inputs, respectively, and generates therefrom an output signal which is insensitive to the wind-induced movements in the fence.

  17. Focal skin defect, limb anomalies and microphthalmia.

    NARCIS (Netherlands)

    Jackson, K.E.; Andersson, H.C.

    2004-01-01

    We describe two unrelated female patients with congenital single focal skin defects, unilateral microphthalmia and limb anomalies. Growth and psychomotor development were normal and no brain malformation was detected. Although eye and limb anomalies are commonly associated, clinical anophthalmia and

  18. Enzyme leaching of surficial geochemical samples for detecting hydromorphic trace-element anomalies associated with precious-metal mineralized bedrock buried beneath glacial overburden in northern Minnesota

    Science.gov (United States)

    Clark, Robert J.; Meier, A.L.; Riddle, G.; ,

    1990-01-01

    One objective of the International Falls and Roseau, Minnesota, CUSMAP projects was to develop a means of conducting regional-scale geochemical surveys in areas where bedrock is buried beneath complex glacially derived overburden. Partial analysis of B-horizon soils offered hope for detecting subtle hydromorphic trace-element dispersion patterns. An enzyme-based partial leach selectively removes metals from oxide coatings on the surfaces of soil materials without attacking their matrix. Most trace-element concentrations in the resulting solutions are in the part-per-trillion to low part-per-billion range, necessitating determinations by inductively coupled plasma/mass spectrometry. The resulting data show greater contrasts for many trace elements than with other techniques tested. Spatially, many trace metal anomalies are locally discontinuous, but anomalous trends within larger areas are apparent. In many instances, the source for an anomaly seems to be either basal till or bedrock. Ground water flow is probably the most important mechanism for transporting metals toward the surface, although ionic diffusion, electrochemical gradients, and capillary action may play a role in anomaly dispersal. Sample sites near the Rainy Lake-Seine River fault zone, a regional shear zone, often have anomalous concentrations of a variety of metals, commonly including Zn and/or one or more metals which substitute for Zn in sphalerite (Cd, Ge, Ga, and Sn). Shifts in background concentrations of Bi, Sb, and As show a trend across the area indicating a possible regional zoning of lode-Au mineralization. Soil anomalies of Ag, Co, and Tl parallel basement structures, suggesting areas that may have potential for Cobalt/Thunder Baytype silver viens. An area around Baudette, Minnesota, which is underlain by quartz-chlorite-carbonate-altered shear zones, is anomalous in Ag, As, Bi, Co, Mo, Te, Tl, and W. Anomalies of Ag, As, Bi, Te, and W tend to follow the fault zones, suggesting potential

  19. Ionization detection system for aerosols

    International Nuclear Information System (INIS)

    Jacobs, M.E.

    1977-01-01

    This invention relates to an improved smoke-detection system of the ionization-chamber type. In the preferred embodiment, the system utilizes a conventional detector head comprising a measuring ionization chamber, a reference ionization chamber, and a normally non-conductive gas triode for discharging when a threshold concentration of airborne particulates is present in the measuring chamber. The improved system utilizes a measuring ionization chamber which is modified to minimize false alarms and reductions in sensitivity resulting from changes in ambient temperature. In the preferred form of the modification, an annular radiation shield is mounted about the usual radiation source provided to effect ionization in the measuring chamber. The shield is supported by a bimetallic strip which flexes in response to changes in ambient temperature, moving the shield relative to the source so as to vary the radiative area of the source in a manner offsetting temperature-induced variations in the sensitivity of the chamber. 8 claims, 7 figures

  20. Microcontroller based driver alertness detection systems to detect drowsiness

    Science.gov (United States)

    Adenin, Hasibah; Zahari, Rahimi; Lim, Tiong Hoo

    2018-04-01

    The advancement of embedded system for detecting and preventing drowsiness in a vehicle is a major challenge for road traffic accident systems. To prevent drowsiness while driving, it is necessary to have an alert system that can detect a decline in driver concentration and send a signal to the driver. Studies have shown that traffc accidents usually occur when the driver is distracted while driving. In this paper, we have reviewed a number of detection systems to monitor the concentration of a car driver and propose a portable Driver Alertness Detection System (DADS) to determine the level of concentration of the driver based on pixelated coloration detection technique using facial recognition. A portable camera will be placed at the front visor to capture facial expression and the eye activities. We evaluate DADS using 26 participants and have achieved 100% detection rate with good lighting condition and a low detection rate at night.

  1. Prenatal sonographic diagnosis of focal musculoskeletal anomalies

    Energy Technology Data Exchange (ETDEWEB)

    Ryu, Jung Kyu; Cho, Jeong Yeon; Lee, Young Ho; Kim, Ei Jeong; Chun, Yi Kyeong [Samsung Cheil Hospital, Sungkyunkwan University School of Medicine, Seoul (Korea, Republic of)

    2002-09-15

    Focal musculoskeletal anomalies are various and may be an isolated finding or may be found in conjunction with numerous associations, including genetic syndromes, Karyotype abnormals, central nervous system anomalies and other general musculoskeletal disorders. Early prenatal diagnosis of these focal musculoskeletal anomalies nor only affects prenatal care and postnatal outcome but also helps in approaching other numerous associated anomalies.

  2. Prenatal sonographic diagnosis of focal musculoskeletal anomalies

    International Nuclear Information System (INIS)

    Ryu, Jung Kyu; Cho, Jeong Yeon; Lee, Young Ho; Kim, Ei Jeong; Chun, Yi Kyeong

    2002-01-01

    Focal musculoskeletal anomalies are various and may be an isolated finding or may be found in conjunction with numerous associations, including genetic syndromes, Karyotype abnormals, central nervous system anomalies and other general musculoskeletal disorders. Early prenatal diagnosis of these focal musculoskeletal anomalies nor only affects prenatal care and postnatal outcome but also helps in approaching other numerous associated anomalies.

  3. Toward Baseline Software Anomalies in NASA Missions

    Science.gov (United States)

    Layman, Lucas; Zelkowitz, Marvin; Basili, Victor; Nikora, Allen P.

    2012-01-01

    In this fast abstract, we provide preliminary findings an analysis of 14,500 spacecraft anomalies from unmanned NASA missions. We provide some baselines for the distributions of software vs. non-software anomalies in spaceflight systems, the risk ratings of software anomalies, and the corrective actions associated with software anomalies.

  4. Time series analysis of precipitation and vegetation to detect food production anomalies in the Horn of Africa. The case of Lower Shabelle (Somalia

    Directory of Open Access Journals (Sweden)

    M. A. Belenguer-Plomer

    2016-12-01

    Full Text Available The Horn of Africa is one of the most food-insecure locations around the world due to the continuous increase of its population and the practice of the subsistence agriculture. This causes that much of the population cannot take the minimum nutritional needs for a healthy life. Moreover, this situation of food vulnerability may be seriously affected in the coming years due to the effects of climate change. The aim of this work is combine the information about the state of the vegetation that offers the NDVI with rainfall data to detect negative anomalies in food production. This work has been used the monthly products of NDVI MOD13A3 of MODIS and the rainfall estimation product TAMSAT, both during the period 2001-2015. With these products we have calculated the average of the entire time period selected and we have detected the years whose NDVI values were further away from the average, being these 2010, 2011 and 2014. Once detected the years with major anomalies in NDVI, there has been an exclusive monthly analysis of those years, where we have analysed the relationships between the value of NDVI and monthly rainfall, obtaining a direct relationship between the two values. It also has been used crop calendar to focus the analysis in the months of agricultural production and finding that the main cause of anomalies in vegetation is a decrease in the registration of rainfall during the months of agricultural production. This reason explains the origin of the food shortages that occurred in 2010 and 2011 that generated an enormous humanitarian crisis in this area.

  5. Semiclassical anomalies of the quantum mechanical systems and their modifications for the asymptotic matching

    International Nuclear Information System (INIS)

    Deniz, Coskun

    2011-01-01

    JWKB solutions to the Initial Value Problems (IVPs) of the Time Independent Schrodinger's Equation (TISE) for the Simple Linear Potentials (SLPs) with a turning point parameter have been studied according to the turning points by graphical analysis to test the results of the JWKB solutions and suggested modifications. The anomalies happening in the classically inaccessible region where the SLP function is smaller than zero and the results of the suggested modifications, which are in consistent with the quantum mechanical theories, to remove these anomalies in this region have been presented. The origins of the anomalies and verifications of the suggested modifications showing a great success in the results have also been studied in terms of a suggested M ij =S ∼ i-1,j matrix elements made up of the JWKB expansion terms, S i-1,j (where i = 1, 2, 3 and j 1, 2). The results of the modifications for the IVPs and their application to the Bound State Problems (BSPs) with an example application of the Harmonic Oscillator (HO) have been presented and their generalization for any potential function have been discussed and classified accordingly.

  6. Geoelectrical Characterization of the Punta Banda System: A Possible Structural Control for the Geothermal Anomalies

    Science.gov (United States)

    Arango-Galvan, C.; Flores-Marquez, E.; Prol-Ledesma, R.; Working Group, I.

    2007-05-01

    The lack of sufficient drinking water in México has become a very serious problem, especially in the northern desert regions of the country. In order to give a real solution to this phenomenon the IMPULSA research program has been created to develope novel technologies based on desalination of sea and brackish water using renewable sources of energy to face the problem. The Punta Banda geothermal anomaly is located towards the northern part of Baja California Peninsula (Mexico). High water temperatures in some wells along the coast depicted a geothermal anomaly. An audiomagnetotelluric survey was carried out in the area as a preliminary study, both to understand the process generating these anomalous temperatures and to assess its potential exploitation to supply hot water to desalination plants. Among the electromagnetic methods, the audiomagnetotellurics (AMT) method is appropriated for deep groundwater and geothermal studies. The survey consisted of 27 AMT stations covering a 5 km profile along the Agua Blanca Fault. The employed array allowed us to characterize the geoelectrical properties of the main structures up to 500 m depth. Two main geoelectrical zones were identified: 1) a shallow low resistivity media located at the central portion of the profile, coinciding with the Maneadero valley and 2) two high resitivity structures bordering the conductive zone possibly related to NS faulting, already identified by previous geophysical studies. These results suggest that the main geothermal anomalies are controlled by the dominant structural regime in the zone.

  7. DOWN'S ANOMALY.

    Science.gov (United States)

    PENROSE, L.S.; SMITH, G.F.

    BOTH CLINICAL AND PATHOLOGICAL ASPECTS AND MATHEMATICAL ELABORATIONS OF DOWN'S ANOMALY, KNOWN ALSO AS MONGOLISM, ARE PRESENTED IN THIS REFERENCE MANUAL FOR PROFESSIONAL PERSONNEL. INFORMATION PROVIDED CONCERNS (1) HISTORICAL STUDIES, (2) PHYSICAL SIGNS, (3) BONES AND MUSCLES, (4) MENTAL DEVELOPMENT, (5) DERMATOGLYPHS, (6) HEMATOLOGY, (7)…

  8. A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems

    Science.gov (United States)

    1999-06-01

    administrator whenever a system binary file (such as the ps, login , or ls program) is modified. Normal users have no legitimate reason to alter these files...development of EMERALD [46], which combines statistical anomaly detection from NIDES with signature verification. Specification-based intrusion detection...the creation of a single host that can act as many hosts. Daemons that provide network services—including telnetd, ftpd, and login — display banners

  9. Central nervous system abnormalities on midline facial defects with hypertelorism detected by magnetic resonance image and computed tomography

    International Nuclear Information System (INIS)

    Lopes, Vera Lucia Gil da Silva; Giffoni, Silvio David Araujo

    2006-01-01

    The aim of this study were to describe and to compare structural central nervous system (CNS) anomalies detected by magnetic resonance image (MRI) and computed tomography (CT) in individuals affected by midline facial defects with hypertelorism (MFDH) isolated or associated with multiple congenital anomalies (MCA). The investigation protocol included dysmorphological examination, skull and facial X-rays, brain CT and/or MRI. We studied 24 individuals, 12 of them had an isolated form (Group I) and the others, MCA with unknown etiology (Group II). There was no significant difference between Group I and II and the results are presented in set. In addition to the several CNS anomalies previously described, MRI (n=18) was useful for detection of neuronal migration errors. These data suggested that structural CNS anomalies and MFDH seem to have an intrinsic embryological relationship, which should be taken in account during the clinical follow-up. (author)

  10. Nuclear detection systems in traffic

    International Nuclear Information System (INIS)

    Farkas, T.; Pernicka, L.; Svec, A.

    2005-01-01

    Illicit trafficking in nuclear materials (nuclear criminality) has become a problem, due to the circulation of a high number of radioactive sources caused by the changes of the organisational infrastructures to supervise these material within the successor states of the former Soviet Union. Aim of this paper is to point out the technical requirements and the practicability of an useful monitoring system at preselected traffic check points (railway and highway border crossings, industrial sites entry gates, international airports). The ITRAP lab test was designed to work as strict benchmark to qualify border monitoring systems 67 with very low false alarm rates, in addition the minimum sensitivity to give an alarm has been defined for fix-installed systems, pocket type and hand held instruments. For the neutron tests a special prepared Californium source ( 252 Cf) was used to simulate the weapons plutonium. The source is shielded against gamma radiation, use a moderator and provides the required neutron rate of 20000 n/s at 2 rn distance. To test the false alarm rate (rate of false positive ) the same test facility , under the same background conditions, was used but without a radioactive test source. The ITRAP lab tests for the fix-installed systems started at May 1998 and first results were given in September 1998. Only 2 of 14 fix-installed monitoring systems could fulfil the minimum requirement for neutron detection. 7 of 14 fix-installed monitoring systems (50%) passed the ITRAP lab test. The analytical method developed and used for certification of installed radiation monitors in the Slovak Institute of Metrology consists in measurement of radiation activity of selected radionuclide in defined conditions. (authors)

  11. Thermal animal detection system (TADS)

    Energy Technology Data Exchange (ETDEWEB)

    Desholm, M.

    2003-03-01

    This report presents data from equipment tests and software development for the Thermal Animal Detection System (TADS) development project: 'Development of a method for estimating collision frequency between migrating birds and offshore wind turbines'. The technical tests were performed to investigate the performance of remote controlling, video file compression tool and physical stress of the thermal camera when operating outdoors and under the real time vibration conditions at a 2 MW turbine. Furthermore, experimental tests on birds were performed to describe the decreasing detectability with distance on free flying birds, the performance of the thermal camera during poor visibility, and finally, the performance of the thermal sensor software developed for securing high -quality data. In general, it can be concluded that the thermal camera and its related hardware and software, the TADS, are capable of recording migrating birds approaching the rotating blades of a turbine, even under conditions with poor visibility. If the TADS is used in a vertical viewing scenario it would comply with the requirements for a setup used for estimating the avian collision frequency at offshore wind turbines. (au)

  12. Thermal animal detection system (TADS)

    Energy Technology Data Exchange (ETDEWEB)

    Desholm, M

    2003-03-01

    This report presents data from equipment tests and software development for the Thermal Animal Detection System (TADS) development project: 'Development of a method for estimating collision frequency between migrating birds and offshore wind turbines'. The technical tests were performed to investigate the performance of remote controlling, video file compression tool and physical stress of the thermal camera when operating outdoors and under the real time vibration conditions at a 2 MW turbine. Furthermore, experimental tests on birds were performed to describe the decreasing detectability with distance on free flying birds, the performance of the thermal camera during poor visibility, and finally, the performance of the thermal sensor software developed for securing high -quality data. In general, it can be concluded that the thermal camera and its related hardware and software, the TADS, are capable of recording migrating birds approaching the rotating blades of a turbine, even under conditions with poor visibility. If the TADS is used in a vertical viewing scenario it would comply with the requirements for a setup used for estimating the avian collision frequency at offshore wind turbines. (au)

  13. APHRODITE: an Anomaly-based Architecture for False Positive Reduction

    NARCIS (Netherlands)

    Bolzoni, D.; Etalle, Sandro

    We present APHRODITE, an architecture designed to reduce false positives in network intrusion detection systems. APHRODITE works by detecting anomalies in the output traffic, and by correlating them with the alerts raised by the NIDS working on the input traffic. Benchmarks show a substantial

  14. Automatic detection of multiple UXO-like targets using magnetic anomaly inversion and self-adaptive fuzzy c-means clustering

    Science.gov (United States)

    Yin, Gang; Zhang, Yingtang; Fan, Hongbo; Ren, Guoquan; Li, Zhining

    2017-12-01

    We have developed a method for automatically detecting UXO-like targets based on magnetic anomaly inversion and self-adaptive fuzzy c-means clustering. Magnetic anomaly inversion methods are used to estimate the initial locations of multiple UXO-like sources. Although these initial locations have some errors with respect to the real positions, they form dense clouds around the actual positions of the magnetic sources. Then we use the self-adaptive fuzzy c-means clustering algorithm to cluster these initial locations. The estimated number of cluster centroids represents the number of targets and the cluster centroids are regarded as the locations of magnetic targets. Effectiveness of the method has been demonstrated using synthetic datasets. Computational results show that the proposed method can be applied to the case of several UXO-like targets that are randomly scattered within in a confined, shallow subsurface, volume. A field test was carried out to test the validity of the proposed method and the experimental results show that the prearranged magnets can be detected unambiguously and located precisely.

  15. Further evidence for resonance anomalies in the 12C + 16O system

    International Nuclear Information System (INIS)

    Branford, D.; Nagorcka, B.N.; Newton, J.O.

    1977-09-01

    Excitation functions for six nuclides resulting from the 16 O + 12 C reaction, as well as for inelastic scattering to the 3 - state of 16 O, have been measured by γ-ray techniques in the range Esub(cm) = 12.8 - 18.2 MeV and a complete fusion excitation function deduced. Resonance anomalies, which may be due to the excitation of quasimolecular states, are observed at 14.7, 16.7, 17.6 and 18.6 MeV. These and other results are considered in terms of theoretical models for quasimolecular states. (Author)

  16. In-situ trainable intrusion detection system

    Energy Technology Data Exchange (ETDEWEB)

    Symons, Christopher T.; Beaver, Justin M.; Gillen, Rob; Potok, Thomas E.

    2016-11-15

    A computer implemented method detects intrusions using a computer by analyzing network traffic. The method includes a semi-supervised learning module connected to a network node. The learning module uses labeled and unlabeled data to train a semi-supervised machine learning sensor. The method records events that include a feature set made up of unauthorized intrusions and benign computer requests. The method identifies at least some of the benign computer requests that occur during the recording of the events while treating the remainder of the data as unlabeled. The method trains the semi-supervised learning module at the network node in-situ, such that the semi-supervised learning modules may identify malicious traffic without relying on specific rules, signatures, or anomaly detection.

  17. First and second trimester screening for fetal structural anomalies.

    Science.gov (United States)

    Edwards, Lindsay; Hui, Lisa

    2018-04-01

    Fetal structural anomalies are found in up to 3% of all pregnancies and ultrasound-based screening has been an integral part of routine prenatal care for decades. The prenatal detection of fetal anomalies allows for optimal perinatal management, providing expectant parents with opportunities for additional imaging, genetic testing, and the provision of information regarding prognosis and management options. Approximately one-half of all major structural anomalies can now be detected in the first trimester, including acrania/anencephaly, abdominal wall defects, holoprosencephaly and cystic hygromata. Due to the ongoing development of some organ systems however, some anomalies will not be evident until later in the pregnancy. To this extent, the second trimester anatomy is recommended by professional societies as the standard investigation for the detection of fetal structural anomalies. The reported detection rates of structural anomalies vary according to the organ system being examined, and are also dependent upon factors such as the equipment settings and sonographer experience. Technological advances over the past two decades continue to support the role of ultrasound as the primary imaging modality in pregnancy, and the safety of ultrasound for the developing fetus is well established. With increasing capabilities and experience, detailed examination of the central nervous system and cardiovascular system is possible, with dedicated examinations such as the fetal neurosonogram and the fetal echocardiogram now widely performed in tertiary centers. Magnetic resonance imaging (MRI) is well recognized for its role in the assessment of fetal brain anomalies; other potential indications for fetal MRI include lung volume measurement (in cases of congenital diaphragmatic hernia), and pre-surgical planning prior to fetal spina bifida repair. When a major structural abnormality is detected prenatally, genetic testing with chromosomal microarray is recommended over

  18. Fetal renal anomalies : diagnosis, management, and outcome

    NARCIS (Netherlands)

    Damen-Elias, Henrica Antonia Maria

    2004-01-01

    In two to three percent of fetuses structural anomalies can be found with prenatal ultrasound investigation. Anomalies of the urinary tract account for 15 to 20% of these anomalies with a detection rate of approximately of 90%. In Chapter 2, 3 and 4 we present reference curves for size and growth

  19. Generalized Detectability for Discrete Event Systems

    Science.gov (United States)

    Shu, Shaolong; Lin, Feng

    2011-01-01

    In our previous work, we investigated detectability of discrete event systems, which is defined as the ability to determine the current and subsequent states of a system based on observation. For different applications, we defined four types of detectabilities: (weak) detectability, strong detectability, (weak) periodic detectability, and strong periodic detectability. In this paper, we extend our results in three aspects. (1) We extend detectability from deterministic systems to nondeterministic systems. Such a generalization is necessary because there are many systems that need to be modeled as nondeterministic discrete event systems. (2) We develop polynomial algorithms to check strong detectability. The previous algorithms are based on observer whose construction is of exponential complexity, while the new algorithms are based on a new automaton called detector. (3) We extend detectability to D-detectability. While detectability requires determining the exact state of a system, D-detectability relaxes this requirement by asking only to distinguish certain pairs of states. With these extensions, the theory on detectability of discrete event systems becomes more applicable in solving many practical problems. PMID:21691432

  20. Fluorescence detection system for microfluidic droplets

    Science.gov (United States)

    Chen, Binyu; Han, Xiaoming; Su, Zhen; Liu, Quanjun

    2018-05-01

    In microfluidic detection technology, because of the universality of optical methods in laboratory, optical detection is an attractive solution for microfluidic chip laboratory equipment. In addition, the equipment with high stability and low cost can be realized by integrating appropriate optical detection technology on the chip. This paper reports a detection system for microfluidic droplets. Photomultiplier tubes (PMT) is used as a detection device to improve the sensitivity of detection. This system improves the signal to noise ratio by software filtering and spatial filter. The fluorescence intensity is proportional to the concentration of the fluorescence and intensity of the laser. The fluorescence micro droplets of different concentrations can be distinguished by this system.