WorldWideScience

Sample records for anomaly detection system

  1. Modeling And Detecting Anomalies In Scada Systems

    Science.gov (United States)

    Svendsen, Nils; Wolthusen, Stephen

    The detection of attacks and intrusions based on anomalies is hampered by the limits of specificity underlying the detection techniques. However, in the case of many critical infrastructure systems, domain-specific knowledge and models can impose constraints that potentially reduce error rates. At the same time, attackers can use their knowledge of system behavior to mask their manipulations, causing adverse effects to observed only after a significant period of time. This paper describes elementary statistical techniques that can be applied to detect anomalies in critical infrastructure networks. A SCADA system employed in liquefied natural gas (LNG) production is used as a case study.

  2. Detecting data anomalies methods in distributed systems

    Science.gov (United States)

    Mosiej, Lukasz

    2009-06-01

    Distributed systems became most popular systems in big companies. Nowadays many telecommunications companies want to hold large volumes of data about all customers. Obviously, those data cannot be stored in single database because of many technical difficulties, such as data access efficiency, security reasons, etc. On the other hand there is no need to hold all data in one place, because companies already have dedicated systems to perform specific tasks. In the distributed systems there is a redundancy of data and each system holds only interesting data in appropriate form. Data updated in one system should be also updated in the rest of systems, which hold that data. There are technical problems to update those data in all systems in transactional way. This article is about data anomalies in distributed systems. Avail data anomalies detection methods are shown. Furthermore, a new initial concept of new data anomalies detection methods is described on the last section.

  3. Detection of cardiovascular anomalies: Hybrid systems approach

    KAUST Repository

    Diaz Ledezma, Fernando

    2012-06-06

    In this paper, we propose a hybrid interpretation of the cardiovascular system. Based on a model proposed by Simaan et al. (2009), we study the problem of detecting cardiovascular anomalies that can be caused by variations in some physiological parameters, using an observerbased approach. We present the first numerical results obtained. © 2012 IFAC.

  4. Anomaly Detection for Complex Systems

    Data.gov (United States)

    National Aeronautics and Space Administration — In performance maintenance in large, complex systems, sensor information from sub-components tends to be readily available, and can be used to make predictions...

  5. An Immunity-Based Anomaly Detection System with Sensor Agents

    Directory of Open Access Journals (Sweden)

    Yoshiteru Ishida

    2009-11-01

    Full Text Available This paper proposes an immunity-based anomaly detection system with sensor agents based on the specificity and diversity of the immune system. Each agent is specialized to react to the behavior of a specific user. Multiple diverse agents decide whether the behavior is normal or abnormal. Conventional systems have used only a single sensor to detect anomalies, while the immunity-based system makes use of multiple sensors, which leads to improvements in detection accuracy. In addition, we propose an evaluation framework for the anomaly detection system, which is capable of evaluating the differences in detection accuracy between internal and external anomalies. This paper focuses on anomaly detection in user’s command sequences on UNIX-like systems. In experiments, the immunity-based system outperformed some of the best conventional systems.

  6. A model for anomaly classification in intrusion detection systems

    Science.gov (United States)

    Ferreira, V. O.; Galhardi, V. V.; Gonçalves, L. B. L.; Silva, R. C.; Cansian, A. M.

    2015-09-01

    Intrusion Detection Systems (IDS) are traditionally divided into two types according to the detection methods they employ, namely (i) misuse detection and (ii) anomaly detection. Anomaly detection has been widely used and its main advantage is the ability to detect new attacks. However, the analysis of anomalies generated can become expensive, since they often have no clear information about the malicious events they represent. In this context, this paper presents a model for automated classification of alerts generated by an anomaly based IDS. The main goal is either the classification of the detected anomalies in well-defined taxonomies of attacks or to identify whether it is a false positive misclassified by the IDS. Some common attacks to computer networks were considered and we achieved important results that can equip security analysts with best resources for their analyses.

  7. Clustering and Recurring Anomaly Identification: Recurring Anomaly Detection System (ReADS)

    Science.gov (United States)

    McIntosh, Dawn

    2006-01-01

    This viewgraph presentation reviews the Recurring Anomaly Detection System (ReADS). The Recurring Anomaly Detection System is a tool to analyze text reports, such as aviation reports and maintenance records: (1) Text clustering algorithms group large quantities of reports and documents; Reduces human error and fatigue (2) Identifies interconnected reports; Automates the discovery of possible recurring anomalies; (3) Provides a visualization of the clusters and recurring anomalies We have illustrated our techniques on data from Shuttle and ISS discrepancy reports, as well as ASRS data. ReADS has been integrated with a secure online search

  8. Fuzzy Based Anomaly Intrusion Detection System for Clustered WSN

    OpenAIRE

    Sumathy Murugan; Sundara Rajan, M.

    2015-01-01

    In Wireless Sensor Networks (WSN), the intrusion detection technique may result in increased computational cost, packet loss, performance degradation and so on. In order to overcome these issues, in this study, we propose a fuzzy based anomaly intrusion detection system for clustered WSN. Initially the cluster heads are selected based on the parameters such as link quality, residual energy and coverage. Then the anomaly intrusion is detected using fuzzy logic technique. This technique conside...

  9. Probabilistic Anomaly Detection Based On System Calls Analysis

    Directory of Open Access Journals (Sweden)

    Przemysław Maciołek

    2007-01-01

    Full Text Available We present an application of probabilistic approach to the anomaly detection (PAD. Byanalyzing selected system calls (and their arguments, the chosen applications are monitoredin the Linux environment. This allows us to estimate “(abnormality” of their behavior (bycomparison to previously collected profiles. We’ve attached results of threat detection ina typical computer environment.

  10. Advanced Ground Systems Maintenance Anomaly Detection Project

    Data.gov (United States)

    National Aeronautics and Space Administration — This project will develop the capability to identify anomalous conditions (indications to potential impending system failure) in ground system operations before...

  11. Anomaly Detection in a Fleet of Systems

    Data.gov (United States)

    National Aeronautics and Space Administration — A fleet is a group of systems (e.g., cars, aircraft) that are designed and manufactured the same way and are intended to be used the same way. For example, a fleet...

  12. Anomaly-based intrusion detection for SCADA systems

    International Nuclear Information System (INIS)

    Most critical infrastructure such as chemical processing plants, electrical generation and distribution networks, and gas distribution is monitored and controlled by Supervisory Control and Data Acquisition Systems (SCADA. These systems have been the focus of increased security and there are concerns that they could be the target of international terrorists. With the constantly growing number of internet related computer attacks, there is evidence that our critical infrastructure may also be vulnerable. Researchers estimate that malicious online actions may cause $75 billion at 2007. One of the interesting countermeasures for enhancing information system security is called intrusion detection. This paper will briefly discuss the history of research in intrusion detection techniques and introduce the two basic detection approaches: signature detection and anomaly detection. Finally, it presents the application of techniques developed for monitoring critical process systems, such as nuclear power plants, to anomaly intrusion detection. The method uses an auto-associative kernel regression (AAKR) model coupled with the statistical probability ratio test (SPRT) and applied to a simulated SCADA system. The results show that these methods can be generally used to detect a variety of common attacks. (authors)

  13. Using Physical Models for Anomaly Detection in Control Systems

    Science.gov (United States)

    Svendsen, Nils; Wolthusen, Stephen

    Supervisory control and data acquisition (SCADA) systems are increasingly used to operate critical infrastructure assets. However, the inclusion of advanced information technology and communications components and elaborate control strategies in SCADA systems increase the threat surface for external and subversion-type attacks. The problems are exacerbated by site-specific properties of SCADA environments that make subversion detection impractical; and by sensor noise and feedback characteristics that degrade conventional anomaly detection systems. Moreover, potential attack mechanisms are ill-defined and may include both physical and logical aspects.

  14. Log Summarization and Anomaly Detection for TroubleshootingDistributed Systems

    Energy Technology Data Exchange (ETDEWEB)

    Gunter, Dan; Tierney, Brian L.; Brown, Aaron; Swany, Martin; Bresnahan, John; Schopf, Jennifer M.

    2007-08-01

    Today's system monitoring tools are capable of detectingsystem failures such as host failures, OS errors, and network partitionsin near-real time. Unfortunately, the same cannot yet be said of theend-to-end distributed softwarestack. Any given action, for example,reliably transferring a directory of files, can involve a wide range ofcomplex and interrelated actions across multiple pieces of software:checking user certificates and permissions, getting details for allfiles, performing third-party transfers, understanding re-try policydecisions, etc. We present an infrastructure for troubleshooting complexmiddleware, a general purpose technique for configurable logsummarization, and an anomaly detection technique that works in near-realtime on running Grid middleware. We present results gathered using thisinfrastructure from instrumented Grid middleware and applications runningon the Emulab testbed. From these results, we analyze the effectivenessof several algorithms at accurately detecting a variety of performanceanomalies.

  15. Anomaly detection in an automated safeguards system using neural networks

    International Nuclear Information System (INIS)

    An automated safeguards system must be able to detect an anomalous event, identify the nature of the event, and recommend a corrective action. Neural networks represent a new way of thinking about basic computational mechanisms for intelligent information processing. In this paper, we discuss the issues involved in applying a neural network model to the first step of this process: anomaly detection in materials accounting systems. We extend our previous model to a 3-tank problem and compare different neural network architectures and algorithms. We evaluate the computational difficulties in training neural networks and explore how certain design principles affect the problems. The issues involved in building a neural network architecture include how the information flows, how the network is trained, how the neurons in a network are connected, how the neurons process information, and how the connections between neurons are modified. Our approach is based on the demonstrated ability of neural networks to model complex, nonlinear, real-time processes. By modeling the normal behavior of the processes, we can predict how a system should be behaving and, therefore, detect when an abnormality occurs

  16. A Result Fusion based Distributed Anomaly Detection System for Android Smartphones

    OpenAIRE

    Zhizhong Wu; Xuehai Zhou; Jun Xu

    2013-01-01

    In this paper we present an information fusion based distributed anomaly detection system for Android mobile phones. The proposed framework realizes a clientserver architecture, the client continuously extracts various features and transfers to the server, and the server’s major task is to detect anomaly using state-of-art detection algorithms implemented as anomaly detectors. Multiple distributed servers simultaneously analyzing the feature vector using different detectors and informat...

  17. Network Traffic Anomaly Detection

    OpenAIRE

    Huang, Hong; Al-Azzawi, Hussein; Brani, Hajar

    2014-01-01

    This paper presents a tutorial for network anomaly detection, focusing on non-signature-based approaches. Network traffic anomalies are unusual and significant changes in the traffic of a network. Networks play an important role in today's social and economic infrastructures. The security of the network becomes crucial, and network traffic anomaly detection constitutes an important part of network security. In this paper, we present three major approaches to non-signature-based network detect...

  18. A Result Fusion based Distributed Anomaly Detection System for Android Smartphones

    Directory of Open Access Journals (Sweden)

    Zhizhong Wu

    2013-02-01

    Full Text Available In this paper we present an information fusion based distributed anomaly detection system for Android mobile phones. The proposed framework realizes a clientserver architecture, the client continuously extracts various features and transfers to the server, and the server’s major task is to detect anomaly using state-of-art detection algorithms implemented as anomaly detectors. Multiple distributed servers simultaneously analyzing the feature vector using different detectors and information fusion is used to fuse the results of detectors. We also propose a cycle-based statistical approach for smartphone anomaly detection as the smartphone users usual follow regular patterns due to their periodical patterns of lives. Empirical results suggest that the proposed framework and novel anomaly detection algorithm are effective in detecting malware on Android devices.

  19. Design of Hybrid Network Anomalies Detection System (H-NADS Using IP Gray Space Analysis

    Directory of Open Access Journals (Sweden)

    Yogendra Kumar JAIN

    2009-01-01

    Full Text Available In Network Security, there is a major issue to secure the public or private network from abnormal users. It is because each network is made up of users, services and computers with a specific behavior that is also called as heterogeneous system. To detect abnormal users, anomaly detection system (ADS is used. In this paper, we present a novel and hybrid Anomaly Detection System with the uses of IP gray space analysis and dominant scanning port identification heuristics used to detect various anomalous users with their potential behaviors. This methodology is the combination of both statistical and rule based anomaly detection which detects five types of anomalies with their three types of potential behaviors and generates respective alarm messages to GUI.

  20. Anomaly Detection in Sequences

    Data.gov (United States)

    National Aeronautics and Space Administration — We present a set of novel algorithms which we call sequenceMiner, that detect and characterize anomalies in large sets of high-dimensional symbol sequences that...

  1. Dynamic analysis methods for detecting anomalies in asynchronously interacting systems

    Energy Technology Data Exchange (ETDEWEB)

    Kumar, Akshat; Solis, John Hector; Matschke, Benjamin

    2014-01-01

    Detecting modifications to digital system designs, whether malicious or benign, is problematic due to the complexity of the systems being analyzed. Moreover, static analysis techniques and tools can only be used during the initial design and implementation phases to verify safety and liveness properties. It is computationally intractable to guarantee that any previously verified properties still hold after a system, or even a single component, has been produced by a third-party manufacturer. In this paper we explore new approaches for creating a robust system design by investigating highly-structured computational models that simplify verification and analysis. Our approach avoids the need to fully reconstruct the implemented system by incorporating a small verification component that dynamically detects for deviations from the design specification at run-time. The first approach encodes information extracted from the original system design algebraically into a verification component. During run-time this component randomly queries the implementation for trace information and verifies that no design-level properties have been violated. If any deviation is detected then a pre-specified fail-safe or notification behavior is triggered. Our second approach utilizes a partitioning methodology to view liveness and safety properties as a distributed decision task and the implementation as a proposed protocol that solves this task. Thus the problem of verifying safety and liveness properties is translated to that of verifying that the implementation solves the associated decision task. We develop upon results from distributed systems and algebraic topology to construct a learning mechanism for verifying safety and liveness properties from samples of run-time executions.

  2. Automatic firewall rules generator for anomaly detection systems with Apriori algorithm

    OpenAIRE

    Saboori, Ehsan; Parsazad, Shafigh; Sanatkhani, Yasaman

    2012-01-01

    Network intrusion detection systems have become a crucial issue for computer systems security infrastructures. Different methods and algorithms are developed and proposed in recent years to improve intrusion detection systems. The most important issue in current systems is that they are poor at detecting novel anomaly attacks. These kinds of attacks refer to any action that significantly deviates from the normal behaviour which is considered intrusion. This paper proposed a model to improve t...

  3. Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge

    Energy Technology Data Exchange (ETDEWEB)

    Ondrej Linda; Todd Vollmer; Milos Manic

    2012-08-01

    The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.

  4. Anomaly Detection System Based on Principal Component Analysis and Support Vector Machine

    Institute of Scientific and Technical Information of China (English)

    LI Zhanchun; LI Zhitang; LIU Bin

    2006-01-01

    This article presents an anomaly detection system based on principal component analysis (PCA) and support vector machine (SVM). The system first creates a profile defining a normal behavior by frequency-based scheme, and then compares the similarity of a current behavior with the created profile to decide whether the input instance is normal or anomaly. In order to avoid overfitting and reduce the computational burden, normal behavior principal features are extracted by the PCA method. SVM is used to distinguish normal or anomaly for user behavior after training procedure has been completed by learning. In the experiments for performance evaluation the system achieved a correct detection rate equal to 92.2% and a false detection rate equal to 2.8%.

  5. Theoretically Optimal Distributed Anomaly Detection

    Data.gov (United States)

    National Aeronautics and Space Administration — A novel general framework for distributed anomaly detection with theoretical performance guarantees is proposed. Our algorithmic approach combines existing anomaly...

  6. Space Shuttle Main Propulsion System Anomaly Detection: A Case Study

    Data.gov (United States)

    National Aeronautics and Space Administration — The space shuttle main engine (SSME) is part of the Main Propnlsion System (MPS) which is an extremely complex system containing several sub-systems and components,...

  7. Using Immunology Principles for Anomaly Detection in Electrical Systems

    OpenAIRE

    Branco, P. J. Costa; Dente, J. A.; Mendes, R. Vilela

    2001-01-01

    The immune system is a cognitive system of complexity comparable to the brain and its computational algorithms suggest new solutions to engineering problems or new ways of looking at these problems. Using immunological principles, a two (or three-) module algorithm is developed which is capable of launching a specific response to an anomalous situation. Applications are being developed for electromechanical drives and network power transformers. Experimental results illustrate an application ...

  8. HPNAIDM: The High-Performance Network Anomaly/Intrusion Detection and Mitigation System

    Energy Technology Data Exchange (ETDEWEB)

    Chen, Yan [Northwesten University

    2013-12-05

    Identifying traffic anomalies and attacks rapidly and accurately is critical for large network operators. With the rapid growth of network bandwidth, such as the next generation DOE UltraScience Network, and fast emergence of new attacks/virus/worms, existing network intrusion detection systems (IDS) are insufficient because they: • Are mostly host-based and not scalable to high-performance networks; • Are mostly signature-based and unable to adaptively recognize flow-level unknown attacks; • Cannot differentiate malicious events from the unintentional anomalies. To address these challenges, we proposed and developed a new paradigm called high-performance network anomaly/intrustion detection and mitigation (HPNAIDM) system. The new paradigm is significantly different from existing IDSes with the following features (research thrusts). • Online traffic recording and analysis on high-speed networks; • Online adaptive flow-level anomaly/intrusion detection and mitigation; • Integrated approach for false positive reduction. Our research prototype and evaluation demonstrate that the HPNAIDM system is highly effective and economically feasible. Beyond satisfying the pre-set goals, we even exceed that significantly (see more details in the next section). Overall, our project harvested 23 publications (2 book chapters, 6 journal papers and 15 peer-reviewed conference/workshop papers). Besides, we built a website for technique dissemination, which hosts two system prototype release to the research community. We also filed a patent application and developed strong international and domestic collaborations which span both academia and industry.

  9. Seasonal ARMA-based SPC charts for anomaly detection: Application to emergency department systems

    KAUST Repository

    Kadri, Farid

    2015-10-22

    Monitoring complex production systems is primordial to ensure management, reliability and safety as well as maintaining the desired product quality. Early detection of emergent abnormal behaviour in monitored systems allows pre-emptive action to prevent more serious consequences, to improve system operations and to reduce manufacturing and/or service costs. This study reports the design of a new methodology for the detection of abnormal situations based on the integration of time-series analysis models and statistical process control (SPC) tools for the joint development of a monitoring system to help supervising of the behaviour of emergency department services (EDs). The monitoring system developed is able to provide early alerts in the event of abnormal situations. The seasonal autoregressive moving average (SARMA)-based exponentially weighted moving average (EWMA) anomaly detection scheme proposed was successfully applied to the practical data collected from the database of the paediatric emergency department (PED) at Lille regional hospital centre, France. The method developed utilizes SARMA as a modelling framework and EWMA for anomaly detection. The EWMA control chart is applied to the uncorrelated residuals obtained from the SARMA model. The detection results of the EWMA chart are compared with two other commonly applied residual-based tests: a Shewhart individuals chart and a Cumulative Sum (CUSUM) control chart.

  10. Survey of Anomaly Detection Methods

    Energy Technology Data Exchange (ETDEWEB)

    Ng, B

    2006-10-12

    This survey defines the problem of anomaly detection and provides an overview of existing methods. The methods are categorized into two general classes: generative and discriminative. A generative approach involves building a model that represents the joint distribution of the input features and the output labels of system behavior (e.g., normal or anomalous) then applies the model to formulate a decision rule for detecting anomalies. On the other hand, a discriminative approach aims directly to find the decision rule, with the smallest error rate, that distinguishes between normal and anomalous behavior. For each approach, we will give an overview of popular techniques and provide references to state-of-the-art applications.

  11. Urinary System anomalies at birth

    Directory of Open Access Journals (Sweden)

    Sharada B. Menasinkai

    2015-06-01

    Full Text Available Background: Congenital anomalies of urinary system are common and are found in 3-4% of population, and lethal urinary anomalies account for 10% of termination of pregnancy. Methods: A study was done to know the incidence of congenital anomalies at birth for the period of 4 months from May 99 - Sept 99 at Cheluvamba hospital attached to Mysore medical college. Congenital anomalies in the still births, live births and aborted fetuses >20 weeks were studied along with the case history and ultrasound reports. Aborted fetuses and still born babies were collected for autopsy after the consent of parents. These babies were fixed in 10% formalin and autopsy was done after fixing, and anomalies were noted. Results: Total births during study period were 3000. There were 61 babies with congenital anomalies and 6 babies had anomalies of urinary system. Among the urinary system anomalies 1 baby had bilateral renal agenesis, 1 baby had unilateral renal agenesis with anophthalmia (Fraser syndrome, 2 babies had Multicystic dysplastic kidney disease (MCDK and 1 live baby had hydronephrosis due to obstruction at pelvi ureteric junction, and 1 live female baby had polycystic kidneys. Conclusion: Incidence of urinary system anomalies in the present study was 2 per 1000 births. U/S detection of urinary anomalies varies with period of gestation, amniotic fluid volume and visualisation of urinary bladder. Autopsy helps to detect renal agenesis. [Int J Res Med Sci 2015; 3(3.000: 743-748

  12. Seismic data fusion anomaly detection

    Science.gov (United States)

    Harrity, Kyle; Blasch, Erik; Alford, Mark; Ezekiel, Soundararajan; Ferris, David

    2014-06-01

    Detecting anomalies in non-stationary signals has valuable applications in many fields including medicine and meteorology. These include uses such as identifying possible heart conditions from an Electrocardiography (ECG) signals or predicting earthquakes via seismographic data. Over the many choices of anomaly detection algorithms, it is important to compare possible methods. In this paper, we examine and compare two approaches to anomaly detection and see how data fusion methods may improve performance. The first approach involves using an artificial neural network (ANN) to detect anomalies in a wavelet de-noised signal. The other method uses a perspective neural network (PNN) to analyze an arbitrary number of "perspectives" or transformations of the observed signal for anomalies. Possible perspectives may include wavelet de-noising, Fourier transform, peak-filtering, etc.. In order to evaluate these techniques via signal fusion metrics, we must apply signal preprocessing techniques such as de-noising methods to the original signal and then use a neural network to find anomalies in the generated signal. From this secondary result it is possible to use data fusion techniques that can be evaluated via existing data fusion metrics for single and multiple perspectives. The result will show which anomaly detection method, according to the metrics, is better suited overall for anomaly detection applications. The method used in this study could be applied to compare other signal processing algorithms.

  13. Mining Building Energy Management System Data Using Fuzzy Anomaly Detection and Linguistic Descriptions

    Energy Technology Data Exchange (ETDEWEB)

    Dumidu Wijayasekara; Ondrej Linda; Milos Manic; Craig Rieger

    2014-08-01

    Building Energy Management Systems (BEMSs) are essential components of modern buildings that utilize digital control technologies to minimize energy consumption while maintaining high levels of occupant comfort. However, BEMSs can only achieve these energy savings when properly tuned and controlled. Since indoor environment is dependent on uncertain criteria such as weather, occupancy, and thermal state, performance of BEMS can be sub-optimal at times. Unfortunately, the complexity of BEMS control mechanism, the large amount of data available and inter-relations between the data can make identifying these sub-optimal behaviors difficult. This paper proposes a novel Fuzzy Anomaly Detection and Linguistic Description (Fuzzy-ADLD) based method for improving the understandability of BEMS behavior for improved state-awareness. The presented method is composed of two main parts: 1) detection of anomalous BEMS behavior and 2) linguistic representation of BEMS behavior. The first part utilizes modified nearest neighbor clustering algorithm and fuzzy logic rule extraction technique to build a model of normal BEMS behavior. The second part of the presented method computes the most relevant linguistic description of the identified anomalies. The presented Fuzzy-ADLD method was applied to real-world BEMS system and compared against a traditional alarm based BEMS. In six different scenarios, the Fuzzy-ADLD method identified anomalous behavior either as fast as or faster (an hour or more), that the alarm based BEMS. In addition, the Fuzzy-ADLD method identified cases that were missed by the alarm based system, demonstrating potential for increased state-awareness of abnormal building behavior.

  14. Anomaly Detection in Transactional Sequential Data

    Directory of Open Access Journals (Sweden)

    Huibing Zhang

    2012-01-01

    Full Text Available A transactional system often has a steady distribution based on their decisions or responses on various transactions. If the system is changed, the distribution also often changes. It is a valuable work to detect anomaly caused by system changes based on different distributions. In this study, we modeled those decision or response signals into a series of time-related distributions and then proposed a method combining distance metrics and anomaly detection to discover whether changes have happened in some systems. Distance metrics on different distributions can decide whether changes have happened and anomaly detection can find what happened further. Extensive experiments show that our method has a good performance and can locate the anomaly accurately.

  15. Accuracy of Ultrasound in Detection of Gross Prenatal Central Nervous System Anomalies after the Eighteenth Week of Gestation

    Directory of Open Access Journals (Sweden)

    M. Tahmasebi

    2007-10-01

    Full Text Available Background/Objective: Ultrasound (US detection of prenatal central nervous system (CNS anatomic anomalies is very important in making decision about therapeutic termination. In the present study, the accuracy of US in detection of gross prenatal CNS anatomic anomalies has been investigated."nPatients and Methods: 3012 pregnant women were scanned after 18 weeks of gestation by an expert operator in a referring center. All delivered fetuses were followed after birth through clinical examination and sonography."nResults: In this study, the accuracy of US in detection of gross CNS anatomic anomalies of fetuses after 18 weeks gestation was found to be 100%. The sensitivity, specificity, positive and negative predictive values of US were 100%. In sonographic examination of these 3012 pregnant women, 36 fetuses were detected with CNS anomalies, some of whom had more than one anomaly. Gross CNS anomalies observed included microcephaly, hydrocephaly, anencephaly, holoprosencephaly, ventriculomegaly, meningocele, encephalocele, lissencephaly, agenesis of corpus callosum, bilateral choroid plexus cysts and hypoplastic cerebellum."nConclusion: US is highly operator dependent and operator experience may be the most determinant affecting the results. Sonographic scanning after 18 weeks of gestation is associated with the best results.

  16. Data Mining for Anomaly Detection

    Science.gov (United States)

    Biswas, Gautam; Mack, Daniel; Mylaraswamy, Dinkar; Bharadwaj, Raj

    2013-01-01

    The Vehicle Integrated Prognostics Reasoner (VIPR) program describes methods for enhanced diagnostics as well as a prognostic extension to current state of art Aircraft Diagnostic and Maintenance System (ADMS). VIPR introduced a new anomaly detection function for discovering previously undetected and undocumented situations, where there are clear deviations from nominal behavior. Once a baseline (nominal model of operations) is established, the detection and analysis is split between on-aircraft outlier generation and off-aircraft expert analysis to characterize and classify events that may not have been anticipated by individual system providers. Offline expert analysis is supported by data curation and data mining algorithms that can be applied in the contexts of supervised learning methods and unsupervised learning. In this report, we discuss efficient methods to implement the Kolmogorov complexity measure using compression algorithms, and run a systematic empirical analysis to determine the best compression measure. Our experiments established that the combination of the DZIP compression algorithm and CiDM distance measure provides the best results for capturing relevant properties of time series data encountered in aircraft operations. This combination was used as the basis for developing an unsupervised learning algorithm to define "nominal" flight segments using historical flight segments.

  17. Anomaly-based Network Intrusion Detection Methods

    Directory of Open Access Journals (Sweden)

    Pavel Nevlud

    2013-01-01

    Full Text Available The article deals with detection of network anomalies. Network anomalies include everything that is quite different from the normal operation. For detection of anomalies were used machine learning systems. Machine learning can be considered as a support or a limited type of artificial intelligence. A machine learning system usually starts with some knowledge and a corresponding knowledge organization so that it can interpret, analyse, and test the knowledge acquired. There are several machine learning techniques available. We tested Decision tree learning and Bayesian networks. The open source data-mining framework WEKA was the tool we used for testing the classify, cluster, association algorithms and for visualization of our results. The WEKA is a collection of machine learning algorithms for data mining tasks.

  18. Network Anomaly Detection Based on Wavelet Analysis

    Directory of Open Access Journals (Sweden)

    Ali A. Ghorbani

    2008-11-01

    Full Text Available Signal processing techniques have been applied recently for analyzing and detecting network anomalies due to their potential to find novel or unknown intrusions. In this paper, we propose a new network signal modelling technique for detecting network anomalies, combining the wavelet approximation and system identification theory. In order to characterize network traffic behaviors, we present fifteen features and use them as the input signals in our system. We then evaluate our approach with the 1999 DARPA intrusion detection dataset and conduct a comprehensive analysis of the intrusions in the dataset. Evaluation results show that the approach achieves high-detection rates in terms of both attack instances and attack types. Furthermore, we conduct a full day's evaluation in a real large-scale WiFi ISP network where five attack types are successfully detected from over 30 millions flows.

  19. Network Anomaly Detection Based on Wavelet Analysis

    Science.gov (United States)

    Lu, Wei; Ghorbani, Ali A.

    2008-12-01

    Signal processing techniques have been applied recently for analyzing and detecting network anomalies due to their potential to find novel or unknown intrusions. In this paper, we propose a new network signal modelling technique for detecting network anomalies, combining the wavelet approximation and system identification theory. In order to characterize network traffic behaviors, we present fifteen features and use them as the input signals in our system. We then evaluate our approach with the 1999 DARPA intrusion detection dataset and conduct a comprehensive analysis of the intrusions in the dataset. Evaluation results show that the approach achieves high-detection rates in terms of both attack instances and attack types. Furthermore, we conduct a full day's evaluation in a real large-scale WiFi ISP network where five attack types are successfully detected from over 30 millions flows.

  20. Anomaly detection in online social networks

    CERN Document Server

    Savage, David; Yu, Xinghuo; Chou, Pauline; Wang, Qingmai

    2016-01-01

    Anomalies in online social networks can signify irregular, and often illegal behaviour. Anomalies in online social networks can signify irregular, and often illegal behaviour. Detection of such anomalies has been used to identify malicious individuals, including spammers, sexual predators, and online fraudsters. In this paper we survey existing computational techniques for detecting anomalies in online social networks. We characterise anomalies as being either static or dynamic, and as being labelled or unlabelled, and survey methods for detecting these different types of anomalies. We suggest that the detection of anomalies in online social networks is composed of two sub-processes; the selection and calculation of network features, and the classification of observations from this feature space. In addition, this paper provides an overview of the types of problems that anomaly detection can address and identifies key areas of future research.

  1. Detection of a thin sheet magnetic anomaly by squid-gradiometer systems: possibility of hydrofracture azimuth determination

    Energy Technology Data Exchange (ETDEWEB)

    Overton, W.C. Jr.

    1978-12-01

    A study of the signal physics of magnetic anomaly detection was carried out by superconducting gradiometer and magnetometer loop systems with SQUID sensors for possible application to the LASL geothermal energy program. In particular, the crack produced by hydrofracture of a deep HDR geothermal borehole would be filled with a magnetic material such as ferrofluid. When polarized by the earth's field, this material would produce a localized crack magnetic anomaly which is characteristic of the azimuth of the vertical crack with respect to magnetic north. Signatures of the anomaly would be determined by taking rotation data before and after filling the crack with magnetic material. A mathematical description was found for these signatures. To test the theory and the feasibility of the idea, the deep borehole vertical cracks were simulated by using panels to define sheets 1.5 mm thick, 1.2 m wide, and 2.5 m high. When filled with ferrofluid of suitable magnetic permeability, the local anomaly develops. Signatures were measured with a horizontal axial gradiometer rotated about a vertical axis. Good agreement was found between theory and experiment for aximuths in the east and west quadrants but only fair agreement in the north and south quadrants.

  2. Network anomaly detection a machine learning perspective

    CERN Document Server

    Bhattacharyya, Dhruba Kumar

    2013-01-01

    With the rapid rise in the ubiquity and sophistication of Internet technology and the accompanying growth in the number of network attacks, network intrusion detection has become increasingly important. Anomaly-based network intrusion detection refers to finding exceptional or nonconforming patterns in network traffic data compared to normal behavior. Finding these anomalies has extensive applications in areas such as cyber security, credit card and insurance fraud detection, and military surveillance for enemy activities. Network Anomaly Detection: A Machine Learning Perspective presents mach

  3. Anomaly Detection in Streaming Sensor Data

    CERN Document Server

    Pawling, Alec; Candia, Julián; Schoenharl, Tim; Madey, Greg

    2008-01-01

    In this chapter we consider a cell phone network as a set of automatically deployed sensors that records movement and interaction patterns of the population. We discuss methods for detecting anomalies in the streaming data produced by the cell phone network. We motivate this discussion by describing the Wireless Phone Based Emergency Response (WIPER) system, a proof-of-concept decision support system for emergency response managers. We also discuss some of the scientific work enabled by this type of sensor data and the related privacy issues. We describe scientific studies that use the cell phone data set and steps we have taken to ensure the security of the data. We describe the overall decision support system and discuss three methods of anomaly detection that we have applied to the data.

  4. Anomaly Detection in Dynamic Networks

    Energy Technology Data Exchange (ETDEWEB)

    Turcotte, Melissa [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2014-10-14

    Anomaly detection in dynamic communication networks has many important security applications. These networks can be extremely large and so detecting any changes in their structure can be computationally challenging; hence, computationally fast, parallelisable methods for monitoring the network are paramount. For this reason the methods presented here use independent node and edge based models to detect locally anomalous substructures within communication networks. As a first stage, the aim is to detect changes in the data streams arising from node or edge communications. Throughout the thesis simple, conjugate Bayesian models for counting processes are used to model these data streams. A second stage of analysis can then be performed on a much reduced subset of the network comprising nodes and edges which have been identified as potentially anomalous in the first stage. The first method assumes communications in a network arise from an inhomogeneous Poisson process with piecewise constant intensity. Anomaly detection is then treated as a changepoint problem on the intensities. The changepoint model is extended to incorporate seasonal behavior inherent in communication networks. This seasonal behavior is also viewed as a changepoint problem acting on a piecewise constant Poisson process. In a static time frame, inference is made on this extended model via a Gibbs sampling strategy. In a sequential time frame, where the data arrive as a stream, a novel, fast Sequential Monte Carlo (SMC) algorithm is introduced to sample from the sequence of posterior distributions of the change points over time. A second method is considered for monitoring communications in a large scale computer network. The usage patterns in these types of networks are very bursty in nature and don’t fit a Poisson process model. For tractable inference, discrete time models are considered, where the data are aggregated into discrete time periods and probability models are fitted to the

  5. A Survey on Social Media Anomaly Detection

    OpenAIRE

    Yu, Rose; Qiu, Huida; Wen, Zhen; Lin, Ching-Yung; Liu, Yan

    2016-01-01

    Social media anomaly detection is of critical importance to prevent malicious activities such as bullying, terrorist attack planning, and fraud information dissemination. With the recent popularity of social media, new types of anomalous behaviors arise, causing concerns from various parties. While a large amount of work have been dedicated to traditional anomaly detection problems, we observe a surge of research interests in the new realm of social media anomaly detection. In this paper, we ...

  6. Conscious and unconscious detection of semantic anomalies.

    Science.gov (United States)

    Hannon, Brenda

    2015-01-01

    When asked What superhero is associated with bats, Robin, the Penguin, Metropolis, Catwoman, the Riddler, the Joker, and Mr. Freeze? people frequently fail to notice the anomalous word Metropolis. The goals of this study were to determine whether detection of semantic anomalies, like Metropolis, is conscious or unconscious and whether this detection is immediate or delayed. To achieve these goals, participants answered anomalous and nonanomalous questions as their reading times for words were recorded. Comparisons between detected versus undetected anomalies revealed slower reading times for detected anomalies-a finding that suggests that people immediately and consciously detected anomalies. Further, comparisons between first and second words following undetected anomalies versus nonanomalous controls revealed some slower reading times for first and second words-a finding that suggests that people may have unconsciously detected anomalies but this detection was delayed. Taken together, these findings support the idea that when we are immediately aware of a semantic anomaly (i.e., immediate conscious detection) our language processes make immediate adjustments in order to reconcile contradictory information of anomalies with surrounding text; however, even when we are not consciously aware of semantic anomalies, our language processes still make these adjustments, although these adjustments are delayed (i.e., delayed unconscious detection). PMID:25624136

  7. Urinary System anomalies at birth

    OpenAIRE

    Sharada B. Menasinkai; Mahantappa A. Chiniwar; Saraswathi, G

    2015-01-01

    Background: Congenital anomalies of urinary system are common and are found in 3-4% of population, and lethal urinary anomalies account for 10% of termination of pregnancy. Methods: A study was done to know the incidence of congenital anomalies at birth for the period of 4 months from May 99 - Sept 99 at Cheluvamba hospital attached to Mysore medical college. Congenital anomalies in the still births, live births and aborted fetuses >20 weeks were studied along with the case history and ul...

  8. Dendritic Cells for Anomaly Detection

    CERN Document Server

    Greensmith, Julie; Aickelin, Uwe

    2010-01-01

    Artificial immune systems, more specifically the negative selection algorithm, have previously been applied to intrusion detection. The aim of this research is to develop an intrusion detection system based on a novel concept in immunology, the Danger Theory. Dendritic Cells (DCs) are antigen presenting cells and key to the activation of the human signals from the host tissue and correlate these signals with proteins know as antigens. In algorithmic terms, individual DCs perform multi-sensor data fusion based on time-windows. The whole population of DCs asynchronously correlates the fused signals with a secondary data stream. The behaviour of human DCs is abstracted to form the DC Algorithm (DCA), which is implemented using an immune inspired framework, libtissue. This system is used to detect context switching for a basic machine learning dataset and to detect outgoing portscans in real-time. Experimental results show a significant difference between an outgoing portscan and normal traffic.

  9. A survey on anomaly and signature based intrusion detection system (IDS

    Directory of Open Access Journals (Sweden)

    Mrs.Anshu Gangwar

    2014-04-01

    Full Text Available Security is considered as one of the most critical parameter for the acceptance of any networking technology. Information in transit must be protected from unauthorized release and modification, and the connection itself must be established and maintained securely malicious users have taken advantage of this to achieve financial gain or accomplish some corporate or personal agenda. Denial of Service (DoS and distributed DoS (DDoS attacks are evolving continuously. These attacks make network resources unavailable for legitimate users which results in massive loss of data, resources and money. Combination of Intrusion detection System and Firewall is used by Business Organizations to detect and p revent Organizations‟ network from these attacks. Signatures to detect them are not available. This paper presents a light-Weight mechanism to detect novel DoS/DDoS (Resource Consumption attacks and automatic signature generation process to represent them in real time. Experimental results are provided to support the proposed mechanism.

  10. Efficient Accurate Context-Sensitive Anomaly Detection

    Institute of Scientific and Technical Information of China (English)

    2007-01-01

    For program behavior-based anomaly detection, the only way to ensure accurate monitoring is to construct an efficient and precise program behavior model. A new program behavior-based anomaly detection model,called combined pushdown automaton (CPDA) model was proposed, which is based on static binary executable analysis. The CPDA model incorporates the optimized call stack walk and code instrumentation technique to gain complete context information. Thereby the proposed method can detect more attacks, while retaining good performance.

  11. An Entropy-Based Network Anomaly Detection Method

    Directory of Open Access Journals (Sweden)

    Przemysław Bereziński

    2015-04-01

    Full Text Available Data mining is an interdisciplinary subfield of computer science involving methods at the intersection of artificial intelligence, machine learning and statistics. One of the data mining tasks is anomaly detection which is the analysis of large quantities of data to identify items, events or observations which do not conform to an expected pattern. Anomaly detection is applicable in a variety of domains, e.g., fraud detection, fault detection, system health monitoring but this article focuses on application of anomaly detection in the field of network intrusion detection.The main goal of the article is to prove that an entropy-based approach is suitable to detect modern botnet-like malware based on anomalous patterns in network. This aim is achieved by realization of the following points: (i preparation of a concept of original entropy-based network anomaly detection method, (ii implementation of the method, (iii preparation of original dataset, (iv evaluation of the method.

  12. Improved prenatal detection of chromosomal anomalies

    DEFF Research Database (Denmark)

    Frøslev-Friis, Christina; Hjort-Pedersen, Karina; Henriques, Carsten U;

    2011-01-01

    Prenatal screening for karyotype anomalies takes place in most European countries. In Denmark, the screening method was changed in 2005. The aim of this study was to study the trends in prevalence and prenatal detection rates of chromosome anomalies and Down syndrome (DS) over a 22-year period....

  13. Residual generator for cardiovascular anomalies detection

    KAUST Repository

    Belkhatir, Zehor

    2014-06-01

    This paper discusses the possibility of using observer-based approaches for cardiovascular anomalies detection and isolation. We consider a lumped parameter model of the cardiovascular system that can be written in a form of nonlinear state-space representation. We show that residuals that are sensitive to variations in some cardiovascular parameters and to abnormal opening and closure of the valves, can be generated. Since the whole state is not easily available for measurement, we propose to associate the residual generator to a robust extended kalman filter. Numerical results performed on synthetic data are provided.

  14. Comparison of Unsupervised Anomaly Detection Methods

    Data.gov (United States)

    National Aeronautics and Space Administration — Several different unsupervised anomaly detection algorithms have been applied to Space Shuttle Main Engine (SSME) data to serve the purpose of developing a...

  15. Anomaly Detection from ASRS Databases of Textual Reports

    Data.gov (United States)

    National Aeronautics and Space Administration — Our primary goal is to automatically analyze textual reports from the Aviation Safety Reporting System (ASRS) database to detect/discover the anomaly categories...

  16. Online Anomaly Energy Consumption Detection Using Lambda Architecture

    DEFF Research Database (Denmark)

    Liu, Xiufeng; Iftikhar, Nadeem; Nielsen, Per Sieverts;

    2016-01-01

    With the widely use of smart meters in the energy sector, anomaly detection becomes a crucial mean to study the unusual consumption behaviors of customers, and to discover unexpected events of using energy promptly. Detecting consumption anomalies is, essentially, a real-time big data analytics...... problem, which does data mining on a large amount of parallel data streams from smart meters. In this paper, we propose a supervised learning and statistical-based anomaly detection method, and implement a Lambda system using the in-memory distributed computing framework, Spark and its extension Spark...

  17. Anomaly Detection Using Metaheuristic Firefly Harmonic Clustering

    OpenAIRE

    Mario H. A. C. Adaniya; Taufik Abr˜ao; Mario Lemes Proenc¸a Jr.

    2013-01-01

    The performance of communication networks can be affected by a number of factors including misconfiguration, equipments outages, attacks originated from legitimate behavior or not, software errors, among many other causes. These factors may cause an unexpected change in the traffic behavior and create what we call anomalies that may represent a loss of performance or breach of network security. Knowing the behavior pattern of the network is essential to detect and characterize an anomaly. The...

  18. Condition Parameter Modeling for Anomaly Detection in Wind Turbines

    OpenAIRE

    Yonglong Yan; Jian Li,; David Wenzhong Gao

    2014-01-01

    Data collected from the supervisory control and data acquisition (SCADA) system, used widely in wind farms to obtain operational and condition information about wind turbines (WTs), is of important significance for anomaly detection in wind turbines. The paper presents a novel model for wind turbine anomaly detection mainly based on SCADA data and a back-propagation neural network (BPNN) for automatic selection of the condition parameters. The SCADA data sets are determined through analysis o...

  19. Anomaly Detection and its Adaptation: Studies on Cyber-Physical Systems

    OpenAIRE

    Raciti, Massimiliano

    2013-01-01

    Cyber-Physical Systems (CPS) are complex systems where physical operations are supported and coordinated by Information and Communication Technology (ICT). From the point of view of security, ICT technology offers new opportunities to increase vigilance and real-time responsiveness to physical security faults. On the other hand, the cyber domain carries all the security vulnerabilities typical to information systems, making security a new big challenge in critical systems. This thesis address...

  20. Anomaly Detection for Resilient Control Systems Using Fuzzy-Neural Data Fusion Engine

    Energy Technology Data Exchange (ETDEWEB)

    Ondrej Linda; Milos Manic; Timothy R. McJunkin

    2011-08-01

    Resilient control systems in critical infrastructures require increased cyber-security and state-awareness. One of the necessary conditions for achieving the desired high level of resiliency is timely reporting and understanding of the status and behavioral trends of the control system. This paper describes the design and development of a neural-network based data-fusion system for increased state-awareness of resilient control systems. The proposed system consists of a dedicated data-fusion engine for each component of the control system. Each data-fusion engine implements three-layered alarm system consisting of: (1) conventional threshold-based alarms, (2) anomalous behavior detector using self-organizing maps, and (3) prediction error based alarms using neural network based signal forecasting. The proposed system was integrated with a model of the Idaho National Laboratory Hytest facility, which is a testing facility for hybrid energy systems. Experimental results demonstrate that the implemented data fusion system provides timely plant performance monitoring and cyber-state reporting.

  1. Condition Parameter Modeling for Anomaly Detection in Wind Turbines

    Directory of Open Access Journals (Sweden)

    Yonglong Yan

    2014-05-01

    Full Text Available Data collected from the supervisory control and data acquisition (SCADA system, used widely in wind farms to obtain operational and condition information about wind turbines (WTs, is of important significance for anomaly detection in wind turbines. The paper presents a novel model for wind turbine anomaly detection mainly based on SCADA data and a back-propagation neural network (BPNN for automatic selection of the condition parameters. The SCADA data sets are determined through analysis of the cumulative probability distribution of wind speed and the relationship between output power and wind speed. The automatic BPNN-based parameter selection is for reduction of redundant parameters for anomaly detection in wind turbines. Through investigation of cases of WT faults, the validity of the automatic parameter selection-based model for WT anomaly detection is verified.

  2. Artificial immune system via Euclidean Distance Minimization for anomaly detection in bearings

    Science.gov (United States)

    Montechiesi, L.; Cocconcelli, M.; Rubini, R.

    2016-08-01

    In recent years new diagnostics methodologies have emerged, with particular interest into machinery operating in non-stationary conditions. In fact continuous speed changes and variable loads make non-trivial the spectrum analysis. A variable speed means a variable characteristic fault frequency related to the damage that is no more recognizable in the spectrum. To overcome this problem the scientific community proposed different approaches listed in two main categories: model-based approaches and expert systems. In this context the paper aims to present a simple expert system derived from the mechanisms of the immune system called Euclidean Distance Minimization, and its application in a real case of bearing faults recognition. The proposed method is a simplification of the original process, adapted by the class of Artificial Immune Systems, which proved to be useful and promising in different application fields. Comparative results are provided, with a complete explanation of the algorithm and its functioning aspects.

  3. Online Sensing Techniques for Detection of Aircraft Electrical System Anomalies Project

    Data.gov (United States)

    National Aeronautics and Space Administration — As 'fly-by-wire' technologies become more prevalent in the aerospace systems, the need to develop innovative monitoring, diagnostic and fault tolerant techniques...

  4. Bio-Inspired Autonomous Communications Systems with Anomaly Detection Monitoring Project

    Data.gov (United States)

    National Aeronautics and Space Administration — We propose to develop and demonstrate BioComm, a bio-inspired autonomous communications system (ACS) aimed at dynamically reconfiguring and redeploying autonomous...

  5. Anomaly detection system: towards a framework for enterprise log management of security services

    OpenAIRE

    Ozulku, Omer; Fadhel, Nawfal; Argles, David; Wills, Gary

    2014-01-01

    In recent years, enterprise log management systems have been widely used by organizations. Several companies such as (IBM, MacAfee and Splunk etc.) have brought their own log management solutions to the market. However, the problem is that these systems often require proprietary hardware and do not involve web usage mining to analyze the log data. The purpose of this paper is to investigate an approach towards a framework for managing security logs in enterprise organizations called of the an...

  6. System for closure of a physical anomaly

    Energy Technology Data Exchange (ETDEWEB)

    Bearinger, Jane P; Maitland, Duncan J; Schumann, Daniel L; Wilson, Thomas S

    2014-11-11

    Systems for closure of a physical anomaly. Closure is accomplished by a closure body with an exterior surface. The exterior surface contacts the opening of the anomaly and closes the anomaly. The closure body has a primary shape for closing the anomaly and a secondary shape for being positioned in the physical anomaly. The closure body preferably comprises a shape memory polymer.

  7. Predictability in space launch vehicle anomaly detection using intelligent neuro-fuzzy systems

    Science.gov (United States)

    Gulati, Sandeep; Toomarian, Nikzad; Barhen, Jacob; Maccalla, Ayanna; Tawel, Raoul; Thakoor, Anil; Daud, Taher

    1994-01-01

    Included in this viewgraph presentation on intelligent neuroprocessors for launch vehicle health management systems (HMS) are the following: where the flight failures have been in launch vehicles; cumulative delay time; breakdown of operations hours; failure of Mars Probe; vehicle health management (VHM) cost optimizing curve; target HMS-STS auxiliary power unit location; APU monitoring and diagnosis; and integration of neural networks and fuzzy logic.

  8. Anomalies in evaporative light scattering detection.

    Science.gov (United States)

    Shock, D; Dennis, G R; Guiochon, G; Dasgupta, P K; Shalliker, R A

    2011-10-10

    A two-dimensional (2-D) "heart-cutting" HPLC system was used to fractionate oligostyrenes into the respective diastereoisomers. For samples of known composition, the response of an ultraviolet (UV) absorbance detector followed the anticipated pattern. The response of an evaporative light-scattering (ELSD) detector on the other hand indicated quite different concentrations for the two diastereoisomers, relative to what was anticipated and what was indicated by the UV detector. Whereas approximately the same concentration was indicated by UV, ELSD in some cases indicated no detection of the later eluting isomer. The magnitude of the errors depended on both the molecular weight and the tacticity of the diastereomers. These anomalies appear to be an artifact of power transform functions imbedded within the firmware processor of the ELSD, invisible to the user. PMID:21889641

  9. Development of a Computer Architecture to Support the Optical Plume Anomaly Detection (OPAD) System

    Science.gov (United States)

    Katsinis, Constantine

    1996-01-01

    The NASA OPAD spectrometer system relies heavily on extensive software which repetitively extracts spectral information from the engine plume and reports the amounts of metals which are present in the plume. The development of this software is at a sufficiently advanced stage where it can be used in actual engine tests to provide valuable data on engine operation and health. This activity will continue and, in addition, the OPAD system is planned to be used in flight aboard space vehicles. The two implementations, test-stand and in-flight, may have some differing requirements. For example, the data stored during a test-stand experiment are much more extensive than in the in-flight case. In both cases though, the majority of the requirements are similar. New data from the spectrograph is generated at a rate of once every 0.5 sec or faster. All processing must be completed within this period of time to maintain real-time performance. Every 0.5 sec, the OPAD system must report the amounts of specific metals within the engine plume, given the spectral data. At present, the software in the OPAD system performs this function by solving the inverse problem. It uses powerful physics-based computational models (the SPECTRA code), which receive amounts of metals as inputs to produce the spectral data that would have been observed, had the same metal amounts been present in the engine plume. During the experiment, for every spectrum that is observed, an initial approximation is performed using neural networks to establish an initial metal composition which approximates as accurately as possible the real one. Then, using optimization techniques, the SPECTRA code is repetitively used to produce a fit to the data, by adjusting the metal input amounts until the produced spectrum matches the observed one to within a given level of tolerance. This iterative solution to the original problem of determining the metal composition in the plume requires a relatively long period of time

  10. Anomaly Detection using Support Vector Machine

    Directory of Open Access Journals (Sweden)

    Dharminder Kumar, Suman , Nutan

    2013-07-01

    Full Text Available Support vector machine are among the most well known supervised anomaly detection technique, which are very efficient in handling large and high dimensional dataset. SVM, a powerful machine method developed from statistical learning and has made significant achievement in some field. This Technique does not suffer the limitations of data dimensionality and limited samples. In this present study, We can apply it to different domains of anomaly detection. Support vectors, which are critical for classification, are obtained by learning from the training samples. Results of SVM achieved high Accuracy and low false positive rate. Theoretically we compared our approach with neural network and clustering technique

  11. Hyperspectral Anomaly Detection in Urban Scenarios

    Science.gov (United States)

    Rejas Ayuga, J. G.; Martínez Marín, R.; Marchamalo Sacristán, M.; Bonatti, J.; Ojeda, J. C.

    2016-06-01

    We have studied the spectral features of reflectance and emissivity in the pattern recognition of urban materials in several single hyperspectral scenes through a comparative analysis of anomaly detection methods and their relationship with city surfaces with the aim to improve information extraction processes. Spectral ranges of the visible-near infrared (VNIR), shortwave infrared (SWIR) and thermal infrared (TIR) from hyperspectral data cubes of AHS sensor and HyMAP and MASTER of two cities, Alcalá de Henares (Spain) and San José (Costa Rica) respectively, have been used. In this research it is assumed no prior knowledge of the targets, thus, the pixels are automatically separated according to their spectral information, significantly differentiated with respect to a background, either globally for the full scene, or locally by image segmentation. Several experiments on urban scenarios and semi-urban have been designed, analyzing the behaviour of the standard RX anomaly detector and different methods based on subspace, image projection and segmentation-based anomaly detection methods. A new technique for anomaly detection in hyperspectral data called DATB (Detector of Anomalies from Thermal Background) based on dimensionality reduction by projecting targets with unknown spectral signatures to a background calculated from thermal spectrum wavelengths is presented. First results and their consequences in non-supervised classification and extraction information processes are discussed.

  12. Anomaly Detection with Text Mining

    Data.gov (United States)

    National Aeronautics and Space Administration — Many existing complex space systems have a significant amount of historical maintenance and problem data bases that are stored in unstructured text forms. The...

  13. Detection Range of Airborne Magnetometers in Magnetic Anomaly Detection

    Directory of Open Access Journals (Sweden)

    Chengjing Li

    2015-11-01

    Full Text Available Airborne magnetometers are utilized for the small-range search, precise positioning, and identification of the ferromagnetic properties of underwater targets. As an important performance parameter of sensors, the detection range of airborne magnetometers is commonly set as a fixed value in references regardless of the influences of environment noise, target magnetic properties, and platform features in a classical model to detect airborne magnetic anomalies. As a consequence, deviation in detection ability analysis is observed. In this study, a novel detection range model is proposed on the basis of classic detection range models of airborne magnetometers. In this model, probability distribution is applied, and the magnetic properties of targets and the environment noise properties of a moving submarine are considered. The detection range model is also constructed by considering the distribution of the moving submarine during detection. A cell-averaging greatest-of-constant false alarm rate test method is also used to calculate the detection range of the model at a desired false alarm rate. The detection range model is then used to establish typical submarine search probabilistic models. Results show that the model can be used to evaluate not only the effects of ambient magnetic noise but also the moving and geomagnetic features of the target and airborne detection platform. The model can also be utilized to display the actual operating range of sensor systems.

  14. Amalgamation of Anomaly-Detection Indices for Enhanced Process Monitoring

    KAUST Repository

    Harrou, Fouzi

    2016-01-29

    Accurate and effective anomaly detection and diagnosis of modern industrial systems are crucial for ensuring reliability and safety and for maintaining desired product quality. Anomaly detection based on principal component analysis (PCA) has been studied intensively and largely applied to multivariate processes with highly cross-correlated process variables; howver conventional PCA-based methods often fail to detect small or moderate anomalies. In this paper, the proposed approach integrates two popular process-monitoring detection tools, the conventional PCA-based monitoring indices Hotelling’s T2 and Q and the exponentially weighted moving average (EWMA). We develop two EWMA tools based on the Q and T2 statistics, T2-EWMA and Q-EWMA, to detect anomalies in the process mean. The performances of the proposed methods were compared with that of conventional PCA-based anomaly-detection methods by applying each method to two examples: a synthetic data set and experimental data collected from a flow heating system. The results clearly show the benefits and effectiveness of the proposed methods over conventional PCA-based methods.

  15. Multiple-Instance Learning for Anomaly Detection in Digital Mammography.

    Science.gov (United States)

    Quellec, Gwenole; Lamard, Mathieu; Cozic, Michel; Coatrieux, Gouenou; Cazuguel, Guy

    2016-07-01

    This paper describes a computer-aided detection and diagnosis system for breast cancer, the most common form of cancer among women, using mammography. The system relies on the Multiple-Instance Learning (MIL) paradigm, which has proven useful for medical decision support in previous works from our team. In the proposed framework, breasts are first partitioned adaptively into regions. Then, features derived from the detection of lesions (masses and microcalcifications) as well as textural features, are extracted from each region and combined in order to classify mammography examinations as "normal" or "abnormal". Whenever an abnormal examination record is detected, the regions that induced that automated diagnosis can be highlighted. Two strategies are evaluated to define this anomaly detector. In a first scenario, manual segmentations of lesions are used to train an SVM that assigns an anomaly index to each region; local anomaly indices are then combined into a global anomaly index. In a second scenario, the local and global anomaly detectors are trained simultaneously, without manual segmentations, using various MIL algorithms (DD, APR, mi-SVM, MI-SVM and MILBoost). Experiments on the DDSM dataset show that the second approach, which is only weakly-supervised, surprisingly outperforms the first approach, even though it is strongly-supervised. This suggests that anomaly detectors can be advantageously trained on large medical image archives, without the need for manual segmentation. PMID:26829783

  16. Distributed Anomaly Detection using Minimum Volume Elliptical Principal Component Analysis

    OpenAIRE

    O'Reilly, CE; Gluhak, A.; Imran, A.

    2016-01-01

    Principal component analysis and the residual error is an effective anomaly detection technique. In an environment where anomalies are present in the training set, the derived principal components can be skewed by the anomalies. A further aspect of anomaly detection is that data might be distributed across different nodes in a network and their communication to a centralized processing unit is prohibited due to communication cost. Current solutions to distributed anomaly detection rely on a h...

  17. Anomaly Detection using the "Isolation Forest" algorithm

    CERN Document Server

    CERN. Geneva

    2015-01-01

    Anomaly detection can provide clues about an outlying minority class in your data: hackers in a set of network events, fraudsters in a set of credit card transactions, or exotic particles in a set of high-energy collisions. In this talk, we analyze a real dataset of breast tissue biopsies, with malignant results forming the minority class. The "Isolation Forest" algorithm finds anomalies by deliberately “overfitting” models that memorize each data point. Since outliers have more empty space around them, they take fewer steps to memorize. Intuitively, a house in the country can be identified simply as “that house out by the farm”, while a house in the city needs a longer description like “that house in Brooklyn, near Prospect Park, on Union Street, between the firehouse and the library, not far from the French restaurant”. We first use anomaly detection to find outliers in the biopsy data, then apply traditional predictive modeling to discover rules that separate anomalies from normal data...

  18. Anomaly Detection in Power Quality at Data Centers

    Science.gov (United States)

    Grichine, Art; Solano, Wanda M.

    2015-01-01

    The goal during my internship at the National Center for Critical Information Processing and Storage (NCCIPS) is to implement an anomaly detection method through the StruxureWare SCADA Power Monitoring system. The benefit of the anomaly detection mechanism is to provide the capability to detect and anticipate equipment degradation by monitoring power quality prior to equipment failure. First, a study is conducted that examines the existing techniques of power quality management. Based on these findings, and the capabilities of the existing SCADA resources, recommendations are presented for implementing effective anomaly detection. Since voltage, current, and total harmonic distortion demonstrate Gaussian distributions, effective set-points are computed using this model, while maintaining a low false positive count.

  19. Probabilistic Anomaly Detection Method for Authorship Verification

    OpenAIRE

    Boukhaled, Mohamed Amine; Ganascia, Jean-Gabriel

    2014-01-01

    Authorship verification is the task of determining if a given text is written by a candidate author or not. In this paper, we present a first study on using an anomaly detection method for the authorship verification task. We have considered a weakly supervised probabilistic model based on a multivari-ate Gaussian distribution. To evaluate the effectiveness of the proposed method, we conducted experiments on a classic French corpus. Our preliminary results show that the probabilistic method c...

  20. Anomaly Detection Using Metaheuristic Firefly Harmonic Clustering

    Directory of Open Access Journals (Sweden)

    Mario H. A. C. Adaniya

    2013-01-01

    Full Text Available The performance of communication networks can be affected by a number of factors including misconfiguration, equipments outages, attacks originated from legitimate behavior or not, software errors, among many other causes. These factors may cause an unexpected change in the traffic behavior and create what we call anomalies that may represent a loss of performance or breach of network security. Knowing the behavior pattern of the network is essential to detect and characterize an anomaly. Therefore, this paper presents an algorithm based on the use of Digital Signature of Network Segment (DSNS, used to model the traffic behavior pattern. We propose a clustering algorithm, K-Harmonic means (KHM, combined with a new heuristic approach, named Firefly Algorithm (FA, for network volume anomaly detection. The KHM calculate the weighting function of each point to calculate new centroids and circumventing the initialization problem present in most center based clustering algorithm and exploits the search capability of FA from escaping local optima. Processing the DSNS data and real traffic data is possible to detect and classify intervals considered anomalous with a trade-off between the 80% true-positive rate and 20% false-positive rate.

  1. A hybrid approach for efficient anomaly detection using metaheuristic methods

    Directory of Open Access Journals (Sweden)

    Tamer F. Ghanem

    2015-07-01

    Full Text Available Network intrusion detection based on anomaly detection techniques has a significant role in protecting networks and systems against harmful activities. Different metaheuristic techniques have been used for anomaly detector generation. Yet, reported literature has not studied the use of the multi-start metaheuristic method for detector generation. This paper proposes a hybrid approach for anomaly detection in large scale datasets using detectors generated based on multi-start metaheuristic method and genetic algorithms. The proposed approach has taken some inspiration of negative selection-based detector generation. The evaluation of this approach is performed using NSL-KDD dataset which is a modified version of the widely used KDD CUP 99 dataset. The results show its effectiveness in generating a suitable number of detectors with an accuracy of 96.1% compared to other competitors of machine learning algorithms.

  2. Tiresias: Online Anomaly Detection for Hierarchical Operational Network Data

    OpenAIRE

    Hong, Chi-Yao; Caesar, Matthew; Duffield, Nick; Wang, Jia

    2012-01-01

    Operational network data, management data such as customer care call logs and equipment system logs, is a very important source of information for network operators to detect problems in their networks. Unfortunately, there is lack of efficient tools to automatically track and detect anomalous events on operational data, causing ISP operators to rely on manual inspection of this data. While anomaly detection has been widely studied in the context of network data, operational data presents sev...

  3. Anomaly Detection Based on Sensor Data in Petroleum Industry Applications

    Directory of Open Access Journals (Sweden)

    Luis Martí

    2015-01-01

    Full Text Available Anomaly detection is the problem of finding patterns in data that do not conform to an a priori expected behavior. This is related to the problem in which some samples are distant, in terms of a given metric, from the rest of the dataset, where these anomalous samples are indicated as outliers. Anomaly detection has recently attracted the attention of the research community, because of its relevance in real-world applications, like intrusion detection, fraud detection, fault detection and system health monitoring, among many others. Anomalies themselves can have a positive or negative nature, depending on their context and interpretation. However, in either case, it is important for decision makers to be able to detect them in order to take appropriate actions. The petroleum industry is one of the application contexts where these problems are present. The correct detection of such types of unusual information empowers the decision maker with the capacity to act on the system in order to correctly avoid, correct or react to the situations associated with them. In that application context, heavy extraction machines for pumping and generation operations, like turbomachines, are intensively monitored by hundreds of sensors each that send measurements with a high frequency for damage prevention. In this paper, we propose a combination of yet another segmentation algorithm (YASA, a novel fast and high quality segmentation algorithm, with a one-class support vector machine approach for efficient anomaly detection in turbomachines. The proposal is meant for dealing with the aforementioned task and to cope with the lack of labeled training data. As a result, we perform a series of empirical studies comparing our approach to other methods applied to benchmark problems and a real-life application related to oil platform turbomachinery anomaly detection.

  4. Dendritic Cells for Real-Time Anomaly Detection

    OpenAIRE

    Greensmith, Julie; Aickelin, Uwe

    2006-01-01

    Dendritic Cells (DCs) are innate immune system cells which have the power to activate or suppress the immune system. The behaviour of human DCs is abstracted to form an algorithm suitable for anomaly detection. We test this algorithm on the real-time problem of port scan detection. Our results show a significant difference in artificial DC behaviour for an outgoing portscan when compared to behaviour for normal processes.

  5. Dendritic Cells for Real-Time Anomaly Detection

    CERN Document Server

    Greensmith, Julie

    2010-01-01

    Dendritic Cells (DCs) are innate immune system cells which have the power to activate or suppress the immune system. The behaviour of human of human DCs is abstracted to form an algorithm suitable for anomaly detection. We test this algorithm on the real-time problem of port scan detection. Our results show a significant difference in artificial DC behaviour for an outgoing portscan when compared to behaviour for normal processes.

  6. Detection of data taking anomalies for the ATLAS experiment

    CERN Document Server

    De Castro Vargas Fernandes, Julio; The ATLAS collaboration; Lehmann Miotto, Giovanna

    2015-01-01

    The physics signals produced by the ATLAS detector at the Large Hadron Collider (LHC) at CERN are acquired and selected by a distributed Trigger and Data AcQuistition (TDAQ) system, comprising a large number of hardware devices and software components. In this work, we focus on the problem of online detection of anomalies along the data taking period. Anomalies, in this context, are defined as an unexpected behaviour of the TDAQ system that result in a loss of data taking efficiency: the causes for those anomalies may come from the TDAQ itself or from external sources. While the TDAQ system operates, it publishes several useful information (trigger rates, dead times, memory usage…). Such information over time creates a set of time series that can be monitored in order to detect (and react to) problems (or anomalies). Here, we approach TDAQ operation monitoring through a data quality perspective, i.e, an anomaly is seen as a loss of quality (an outlier) and it is reported: this information can be used to rea...

  7. Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm

    CERN Document Server

    Greensmith, Julie; Tedesco, Gianni

    2010-01-01

    Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system, providing the initial detection of pathogenic invaders. Research into this family of cells has revealed that they perform information fusion which directs immune responses. We have derived a Dendritic Cell Algorithm based on the functionality of these cells, by modelling the biological signals and differentiation pathways to build a control mechanism for an artificial immune system. We present algorithmic details in addition to experimental results, when the algorithm was applied to anomaly detection for the detection of port scans. The results show the Dendritic Cell Algorithm is sucessful at detecting port scans.

  8. Method for Real-Time Model Based Structural Anomaly Detection

    Science.gov (United States)

    Smith, Timothy A. (Inventor); Urnes, James M., Sr. (Inventor); Reichenbach, Eric Y. (Inventor)

    2015-01-01

    A system and methods for real-time model based vehicle structural anomaly detection are disclosed. A real-time measurement corresponding to a location on a vehicle structure during an operation of the vehicle is received, and the real-time measurement is compared to expected operation data for the location to provide a modeling error signal. A statistical significance of the modeling error signal to provide an error significance is calculated, and a persistence of the error significance is determined. A structural anomaly is indicated, if the persistence exceeds a persistence threshold value.

  9. Anomaly Detection for Next-Generation Space Launch Ground Operations

    Science.gov (United States)

    Spirkovska, Lilly; Iverson, David L.; Hall, David R.; Taylor, William M.; Patterson-Hine, Ann; Brown, Barbara; Ferrell, Bob A.; Waterman, Robert D.

    2010-01-01

    NASA is developing new capabilities that will enable future human exploration missions while reducing mission risk and cost. The Fault Detection, Isolation, and Recovery (FDIR) project aims to demonstrate the utility of integrated vehicle health management (IVHM) tools in the domain of ground support equipment (GSE) to be used for the next generation launch vehicles. In addition to demonstrating the utility of IVHM tools for GSE, FDIR aims to mature promising tools for use on future missions and document the level of effort - and hence cost - required to implement an application with each selected tool. One of the FDIR capabilities is anomaly detection, i.e., detecting off-nominal behavior. The tool we selected for this task uses a data-driven approach. Unlike rule-based and model-based systems that require manual extraction of system knowledge, data-driven systems take a radically different approach to reasoning. At the basic level, they start with data that represent nominal functioning of the system and automatically learn expected system behavior. The behavior is encoded in a knowledge base that represents "in-family" system operations. During real-time system monitoring or during post-flight analysis, incoming data is compared to that nominal system operating behavior knowledge base; a distance representing deviation from nominal is computed, providing a measure of how far "out of family" current behavior is. We describe the selected tool for FDIR anomaly detection - Inductive Monitoring System (IMS), how it fits into the FDIR architecture, the operations concept for the GSE anomaly monitoring, and some preliminary results of applying IMS to a Space Shuttle GSE anomaly.

  10. Firewall policy anomaly detection and resolution

    Directory of Open Access Journals (Sweden)

    Ms. R.V.Darade

    2014-06-01

    Full Text Available Security of all private networks in businesses and institutions is achieved by firewall. Firewall provides protection by the quality of policy configured. Lack of Systematic analysis mechanism and Tools, Complex firewall configuration makes designing and managing firewall policies difficult. With help of segmentation rule, anomaly management framework is designed for accurate detection and effective resolution of anomalies. Using this technique, packets of network can be divided into set of disjoint packet space segments. Every segment is associated with unique set of firewall rules which specify an overlap relation among all firewall rules whic h could be conflicting or redundant. Flexible conflict resolution method is provided which has many resolution stra tegies for risk assessment of protected networks and its policy definition. Firewall logs are maintained by using association rule mining on these logs to find frequent logs, which in turned filtered to find malicious packets. Apriori algorithm is used to find frequent element from above logs. In each round, it computes the support for all candidate-item-sets. Candidate-item-sets with frequency above the minimum support parameter are selected at the end of each round; these frequent item-sets of round are used in the next round to construct candidate -item-sets. The algorithm halts when item-sets with desired frequency not found .

  11. Mobile gamma-ray scanning system for detecting radiation anomalies associated with 226Ra-bearing materials

    International Nuclear Information System (INIS)

    A mobile gamma-ray scanning system has been developed by Oak Ridge National Laboratory for use in the Department of Energy's remedial action survey programs. The unit consists of a NaI(T1) detection system housed in a specially-equipped van. The system is operator controlled through an on-board mini-computer, with data output provided on the computer video screen, strip chart recorders, and an on-line printer. Data storage is provided by a floppy disk system. Multichannel analysis capabilities are included for qualitative radionuclide identification. A 226Ra-specific algorithm is employed to identify locations containing residual radium-bearing materials. This report presents the details of the system description, software development, and scanning methods utilized with the ORNL system. Laboratory calibration and field testing have established the system sensitivity, field of view, and other performance characteristics, the results of which are also presented. Documentation of the instrumentation and computer programs are included

  12. FLEAD: online frequency likelihood estimation anomaly detection for mobile sensing

    OpenAIRE

    LE, Viet-Duc; Scholten, Hans; Havinga, Paul

    2013-01-01

    With the rise of smartphone platforms, adaptive sensing becomes an predominant key to overcome intricate constraints such as smartphone's capabilities and dynamic data. One way to do this is estimating the event probability based on anomaly detection to invoke heavy processes, such as switching on more sensors or retrieving information. However, most conventional anomaly detection methods are power hungry and computation consuming. This paper proposes a new online anomaly detection algorithm ...

  13. Method for detecting software anomalies based on recurrence plot analysis

    Directory of Open Access Journals (Sweden)

    Michał Mosdorf

    2012-03-01

    Full Text Available Presented paper evaluates method for detecting software anomalies based on recurrence plot analysis of trace log generated by software execution. Described method for detecting software anomalies is based on windowed recurrence quantification analysis for selected measures (e.g. Recurrence rate - RR or Determinism - DET. Initial results show that proposed method is useful in detecting silent software anomalies that do not result in typical crashes (e.g. exceptions.

  14. Unsupervised Anomaly Detection for Liquid-Fueled Rocket Prop...

    Data.gov (United States)

    National Aeronautics and Space Administration — Title: Unsupervised Anomaly Detection for Liquid-Fueled Rocket Propulsion Health Monitoring. Abstract: This article describes the results of applying four...

  15. DISTRIBUTED ANOMALY DETECTION USING SATELLITE DATA FROM MULTIPLE MODALITIES

    Data.gov (United States)

    National Aeronautics and Space Administration — DISTRIBUTED ANOMALY DETECTION USING SATELLITE DATA FROM MULTIPLE MODALITIES KANISHKA BHADURI*, KAMALIKA DAS, AND PETR VOTAVA* Abstract. There has been a tremendous...

  16. MRI of central nervous system anomalies

    International Nuclear Information System (INIS)

    MRI was very useful in the evaluation of congenital anomalies of central nervous system as well as other nervous system disease with three-dimensional spatial resolution. We had experienced MRI of central nervous system anomalies, demonstrated characterisitic findings in each anomaly. MRI is useful to observe the coronal, horizontal and sagittal images of the brain and spinal cord in order to discuss the etiological mechanisms of spinal dysraphysm and its associated anomalies. In case of spina bifida cystica MRI was available to decide operative indication for radical operation and tetherd cord developed from postoperative scar or accompanied intraspinal lesions. (author)

  17. MRI of central nervous system anomalies

    Energy Technology Data Exchange (ETDEWEB)

    Izawa, M.; Oikawa, A.; Matoba, A.

    1987-05-01

    MRI was very useful in the evaluation of congenital anomalies of central nervous system as well as other nervous system disease with three-dimensional spatial resolution. We had experienced MRI of central nervous system anomalies, demonstrated characterisitic findings in each anomaly. MRI is useful to observe the coronal, horizontal and sagittal images of the brain and spinal cord in order to discuss the etiological mechanisms of spinal dysraphysm and its associated anomalies. In case of spina bifida cystica MRI was available to decide operative indication for radical operation and tetherd cord developed from postoperative scar or accompanied intraspinal lesions.

  18. Evaluating Real-time Anomaly Detection Algorithms - the Numenta Anomaly Benchmark

    OpenAIRE

    Lavin, Alexander; Ahmad, Subutai

    2015-01-01

    Much of the world's data is streaming, time-series data, where anomalies give significant information in critical situations; examples abound in domains such as finance, IT, security, medical, and energy. Yet detecting anomalies in streaming data is a difficult task, requiring detectors to process data in real-time, not batches, and learn while simultaneously making predictions. There are no benchmarks to adequately test and score the efficacy of real-time anomaly detectors. Here we propose t...

  19. Detection of Cardiovascular Anomalies: An Observer-Based Approach

    KAUST Repository

    Ledezma, Fernando

    2012-07-01

    In this thesis, a methodology for the detection of anomalies in the cardiovascular system is presented. The cardiovascular system is one of the most fascinating and complex physiological systems. Nowadays, cardiovascular diseases constitute one of the most important causes of mortality in the world. For instance, an estimate of 17.3 million people died in 2008 from cardiovascular diseases. Therefore, many studies have been devoted to modeling the cardiovascular system in order to better understand its behavior and find new reliable diagnosis techniques. The lumped parameter model of the cardiovascular system proposed in [1] is restructured using a hybrid systems approach in order to include a discrete input vector that represents the influence of the mitral and aortic valves in the different phases of the cardiac cycle. Parting from this model, a Taylor expansion around the nominal values of a vector of parameters is conducted. This expansion serves as the foundation for a component fault detection process to detect changes in the physiological parameters of the cardiovascular system which could be associated with cardiovascular anomalies such as atherosclerosis, aneurysm, high blood pressure, etc. An Extended Kalman Filter is used in order to achieve a joint estimation of the state vector and the changes in the considered parameters. Finally, a bank of filters is, as in [2], used in order to detect the appearance of heart valve diseases, particularly stenosis and regurgitation. The first numerical results obtained are presented.

  20. Spectral anomaly methods for aerial detection using KUT nuisance rejection

    International Nuclear Information System (INIS)

    This work discusses the application and optimization of a spectral anomaly method for the real-time detection of gamma radiation sources from an aerial helicopter platform. Aerial detection presents several key challenges over ground-based detection. For one, larger and more rapid background fluctuations are typical due to higher speeds, larger field of view, and geographically induced background changes. As well, the possible large altitude or stand-off distance variations cause significant steps in background count rate as well as spectral changes due to increased gamma-ray scatter with detection at higher altitudes. The work here details the adaptation and optimization of the PNNL-developed algorithm Nuisance-Rejecting Spectral Comparison Ratios for Anomaly Detection (NSCRAD), a spectral anomaly method previously developed for ground-based applications, for an aerial platform. The algorithm has been optimized for two multi-detector systems; a NaI(Tl)-detector-based system and a CsI detector array. The optimization here details the adaptation of the spectral windows for a particular set of target sources to aerial detection and the tailoring for the specific detectors. As well, the methodology and results for background rejection methods optimized for the aerial gamma-ray detection using Potassium, Uranium and Thorium (KUT) nuisance rejection are shown. Results indicate that use of a realistic KUT nuisance rejection may eliminate metric rises due to background magnitude and spectral steps encountered in aerial detection due to altitude changes and geographically induced steps such as at land–water interfaces

  1. Profile-based adaptive anomaly detection for network security.

    Energy Technology Data Exchange (ETDEWEB)

    Zhang, Pengchu C. (Sandia National Laboratories, Albuquerque, NM); Durgin, Nancy Ann

    2005-11-01

    As information systems become increasingly complex and pervasive, they become inextricably intertwined with the critical infrastructure of national, public, and private organizations. The problem of recognizing and evaluating threats against these complex, heterogeneous networks of cyber and physical components is a difficult one, yet a solution is vital to ensuring security. In this paper we investigate profile-based anomaly detection techniques that can be used to address this problem. We focus primarily on the area of network anomaly detection, but the approach could be extended to other problem domains. We investigate using several data analysis techniques to create profiles of network hosts and perform anomaly detection using those profiles. The ''profiles'' reduce multi-dimensional vectors representing ''normal behavior'' into fewer dimensions, thus allowing pattern and cluster discovery. New events are compared against the profiles, producing a quantitative measure of how ''anomalous'' the event is. Most network intrusion detection systems (IDSs) detect malicious behavior by searching for known patterns in the network traffic. This approach suffers from several weaknesses, including a lack of generalizability, an inability to detect stealthy or novel attacks, and lack of flexibility regarding alarm thresholds. Our research focuses on enhancing current IDS capabilities by addressing some of these shortcomings. We identify and evaluate promising techniques for data mining and machine-learning. The algorithms are ''trained'' by providing them with a series of data-points from ''normal'' network traffic. A successful algorithm can be trained automatically and efficiently, will have a low error rate (low false alarm and miss rates), and will be able to identify anomalies in ''pseudo real-time'' (i.e., while the intrusion is still in progress

  2. Anomaly Detection in Clutter using Spectrally Enhanced Ladar

    CERN Document Server

    Chhabra, Puneet S; Hopgood, James R

    2016-01-01

    Discrete return (DR) Laser Detection and Ranging (Ladar) systems provide a series of echoes that reflect from objects in a scene. These can be first, last or multi-echo returns. In contrast, Full-Waveform (FW)-Ladar systems measure the intensity of light reflected from objects continuously over a period of time. In a camouflaged scenario, e.g., objects hidden behind dense foliage, a FW-Ladar penetrates such foliage and returns a sequence of echoes including buried faint echoes. The aim of this paper is to learn local-patterns of co-occurring echoes characterised by their measured spectra. A deviation from such patterns defines an abnormal event in a forest/tree depth profile. As far as the authors know, neither DR or FW-Ladar, along with several spectral measurements, has not been applied to anomaly detection. This work presents an algorithm that allows detection of spectral and temporal anomalies in FW-Multi Spectral Ladar (FW-MSL) data samples. An anomaly is defined as a full waveform temporal and spectral ...

  3. Thermal and TEC anomalies detection using an intelligent hybrid system around the time of the Saravan, Iran, (Mw = 7.7) earthquake of 16 April 2013

    Science.gov (United States)

    Akhoondzadeh, M.

    2014-02-01

    A powerful earthquake of Mw = 7.7 struck the Saravan region (28.107° N, 62.053° E) in Iran on 16 April 2013. Up to now nomination of an automated anomaly detection method in a non linear time series of earthquake precursor has been an attractive and challenging task. Artificial Neural Network (ANN) and Particle Swarm Optimization (PSO) have revealed strong potentials in accurate time series prediction. This paper presents the first study of an integration of ANN and PSO method in the research of earthquake precursors to detect the unusual variations of the thermal and total electron content (TEC) seismo-ionospheric anomalies induced by the strong earthquake of Saravan. In this study, to overcome the stagnation in local minimum during the ANN training, PSO as an optimization method is used instead of traditional algorithms for training the ANN method. The proposed hybrid method detected a considerable number of anomalies 4 and 8 days preceding the earthquake. Since, in this case study, ionospheric TEC anomalies induced by seismic activity is confused with background fluctuations due to solar activity, a multi-resolution time series processing technique based on wavelet transform has been applied on TEC signal variations. In view of the fact that the accordance in the final results deduced from some robust methods is a convincing indication for the efficiency of the method, therefore the detected thermal and TEC anomalies using the ANN + PSO method were compared to the results with regard to the observed anomalies by implementing the mean, median, Wavelet, Kalman filter, Auto-Regressive Integrated Moving Average (ARIMA), Support Vector Machine (SVM) and Genetic Algorithm (GA) methods. The results indicate that the ANN + PSO method is quite promising and deserves serious attention as a new tool for thermal and TEC seismo anomalies detection.

  4. Multicriteria Similarity-Based Anomaly Detection Using Pareto Depth Analysis.

    Science.gov (United States)

    Hsiao, Ko-Jen; Xu, Kevin S; Calder, Jeff; Hero, Alfred O

    2016-06-01

    We consider the problem of identifying patterns in a data set that exhibits anomalous behavior, often referred to as anomaly detection. Similarity-based anomaly detection algorithms detect abnormally large amounts of similarity or dissimilarity, e.g., as measured by the nearest neighbor Euclidean distances between a test sample and the training samples. In many application domains, there may not exist a single dissimilarity measure that captures all possible anomalous patterns. In such cases, multiple dissimilarity measures can be defined, including nonmetric measures, and one can test for anomalies by scalarizing using a nonnegative linear combination of them. If the relative importance of the different dissimilarity measures are not known in advance, as in many anomaly detection applications, the anomaly detection algorithm may need to be executed multiple times with different choices of weights in the linear combination. In this paper, we propose a method for similarity-based anomaly detection using a novel multicriteria dissimilarity measure, the Pareto depth. The proposed Pareto depth analysis (PDA) anomaly detection algorithm uses the concept of Pareto optimality to detect anomalies under multiple criteria without having to run an algorithm multiple times with different choices of weights. The proposed PDA approach is provably better than using linear combinations of the criteria, and shows superior performance on experiments with synthetic and real data sets. PMID:26336154

  5. Generalization of GLRT-Based Magnetic Anomaly Detection

    OpenAIRE

    Pepe, Pascal; Zozor, Steeve; Rouve, Laure-Line; Coulomb, Jean-Louis; Servière, Christine; Muley, Jean

    2015-01-01

    International audience Magnetic anomaly detection (MAD) refers to a passive method used to reveal hidden magnetic masses and is most commonly based on a dipolar target model. This paper proposes a generalization of the MAD through a multipolar model that provides a more precise description of the anomaly and serves a twofold objective: to improve the detection performance , and to widen the variety of detectable targets. The dipole detection strategy – namely an orthonormal decomposition o...

  6. Hierarchical Kohonenen net for anomaly detection in network security.

    Science.gov (United States)

    Sarasamma, Suseela T; Zhu, Qiuming A; Huff, Julie

    2005-04-01

    A novel multilevel hierarchical Kohonen Net (K-Map) for an intrusion detection system is presented. Each level of the hierarchical map is modeled as a simple winner-take-all K-Map. One significant advantage of this multilevel hierarchical K-Map is its computational efficiency. Unlike other statistical anomaly detection methods such as nearest neighbor approach, K-means clustering or probabilistic analysis that employ distance computation in the feature space to identify the outliers, our approach does not involve costly point-to-point computation in organizing the data into clusters. Another advantage is the reduced network size. We use the classification capability of the K-Map on selected dimensions of data set in detecting anomalies. Randomly selected subsets that contain both attacks and normal records from the KDD Cup 1999 benchmark data are used to train the hierarchical net. We use a confidence measure to label the clusters. Then we use the test set from the same KDD Cup 1999 benchmark to test the hierarchical net. We show that a hierarchical K-Map in which each layer operates on a small subset of the feature space is superior to a single-layer K-Map operating on the whole feature space in detecting a variety of attacks in terms of detection rate as well as false positive rate. PMID:15828658

  7. Tiresias: Online Anomaly Detection for Hierarchical Operational Network Data

    CERN Document Server

    Hong, Chi-Yao; Duffield, Nick; Wang, Jia

    2012-01-01

    Operational network data, management data such as customer care call logs and equipment system logs, is a very important source of information for network operators to detect problems in their networks. Unfortunately, there is lack of efficient tools to automatically track and detect anomalous events on operational data, causing ISP operators to rely on manual inspection of this data. While anomaly detection has been widely studied in the context of network data, operational data presents several new challenges, including the volatility and sparseness of data, and the need to perform fast detection (complicating application of schemes that require offline processing or large/stable data sets to converge). To address these challenges, we propose Tiresias, an automated approach to locating anomalous events on hierarchical operational data. Tiresias leverages the hierarchical structure of operational data to identify high-impact aggregates (e.g., locations in the network, failure modes) likely to be associated w...

  8. Towards Reliable Evaluation of Anomaly-Based Intrusion Detection Performance

    Science.gov (United States)

    Viswanathan, Arun

    2012-01-01

    This report describes the results of research into the effects of environment-induced noise on the evaluation process for anomaly detectors in the cyber security domain. This research was conducted during a 10-week summer internship program from the 19th of August, 2012 to the 23rd of August, 2012 at the Jet Propulsion Laboratory in Pasadena, California. The research performed lies within the larger context of the Los Angeles Department of Water and Power (LADWP) Smart Grid cyber security project, a Department of Energy (DoE) funded effort involving the Jet Propulsion Laboratory, California Institute of Technology and the University of Southern California/ Information Sciences Institute. The results of the present effort constitute an important contribution towards building more rigorous evaluation paradigms for anomaly-based intrusion detectors in complex cyber physical systems such as the Smart Grid. Anomaly detection is a key strategy for cyber intrusion detection and operates by identifying deviations from profiles of nominal behavior and are thus conceptually appealing for detecting "novel" attacks. Evaluating the performance of such a detector requires assessing: (a) how well it captures the model of nominal behavior, and (b) how well it detects attacks (deviations from normality). Current evaluation methods produce results that give insufficient insight into the operation of a detector, inevitably resulting in a significantly poor characterization of a detectors performance. In this work, we first describe a preliminary taxonomy of key evaluation constructs that are necessary for establishing rigor in the evaluation regime of an anomaly detector. We then focus on clarifying the impact of the operational environment on the manifestation of attacks in monitored data. We show how dynamic and evolving environments can introduce high variability into the data stream perturbing detector performance. Prior research has focused on understanding the impact of this

  9. Detect Adjacent Well by Analyzing Geomagnetic Anomalies

    Directory of Open Access Journals (Sweden)

    Su Zhang

    2014-03-01

    Full Text Available This study describes a method of determining the position of adjacent well by analyzing geomagnetic anomalies in the drilling. In the experiment, put a casing in the geomagnetic field respectively to simulate 3 conditions, which are vertical well, deviated well and horizontal well. Study the interference of regional geomagnetic caused by casing, summary the law of the regional geomagnetic field anomalies caused by the adjacent casing. Experimental results show that: magnetic intensity distortion caused by deviated well is similar to that caused by horizontal well, but the distortion is different from vertical well. The scope and amplitude of N and E component magnetic intensity distortion will increase with the increase of casing inclination, meanwhile the scope and amplitude of V component distortion will decrease and the distortion value changes from negative to positive to the southwest of adjacent well. Through the analysis of geomagnetic anomalies, the position of the adjacent wells could be determined.

  10. Network Traffic Anomalies Detection and Identification with Flow Monitoring

    CERN Document Server

    Nguyen, Huy; Kim, Dong Il; Choi, Deokjai

    2010-01-01

    Network management and security is currently one of the most vibrant research areas, among which, research on detecting and identifying anomalies has attracted a lot of interest. Researchers are still struggling to find an effective and lightweight method for anomaly detection purpose. In this paper, we propose a simple, robust method that detects network anomalous traffic data based on flow monitoring. Our method works based on monitoring the four predefined metrics that capture the flow statistics of the network. In order to prove the power of the new method, we did build an application that detects network anomalies using our method. And the result of the experiments proves that by using the four simple metrics from the flow data, we do not only effectively detect but can also identify the network traffic anomalies.

  11. Detection of Anomalies in Hydrometric Data Using Artificial Intelligence Techniques

    Science.gov (United States)

    Lauzon, N.; Lence, B. J.

    2002-12-01

    This work focuses on the detection of anomalies in hydrometric data sequences, such as 1) outliers, which are individual data having statistical properties that differ from those of the overall population; 2) shifts, which are sudden changes over time in the statistical properties of the historical records of data; and 3) trends, which are systematic changes over time in the statistical properties. For the purpose of the design and management of water resources systems, it is important to be aware of these anomalies in hydrometric data, for they can induce a bias in the estimation of water quantity and quality parameters. These anomalies may be viewed as specific patterns affecting the data, and therefore pattern recognition techniques can be used for identifying them. However, the number of possible patterns is very large for each type of anomaly and consequently large computing capacities are required to account for all possibilities using the standard statistical techniques, such as cluster analysis. Artificial intelligence techniques, such as the Kohonen neural network and fuzzy c-means, are clustering techniques commonly used for pattern recognition in several areas of engineering and have recently begun to be used for the analysis of natural systems. They require much less computing capacity than the standard statistical techniques, and therefore are well suited for the identification of outliers, shifts and trends in hydrometric data. This work constitutes a preliminary study, using synthetic data representing hydrometric data that can be found in Canada. The analysis of the results obtained shows that the Kohonen neural network and fuzzy c-means are reasonably successful in identifying anomalies. This work also addresses the problem of uncertainties inherent to the calibration procedures that fit the clusters to the possible patterns for both the Kohonen neural network and fuzzy c-means. Indeed, for the same database, different sets of clusters can be

  12. Anomaly Detection and Diagnosis Algorithms for Discrete Symbols

    Data.gov (United States)

    National Aeronautics and Space Administration — We present a set of novel algorithms which we call sequenceMiner that detect and characterize anomalies in large sets of high-dimensional symbol sequences that...

  13. In-Flight Diagnosis and Anomaly Detection Project

    Data.gov (United States)

    National Aeronautics and Space Administration — In flight diagnosis and anomaly detection is a difficult challenge that requires sufficient observation and real-time processing of health information. Our approach...

  14. Embedded GPU implementation of anomaly detection for hyperspectral images

    Science.gov (United States)

    Wu, Yuanfeng; Gao, Lianru; Zhang, Bing; Yang, Bin; Chen, Zhengchao

    2015-10-01

    Anomaly detection is one of the most important techniques for remotely sensed hyperspectral data interpretation. Developing fast processing techniques for anomaly detection has received considerable attention in recent years, especially in analysis scenarios with real-time constraints. In this paper, we develop an embedded graphics processing units based parallel computation for streaming background statistics anomaly detection algorithm. The streaming background statistics method can simulate real-time anomaly detection, which refer to that the processing can be performed at the same time as the data are collected. The algorithm is implemented on NVIDIA Jetson TK1 development kit. The experiment, conducted with real hyperspectral data, indicate the effectiveness of the proposed implementations. This work shows the embedded GPU gives a promising solution for high-performance with low power consumption hyperspectral image applications.

  15. Load characterization and anomaly detection for voice over IP traffic.

    Science.gov (United States)

    Mandjes, Michel; Saniee, Iraj; Stolyar, Alexander L

    2005-09-01

    We consider the problem of traffic anomaly detection in IP networks. Traffic anomalies typically arise when there is focused overload or when a network element fails and it is desired to infer these purely from the measured traffic. We derive new general formulae for the variance of the cumulative traffic over a fixed time interval and show how the derived analytical expression simplifies for the case of voice over IP traffic, the focus of this paper. To detect load anomalies, we show it is sufficient to consider cumulative traffic over relatively long intervals such as 5 min. We also propose simple anomaly detection tests including detection of over/underload. This approach substantially extends the current practice in IP network management where only the first-order statistics and fixed thresholds are used to identify abnormal behavior. We conclude with the application of the scheme to field data from an operational network. PMID:16252813

  16. Solving a prisoner's dilemma in distributed anomaly detection

    Data.gov (United States)

    National Aeronautics and Space Administration — Anomaly detection has recently become an important problem in many industrial and financial applications. In several instances, the data to be analyzed for possible...

  17. Comparative Analysis of Data-Driven Anomaly Detection Methods

    Data.gov (United States)

    National Aeronautics and Space Administration — This paper provides a review of three different advanced machine learning algorithms for anomaly detection in continuous data streams from a ground-test firing of a...

  18. On the Utility of Anonymized Flow Traces for Anomaly Detection

    CERN Document Server

    Burkhart, Martin; May, Martin

    2008-01-01

    The sharing of network traces is an important prerequisite for the development and evaluation of efficient anomaly detection mechanisms. Unfortunately, privacy concerns and data protection laws prevent network operators from sharing these data. Anonymization is a promising solution in this context; however, it is unclear if the sanitization of data preserves the traffic characteristics or introduces artifacts that may falsify traffic analysis results. In this paper, we examine the utility of anonymized flow traces for anomaly detection. We quantitatively evaluate the impact of IP address anonymization, namely variations of permutation and truncation, on the detectability of large-scale anomalies. Specifically, we analyze three weeks of un-sampled and non-anonymized network traces from a medium-sized backbone network. We find that all anonymization techniques, except prefix-preserving permutation, degrade the utility of data for anomaly detection. We show that the degree of degradation depends to a large exten...

  19. Detecting Traffic Anomalies in Urban Areas Using Taxi GPS Data

    Directory of Open Access Journals (Sweden)

    Weiming Kuang

    2015-01-01

    Full Text Available Large-scale GPS data contain hidden information and provide us with the opportunity to discover knowledge that may be useful for transportation systems using advanced data mining techniques. In major metropolitan cities, many taxicabs are equipped with GPS devices. Because taxies operate continuously for nearly 24 hours per day, they can be used as reliable sensors for the perceived traffic state. In this paper, the entire city was divided into subregions by roads, and taxi GPS data were transformed into traffic flow data to build a traffic flow matrix. In addition, a highly efficient anomaly detection method was proposed based on wavelet transform and PCA (principal component analysis for detecting anomalous traffic events in urban regions. The traffic anomaly is considered to occur in a subregion when the values of the corresponding indicators deviate significantly from the expected values. This method was evaluated using a GPS dataset that was generated by more than 15,000 taxies over a period of half a year in Harbin, China. The results show that this detection method is effective and efficient.

  20. Web sessions anomaly detection in dynamic environments

    OpenAIRE

    García-Cervigon Gutiérrez, Manuel; Vázquez Pongilupi, Juan; Medina Llinàs, Manuel

    2010-01-01

    This paper presents a proposal for discovering anomalies in e-banking Web sessions by implementing different datamining techniques in a a graph-based environment. Online banking is a good example of how millions of costumers rely on virtual channels for business transactions. Nevertheless, due to multiple scandals regarding security flaws, it becomes complicated moving a business from a physical scenario to the digital world. Therefore, security applications become highly necessary. Monitorin...

  1. Fetal central nervous system anomalies: fast MRI vs ultrasonography

    International Nuclear Information System (INIS)

    Objective: To evaluate the ability of fast MRI to detect fetal central nervous system (CNS) anomalies and to compare its performance with that of prenatal ultrasonography (US). Methods Forty-eight pregnant women were detected by conventional prenatal US and MRI. Twenty-two fetuses with CNS anomalies were conformed by autopsy and follow-up. The MR and US appearances of fetal CNS structure were compared to each other and to that of autopsy. Results: A total of 26 CNS anomalies were identified by autopsy (n=17) and follow-up (n=9) including anencephaly (n=6), rachischisis (n=2), encephalocele (n=3), congenital hydrocephalus (n=7), alobar holoprosencephaly (n=1), porencephalia (n=3), arachnoid cyst (n=2) and choroids plexus cyst (n=2). US diagnosed 24 CNS anomalies, the correct diagnostic rate was 92.3%, the false-positive rate was 3.8%, the missed-diagnostic rate was 3.8%. MRI diagnosed 23 CNS anomalies, the correct-diagnostic rate was 88.5%, the false-positive rate was 3.8% ,the missed-diagnostic rate was 7.7%. There was no difference between US and MRI (P>0.05), but MRI have larger FOV, higher tissues resolution, and can demonstrate gray-white matter in detail. Conclusions: MR imaging has a similar sensitivity to that of US in the detection of fetal CNS anomalies. (authors)

  2. Operating experiences with an on-line, computer based nuclear plant surveillance and anomaly detection system based on pattern recognition and artificial intelligence

    International Nuclear Information System (INIS)

    The control room of a nuclear power plant can represent a hostile work environment for all but a highly trained operating team. Whilst disciplined training and long professional experience will guarantee assurance of safety and reliability in nuclear plant operation, any surveillance system which has the ability to minimise human error and provide additional safeguards is a desirable asset. This paper proposes a scheme whereby some key parameters of a nuclear power plant, precisely known through detailed calculation and accurate measurement are stored as a data base in an on-line computer. Through the systematic statistical analysis of key stochastic variates a comparison is made by the on-line system with the data base at regular intervals. These time intervals may be as short as seconds during periods of reactor transients such as at start-up or shut down. Alternatively, during steady state operation, the parameters are calculated and displayed at intervals of an hour or greater. An anomaly, or an indication of unusual operational behaviour is indicated both numerically and graphically by the computer if it detects a variance greater than a few percent from the mean value of the reference data base. (author)

  3. Using Generalized Entropies and OC-SVM with Mahalanobis Kernel for Detection and Classification of Anomalies in Network Traffic

    OpenAIRE

    Jayro Santiago-Paz; Deni Torres-Roman; Angel Figueroa-Ypiña; Jesus Argaez-Xool

    2015-01-01

    Network anomaly detection and classification is an important open issue in network security. Several approaches and systems based on different mathematical tools have been studied and developed, among them, the Anomaly-Network Intrusion Detection System (A-NIDS), which monitors network traffic and compares it against an established baseline of a “normal” traffic profile. Then, it is necessary to characterize the “normal” Internet traffic. This paper presents an approach for anomaly detection ...

  4. Lidar detection algorithm for time and range anomalies

    Science.gov (United States)

    Ben-David, Avishai; Davidson, Charles E.; Vanderbeek, Richard G.

    2007-10-01

    A new detection algorithm for lidar applications has been developed. The detection is based on hyperspectral anomaly detection that is implemented for time anomaly where the question "is a target (aerosol cloud) present at range R within time t1 to t2" is addressed, and for range anomaly where the question "is a target present at time t within ranges R1 and R2" is addressed. A detection score significantly different in magnitude from the detection scores for background measurements suggests that an anomaly (interpreted as the presence of a target signal in space/time) exists. The algorithm employs an option for a preprocessing stage where undesired oscillations and artifacts are filtered out with a low-rank orthogonal projection technique. The filtering technique adaptively removes the one over range-squared dependence of the background contribution of the lidar signal and also aids visualization of features in the data when the signal-to-noise ratio is low. A Gaussian-mixture probability model for two hypotheses (anomaly present or absent) is computed with an expectation-maximization algorithm to produce a detection threshold and probabilities of detection and false alarm. Results of the algorithm for CO2 lidar measurements of bioaerosol clouds Bacillus atrophaeus (formerly known as Bacillus subtilis niger, BG) and Pantoea agglomerans, Pa (formerly known as Erwinia herbicola, Eh) are shown and discussed.

  5. A New Method for Early Anomaly Detection of BWR Instabilities

    International Nuclear Information System (INIS)

    The objective of the performed research is to develop an early anomaly detection methodology so as to enhance safety, availability, and operational flexibility of Boiling Water Reactor (BWR) nuclear power plants. The technical approach relies on suppression of potential power oscillations in BWRs by detecting small anomalies at an early stage and taking appropriate prognostic actions based on an anticipated operation schedule. The research utilizes a model of coupled (two-phase) thermal-hydraulic and neutron flux dynamics, which is used as a generator of time series data for anomaly detection at an early stage. The model captures critical nonlinear features of coupled thermal-hydraulic and nuclear reactor dynamics and (slow time-scale) evolution of the anomalies as non-stationary parameters. The time series data derived from this nonlinear non-stationary model serves as the source of information for generating the symbolic dynamics for characterization of model parameter changes that quantitatively represent small anomalies. The major focus of the presented research activity was on developing and qualifying algorithms of pattern recognition for power instability based on anomaly detection from time series data, which later can be used to formulate real-time decision and control algorithms for suppression of power oscillations for a variety of anticipated operating conditions. The research being performed in the framework of this project is essential to make significant improvement in the capability of thermal instability analyses for enhancing safety, availability, and operational flexibility of currently operating and next generation BWRs.

  6. A New Methodology for Early Anomaly Detection of BWR Instabilities

    Energy Technology Data Exchange (ETDEWEB)

    Ivanov, K. N.

    2005-11-27

    The objective of the performed research is to develop an early anomaly detection methodology so as to enhance safety, availability, and operational flexibility of Boiling Water Reactor (BWR) nuclear power plants. The technical approach relies on suppression of potential power oscillations in BWRs by detecting small anomalies at an early stage and taking appropriate prognostic actions based on an anticipated operation schedule. The research utilizes a model of coupled (two-phase) thermal-hydraulic and neutron flux dynamics, which is used as a generator of time series data for anomaly detection at an early stage. The model captures critical nonlinear features of coupled thermal-hydraulic and nuclear reactor dynamics and (slow time-scale) evolution of the anomalies as non-stationary parameters. The time series data derived from this nonlinear non-stationary model serves as the source of information for generating the symbolic dynamics for characterization of model parameter changes that quantitatively represent small anomalies. The major focus of the presented research activity was on developing and qualifying algorithms of pattern recognition for power instability based on anomaly detection from time series data, which later can be used to formulate real-time decision and control algorithms for suppression of power oscillations for a variety of anticipated operating conditions. The research being performed in the framework of this project is essential to make significant improvement in the capability of thermal instability analyses for enhancing safety, availability, and operational flexibility of currently operating and next generation BWRs.

  7. A first approach on fault detection and isolation for cardiovascular anomalies detection

    KAUST Repository

    Diaz Ledezma, F.

    2015-07-01

    In this paper, we use an extended version of the cardiovascular system\\'s state space model presented by [1] and propose a fault detection and isolation methodology to study the problem of detecting cardiovascular anomalies that can originate from variations in physiological parameters and deviations in the performance of the heart\\'s mitral and aortic valves. An observer-based approach is discussed as the basis of the method. The approach contemplates a bank of Extended Kalman Filters to achieve joint estimation of the model\\'s states and parameters and to detect malfunctions in the valves\\' performance. © 2015 American Automatic Control Council.

  8. Discovering Emerging Topics in Social Streams via Link Anomaly Detection

    CERN Document Server

    Takahashi, Toshimitsu; Yamanishi, Kenji

    2011-01-01

    Detection of emerging topics are now receiving renewed interest motivated by the rapid growth of social networks. Conventional term-frequency-based approaches may not be appropriate in this context, because the information exchanged are not only texts but also images, URLs, and videos. We focus on the social aspects of theses networks. That is, the links between users that are generated dynamically intentionally or unintentionally through replies, mentions, and retweets. We propose a probability model of the mentioning behaviour of a social network user, and propose to detect the emergence of a new topic from the anomaly measured through the model. We combine the proposed mention anomaly score with a recently proposed change-point detection technique based on the Sequentially Discounting Normalized Maximum Likelihood (SDNML), or with Kleinberg's burst model. Aggregating anomaly scores from hundreds of users, we show that we can detect emerging topics only based on the reply/mention relationships in social net...

  9. Anomaly Detection In Additively Manufactured Parts Using Laser Doppler Vibrometery

    Energy Technology Data Exchange (ETDEWEB)

    Hernandez, Carlos A. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

    2015-09-29

    Additively manufactured parts are susceptible to non-uniform structure caused by the unique manufacturing process. This can lead to structural weakness or catastrophic failure. Using laser Doppler vibrometry and frequency response analysis, non-contact detection of anomalies in additively manufactured parts may be possible. Preliminary tests show promise for small scale detection, but more future work is necessary.

  10. Effective Sensor Selection and Data Anomaly Detection for Condition Monitoring of Aircraft Engines.

    Science.gov (United States)

    Liu, Liansheng; Liu, Datong; Zhang, Yujie; Peng, Yu

    2016-01-01

    In a complex system, condition monitoring (CM) can collect the system working status. The condition is mainly sensed by the pre-deployed sensors in/on the system. Most existing works study how to utilize the condition information to predict the upcoming anomalies, faults, or failures. There is also some research which focuses on the faults or anomalies of the sensing element (i.e., sensor) to enhance the system reliability. However, existing approaches ignore the correlation between sensor selecting strategy and data anomaly detection, which can also improve the system reliability. To address this issue, we study a new scheme which includes sensor selection strategy and data anomaly detection by utilizing information theory and Gaussian Process Regression (GPR). The sensors that are more appropriate for the system CM are first selected. Then, mutual information is utilized to weight the correlation among different sensors. The anomaly detection is carried out by using the correlation of sensor data. The sensor data sets that are utilized to carry out the evaluation are provided by National Aeronautics and Space Administration (NASA) Ames Research Center and have been used as Prognostics and Health Management (PHM) challenge data in 2008. By comparing the two different sensor selection strategies, the effectiveness of selection method on data anomaly detection is proved. PMID:27136561

  11. Effective Sensor Selection and Data Anomaly Detection for Condition Monitoring of Aircraft Engines

    Directory of Open Access Journals (Sweden)

    Liansheng Liu

    2016-04-01

    Full Text Available In a complex system, condition monitoring (CM can collect the system working status. The condition is mainly sensed by the pre-deployed sensors in/on the system. Most existing works study how to utilize the condition information to predict the upcoming anomalies, faults, or failures. There is also some research which focuses on the faults or anomalies of the sensing element (i.e., sensor to enhance the system reliability. However, existing approaches ignore the correlation between sensor selecting strategy and data anomaly detection, which can also improve the system reliability. To address this issue, we study a new scheme which includes sensor selection strategy and data anomaly detection by utilizing information theory and Gaussian Process Regression (GPR. The sensors that are more appropriate for the system CM are first selected. Then, mutual information is utilized to weight the correlation among different sensors. The anomaly detection is carried out by using the correlation of sensor data. The sensor data sets that are utilized to carry out the evaluation are provided by National Aeronautics and Space Administration (NASA Ames Research Center and have been used as Prognostics and Health Management (PHM challenge data in 2008. By comparing the two different sensor selection strategies, the effectiveness of selection method on data anomaly detection is proved.

  12. Visual analytics of anomaly detection in large data streams

    Science.gov (United States)

    Hao, Ming C.; Dayal, Umeshwar; Keim, Daniel A.; Sharma, Ratnesh K.; Mehta, Abhay

    2009-01-01

    Most data streams usually are multi-dimensional, high-speed, and contain massive volumes of continuous information. They are seen in daily applications, such as telephone calls, retail sales, data center performance, and oil production operations. Many analysts want insight into the behavior of this data. They want to catch the exceptions in flight to reveal the causes of the anomalies and to take immediate action. To guide the user in finding the anomalies in the large data stream quickly, we derive a new automated neighborhood threshold marking technique, called AnomalyMarker. This technique is built on cell-based data streams and user-defined thresholds. We extend the scope of the data points around the threshold to include the surrounding areas. The idea is to define a focus area (marked area) which enables users to (1) visually group the interesting data points related to the anomalies (i.e., problems that occur persistently or occasionally) for observing their behavior; (2) discover the factors related to the anomaly by visualizing the correlations between the problem attribute with the attributes of the nearby data items from the entire multi-dimensional data stream. Mining results are quickly presented in graphical representations (i.e., tooltip) for the user to zoom into the problem regions. Different algorithms are introduced which try to optimize the size and extent of the anomaly markers. We have successfully applied this technique to detect data stream anomalies in large real-world enterprise server performance and data center energy management.

  13. On Anomalies in Annotation Systems

    CERN Document Server

    Brust, Matthias R

    2007-01-01

    Today's computer-based annotation systems implement a wide range of functionalities that often go beyond those available in traditional paper-and-pencil annotations. Conceptually, annotation systems are based on thoroughly investigated psycho-sociological and pedagogical learning theories. They offer a huge diversity of annotation types that can be placed in textual as well as in multimedia format. Additionally, annotations can be published or shared with a group of interested parties via well-organized repositories. Although highly sophisticated annotation systems exist both conceptually as well as technologically, we still observe that their acceptance is somewhat limited. In this paper, we argue that nowadays annotation systems suffer from several fundamental problems that are inherent in the traditional paper-and-pencil annotation paradigm. As a solution, we propose to shift the annotation paradigm for the implementation of annotation system.

  14. Table of hyperfine anomaly in atomic systems

    OpenAIRE

    Persson, Jonas R.

    2011-01-01

    This table is a compilation of experimental values of magnetic hyperfine anomaly in atomic and ionic systems. The last extensive compilation was published in 1984 by Buttgenbach (Hyperfine Interactions 20, (1984) p 1) and the aim here is to make an up to date compilation. The literature search covers the period to January 2011.

  15. Improved Principal Component Analysis for Anomaly Detection: Application to an Emergency Department

    KAUST Repository

    Harrou, Fouzi

    2015-07-03

    Monitoring of production systems, such as those in hospitals, is primordial for ensuring the best management and maintenance desired product quality. Detection of emergent abnormalities allows preemptive actions that can prevent more serious consequences. Principal component analysis (PCA)-based anomaly-detection approach has been used successfully for monitoring systems with highly correlated variables. However, conventional PCA-based detection indices, such as the Hotelling’s T2T2 and the Q statistics, are ill suited to detect small abnormalities because they use only information from the most recent observations. Other multivariate statistical metrics, such as the multivariate cumulative sum (MCUSUM) control scheme, are more suitable for detection small anomalies. In this paper, a generic anomaly detection scheme based on PCA is proposed to monitor demands to an emergency department. In such a framework, the MCUSUM control chart is applied to the uncorrelated residuals obtained from the PCA model. The proposed PCA-based MCUSUM anomaly detection strategy is successfully applied to the practical data collected from the database of the pediatric emergency department in the Lille Regional Hospital Centre, France. The detection results evidence that the proposed method is more effective than the conventional PCA-based anomaly-detection methods.

  16. Near-Real Time Anomaly Detection for Scientific Sensor Data

    Science.gov (United States)

    Gallegos, I.; Gates, A.; Tweedie, C. E.; goswami, S.; Jaimes, A.; Gamon, J. A.

    2011-12-01

    Environmental scientists use advanced sensor technology such as meteorological towers, wireless sensor networks and robotic trams equipped with sensors to perform data collection at remote research sites. Because the amount of environmental sensor data acquired in real time by such instruments is increasing, both the ability to evaluate the accuracy of the data at near-real time and check that the instrumentation is operating correctly are critical in order to not lose valuable time and information. The goal of the research is to define a software engineering-based solution that provides the foundation to define reusable templates for formally specifying data properties and automatically generate programming code that can monitor data streams to identify anomalies at near real-time. The research effort has resulted in a data property categorization that is based on a literature survey of 15 projects that collected environmental data from sensors and a case study conducted in the Arctic. More than 500 published data properties were manually extracted and analyzed from the surveyed projects. The data property categorization revealed recurrent data patterns. Using these patterns and the Specification and Pattern System (SPS) from the software-engineering community as a model, we developed the Data Specification and Pattern System (D-SPS) to capture data properties. D-SPS is the foundation for the Data Property Specification (DaProS) prototype tool that assists scientists in specification of sensor data properties. A series of experiments have been conducted in collaboration with experts working with Eddy covariance (EC) data from the Jornada Basin Experimental Range (JER) and with hyper-spectral data collected using robotic tram systems from the Arctic. The goal of the experiments were to determine if the approach for specifying data properties is effective for specifying data properties and identifying anomalies in sensor data. A complementary Sensor Data

  17. Novel anomaly detection approach for telecommunication network proactive performance monitoring

    Institute of Scientific and Technical Information of China (English)

    Yanhua YU; Jun WANG; Xiaosu ZHAN; Junde SONG

    2009-01-01

    The mode of telecommunication network management is changing from "network oriented" to "subscriber oriented". Aimed at enhancing subscribers'feeling, proactive performance monitoring (PPM) can enable a fast fault correction by detecting anomalies designating performance degradation. In this paper, a novel anomaly detection approach is the proposed taking advantage of time series prediction and the associated confidence interval based on multiplicative autoregressive integrated moving average (ARIMA). Furthermore, under the assumption that the training residual is a white noise process following a normal distribution, the associated confidence interval of prediction can be figured out under any given confidence degree 1-α by constructing random variables satisfying t distribution. Experimental results verify the method's effectiveness.

  18. Anomalies.

    Science.gov (United States)

    Online-Offline, 1999

    1999-01-01

    This theme issue on anomalies includes Web sites, CD-ROMs and software, videos, books, and additional resources for elementary and junior high school students. Pertinent activities are suggested, and sidebars discuss UFOs, animal anomalies, and anomalies from nature; and resources covering unexplained phenonmenas like crop circles, Easter Island,…

  19. Contextual anomaly detection for cyber-physical security in Smart Grids based on an artificial neural network model

    DEFF Research Database (Denmark)

    Kosek, Anna Magdalena

    2016-01-01

    control. An intrusion detection system observes distributed energy resource’s behaviour, control actions and the power system impact, and is tested together with an ongoing voltage control attack in a co-simulation set-up. The simulation results obtained with a real photovoltaic rooftop power plant data...... show that the contextual anomaly detection performs on average 55% better in the control detection and over 56% better in the malicious control detection over the point anomaly detection....

  20. Anomaly detection for machine learning redshifts applied to SDSS galaxies

    CERN Document Server

    Hoyle, Ben; Paech, Kerstin; Bonnett, Christopher; Seitz, Stella; Weller, Jochen

    2015-01-01

    We present an analysis of anomaly detection for machine learning redshift estimation. Anomaly detection allows the removal of poor training examples, which can adversely influence redshift estimates. Anomalous training examples may be photometric galaxies with incorrect spectroscopic redshifts, or galaxies with one or more poorly measured photometric quantity. We select 2.5 million 'clean' SDSS DR12 galaxies with reliable spectroscopic redshifts, and 6730 'anomalous' galaxies with spectroscopic redshift measurements which are flagged as unreliable. We contaminate the clean base galaxy sample with galaxies with unreliable redshifts and attempt to recover the contaminating galaxies using the Elliptical Envelope technique. We then train four machine learning architectures for redshift analysis on both the contaminated sample and on the preprocessed 'anomaly-removed' sample and measure redshift statistics on a clean validation sample generated without any preprocessing. We find an improvement on all measured stat...

  1. Real-Time Road Traffic Anomaly Detection

    OpenAIRE

    Jamal Raiyn; Tomer Toledo

    2014-01-01

    Many modeling approaches have been proposed to help forecast and detect incidents. Accident has received the most attention from researchers due to its impacts economically. The traffic congestion costs billions of dollars to economy. The main reasons of major percentage of traffic congestion are the incidents. Road accidents continue to increase in digital age. There are many reasons for road accidents. This paper will discuss and introduce new algorithm for road ac...

  2. The use of Compton scattering in detecting anomaly in soil-possible use in pyromaterial detection

    Energy Technology Data Exchange (ETDEWEB)

    Abedin, Ahmad Firdaus Zainal; Ibrahim, Noorddin [Department of Defence Science, Universiti Pertahanan Nasional Malaysia, Kem Sungai Besi, Kuala Lumpur 57000 (Malaysia); Zabidi, Noriza Ahmad; Demon, Siti Zulaikha Ngah [Centre for Foundation Studies, Universiti Pertahanan Nasional Malaysia, Kem Sungai Besi, Kuala Lumpur 57000 (Malaysia)

    2016-01-22

    The Compton scattering is able to determine the signature of land mine detection based on dependency of density anomaly and energy change of scattered photons. In this study, 4.43 MeV gamma of the Am-Be source was used to perform Compton scattering. Two detectors were placed between source with distance of 8 cm and radius of 1.9 cm. Detectors of thallium-doped sodium iodide NaI(TI) was used for detecting gamma ray. There are 9 anomalies used in this simulation. The physical of anomaly is in cylinder form with radius of 10 cm and 8.9 cm height. The anomaly is buried 5 cm deep in the bed soil measured 80 cm radius and 53.5 cm height. Monte Carlo methods indicated the scattering of photons is directly proportional to density of anomalies. The difference between detector response with anomaly and without anomaly namely contrast ratio values are in a linear relationship with density of anomalies. Anomalies of air, wood and water give positive contrast ratio values whereas explosive, sand, concrete, graphite, limestone and polyethylene give negative contrast ratio values. Overall, the contrast ratio values are greater than 2 % for all anomalies. The strong contrast ratios result a good detection capability and distinction between anomalies.

  3. The use of Compton scattering in detecting anomaly in soil-possible use in pyromaterial detection

    International Nuclear Information System (INIS)

    The Compton scattering is able to determine the signature of land mine detection based on dependency of density anomaly and energy change of scattered photons. In this study, 4.43 MeV gamma of the Am-Be source was used to perform Compton scattering. Two detectors were placed between source with distance of 8 cm and radius of 1.9 cm. Detectors of thallium-doped sodium iodide NaI(TI) was used for detecting gamma ray. There are 9 anomalies used in this simulation. The physical of anomaly is in cylinder form with radius of 10 cm and 8.9 cm height. The anomaly is buried 5 cm deep in the bed soil measured 80 cm radius and 53.5 cm height. Monte Carlo methods indicated the scattering of photons is directly proportional to density of anomalies. The difference between detector response with anomaly and without anomaly namely contrast ratio values are in a linear relationship with density of anomalies. Anomalies of air, wood and water give positive contrast ratio values whereas explosive, sand, concrete, graphite, limestone and polyethylene give negative contrast ratio values. Overall, the contrast ratio values are greater than 2 % for all anomalies. The strong contrast ratios result a good detection capability and distinction between anomalies

  4. Software Tool Support to Specify and Verify Scientific Sensor Data Properties to Improve Anomaly Detection

    Science.gov (United States)

    Gallegos, I.; Gates, A. Q.; Tweedie, C.; Cybershare

    2010-12-01

    Advancements in scientific sensor data acquisition technologies, such as wireless sensor networks and robotic trams equipped with sensors, are increasing the amount of data being collected at field sites . This elevates the challenges of verifying the quality of streamed data and monitoring the correct operation of the instrumentation. Without the ability to evaluate the data collection process at near real-time, scientists can lose valuable time and data. In addition, scientists have to rely on their knowledge and experience in the field to evaluate data quality. Such knowledge is rarely shared or reused by other scientists mostly because of the lack of a well-defined methodology and tool support. Numerous scientific projects address anomaly detection, mostly as part of the verification system’s source code; however, anomaly detection properties, which often are embedded or hard-coded in the source code, are difficult to refine. In addition, a software developer is required to modify the source code every time a new anomaly detection property or a modification to an existing property is needed. This poster describes the tool support that has been developed, based on software engineering techniques, to address these challenges. The overall tool support allows scientists to specify and reuse anomaly detection properties generated using the specification tool and to use the specified properties to conduct automated anomaly detection at near-real time. The anomaly-detection mechanism is independent of the system used to collect the sensor data. With guidance provided by a classification and categorization of anomaly-detection properties, the user specifies properties on scientific sensor data. The properties, which can be associated with particular field sites or instrumentation, document knowledge about data anomalies that otherwise would have limited availability to the scientific community.

  5. FLEAD: online frequency likelihood estimation anomaly detection for mobile sensing

    NARCIS (Netherlands)

    Le, Viet-Duc; Scholten, Hans; Havinga, Paul

    2013-01-01

    With the rise of smartphone platforms, adaptive sensing becomes an predominant key to overcome intricate constraints such as smartphone's capabilities and dynamic data. One way to do this is estimating the event probability based on anomaly detection to invoke heavy processes, such as switching on m

  6. Anomaly Detection and Degradation Prediction of MOSFET

    OpenAIRE

    Li-Feng Wu; Yong Guan; Xiao-Juan Li; Jie Ma

    2015-01-01

    The MOSFET is an important power electronic transistor widely used in electrical systems. Its reliability has an effect on the performance of systems. In this paper, the failure models and mechanisms of MOSFETs are briefly analyzed. The on-resistance Ron is the key failure precursor parameter representing the degree of degradation. Based on the experimental data, a nonlinear dual-exponential degradation model for MOSFETs is obtained. Then, we present an approach for MOSFET degradation state p...

  7. SCADA Protocol Anomaly Detection Utilizing Compression (SPADUC) 2013

    Energy Technology Data Exchange (ETDEWEB)

    Gordon Rueff; Lyle Roybal; Denis Vollmer

    2013-01-01

    There is a significant need to protect the nation’s energy infrastructures from malicious actors using cyber methods. Supervisory, Control, and Data Acquisition (SCADA) systems may be vulnerable due to the insufficient security implemented during the design and deployment of these control systems. This is particularly true in older legacy SCADA systems that are still commonly in use. The purpose of INL’s research on the SCADA Protocol Anomaly Detection Utilizing Compression (SPADUC) project was to determine if and how data compression techniques could be used to identify and protect SCADA systems from cyber attacks. Initially, the concept was centered on how to train a compression algorithm to recognize normal control system traffic versus hostile network traffic. Because large portions of the TCP/IP message traffic (called packets) are repetitive, the concept of using compression techniques to differentiate “non-normal” traffic was proposed. In this manner, malicious SCADA traffic could be identified at the packet level prior to completing its payload. Previous research has shown that SCADA network traffic has traits desirable for compression analysis. This work investigated three different approaches to identify malicious SCADA network traffic using compression techniques. The preliminary analyses and results presented herein are clearly able to differentiate normal from malicious network traffic at the packet level at a very high confidence level for the conditions tested. Additionally, the master dictionary approach used in this research appears to initially provide a meaningful way to categorize and compare packets within a communication channel.

  8. Sensor Anomaly Detection in Wireless Sensor Networks for Healthcare

    Directory of Open Access Journals (Sweden)

    Shah Ahsanul Haque

    2015-04-01

    Full Text Available Wireless Sensor Networks (WSN are vulnerable to various sensor faults and faulty measurements. This vulnerability hinders efficient and timely response in various WSN applications, such as healthcare. For example, faulty measurements can create false alarms which may require unnecessary intervention from healthcare personnel. Therefore, an approach to differentiate between real medical conditions and false alarms will improve remote patient monitoring systems and quality of healthcare service afforded by WSN. In this paper, a novel approach is proposed to detect sensor anomaly by analyzing collected physiological data from medical sensors. The objective of this method is to effectively distinguish false alarms from true alarms. It predicts a sensor value from historic values and compares it with the actual sensed value for a particular instance. The difference is compared against a threshold value, which is dynamically adjusted, to ascertain whether the sensor value is anomalous. The proposed approach has been applied to real healthcare datasets and compared with existing approaches. Experimental results demonstrate the effectiveness of the proposed system, providing high Detection Rate (DR and low False Positive Rate (FPR.

  9. Lymphatic system anomalies in Crouzon syndrome

    OpenAIRE

    Bourgeois, Pierre; Moniotte, Stéphane

    2009-01-01

    Crouzon syndrome is a rare genetic disorder characterised mainly by distinctive malformations of the skull and facial region and caused by mutations in the fibroblast growth factor receptor 2 (FGFR2) gene. No study reported on oedemas related to lymphatic system abnormalities in these patients. A case of Crouzon syndrome displaying classic facial anomalies but also with bilateral lower limb oedema is reported in whom lymphoscintigraphic investigation of the limbs clearly delineated the presen...

  10. SYSTEMS OF REMOVING NETWORK ANOMALIES AND METHODS OF CREATION THEIR ARCHITECTURE

    Directory of Open Access Journals (Sweden)

    Kucher V. A.

    2015-06-01

    Full Text Available Different stages of designing architecture of detection systems and opposition to network anomalies are analyzed in this article. It is pointed that common classification can be to determine state of network: “normal”, “critical”, “faulted”. Bases for building architecture of detection and removing anomalies are offered

  11. Limitations of Aneuploidy and Anomaly Detection in the Obese Patient

    Directory of Open Access Journals (Sweden)

    Paula Zozzaro-Smith

    2014-07-01

    Full Text Available Obesity is a worldwide epidemic and can have a profound effect on pregnancy risks. Obese patients tend to be older and are at increased risk for structural fetal anomalies and aneuploidy, making screening options critically important for these women. Failure rates for first-trimester nuchal translucency (NT screening increase with obesity, while the ability to detect soft-markers declines, limiting ultrasound-based screening options. Obesity also decreases the chances of completing the anatomy survey and increases the residual risk of undetected anomalies. Additionally, non-invasive prenatal testing (NIPT is less likely to provide an informative result in obese patients. Understanding the limitations and diagnostic accuracy of aneuploidy and anomaly screening in obese patients can help guide clinicians in counseling patients on the screening options.

  12. A new data normalization method for unsupervised anomaly intrusion detection

    Institute of Scientific and Technical Information of China (English)

    Long-zheng CAI; Jian CHEN; Yun KE; Tao CHEN; Zhi-gang LI

    2010-01-01

    Unsupervised anomaly detection can detect attacks without the need for clean or labeled training data.This paper studies the application of clustering to unsupervised anomaly detection(ACUAD).Data records are mapped to a feature space.Anomalies are detected by determining which points lie in the sparse regions of the feature space.A critical element for this method to be effective is the definition of the distance function between data records.We propose a unified normalization distance framework for records with numeric and nominal features mixed data.A heuristic method that computes the distance for nominal features is proposed,taking advantage of an important characteristic of nominal features-their probability distribution.Then,robust methods are proposed for mapping numeric features and computing their distance,these being able to tolerate the impact of the value difference in scale and diversification among features,and outliers introduced by intrusions.Empirical experiments with the KDD 1999 dataset showed that ACUAD can detect intrusions with relatively low false alarm rates compared with other approaches.

  13. Stochastic pattern recognition techniques and artificial intelligence for nuclear power plant surveillance and anomaly detection

    International Nuclear Information System (INIS)

    In this paper a theoretical and system conceptual model is outlined for the instrumentation, core assessment and surveillance and anomaly detection of a nuclear power plant. The system specified is based on the statistical on-line analysis of optimally placed instrumentation sensed fluctuating signals in terms of such variates as coherence, correlation function, zero-crossing and spectral density

  14. Deep Structured Energy Based Models for Anomaly Detection

    OpenAIRE

    Zhai, Shuangfei; Cheng, Yu; Lu, Weining; Zhang, Zhongfei

    2016-01-01

    In this paper, we attack the anomaly detection problem by directly modeling the data distribution with deep architectures. We propose deep structured energy based models (DSEBMs), where the energy function is the output of a deterministic deep neural network with structure. We develop novel model architectures to integrate EBMs with different types of data such as static data, sequential data, and spatial data, and apply appropriate model architectures to adapt to the data structure. Our trai...

  15. Towards Periodicity Based Anomaly Detection in SCADA Networks

    OpenAIRE

    Barbosa, Rafael Ramos Regis; Sadre, Ramin; Pras, Aiko

    2012-01-01

    Supervisory Control and Data Acquisition (SCADA) networks are commonly deployed to aid the operation of large industrial facilities. The polling mechanism used to retrieve data from field devices causes the data transmission to be highly periodic. In this paper, we propose an approach that exploits traffic periodicity to detect traffic anomalies, which represent potential intrusion attempts. We present a proof of concept to show the feasibility of our approach.

  16. Energy detection based on undecimated discrete wavelet transform and its application in magnetic anomaly detection.

    Directory of Open Access Journals (Sweden)

    Xinhua Nie

    Full Text Available Magnetic anomaly detection (MAD is a passive approach for detection of a ferromagnetic target, and its performance is often limited by external noises. In consideration of one major noise source is the fractal noise (or called 1/f noise with a power spectral density of 1/fa (0detection method based on undecimated discrete wavelet transform (UDWT is proposed in this paper. Firstly, the foundations of magnetic anomaly detection and UDWT are introduced in brief, while a possible detection system based on giant magneto-impedance (GMI magnetic sensor is also given out. Then our proposed energy detection based on UDWT is described in detail, and the probabilities of false alarm and detection for given the detection threshold in theory are presented. It is noticeable that no a priori assumptions regarding the ferromagnetic target or the magnetic noise probability are necessary for our method, and different from the discrete wavelet transform (DWT, the UDWT is shift invariant. Finally, some simulations are performed and the results show that the detection performance of our proposed detector is better than that of the conventional energy detector even utilized in the Gaussian white noise, especially when the spectral parameter α is less than 1.0. In addition, a real-world experiment was done to demonstrate the advantages of the proposed method.

  17. Detecting Anomaly in Traffic Flow from Road Similarity Analysis

    KAUST Repository

    Liu, Xinran

    2016-06-02

    Taxies equipped with GPS devices are considered as 24-hour moving sensors widely distributed in urban road networks. Plenty of accurate and realtime trajectories of taxi are recorded by GPS devices and are commonly studied for understanding traffic dynamics. This paper focuses on anomaly detection in traffic volume, especially the non-recurrent traffic anomaly caused by unexpected or transient incidents, such as traffic accidents, celebrations and disasters. It is important to detect such sharp changes of traffic status for sensing abnormal events and planning their impact on the smooth volume of traffic. Unlike existing anomaly detection approaches that mainly monitor the derivation of current traffic status from history in the past, the proposed method in this paper evaluates the abnormal score of traffic on one road by comparing its current traffic volume with not only its historical data but also its neighbors. We define the neighbors as the roads that are close in sense of both geo-location and traffic patterns, which are extracted by matrix factorization. The evaluation results on trajectories data of 12,286 taxies over four weeks in Beijing show that our approach outperforms other baseline methods with higher precision and recall.

  18. An ECG T-wave Anomalies Detection Using a Lightweight Classification Model for Wireless Body Sensors

    OpenAIRE

    Hadjem, Medina; Naït-Abdesselam, Farid

    2015-01-01

    International audience Various wearable devices are foreseen to be the key components in the future for vital signs monitoring as they offer a non-invasive, remote and real-time medical monitoring means. Among those, Wireless Body Sensors (WBS) for cardiac monitoring are of prominent help to early detect cardioVascular Diseases (CVD) by analyzing 24/24 and 7/7 collected cardiac data. Today, most of these WBS systems for CVD detection, includeonly limited automatic anomalies detection, part...

  19. Modular Approach for Expert System toward Anomaly: N-Layers

    OpenAIRE

    Pardo, Etienne; Espes, David; Le Parc, Philippe

    2016-01-01

    International audience —Smart cities and smart homes are booming fields of development of pervasive systems. With the high stakes these systems have to manage, and their sheer complexity, anomalies have to be considered. In these complex systems are many connected components with computing capacities. They can manage anomalies, even if partially, and can act as some kind of expert systems. These expert systems can be relied upon to provide anomaly management. The complexity to manage gener...

  20. Cluster Based Cost Efficient Intrusion Detection System For Manet

    OpenAIRE

    Kumarasamy, Saravanan; B, Hemalatha; P, Hashini

    2013-01-01

    Mobile ad-hoc networks are temporary wireless networks. Network resources are abnormally consumed by intruders. Anomaly and signature based techniques are used for intrusion detection. Classification techniques are used in anomaly based techniques. Intrusion detection techniques are used for the network attack detection process. Two types of intrusion detection systems are available. They are anomaly detection and signature based detection model. The anomaly detection model uses the historica...

  1. Anomaly depth detection in trans-admittance mammography: a formula independent of anomaly size or admittivity contrast

    International Nuclear Information System (INIS)

    Trans-admittance mammography (TAM) is a bioimpedance technique for breast cancer detection. It is based on the comparison of tissue conductivity: cancerous tissue is identified by its higher conductivity in comparison with the surrounding normal tissue. In TAM, the breast is compressed between two electrical plates (in a similar architecture to x-ray mammography). The bottom plate has many sensing point electrodes that provide two-dimensional images (trans-admittance maps) that are induced by voltage differences between the two plates. Multi-frequency admittance data (Neumann data) are measured over the range 50 Hz–500 kHz. TAM aims to determine the location and size of any anomaly from the multi-frequency admittance data. Various anomaly detection algorithms can be used to process TAM data to determine the transverse positions of anomalies. However, existing methods cannot reliably determine the depth or size of an anomaly. Breast cancer detection using TAM would be improved if the depth or size of an anomaly could also be estimated, properties that are independent of the admittivity contrast. A formula is proposed here that can estimate the depth of an anomaly independent of its size and the admittivity contrast. This depth estimation can also be used to derive an estimation of the size of the anomaly. The proposed estimations are verified rigorously under a simplified model. Numerical simulation shows that the proposed method also works well in general settings. (paper)

  2. A self-adaptive negative selection algorithm used for anomaly detection

    Institute of Scientific and Technical Information of China (English)

    Jinquan Zeng; Xiaojie Liu; Tao Li; Caiming Liu; Lingxi Peng; Feixian Sun

    2009-01-01

    A novel negative selection algorithm (NSA), which is referred to as ANSA, is presented. In many actual anomaly detection systems, the training data are just partially composed of the normal elements, and the seif/nonself space often varies over time. Therefore, anom-aly detection system has to build the profile of the system based on a part of self elements and adjust itself to adapt those variables. However, previous NSAs need a large number of self elements to build the profile of the system, and lack adaptability. In order to over-come these limitations, the proposed approach uses a novel technique to adjust the self radius and evolve the nonself-covering detectors to build an appropriate profile of the system. To determine the performance of the approach, the experiments with the well-known data-set were performed. Results exhibited that our proposed approach outperforms the previous techniques.

  3. Detecting errors and anomalies in computerized materials control and accountability databases

    Energy Technology Data Exchange (ETDEWEB)

    Whiteson, R.; Hench, K.; Yarbro, T. [Los Alamos National Lab., NM (United States); Baumgart, C. [Dept. of Energy, Albuquerque, NM (United States). Kansas City Plant

    1998-12-31

    The Automated MC and A Database Assessment project is aimed at improving anomaly and error detection in materials control and accountability (MC and A) databases and increasing confidence in the data that they contain. Anomalous data resulting in poor categorization of nuclear material inventories greatly reduces the value of the database information to users. Therefore it is essential that MC and A data be assessed periodically for anomalies or errors. Anomaly detection can identify errors in databases and thus provide assurance of the integrity of data. An expert system has been developed at Los Alamos National Laboratory that examines these large databases for anomalous or erroneous data. For several years, MC and A subject matter experts at Los Alamos have been using this automated system to examine the large amounts of accountability data that the Los Alamos Plutonium Facility generates. These data are collected and managed by the Material Accountability and Safeguards System, a near-real-time computerized nuclear material accountability and safeguards system. This year they have expanded the user base, customizing the anomaly detector for the varying requirements of different groups of users. This paper describes the progress in customizing the expert systems to the needs of the users of the data and reports on their results.

  4. Detecting errors and anomalies in computerized materials control and accountability databases

    International Nuclear Information System (INIS)

    The Automated MC and A Database Assessment project is aimed at improving anomaly and error detection in materials control and accountability (MC and A) databases and increasing confidence in the data that they contain. Anomalous data resulting in poor categorization of nuclear material inventories greatly reduces the value of the database information to users. Therefore it is essential that MC and A data be assessed periodically for anomalies or errors. Anomaly detection can identify errors in databases and thus provide assurance of the integrity of data. An expert system has been developed at Los Alamos National Laboratory that examines these large databases for anomalous or erroneous data. For several years, MC and A subject matter experts at Los Alamos have been using this automated system to examine the large amounts of accountability data that the Los Alamos Plutonium Facility generates. These data are collected and managed by the Material Accountability and Safeguards System, a near-real-time computerized nuclear material accountability and safeguards system. This year they have expanded the user base, customizing the anomaly detector for the varying requirements of different groups of users. This paper describes the progress in customizing the expert systems to the needs of the users of the data and reports on their results

  5. Anomaly Detection in XML-Structured SOAP Messages Using Tree-Based Association Rule Mining

    OpenAIRE

    Esfahani, Reyhaneh Ghassem; Azgomi, Mohammad Abadollahi; Fathi, Reza

    2016-01-01

    Web services are software systems designed for supporting interoperable dynamic cross-enterprise interactions. The result of attacks to Web services can be catastrophic and causing the disclosure of enterprises' confidential data. As new approaches of attacking arise every day, anomaly detection systems seem to be invaluable tools in this context. The aim of this work has been to target the attacks that reside in the Web service layer and the extensible markup language (XML)-structured simple...

  6. Anomaly Detection in Wireless Sensor Networks Using Immune-Based Bioinspired Mechanism

    OpenAIRE

    Ramsha Rizwan; Farrukh Aslam Khan; Haider Abbas; Sajjad Hussain Chauhdary

    2015-01-01

    During the past few years, we have seen a tremendous increase in various kinds of anomalies in Wireless Sensor Network (WSN) communication. Recently, researchers have shown a lot of interest in applying biologically inspired systems for solving network intrusion detection problems. Several solutions have been proposed using Artificial Immune System (AIS), Ant Colony Optimization (ACO), Artificial Bee Colony (ABC) algorithm, Genetic Algorithm (GA), Particle Swarm Optimization (PSO) and so fort...

  7. Anomaly Event Detection Method Based on Compressive Sensing and Iteration in Wireless Sensor Networks

    OpenAIRE

    Shihua Cao; Qihui Wang; Yaping Yuan; Junyang Yu

    2014-01-01

    Anomaly event detection is one of the research hotspots in wireless sensor networks. Aiming at the disadvantages of current detection solutions, a novel anomaly event detection algorithm based on compressed sensing and iteration is proposed. Firstly, a measured value can be sensed in each node, based on the compressed sensing. Then the problem of anomaly event detection is modeled as the minimization problem of weighted l1 norm, and OMP algorithm is adopted for solving the problem iteratively...

  8. Structural Anomaly Detection Using Fiber Optic Sensors and Inverse Finite Element Method

    Science.gov (United States)

    Quach, Cuong C.; Vazquez, Sixto L.; Tessler, Alex; Moore, Jason P.; Cooper, Eric G.; Spangler, Jan. L.

    2005-01-01

    NASA Langley Research Center is investigating a variety of techniques for mitigating aircraft accidents due to structural component failure. One technique under consideration combines distributed fiber optic strain sensing with an inverse finite element method for detecting and characterizing structural anomalies anomalies that may provide early indication of airframe structure degradation. The technique identifies structural anomalies that result in observable changes in localized strain but do not impact the overall surface shape. Surface shape information is provided by an Inverse Finite Element Method that computes full-field displacements and internal loads using strain data from in-situ fiberoptic sensors. This paper describes a prototype of such a system and reports results from a series of laboratory tests conducted on a test coupon subjected to increasing levels of damage.

  9. Gravitational Anomalies in the Solar System?

    CERN Document Server

    Iorio, Lorenzo

    2014-01-01

    Mindful of the anomalous perihelion precession of Mercury discovered by U. Le Verrier in the second half of the nineteenth century and its successful explanation by A. Einstein with his General Theory of Relativity in the early years of the twentieth century, discrepancies among observed effects in our Solar system and their theoretical predictions on the basis of the currently accepted laws of gravitation applied to known bodies have the potential of paving the way for remarkable advances in fundamental physics. This is particularly important now more than ever, given that most of the Universe seems to be made of unknown substances dubbed Dark Matter and Dark Energy. Should this not be directly the case, Solar system's anomalies could anyhow lead to advancements in cumulative science, as shown to us by the discovery of Neptune in the first half of the nineteenth century. Moreover, investigations in one of such directions can serendipitously enrich the other one as well. The current status of some alleged gra...

  10. Anomaly detection of microstructural defects in continuous fiber reinforced composites

    Science.gov (United States)

    Bricker, Stephen; Simmons, J. P.; Przybyla, Craig; Hardie, Russell

    2015-03-01

    Ceramic matrix composites (CMC) with continuous fiber reinforcements have the potential to enable the next generation of high speed hypersonic vehicles and/or significant improvements in gas turbine engine performance due to their exhibited toughness when subjected to high mechanical loads at extreme temperatures (2200F+). Reinforced fiber composites (RFC) provide increased fracture toughness, crack growth resistance, and strength, though little is known about how stochastic variation and imperfections in the material effect material properties. In this work, tools are developed for quantifying anomalies within the microstructure at several scales. The detection and characterization of anomalous microstructure is a critical step in linking production techniques to properties, as well as in accurate material simulation and property prediction for the integrated computation materials engineering (ICME) of RFC based components. It is desired to find statistical outliers for any number of material characteristics such as fibers, fiber coatings, and pores. Here, fiber orientation, or `velocity', and `velocity' gradient are developed and examined for anomalous behavior. Categorizing anomalous behavior in the CMC is approached by multivariate Gaussian mixture modeling. A Gaussian mixture is employed to estimate the probability density function (PDF) of the features in question, and anomalies are classified by their likelihood of belonging to the statistical normal behavior for that feature.

  11. Machine intelligence-based decision-making (MIND) for automatic anomaly detection

    Science.gov (United States)

    Prasad, Nadipuram R.; King, Jason C.; Lu, Thomas

    2007-04-01

    Any event deemed as being out-of-the-ordinary may be called an anomaly. Anomalies by virtue of their definition are events that occur spontaneously with no prior indication of their existence or appearance. Effects of anomalies are typically unknown until they actually occur, and their effects aggregate in time to show noticeable change from the original behavior. An evolved behavior would in general be very difficult to correct unless the anomalous event that caused such behavior can be detected early, and any consequence attributed to the specific anomaly. Substantial time and effort is required to back-track the cause for abnormal behavior and to recreate the event sequence leading to abnormal behavior. There is a critical need therefore to automatically detect anomalous behavior as and when they may occur, and to do so with the operator in the loop. Human-machine interaction results in better machine learning and a better decision-support mechanism. This is the fundamental concept of intelligent control where machine learning is enhanced by interaction with human operators, and vice versa. The paper discusses a revolutionary framework for the characterization, detection, identification, learning, and modeling of anomalous behavior in observed phenomena arising from a large class of unknown and uncertain dynamical systems.

  12. Support vector machines for TEC seismo-ionospheric anomalies detection

    Directory of Open Access Journals (Sweden)

    M. Akhoondzadeh

    2013-02-01

    Full Text Available Using time series prediction methods, it is possible to pursue the behaviors of earthquake precursors in the future and to announce early warnings when the differences between the predicted value and the observed value exceed the predefined threshold value. Support Vector Machines (SVMs are widely used due to their many advantages for classification and regression tasks. This study is concerned with investigating the Total Electron Content (TEC time series by using a SVM to detect seismo-ionospheric anomalous variations induced by the three powerful earthquakes of Tohoku (11 March 2011, Haiti (12 January 2010 and Samoa (29 September 2009. The duration of TEC time series dataset is 49, 46 and 71 days, for Tohoku, Haiti and Samoa earthquakes, respectively, with each at time resolution of 2 h. In the case of Tohoku earthquake, the results show that the difference between the predicted value obtained from the SVM method and the observed value reaches the maximum value (i.e., 129.31 TECU at earthquake time in a period of high geomagnetic activities. The SVM method detected a considerable number of anomalous occurrences 1 and 2 days prior to the Haiti earthquake and also 1 and 5 days before the Samoa earthquake in a period of low geomagnetic activities. In order to show that the method is acting sensibly with regard to the results extracted during nonevent and event TEC data, i.e., to perform some null-hypothesis tests in which the methods would also be calibrated, the same period of data from the previous year of the Samoa earthquake date has been taken into the account. Further to this, in this study, the detected TEC anomalies using the SVM method were compared to the previous results (Akhoondzadeh and Saradjian, 2011; Akhoondzadeh, 2012 obtained from the mean, median, wavelet and Kalman filter methods. The SVM detected anomalies are similar to those detected using the previous methods. It can be concluded that SVM can be a suitable learning method

  13. A new approach for structural health monitoring by applying anomaly detection on strain sensor data

    Science.gov (United States)

    Trichias, Konstantinos; Pijpers, Richard; Meeuwissen, Erik

    2014-03-01

    Structural Health Monitoring (SHM) systems help to monitor critical infrastructures (bridges, tunnels, etc.) remotely and provide up-to-date information about their physical condition. In addition, it helps to predict the structure's life and required maintenance in a cost-efficient way. Typically, inspection data gives insight in the structural health. The global structural behavior, and predominantly the structural loading, is generally measured with vibration and strain sensors. Acoustic emission sensors are more and more used for measuring global crack activity near critical locations. In this paper, we present a procedure for local structural health monitoring by applying Anomaly Detection (AD) on strain sensor data for sensors that are applied in expected crack path. Sensor data is analyzed by automatic anomaly detection in order to find crack activity at an early stage. This approach targets the monitoring of critical structural locations, such as welds, near which strain sensors can be applied during construction and/or locations with limited inspection possibilities during structural operation. We investigate several anomaly detection techniques to detect changes in statistical properties, indicating structural degradation. The most effective one is a novel polynomial fitting technique, which tracks slow changes in sensor data. Our approach has been tested on a representative test structure (bridge deck) in a lab environment, under constant and variable amplitude fatigue loading. In both cases, the evolving cracks at the monitored locations were successfully detected, autonomously, by our AD monitoring tool.

  14. Feasibility of anomaly detection and characterization using trans-admittance mammography with 60 × 60 electrode array

    International Nuclear Information System (INIS)

    Electrical impedance imaging has the potential to detect an early stage of breast cancer due to higher admittivity values compared with those of normal breast tissues. The tumor size and extent of axillary lymph node involvement are important parameters to evaluate the breast cancer survival rate. Additionally, the anomaly characterization is required to distinguish a malignant tumor from a benign tumor. In order to overcome the limitation of breast cancer detection using impedance measurement probes, we developed the high density trans-admittance mammography (TAM) system with 60 × 60 electrode array and produced trans-admittance maps obtained at several frequency pairs. We applied the anomaly detection algorithm to the high density TAM system for estimating the volume and position of breast tumor. We tested four different sizes of anomaly with three different conductivity contrasts at four different depths. From multifrequency trans-admittance maps, we can readily observe the transversal position and estimate its volume and depth. Specially, the depth estimated values were obtained accurately, which were independent to the size and conductivity contrast when applying the new formula using Laplacian of trans-admittance map. The volume estimation was dependent on the conductivity contrast between anomaly and background in the breast phantom. We characterized two testing anomalies using frequency difference trans-admittance data to eliminate the dependency of anomaly position and size. We confirmed the anomaly detection and characterization algorithm with the high density TAM system on bovine breast tissue. Both results showed the feasibility of detecting the size and position of anomaly and tissue characterization for screening the breast cancer. (paper)

  15. A Comparative Study of Unsupervised Anomaly Detection Techniques Using Honeypot Data

    Science.gov (United States)

    Song, Jungsuk; Takakura, Hiroki; Okabe, Yasuo; Inoue, Daisuke; Eto, Masashi; Nakao, Koji

    Intrusion Detection Systems (IDS) have been received considerable attention among the network security researchers as one of the most promising countermeasures to defend our crucial computer systems or networks against attackers on the Internet. Over the past few years, many machine learning techniques have been applied to IDSs so as to improve their performance and to construct them with low cost and effort. Especially, unsupervised anomaly detection techniques have a significant advantage in their capability to identify unforeseen attacks, i.e., 0-day attacks, and to build intrusion detection models without any labeled (i.e., pre-classified) training data in an automated manner. In this paper, we conduct a set of experiments to evaluate and analyze performance of the major unsupervised anomaly detection techniques using real traffic data which are obtained at our honeypots deployed inside and outside of the campus network of Kyoto University, and using various evaluation criteria, i.e., performance evaluation by similarity measurements and the size of training data, overall performance, detection ability for unknown attacks, and time complexity. Our experimental results give some practical and useful guidelines to IDS researchers and operators, so that they can acquire insight to apply these techniques to the area of intrusion detection, and devise more effective intrusion detection models.

  16. Detection of motifs in anomalies from nuclear power plant data using data mining techniques

    International Nuclear Information System (INIS)

    Anomaly detection deals with the discovery of abnormal behaviour from the given data. In the recent times, there has been great research interest towards anomaly detection using data mining techniques. The reason being that in many real world applications, extraction of abnormalities is much more important than detection and analysis of normal behaviour. This is specifically significant in those applications wherein timely maintenance of anomalies is costly and very crucial to the application. In certain cases, it is also possible that there exist some pattern in the anomalies. In the present work, the focus is on detection of patterns in anomalies from Nuclear Power Plant (NPP) data. Further, an analysis has been done to identify the different types of patterns from the NPP data. These different types of patterns have been denoted as 'motifs' to signify the repetitive nature of various types of patterns in anomalies. Such analysis has been done for predictive maintenance in nuclear power plants. (author)

  17. Systematic review of central nervous system anomalies in incontinentia pigmenti

    Directory of Open Access Journals (Sweden)

    Minić Snežana

    2013-02-01

    Full Text Available Abstract The objective of this study was to present a systematic review of the central nervous system (CNS types of anomalies and to consider the possibility to include CNS anomalies in Incontinentia pigmenti (IP criteria. The analyzed literature data from 1,393 IP cases were from the period 1993–2012. CNS anomalies were diagnosed for 30.44% of the investigated IP patients. The total number of CNS types of anomalies per patient was 1.62. In the present study there was no significantly higher number of anomalies per patient in females than males. The most frequent CNS types of anomalies were seizures, motor impairment, mental retardation, and microcephaly. The most frequently registered CNS lesions found using brain imaging methods were brain infarcts or necrosis, brain atrophies, and corpus callosum lesions. IKBKG exon 4–10 deletion was present in 86.00% of genetically confirmed IP patients. The frequency of CNS anomalies, similar to the frequency of retinal anomalies in IP patients, concurrent with their severity, supports their recognition in the list of IP minor criteria.

  18. Diagnosis of Fetal Central Nervous System Anomalies by Ultrasonography

    Directory of Open Access Journals (Sweden)

    F. Tuncay Ozgunen

    2003-04-01

    Full Text Available During the last 30 years, one of the most important instruments in diagnosis is ultrasonograph. It has an indispensible place in obstetrics. Its it possible to evaluate normal fetal anatomy, to follow-up fetal growth and to diagnose fetal congenital anomalies by ultrasonography. Central nervous system anomalies is the one of the most commonly seen and the best time for screening is between 18- and 22-week of pregnancy. In this paper, it is presented the sonographic features of some outstanding Central Nervous System anomalies. [Archives Medical Review Journal 2003; 12(2.000: 77-89

  19. Autonomic intrusion detection: Adaptively detecting anomalies over unlabeled audit data streams in computer networks

    KAUST Repository

    Wang, Wei

    2014-06-22

    In this work, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-managing: self-labeling, self-updating and self-adapting. Our framework employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies. Two large real HTTP traffic streams collected in our institute as well as a set of benchmark KDD’99 data are used to validate the framework and the method. The test results show that the autonomic model achieves better results in terms of effectiveness and efficiency compared to adaptive Sequential Karhunen–Loeve method and static AP as well as three other static anomaly detection methods, namely, k-NN, PCA and SVM.

  20. An anomaly detection and isolation scheme with instance-based learning and sequential analysis

    International Nuclear Information System (INIS)

    This paper presents an online anomaly detection and isolation (FDI) technique using an instance-based learning method combined with a sequential change detection and isolation algorithm. The proposed method uses kernel density estimation techniques to build statistical models of the given empirical data (null hypothesis). The null hypothesis is associated with the set of alternative hypotheses modeling the abnormalities of the systems. A decision procedure involves a sequential change detection and isolation algorithm. Notably, the proposed method enjoys asymptotic optimality as the applied change detection and isolation algorithm is optimal in minimizing the worst mean detection/isolation delay for a given mean time before a false alarm or a false isolation. Applicability of this methodology is illustrated with redundant sensor data set and its performance. (authors)

  1. Fuzzy neural networks for classification and detection of anomalies.

    Science.gov (United States)

    Meneganti, M; Saviello, F S; Tagliaferri, R

    1998-01-01

    In this paper, a new learning algorithm for the Simpson's fuzzy min-max neural network is presented. It overcomes some undesired properties of the Simpson's model: specifically, in it there are neither thresholds that bound the dimension of the hyperboxes nor sensitivity parameters. Our new algorithm improves the network performance: in fact, the classification result does not depend on the presentation order of the patterns in the training set, and at each step, the classification error in the training set cannot increase. The new neural model is particularly useful in classification problems as it is shown by comparison with some fuzzy neural nets cited in literature (Simpson's min-max model, fuzzy ARTMAP proposed by Carpenter, Grossberg et al. in 1992, adaptive fuzzy systems as introduced by Wang in his book) and the classical multilayer perceptron neural network with backpropagation learning algorithm. The tests were executed on three different classification problems: the first one with two-dimensional synthetic data, the second one with realistic data generated by a simulator to find anomalies in the cooling system of a blast furnace, and the third one with real data for industrial diagnosis. The experiments were made following some recent evaluation criteria known in literature and by using Microsoft Visual C++ development environment on personal computers. PMID:18255771

  2. A Comparative Evaluation of Unsupervised Anomaly Detection Algorithms for Multivariate Data

    Science.gov (United States)

    Goldstein, Markus; Uchida, Seiichi

    2016-01-01

    Anomaly detection is the process of identifying unexpected items or events in datasets, which differ from the norm. In contrast to standard classification tasks, anomaly detection is often applied on unlabeled data, taking only the internal structure of the dataset into account. This challenge is known as unsupervised anomaly detection and is addressed in many practical applications, for example in network intrusion detection, fraud detection as well as in the life science and medical domain. Dozens of algorithms have been proposed in this area, but unfortunately the research community still lacks a comparative universal evaluation as well as common publicly available datasets. These shortcomings are addressed in this study, where 19 different unsupervised anomaly detection algorithms are evaluated on 10 different datasets from multiple application domains. By publishing the source code and the datasets, this paper aims to be a new well-funded basis for unsupervised anomaly detection research. Additionally, this evaluation reveals the strengths and weaknesses of the different approaches for the first time. Besides the anomaly detection performance, computational effort, the impact of parameter settings as well as the global/local anomaly detection behavior is outlined. As a conclusion, we give an advise on algorithm selection for typical real-world tasks. PMID:27093601

  3. A Comparative Evaluation of Unsupervised Anomaly Detection Algorithms for Multivariate Data.

    Science.gov (United States)

    Goldstein, Markus; Uchida, Seiichi

    2016-01-01

    Anomaly detection is the process of identifying unexpected items or events in datasets, which differ from the norm. In contrast to standard classification tasks, anomaly detection is often applied on unlabeled data, taking only the internal structure of the dataset into account. This challenge is known as unsupervised anomaly detection and is addressed in many practical applications, for example in network intrusion detection, fraud detection as well as in the life science and medical domain. Dozens of algorithms have been proposed in this area, but unfortunately the research community still lacks a comparative universal evaluation as well as common publicly available datasets. These shortcomings are addressed in this study, where 19 different unsupervised anomaly detection algorithms are evaluated on 10 different datasets from multiple application domains. By publishing the source code and the datasets, this paper aims to be a new well-funded basis for unsupervised anomaly detection research. Additionally, this evaluation reveals the strengths and weaknesses of the different approaches for the first time. Besides the anomaly detection performance, computational effort, the impact of parameter settings as well as the global/local anomaly detection behavior is outlined. As a conclusion, we give an advise on algorithm selection for typical real-world tasks. PMID:27093601

  4. Multiple Kernel Learning for Heterogeneous Anomaly Detection: Algorithm and Aviation Safety Case Study

    Science.gov (United States)

    Das, Santanu; Srivastava, Ashok N.; Matthews, Bryan L.; Oza, Nikunj C.

    2010-01-01

    The world-wide aviation system is one of the most complex dynamical systems ever developed and is generating data at an extremely rapid rate. Most modern commercial aircraft record several hundred flight parameters including information from the guidance, navigation, and control systems, the avionics and propulsion systems, and the pilot inputs into the aircraft. These parameters may be continuous measurements or binary or categorical measurements recorded in one second intervals for the duration of the flight. Currently, most approaches to aviation safety are reactive, meaning that they are designed to react to an aviation safety incident or accident. In this paper, we discuss a novel approach based on the theory of multiple kernel learning to detect potential safety anomalies in very large data bases of discrete and continuous data from world-wide operations of commercial fleets. We pose a general anomaly detection problem which includes both discrete and continuous data streams, where we assume that the discrete streams have a causal influence on the continuous streams. We also assume that atypical sequence of events in the discrete streams can lead to off-nominal system performance. We discuss the application domain, novel algorithms, and also discuss results on real-world data sets. Our algorithm uncovers operationally significant events in high dimensional data streams in the aviation industry which are not detectable using state of the art methods

  5. A program to compute magnetic anomaly detection probabilities

    OpenAIRE

    Forrest, R. N.

    1988-01-01

    Approved for public release, distribution unlimited This report was prepared in conjunction with research conducted for the Chief of Naval Operations and funded by the Naval Postgraduate School Second Revision The report contains user instructions, a listing and documentation for a microcomputer BASIC program that can be used to compute an estimate of the probability that a magnetic anamoly detection (MAD) system such as the AN/ASQ-81 will detect a submarine during an encounter. (rh)

  6. Accumulating pyramid spatial-spectral collaborative coding divergence for hyperspectral anomaly detection

    Science.gov (United States)

    Sun, Hao; Zou, Huanxin; Zhou, Shilin

    2016-03-01

    Detection of anomalous targets of various sizes in hyperspectral data has received a lot of attention in reconnaissance and surveillance applications. Many anomaly detectors have been proposed in literature. However, current methods are susceptible to anomalies in the processing window range and often make critical assumptions about the distribution of the background data. Motivated by the fact that anomaly pixels are often distinctive from their local background, in this letter, we proposed a novel hyperspectral anomaly detection framework for real-time remote sensing applications. The proposed framework consists of four major components, sparse feature learning, pyramid grid window selection, joint spatial-spectral collaborative coding and multi-level divergence fusion. It exploits the collaborative representation difference in the feature space to locate potential anomalies and is totally unsupervised without any prior assumptions. Experimental results on airborne recorded hyperspectral data demonstrate that the proposed methods adaptive to anomalies in a large range of sizes and is well suited for parallel processing.

  7. On-road anomaly detection by multimodal sensor analysis and multimedia processing

    Science.gov (United States)

    Orhan, Fatih; Eren, P. E.

    2014-03-01

    The use of smartphones in Intelligent Transportation Systems is gaining popularity, yet many challenges exist in developing functional applications. Due to the dynamic nature of transportation, vehicular social applications face complexities such as developing robust sensor management, performing signal and image processing tasks, and sharing information among users. This study utilizes a multimodal sensor analysis framework which enables the analysis of sensors in multimodal aspect. It also provides plugin-based analyzing interfaces to develop sensor and image processing based applications, and connects its users via a centralized application as well as to social networks to facilitate communication and socialization. With the usage of this framework, an on-road anomaly detector is being developed and tested. The detector utilizes the sensors of a mobile device and is able to identify anomalies such as hard brake, pothole crossing, and speed bump crossing. Upon such detection, the video portion containing the anomaly is automatically extracted in order to enable further image processing analysis. The detection results are shared on a central portal application for online traffic condition monitoring.

  8. A Mobile Device System for Early Warning of ECG Anomalies

    Directory of Open Access Journals (Sweden)

    Adam Szczepański

    2014-06-01

    Full Text Available With the rapid increase in computational power of mobile devices the amount of ambient intelligence-based smart environment systems has increased greatly in recent years. A proposition of such a solution is described in this paper, namely real time monitoring of an electrocardiogram (ECG signal during everyday activities for identification of life threatening situations. The paper, being both research and review, describes previous work of the authors, current state of the art in the context of the authors’ work and the proposed aforementioned system. Although parts of the solution were described in earlier publications of the authors, the whole concept is presented completely for the first time along with the prototype implementation on mobile device—a Windows 8 tablet with Modern UI. The system has three main purposes. The first goal is the detection of sudden rapid cardiac malfunctions and informing the people in the patient’s surroundings, family and friends and the nearest emergency station about the deteriorating health of the monitored person. The second goal is a monitoring of ECG signals under non-clinical conditions to detect anomalies that are typically not found during diagnostic tests. The third goal is to register and analyze repeatable, long-term disturbances in the regular signal and finding their patterns.

  9. Small-scale anomaly detection in panoramic imaging using neural models of low-level vision

    Science.gov (United States)

    Casey, Matthew C.; Hickman, Duncan L.; Pavlou, Athanasios; Sadler, James R. E.

    2011-06-01

    Our understanding of sensory processing in animals has reached the stage where we can exploit neurobiological principles in commercial systems. In human vision, one brain structure that offers insight into how we might detect anomalies in real-time imaging is the superior colliculus (SC). The SC is a small structure that rapidly orients our eyes to a movement, sound or touch that it detects, even when the stimulus may be on a small-scale; think of a camouflaged movement or the rustle of leaves. This automatic orientation allows us to prioritize the use of our eyes to raise awareness of a potential threat, such as a predator approaching stealthily. In this paper we describe the application of a neural network model of the SC to the detection of anomalies in panoramic imaging. The neural approach consists of a mosaic of topographic maps that are each trained using competitive Hebbian learning to rapidly detect image features of a pre-defined shape and scale. What makes this approach interesting is the ability of the competition between neurons to automatically filter noise, yet with the capability of generalizing the desired shape and scale. We will present the results of this technique applied to the real-time detection of obscured targets in visible-band panoramic CCTV images. Using background subtraction to highlight potential movement, the technique is able to correctly identify targets which span as little as 3 pixels wide while filtering small-scale noise.

  10. Behavior Based Anomaly Detection Technique to Mitigate the Routing Misbehavior in MANET

    Directory of Open Access Journals (Sweden)

    T.V.P.Sundararajan

    2009-05-01

    Full Text Available Mobile ad hoc network does not have traffic concentration points such as gateway or access points which perform behavior monitoring of individual nodes. Therefore, maintaining the network function for normal nodes when other nodes do not route and forward correctly is a big challenge. This paper, address the behavior based anomaly detection technique inspired by the biological immune system to enhance the performance of MANET to operate despite the presence of misbehaving nodes. Due to its reliance on overhearing, the existing watchdog technique may fail to detect misbehavior or raise false alarms in the presence of ambiguous collisions, receiver collisions, and limited transmission power. Our proposed scheme uses intelligent machine learning techniques that learns and detects each node by false alarm and negative selection approach. We consider DSR, AODV and DSDV [24],[25] as underlying routing protocol which are highly vulnerable to routing misbehavior. Analytical and simulation results are presented to evaluate the performance of the proposed scheme. Keywords: intrusion detection, anomaly detection, mobile ad hoc network, security.

  11. Adaptive cancellation of geomagnetic background noise for magnetic anomaly detection using coherence

    International Nuclear Information System (INIS)

    Magnetic anomaly detection (MAD) is an effective method for the detection of ferromagnetic targets against background magnetic fields. Currently, the performance of MAD systems is mainly limited by the background geomagnetic noise. Several techniques have been developed to detect target signatures, such as the synchronous reference subtraction (SRS) method. In this paper, we propose an adaptive coherent noise suppression (ACNS) method. The proposed method is capable of evaluating and detecting weak anomaly signals buried in background geomagnetic noise. Tests with real-world recorded magnetic signals show that the ACNS method can excellently remove the background geomagnetic noise by about 21 dB or more in high background geomagnetic field environments. Additionally, as a general form of the SRS method, the ACNS method offers appreciable advantages over the existing algorithms. Compared to the SRS method, the ACNS algorithm can eliminate the false target signals and represents a noise suppressing capability improvement of 6.4 dB. The positive outcomes in terms of intelligibility make this method a potential candidate for application in MAD systems. (paper)

  12. Robust and Accurate Anomaly Detection in ECG Artifacts Using Time Series Motif Discovery

    OpenAIRE

    Haemwaan Sivaraks; Chotirat Ann Ratanamahatana

    2015-01-01

    Electrocardiogram (ECG) anomaly detection is an important technique for detecting dissimilar heartbeats which helps identify abnormal ECGs before the diagnosis process. Currently available ECG anomaly detection methods, ranging from academic research to commercial ECG machines, still suffer from a high false alarm rate because these methods are not able to differentiate ECG artifacts from real ECG signal, especially, in ECG artifacts that are similar to ECG signals in terms of shape and/or fr...

  13. Aircraft Anomaly Detection Using Performance Models Trained on Fleet Data

    Science.gov (United States)

    Gorinevsky, Dimitry; Matthews, Bryan L.; Martin, Rodney

    2012-01-01

    This paper describes an application of data mining technology called Distributed Fleet Monitoring (DFM) to Flight Operational Quality Assurance (FOQA) data collected from a fleet of commercial aircraft. DFM transforms the data into aircraft performance models, flight-to-flight trends, and individual flight anomalies by fitting a multi-level regression model to the data. The model represents aircraft flight performance and takes into account fixed effects: flight-to-flight and vehicle-to-vehicle variability. The regression parameters include aerodynamic coefficients and other aircraft performance parameters that are usually identified by aircraft manufacturers in flight tests. Using DFM, the multi-terabyte FOQA data set with half-million flights was processed in a few hours. The anomalies found include wrong values of competed variables, (e.g., aircraft weight), sensor failures and baises, failures, biases, and trends in flight actuators. These anomalies were missed by the existing airline monitoring of FOQA data exceedances.

  14. Detecting Anomaly Regions in Satellite Image Time Series Based on Sesaonal Autocorrelation Analysis

    Science.gov (United States)

    Zhou, Z.-G.; Tang, P.; Zhou, M.

    2016-06-01

    Anomaly regions in satellite images can reflect unexpected changes of land cover caused by flood, fire, landslide, etc. Detecting anomaly regions in satellite image time series is important for studying the dynamic processes of land cover changes as well as for disaster monitoring. Although several methods have been developed to detect land cover changes using satellite image time series, they are generally designed for detecting inter-annual or abrupt land cover changes, but are not focusing on detecting spatial-temporal changes in continuous images. In order to identify spatial-temporal dynamic processes of unexpected changes of land cover, this study proposes a method for detecting anomaly regions in each image of satellite image time series based on seasonal autocorrelation analysis. The method was validated with a case study to detect spatial-temporal processes of a severe flooding using Terra/MODIS image time series. Experiments demonstrated the advantages of the method that (1) it can effectively detect anomaly regions in each of satellite image time series, showing spatial-temporal varying process of anomaly regions, (2) it is flexible to meet some requirement (e.g., z-value or significance level) of detection accuracies with overall accuracy being up to 89% and precision above than 90%, and (3) it does not need time series smoothing and can detect anomaly regions in noisy satellite images with a high reliability.

  15. Lunar magnetic anomalies detected by the Apollo subsatellite magnetometers

    Science.gov (United States)

    Hood, L. L.; Coleman, P. J., Jr.; Russell, C. T.; Wilhelms, D. E.

    1979-01-01

    Properties of lunar crustal magnetization thus far deduced from Apollo subsatellite magnetometer data are reviewed using two of the most accurate available magnetic anomaly maps, one covering a portion of the lunar near side and the other a part of the far side. The largest single anomaly found within the region of coverage on the near-side map correlates exactly with a conspicuous light-colored marking in western Oceanus Procellarum called Reiner Gamma. This feature is interpreted as an unusual deposit of ejecta from secondary craters of the large nearby primary impact crater Cavalerius. The mean altitude of the far-side anomaly gap is much higher than that of the near side map and the surface geology is more complex; individual anomaly sources have therefore not yet been identified. The mechanism of magnetization and the origin of the magnetizing field remain unresolved, but the uniformity with which the Reiner Gamma deposit is apparently magnetized, and the north-south depletion of magnetization intensity across a substantial portion of the far side, seem to require the existence of an ambient field, perhaps of global or larger extent.

  16. Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm

    OpenAIRE

    Greensmith, Julie; Aickelin, Uwe; Tedesco, Gianni

    2010-01-01

    Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system, providing the initial detection of pathogenic invaders. Research into this family of cells has revealed that they perform information fusion which directs immune responses. We have derived a Dendritic Cell Algorithm based on the functionality of these cells, by modelling the biological signals and differentiation pathways to build a control mechanism for an artificial im...

  17. Modeling Stochastic Anomalies in an SIS and SIRS System

    OpenAIRE

    Vlasic, Andrew

    2012-01-01

    I propose a stochastic SIS and SIRS system to include a Poisson measure term to model anomalies in the dynamics. In particular the positive integrand in the Poisson term is intended to model quarantine. Conditions are given for the stability of the disease free equilibrium for both systems.

  18. MULTI-LEVEL NETWORK RESILIENCE: TRAFFIC ANALYSIS, ANOMALY DETECTION AND SIMULATION

    Directory of Open Access Journals (Sweden)

    Angelos Marnerides

    2011-06-01

    Full Text Available Traffic analysis and anomaly detection have been extensively used to characterize network utilization as well as to identify abnormal network traffic such as malicious attacks. However, so far, techniques for traffic analysis and anomaly detection have been carried out independently, relying on mechanisms and algorithms either in edge or in core networks alone. In this paper we propose the notion of multi-level network resilience, in order to provide a more robust traffic analysis and anomaly detection architecture, combining mechanisms and algorithms operating in a coordinated fashion both in the edge and in the core networks. This work is motivated by the potential complementarities between the research being developed at IIT Madras and Lancaster University. In this paper we describe the current work being developed at IIT Madras and Lancaster on traffic analysis and anomaly detection, and outline the principles of a multi-level resilience architecture.

  19. nu-Anomica: A Fast Support Vector Based Anomaly Detection Technique

    Data.gov (United States)

    National Aeronautics and Space Administration — In this paper we propose $nu$-Anomica, a novel anomaly detection technique that can be trained on huge data sets with much reduced running time compared to the...

  20. Multivariate diagnostics and anomaly detection for nuclear safeguards

    International Nuclear Information System (INIS)

    For process control and other reasons, new and future nuclear reprocessing plants are expected to be increasingly more automated than older plants. As a consequence of this automation, the quantity of data potentially available for safeguards may be much greater in future reprocessing plants than in current plants. The authors first review recent literature that applies multivariate Shewhart and multivariate cumulative sum (Cusum) tests to detect anomalous data. These tests are used to evaluate residuals obtained from a simulated three-tank problem in which five variables (volume, density, and concentrations of uranium, plutonium, and nitric acid) in each tank are modeled and measured. They then present results from several simulations involving transfers between the tanks and between the tanks and the environment. Residuals from a no-fault problem in which the measurements and model predictions are both correct are used to develop Cusum test parameters which are then used to test for faults for several simulated anomalous situations, such as an unknown leak or diversion of material from one of the tanks. The leak can be detected by comparing measurements, which estimate the true state of the tank system, with the model predictions, which estimate the state of the tank system as it ''should'' be. The no-fault simulation compares false alarm behavior for the various tests, whereas the anomalous problems allow one to compare the power of the various tests to detect faults under possible diversion scenarios. For comparison with the multivariate tests, univariate tests are also applied to the residuals

  1. Extracting Hidden Anomalies using Sketch and Non Gaussian Multiresolution Statistical Detection Procedures

    OpenAIRE

    Dewaele, Guillaume; Fukuda, Kensuke; Borgnat, Pierre; Abry, Patrice; Cho, Kenjiro

    2007-01-01

    International audience A new profile-based anomaly detection and characterization procedure is proposed. It aims at performing prompt and accurate detection of both short-lived and long-lasting low-intensity anomalies, without the recourse of any prior knowledge of the targetted traffic. Key features of the algorithm lie in the joint use of random projection techniques (sketches) and of a multiresolution non Gaussian marginal distribution modeling. The former enables both a reduction in th...

  2. Applying static code analysis to firewall policies for the purpose of anomaly detection

    OpenAIRE

    Zaliva, Vadim

    2011-01-01

    Treating modern firewall policy languages as imperative, special purpose programming languages, in this article we will try to apply static code analysis techniques for the purpose of anomaly detection. We will first abstract a policy in common firewall policy language into an intermediate language, and then we will try to apply anomaly detection algorithms to it. The contributions made by this work are: 1. An analysis of various control flow instructions in popular firewall policy languages ...

  3. Anomaly detection in OECD Benchmark data using co-variance methods

    International Nuclear Information System (INIS)

    OECD Benchmark data distributed for the SMORN VI Specialists Meeting in Reactor Noise were investigated for anomaly detection in artificially generated reactor noise benchmark analysis. It was observed that statistical features extracted from covariance matrix of frequency components are very sensitive in terms of the anomaly detection level. It is possible to create well defined alarm levels. (R.P.) 5 refs.; 23 figs.; 1 tab

  4. Multi-level anomaly detection: Relevance of big data analytics in networks

    Indian Academy of Sciences (India)

    Saad Y Sait; Akshay Bhandari; Shreya Khare; Cyriac James; Hema A Murthy

    2015-09-01

    The Internet has become a vital source of information; internal and external attacks threaten the integrity of the LAN connected to the Internet. In this work, several techniques have been described for detection of such threats. We have focussed on anomaly-based intrusion detection in the campus environment at the network edge. A campus LAN consisting of more than 9000 users with a 90 Mbps internet access link is a large network. Therefore, efficient techniques are required to handle such big data and to model user behaviour. Proxy server logs of a campus LAN and edge router traces have been used for anomalies like abusive Internet access, systematic downloading (internal threats) and DDoS attacks (external threat); our techniques involve machine learning and time series analysis applied at different layers in TCP/IP stack. Accuracy of our techniques has been demonstrated through extensive experimentation on huge and varied datasets. All the techniques are applicable at the edge and can be integrated into a Network Intrusion Detection System.

  5. Detecting and modeling persistent self-potential anomalies from underground nuclear explosions at the Nevada Test Site

    International Nuclear Information System (INIS)

    Self-potential anomalies are naturally occurring, nearly stationary electric fields that are detected by measuring the potential difference between two points on (or in) the ground. SP anomalies arise from a number of causes: principally electrochemical reactions, and heat and fluid flows. SP is routinely used to locate mineral deposits, geothermal systems, and zones of seepage. This paper is a progress report on our work toward detecting explosion-related SP signals at the Nevada Test Site (NTS) and in understanding the physics of these anomalies that persist and continue changing over periods of time that range from months to years. As background, we also include a brief description of how SP signals arise, and we mention their use in other areas such as exploring for geothermal resources and locating seepage through dams. Between the years 1988 and 1991, we surveyed the areas around seven underground nuclear tests for persistent SP anomalies. We not only detected anomalies, but we also found that various phenomena could be contributing to them and that we did not know which of these were actually occurring. We analyzed our new data with existing steady state codes and with a newly developed time-dependent thermal modeling code. Our results with the new code showed that the conductive decay of the thermal pulse from an underground nuclear test could produce many of the observed signals, and that others are probably caused by movement of fluid induced by the explosion. 25 refs

  6. Anomaly Detection Techniques with Real Test Data from a Spinning Turbine Engine-Like Rotor

    Science.gov (United States)

    Abdul-Aziz, Ali; Woike, Mark R.; Oza, Nikunj C.; Matthews, Bryan L.

    2012-01-01

    Online detection techniques to monitor the health of rotating engine components are becoming increasingly attractive to aircraft engine manufacturers in order to increase safety of operation and lower maintenance costs. Health monitoring remains a challenge to easily implement, especially in the presence of scattered loading conditions, crack size, component geometry, and materials properties. The current trend, however, is to utilize noninvasive types of health monitoring or nondestructive techniques to detect hidden flaws and mini-cracks before any catastrophic event occurs. These techniques go further to evaluate material discontinuities and other anomalies that have grown to the level of critical defects that can lead to failure. Generally, health monitoring is highly dependent on sensor systems capable of performing in various engine environmental conditions and able to transmit a signal upon a predetermined crack length, while acting in a neutral form upon the overall performance of the engine system.

  7. Anomaly Detection Algorithm for Stay Cable Monitoring Data Based on Data Fusion

    Institute of Scientific and Technical Information of China (English)

    Xiaoling Liu,Qiao Huang∗; Yuan Ren

    2016-01-01

    In order to improve the accuracy and consistency of data in health monitoring system, an anomaly detection algorithm for stay cables based on data fusion is proposed. The monitoring data of Nanjing No. 3 Yangtze River Bridge is used as the basis of study. Firstly, an adaptive processing framework with feedback control is established based on the concept of data fusion. The data processing contains four steps: data specification, data cleaning, data conversion and data fusion. Data processing information offers feedback to the original data system, which further gives guidance for the sensor maintenance or replacement. Subsequently, the algorithm steps based on the continuous data distortion is investigated,which integrates the inspection data and the distribution test method. Finally, a group of cable force data is utilized as an example to verify the established framework and algorithm. Experimental results show that the proposed algorithm can achieve high detection accuracy, providing a valuable reference for other monitoring data processing.

  8. Mobile magnetic anomaly detection using a field-compensated high-Tc single layer SQUID gradiometer

    International Nuclear Information System (INIS)

    High-Tc single layer SQUID gradiometers are useful for measuring small localized magnetic fields in the presence of much larger background interference. Such sensors have been used extensively for eddy-current non-destructive evaluation and biomagnetic measurements, where the sensor is stationary or scanned in a straight line. However for magnetic anomaly detection (MAD) and geophysical exploration it is necessary that gradiometers can undergo rotation and vibration in the Earth's magnetic field without degrading their sensitivity. We describe a portable system that uses background field cancellation techniques to allow a gradiometer's orientation to change during magnetic mapping applications without compromising its sensitivity. We describe the system setup and demonstrate its capability to detect a magnetic target whilst undergoing random motion in a laboratory environment.

  9. Comparison of Ultrasound and MRI in Detecting Fetal Anomalies

    OpenAIRE

    R Abdi; Majidi, H.

    2005-01-01

    Introduction & Background: Ultrasound (US) and MRI are considered complementary technologies, and MRI is utilized as an adjunct to US in the evaluation of fetal anomalies. Overall ultrasound remains the prime mo-dality for evaluating disorders of the fetus and pregnancy. Ultrasound continues to have several obvious advan-tages over MRI. It is safe and relatively inexpensive and is widely available It also allows for real-time imaging. However, US does have important limitations. First, it...

  10. Recurring Anomaly Detection System (ReADS)

    Data.gov (United States)

    National Aeronautics and Space Administration — Overview: ReADS can analyze text reports, such as aviation reports and problem or maintenance records. ReADS uses text clustering algorithms to group loosely...

  11. Lunar magnetic anomalies detected by the Apollo substatellite magnetometers

    Science.gov (United States)

    Hood, L.L.; Coleman, P.J., Jr.; Russell, C.T.; Wilhelms, D.E.

    1979-01-01

    Properties of lunar crustal magnetization thus far deduced from Apollo subsatellite magnetometer data are reviewed using two of the most accurate presently available magnetic anomaly maps - one covering a portion of the lunar near side and the other a part of the far side. The largest single anomaly found within the region of coverage on the near-side map correlates exactly with a conspicuous, light-colored marking in western Oceanus Procellarum called Reiner Gamma. This feature is interpreted as an unusual deposit of ejecta from secondary craters of the large nearby primary impact crater Cavalerius. An age for Cavalerius (and, by implication, for Reiner Gamma) of 3.2 ?? 0.2 ?? 109 y is estimated. The main (30 ?? 60 km) Reiner Gamma deposit is nearly uniformly magnetized in a single direction, with a minimum mean magnetization intensity of ???7 ?? 10-2 G cm3/g (assuming a density of 3 g/cm3), or about 700 times the stable magnetization component of the most magnetic returned samples. Additional medium-amplitude anomalies exist over the Fra Mauro Formation (Imbrium basin ejecta emplaced ???3.9 ?? 109 y ago) where it has not been flooded by mare basalt flows, but are nearly absent over the maria and over the craters Copernicus, Kepler, and Reiner and their encircling ejecta mantles. The mean altitude of the far-side anomaly gap is much higher than that of the near-side map and the surface geology is more complex, so individual anomaly sources have not yet been identified. However, it is clear that a concentration of especially strong sources exists in the vicinity of the craters Van de Graaff and Aitken. Numerical modeling of the associated fields reveals that the source locations do not correspond with the larger primary impact craters of the region and, by analogy with Reiner Gamma, may be less conspicuous secondary crater ejecta deposits. The reason for a special concentration of strong sources in the Van de Graaff-Aitken region is unknown, but may be indirectly

  12. Estimation of fuzzy anomalies in Water Distribution Systems

    CERN Document Server

    Izquierdo, J; Pérez, R; Martinez, F J

    2007-01-01

    State estimation is necessary in diagnosing anomalies in Water Demand Systems (WDS). In this paper we present a neural network performing such a task. State estimation is performed by using optimization, which tries to reconcile all the available information. Quantification of the uncertainty of the input data (telemetry measures and demand predictions) can be achieved by means of robust estate estimation. Using a mathematical model of the network, fuzzy estimated states for anomalous states of the network can be obtained. They are used to train a neural network capable of assessing WDS anomalies associated with particular sets of measurements.

  13. The Anomaly Detection in SMTP Traffic Based on Leaky Integrate-and-Fire Model

    Institute of Scientific and Technical Information of China (English)

    LUO Hao; FANG Bin-xing; YUN Xiao-chun

    2006-01-01

    This paper investigated an effective and robust mechanism for detecting simple mail transfer protocol(SMTP) traffic anomaly. The detection method cumulates the deviation of current delivering status from history behavior based on a weighted sum method called the leaky integrate-and-fire model to detect anomaly. The simplicity of the detection method is that the method need not store history profile and low computation overhead, which makes the detection method itself immunes to attacks. The performance is investigated in terms of detection probability, the false alarm ratio, and the detection delay. The results show that leaky integrate-and-fire method is quite effective at detecting constant intensity attacks and increasing intensity attacks. Compared with the non-parametric cumulative sum method, the evaluation results show that the proposed detection method has shorter detection latency and higher detection probability.

  14. Multi-Level Anomaly Detection on Time-Varying Graph Data

    Energy Technology Data Exchange (ETDEWEB)

    Bridges, Robert A [ORNL; Collins, John P [ORNL; Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Sullivan, Blair D [ORNL

    2015-01-01

    This work presents a novel modeling and analysis framework for graph sequences which addresses the challenge of detecting and contextualizing anomalies in labelled, streaming graph data. We introduce a generalization of the BTER model of Seshadhri et al. by adding flexibility to community structure, and use this model to perform multi-scale graph anomaly detection. Specifically, probability models describing coarse subgraphs are built by aggregating probabilities at finer levels, and these closely related hierarchical models simultaneously detect deviations from expectation. This technique provides insight into a graph's structure and internal context that may shed light on a detected event. Additionally, this multi-scale analysis facilitates intuitive visualizations by allowing users to narrow focus from an anomalous graph to particular subgraphs or nodes causing the anomaly. For evaluation, two hierarchical anomaly detectors are tested against a baseline Gaussian method on a series of sampled graphs. We demonstrate that our graph statistics-based approach outperforms both a distribution-based detector and the baseline in a labeled setting with community structure, and it accurately detects anomalies in synthetic and real-world datasets at the node, subgraph, and graph levels. To illustrate the accessibility of information made possible via this technique, the anomaly detector and an associated interactive visualization tool are tested on NCAA football data, where teams and conferences that moved within the league are identified with perfect recall, and precision greater than 0.786.

  15. Dielectric anomaly in coupled rotor systems

    OpenAIRE

    Shima, Hiroyuki; Nakayama, Tsuneyoshi

    2004-01-01

    The correlated dynamics of coupled quantum rotors carrying electric dipole moment is theoretically investigated. The energy spectra of coupled rotors as a function of dipolar interaction energy is analytically solved. The calculated dielectric susceptibilities of the system show the peculiar temperature dependence different from that of isolated rotors.

  16. Dielectric anomaly in coupled rotor systems

    OpenAIRE

    Shima, Hiroyuki; Nakayama, Tsuneyoshi

    2004-01-01

    The correlated dynamics of coupled quantum rotors carrying electric dipole moment is theoretically investigated. The energy spectra of coupled rotors as a function of dipolar interaction energy are analytically solved. The calculated dielectric susceptibilities of the system show a peculiar temperature dependence different from that of isolated rotors.

  17. Nonlinear Supersymmetry, Quantum Anomaly and Quasi-Exactly Solvable Systems

    CERN Document Server

    Klishevich, S M; Klishevich, Sergey; Plyushchay, Mikhail

    2001-01-01

    The nonlinear supersymmetry of one-dimensional systems is investigated in the context of the quantum anomaly problem. Any classical supersymmetric system characterized by the nonlinear in the Hamiltonian superalgebra is symplectomorphic to a supersymmetric canonical system with the holomorphic form of the supercharges. Depending on the behaviour of the superpotential, the canonical supersymmetric systems are separated into the three classes. In one of them the parameter specifying the supersymmetry order is subject to some sort of classical quantization, whereas the supersymmetry of another extreme class has a rather fictive nature since its fermion degrees of freedom are decoupled completely by a canonical transformation. The nonlinear supersymmetry with polynomial in momentum supercharges is analysed, and the most general one-parametric Calogero-like solution with the second order supercharges is found. Quantization of the systems of the canonical form reveals the two anomaly-free classes, one of which give...

  18. Advancements of Data Anomaly Detection Research in Wireless Sensor Networks: A Survey and Open Issues

    Directory of Open Access Journals (Sweden)

    Mohd Aizaini Maarof

    2013-08-01

    Full Text Available Wireless Sensor Networks (WSNs are important and necessary platforms for the future as the concept “Internet of Things” has emerged lately. They are used for monitoring, tracking, or controlling of many applications in industry, health care, habitat, and military. However, the quality of data collected by sensor nodes is affected by anomalies that occur due to various reasons, such as node failures, reading errors, unusual events, and malicious attacks. Therefore, anomaly detection is a necessary process to ensure the quality of sensor data before it is utilized for making decisions. In this review, we present the challenges of anomaly detection in WSNs and state the requirements to design efficient and effective anomaly detection models. We then review the latest advancements of data anomaly detection research in WSNs and classify current detection approaches in five main classes based on the detection methods used to design these approaches. Varieties of the state-of-the-art models for each class are covered and their limitations are highlighted to provide ideas for potential future works. Furthermore, the reviewed approaches are compared and evaluated based on how well they meet the stated requirements. Finally, the general limitations of current approaches are mentioned and further research opportunities are suggested and discussed.

  19. Advancements of data anomaly detection research in wireless sensor networks: a survey and open issues.

    Science.gov (United States)

    Rassam, Murad A; Zainal, Anazida; Maarof, Mohd Aizaini

    2013-01-01

    Wireless Sensor Networks (WSNs) are important and necessary platforms for the future as the concept "Internet of Things" has emerged lately. They are used for monitoring, tracking, or controlling of many applications in industry, health care, habitat, and military. However, the quality of data collected by sensor nodes is affected by anomalies that occur due to various reasons, such as node failures, reading errors, unusual events, and malicious attacks. Therefore, anomaly detection is a necessary process to ensure the quality of sensor data before it is utilized for making decisions. In this review, we present the challenges of anomaly detection in WSNs and state the requirements to design efficient and effective anomaly detection models. We then review the latest advancements of data anomaly detection research in WSNs and classify current detection approaches in five main classes based on the detection methods used to design these approaches. Varieties of the state-of-the-art models for each class are covered and their limitations are highlighted to provide ideas for potential future works. Furthermore, the reviewed approaches are compared and evaluated based on how well they meet the stated requirements. Finally, the general limitations of current approaches are mentioned and further research opportunities are suggested and discussed. PMID:23966182

  20. Superconducting gap anomaly in heavy fermion systems

    Indian Academy of Sciences (India)

    G C Rout; M S Ojha; S N Behera

    2008-04-01

    The heavy fermion system (HFS) is described by the periodic Anderson model (PAM), treating the Coulomb correlation between the -electrons in the mean-field Hartree-Fock approximation. Superconductivity is introduced by a BCS-type pairing term among the conduction electrons. Within this approximation the equation for the superconducting gap is derived, which depends on the effective position of the energy level of the -electrons relative to the Fermi level. The latter in turn depends on the occupation probability f of the -electrons. The gap equation is solved self-consistently with the equation for f; and their temperature dependences are studied for different positions of the bare -electron energy level, with respect to the Fermi level. The dependence of the superconducting gap on the hybridization leads to a re-entrant behaviour with increasing strength. The induced pairing between the -electrons and the pairing of mixed conduction and -electrons due to hybridization are also determined. The temperature dependence of the hybridization parameter, which characterizes the number of electrons with mixed character and represents the number of heavy electrons is studied. This number is shown to be small. The quasi-particle density of states (DOS) shows the existence of a pseudo-gap due to superconductivity and the signature of a hybridization gap at the Fermi level. For the choice of the model parameters, the DOS shows that the HFS is a metal and undergoes a transition to the gap-less superconducting state.

  1. A Statistical Detection of an Anomaly from a Few Noisy Tomographic Projections

    Directory of Open Access Journals (Sweden)

    Fillatre Lionel

    2005-01-01

    Full Text Available The problem of detecting an anomaly/target from a very limited number of noisy tomographic projections is addressed from the statistical point of view. The imaged object is composed of an environment, considered as a nuisance parameter, with a possibly hidden anomaly/target. The GLR test is used to solve the problem. When the projection linearly depends on the nuisance parameters, the GLR test coincides with an optimal statistical invariant test.

  2. An Economic Analysis of Prenatal Cytogenetic Technologies for Sonographically-Detected Fetal Anomalies

    OpenAIRE

    HARPER, Lorie M.; Sutton, Amelia L. M.; LONGMAN, Ryan E.; Odibo, Anthony O.

    2014-01-01

    When congenital anomalies are diagnosed on prenatal ultrasound, the current standard of care is to perform G-banded karyotyping on cultured amniotic cells. Chromosomal microarray (CMA) can detect smaller genomic deletions and duplications than traditional karyotype analysis. CMA is the first-tier test in postnatal evaluation of children with multiple congenital anomalies. Recent studies have demonstrated the utility of CMA in the prenatal setting and have advocated for widespread implementati...

  3. Advanced Unsupervised Classification Methods to Detect Anomalies on Earthen Levees Using Polarimetric SAR Imagery

    OpenAIRE

    Ramakalavathi Marapareddy; James V. Aanstoos; Nicolas H. Younan

    2016-01-01

    Fully polarimetric Synthetic Aperture Radar (polSAR) data analysis has wide applications for terrain and ground cover classification. The dynamics of surface and subsurface water events can lead to slope instability resulting in slough slides on earthen levees. Early detection of these anomalies by a remote sensing approach could save time versus direct assessment. We used L-band Synthetic Aperture Radar (SAR) to screen levees for anomalies. SAR technology, due to its high spatial resolution ...

  4. Advancements of Data Anomaly Detection Research in Wireless Sensor Networks: A Survey and Open Issues

    OpenAIRE

    Mohd. Aizaini Maarof; Rassam, Murad A.; Anazida Zainal

    2013-01-01

    Wireless Sensor Networks (WSNs) are important and necessary platforms for the future as the concept “Internet of Things” has emerged lately. They are used for monitoring, tracking, or controlling of many applications in industry, health care, habitat, and military. However, the quality of data collected by sensor nodes is affected by anomalies that occur due to various reasons, such as node failures, reading errors, unusual events, and malicious attacks. Therefore, anomaly detection is a nece...

  5. Anomaly Event Detection Method Based on Compressive Sensing and Iteration in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Shihua Cao

    2014-03-01

    Full Text Available Anomaly event detection is one of the research hotspots in wireless sensor networks. Aiming at the disadvantages of current detection solutions, a novel anomaly event detection algorithm based on compressed sensing and iteration is proposed. Firstly, a measured value can be sensed in each node, based on the compressed sensing. Then the problem of anomaly event detection is modeled as the minimization problem of weighted l1 norm, and OMP algorithm is adopted for solving the problem iteratively. And then the result of problem solving is judged according to detection functions. Finally, in the light of the judgment results, the weight value is updated for beginning a new round iteration. The loop won't stop until all the anomaly events are detected in wireless sensor networks. Simulation experimental results show the proposed algorithm has a better omission detection rate and false alarm rate in different noisy environments. In addition, the detection quality of this algorithm is higher than those of the traditional ones.

  6. GLRT Based Anomaly Detection for Sensor Network Monitoring

    KAUST Repository

    Harrou, Fouzi

    2015-12-07

    Proper operation of antenna arrays requires continuously monitoring their performances. When a fault occurs in an antenna array, the radiation pattern changes and can significantly deviate from the desired design performance specifications. In this paper, the problem of fault detection in linear antenna arrays is addressed within a statistical framework. Specifically, a statistical fault detection method based on the generalized likelihood ratio (GLR) principle is utilized for detecting potential faults in linear antenna arrays. The proposed method relies on detecting deviations in the radiation pattern of the monitored array with respect to a reference (fault-free) one. To assess the abilities of the GLR based fault detection method, three case studies involving different types of faults have been performed. The simulation results clearly illustrate the effectiveness of the GLR-based fault detection method in monitoring the performance of linear antenna arrays.

  7. Comparison of Ultrasound and MRI in Detecting Fetal Anomalies

    Directory of Open Access Journals (Sweden)

    R. Abdi

    2005-08-01

    Full Text Available Introduction & Background: Ultrasound (US and MRI are considered complementary technologies, and MRI is utilized as an adjunct to US in the evaluation of fetal anomalies. Overall ultrasound remains the prime mo-dality for evaluating disorders of the fetus and pregnancy. Ultrasound continues to have several obvious advan-tages over MRI. It is safe and relatively inexpensive and is widely available It also allows for real-time imaging. However, US does have important limitations. First, it is uniquely operator-and interpreter-dependent. In ad-dition, compared to MRI, US provides a smaller field-of-view, and the resolution of US images is restricted by penetration through soft tissues and bone. Thus, the sensitivity of US in evaluating the fetus is reduced in obese patients and in women whose pregnancies are complicated by low amniotic fluid volume. There is a growing body of literature on the use of MRI and has documented its usefulness in confirming or expanding upon US findings. On the contrary, MRI visualization of the fetus is not significantly limited by maternal obe-sity, fetal position, or oligohydramnios, and visualization of the brain is not restricted by the ossified skull. It provides superior soft-tissue contrast resolution and the ability to distinguish individual structures such as lung, liver, kidney, bowel, and gray and white matter. Patients & Methods: In this study, patients in the second and third trimesters of pregnancy were recruited on the basis of abnormal fetal US results within 2 days of MR imaging by another radiologist. Results: In some cases such as anencephaly which is associated with polyhydraminous or in multicystic dys-plastic kidney disease, MRI added no more information to ultrasonography; but in the following cases MRI had more data. In a fetus with bilateral hydronephrosis, MRI could differentiate PUV from UPJ stenosis by visualizing distention of the ureters. MRI allowed better depiction of complex anomalies

  8. Anomaly matching condition in two-dimensional systems

    CERN Document Server

    Dubinkin, O; Gubankova, E

    2016-01-01

    Based on Son-Yamamoto relation obtained for transverse part of triangle axial anomaly in ${\\rm QCD}_4$, we derive its analog in two-dimensional system. It connects the transverse part of mixed vector-axial current two-point function with diagonal vector and axial current two-point functions. Being fully non-perturbative, this relation may be regarded as anomaly matching for conductivities or certain transport coefficients depending on the system. We consider the holographic RG flows in holographic Yang-Mills-Chern-Simons theory via the Hamilton-Jacobi equation with respect to the radial coordinate. Within this holographic model it is found that the RG flows for the following relations are diagonal: Son-Yamamoto relation and the left-right polarization operator. Thus the Son-Yamamoto relation holds at wide range of energy scales.

  9. Using Statistical Process Control for detecting anomalies in multivariate spatiotemporal Earth Observations

    Science.gov (United States)

    Flach, Milan; Mahecha, Miguel; Gans, Fabian; Rodner, Erik; Bodesheim, Paul; Guanche-Garcia, Yanira; Brenning, Alexander; Denzler, Joachim; Reichstein, Markus

    2016-04-01

    The number of available Earth observations (EOs) is currently substantially increasing. Detecting anomalous patterns in these multivariate time series is an important step in identifying changes in the underlying dynamical system. Likewise, data quality issues might result in anomalous multivariate data constellations and have to be identified before corrupting subsequent analyses. In industrial application a common strategy is to monitor production chains with several sensors coupled to some statistical process control (SPC) algorithm. The basic idea is to raise an alarm when these sensor data depict some anomalous pattern according to the SPC, i.e. the production chain is considered 'out of control'. In fact, the industrial applications are conceptually similar to the on-line monitoring of EOs. However, algorithms used in the context of SPC or process monitoring are rarely considered for supervising multivariate spatio-temporal Earth observations. The objective of this study is to exploit the potential and transferability of SPC concepts to Earth system applications. We compare a range of different algorithms typically applied by SPC systems and evaluate their capability to detect e.g. known extreme events in land surface processes. Specifically two main issues are addressed: (1) identifying the most suitable combination of data pre-processing and detection algorithm for a specific type of event and (2) analyzing the limits of the individual approaches with respect to the magnitude, spatio-temporal size of the event as well as the data's signal to noise ratio. Extensive artificial data sets that represent the typical properties of Earth observations are used in this study. Our results show that the majority of the algorithms used can be considered for the detection of multivariate spatiotemporal events and directly transferred to real Earth observation data as currently assembled in different projects at the European scale, e.g. http://baci-h2020.eu

  10. Detection of Seismic Anomalies Linked to Emanations of Hydrocarbons in the Cuban Northwest Coast

    Directory of Open Access Journals (Sweden)

    Guillermo Miró Pagés

    2014-11-01

    Full Text Available The exploration of hydrocarbons to international scale constitutes a very complex and expensive task. Traditionally in the coast areas like the ones in the present work, the location of the exploration wells has been based on derived structural and stratigraphic information of geophysical data, mainly seismic; however it is well-known that in several regions similar of the world, the detection of superficial seeps of hydrocarbons confirm the existence of oil systems, has contributed to achieve a bigger dependability of the carried out prospectings, what has great importance considering the millionaire character of the financial expenditures who demands. For that reason, the main objective was to try to identify seismic anomalies typically associate with existences of hydrocarbons in Cuban coastareas. The main conclusion of this article is that the identification of seismic anomalies similar to those observed in the course of the present work can constitute a valuable additional informative element for the prospecting of hydrocarbons in areas of the Cuban coast.

  11. RFID-Based Human Behavior Modeling and Anomaly Detection for Elderly Care

    Directory of Open Access Journals (Sweden)

    Hui-Huang Hsu

    2010-01-01

    Full Text Available This research aimed at building an intelligent system that can detect abnormal behavior for the elderly at home. Active RFID tags can be deployed at home to help collect daily movement data of the elderly who carries an RFID reader. When the reader detects the signals from the tags, RSSI values that represent signal strength are obtained. The RSSI values are reversely related to the distance between the tags and the reader and they are recorded following the movement of the user. The movement patterns, not the exact locations, of the user are the major concern. With the movement data (RSSI values, the clustering technique is then used to build a personalized model of normal behavior. After the model is built, any incoming datum outside the model can be viewed as abnormal and an alarm can be raised by the system. In this paper, we present the system architecture for RFID data collection and preprocessing, clustering for anomaly detection, and experimental results. The results show that this novel approach is promising.

  12. Anomaly detection in random heterogeneous media Feynman-Kac formulae, stochastic homogenization and statistical inversion

    CERN Document Server

    Simon, Martin

    2015-01-01

    This monograph is concerned with the analysis and numerical solution of a stochastic inverse anomaly detection problem in electrical impedance tomography (EIT). Martin Simon studies the problem of detecting a parameterized anomaly in an isotropic, stationary and ergodic conductivity random field whose realizations are rapidly oscillating. For this purpose, he derives Feynman-Kac formulae to rigorously justify stochastic homogenization in the case of the underlying stochastic boundary value problem. The author combines techniques from the theory of partial differential equations and functional analysis with probabilistic ideas, paving the way to new mathematical theorems which may be fruitfully used in the treatment of the problem at hand. Moreover, the author proposes an efficient numerical method in the framework of Bayesian inversion for the practical solution of the stochastic inverse anomaly detection problem.   Contents Feynman-Kac formulae Stochastic homogenization Statistical inverse problems  Targe...

  13. Scalable Algorithms for Unsupervised Classification and Anomaly Detection in Large Geospatiotemporal Data Sets

    Science.gov (United States)

    Mills, R. T.; Hoffman, F. M.; Kumar, J.

    2015-12-01

    The increasing availability of high-resolution geospatiotemporal datasets from sources such as observatory networks, remote sensing platforms, and computational Earth system models has opened new possibilities for knowledge discovery and mining of ecological data sets fused from disparate sources. Traditional algorithms and computing platforms are impractical for the analysis and synthesis of data sets of this size; however, new algorithmic approaches that can effectively utilize the complex memory hierarchies and the extremely high levels of available parallelism in state-of-the-art high-performance computing platforms can enable such analysis. We describe some unsupervised knowledge discovery and anomaly detection approaches based on highly scalable parallel algorithms for k-means clustering and singular value decomposition, consider a few practical applications thereof to the analysis of climatic and remotely-sensed vegetation phenology data sets, and speculate on some of the new applications that such scalable analysis methods may enable.

  14. Prevalence of Perinatal Central Nervous System Anomalies in East Azarbaijan-Iran

    Directory of Open Access Journals (Sweden)

    M. Ghavami

    2011-06-01

    Full Text Available Background/Objective: Central nervous system (CNS anomalies are the most serious congenital abnormalities. Ultrasound examination is an effective and noninvasive modality for prenatal diagnosis of these anomalies. The purpose of the current study was to determine thefrequency of CNS and associated abnormalities.Patients and Methods: A total of 22500 pregnant women who were referred by obstetricians/ gynecologists for routine work up of pregnancy were scanned over a period of 3 years by two expert sonologists in a referral center using high resolution ultrasound unit.Results: After transabdominal sonographic examination of 22500 pregnant women, 112 (0.5%fetuses were detected with CNS anomalies, some of whom had more than one anomaly. Forty-one (37% Chiari malformations, 26 (23% monro and aqueductal stenosis cases, 18 (16% anencephaly cases, nine (8% encephaloceles, seven (6% microcephalies, five (4% Dandywalker syndromes,two (2% arachnoid cysts, two (2% agenesis of corpus callosum cases, one (1% holoprosencephaly and one (1% schizencephaly were reported in our study.Conclusion: According to our results, Chiari malformation and ydrocephalus were the most prevalent anomalies of CNS congenital abnormalities in East Azarbaijan, Iran. An accurate diagnosis depends upon fetal age, amniotic fluid volume, fetal position, operator experience and careful evaluation of the associated malformations, which are often present.

  15. Robust and Accurate Anomaly Detection in ECG Artifacts Using Time Series Motif Discovery

    Directory of Open Access Journals (Sweden)

    Haemwaan Sivaraks

    2015-01-01

    Full Text Available Electrocardiogram (ECG anomaly detection is an important technique for detecting dissimilar heartbeats which helps identify abnormal ECGs before the diagnosis process. Currently available ECG anomaly detection methods, ranging from academic research to commercial ECG machines, still suffer from a high false alarm rate because these methods are not able to differentiate ECG artifacts from real ECG signal, especially, in ECG artifacts that are similar to ECG signals in terms of shape and/or frequency. The problem leads to high vigilance for physicians and misinterpretation risk for nonspecialists. Therefore, this work proposes a novel anomaly detection technique that is highly robust and accurate in the presence of ECG artifacts which can effectively reduce the false alarm rate. Expert knowledge from cardiologists and motif discovery technique is utilized in our design. In addition, every step of the algorithm conforms to the interpretation of cardiologists. Our method can be utilized to both single-lead ECGs and multilead ECGs. Our experiment results on real ECG datasets are interpreted and evaluated by cardiologists. Our proposed algorithm can mostly achieve 100% of accuracy on detection (AoD, sensitivity, specificity, and positive predictive value with 0% false alarm rate. The results demonstrate that our proposed method is highly accurate and robust to artifacts, compared with competitive anomaly detection methods.

  16. A novel anomaly detection approach based on clustering and decision-level fusion

    Science.gov (United States)

    Zhong, Shengwei; Zhang, Ye

    2015-09-01

    In hyperspectral image processing, anomaly detection is a valuable way of searching targets whose spectral characteristics are not known, and the estimation of background signals is the key procedure. On account of the high dimensionality and complexity of hyperspectral image, dimensionality reduction and background suppression is necessary. In addition, the complementarity of different anomaly detection algorithms can be utilized to improve the effectiveness of anomaly detection. In this paper, we propose a novel method of anomaly detection, which is based on clustering of optimized K-means and decision-level fusion. In our proposed method, pixels with similar features are firstly clustered using an optimized k-means method. Secondly, dimensionality reduction is conducted using principle component analysis to reduce the amount of calculation. Then, to increase the accuracy of detection and decrease the false-alarm ratio, both Reed-Xiaoli (RX) and Kernel RX algorithm are used on processed image. Lastly, a decision-level fusion is processed on the detection results. A simulated hyperspectral image and a real hyperspectral one are both used to evaluate the performance of our proposed method. Visual analysis and quantative analysis of receiver operating characteristic (ROC) curves show that our algorithm can achieve better performance when compared with other classic approaches and state-of-the-art approaches.

  17. CTS TEP thermal anomalies: Heat pipe system performance

    Science.gov (United States)

    Marcus, B. D.

    1977-01-01

    A part of the investigation is summarized of the thermal anomalies of the transmitter experiment package (TEP) on the Communications Technology Satellite (CTS) which were observed on four occasions in 1977. Specifically, the possible failure modes of the variable conductance heat pipe system (VCHPS) used for principal thermal control of the high-power traveling wave tube in the TEP are considered. Further, the investigation examines how those malfunctions may have given rise to the TEP thermal anomalies. Using CTS flight data information, ground test results, analysis conclusions, and other relevant information, the investigation concentrated on artery depriming as the most likely VCHPS failure mode. Included in the study as possible depriming mechanisms were freezing of the working fluid, Marangoni flow, and gas evolution within the arteries. The report concludes that while depriming of the heat pipe arteries is consistent with the bulk of the observed data, the factors which cause the arteries to deprime have yet to be identified.

  18. Improvements in the method of radiation anomaly detection by spectral comparison ratios.

    Science.gov (United States)

    Pfund, D M; Anderson, K K; Detwiler, R S; Jarman, K D; McDonald, B S; Milbrath, B D; Myjak, M J; Paradis, N C; Robinson, S M; Woodring, M L

    2016-04-01

    We present a new procedure for configuring the Nuisance-rejection Spectral Comparison Ratio Anomaly Detection (N-SCRAD) method. The procedure minimizes detectable count rates of source spectra at a specified false positive rate using simulated annealing. We also present a new method for correcting the estimates of background variability used in N-SCRAD to current conditions of the total count rate. The correction lowers detection thresholds for a specified false positive rate, enabling greater sensitivity to targets. PMID:26807839

  19. Low frequency of Y anomaly detected in Australian Brahman cow-herds

    Directory of Open Access Journals (Sweden)

    Gregório M.F. de Camargo

    2015-02-01

    Full Text Available Indicine cattle have lower reproductive performance in comparison to taurine. A chromosomal anomaly characterized by the presence Y markers in females was reported and associated with infertility in cattle. The aim of this study was to investigate the occurrence of the anomaly in Brahman cows. Brahman cows (n = 929 were genotyped for a Y chromosome specific region using real time-PCR. Only six out of 929 cows had the anomaly (0.6%. The anomaly frequency was much lower in Brahman cows than in the crossbred population, in which it was first detected. It also seems that the anomaly doesn't affect pregnancy in the population. Due to the low frequency, association analyses couldn't be executed. Further, SNP signal of the pseudoautosomal boundary region of the Y chromosome was investigated using HD SNP chip. Pooled DNA of “non-pregnant” and “pregnant” cows were compared and no difference in SNP allele frequency was observed. Results suggest that the anomaly had a very low frequency in this Australian Brahman population and had no effect on reproduction. Further studies comparing pregnant cows and cows that failed to conceive should be executed after better assembly and annotation of the Y chromosome in cattle.

  20. Low frequency of Y anomaly detected in Australian Brahman cow-herds.

    Science.gov (United States)

    de Camargo, Gregório M F; Porto-Neto, Laercio R; Fortes, Marina R S; Bunch, Rowan J; Tonhati, Humberto; Reverter, Antonio; Moore, Stephen S; Lehnert, Sigrid A

    2015-02-01

    Indicine cattle have lower reproductive performance in comparison to taurine. A chromosomal anomaly characterized by the presence Y markers in females was reported and associated with infertility in cattle. The aim of this study was to investigate the occurrence of the anomaly in Brahman cows. Brahman cows (n = 929) were genotyped for a Y chromosome specific region using real time-PCR. Only six out of 929 cows had the anomaly (0.6%). The anomaly frequency was much lower in Brahman cows than in the crossbred population, in which it was first detected. It also seems that the anomaly doesn't affect pregnancy in the population. Due to the low frequency, association analyses couldn't be executed. Further, SNP signal of the pseudoautosomal boundary region of the Y chromosome was investigated using HD SNP chip. Pooled DNA of "non-pregnant" and "pregnant" cows were compared and no difference in SNP allele frequency was observed. Results suggest that the anomaly had a very low frequency in this Australian Brahman population and had no effect on reproduction. Further studies comparing pregnant cows and cows that failed to conceive should be executed after better assembly and annotation of the Y chromosome in cattle. PMID:25750859

  1. Time series analysis of infrared satellite data for detecting thermal anomalies: a hybrid approach

    Science.gov (United States)

    Koeppen, W. C.; Pilger, E.; Wright, R.

    2011-07-01

    We developed and tested an automated algorithm that analyzes thermal infrared satellite time series data to detect and quantify the excess energy radiated from thermal anomalies such as active volcanoes. Our algorithm enhances the previously developed MODVOLC approach, a simple point operation, by adding a more complex time series component based on the methods of the Robust Satellite Techniques (RST) algorithm. Using test sites at Anatahan and Kīlauea volcanoes, the hybrid time series approach detected ~15% more thermal anomalies than MODVOLC with very few, if any, known false detections. We also tested gas flares in the Cantarell oil field in the Gulf of Mexico as an end-member scenario representing very persistent thermal anomalies. At Cantarell, the hybrid algorithm showed only a slight improvement, but it did identify flares that were undetected by MODVOLC. We estimate that at least 80 MODIS images for each calendar month are required to create good reference images necessary for the time series analysis of the hybrid algorithm. The improved performance of the new algorithm over MODVOLC will result in the detection of low temperature thermal anomalies that will be useful in improving our ability to document Earth's volcanic eruptions, as well as detecting low temperature thermal precursors to larger eruptions.

  2. Quality Control of Temperature and Salinity from CTD based on Anomaly Detection

    CERN Document Server

    Castelão, Guilherme P

    2015-01-01

    The CTD is a set of sensors used by oceanographers to measure fundamental hydrographic properties of the oceans. It is characterized by a high precision product, only achieved if a quality control procedure identifies and removes the bad samples. Such procedure has been traditionally done by a sequence of independent tests that minimize false negatives. It is here proposed a novel approach to identify the bad samples as anomalies in respect to the typical behavior of good data. Several tests are combined into a single multidimensional evaluation to provide a more flexible classification criterion. The traditional approach is reproduced with an error of 0.04%, otherwise, the Anomaly Detection technique surpasses the reference if calibrated by visual inspection. CoTeDe is a Python package developed to apply the traditional and the Anomaly Detection quality control of temperature and salinity data from CTD, and can be extended to XBT, ARGO and other sensors.

  3. [A Hyperspectral Imagery Anomaly Detection Algorithm Based on Gauss-Markov Model].

    Science.gov (United States)

    Gao, Kun; Liu, Ying; Wang, Li-jing; Zhu, Zhen-yu; Cheng, Hao-bo

    2015-10-01

    With the development of spectral imaging technology, hyperspectral anomaly detection is getting more and more widely used in remote sensing imagery processing. The traditional RX anomaly detection algorithm neglects spatial correlation of images. Besides, it does not validly reduce the data dimension, which costs too much processing time and shows low validity on hyperspectral data. The hyperspectral images follow Gauss-Markov Random Field (GMRF) in space and spectral dimensions. The inverse matrix of covariance matrix is able to be directly calculated by building the Gauss-Markov parameters, which avoids the huge calculation of hyperspectral data. This paper proposes an improved RX anomaly detection algorithm based on three-dimensional GMRF. The hyperspectral imagery data is simulated with GMRF model, and the GMRF parameters are estimated with the Approximated Maximum Likelihood method. The detection operator is constructed with GMRF estimation parameters. The detecting pixel is considered as the centre in a local optimization window, which calls GMRF detecting window. The abnormal degree is calculated with mean vector and covariance inverse matrix, and the mean vector and covariance inverse matrix are calculated within the window. The image is detected pixel by pixel with the moving of GMRF window. The traditional RX detection algorithm, the regional hypothesis detection algorithm based on GMRF and the algorithm proposed in this paper are simulated with AVIRIS hyperspectral data. Simulation results show that the proposed anomaly detection method is able to improve the detection efficiency and reduce false alarm rate. We get the operation time statistics of the three algorithms in the same computer environment. The results show that the proposed algorithm improves the operation time by 45.2%, which shows good computing efficiency. PMID:26904830

  4. Using new edges for anomaly detection in computer networks

    Science.gov (United States)

    Neil, Joshua Charles

    2015-05-19

    Creation of new edges in a network may be used as an indication of a potential attack on the network. Historical data of a frequency with which nodes in a network create and receive new edges may be analyzed. Baseline models of behavior among the edges in the network may be established based on the analysis of the historical data. A new edge that deviates from a respective baseline model by more than a predetermined threshold during a time window may be detected. The new edge may be flagged as potentially anomalous when the deviation from the respective baseline model is detected. Probabilities for both new and existing edges may be obtained for all edges in a path or other subgraph. The probabilities may then be combined to obtain a score for the path or other subgraph. A threshold may be obtained by calculating an empirical distribution of the scores under historical conditions.

  5. Adaptive Kalman filtering for anomaly detection in software appliances

    OpenAIRE

    Knorn, Florian; Leith, Douglas J.

    2008-01-01

    Availability and reliability are often important features of key software appliances such as firewalls, web servers, etc. In this paper we seek to go beyond the simple heartbeat monitoring that is widely used for failover control. We do this by integrating more fine grained measurements that are readily available on most platforms to detect possible faults or the onset of failures. In particular, we evaluate the use of adaptive Kalman Filtering for automated CPU usage prediction that...

  6. Anomaly Detection Using Power Signature of Consumer Electrical Devices

    OpenAIRE

    CERNAZANU-GLAVAN, C.; Marcu, M.

    2015-01-01

    The use of the smart grid for developing intelligent applications is a current trend of great importance. One advantage lies in the possibility of direct monitoring of all devices connected to the electrical network in order to prevent possible malfunctions. Therefore, this paper proposes a method for an automatic detection of the malfunctioning of low-intelligence consumer electrical devices. Malfunctioning means any deviation of a household device from its normal operating sched...

  7. Support vector machines for TEC seismo-ionospheric anomalies detection

    OpenAIRE

    M. Akhoondzadeh

    2013-01-01

    Using time series prediction methods, it is possible to pursue the behaviors of earthquake precursors in the future and to announce early warnings when the differences between the predicted value and the observed value exceed the predefined threshold value. Support Vector Machines (SVMs) are widely used due to their many advantages for classification and regression tasks. This study is concerned with investigating the Total Electron Content (TEC) time series by using a SVM to detect seismo-io...

  8. Dual Use Corrosion Inhibitor and Penetrant for Anomaly Detection in Neutron/X Radiography

    Science.gov (United States)

    Hall, Phillip B. (Inventor); Novak, Howard L. (Inventor)

    2004-01-01

    A dual purpose corrosion inhibitor and penetrant composition sensitive to radiography interrogation is provided. The corrosion inhibitor mitigates or eliminates corrosion on the surface of a substrate upon which the corrosion inhibitor is applied. In addition, the corrosion inhibitor provides for the attenuation of a signal used during radiography interrogation thereby providing for detection of anomalies on the surface of the substrate.

  9. Anomaly Detection Using Power Signature of Consumer Electrical Devices

    Directory of Open Access Journals (Sweden)

    CERNAZANU-GLAVAN, C.

    2015-02-01

    Full Text Available The use of the smart grid for developing intelligent applications is a current trend of great importance. One advantage lies in the possibility of direct monitoring of all devices connected to the electrical network in order to prevent possible malfunctions. Therefore, this paper proposes a method for an automatic detection of the malfunctioning of low-intelligence consumer electrical devices. Malfunctioning means any deviation of a household device from its normal operating schedule. The method is based on a comparison technique, consisting in the correlation between the current power signature of a device and an ideal signature (the standard signature provided by the manufacturer. The first step of this method is to achieve a simplified form of power signature which keeps all the original features. Further, the signal is segmented based on the data provided by an event detection algorithm (values of the first derivatives and each resulting component is approximated using a regression function. The final step consists of an analysis based on the correlation between the computed regression coefficients and the coefficients of the standard signal. Following this analysis all the differences are classified as a malfunctioning of the analyzed device.

  10. Underwater magnetic gradiometer for magnetic anomaly detection, localization, and tracking

    Science.gov (United States)

    Kumar, S.; Sulzberger, G.; Bono, J.; Skvoretz, D.; Allen, G. I.; Clem, T. R.; Ebbert, M.; Bennett, S. L.; Ostrom, R. K.; Tzouris, A.

    2007-04-01

    GE Security and the Naval Surface Warfare Center, Panama City (NSWC-PC) have collaborated to develop a magnetic gradiometer, called the Real-time Tracking Gradiometer or RTG that is mounted inside an unmanned underwater vehicle (UUV). The RTG is part of a buried mine hunting platform being developed by the United States Navy. The RTG has been successfully used to make test runs on mine-like targets buried off the coast of Florida. We will present a general description of the system and latest results describing system performance. This system can be also potentially used for other applications including those in the area of Homeland Security.

  11. Fleet Level Anomaly Detection of Aviation Safety Data

    Data.gov (United States)

    National Aeronautics and Space Administration — For the purposes of this paper, the National Airspace System (NAS) encompasses the operations of all aircraft which are subject to air traffic control procedures....

  12. An angle-based subspace anomaly detection approach to high-dimensional data: With an application to industrial fault detection

    International Nuclear Information System (INIS)

    The accuracy of traditional anomaly detection techniques implemented on full-dimensional spaces degrades significantly as dimensionality increases, thereby hampering many real-world applications. This work proposes an approach to selecting meaningful feature subspace and conducting anomaly detection in the corresponding subspace projection. The aim is to maintain the detection accuracy in high-dimensional circumstances. The suggested approach assesses the angle between all pairs of two lines for one specific anomaly candidate: the first line is connected by the relevant data point and the center of its adjacent points; the other line is one of the axis-parallel lines. Those dimensions which have a relatively small angle with the first line are then chosen to constitute the axis-parallel subspace for the candidate. Next, a normalized Mahalanobis distance is introduced to measure the local outlier-ness of an object in the subspace projection. To comprehensively compare the proposed algorithm with several existing anomaly detection techniques, we constructed artificial datasets with various high-dimensional settings and found the algorithm displayed superior accuracy. A further experiment on an industrial dataset demonstrated the applicability of the proposed algorithm in fault detection tasks and highlighted another of its merits, namely, to provide preliminary interpretation of abnormality through feature ordering in relevant subspaces. - Highlights: • An anomaly detection approach for high-dimensional reliability data is proposed. • The approach selects relevant subspaces by assessing vectorial angles. • The novel ABSAD approach displays superior accuracy over other alternatives. • Numerical illustration approves its efficacy in fault detection applications

  13. Cluster analysis for anomaly detection in accounting data : an audit approach

    OpenAIRE

    Thiprungsri, Sutapat; Vasarhelyi, Miklos A.

    2011-01-01

    This study examines the application of cluster analysis in the accounting domain, particularly discrepancy detection in audit. Cluster analysis groups data so that points within a single group or cluster are similar to one another and distinct from points in other clusters. Clustering has been shown to be a good candidate for anomaly detection. The purpose of this study is to examine the use of clustering technology to automate fraud filtering during an audit. We use cluster analysis to help ...

  14. Sensor Anomaly Detection in Wireless Sensor Networks for Healthcare

    OpenAIRE

    Shah Ahsanul Haque; Mustafizur Rahman; Syed Mahfuzul Aziz

    2015-01-01

    Wireless Sensor Networks (WSN) are vulnerable to various sensor faults and faulty measurements. This vulnerability hinders efficient and timely response in various WSN applications, such as healthcare. For example, faulty measurements can create false alarms which may require unnecessary intervention from healthcare personnel. Therefore, an approach to differentiate between real medical conditions and false alarms will improve remote patient monitoring systems and quality of healthcare servic...

  15. Detection of Surface Temperature Anomalies in the Coso Geothermal Field Using Thermal Infrared Remote Sensing

    Science.gov (United States)

    Coolbaugh, M.; Eneva, M.; Bjornstad, S.; Combs, J.

    2007-12-01

    We use thermal infrared (TIR) data from the spaceborne ASTER instrument to detect surface temperature anomalies in the Coso geothermal field in eastern California. The identification of such anomalies in a known geothermal area serves as an incentive to search for similar markers to areas of unknown geothermal potential. We carried out field measurements concurrently with the collection of ASTER images. The field data included reflectance, subsurface and surface temperatures, and radiosonde atmospheric profiles. We apply techniques specifically targeted to correct for thermal artifacts caused by topography, albedo, and thermal inertia. This approach has the potential to reduce data noise and to reveal thermal anomalies which are not distinguishable in the uncorrected imagery. The combination of remote sensing and field data can be used to evaluate the performance of TIR remote sensing as a cost-effective geothermal exploration tool.

  16. Application of Artificial Bee Colony algorithm in TEC seismo-ionospheric anomalies detection

    Science.gov (United States)

    Akhoondzadeh, M.

    2015-09-01

    In this study, the efficiency of Artificial Bee Colony (ABC) algorithm is investigated to detect the TEC (Total Electron Content) seismo-ionospheric anomalies around the time of some strong earthquakes including Chile (27 February 2010; 01 April 2014), Varzeghan (11 August 2012), Saravan (16 April 2013) and Papua New Guinea (29 March 2015). In comparison with other anomaly detection algorithms, ABC has a number of advantages which can be numerated as (1) detection of discord patterns in a large non linear data during a short time, (2) simplicity, (3) having less control parameters and (4) efficiently for solving multimodal and multidimensional optimization problems. Also the results of this study acknowledge the TEC time-series as a robust earthquake precursor.

  17. Anomaly Detection in Gamma-Ray Vehicle Spectra with Principal Components Analysis and Mahalanobis Distances

    International Nuclear Information System (INIS)

    The goal of primary radiation monitoring in support of routine screening and emergency response is to detect characteristics in vehicle radiation signatures that indicate the presence of potential threats. Two conceptual approaches to analyzing gamma-ray spectra for threat detection are isotope identification and anomaly detection. While isotope identification is the time-honored method, an emerging technique is anomaly detection that uses benign vehicle gamma ray signatures to define an expectation of the radiation signature for vehicles that do not pose a threat. Newly acquired spectra are then compared to this expectation using statistical criteria that reflect acceptable false alarm rates and probabilities of detection. The gamma-ray spectra analyzed here were collected at a U.S. land Port of Entry (POE) using a NaI-based radiation portal monitor (RPM). The raw data were analyzed to develop a benign vehicle expectation by decimating the original pulse-height channels to 35 energy bins, extracting composite variables via principal components analysis (PCA), and estimating statistically weighted distances from the mean vehicle spectrum with the mahalanobis distance (MD) metric. This paper reviews the methods used to establish the anomaly identification criteria and presents a systematic analysis of the response of the combined PCA and MD algorithm to modeled mono-energetic gamma-ray sources

  18. Using Generalized Entropies and OC-SVM with Mahalanobis Kernel for Detection and Classification of Anomalies in Network Traffic

    Directory of Open Access Journals (Sweden)

    Jayro Santiago-Paz

    2015-09-01

    Full Text Available Network anomaly detection and classification is an important open issue in network security. Several approaches and systems based on different mathematical tools have been studied and developed, among them, the Anomaly-Network Intrusion Detection System (A-NIDS, which monitors network traffic and compares it against an established baseline of a “normal” traffic profile. Then, it is necessary to characterize the “normal” Internet traffic. This paper presents an approach for anomaly detection and classification based on Shannon, Rényi and Tsallis entropies of selected features, and the construction of regions from entropy data employing the Mahalanobis distance (MD, and One Class Support Vector Machine (OC-SVM with different kernels (Radial Basis Function (RBF and Mahalanobis Kernel (MK for “normal” and abnormal traffic. Regular and non-regular regions built from “normal” traffic profiles allow anomaly detection, while the classification is performed under the assumption that regions corresponding to the attack classes have been previously characterized. Although this approach allows the use of as many features as required, only four well-known significant features were selected in our case. In order to evaluate our approach, two different data sets were used: one set of real traffic obtained from an Academic Local Area Network (LAN, and the other a subset of the 1998 MIT-DARPA set. For these data sets, a True positive rate up to 99.35%, a True negative rate up to 99.83% and a False negative rate at about 0.16% were yielded. Experimental results show that certain q-values of the generalized entropies and the use of OC-SVM with RBF kernel improve the detection rate in the detection stage, while the novel inclusion of MK kernel in OC-SVM and k-temporal nearest neighbors improve accuracy in classification. In addition, the results show that using the Box-Cox transformation, the Mahalanobis distance yielded high detection rates with

  19. An Analysis of Mechanical Constraints when Using Superconducting Gravimeters for Far-Field Pre-Seismic Anomaly Detection

    OpenAIRE

    Shyh-Chin Lan; Teng-To Yu; Cheinway Hwang; and Ricky Kao

    2011-01-01

    Pre-seismic gravity anomalies from records obtained at a 1 Hz sampling rate from superconducting gravimeters (SG) around East Asia are analyzed. A comparison of gravity anomalies to the source parameters of associated earthquakes shows that the detection of pre-seismic gravity anomalies is constrained by several mechanical conditions of the seismic fault plane. The constraints of the far-field pre-seismic gravity amplitude perturbation were examined and the critical spatial relationship betwe...

  20. Capacitance probe for detection of anomalies in non-metallic plastic pipe

    Science.gov (United States)

    Mathur, Mahendra P.; Spenik, James L.; Condon, Christopher M.; Anderson, Rodney; Driscoll, Daniel J.; Fincham, Jr., William L.; Monazam, Esmail R.

    2010-11-23

    The disclosure relates to analysis of materials using a capacitive sensor to detect anomalies through comparison of measured capacitances. The capacitive sensor is used in conjunction with a capacitance measurement device, a location device, and a processor in order to generate a capacitance versus location output which may be inspected for the detection and localization of anomalies within the material under test. The components may be carried as payload on an inspection vehicle which may traverse through a pipe interior, allowing evaluation of nonmetallic or plastic pipes when the piping exterior is not accessible. In an embodiment, supporting components are solid-state devices powered by a low voltage on-board power supply, providing for use in environments where voltage levels may be restricted.

  1. GraphPrints: Towards a Graph Analytic Method for Network Anomaly Detection

    Energy Technology Data Exchange (ETDEWEB)

    Harshaw, Chris R [ORNL; Bridges, Robert A [ORNL; Iannacone, Michael D [ORNL; Reed, Joel W [ORNL; Goodall, John R [ORNL

    2016-01-01

    This paper introduces a novel graph-analytic approach for detecting anomalies in network flow data called \\textit{GraphPrints}. Building on foundational network-mining techniques, our method represents time slices of traffic as a graph, then counts graphlets\\textemdash small induced subgraphs that describe local topology. By performing outlier detection on the sequence of graphlet counts, anomalous intervals of traffic are identified, and furthermore, individual IPs experiencing abnormal behavior are singled-out. Initial testing of GraphPrints is performed on real network data with an implanted anomaly. Evaluation shows false positive rates bounded by 2.84\\% at the time-interval level, and 0.05\\% at the IP-level with 100\\% true positive rates at both.

  2. Shape anomaly detection under strong measurement noise: An analytical approach to adaptive thresholding

    Science.gov (United States)

    Krasichkov, Alexander S.; Grigoriev, Eugene B.; Bogachev, Mikhail I.; Nifontov, Eugene M.

    2015-10-01

    We suggest an analytical approach to the adaptive thresholding in a shape anomaly detection problem. We find an analytical expression for the distribution of the cosine similarity score between a reference shape and an observational shape hindered by strong measurement noise that depends solely on the noise level and is independent of the particular shape analyzed. The analytical treatment is also confirmed by computer simulations and shows nearly perfect agreement. Using this analytical solution, we suggest an improved shape anomaly detection approach based on adaptive thresholding. We validate the noise robustness of our approach using typical shapes of normal and pathological electrocardiogram cycles hindered by additive white noise. We show explicitly that under high noise levels our approach considerably outperforms the conventional tactic that does not take into account variations in the noise level.

  3. Thermal anomalies detection before strong earthquakes (M > 6.0 using interquartile, wavelet and Kalman filter methods

    Directory of Open Access Journals (Sweden)

    M. Akhoondzadeh

    2011-04-01

    Full Text Available Thermal anomaly is known as a significant precursor of strong earthquakes, therefore Land Surface Temperature (LST time series have been analyzed in this study to locate relevant anomalous variations prior to the Bam (26 December 2003, Zarand (22 February 2005 and Borujerd (31 March 2006 earthquakes. The duration of the three datasets which are comprised of MODIS LST images is 44, 28 and 46 days for the Bam, Zarand and Borujerd earthquakes, respectively. In order to exclude variations of LST from temperature seasonal effects, Air Temperature (AT data derived from the meteorological stations close to the earthquakes epicenters have been taken into account. The detection of thermal anomalies has been assessed using interquartile, wavelet transform and Kalman filter methods, each presenting its own independent property in anomaly detection. The interquartile method has been used to construct the higher and lower bounds in LST data to detect disturbed states outside the bounds which might be associated with impending earthquakes. The wavelet transform method has been used to locate local maxima within each time series of LST data for identifying earthquake anomalies by a predefined threshold. Also, the prediction property of the Kalman filter has been used in the detection process of prominent LST anomalies. The results concerning the methodology indicate that the interquartile method is capable of detecting the highest intensity anomaly values, the wavelet transform is sensitive to sudden changes, and the Kalman filter method significantly detects the highest unpredictable variations of LST. The three methods detected anomalous occurrences during 1 to 20 days prior to the earthquakes showing close agreement in results found between the different applied methods on LST data in the detection of pre-seismic anomalies. The proposed method for anomaly detection was also applied on regions irrelevant to earthquakes for which no anomaly was detected

  4. Application of Distributed Optical Fiber Sensing Technology in the Anomaly Detection of Shaft Lining in Grouting

    OpenAIRE

    Chunde Piao; Jun Yuan; Bin Shi; Haijun Lu; Guangqing Wei; Chunsheng Gu

    2015-01-01

    The rupture of the shaft lining caused by grouting has seriously undermined the safety in coal mining. Based on BOTDR distributed optical fiber sensing technology, this paper studied the layout method of optical fiber sensors and the anomaly detection method of the deformation and obtained the evolution law of shaft deformation triggered by grouting. The research results showed that the bonding problem of optical fiber sensors in damp environment could be effectively solved, by applying the b...

  5. Microarray-based comparative genomic hybridization analysis in neonates with congenital anomalies: detection of chromosomal imbalances

    Directory of Open Access Journals (Sweden)

    Luiza Emy Dorfman

    2015-02-01

    Full Text Available OBJECTIVE: To identify chromosomal imbalances by whole-genome microarray-based comparative genomic hybridization (array-CGH in DNA samples of neonates with congenital anomalies of unknown cause from a birth defects monitoring program at a public maternity hospital. METHODS: A blind genomic analysis was performed retrospectively in 35 stored DNA samples of neonates born between July of 2011 and December of 2012. All potential DNA copy number variations detected (CNVs were matched with those reported in public genomic databases, and their clinical significance was evaluated. RESULTS: Out of a total of 35 samples tested, 13 genomic imbalances were detected in 12/35 cases (34.3%. In 4/35 cases (11.4%, chromosomal imbalances could be defined as pathogenic; in 5/35 (14.3% cases, DNA CNVs of uncertain clinical significance were identified; and in 4/35 cases (11.4%, normal variants were detected. Among the four cases with results considered causally related to the clinical findings, two of the four (50% showed causative alterations already associated with well-defined microdeletion syndromes. In two of the four samples (50%, the chromosomal imbalances found, although predicted as pathogenic, had not been previously associated with recognized clinical entities. CONCLUSIONS: Array-CGH analysis allowed for a higher rate of detection of chromosomal anomalies, and this determination is especially valuable in neonates with congenital anomalies of unknown etiology, or in cases in which karyotype results cannot be obtained. Moreover, although the interpretation of the results must be refined, this method is a robust and precise tool that can be used in the first-line investigation of congenital anomalies, and should be considered for prospective/retrospective analyses of DNA samples by birth defect monitoring programs.

  6. Monitoring of temperature anomalies in the former Semipalatinsk nuclear test site; Detection d`anomalies de temperature sur l`ancien site d`essai nucleaires de Semipalatinsk

    Energy Technology Data Exchange (ETDEWEB)

    Sultangazin, U.M.; Zakarin, E.A.; Spivak, L.F.; Arkhipkin, O.P.; Muratova, N.R.; Terehov, A.G. [Institute of the Ministry of Science, Academy of Sciences of Kazakhstan, Alma-Ata (Kazakhstan)

    1998-02-01

    The space Research Institute of the Ministry of Science, Academy of Sciences of Kazakhstan, monitors the territory of Kazakhstan using the NOAA satellite data. This year, significant anomalies in the distribution of snow cover and underlying surface temperature have been detected in the region of the former Semipalatinsk nuclear test site (SNTS). (authors)

  7. Detection and Origin of Hydrocarbon Seepage Anomalies in the Barents Sea

    Science.gov (United States)

    Polteau, Stephane; Planke, Sverre; Stolze, Lina; Kjølhamar, Bent E.; Myklebust, Reidun

    2016-04-01

    We have collected more than 450 gravity cores in the Barents Sea to detect hydrocarbon seepage anomalies and for seismic-stratigraphic tie. The cores are from the Hoop Area (125 samples) and from the Barents Sea SE (293 samples). In addition, we have collected cores near seven exploration wells. The samples were analyzed using three different analytical methods; (1) the standard organic geochemical analyzes of Applied Petroleum Technologies (APT), (2) the Amplified Geochemical Imaging (AGI) method, and (3) the Microbial Prospecting for Oil and Gas (MPOG) method. These analytical approaches can detect trace amounts of thermogenic hydrocarbons in the sediment samples, and may provide additional information about the fluid phases and the depositional environment, maturation, and age of the source rocks. However, hydrocarbon anomalies in seabed sediments may also be related to shallow sources, such as biogenic gas or reworked source rocks in the sediments. To better understand the origin of the hydrocarbon anomalies in the Barents Sea we have studied 35 samples collected approximately 200 m away from seven exploration wells. The wells included three boreholes associated with oil discoveries, two with gas discoveries, one dry well with gas shows, and one dry well. In general, the results of this case study reveal that the oil wells have an oil signature, gas wells show a gas signature, and dry wells have a background signature. However, differences in results from the three methods may occur and have largely been explained in terms of analytical measurement ranges, method sensitivities, and bio-geochemical processes in the seabed sediments. The standard geochemical method applied by APT relies on measuring the abundance of compounds between C1 to C5 in the headspace gas and between C11 to C36 in the sediment extracts. The anomalies detected in the sediment samples from this study were in the C16 to C30 range. Since the organic matter yields were mostly very low, the

  8. Detection of airway anomalies in pediatric patients with cardiovascular anomalies with low dose prospective ECG-gated dual-source CT.

    Directory of Open Access Journals (Sweden)

    Hui Jiao

    Full Text Available OBJECTIVES: To assess the feasibility of low-dose prospective ECG-gated dual-source CT (DSCT in detecting airway anomalies in pediatric patients with cardiovascular anomalies compared with flexible tracheobronchoscopy (FTB. METHODS: 33 pediatrics with respiratory symptoms who had been revealed cardiovascular anomalies by transthoracic echocardiography underwent FTB and contrast material-enhanced prospective ECG-triggering CT were enrolled. The study was approved by our institution review board and written informed consent was obtained from all patients' guardian. DSCT examinations were performed to detect cardiovascular abnormalities using weight-adjusted low-dose protocol. Two radiologists independently performed CT image analysis. The FTB reports were reviewed by an experienced pulmonologist. The sensitivity, specificity, positive predictive value (PPV, negative predictive value (NPV, and accuracy of DSCT in the detection of airway anomalies were assessed. The tracheobronchial stenoses revealed on FTB were graded. Effective radiation dose was calculated. RESULTS: Thirty cases were diagnosed with tracheobronchial narrowing and/or abnormality in 33 patients by FTB, while 3 patients had normal FTB findings. Twenty-eight cases were diagnosed with airway anomalies by CT, of which 27 were correct positive. 3 patients with normal findings at CT had findings of tracheobronchial narrowing due to tracheobronchomalacia at inspiration at FTB. Sensitivity and specificity of CT were 90.0% (95% CI: 72.3%, 97.4% and 66.7% (95% CI: 12.5 %, 98.2 %, respectively. PPV and NPV were 96.4% (95% CI: 79.8 %, 99.8% and 40.0% (95% CI: 7.3%, 83.0%, respectively. Overall accuracy of DSCT in detecting airway anomalies in pediatrics with cardiovascular anomalies was 87.9% (95% CI: 74.5%, 97.6%. In grading of tracheobronchial stenosis, images from CT correlated closely (r = 0.89 with those of FTB. Mean effective dose was 0.60 ± 0.20 mSv. CONCLUSION: In pediatric patients

  9. Evaluating the anomaly resolution capability of an MC and A system

    International Nuclear Information System (INIS)

    Discrepancies in accounting for Special Nuclear Material (SNM) require quick and accurate resolution. The ability to make a definitive resolution often depends on the types of measurement data available and on the way records are maintained in the Material control and Accounting (MC and A) system. An approach is presented for systematically evaluating the overall anomaly detection and resolution capability of an MC and A system. The approach begins with a detailed specification of the material process cycle including all authorized material locations, possible unauthorized locations, and the procedures for measuring and recording movement between locations. The analysis proceeds by identifying the types of errors that could logically occur in the measurement and recording system and estimating their frequency. In this paper a method is described for quantifying the detection capability and resolution effectiveness for each possible error. A new metric is also proposed for quantifying the overall effectiveness of the MC and A system

  10. Improving Anomaly Detection for Text-Based Protocols by Exploiting Message Structures

    Directory of Open Access Journals (Sweden)

    Christian M. Mueller

    2010-12-01

    Full Text Available Service platforms using text-based protocols need to be protected against attacks. Machine-learning algorithms with pattern matching can be used to detect even previously unknown attacks. In this paper, we present an extension to known Support Vector Machine (SVM based anomaly detection algorithms for the Session Initiation Protocol (SIP. Our contribution is to extend the amount of different features used for classification (feature space by exploiting the structure of SIP messages, which reduces the false positive rate. Additionally, we show how combining our approach with attribute reduction significantly improves throughput.

  11. Small sample training and test selection method for optimized anomaly detection algorithms in hyperspectral imagery

    Science.gov (United States)

    Mindrup, Frank M.; Friend, Mark A.; Bauer, Kenneth W.

    2012-01-01

    There are numerous anomaly detection algorithms proposed for hyperspectral imagery. Robust parameter design (RPD) techniques provide an avenue to select robust settings capable of operating consistently across a large variety of image scenes. Many researchers in this area are faced with a paucity of data. Unfortunately, there are no data splitting methods for model validation of datasets with small sample sizes. Typically, training and test sets of hyperspectral images are chosen randomly. Previous research has developed a framework for optimizing anomaly detection in HSI by considering specific image characteristics as noise variables within the context of RPD; these characteristics include the Fisher's score, ratio of target pixels and number of clusters. We have developed method for selecting hyperspectral image training and test subsets that yields consistent RPD results based on these noise features. These subsets are not necessarily orthogonal, but still provide improvements over random training and test subset assignments by maximizing the volume and average distance between image noise characteristics. The small sample training and test selection method is contrasted with randomly selected training sets as well as training sets chosen from the CADEX and DUPLEX algorithms for the well known Reed-Xiaoli anomaly detector.

  12. Weyl Anomaly of 2D Dilaton-Scalar Gravity and Hermiticity of System Operator

    OpenAIRE

    Ichinose, Shoichi

    1997-01-01

    Weyl Anomaly in the dilaton-scalar system in 2 dimensional gravity is examined. We take the heat-kernel regularization for the ultraviolet divergences. Generally the Weyl anomaly is determined by the 2nd order differential (elliptic) operator of the system and the definition of the measure. We have the freedom of the operator choice caused by the arbitrariness of total divergences (surface terms) in the action. We examine the Weyl anomaly in connection with such points and the hermiticity of ...

  13. Anomaly Detection Rudiments for the Application of Hyperspectral Sensors in Aerospace Remote Sensing

    International Nuclear Information System (INIS)

    Hyperspectral imaging differs from conventional techniques by exploiting the spectral dimensionality of remote scenes. This additional information promotes discrimination of image elements, especially anomalies that are dissimilar with respect to global features. Algorithms for anomaly detection are designed to overcome the inherent difficulty of analysing hypercubes, which are the higher-dimensional analogues of conventional broadband images. Such algorithms are prolific in their variety and design, which could become an obstacle in choice or application for the neophyte researcher in this field. This paper seeks to consolidate this plethora of algorithms into succinct categories for clarity of rudimentary decision making. A duplicate of article 012048 Snapshot hyperspectral imaging and practical applications was originally published here, in error, as article 012051. The present article replaced the duplicate and was published on 18 August 2009.

  14. Process fault detection and nonlinear time series analysis for anomaly detection in safeguards

    International Nuclear Information System (INIS)

    In this paper we discuss two advanced techniques, process fault detection and nonlinear time series analysis, and apply them to the analysis of vector-valued and single-valued time-series data. We investigate model-based process fault detection methods for analyzing simulated, multivariate, time-series data from a three-tank system. The model-predictions are compared with simulated measurements of the same variables to form residual vectors that are tested for the presence of faults (possible diversions in safeguards terminology). We evaluate two methods, testing all individual residuals with a univariate z-score and testing all variables simultaneously with the Mahalanobis distance, for their ability to detect loss of material from two different leak scenarios from the three-tank system: a leak without and with replacement of the lost volume. Nonlinear time-series analysis tools were compared with the linear methods popularized by Box and Jenkins. We compare prediction results using three nonlinear and two linear modeling methods on each of six simulated time series: two nonlinear and four linear. The nonlinear methods performed better at predicting the nonlinear time series and did as well as the linear methods at predicting the linear values

  15. Process fault detection and non-linear time series analysis for anomaly detection in safeguards

    International Nuclear Information System (INIS)

    The paper discusses process fault detection and non-linear time series analysis, which are applied to the analysis for vector-valued and single-valued time series data. Model based process fault detection methods for analysing simulated, multivariate, time series data from a three-tank system are investigated. The model predictions are compared with simulated measurements of the same variables to form residual vectors that are tested for the presence of faults (possible diversions in safeguards terminology). Two methods are evaluated, testing all individual residuals with a univariate z score and testing all variables simultaneously with the Mahalanobis distance, for their ability to detect loss of material from two different leak scenarios from the three-tank system: a leak without replacement and a leak with replacement of the lost volume. Non-linear time series analysis tools have been compared with the linear methods popularized by Box and Jenkins. The paper compares prediction results using three non-linear and two linear modelling methods on each of six simulated time series: two non-linear and four linear time series. The non-linear methods performed better at predicting the non-linear time series and did as well as the linear methods at predicting the linear values. (author). 10 refs, 5 figs, 1 tab

  16. PROBABILITY CALIBRATION BY THE MINIMUM AND MAXIMUM PROBABILITY SCORES IN ONE-CLASS BAYES LEARNING FOR ANOMALY DETECTION

    Data.gov (United States)

    National Aeronautics and Space Administration — PROBABILITY CALIBRATION BY THE MINIMUM AND MAXIMUM PROBABILITY SCORES IN ONE-CLASS BAYES LEARNING FOR ANOMALY DETECTION GUICHONG LI, NATHALIE JAPKOWICZ, IAN...

  17. A robust anomaly based change detection method for time-series remote sensing images

    International Nuclear Information System (INIS)

    Time-series remote sensing images record changes happening on the earth surface, which include not only abnormal changes like human activities and emergencies (e.g. fire, drought, insect pest etc.), but also changes caused by vegetation phenology and climate changes. Yet, challenges occur in analyzing global environment changes and even the internal forces. This paper proposes a robust Anomaly Based Change Detection method (ABCD) for time-series images analysis by detecting abnormal points in data sets, which do not need to follow a normal distribution. With ABCD we can detect when and where changes occur, which is the prerequisite condition of global change studies. ABCD was tested initially with 10-day SPOT VGT NDVI (Normalized Difference Vegetation Index) times series tracking land cover type changes, seasonality and noise, then validated to real data in a large area in Jiangxi, south of China. Initial results show that ABCD can precisely detect spatial and temporal changes from long time series images rapidly

  18. Least Square Support Vector Machine for Detection of - Ionospheric Anomalies Associated with the Powerful Nepal Earthquake (Mw = 7.5) of 25 April 2015

    Science.gov (United States)

    Akhoondzadeh, M.

    2016-06-01

    Due to the irrepalable devastations of strong earthquakes, accurate anomaly detection in time series of different precursors for creating a trustworthy early warning system has brought new challenges. In this paper the predictability of Least Square Support Vector Machine (LSSVM) has been investigated by forecasting the GPS-TEC (Total Electron Content) variations around the time and location of Nepal earthquake. In 77 km NW of Kathmandu in Nepal (28.147° N, 84.708° E, depth = 15.0 km) a powerful earthquake of Mw = 7.8 took place at 06:11:26 UTC on April 25, 2015. For comparing purpose, other two methods including Median and ANN (Artificial Neural Network) have been implemented. All implemented algorithms indicate on striking TEC anomalies 2 days prior to the main shock. Results reveal that LSSVM method is promising for TEC sesimo-ionospheric anomalies detection.

  19. Advanced Unsupervised Classification Methods to Detect Anomalies on Earthen Levees Using Polarimetric SAR Imagery.

    Science.gov (United States)

    Marapareddy, Ramakalavathi; Aanstoos, James V; Younan, Nicolas H

    2016-01-01

    Fully polarimetric Synthetic Aperture Radar (polSAR) data analysis has wide applications for terrain and ground cover classification. The dynamics of surface and subsurface water events can lead to slope instability resulting in slough slides on earthen levees. Early detection of these anomalies by a remote sensing approach could save time versus direct assessment. We used L-band Synthetic Aperture Radar (SAR) to screen levees for anomalies. SAR technology, due to its high spatial resolution and soil penetration capability, is a good choice for identifying problematic areas on earthen levees. Using the parameters entropy (H), anisotropy (A), alpha (α), and eigenvalues (λ, λ₁, λ₂, and λ₃), we implemented several unsupervised classification algorithms for the identification of anomalies on the levee. The classification techniques applied are H/α, H/A, A/α, Wishart H/α, Wishart H/A/α, and H/α/λ classification algorithms. In this work, the effectiveness of the algorithms was demonstrated using quad-polarimetric L-band SAR imagery from the NASA Jet Propulsion Laboratory's (JPL's) Uninhabited Aerial Vehicle Synthetic Aperture Radar (UAVSAR). The study area is a section of the lower Mississippi River valley in the Southern USA, where earthen flood control levees are maintained by the US Army Corps of Engineers. PMID:27322270

  20. Development of newly designed VHF interferometer system for observing earthquake-related atmospheric anomalies

    OpenAIRE

    YAMAMOTO, Isao; Fujiwara, Hironobu; Kamogawa, Masashi; Iyono, Atsushi; Kroumov, Valeri; Azakami, Takashi

    2009-01-01

    Temporal correlation between atmospheric anomalies and earthquakes has recently been verified statistically through measuring VHF FM radio waves transmitted beyond the line-of-sight. In order to locate the sources of such atmospheric anomalies, we developed a VHF interferometer system (bistatic-radar type) capable of finding the arrival direction of FM radio waves scattered possibly by earthquake-related atmospheric anomalies. In general, frequency modulation of FM radio waves produces ambigu...

  1. Classification and Importance of Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Rajasekaran K

    2012-08-01

    Full Text Available An intrusion detection system (IDS is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a Management Station. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Due to a growing number of intrusion events and also because the Internet and local networks have become so ubiquitous, organizations are increasingly implementing various systems that monitor IT security breaches. This includes an overview of the classification of intrusion detection systems and introduces the reader to some fundamental concepts of IDS methodology: audit trail analysis and on-the-fly processing as well as anomaly detection and signature detection approaches. This research paper discusses the primary intrusion detection techniques and the classification of intrusion Detection system.

  2. Portable modular detection system

    Science.gov (United States)

    Brennan, James S.; Singh, Anup; Throckmorton, Daniel J.; Stamps, James F.

    2009-10-13

    Disclosed herein are portable and modular detection devices and systems for detecting electromagnetic radiation, such as fluorescence, from an analyte which comprises at least one optical element removably attached to at least one alignment rail. Also disclosed are modular detection devices and systems having an integrated lock-in amplifier and spatial filter and assay methods using the portable and modular detection devices.

  3. Intrusion Detection in NEAR System by Anti-denoising Traffic Data Series using Discrete Wavelet Transform

    OpenAIRE

    VANCEA, F.

    2014-01-01

    The paper presents two methods for detecting anomalies in data series derived from network traffic. Intrusion detection systems based on network traffic analysis are able to respond to incidents never seen before by detecting anomalies in data series extracted from the traffic. Some anomalies manifest themselves as pulses of various sizes and shapes, superimposed on series corresponding to normal traffic. In order to detect those impulses we propose two methods based on discre...

  4. Fiber Optic Bragg Grating Sensors for Thermographic Detection of Subsurface Anomalies

    Science.gov (United States)

    Allison, Sidney G.; Winfree, William P.; Wu, Meng-Chou

    2009-01-01

    Conventional thermography with an infrared imager has been shown to be an extremely viable technique for nondestructively detecting subsurface anomalies such as thickness variations due to corrosion. A recently developed technique using fiber optic sensors to measure temperature holds potential for performing similar inspections without requiring an infrared imager. The structure is heated using a heat source such as a quartz lamp with fiber Bragg grating (FBG) sensors at the surface of the structure to detect temperature. Investigated structures include a stainless steel plate with thickness variations simulated by small platelets attached to the back side using thermal grease. A relationship is shown between the FBG sensor thermal response and variations in material thickness. For comparison, finite element modeling was performed and found to agree closely with the fiber optic thermography results. This technique shows potential for applications where FBG sensors are already bonded to structures for Integrated Vehicle Health Monitoring (IVHM) strain measurements and can serve dual-use by also performing thermographic detection of subsurface anomalies.

  5. Molecular Detection of Human Cytomegalovirus (HCMV) Among Infants with Congenital Anomalies in Khartoum State, Sudan

    Science.gov (United States)

    Ebrahim, Maha G.; Ali, Aisha S.; Mustafa, Mohamed O.; Musa, Dalal F.; El Hussein, Abdel Rahim M.; Elkhidir, Isam M.; Enan, Khalid A.

    2015-01-01

    Human Cytomegalovirus (HCMV) infection still represents the most common potentially serious viral complication in humans and is a major cause of congenital anomalies in infants. This study is aimed to detect HCMV in infants with congenital anomalies. Study subjects consisted of infants born with neural tube defect, hydrocephalus and microcephaly. Fifty serum specimens (20 males, 30 females) were collected from different hospitals in Khartoum State. The sera were investigated for cytomegalovirus specific immunoglobin M (IgM) antibodies using enzyme-linked immunosorbent assay (ELISA), and for Cytomegalovirus DNA using polymerase chain reaction (PCR). Out of the 50 sera tested, one patient’s (2%) sample showed HCMV IgM, but with no detectable DNA, other 4(8.2 %) sera were positive for HCMV DNA but with no detectable IgM. Various diagnostic techniques should be considered to evaluate HCMV disease and routine screening for HCMV should be introduced for pregnant women in this setting. It is vital to initiate further research work with many samples from different area to assess prevalence and characterize HCMV and evaluate its maternal health implications. PMID:26862356

  6. IMPROVEMENT OF ANOMALY DETECTION ALGORITHMS IN HYPERSPECTRAL IMAGES USING DISCRETE WAVELET TRANSFORM

    Directory of Open Access Journals (Sweden)

    Kamal Jamshidi

    2012-01-01

    Full Text Available Recently anomaly detection (AD has become an important application for target detection in hyperspectralremotely sensed images. In many applications, in addition to high accuracy of detection we need a fast andreliable algorithm as well. This paper presents a novel method to improve the performance of current ADalgorithms. The proposed method first calculates Discrete Wavelet Transform (DWT of every pixel vectorof image using Daubechies4 wavelet. Then, AD algorithm performs on four bands of “Wavelet transform”matrix which are the approximation of main image. In this research some benchmark AD algorithmsincluding Local RX, DWRX and DWEST have been implemented on Airborne Visible/Infrared ImagingSpectrometer (AVIRIS hyperspectral datasets. Experimental results demonstrate significant improvementof runtime in proposed method. In addition, this method improves the accuracy of AD algorithms becauseof DWT’s power in extracting approximation coefficients of signal, which contain the main behaviour ofsignal, and abandon the redundant information in hyperspectral image data.

  7. Based on Wide Area Environment Abnormal Behavior Analysis and Anomaly Detection Research

    Directory of Open Access Journals (Sweden)

    Zhang Lin

    2016-01-01

    Full Text Available Group anomaly identification and location is an important issue in the field of artificial intelligence. Capture of the accident source and rapid prediction of mass incidents in public places are difficult problems in intelligent video identification and processing, but the traditional group anomaly detection research has many limitations when it comes to accident source detection and intelligent recognition. We are to research on the algorithms of accident source location and abnormal group identification based on behavior analysis in the condition of dramatically changing group geometry appearance, including: 1 to propose a logic model of image density based on the social force model, and to build the crowd density trend prediction model integrating “fast and fuzzy matching at front-end” and “accurate and classified training at back-end”; 2 to design a fast abnormal source flagging algorithm based on support vector machine, and to realize intelligent and automatic marking of abnormal source point; 3 to construct a multi-view human body skeleton invariant moment model and a motion trajectory model based on linear parametric equations. The expected results of the research will help prevent abnormal events effectively, capture the first scene of incidents and the abnormal source point quickly, and play a decision support role in the proactive national security strategy.

  8. Tracking Environmental Compliance and Remediation Trajectories Using Image-Based Anomaly Detection Methodologies

    Directory of Open Access Journals (Sweden)

    James K. Lein

    2011-11-01

    Full Text Available Recent interest in use of satellite remote sensing for environmental compliance and remediation assessment has been heightened by growing policy requirements and the need to provide more rapid and efficient monitoring and enforcement mechanisms. However, remote sensing solutions are attractive only to the extent that they can deliver environmentally relevant information in a meaningful and time-sensitive manner. Unfortunately, the extent to which satellite-based remote sensing satisfies the demands for compliance and remediation assessment under the conditions of an actual environmental accident or calamity has not been well documented. In this study a remote sensing solution to the problem of site remediation and environmental compliance assessment was introduced based on the use of the RDX anomaly detection algorithm and vegetation indices developed from the Tasseled Cap Transform. Results of this analysis illustrate how the use of standard vegetation transforms, integrated into an anomaly detection strategy, enable the time-sequenced tracking of site remediation progress. Based on these results credible evidence can be produced to support compliance evaluation and remediation assessment following major environmental disasters.

  9. Fetal central nervous system anomalies: comparison of magnetic resonance imaging and ultrasonography for diagnosis

    Institute of Scientific and Technical Information of China (English)

    WANG Guang-bin; QU Lei; LI Hui-hua; SHAN Rui-qin; MA Yu-xiang; SHI Hao; CHEN Li-guang; LIU Wen; QIU Xiu-ling; WEI Yu-long; GUO Li

    2006-01-01

    Background Evaluation of fetal central nervous system (CNS) agenesis by ultrasonography (US) is frequentlylimited, but magnetic resonance imaging (MRI) has its own advantages and is gaining popularity in displayingsuspected fetal anomalies. The purpose of this study was to explore the value of MRI in detecting fetal CNSagenesis.Methods Thirty-four women (aged from 22 to 35 years, average 27 years) with complicated pregnancies (16-39 weeks of gestation, average 30 weeks) were examined with a 1.5 T superconductive MR unit within 24 hoursafter ultrasonography. Half-Fourier acquisition single-shot turbo spin-echo (HASTE) T2-weighted imaging (T2WI)sequence were performed in all patients, and fast low angle shot (FLASH) T1-weighted imaging (T1WI) sequencewere applied sequentially in seven of them. Comparison of the results was made between the MRI and USfindings as well as autopsy or postnatal follow-up MRI findings.Results The gyrus, sulcus, corpus callosum, thalamus, cerebellum, brainstem, and spinal cord of fetus wereshown more clearly on T2-weighted MR images than on T1-weighted MR images. MRI corrected the diagnosis ofUS in 10 cases (10/34, 29.41%) and the diagnosis was missed only in 1 case (1/34, 2.94%).Conclusion MRI has advantages to US in detecting fetal CNS anomalies and is a supplement to US incomplicated pregnancies.

  10. A MLP neural network as an investigator of TEC time series to detect seismo-ionospheric anomalies

    Science.gov (United States)

    Akhoondzadeh, M.

    2013-06-01

    Anomaly detection is extremely important for earthquake parameters estimation. In this paper, an application of Artificial Neural Networks (ANNs) in the earthquake precursor's domain has been developed. This study is concerned with investigating the Total Electron Content (TEC) time series by using a Multi-Layer Perceptron (MLP) neural network to detect seismo-ionospheric anomalous variations induced by the powerful Tohoku earthquake of March 11, 2011.The duration of TEC time series dataset is 120 days at time resolution of 2 h. The results show that the MLP presents anomalies better than referenced and conventional methods such as Auto-Regressive Integrated Moving Average (ARIMA) technique. In this study, also the detected TEC anomalies using the proposed method, are compared to the previous results (Akhoondzadeh, 2012) dealing with the observed TEC anomalies by applying the mean, median, wavelet and Kalman filter methods. The MLP detected anomalies are similar to those detected using the previous methods applied on the same case study. The results indicate that a MLP feed-forward neural network can be a suitable non-parametric method to detect changes of a non linear time series such as variations of earthquake precursors.

  11. Normalized edge detection, and the horizontal extent and depth of geophysical anomalies

    Institute of Scientific and Technical Information of China (English)

    Li Li-Li; Han Li-Guo; Huang Da-Nian

    2014-01-01

    Edge detection is an image processing technique for finding the boundaries of objects within images. It is typically used to interpret gravity and magnetic data, andfi nd the horizontal boundaries of geological bodies. Large deviations between model and true edges are common because of the interference of depth and errors in computing the derivatives; thus, edge detection methods cannot provide information about the depth of the source. To simultaneously obtain the horizontal extent and depth of geophysical anomalies, we use normalized edge detection filters, which normalize the edge detection function at different depths, and the maxima that correspond to the location of the source. The errors between model and actual edges are minimized as the depth of the source decreases and the normalized edge detection method recognizes the extent of the source based on the maxima, allowing for reliable model results. We demonstrate the applicability of the normalized edge detection fi lters in defi ning the horizontal extent and depth using synthetic and actual aeromagnetic data.

  12. OGLE‐2008‐BLG‐510: first automated real‐time detection of a weak microlensing anomaly – brown dwarf or stellar binary?★

    DEFF Research Database (Denmark)

    Bozza, V.; Dominik, M.; Rattenbury, N. J.;

    2012-01-01

    ‐lens and binary‐source models, including the possibility that the lens system consists of an M dwarf orbited by a brown dwarf. The detection of this microlensing anomaly and our analysis demonstrate that: (1) automated real‐time detection of weak microlensing anomalies with immediate feedback is feasible......The microlensing event OGLE‐2008‐BLG‐510 is characterized by an evident asymmetric shape of the peak, promptly detected by the Automated Robotic Terrestrial Exoplanet Microlensing Search (ARTEMiS) system in real time. The skewness of the light curve appears to be compatible both with binary......, efficient and sensitive, (2) rather common weak features intrinsically come with ambiguities that are not easily resolved from photometric light curves, (3) a modelling approach that finds all features of parameter space rather than just the ‘favourite model’ is required and (4) the data quality is most...

  13. DROWSY DRIVER DETECTION SYSTEM

    OpenAIRE

    Mrs. Smita Jawale; Ms. Pragati Malvadia; Ms. Ashwini Meena

    2016-01-01

    A Drowsy Driver Detection System is an Image processing based system. This system is developed using a non-intrusive machine vision based concepts. In this system, there is a camera that will be continuously monitoring the driver’s face to detect fatigue. In case the driver is detected as fatigue, the system issues an alarm. This system detects drowsiness by checking the amount of time the eyes are closed. The first five consecutive frames of the camera is checked, if the eyes are found...

  14. A Multi-Dimensional approach towards Intrusion Detection System

    CERN Document Server

    Thakur, Manoj Rameshchandra

    2012-01-01

    In this paper, we suggest a multi-dimensional approach towards intrusion detection. Network and system usage parameters like source and destination IP addresses; source and destination ports; incoming and outgoing network traffic data rate and number of CPU cycles per request are divided into multiple dimensions. Rather than analyzing raw bytes of data corresponding to the values of the network parameters, a mature function is inferred during the training phase for each dimension. This mature function takes a dimension value as an input and returns a value that represents the level of abnormality in the system usage with respect to that dimension. This mature function is referred to as Individual Anomaly Indicator. Individual Anomaly Indicators recorded for each of the dimensions are then used to generate a Global Anomaly Indicator, a function with n variables (n is the number of dimensions) that provides the Global Anomaly Factor, an indicator of anomaly in the system usage based on all the dimensions consid...

  15. Automatic Detection and Classification of Pole-Like Objects in Urban Point Cloud Data Using an Anomaly Detection Algorithm

    Directory of Open Access Journals (Sweden)

    Borja Rodríguez-Cuenca

    2015-09-01

    Full Text Available Detecting and modeling urban furniture are of particular interest for urban management and the development of autonomous driving systems. This paper presents a novel method for detecting and classifying vertical urban objects and trees from unstructured three-dimensional mobile laser scanner (MLS or terrestrial laser scanner (TLS point cloud data. The method includes an automatic initial segmentation to remove the parts of the original cloud that are not of interest for detecting vertical objects, by means of a geometric index based on features of the point cloud. Vertical object detection is carried out through the Reed and Xiaoli (RX anomaly detection algorithm applied to a pillar structure in which the point cloud was previously organized. A clustering algorithm is then used to classify the detected vertical elements as man-made poles or trees. The effectiveness of the proposed method was tested in two point clouds from heterogeneous street scenarios and measured by two different sensors. The results for the two test sites achieved detection rates higher than 96%; the classification accuracy was around 95%, and the completion quality of both procedures was 90%. Non-detected poles come from occlusions in the point cloud and low-height traffic signs; most misclassifications occurred in man-made poles adjacent to trees.

  16. Interior intrusion detection systems

    Energy Technology Data Exchange (ETDEWEB)

    Rodriguez, J.R.; Matter, J.C. (Sandia National Labs., Albuquerque, NM (United States)); Dry, B. (BE, Inc., Barnwell, SC (United States))

    1991-10-01

    The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs.

  17. Interior intrusion detection systems

    International Nuclear Information System (INIS)

    The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs

  18. Anomaly detection driven active learning for identifying suspicious tracks and events in WAMI video

    Science.gov (United States)

    Miller, David J.; Natraj, Aditya; Hockenbury, Ryler; Dunn, Katherine; Sheffler, Michael; Sullivan, Kevin

    2012-06-01

    We describe a comprehensive system for learning to identify suspicious vehicle tracks from wide-area motion (WAMI) video. First, since the road network for the scene of interest is assumed unknown, agglomerative hierarchical clustering is applied to all spatial vehicle measurements, resulting in spatial cells that largely capture individual road segments. Next, for each track, both at the cell (speed, acceleration, azimuth) and track (range, total distance, duration) levels, extreme value feature statistics are both computed and aggregated, to form summary (p-value based) anomaly statistics for each track. Here, to fairly evaluate tracks that travel across different numbers of spatial cells, for each cell-level feature type, a single (most extreme) statistic is chosen, over all cells traveled. Finally, a novel active learning paradigm, applied to a (logistic regression) track classifier, is invoked to learn to distinguish suspicious from merely anomalous tracks, starting from anomaly-ranked track prioritization, with ground-truth labeling by a human operator. This system has been applied to WAMI video data (ARGUS), with the tracks automatically extracted by a system developed in-house at Toyon Research Corporation. Our system gives promising preliminary results in highly ranking as suspicious aerial vehicles, dismounts, and traffic violators, and in learning which features are most indicative of suspicious tracks.

  19. Detection of Anomalies in Citrus Leaves Using Laser-Induced Breakdown Spectroscopy (LIBS).

    Science.gov (United States)

    Sankaran, Sindhuja; Ehsani, Reza; Morgan, Kelly T

    2015-08-01

    Nutrient assessment and management are important to maintain productivity in citrus orchards. In this study, laser-induced breakdown spectroscopy (LIBS) was applied for rapid and real-time detection of citrus anomalies. Laser-induced breakdown spectroscopy spectra were collected from citrus leaves with anomalies such as diseases (Huanglongbing, citrus canker) and nutrient deficiencies (iron, manganese, magnesium, zinc), and compared with those of healthy leaves. Baseline correction, wavelet multivariate denoising, and normalization techniques were applied to the LIBS spectra before analysis. After spectral pre-processing, features were extracted using principal component analysis and classified using two models, quadratic discriminant analysis and support vector machine (SVM). The SVM resulted in a high average classification accuracy of 97.5%, with high average canker classification accuracy (96.5%). LIBS peak analysis indicated that high intensities at 229.7, 247.9, 280.3, 393.5, 397.0, and 769.8 nm were observed of 11 peaks found in all the samples. Future studies using controlled experiments with variable nutrient applications are required for quantification of foliar nutrients by using LIBS-based sensing. PMID:26163130

  20. Sirenomelia with associated systemic anomalies: an autopsy pathologic illustration of a series of four cases.

    Science.gov (United States)

    Chikkannaiah, Panduranga; Mahadevan, Anita; Gosavi, Manasi; Kangle, Ranjit; Anuradha; Shankar, S K

    2014-07-01

    Sirenomelia, a developmental defect involving the caudal region of the body, is associated with several internal visceral anomalies. We report a detailed spectrum of anomalies in an autopsy study of four fetuses with sirenomelia (gestational ages - 20, 21, 22.4, and 22.5 weeks). Three of the fetuses had single umbilical artery, with genitourinary and gastrointestinal anomalies. Central nervous system anomalies were evident in two of the fetuses, with alobar holoprosencephaly in one and lumbar meningomyelocele in another. The most common gastrointestinal anomaly was blind ended gut (imperforate anus), while esophageal atresia and omphalocele were noted in one case each. Renal hypoplasia was seen in two fetuses, renal agenesis in one and cystic renal dysplasia was noted in one case. Literature regarding pathogenesis of this condition is briefly discussed. PMID:24656289

  1. Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

    Energy Technology Data Exchange (ETDEWEB)

    Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

    2011-04-01

    Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

  2. Structure and dynamics of decadal anomalies in the wintertime midlatitude North Pacific ocean-atmosphere system

    Science.gov (United States)

    Fang, Jiabei; Yang, Xiu-Qun

    2015-12-01

    The structure and dynamics of decadal anomalies in the wintertime midlatitude North Pacific ocean-atmosphere system are examined in this study, using the NCEP/NCAR atmospheric reanalysis, HadISST SST and Simple Ocean Data Assimilation data for 1960-2010. The midlatitude decadal anomalies associated with the Pacific Decadal Oscillation are identified, being characterized by an equivalent barotropic atmospheric low (high) pressure over a cold (warm) oceanic surface. Such a unique configuration of decadal anomalies can be maintained by an unstable ocean-atmosphere interaction mechanism in the midlatitudes, which is hypothesized as follows. Associated with a warm PDO phase, an initial midlatitude surface westerly anomaly accompanied with intensified Aleutian low tends to force a negative SST anomaly by increasing upward surface heat fluxes and driving southward Ekman current anomaly. The SST cooling tends to increase the meridional SST gradient, thus enhancing the subtropical oceanic front. As an adjustment of the atmospheric boundary layer to the enhanced oceanic front, the low-level atmospheric meridional temperature gradient and thus the low-level atmospheric baroclinicity tend to be strengthened, inducing more active transient eddy activities that increase transient eddy vorticity forcing. The vorticity forcing that dominates the total atmospheric forcing tends to produce an equivalent barotropic atmospheric low pressure north of the initial westerly anomaly, intensifying the initial anomalies of the midlatitude surface westerly and Aleutian low. Therefore, it is suggested that the midlatitude ocean-atmosphere interaction can provide a positive feedback mechanism for the development of initial anomaly, in which the oceanic front and the atmospheric transient eddy are the indispensable ingredients. Such a positive ocean-atmosphere feedback mechanism is fundamentally responsible for the observed decadal anomalies in the midlatitude North Pacific ocean

  3. Real-time progressive hyperspectral image processing endmember finding and anomaly detection

    CERN Document Server

    Chang, Chein-I

    2016-01-01

    The book covers the most crucial parts of real-time hyperspectral image processing: causality and real-time capability. Recently, two new concepts of real time hyperspectral image processing, Progressive Hyperspectral Imaging (PHSI) and Recursive Hyperspectral Imaging (RHSI). Both of these can be used to design algorithms and also form an integral part of real time hyperpsectral image processing. This book focuses on progressive nature in algorithms on their real-time and causal processing implementation in two major applications, endmember finding and anomaly detection, both of which are fundamental tasks in hyperspectral imaging but generally not encountered in multispectral imaging. This book is written to particularly address PHSI in real time processing, while a book, Recursive Hyperspectral Sample and Band Processing: Algorithm Architecture and Implementation (Springer 2016) can be considered as its companion book. Includes preliminary background which is essential to those who work in hyperspectral ima...

  4. Bootstrap Prediction Intervals in Non-Parametric Regression with Applications to Anomaly Detection

    Science.gov (United States)

    Kumar, Sricharan; Srivistava, Ashok N.

    2012-01-01

    Prediction intervals provide a measure of the probable interval in which the outputs of a regression model can be expected to occur. Subsequently, these prediction intervals can be used to determine if the observed output is anomalous or not, conditioned on the input. In this paper, a procedure for determining prediction intervals for outputs of nonparametric regression models using bootstrap methods is proposed. Bootstrap methods allow for a non-parametric approach to computing prediction intervals with no specific assumptions about the sampling distribution of the noise or the data. The asymptotic fidelity of the proposed prediction intervals is theoretically proved. Subsequently, the validity of the bootstrap based prediction intervals is illustrated via simulations. Finally, the bootstrap prediction intervals are applied to the problem of anomaly detection on aviation data.

  5. Bayesian anomaly detection in heterogeneous media with applications to geophysical tomography

    Science.gov (United States)

    Simon, Martin

    2014-11-01

    In this paper, we consider the problem of detecting a parameterized anomaly in an isotropic, stationary and ergodic conductivity random field via electrical impedance tomography. A homogenization result for a stochastic forward problem built on the complete electrode model is derived, which serves as the basis for a two-stage numerical method in the framework of Bayesian inverse problems. The novelty of this method lies in the introduction of an enhanced error model accounting for the approximation errors that result from reducing the full forward model to a homogenized one. In the first stage, a MAP estimate for the reduced forward model equipped with the enhanced error model is computed. Then, in the second stage, a bootstrap prior based on the first stage results is defined and the resulting posterior distribution is sampled via Markov chain Monte Carlo. We provide the theoretical foundation of the proposed method, discuss different aspects of a numerical implementation and present numerical experiments to support our findings.

  6. Seismological detection of low-velocity anomalies surrounding the mantle transition zone in Japan subduction zone

    Science.gov (United States)

    Liu, Zhen; Park, Jeffrey; Karato, Shun-ichiro

    2016-03-01

    In the Japan subduction zone, a locally depressed 660 discontinuity has been observed beneath northeast Asia, suggesting downwelling of materials from the mantle transition zone (MTZ). Vertical transport of water-rich MTZ materials across the major mineral phase changes could lead to water release and to partial melting in surrounding mantle regions, causing seismic low-velocity anomalies. Melt layers implied by low-velocity zones (LVZs) above the 410 discontinuity have been detected in many regions, but seismic evidence for partial melting below the 660 discontinuity has been limited. High-frequency migrated Ps receiver functions indicate LVZs below the depressed 660 discontinuity and above the 410 discontinuity in the deep Japan subduction zone, suggesting dehydration melting induced by water transport out of the MTZ. Our results provide insights into water circulation associated with dynamic interactions between the subducted slab and surrounding mantle.

  7. Multiscale spatial density smoothing: an application to large-scale radiological survey and anomaly detection

    CERN Document Server

    Tansey, Wesley; Reinhart, Alex; Scott, James G

    2015-01-01

    We consider the problem of estimating a spatially varying density function, motivated by problems that arise in large-scale radiological survey and anomaly detection. In this context, the density functions to be estimated are the background gamma-ray energy spectra at sites spread across a large geographical area, such as nuclear production and waste-storage sites, military bases, medical facilities, university campuses, or the downtown of a city. Several challenges combine to make this a difficult problem. First, the spectral density at any given spatial location may have both smooth and non-smooth features. Second, the spatial correlation in these density functions is neither stationary nor locally isotropic. Third, the spatial correlation decays at different length scales at different locations in the support of the underlying density. Finally, at some spatial locations, there is very little data. We present a method called multiscale spatial density smoothing that successfully addresses these challenges. ...

  8. Concept for Inclusion of Analytical and Computational Capability in Optical Plume Anomaly Detection (OPAD) for Measurement of Neutron Flux

    Science.gov (United States)

    Patrick, M. Clinton; Cooper, Anita E.; Powers, W. T.

    2004-01-01

    Researchers are working on many konts to make possible high speed, automated classification and quantification of constituent materials in numerous environments. NASA's Marshall Space Flight Center has implemented a system for rocket engine flow fields/plumes; the Optical Plume Anomaly Detection (OPAD) system was designed to utilize emission and absorption spectroscopy for monitoring molecular and atomic particulates in gas plasma. An accompanying suite of tools and analytical package designed to utilize information collected by OPAD is known as the Engine Diagnostic Filtering System (EDIFIS). The current combination of these systems identifies atomic and molecular species and quantifies mass loss rates in H2/O2 rocket plumes. Additionally, efforts are being advanced to hardware encode components of the EDIFIS in order to address real-time operational requirements for health monitoring and management. This paper addresses the OPAD with its tool suite, and discusses what is considered a natural progression: a concept for migrating OPAD towards detection of high energy particles, including neutrons and gamma rays. The integration of these tools and capabilities will provide NASA with a systematic approach to monitor space vehicle internal and external environment.

  9. Reliable detection of fluence anomalies in EPID-based IMRT pretreatment quality assurance using pixel intensity deviations

    International Nuclear Information System (INIS)

    Purpose: This work uses repeat images of intensity modulated radiation therapy (IMRT) fields to quantify fluence anomalies (i.e., delivery errors) that can be reliably detected in electronic portal images used for IMRT pretreatment quality assurance. Methods: Repeat images of 11 clinical IMRT fields are acquired on a Varian Trilogy linear accelerator at energies of 6 MV and 18 MV. Acquired images are corrected for output variations and registered to minimize the impact of linear accelerator and electronic portal imaging device (EPID) positioning deviations. Detection studies are performed in which rectangular anomalies of various sizes are inserted into the images. The performance of detection strategies based on pixel intensity deviations (PIDs) and gamma indices is evaluated using receiver operating characteristic analysis. Results: Residual differences between registered images are due to interfraction positional deviations of jaws and multileaf collimator leaves, plus imager noise. Positional deviations produce large intensity differences that degrade anomaly detection. Gradient effects are suppressed in PIDs using gradient scaling. Background noise is suppressed using median filtering. In the majority of images, PID-based detection strategies can reliably detect fluence anomalies of ≥5% in ∼1 mm2 areas and ≥2% in ∼20 mm2 areas. Conclusions: The ability to detect small dose differences (≤2%) depends strongly on the level of background noise. This in turn depends on the accuracy of image registration, the quality of the reference image, and field properties. The longer term aim of this work is to develop accurate and reliable methods of detecting IMRT delivery errors and variations. The ability to resolve small anomalies will allow the accuracy of advanced treatment techniques, such as image guided, adaptive, and arc therapies, to be quantified.

  10. The 2014-2015 warming anomaly in the Southern California Current System observed by underwater gliders

    Science.gov (United States)

    Zaba, Katherine D.; Rudnick, Daniel L.

    2016-02-01

    Large-scale patterns of positive temperature anomalies persisted throughout the surface waters of the North Pacific Ocean during 2014-2015. In the Southern California Current System, measurements by our sustained network of underwater gliders reveal the coastal effects of the recent warming. Regional upper ocean temperature anomalies were greatest since the initiation of the glider network in 2006. Additional observed physical anomalies included a depressed thermocline, high stratification, and freshening; induced biological consequences included changes in the vertical distribution of chlorophyll fluorescence. Contemporaneous surface heat flux and wind strength perturbations suggest that local anomalous atmospheric forcing caused the unusual oceanic conditions.

  11. DEVELOPMENT AND TESTING OF PROCEDURES FOR CARRYING OUT EMERGENCY PHYSICAL INVENTORY TAKING AFTER DETECTING ANOMALY EVENTS CONCERNING NM SECURITY.

    Energy Technology Data Exchange (ETDEWEB)

    VALENTE,J.FISHBONE,L.ET AL.

    2003-07-13

    In the State Scientific Center of Russian Federation - Institute of Physics and Power Engineering (SSC RF-IPPE, Obninsk), which is under Minatom jurisdiction, the procedures for carrying out emergency physical inventory taking (EPIT) were developed and tested in cooperation with the Brookhaven National Laboratory (USA). Here the emergency physical inventory taking means the PIT, which is carried out in case of symptoms indicating a possibility of NM loss (theft). Such PIT often requires a verification of attributes and quantitative characteristics for all the NM items located in a specific Material Balance Area (MBA). In order to carry out the exercise, an MBA was selected where many thousands of NM items containing highly enriched uranium are used. Three clients of the computerized material accounting system (CMAS) are installed in this MBA. Labels with unique (within IPPE site) identification numbers in the form of digit combinations and an appropriate bar code have been applied on the NM items, containers and authorized locations. All the data to be checked during the EPIT are stored in the CMAS database. Five variants of anomalies initiating EPIT and requiring different types of activities on EPIT organization are considered. Automatic working places (AWP) were created on the basis of the client computers in order to carry out a large number of measurements within a reasonable time. In addition to a CMAS client computer, the main components of an AWP include a bar-code reader, an electronic scale and an enrichment meter with NaI--detector--the lMCA Inspector (manufactured by the Canberra Company). All these devices work together with a client computer in the on-line mode. Special computer code (Emergency Inventory Software-EIS) was developed. All the algorithms of interaction between the operator and the system, as well as algorithms of data exchange during the measurements and data comparison, are implemented in this software. Registration of detected

  12. Value of Ultrasound in Detecting Urinary Tract Anomalies After First Febrile Urinary Tract Infection in Children.

    Science.gov (United States)

    Ghobrial, Emad E; Abdelaziz, Doaa M; Sheba, Maha F; Abdel-Azeem, Yasser S

    2016-05-01

    Background Urinary tract infection (UTI) is an infection that affects part of the urinary tract. Ultrasound is a noninvasive test that can demonstrate the size and shape of kidneys, presence of dilatation of the ureters, and the existence of anatomic abnormalities. The aim of the study is to estimate the value of ultrasound in detecting urinary tract anomalies after first attack of UTI. Methods This study was conducted at the Nephrology Clinic, New Children's Hospital, Faculty of Medicine, Cairo University, from August 2012 to March 2013, and included 30 children who presented with first attack of acute febrile UTI. All patients were subjected to urine analysis, urine culture and sensitivity, serum creatinine, complete blood count, and imaging in the form of renal ultrasound, voiding cysto-urethrography, and renal scan. Results All the patients had fever with a mean of 38.96°C ± 0.44°C and the mean duration of illness was 6.23 ± 5.64 days. Nineteen patients (63.3%) had an ultrasound abnormality. The commonest abnormalities were kidney stones (15.8%). Only 2 patients who had abnormal ultrasound had also vesicoureteric reflux on cystourethrography. Sensitivity of ultrasound was 66.7%, specificity was 37.5%, positive predictive value was 21.1%, negative predictive value was 81.8%, and total accuracy was 43.33%. Conclusion We concluded that ultrasound alone was not of much value in diagnosing and putting a plan of first attack of febrile UTI. It is recommended that combined investigations are the best way to confirm diagnosis of urinary tract anomalies. PMID:26084536

  13. Airborne detection of magnetic anomalies associated with soils on the Oak Ridge Reservation, Tennessee

    International Nuclear Information System (INIS)

    Reconnaissance airborne geophysical data acquired over the 35,000-acre Oak Ridge Reservation (ORR), TN, show several magnetic anomalies over undisturbed areas mapped as Copper Ridge Dolomite (CRD). The anomalies of interest are most apparent in magnetic gradient maps where they exceed 0.06 nT/m and in some cases exceed 0.5 nT/m. Anomalies as large as 25nT are seen on maps. Some of the anomalies correlate with known or suspected karst, or with apparent conductivity anomalies calculated from electromagnetic data acquired contemporaneously with the magnetic data. Some of the anomalies have a strong correlation with topographic lows or closed depressions. Surface magnetic data have been acquired over some of these sites and have confirmed the existence of the anomalies. Ground inspections in the vicinity of several of the anomalies has not led to any discoveries of manmade surface materials of sufficient size to generate the observed anomalies. One would expect an anomaly of approximately 1 nT for a pickup truck from 200 ft altitude. Typical residual magnetic anomalies have magnitudes of 5--10 nT, and some are as large as 25nT. The absence of roads or other indications of culture (past or present) near the anomalies and the modeling of anomalies in data acquired with surface instruments indicate that man-made metallic objects are unlikely to be responsible for the anomaly. The authors show that observed anomalies in the CRD can reasonably be associated with thickening of the soil layer. The occurrence of the anomalies in areas where evidences of karstification are seen would follow because sediment deposition would occur in topographic lows. Linear groups of anomalies on the maps may be associated with fracture zones which were eroded more than adjacent rocks and were subsequently covered with a thicker blanket of sediment. This study indicates that airborne magnetic data may be of use in other sites where fracture zones or buried collapse structures are of interest

  14. A MACHINE LEARNING APPROACH TO ANOMALY-BASED DETECTION ON ANDROID PLATFORMS

    Directory of Open Access Journals (Sweden)

    Joshua Abah

    2015-11-01

    Full Text Available The emergence of mobile platforms with increased storage and computing capabilities and the pervasive use of these platforms for sensitive applications such as online banking, e-commerce and the storage of sensitive information on these mobile devices have led to increasing danger associated with malware targeted at these devices. Detecting such malware presents inimitable challenges as signature-based detection techniques available today are becoming inefficient in detecting new and unknown malware. In this research, a machine learning approach for the detection of malware on Android platforms is presented. The detection system monitors and extracts features from the applications while in execution and uses them to perform in-device detection using a trained K-Nearest Neighbour classifier. Results shows high performance in the detection rate of the classifier with accuracy of 93.75%, low error rate of 6.25% and low false positive rate with ability of detecting real Android malware.

  15. Plasmon mode as a detection of the chiral anomaly in Weyl semimetals

    OpenAIRE

    Zhou, Jianhui; Chang, Hao-Ran; Xiao, Di

    2014-01-01

    Weyl semimetals are one kind of three-dimensional gapless semimetal with nontrivial topology in the momentum space. The chiral anomaly in Weyl semimetals manifests as a charge imbalance between the Weyl nodes of opposite chiralities induced by parallel electric and magnetic fields. We investigate the chiral anomaly effect on the plasmon mode in both intrinsic and doped Weyl semimetals within the random phase approximation. We prove that the chiral anomaly gives rise to a different plasmon mod...

  16. An Analysis of Mechanical Constraints when Using Superconducting Gravimeters for Far-Field Pre-Seismic Anomaly Detection

    Directory of Open Access Journals (Sweden)

    Shyh-Chin Lan

    2011-01-01

    Full Text Available Pre-seismic gravity anomalies from records obtained at a 1 Hz sampling rate from superconducting gravimeters (SG around East Asia are analyzed. A comparison of gravity anomalies to the source parameters of associated earthquakes shows that the detection of pre-seismic gravity anomalies is constrained by several mechanical conditions of the seismic fault plane. The constraints of the far-field pre-seismic gravity amplitude perturbation were examined and the critical spatial relationship between the SG station and the epicenter precursory signal for detection was determined. The results show that: (1 the pre-seismic amplitude perturbation of gravity is inversely proportional to distance; (2 the transfer path from the epicenter to the SG station that crosses a tectonic boundary has a relatively low pre-seismic gravity anomaly amplitude; (3 the pre-seismic gravity perturbation amplitude is also affected by the attitude between the location of an SG station and the strike of the ruptured fault plane. The removal of typhoon effects and the selection of SG stations within a certain intersection angle to the strike of the fault plane are essential for obtaining reliable pre-seismic gravity anomaly results.

  17. Hypergraph-based anomaly detection of high-dimensional co-occurrences.

    Science.gov (United States)

    Silva, Jorge; Willett, Rebecca

    2009-03-01

    This paper addresses the problem of detecting anomalous multivariate co-occurrences using a limited number of unlabeled training observations. A novel method based on using a hypergraph representation of the data is proposed to deal with this very high-dimensional problem. Hypergraphs constitute an important extension of graphs which allow edges to connect more than two vertices simultaneously. A variational Expectation-Maximization algorithm for detecting anomalies directly on the hypergraph domain without any feature selection or dimensionality reduction is presented. The resulting estimate can be used to calculate a measure of anomalousness based on the False Discovery Rate. The algorithm has O(np) computational complexity, where n is the number of training observations and p is the number of potential participants in each co-occurrence event. This efficiency makes the method ideally suited for very high-dimensional settings, and requires no tuning, bandwidth or regularization parameters. The proposed approach is validated on both high-dimensional synthetic data and the Enron email database, where p > 75,000, and it is shown that it can outperform other state-of-the-art methods. PMID:19147882

  18. Application of Distributed Optical Fiber Sensing Technology in the Anomaly Detection of Shaft Lining in Grouting

    Directory of Open Access Journals (Sweden)

    Chunde Piao

    2015-01-01

    Full Text Available The rupture of the shaft lining caused by grouting has seriously undermined the safety in coal mining. Based on BOTDR distributed optical fiber sensing technology, this paper studied the layout method of optical fiber sensors and the anomaly detection method of the deformation and obtained the evolution law of shaft deformation triggered by grouting. The research results showed that the bonding problem of optical fiber sensors in damp environment could be effectively solved, by applying the binder consisting of sodium silicate and cement. Through BOTDR-based deformation detection, the real-time deformation of the shaft lining caused by grouting was immediately spotted. By comparing the respective strain of shaft lining deformation and concrete deformation, the risk range of shaft lining grouting was identified. With the additional strain increment of the shaft lining triggered by each process of grouting, the saturated condition of grouting volume in strata was analyzed, providing an important technical insight into the field construction and the safety of the shaft lining.

  19. 基于数字属性和符号属性混合数据的网络异常入侵检测方法%Network-based anomaly intrusion detection with numeric-and-nominal mixed data

    Institute of Scientific and Technical Information of China (English)

    蔡龙征; 余胜生; 王晓峰; 周敬利

    2006-01-01

    Anomaly detection is a key element of intrusion detection systems and a necessary complement of widely used misuse intrusion detection systems. Data sources used by network intrusion detection, like network packets or connections, often contain both numeric and nominal features. Both of these features contain important information for intrusion detection. These two features, on the other hand, have different characteristics. This paper presents a new network based anomaly intrusion detection approach that works well by building profiles for numeric and nominal features in different ways. During training, for each numeric feature, a normal profile is build through statistical distribution inference and parameter estimation, while for each nominal feature, a normal profile is setup through statistical method. These profiles are used as detection models during testing to judge whether a data being tested is benign or malicious. Experiments with the data set of 1999 DARPA (defense advanced research project agency) intrusion detection evaluation show that this approach can detect attacks effectively.

  20. Jamming anomaly in $\\mathcal{PT}$-symmetric systems

    CERN Document Server

    Barashenkov, I V; Konotop, Vladimir V

    2016-01-01

    The Schr\\"odinger equation with a $\\mathcal{PT}$-symmetric potential is used to model an optical structure consisting of an element with gain coupled to an element with loss. At low gain-loss amplitudes $\\gamma$, raising the amplitude results in the energy flux from the active to the leaky element being boosted. We study the anomalous behaviour occurring for larger $\\gamma$, where the increase of the amplitude produces a drop of the flux across the gain-loss interface. We show that this jamming anomaly is either a precursor of the exceptional point, where two real eigenvalues coalesce and acquire imaginary parts, or precedes the eigenvalue's immersion in the continuous spectrum.

  1. Semiconductor radiation detection systems

    CERN Document Server

    2010-01-01

    Covers research in semiconductor detector and integrated circuit design in the context of medical imaging using ionizing radiation. This book explores other applications of semiconductor radiation detection systems in security applications such as luggage scanning, dirty bomb detection and border control.

  2. WLAN Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Ms. Sushama Shirke

    2011-08-01

    Full Text Available This is an implementation of the Wireless LAN Intrusion Detection System (WIDS using clock-skews as a fingerprinting property as suggested by Jana-Kasera [1]. Our objective is to detect the presence of a fake access point (AP in a Wireless LAN (WLAN. Use of clock -skew enables us to effectively detect Medium Access Control (MAC Address spoofing. The principle used in this project is that clock s k e w s remain consistent over time for the same AP but vary significantly across AP’s. We have also tried to exploreprobable points of failure and implemented algorithms to overcome these problems. Advantage of this implementation is that fake AP can be detected very quickly as WLAN Intrusion Detection System needs only 100 -200 packets in most cases.

  3. Anomaly Identification from Super-Low Frequency Electromagnetic Data for the Coalbed Methane Detection

    Science.gov (United States)

    Zhao, S. S.; Wang, N.; Hui, J.; Ye, X.; Qin, Q.

    2016-06-01

    Natural source Super Low Frequency(SLF) electromagnetic prospecting methods have become an increasingly promising way in the resource detection. The capacity estimation of the reservoirs is of great importance to evaluate their exploitation potency. In this paper, we built a signal-estimate model for SLF electromagnetic signal and processed the monitored data with adaptive filter. The non-normal distribution test showed that the distribution of the signal was obviously different from Gaussian probability distribution, and Class B instantaneous amplitude probability model can well describe the statistical properties of SLF electromagnetic data. The Class B model parameter estimation is very complicated because its kernel function is confluent hypergeometric function. The parameters of the model were estimated based on property spectral function using Least Square Gradient Method(LSGM). The simulation of this estimation method was carried out, and the results of simulation demonstrated that the LGSM estimation method can reflect important information of the Class B signal model, of which the Gaussian component was considered to be the systematic noise and random noise, and the Intermediate Event Component was considered to be the background ground and human activity noise. Then the observation data was processed using adaptive noise cancellation filter. With the noise components subtracted out adaptively, the remaining part is the signal of interest, i.e., the anomaly information. It was considered to be relevant to the reservoir position of the coalbed methane stratum.

  4. Experiments to Detect Clandestine Graves from Interpreted High Resolution Geophysical Anomalies

    Science.gov (United States)

    Molina, C. M.; Hernandez, O.; Pringle, J.

    2013-05-01

    This project refers to the search for clandestine sites where possibly missing people have been buried based on interpreted near surface high resolution geophysical anomalies. Nowadays, there are thousands of missing people around the world that could have been tortured and killed and buried in clandestine graves. This is a huge problem for their families and governments that are responsible to warranty the human rights for everybody. These people need to be found and the related crime cases need to be resolved. This work proposes to construct a series of graves where all the conditions of the grave, human remains and related objects are known. It is expected to detect contrasting physical properties of soil to identify the known human remains and objects. The proposed geophysical methods will include electrical tomography, magnetic and ground penetrating radar, among others. Two geographical sites will be selected to located and build standard graves with contrasting weather, soil, vegetation, geographic and geologic conditions. Forward and inverse modeling will be applied to locate and enhance the geophysical response of the known graves and to validate the methodology. As a result, an integrated geophysical program will be provided to support the search for clandestine graves helping to find missing people that have been illegally buried. Optionally, the methodology will be tested to search for real clandestine graves.

  5. Sparse source travel-time tomography of a laboratory target: accuracy and robustness of anomaly detection

    CERN Document Server

    Pursiainen, Sampsa

    2014-01-01

    This study concerned conebeam travel-time tomography. The focus was on a sparse distribution of signal sources that can be necessary in a challenging in situ environment such as in asteroid tomography. The goal was to approximate the minimum number of source positions needed for robust detection of refractive anomalies, e.g., voids within an asteroid or a casting defects in concrete. Experimental ultrasonic data were recorded utilizing as a target a 150 mm plastic cast cube containing three stones with diameter between 22 and 41 mm. A signal frequency of 55 kHz (35 mm wavelength) was used. Source counts from one to six were tested for different placements. Based on our statistical inversion approach and analysis of the results, three or four sources were found to lead to reliable inversion. The source configurations investigated were also ranked according to their performance. Our results can be used, for example, in the planning of planetary missions as well as in material testing.

  6. A Comparative Study of Anomaly Detection Techniques for Smart City Wireless Sensor Networks.

    Science.gov (United States)

    Garcia-Font, Victor; Garrigues, Carles; Rifà-Pous, Helena

    2016-01-01

    In many countries around the world, smart cities are becoming a reality. These cities contribute to improving citizens' quality of life by providing services that are normally based on data extracted from wireless sensor networks (WSN) and other elements of the Internet of Things. Additionally, public administration uses these smart city data to increase its efficiency, to reduce costs and to provide additional services. However, the information received at smart city data centers is not always accurate, because WSNs are sometimes prone to error and are exposed to physical and computer attacks. In this article, we use real data from the smart city of Barcelona to simulate WSNs and implement typical attacks. Then, we compare frequently used anomaly detection techniques to disclose these attacks. We evaluate the algorithms under different requirements on the available network status information. As a result of this study, we conclude that one-class Support Vector Machines is the most appropriate technique. We achieve a true positive rate at least 56% higher than the rates achieved with the other compared techniques in a scenario with a maximum false positive rate of 5% and a 26% higher in a scenario with a false positive rate of 15%. PMID:27304957

  7. Sparse source travel-time tomography of a laboratory target: accuracy and robustness of anomaly detection

    International Nuclear Information System (INIS)

    This study concerned conebeam travel-time tomography. The focus was on a sparse distribution of signal sources that can be necessary in a challenging in situ environment such as in asteroid tomography. The goal was to approximate the minimum number of source positions needed for robust detection of refractive anomalies, e.g., voids within an asteroid or a casting defects in concrete. Experimental ultrasonic data were recorded utilizing as a target a 150 mm plastic cast cube containing three stones with diameter between 22 and 41 mm. A signal frequency of 55 kHz (35 mm wavelength) was used. Source counts from one to six were tested for different placements. Based on our statistical inversion approach and analysis of the results, three or four sources were found to lead to reliable inversion. The source configurations investigated were also ranked according to their performance. Our results can be used, for example, in the planning of planetary missions as well as in material testing. (paper)

  8. Intrusion Detection Systems

    CERN Document Server

    Pietro, Roberto Di

    2008-01-01

    In our world of ever-increasing Internet connectivity, there is an on-going threat of intrusion, denial of service attacks, or countless other abuses of computer and network resources. In particular, these threats continue to persist due to the flaws of current commercial intrusion detection systems (IDSs). Intrusion Detection Systems is an edited volume by world class leaders in this field. This edited volume sheds new light on defense alert systems against computer and network intrusions. It also covers integrating intrusion alerts within security policy framework for intrusion response, rel

  9. Discovering System Health Anomalies using Data Mining Techniques

    Data.gov (United States)

    National Aeronautics and Space Administration — We discuss a statistical framework that underlies envelope detection schemes as well as dynamical models based on Hidden Markov Models (HMM) that can encompass both...

  10. WLAN Intrusion Detection System

    OpenAIRE

    Ms. Sushama Shirke; Mr. S.B.Vanjale

    2011-01-01

    This is an implementation of the Wireless LAN Intrusion Detection System (WIDS ) using clock-skews as a fingerprinting property as suggested by Jana-Kasera [1]. Our objective is to detect the presence of a fake access point (AP) in a Wireless LAN (WLAN). Use of clock -skew enables us to effectively detect Medium Access Control (MAC) Address spoofing. The principle used in this project is that clock s k e w s remain consistent over time for the same AP but vary significantly across AP’s. We ha...

  11. Paralysis Analysis: Investigating Paralysis Visit Anomalies in New Jersey

    OpenAIRE

    Hamby, Teresa; Tsai, Stella; Genese, Carol; Walsh, Andrew; Bradford, Lauren; Lifshitz, Edward

    2013-01-01

    Objective To describe the investigation of a statewide anomaly detected by a newly established state syndromic surveillance system and usage of that system. Introduction On July 11, 2012, New Jersey Department of Health (DOH) Communicable Disease Service (CDS) surveillance staff received email notification of a statewide anomaly in EpiCenter for Paralysis. Two additional anomalies followed within three hours. Since Paralysis Anomalies are uncommon, staff initiated an investigation to determin...

  12. Congenital coronary anomalies detected by coronary computed tomography compared to invasive coronary angiography

    OpenAIRE

    Ghadri, Jelena R.; Kazakauskaite, Egle; Braunschweig, Stefanie; Burger, Irene A.; Frank, Michelle; Fiechter, Michael; Gebhard, Catherine; Fuchs, Tobias A; Templin, Christian; Gaemperli, Oliver; Lüscher, Thomas F.; Schmied, Christian; Kaufmann, Philipp A.

    2014-01-01

    BACKGROUND As coronary computed tomography angiography (CCTA) has emerged as a non-invasive alternative for evaluation of coronary anatomy with a lower referral threshold than invasive coronary angiography (ICA), the prevalence of coronary anomalies in CCTA may more closely reflect the true prevalence in the general population. Morphological features of coronary anomalies can be evaluated more precisely by CCTA than by ICA, which might lead to a higher identification of congenital coronary a...

  13. Congenital coronary anomalies detected by coronary computed tomography compared to invasive coronary angiography

    OpenAIRE

    Ghadri, Jelena R.; Kazakauskaite, Egle; Braunschweig, Stefanie; Burger, Irene A.; Frank, Michelle; Fiechter, Michael; Gebhard, Catherine; Fuchs, Tobias A; Templin, Christian; Gaemperli, Oliver; Lüscher, Thomas F.; Schmied, Christian; Kaufmann, Philipp A.

    2014-01-01

    Background As coronary computed tomography angiography (CCTA) has emerged as a non-invasive alternative for evaluation of coronary anatomy with a lower referral threshold than invasive coronary angiography (ICA), the prevalence of coronary anomalies in CCTA may more closely reflect the true prevalence in the general population. Morphological features of coronary anomalies can be evaluated more precisely by CCTA than by ICA, which might lead to a higher identification of congenital coronary an...

  14. Finding Needle in a Million Metrics: Anomaly Detection in a Large-scale Computational Advertising Platform

    OpenAIRE

    Zhou, Bowen; Shariat, Shahriar

    2016-01-01

    Online media offers opportunities to marketers to deliver brand messages to a large audience. Advertising technology platforms enables the advertisers to find the proper group of audiences and deliver ad impressions to them in real time. The recent growth of the real time bidding has posed a significant challenge on monitoring such a complicated system. With so many components we need a reliable system that detects the possible changes in the system and alerts the engineering team. In this pa...

  15. MODVOLC2: A Hybrid Time Series Analysis for Detecting Thermal Anomalies Applied to Thermal Infrared Satellite Data

    Science.gov (United States)

    Koeppen, W. C.; Wright, R.; Pilger, E.

    2009-12-01

    We developed and tested a new, automated algorithm, MODVOLC2, which analyzes thermal infrared satellite time series data to detect and quantify the excess energy radiated from thermal anomalies such as active volcanoes, fires, and gas flares. MODVOLC2 combines two previously developed algorithms, a simple point operation algorithm (MODVOLC) and a more complex time series analysis (Robust AVHRR Techniques, or RAT) to overcome the limitations of using each approach alone. MODVOLC2 has four main steps: (1) it uses the original MODVOLC algorithm to process the satellite data on a pixel-by-pixel basis and remove thermal outliers, (2) it uses the remaining data to calculate reference and variability images for each calendar month, (3) it compares the original satellite data and any newly acquired data to the reference images normalized by their variability, and it detects pixels that fall outside the envelope of normal thermal behavior, (4) it adds any pixels detected by MODVOLC to those detected in the time series analysis. Using test sites at Anatahan and Kilauea volcanoes, we show that MODVOLC2 was able to detect ~15% more thermal anomalies than using MODVOLC alone, with very few, if any, known false detections. Using gas flares from the Cantarell oil field in the Gulf of Mexico, we show that MODVOLC2 provided results that were unattainable using a time series-only approach. Some thermal anomalies (e.g., Cantarell oil field flares) are so persistent that an additional, semi-automated 12-µm correction must be applied in order to correctly estimate both the number of anomalies and the total excess radiance being emitted by them. Although all available data should be included to make the best possible reference and variability images necessary for the MODVOLC2, we estimate that at least 80 images per calendar month are required to generate relatively good statistics from which to run MODVOLC2, a condition now globally met by a decade of MODIS observations. We also found

  16. Subsurface faults detection based on magnetic anomalies investigation: A field example at Taba protectorate, South Sinai

    Science.gov (United States)

    Khalil, Mohamed H.

    2016-08-01

    Quantitative interpretation of the magnetic data particularly in a complex dissected structure necessitates using of filtering techniques. In Taba protectorate, Sinai synthesis of different filtering algorithms was carried out to distinct and verifies the subsurface structure and estimates the depth of the causative magnetic sources. In order to separate the shallow-seated structure, filters of the vertical derivatives (VDR), Butterworth high-pass (BWHP), analytic signal (AS) amplitude, and total horizontal derivative of the tilt derivative (TDR_THDR) were conducted. While, filters of the apparent susceptibility and Butterworth low-pass (BWLP) were conducted to identify the deep-seated structure. The depths of the geological contacts and faults were calculated by the 3D Euler deconvolution. Noteworthy, TDR_THDR was independent of geomagnetic inclination, significantly less susceptible to noise, and more sensitive to the details of the shallow superimposed structures. Whereas, the BWLP proved high resolution capabilities in attenuating the shorter wavelength of the near surface anomalies and emphasizing the longer wavelength derived from deeper causative structure. 3D Euler deconvolution (SI = 0) was quite amenable to estimate the depths of superimposed subsurface structure. The pattern, location, and trend of the deduced shallow and deep faults were conformed remarkably to the addressed fault system.

  17. Enhanced Anomaly Detection Via PLS Regression Models and Information Entropy Theory

    KAUST Repository

    Harrou, Fouzi

    2015-12-07

    Accurate and effective fault detection and diagnosis of modern engineering systems is crucial for ensuring reliability, safety and maintaining the desired product quality. In this work, we propose an innovative method for detecting small faults in the highly correlated multivariate data. The developed method utilizes partial least square (PLS) method as a modelling framework, and the symmetrized Kullback-Leibler divergence (KLD) as a monitoring index, where it is used to quantify the dissimilarity between probability distributions of current PLS-based residual and reference one obtained using fault-free data. The performance of the PLS-based KLD fault detection algorithm is illustrated and compared to the conventional PLS-based fault detection methods. Using synthetic data, we have demonstrated the greater sensitivity and effectiveness of the developed method over the conventional methods, especially when data are highly correlated and small faults are of interest.

  18. A Bayesian Networks in Intrusion Detection Systems

    Directory of Open Access Journals (Sweden)

    M. Mehdi

    2007-01-01

    Full Text Available Intrusion detection systems (IDSs have been widely used to overcome security threats in computer networks. Anomaly-based approaches have the advantage of being able to detect previously unknown attacks, but they suffer from the difficulty of building robust models of acceptable behaviour which may result in a large number of false alarms caused by incorrect classification of events in current systems. We propose a new approach of an anomaly Intrusion detection system (IDS. It consists of building a reference behaviour model and the use of a Bayesian classification procedure associated to unsupervised learning algorithm to evaluate the deviation between current and reference behaviour. Continuous re-estimation of model parameters allows for real time operation. The use of recursive Log-likelihood and entropy estimation as a measure for monitoring model degradation related with behavior changes and the associated model update show that the accuracy of the event classification process is significantly improved using our proposed approach for reducing the missing-alarm.

  19. Anomaly detection in SCADA systems: a network based approach

    NARCIS (Netherlands)

    Barbosa, Rafael Ramos Regis

    2014-01-01

    Supervisory Control and Data Acquisition (SCADA) networks are commonly deployed to aid the operation of large industrial facilities, such as water treatment facilities. Historically, these networks were composed by special-purpose embedded devices communicating through proprietary protocols. However

  20. Application of Inductive Monitoring System to Plug Load Anomaly Detection

    Data.gov (United States)

    National Aeronautics and Space Administration — NASA Ames Research Center’s Sustainability Base is a new 50,000 sq. ft. LEED Platinum office building. Plug loads are expected to account for a significant portion...

  1. An ECG Monitoring System For Prediction Of Cardiac Anomalies Using WBAN

    OpenAIRE

    Hadjem, Medina; Salem, Osman; Naït-Abdesselam, Farid

    2014-01-01

    International audience Cardiovascular diseases (CVD) are known to be the most widespread causes to death. Therefore, detecting earlier signs of cardiac anomalies is of prominent importance to ease the treatment of any cardiac complication or take appropriate actions. Electrocardiogram (ECG) is used by doctors as an important diagnosis tool and in most cases, it's recorded and analyzed at hospital after the appearance of first symptoms or recorded by patients using a device named holter ECG...

  2. Unusual Threshold Anomaly in the 6Li+208Pb System

    Institute of Scientific and Technical Information of China (English)

    ZHANG Chun-Lei; JIA Hui-Ming; WU Zhen-Dong; XU Xin-Xing; BAI Chun-Lin; ZHANG Huan-Qiao; LIN Cheng-Jian; RUAN Ming; LIU Zu-Hua; YANG Feng; WU Xiu-Kun; ZHOU Ping; AN Guang-Peng

    2006-01-01

    @@ The angular distributions of elastic scattering for the 6Li +208Pb system have been measured at several energies around the Coulomb barrier. The parameters of optical potential are extracted by means of a phenomenological optical model analysis. It is found that the real and imaginal potentials show a pronounced energy dependence.The behaviour of the potential at the nearly especially sub-barrier energies in the 6Li+208Pb system is quite different from the results of some previous reports observed in other systems, such as 19 F +208 Pb and 16 O+208 Pb.This unusual threshold phenomenon indicates that breakup channel is strongly coupled with the elastic channel and has obvious effects on optical potential.

  3. Decision Tree, Bagging and Random Forest methods detect TEC seismo-ionospheric anomalies around the time of the Chile, (Mw = 8.8) earthquake of 27 February 2010

    Science.gov (United States)

    Akhoondzadeh, Mehdi

    2016-06-01

    In this paper for the first time ensemble methods including Decision Tree, Bagging and Random Forest have been proposed in the field of earthquake precursors to detect GPS-TEC (Total Electron Content) seismo-ionospheric anomalies around the time and location of Chile earthquake of 27 February 2010. All of the implemented ensemble methods detected a striking anomaly in time series of TEC data, 1 day after the earthquake at 14:00 UTC. The results indicate that the proposed methods due to their performance, speed and simplicity are quite promising and deserve serious attention as a new predictor tools for seismo-ionospheric anomalies detection.

  4. A Mobile Device System for Early Warning of ECG Anomalies

    OpenAIRE

    Adam Szczepański; Khalid Saeed

    2014-01-01

    With the rapid increase in computational power of mobile devices the amount of ambient intelligence-based smart environment systems has increased greatly in recent years. A proposition of such a solution is described in this paper, namely real time monitoring of an electrocardiogram (ECG) signal during everyday activities for identification of life threatening situations. The paper, being both research and review, describes previous work of the authors, current state of the art in the context...

  5. Diagnostic value and clinical problems of MR imaging in congenital anomalies of the central nervous system, 2. Spinal dysraphisms

    Energy Technology Data Exchange (ETDEWEB)

    Oi, Shizuo; Urui, Seishiro; Asano, Noboru; Masumura, Michio; Shose, Yoshiteru; Matsumoto, Satoshi

    1987-06-01

    Spina bifida and associated congenital anomalies in the central nervous system were evaluated by means of MRI, and the results compared with those obtained by conventional diagnostic procedures. Using the two-dimensional Fourier transform technique, a three-radiofrequency-pulse sequence (inversion recovery: IR 2100/500; spin-echo: SE 2100/40 or 2100/80) was routinely applied. Compared with X-ray CT, MR proved to be more accurate in the detection of the pathoanatomical relation between the lesion and the spinal cord, or that between the spinal dysraphic state and associated intracranial anomalies. MRI was also superior in the anatomical diagnosis of a spinal lipoma, a tethered cord, syringobulbia, syringomyelia, the Chiari anomaly, and so forth. The most considerable disadvantage of MRI in the diagnosis of the spina bifida is the poor information it provides about the bifid spine itself, but this information may be obtained by the use of conventional diagnostic procedures. Also, a regular-conducting MRI system is still insufficient to demonstrate the precise location of the canda equina nerve roots, especially in relation to a lipoma, although the spin-echo MR myelographic technique was helpful in demarcating the major structures, such as the lipoma and the cord. In syringomyelia and syringobulbia, further invasive study in analyzing the fluid dynamics is needed to determine the proper operative procedure. It was emphasized in this study that MRI is an extremely valuable diagnostic tool also in the diagnosis of spinal dysraphism, especially in the detection of a pathoanatomical structure, but can also be expected to be improved so as to make possible finer anatomical analysis and provide a higher quality of information on the fluid dynamics, at least so as to indicate operative procedures without any invasive methods. (J.P.N.).

  6. Diagnostic value and clinical problems of MR imaging in congenital anomalies of the central nervous system, 2

    International Nuclear Information System (INIS)

    Spina bifida and associated congenital anomalies in the central nervous system were evaluated by means of MRI, and the results compared with those obtained by conventional diagnostic procedures. Using the two-dimensional Fourier transform technique, a three-radiofrequency-pulse sequence (inversion recovery: IR 2100/500; spin-echo: SE 2100/40 or 2100/80) was routinely applied. Compared with X-ray CT, MR proved to be more accurate in the detection of the pathoanatomical relation between the lesion and the spinal cord, or that between the spinal dysraphic state and associated intracranial anomalies. MRI was also superior in the anatomical diagnosis of a spinal lipoma, a tethered cord, syringobulbia, syringomyelia, the Chiari anomaly, and so forth. The most considerable disadvantage of MRI in the diagnosis of the spina bifida is the poor information it provides about the bifid spine itself, but this information may be obtained by the use of conventional diagnostic procedures. Also, a regular-conducting MRI system is still insufficient to demonstrate the precise location of the canda equina nerve roots, especially in relation to a lipoma, although the spin-echo MR myelographic technique was helpful in demarcating the major structures, such as the lipoma and the cord. In syringomyelia and syringobulbia, further invasive study in analyzing the fluid dynamics is needed to determine the proper operative procedure. It was emphasized in this study that MRI is an extremely valuable diagnostic tool also in the diagnosis of spinal dysraphism, especially in the detection of a pathoanatomical structure, but can also be expected to be improved so as to make possible finer anatomical analysis and provide a higher quality of information on the fluid dynamics, at least so as to indicate operative procedures without any invasive methods. (J.P.N.)

  7. An anomaly detector applied to a materials control and accounting system

    International Nuclear Information System (INIS)

    Large amounts of safeguards data are automatically gathered and stored by monitoring instruments used in nuclear chemical processing plants, nuclear material storage facilities, and nuclear fuel fabrication facilities. An integrated safeguards approach requires the ability to identify anomalous activities or states in these data. Anomalies in the data could be indications of error, theft, or diversion of material. The large volume of the data makes analysis and evaluation by human experts very tedious, and the complex and diverse nature of the data makes these tasks difficult to automate. This paper describes the early work in the development of analysis tools to automate the anomaly detection process. Using data from accounting databases, the authors are modeling the normal behavior of processes. From these models they hope to be able to identify activities or data that deviate from that norm. Such tools would be used to reveal trends, identify errors, and recognize unusual data. Thus the expert's attention can be focused directly on significant phenomena

  8. CT Detection Systems

    International Nuclear Information System (INIS)

    Full Text:Godfrey N. Housnfield received the Nobel Prize in 1979 for inventing Computed Tomography in 1967. Since then the invention has evolved and is part of everyday diagnostics in every hospital. The first clinical Computed Tomography was installed in 1971. Since middle seventies a group of Physicists and Engineers have been development Computed Tomography in Haifa, under the name of different companies. The group started as Elscint, was bought by Picker in 1999, then modified the name to Marconi and was bought by Philips in 2002. Several of the first developments of Computed Tomography systems were done in Haifa, in particular in the detectors. Among several firsts, he first Solid State Computed Tomography detector and first multi-slice Computed Tomography should be mentioned. The evolution of Computed Tomography detection systems will be described. Nowadays Multi Slice Computed Tomography Detectors enable new applications like Computed Tomography Angiography and virtual Colonoscopy. The evolution of Computed Tomography detection systems will be described, from single slice to today 64 slice arrays and beyond

  9. Applying an Ontology to a Patrol Intrusion Detection System for Wireless Sensor Networks

    OpenAIRE

    Chia-Fen Hsieh; Rung-Ching Chen; Yung-Fa Huang

    2014-01-01

    With the increasing application of wireless sensor networks (WSN), the security requirements for wireless sensor network communications have become critical. However, the detection mechanisms of such systems impact the effectiveness of the entire network. In this paper, we propose a lightweight ontology-based wireless intrusion detection system (OWIDS). The system applies an ontology to a patrol intrusion detection system (PIDS). A PIDS is used to detect anomalies via detection knowledge. The...

  10. Novel hybrid intrusion detection system for clustered wireless sensor network

    CERN Document Server

    Sedjelmaci, Hichem

    2011-01-01

    Wireless sensor network (WSN) is regularly deployed in unattended and hostile environments. The WSN is vulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the most efficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. Our intrusion framework uses a combination between the Anomaly Detection based on support vector machine (SVM) and the Misuse Detection. Experiments results show that most of routing attacks can be detected with low false alarm.

  11. Detection of Characteristic Precipitation Anomaly Patterns of El Nino / La Nina in Time- variable Gravity Fields by GRACE

    Science.gov (United States)

    Heki, K.; Morishita, Y.

    2007-12-01

    GRACE (Gravity Recovery and Climate Experiment) satellites, launched in March 2002, have been mapping monthly gravity fields of the Earth, allowing us to infer changes in surface mass, e.g. water and ice. Past findings include the ice mass loss in southern Greenland (Luthcke et al., 2006) and its acceleration in 2004 (Velicogna and Wahr, 2006), crustal dilatation by the 2004 Sumatra Earthquake (Han et al., 2006) and the postseismic movement of water in mantle (Ogawa and Heki, 2007). ENSO (El Nino and Southern Oscillation) brings about global climate impacts, together with its opposite phenomenon, La Nina. Ropelewski and Halpert (1987) showed typical precipitation patterns in ENSO years; characteristic regional-scale precipitation anomalies occur in India, tropical and southern Africa and South America. Nearly opposite precipitation anomalies are shown to occur in La Nina years (Ropelewski and Halpert, 1988). Here we report the detection of such precipitation anomaly patterns in the GRACE monthly gravity data 2002 - 2007, which includes both La Nina (2005 fall - 2006 spring) and El Nino (2006 fall - 2007 spring) periods. We modeled the worldwide gravity time series with constant trends and seasonal changes, and extracted deviations of gravity values at two time epochs, i.e. February 2006 and 2007, and converted them into the changes in equivalent surface water mass. East Africa showed negative gravity deviation (-20.5 cm in water) in 2006 February (La Nina), which reversed to positive (18.7 cm) in 2007 February (El Nino). Northern and southern parts of South America also showed similar see-saw patterns. Such patterns closely resemble to those found meteorologically (Ropelewski and Halpert, 1987; 1988), suggesting the potential of GRACE as a sensor of inter-annual precipitation anomalies through changes in continental water storage. We performed numerical simulations of soil moisture changes at grid points in land area incorporating the CMAP precipitation data, NCEP

  12. Neonatal Jaundice Detection System.

    Science.gov (United States)

    Aydın, Mustafa; Hardalaç, Fırat; Ural, Berkan; Karap, Serhat

    2016-07-01

    Neonatal jaundice is a common condition that occurs in newborn infants in the first week of life. Today, techniques used for detection are required blood samples and other clinical testing with special equipment. The aim of this study is creating a non-invasive system to control and to detect the jaundice periodically and helping doctors for early diagnosis. In this work, first, a patient group which is consisted from jaundiced babies and a control group which is consisted from healthy babies are prepared, then between 24 and 48 h after birth, 40 jaundiced and 40 healthy newborns are chosen. Second, advanced image processing techniques are used on the images which are taken with a standard smartphone and the color calibration card. Segmentation, pixel similarity and white balancing methods are used as image processing techniques and RGB values and pixels' important information are obtained exactly. Third, during feature extraction stage, with using colormap transformations and feature calculation, comparisons are done in RGB plane between color change values and the 8-color calibration card which is specially designed. Finally, in the bilirubin level estimation stage, kNN and SVR machine learning regressions are used on the dataset which are obtained from feature extraction. At the end of the process, when the control group is based on for comparisons, jaundice is succesfully detected for 40 jaundiced infants and the success rate is 85 %. Obtained bilirubin estimation results are consisted with bilirubin results which are obtained from the standard blood test and the compliance rate is 85 %. PMID:27229489

  13. Bicycle Detection System

    OpenAIRE

    Yu, James; Arellano , Secundino; Carrillo , Alma; Cruz , Melinda; Kunitskiy, Dmitriy; Maynigo , Marlo; Sell , Monica

    2013-01-01

    Project Description:  Bicycle detection has become a popular feature of high demand in cities and agencies across the United States. California has recently mandated that all new limit line detector installations as well as modifications to existing limit line detection must provide bicycle detection. This has created the need to develop detection methodologies which are able to detect bicycles as well as differentiate them from vehicles. The objective of this project is to utilize Econolite ...

  14. Detection of malignant right coronary artery anomaly by multi-slice CT coronary angiography

    International Nuclear Information System (INIS)

    Coronary artery anomalies occur in 0.3-0.8% of the population and infer a high risk for sudden cardiac death in young adults. Diagnosis is usually established during coronary angiography, which is hampered by poor spatial visualization. Magnetic resonance imaging is an alternative, but it is not feasible in the presence of metal objects or claustrophobia. In this report, a 15-year-old boy experienced ventricular fibrillation and was successfully resuscitated. Cardiac catheterization was inconclusive, and pacemaker implantation prohibited the use of MR imaging. Multi-slice CT coronary angiography revealed a malignant anomalous right coronary artery. (orig.)

  15. Selecting training and test images for optimized anomaly detection algorithms in hyperspectral imagery through robust parameter design

    Science.gov (United States)

    Mindrup, Frank M.; Friend, Mark A.; Bauer, Kenneth W.

    2011-06-01

    There are numerous anomaly detection algorithms proposed for hyperspectral imagery. Robust parameter design (RPD) techniques have been applied to some of these algorithms in an attempt to choose robust settings capable of operating consistently across a large variety of image scenes. Typically, training and test sets of hyperspectral images are chosen randomly. Previous research developed a frameworkfor optimizing anomaly detection in HSI by considering specific image characteristics as noise variables within the context of RPD; these characteristics include the Fisher's score, ratio of target pixels and number of clusters. This paper describes a method for selecting hyperspectral image training and test subsets yielding consistent RPD results based on these noise features. These subsets are not necessarily orthogonal, but still provide improvements over random training and test subset assignments by maximizing the volume and average distance between image noise characteristics. Several different mathematical models representing the value of a training and test set based on such measures as the D-optimal score and various distance norms are tested in a simulation experiment.

  16. Sensitivity Verification of PWR Monitoring System Using Neuro-Expert For LOCA Detection

    International Nuclear Information System (INIS)

    Sensitivity Verification of PWR Monitoring System Using Neuro-Expert For LOCA Detection. The present research was done for verification of previous developed method on Loss of Coolant Accident (LOCA) detection and perform simulations for knowing the sensitivity of the PWR monitoring system that applied neuro-expert method. The previous research continuing on present research, has developed and has tested the neuro-expert method for several anomaly detections in Nuclear Power Plant (NPP) typed Pressurized Water Reactor (PWR). Neuro-expert can detect the LOCA anomaly with sensitivity of primary coolant leakage of 7 gallon/min and the conventional method could not detect the primary coolant leakage of 30 gallon/min. Neuro expert method detects significantly LOCA anomaly faster than conventional system in Surry-1 NPP as well so that the impact risk is reducible. (author)

  17. Introduction to detection systems

    DEFF Research Database (Denmark)

    Larsen, Jan

    Presentation of the information processing pipleline for detection including discussing of various issues and the use of mathematical modeling. A simple example of detection a signal in noise illustrated that simple modeling outperforms human visual and auditory perception. Particiants are going to...

  18. A MACHINE LEARNING APPROACH TO ANOMALY-BASED DETECTION ON ANDROID PLATFORMS

    OpenAIRE

    Joshua Abah; Waziri O.V; Abdullahi M.B; Arthur U.M; Adewale O.S

    2015-01-01

    The emergence of mobile platforms with increased storage and computing capabilities and the pervasive use of these platforms for sensitive applications such as online banking, e-commerce and the storage of sensitive information on these mobile devices have led to increasing danger associated with malware targeted at these devices. Detecting such malware presents inimitable challenges as signature-based detection techniques available today are becoming inefficient in detecting new ...

  19. Lower Energy α Elastic Scattering on 20Ne and Anomaly of α+20Ne Scattering System

    Institute of Scientific and Technical Information of China (English)

    YANG Yong-Xu; TAN Hai-Lan; LI Qing-Run

    2011-01-01

    The α+20 Ne elastic scattering angular distributions at lower incident energies of Eα = 12.7-31.1 MeV have been analyzed by using the a-folding potential based on the α+16O structure model of the 20Ne nucleus. The α-folding potential with a standard Woods-Saxon type imaginary part, can reasonably describe experimental cross sections and the anomalous large angle scattering (ALAS) features. The anomaly of the α+20Ne scattering system is further confirmed in the lower incident energy region.PACS numbers: 25.70.Bc, 24.10.Ht, 21.60.Gx

  20. Elastic anomalies and phonon damping in a metallic high spin-low spin system

    Science.gov (United States)

    Ihlemann, J.; Bärner, K.

    1984-12-01

    The elastic constants and the sound attenuation in single crystals of the metallic high spin (hs)-low spin (ls) system MnAs 1- xP x have been measured for temperaturres between 10 and 500 K. Elastic anomalies and damping maxima have been found for the second-order displacive (B8 1⇌B31) phase transition, the hs-ls transition and for the magnetic order-disorder transition. The phenomena near the hs-ls transition, in particular, are interpreted in terms of a condensation of a soft static phonon at the ls (hs) site in a hs (ls) matrix.

  1. Towards Corrosion Detection System

    Directory of Open Access Journals (Sweden)

    B.B.Zaidan

    2010-05-01

    Full Text Available Corrosion is a natural process that seeks to reduce the binding energy in metals. The end result of corrosion involves a metal atom being oxidized. Surface corrosion on aluminum aircraft skins, near joints and around fasteners, is often an indicator of buried structural corrosion and cracking In this paper we proposed a new method on which we are moving towards designing a method to detect the corrosion within the metals, the new method has defined texture analysis as the main method for this approach, the proposed enhancement shows less false positive and less false negative. The main functions used in this approach beside texture analysis are Edge detection, structure element and image dilation. The new approach has designed to detect a part of the image that has been affected by the corrosion, the tested images has showed a good result lying on detecting the corrosion part from the image.

  2. 64. The prevalence of coronary artery anomalies in Qassim province detected by cardiac computed tomography angiography

    Directory of Open Access Journals (Sweden)

    O. smettei

    2016-07-01

    Full Text Available Coronary artery anomalies (CAAs affect about 1% of the general population based on invasive coronary angiography (ICA data, computed tomography angiography (CTA enables better visualization of the origin, course, relation to the adjacent structures, and termination of CAAs compared to ICA. The aim of our work is to estimate the frequency of CAAs in Qassim province among patients underwent cardiac CTA at PSCCQ. Retrospective analysis of the CTA data of 2235 patients between 2009 and 2015. The prevalence of CAAs in our study was 1.029%. Among the 2235 patients, 241 (10.78% had CAAs or coronary variants, 198 (8.85% had myocardial bridging, 34 (1.52% had a variable location of the Coronary Ostia, Twenty two (0.98% had a separate origin of left anterior descending (LAD and left circumflex coronary (LCX arteries, ten (0.447% had a separate origin of the RCA and the Conus artery. Seventeen (0.76% had an anomalous origin of the coronaries. Six (0.268% had a coronary artery fistula, which is connected mainly to the right heart chambers, one of these fistulas was complicated by acute myocardial infarction. The incidence of CAAs in our patient population was similar to the former studies, CTA is an excellent tool for diagnosis and guiding the management of the CAAs.

  3. An anomaly detector applied to a materials control and accounting system

    Energy Technology Data Exchange (ETDEWEB)

    Whiteson, R.; Kelso, F. [Los Alamos National Lab., NM (United States); Baumgart, C.; Tunnell, T.W. [EG& G Energy Measurements, Inc., Los Alamos, NM (United States). Los Alamos Operations

    1994-08-01

    Large amounts of safeguards data are automatically gathered and stored by monitoring instruments used in nuclear chemical processing plants, nuclear material storage facilities, and nuclear fuel fabrication facilities. An integrated safeguards approach requires the ability to identify anomalous activities or states in these data. Anomalies in the data could be indications of error, theft, or diversion of material. The large volume of the data makes analysis and evaluation by human experts very tedious, and the complex and diverse nature of the data makes these tasks difficult to automate. This paper describes the early work in the development of analysis tools to automate the anomaly detection process. Using data from accounting databases, the authors are modeling the normal behavior of processes. From these models they hope to be able to identify activities or data that deviate from that norm. Such tools would be used to reveal trends, identify errors, and recognize unusual data. Thus the expert`s attention can be focused directly on significant phenomena.

  4. RePIDS: a multi tier real-time payload-based intrusion detection system

    NARCIS (Netherlands)

    Jamdagni, Aruna; Tan, Zhiyuan; Nanda, Priyadarsi; He, Xiangjian; Liu, Ren Ping

    2013-01-01

    Intrusion Detection System (IDS) deals with huge amount of network traffic and uses large feature set to discriminate normal pattern and intrusive pattern. However, most of existing systems lack the ability to process data for real-time anomaly detection. In this paper, we propose a 3-Tier Iterative

  5. On the possibility of detecting large-scale crustal remanent magnetization with Magsat vector magnetic anomaly data

    Science.gov (United States)

    Galliher, S. C.; Mayhew, M. A.

    1982-01-01

    Magnetic anomaly component data measured by Magsat is compared with synthetic anomaly component fields arising from an equivalent source dipole array at the earth's surface generated from total field anomaly data alone. It is found that the synthetic components fit the component data regardless of the dipole orientation assigned to the equivalent sources and of the dipole spacing. Tentative conclusions are: (1) over the U.S., vector anomaly fields can be determined to the accuracy of the measurements from the total field anomaly data alone; and (2) the equivalent source technique is not useful for determining the direction of large-scale crustal magnetization.

  6. Detection of Congenital Mullerian Anomalies Using Real-Time 3D Sonography

    Directory of Open Access Journals (Sweden)

    Firoozeh Ahmadi

    2011-01-01

    Full Text Available A 35 year-old woman referred to Royan Institute (Reproductive Biomedicine Research Center for infertilitytreatment. She had an eleven-year history of primary infertility with a normal abdominal ultrasound.Hysterosalpingography (HSG was obtained one month prior to referral in another center (Fig A.The HSG finding of an apparent unicorn uterus followed by a normal vaginal ultrasound led us toperform a three-dimensional vaginal ultrasound before resorting to hysteroscopy. Results of thethree-dimensional vaginal ultrasound revealed a normal uterus (Fig B, C.Accurate characterization of congenital Mullerian anomalies (MDAs such as an arcuate, unicornuate,didelphys, bicornuate or septate uterus is challenging. While HSG has been the standard test in the diagnosisof MDAs, some limitations may favor the use of three-dimensional ultrasound. The most difficult partof HSG is interpreting the two-dimensional radiographic image into a complex, three-dimensional livingorgan (1. A variety of technical problems may occur while performing HSG. In this case, only an obliqueview could lead to a correct interpretation. It is advisable for the interpreter to perform the procedure ratherthan to inspect only the finished radiographic images (2.One of the most useful scan planes obtained on three-dimensional ultrasound is the coronal view ofthe uterus. This view is known to be a valuable problem-solving tool that assists in differentiatingbetween various types of MDAs due to the high level of agreement between three-dimensionalultrasound and HSG (3, 4.Recently, three-dimensional ultrasound has become the sole mandatory step in the initial investigationof MDAs due to its superiority to other techniques that have been used for the same purpose (5.

  7. A complete low cost radon detection system

    International Nuclear Information System (INIS)

    Monitoring the 222Rn activity through the 1200 km long Northern Anatolian fault line, for the purpose of earthquake precursory, requires large number of cost effective radon detectors. We have designed, produced and successfully tested a low cost radon detection system (a radon monitor). In the detector circuit of this monitor, First Sensor PS100-7-CER-2 windowless PIN photodiode and a custom made transempedence/shaping amplifier were used. In order to collect the naturally ionized radon progeny to the surface of the PIN photodiode, a potential of 3500 V was applied between the conductive hemi-spherical shell and the PIN photodiode. In addition to the count rate of the radon progeny, absolute pressure, humidity and temperature were logged during the measurements. A GSM modem was integrated to the system for transferring the measurements from the remote locations to the data process center. - Author-Highlights: • Low cost radon detection. • Integrated GSM modem for early warning of radon anomalies. • Radon detection in environment

  8. MEASURE/ANOMTEST. Anomaly detection software package for the Dodewaard power plant facility. Supplement 1. Extension of measurement analysis part, addition of plot package

    International Nuclear Information System (INIS)

    The anomaly detection software package installed at the Dodewaard nuclear power plant has been revised with respect to the part of the measurement analysis. A plot package has been added to the package. Signals in which an anomaly has been detected are automatically plotted including the uncertainty margins of the signals. This report gives a description of the revised measurement analysis part and the plot package. Each new routine of the plot package is described briefly and the new input and output files are given. (orig.)

  9. Antigen detection systems

    Science.gov (United States)

    Infectious agents or their constituent parts (antigens or nucleic acids) can be detected in fresh, frozen, or fixed tissues or other specimens, using a variety of direct or indirect assays. The assays can be modified to yield the greatest sensitivity and specificity but in most cases a particular m...

  10. Rapid deployment intrusion detection system

    International Nuclear Information System (INIS)

    A rapidly deployable security system is one that provides intrusion detection, assessment, communications, and annunciation capabilities; is easy to install and configure; can be rapidly deployed, and is reusable. A rapidly deployable intrusion detection system (RADIDS) has many potential applications within the DOE Complex: back-up protection for failed zones in a perimeter intrusion detection and assessment system, intrusion detection and assessment capabilities in temporary locations, protection of assets during Complex reconfiguration, and protection in hazardous locations, protection of assets during Complex reconfiguration, and protection in hazardous locations. Many DOE user-need documents have indicated an interest in a rapidly deployable intrusion detection system. The purpose of the RADIDS project is to design, develop, and implement such a system. 2 figs

  11. A data driven approach for detection and isolation of anomalies in a group of UAVs

    Institute of Scientific and Technical Information of China (English)

    Wang Yin; Wang Daobo; Wang Jianhong

    2015-01-01

    The use of groups of unmanned aerial vehicles (UAVs) has greatly expanded UAV’s capa-bilities in a variety of applications, such as surveillance, searching and mapping. As the UAVs are operated as a team, it is important to detect and isolate the occurrence of anomalous aircraft in order to avoid collisions and other risks that would affect the safety of the team. In this paper, we present a data-driven approach to detect and isolate abnormal aircraft within a team of formatted flying aerial vehicles, which removes the requirements for the prior knowledge of the underlying dynamic model in conventional model-based fault detection algorithms. Based on the assumption that normal behaviored UAVs should share similar (dynamic) model parameters, we propose to firstly identify the model parameters for each aircraft of the team based on a sequence of input and output data pairs, and this is achieved by a novel sparse optimization technique. The fault states of the UAVs would be detected and isolated in the second step by identifying the change of model parameters. Simulation results have demonstrated the efficiency and flexibility of the proposed approach.

  12. A data driven approach for detection and isolation of anomalies in a group of UAVs

    Directory of Open Access Journals (Sweden)

    Wang Yin

    2015-02-01

    Full Text Available The use of groups of unmanned aerial vehicles (UAVs has greatly expanded UAV’s capabilities in a variety of applications, such as surveillance, searching and mapping. As the UAVs are operated as a team, it is important to detect and isolate the occurrence of anomalous aircraft in order to avoid collisions and other risks that would affect the safety of the team. In this paper, we present a data-driven approach to detect and isolate abnormal aircraft within a team of formatted flying aerial vehicles, which removes the requirements for the prior knowledge of the underlying dynamic model in conventional model-based fault detection algorithms. Based on the assumption that normal behaviored UAVs should share similar (dynamic model parameters, we propose to firstly identify the model parameters for each aircraft of the team based on a sequence of input and output data pairs, and this is achieved by a novel sparse optimization technique. The fault states of the UAVs would be detected and isolated in the second step by identifying the change of model parameters. Simulation results have demonstrated the efficiency and flexibility of the proposed approach.

  13. Multiple Kernel Learning for Heterogeneous Anomaly Detection: Algorithm and Aviation Safety Case Study

    Data.gov (United States)

    National Aeronautics and Space Administration — The world-wide aviation system is one of the most complex dynamical systems ever developed and is generating data at an extremely rapid rate. Most modern commercial...

  14. Detecting Anomalies in Multivariate Data Sets with Switching Sequences and Continuous Streams

    Data.gov (United States)

    National Aeronautics and Space Administration — The world-wide aviation system is one of the most complex dynamical systems ever developed and is generating data at an extremely rapid rate. Most modern commercial...

  15. Value of prenatal MRI in early evaluation of fetal central nervous system anomalies

    Energy Technology Data Exchange (ETDEWEB)

    Kobayashi, Keiichi [Kugayama Hospital, Tokyo (Japan); Nakamura, Masanao; Hino, Ken [Kyorin Univ., Mitaka, Tokyo (Japan). School of Medicine] [and others

    2002-08-01

    Advances in technology and the need for accurate prenatal diagnoses have produced great improvements in fetal diagnosis by MRI. However, there are still many problems with diagnosis of central nervous system (CNS) anomalies using MRI (e.g., time of diagnosis, factors limiting diagnostic ability. Fifteen cases referred to our clinic from 1992 to 2001 and examined using intrauterine ultrasound, prenatal MRI and postnatal MRI were reviewed retrospectively. All clinical records and findings from prenatal MRI, postnatal MRI and ultrasound were reviewed. Prenatal MRI was found to be equal in diagnostic power to ultrasound and postnatal MRI in 10 of the 15 cases. In the remaining 5 fetuses, the findings of prenatal MRI were not the same to those of prenatal ultrasound and postnatal MRI. Our goal was to determine the value of prenatal MRI in diagnosis of fetal CNS anomalies, to ascertain how this information might be used for counseling, and to assess its impact on pregnancy management. Prenatal MRI provided useful information for support personnel (e.g., physicians, nurses, caseworkers, religious advisers). (author)

  16. Detection of electromagnetic anomalies of three earthquakes in Mexico with an improved statistical method

    OpenAIRE

    O. Chavez; Pérez-Enríquez, R.; J. A. Cruz-Abeyro; J. R. Millan-Almaraz; Kotsarenko, A.; Rojas, E

    2011-01-01

    A method for detecting seismomagnetic signals is presented. This work presents evidence of geomagnetic perturbations associated with three earthquakes (EQs) that occurred in Mexico within a distance of ρ = (1.8) 100.45M, where M is the magnitude of the EQ, during the year 2010. An improved statistical analysis in relation with the polarization analysis (as the ratio of vertical magnetic field component to the horizontal one) has been developed. The variation ind...

  17. Gas detection system

    International Nuclear Information System (INIS)

    The detection of H2S leaks is accomplished by a pair of identical detectors. Each detector includes a He-Xe laser which emits at 3.6859 μm and which is mounted on a scanning device with a telescope. The beam is made to scan a number of strategically located retroreflectors and is reflected, forming a curtain of optically sensitive paths along two sides of the plant. By placing the two detectors at diagonally opposite corners of the storage area, this curtain is extended to surround the entire plant. If a leak occurs, a plume of H2S will cut through the curtain of optically sensitive paths and the scanning beam will be absorbed by the H2S which has a major absorption line at 3.6858 μm. The intensity of the reflected beam detected will vary depending on the concentration and diameter of the H2S plume. A second pair of detectors may be located at two other diagonally-opposite corners to provide a second curtain of optically-sensitive paths. This second curtain forms a grid with the first curtain, thus enabling the operator to determine where the gas is moving through the grid. (LL)

  18. An Adaptive Hybrid Multi-level Intelligent Intrusion Detection System for Network Security

    Directory of Open Access Journals (Sweden)

    P. Ananthi

    2014-04-01

    Full Text Available Intrusion Detection System (IDS plays a vital factor in providing security to the networks through detecting malicious activities. Due to the extensive advancements in the computer networking, IDS has become an active area of research to determine various types of attacks in the networks. A large number of intrusion detection approaches are available in the literature using several traditional statistical and data mining approaches. Data mining techniques in IDS observed to provide significant results. Data mining approaches for misuse and anomaly-based intrusion detection generally include supervised, unsupervised and outlier approaches. It is important that the efficiency and potential of IDS be updated based on the criteria of new attacks. This study proposes a novel Adaptive Hybrid Multi-level Intelligent IDS (AHMIIDS system which is the combined version of anomaly and misuse detection techniques. The anomaly detection is based on Bayesian Networks and then the misuse detection is performed using Adaptive Neuro Fuzzy Inference System (ANFIS. The outputs of both anomaly detection and misuse detection modules are applied to Decision Table Majority (DTM to perform the final decision making. A rule-base approach is used in this system. It is observed from the results that the proposed AHMIIDS performs better than other conventional hybrid IDS.

  19. Intrusion Detection System: Security Monitoring System

    OpenAIRE

    ShabnamNoorani,; Sharmila Gaikwad Rathod

    2015-01-01

    An intrusion detection system (IDS) is an ad hoc security solution to protect flawed computer systems. It works like a burglar alarm that goes off if someone tampers with or manages to get past other security mechanisms such as authentication mechanisms and firewalls. An Intrusion Detection System (IDS) is a device or a software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.Intrusio...

  20. Anomaly Detection in Electroencephalogram Signals Using Unconstrained Minimum Average Correlation Energy Filter

    Directory of Open Access Journals (Sweden)

    Aini Hussain

    2009-01-01

    Full Text Available Problem statement: Electroencepharogram (EEG is an extremely complex signal with very low signal to noise ratio and these attributed to difficulty in analyzing the signal. Hence for detecting abnormal segment, a distinctive method is required to train the technologist to distinguish the anomalous in EEG data. The objective of this study was to create a framework to analyze EEG signals recorded from epileptic patients by evaluating the potential of UMACE filter to detect changes in single-channel EEG data during routine epilepsy monitoring. Approach: Normally, the peak to side lobe ratio (PSR of a UMACE filter was employed as an indicator if a test data is similar to an authentic class or vice versa, however in this study, the consistent changes of the correlation output known as Region Of Interest (ROI was plotted and monitored. Based on this approach, a novel method to analyze and distinguish variances in scalp EEG as well as comparing both normal and abnormal regions of the patient’s EEG was assessed. The performance of the novelty detection was examined based on the onset and end time of each seizure in the ROI plot. Results: Results showed that using ROI plot of variances one can distinguish irregularities in the EEG data. The advantage of the proposed technique was that it did not require large amount of data for training. Conclusion: As such, it was feasible to perform seizure analysis as well as localizing seizure onsets. In short, the technique can be used as a guideline for faster diagnosis in a lengthy EEG recording.

  1. Water-like anomalies in the core-softened systems: Dependence on the trajectory in density-temperature plane

    International Nuclear Information System (INIS)

    We show that the existence of the water-like anomalies in kinetic coefficients in the core-softened systems depends on the trajectory in ρ-T plane along which the kinetic coefficients are calculated. In particular, it is shown that the diffusion anomaly does exist along the isotherms, but disappears along the isochors. We analyze the applicability of the Rosenfeld entropy scaling relations to the systems with the core-softened potentials demonstrating the water-like anomalies. It is shown that the validity of the Rosenfeld scaling relation for the diffusion coefficient also depends on the trajectory in the ρ-T plane along which the kinetic coefficients and the excess entropy are calculated. In particular, it is valid along isochors, but it breaks down along isotherms. -- Highlights: → We analyze the anomalies in kinetic coefficients in the core-softened systems. → We show that the anomalies depend on the trajectory in density-temperature plane. → The applicability of the Rosenfeld entropy scaling to these systems is analyzed. → The validity of the Rosenfeld scaling relation also depends on the trajectory.

  2. Genetic algorithm for TEC seismo-ionospheric anomalies detection around the time of the Solomon (Mw = 8.0) earthquake of 06 February 2013

    Science.gov (United States)

    Akhoondzadeh, M.

    2013-08-01

    On 6 February 2013, at 12:12:27 local time (01:12:27 UTC) a seismic event registering Mw 8.0 struck the Solomon Islands, located at the boundaries of the Australian and Pacific tectonic plates. Time series prediction is an important and widely interesting topic in the research of earthquake precursors. This paper describes a new computational intelligence approach to detect the unusual variations of the total electron content (TEC) seismo-ionospheric anomalies induced by the powerful Solomon earthquake using genetic algorithm (GA). The GA detected a considerable number of anomalous occurrences on earthquake day and also 7 and 8 days prior to the earthquake in a period of high geomagnetic activities. In this study, also the detected TEC anomalies using the proposed method are compared to the results dealing with the observed TEC anomalies by applying the mean, median, wavelet, Kalman filter, ARIMA, neural network and support vector machine methods. The accordance in the final results of all eight methods is a convincing indication for the efficiency of the GA method. It indicates that GA can be an appropriate non-parametric tool for anomaly detection in a non linear time series showing the seismo-ionospheric precursors variations.

  3. Détection d'anomalies bathymétriques à partir de profils altimétriques = Detection of bathymetric anomalies from altimetric profiles

    OpenAIRE

    Le Quentrec, M. F.

    1992-01-01

    De nombreux travaux ont montré l'intérêt des données des satellites altimétriques pour la détection des anomalies bathymétriques océaniques. La bonne corrélation entre les altitudes du géoïde déduites des mesures altimétriques et les structures bathymétriques de courtes longueurs d'onde (de 35 à 245 km pour le satellite SEASAT) a permis, soit de découvrir de nouveaux reliefs sous-marins (plus d'une centaine de monts sous-marins ont été détectés dans le Pacifique Sud par cette méthode) soit de...

  4. Methods and Systems for Characterization of an Anomaly Using Infrared Flash Thermography

    Science.gov (United States)

    Koshti, Ajay M. (Inventor)

    2013-01-01

    A method for characterizing an anomaly in a material comprises (a) extracting contrast data; (b) measuring a contrast evolution; (c) filtering the contrast evolution; (d) measuring a peak amplitude of the contrast evolution; (d) determining a diameter and a depth of the anomaly, and (e) repeating the step of determining the diameter and the depth of the anomaly until a change in the estimate of the depth is less than a set value. The step of determining the diameter and the depth of the anomaly comprises estimating the depth using a diameter constant C.sub.D equal to one for the first iteration of determining the diameter and the depth; estimating the diameter; and comparing the estimate of the depth of the anomaly after each iteration of estimating to the prior estimate of the depth to calculate the change in the estimate of the depth of the anomaly.

  5. MA- IDS: A Distributed Intrusion Detection System Based on Data Mining

    Institute of Scientific and Technical Information of China (English)

    SUN Jian-hua; JIN Hai; CHEN Hao; HAN Zong-fen

    2005-01-01

    Aiming at the shortcomings in intrusion detection systems (IDSs) used in commercial and research fields,we propose the MA-IDS system, a distributed intrusion detection system based on data mining. In this model, misuse intrusion detection system (MIDS) and anomaly intrusion detection system (AIDS) are combined. Data mining is applied to raise detection performance, and distributed mechanism is employed to increase the scalability and efficiency. Host- and network-based mining algorithms employ an improved Bayesian decision theorem that suits for real security environment to minimize the risks incurred by false decisions. We describe the overall architecture of the MA-IDS system, and discuss specific design and implementation issue.

  6. Rotor health monitoring combining spin tests and data-driven anomaly detection methods

    Data.gov (United States)

    National Aeronautics and Space Administration — Health monitoring is highly dependent on sensor systems that are capable of performing in various engine environmental conditions and able to transmit a signal upon...

  7. 'Introducing Dendritic Cells as a Novel Immune-Inspired Algorithm for Anomaly Detection'

    OpenAIRE

    Greensmith, Julie; Aickelin, Uwe; Cayzer, Steve

    2005-01-01

    Abstract. Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system. Research into this family of cells has revealed that they perform the role of coordinating T-cell based immune responses, both reactive and for generating tolerance. We have derived an algorithm based on the functionality of these cells, and have used the signals and differentiation pathways to build a control mechanism for an artificial immune system. We present our...

  8. Introducting Dendritic Cells as a Novel Immune-Inspired Algorithm for Anomaly Detection

    OpenAIRE

    Greensmith, Julie; Aickelin, Uwe; Cayzer, Steve

    2005-01-01

    Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system. Research into this family of cells has revealed that they perform the role of coordinating T-cell based immune responses, both reactive and for generating tolerance. We have derived an algorithm based on the functionality of these cells, and have used the signals and differentiation pathways to build a control mechanism for an artificial immune system. We present our algori...

  9. APDS: Autonomous Pathogen Detection System

    Energy Technology Data Exchange (ETDEWEB)

    Langlois, R G; Brown, S; Burris, L; Colston, B; Jones, L; Makarewicz, T; Mariella, R; Masquelier, D; McBride, M; Milanovich, F; Masarabadi, S; Venkateswaran, K; Marshall, G; Olson, D; Wolcott, D

    2002-02-14

    An early warning system to counter bioterrorism, the Autonomous Pathogen Detection System (APDS) continuously monitors the environment for the presence of biological pathogens (e.g., anthrax) and once detected, it sounds an alarm much like a smoke detector warns of a fire. Long before September 11, 2001, this system was being developed to protect domestic venues and events including performing arts centers, mass transit systems, major sporting and entertainment events, and other high profile situations in which the public is at risk of becoming a target of bioterrorist attacks. Customizing off-the-shelf components and developing new components, a multidisciplinary team developed APDS, a stand-alone system for rapid, continuous monitoring of multiple airborne biological threat agents in the environment. The completely automated APDS samples the air, prepares fluid samples in-line, and performs two orthogonal tests: immunoassay and nucleic acid detection. When compared to competing technologies, APDS is unprecedented in terms of flexibility and system performance.

  10. Automated Signature Creator for a Signature Based Intrusion Detection System with Network Attack Detection Capabilities (Pancakes

    Directory of Open Access Journals (Sweden)

    Frances Bernadette C. De Ocampo

    2015-05-01

    Full Text Available Signature-based Intrusion Detection System (IDS helps in maintaining the integrity of data in a network controlled environment. Unfortunately, this type of IDS depends on predetermined intrusion patterns that are manually created. If the signature database of the Signature-based IDS is not updated, network attacks just pass through this type of IDS without being noticed. To avoid this, an Anomaly-based IDS is used in order to countercheck if a network traffic that is not detected by Signature-based IDS is a true malicious traffic or not. In doing so, the Anomaly-based IDS might come up with several numbers of logs containing numerous network attacks which could possibly be a false positive. This is the reason why the Anomaly-based IDS is not perfect, it would readily alarm the system that a network traffic is an attack just because it is not on its baseline. In order to resolve the problem between these two IDSs, the goal is to correlate data between the logs of the Anomaly-based IDS and the packet that has been captured in order to determine if a network traffic is really malicious or not. With the supervision of a security expert, the malicious network traffic would be verified as malicious. Using machine learning, the researchers can identify which algorithm is better than the other algorithms in classifying if a certain network traffic is really malicious. Upon doing so, the creation of signatures would follow by basing the automated creation of signatures from the detected malicious traffic.

  11. Fault detection in photovoltaic systems

    OpenAIRE

    Nilsson, David

    2014-01-01

    This master’s thesis concerns three different areas in the field of fault detection in photovoltaic systems.Previous studies have concerned homogeneous systems with a large set of parameters being observed,while this study is focused on a more restrictive case. The first problem is to discover immediate faults occurring in solar panels. A new online algorithm is developed based on similarity measures with in a single installation. It performs reliably and is able to detect all significant fau...

  12. Ferromagnetic Objects Magnetovision Detection System

    Directory of Open Access Journals (Sweden)

    Michał Nowicki

    2013-12-01

    Full Text Available This paper presents the application of a weak magnetic fields magnetovision scanning system for detection of dangerous ferromagnetic objects. A measurement system was developed and built to study the magnetic field vector distributions. The measurements of the Earth’s field distortions caused by various ferromagnetic objects were carried out. The ability for passive detection of hidden or buried dangerous objects and the determination of their location was demonstrated.

  13. On the origin of the flux ratio anomaly in quadruple lens systems

    Science.gov (United States)

    Inoue, Kaiki Taro

    2016-09-01

    We explore the origin of the flux ratio anomaly in quadruple lens systems. Using a semi-analytic method based on N-body simulations, we estimate the effect of a possible magnification perturbation caused by subhaloes with a mass scale of ≲109 h-1 M⊙ in lensing galaxy haloes. Taking into account astrometric shifts and assuming that the primary lens is described by a singular isothermal ellipsoid, the expected change to the flux ratios for a multiply lensed image is just a few per cent and the mean of the expected convergence perturbation at the effective Einstein radius of the lensing galaxy halo is = 0.003, corresponding to the mean of the ratio of a projected dark matter mass fraction in subhaloes at the effective Einstein radius = 0.006. In contrast, the expected change to the flux ratio caused by line-of-sight structures is typically ˜10 per cent and the mean of the convergence perturbation is = 0.008, corresponding to = 0.017. The contribution of the magnification perturbation caused by subhaloes is ˜40 per cent of the total at a source redshift zS = 0.7 and decreases monotonically in zS to ˜20 per cent at zS = 3.6. Assuming statistical isotropy, the convergence perturbation estimated from 11 observed quadruple lens systems has a positive correlation with the source redshift zS, which is much stronger than that with the lens redshift zL. This feature also supports that the flux ratio anomaly is caused mainly by line-of-sight structures rather than subhaloes. We also discuss a possible imprint of line-of-sight structures in the demagnification of minimum images due to locally underdense structures in the line of sight.

  14. Right-sided superior vena cava draining into the left atrium: a rare anomaly of systemic venous return

    Energy Technology Data Exchange (ETDEWEB)

    Aminololama-Shakeri, Shadi; Wootton-Gorges, Sandra L.; Reyes, Melissa; Moore, Elizabeth H. [University of California Davis, Medical Center and Children' s Hospital, Department of Radiology, Sacramento, CA (United States); Pretzlaff, Robert K. [University of California Davis, Medical Center and Children' s Hospital, Department of Pediatrics, Sacramento, CA (United States)

    2007-03-15

    The most commonly encountered systemic thoracic venous anomaly is a persistent left superior vena cava that drains into the right atrium via the coronary sinus. A much rarer systemic venous anomaly is that of isolated anomalous drainage of a normally positioned right superior vena cava (RSVC) into the left atrium (LA). This has been reported in approximately 20 patients with the diagnosis usually being made by cardiac catheterization. We report the case of a toddler with asymptomatic hypoxemia resulting from anomalous drainage of a normal RSVC into his LA. This was diagnosed non-invasively by contrast-enhanced chest CT. (orig.)

  15. Anomaly Detection and Comparative Analysis of Hydrothermal Alteration Materials Trough Hyperspectral Multisensor Data in the Turrialba Volcano

    Science.gov (United States)

    Rejas, J. G.; Martínez-Frías, J.; Bonatti, J.; Martínez, R.; Marchamalo, M.

    2012-07-01

    The aim of this work is the comparative study of the presence of hydrothermal alteration materials in the Turrialba volcano (Costa Rica) in relation with computed spectral anomalies from multitemporal and multisensor data adquired in spectral ranges of the visible (VIS), short wave infrared (SWIR) and thermal infrared (TIR). We used for this purposes hyperspectral and multispectral images from the HyMAP and MASTER airborne sensors, and ASTER and Hyperion scenes in a period between 2002 and 2010. Field radiometry was applied in order to remove the atmospheric contribution in an empirical line method. HyMAP and MASTER images were georeferenced directly thanks to positioning and orientation data that were measured at the same time in the acquisition campaign from an inertial system based on GPS/IMU. These two important steps were allowed the identification of spectral diagnostic bands of hydrothermal alteration minerals and the accuracy spatial correlation. Enviromental impact of the volcano activity has been studied through different vegetation indexes and soil patterns. Have been mapped hydrothermal materials in the crater of the volcano, in fact currently active, and their surrounding carrying out a principal components analysis differentiated for a high and low absorption bands to characterize accumulations of kaolinite, illite, alunite and kaolinite+smectite, delimitating zones with the presence of these minerals. Spectral anomalies have been calculated on a comparative study of methods pixel and subpixel focused in thermal bands fused with high-resolution images. Results are presented as an approach based on expert whose main interest lies in the automated identification of patterns of hydrothermal altered materials without prior knowledge or poor information on the area.

  16. Relationships between Rwandan seasonal rainfall anomalies and ENSO events

    Science.gov (United States)

    Muhire, I.; Ahmed, F.; Abutaleb, K.

    2015-10-01

    This study aims primarily at investigating the relationships between Rwandan seasonal rainfall anomalies and El Niño-South Oscillation phenomenon (ENSO) events. The study is useful for early warning of negative effects associated with extreme rainfall anomalies across the country. It covers the period 1935-1992, using long and short rains data from 28 weather stations in Rwanda and ENSO events resourced from Glantz (2001). The mean standardized anomaly indices were calculated to investigate their associations with ENSO events. One-way analysis of variance was applied on the mean standardized anomaly index values per ENSO event to explore the spatial correlation of rainfall anomalies per ENSO event. A geographical information system was used to present spatially the variations in mean standardized anomaly indices per ENSO event. The results showed approximately three climatic periods, namely, dry period (1935-1960), semi-humid period (1961-1976) and wet period (1977-1992). Though positive and negative correlations were detected between extreme short rains anomalies and El Niño events, La Niña events were mostly linked to negative rainfall anomalies while El Niño events were associated with positive rainfall anomalies. The occurrence of El Niño and La Niña in the same year does not show any clear association with rainfall anomalies. However, the phenomenon was more linked with positive long rains anomalies and negative short rains anomalies. The normal years were largely linked with negative long rains anomalies and positive short rains anomalies, which is a pointer to the influence of other factors other than ENSO events. This makes projection of seasonal rainfall anomalies in the country by merely predicting ENSO events difficult.

  17. Dynamic and real-time network anomaly detection model inspired by immune%基于免疫的网络动态实时异常检测模型

    Institute of Scientific and Technical Information of China (English)

    彭凌西; 曾金全

    2012-01-01

    网络异常检测已成为入侵检测系统发展的重要方向.现有异常检测模型对检测模式描述为一种静态方式,缺乏良好的自适应性和协同性,检测率低,难以满足高速网络环境下实时检测的需求.针对此,借鉴人体免疫系统优异的自学习自适应机制,提出了一种新的基于免疫的网络动态实时异常检测模型NAIM.该模型通过对检测模式进行动态描述,结合抗体细胞动态克隆原理,探讨种痘及疫苗分发机制,实现检测模式随真实网络环境同步演化,从而提高网络异常检测的准确性和及时性.%The network anomaly detection has become the promising direction of intrusion detection system. The existing anomaly detection models depict the detection pattern with a static way, which lack good adaptability and interoperability with low detection rate, so it is difficult to implement the real-time detection under the high- speed network environment. Our research uses the excellent mechanism of Self-learning and adaptability of the human immune system, and a novel real-time immune-based anomaly detection model(NAIM) is proposed. The model dynamically depicts detection model, combining the antibody's clone theory and disscussing the vaccina- tion and bacterin distribution mechanism, which achieves the detection mode's synchronous evolvement with the real network enviroment, thus improves the network anomaly detection's veracity and timeliness.

  18. Critical features in electromagnetic anomalies detected prior to the L'Aquila earthquake

    CERN Document Server

    Contoyiannis, Y F; Kopanas, J; Antonopoulos, G; Contoyianni, L; Eftaxias, K

    2009-01-01

    Electromagnetic (EM) emissions in a wide frequency spectrum ranging from kHz to MHz are produced by opening cracks, which can be considered as the so-called precursors of general fracture. We emphasize that the MHz radiation appears earlier than the kHz in both laboratory and geophysical scale. An important challenge in this field of research is to distinguish characteristic epochs in the evolution of precursory EM activity and identify them with the equivalent last stages in the earthquake (EQ) preparation process. Recently, we proposed the following two epochs/stages model: (i) The second epoch, which includes the finally emerged strong impulsive kHz EM emission is due to the fracture of the high strength large asperities that are distributed along the activated fault sustaining the system. (ii) The first epoch, which includes the initially emerged MHz EM radiation is thought to be due to the fracture of a highly heterogeneous system that surrounds the family of asperities. A catastrophic EQ of magnitude Mw...

  19. Detection and Protection Against Intrusions on Smart Grid Systems

    Directory of Open Access Journals (Sweden)

    Ata Arvani

    2015-05-01

    Full Text Available The wide area monitoring of power systems is implemented at a central control center to coordinate the actions of local controllers. Phasor measurement units (PMUs are used for the collection of data in real time for the smart grid energy systems. Intrusion detection and cyber security of network are important requirements for maintaining the integrity of wide area monitoring systems. The intrusion detection methods analyze the measurement data to detect any possible cyber attacks on the operation of smart grid systems. In this paper, the model-based and signal-based intrusion detection methods are investigated to detect the presence of malicious data. The chi-square test and discrete wavelet transform (DWT have been used for anomaly-based detection. The false data injection attack (FDIA can be detected using measurement residual. If the measurement residual is larger than expected detection threshold, then an alarm is triggered and bad data can be identified. Avoiding such alarms in the residual test is referred to as stealth attack. There are two protection strategies for stealth attack: (1 Select a subset of meters to be protected from the attacker (2 Place secure phasor measurement units in the power grid. An IEEE 14-bus system is simulated using real time digital simulator (RTDS hardware platform for implementing attack and detection schemes.

  20. Structural Anomalies Detected in Ceramic Matrix Composites Using Combined Nondestructive Evaluation and Finite Element Analysis (NDE and FEA)

    Science.gov (United States)

    Abdul-Aziz, Ali; Baaklini, George Y.; Bhatt, Ramakrishna T.

    2003-01-01

    and the experimental data. Furthermore, modeling of the voids collected via NDE offered an analytical advantage that resulted in more accurate assessments of the material s structural strength. The top figure shows a CT scan image of the specimen test section illustrating various hidden structural entities in the material and an optical image of the test specimen considered in this study. The bottom figure represents the stress response predicted from the finite element analyses (ref .3 ) for a selected CT slice where it clearly illustrates the correspondence of the high stress risers due to voids in the material with those predicted by the NDE. This study is continuing, and efforts are concentrated on improving the modeling capabilities to imitate the structural anomalies as detected.

  1. HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NETWORK

    Directory of Open Access Journals (Sweden)

    Seyedeh Yasaman Rashida

    2013-06-01

    Full Text Available In order to the rapid growth of the network application, new kinds of network attacks are emerging endlessly. So it is critical to protect the networks from attackers and the Intrusion detection technology becomes popular. Therefore, it is necessary that this security concern must be articulate right from the beginning of the network design and deployment. The intrusion detection technology is the process of identifying network activity that can lead to a compromise of security policy. Lot of work has been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and manage misuse and anomaly detects.

  2. Intrusion Detection in NEAR System by Anti-denoising Traffic Data Series using Discrete Wavelet Transform

    Directory of Open Access Journals (Sweden)

    VANCEA, F.

    2014-11-01

    Full Text Available The paper presents two methods for detecting anomalies in data series derived from network traffic. Intrusion detection systems based on network traffic analysis are able to respond to incidents never seen before by detecting anomalies in data series extracted from the traffic. Some anomalies manifest themselves as pulses of various sizes and shapes, superimposed on series corresponding to normal traffic. In order to detect those impulses we propose two methods based on discrete wavelet transformation. Their effectiveness expressed in relative thresholds on pulse amplitude for no false negatives and no false positives is then evaluated against pulse duration and Hurst characteristic of original series. Different base functions are also evaluated for efficiency in the context of the proposed methods.

  3. Intrusion Detection System: Security Monitoring System

    Directory of Open Access Journals (Sweden)

    ShabnamNoorani,

    2015-10-01

    Full Text Available An intrusion detection system (IDS is an ad hoc security solution to protect flawed computer systems. It works like a burglar alarm that goes off if someone tampers with or manages to get past other security mechanisms such as authentication mechanisms and firewalls. An Intrusion Detection System (IDS is a device or a software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.Intrusion Detection System (IDS has been used as a vital instrument in defending the network from this malicious or abnormal activity..In this paper we are comparing host based and network based IDS and various types of attacks possible on IDS.

  4. An experimental study on a training support system utilizing trainee's eye gaze point and think aloud protocol for diagnosing nuclear power plant anomalies

    International Nuclear Information System (INIS)

    An experimental system has been developed for aiming at supporting the simulator training of diagnosis nuclear power plant anomaly, where an expert provides the instructions to a trainee by his/her own educational and experienced point of view. This system has several characteristics as follows: (1) the expert can provide the instruction through the local area network or the Internet, (2) the training task is the detection of the primary cause of plant anomaly, which is not including the plant operation but requires only thinking, and (3) the system can automatically detects the trainee's view-point and think aloud protocols and provide these two types of information to the expert in real time for supporting his/her instruction. A laboratory experiment using this system was conducted, where an expert, who had really engaged in plant operation as a chief operator, was employed as the instructor for novice students. As the result of analyzing the experimental data, it was found that the two types of information, trainee's viewpoints and his verbal protocols, have some potential of effectiveness for supporting the instructor to estimate the trainees diagnostic thinking process and provide the instruction. (author)

  5. Incipient-signature identification of mechanical anomalies in a ship-borne satellite antenna system using an ensemble multiwavelet

    International Nuclear Information System (INIS)

    The instrumented tracking and telemetry ship with a ship-borne satellite antenna (SSA) is the critical device to ensure high quality of space exploration work. To effectively detect mechanical anomalies that can lead to unexpected downtime of the SSA, an ensemble multiwavelet (EM) is presented for identifying the anomaly related incipient-signatures within the measured dynamic signals. Rather than using a predetermined basis as in a conventional multiwavelet, an EM optimizes the matching basis which satisfactorily adapts to the anomaly related incipient-signatures. The construction technique of an EM is based on the conjunction of a two-scale similarity transform (TST) and lifting scheme (LS). For the technique above, the TST improves the regularity by increasing the approximation order of multiscaling functions, while subsequently the LS enhances the smoothness and localizability via utilizing the vanishing moment of multiwavelet functions. Moreover, combining the Hilbert transform with EM decomposition, we identify the incipient-signatures induced by the mechanical anomalies from the measured dynamic signals. A numerical simulation and two successful applications of diagnosis cases (a planetary gearbox and a roller bearing) demonstrate that the proposed technique is capable of dealing with the challenging incipient-signature identification task even though spectral complexity, as well as the strong amplitude/frequency modulation effect, is present in the dynamic signals. (paper)

  6. Intelligent System for Worm Detection

    Directory of Open Access Journals (Sweden)

    Tarek S. Sobh

    2009-01-01

    Full Text Available Worms are on the top of malware threats attacking computer system although of the evolution of worms detectiontechniques. Early detection of unknown worms is still a problem. This paper produce a method for detecting unknown wormsbased on local victim information. The proposed system uses Artificial Neural Network (ANN for classifying worm/ nonwormtraffic and predicting the percentage of infection in the infected network. This prediction can be used to support decisionmaking process for network administrator to respond quickly to worm propagation in an accurate procedure.

  7. On the Origin of Flux Ratio Anomaly in Quadruple Lens Systems

    CERN Document Server

    Inoue, Kaiki Taro

    2016-01-01

    We explore the origin of flux ratio anomaly in quadruple lens systems. Using a semi-analytic method based on $N$-body simulations, we estimate the effect of possible magnification perturbation caused by subhaloes with a mass scale of <~ $ 10^9\\,h^{-1} \\textrm{M}_\\odot$ in lensing galaxy haloes. Taking into account astrometric shifts by perturbers, we find that the expected change to the flux ratios per a multiply lensed image is just a few percent and the mean of the expected convergence perturbation at the effective Einstein radius of the lensing galaxy halo is $\\langle \\delta \\kappa_{\\textrm{sub}} \\rangle = 0.003$, corresponding to the mean of the ratio of a projected dark matter mass fraction in subhaloes $\\langle f_{\\textrm{sub}} \\rangle = 0.006$ for observed 11 quadruple lens systems. In contrast, the expected change to the flux ratio caused by line-of-sight structures in intergalactic spaces is typically ~10 percent and the mean of the convergence perturbation is $\\langle |\\delta \\kappa_{\\textrm{los}...

  8. Survey of prenatal screening policies in Europe for structural malformations and chromosome anomalies, and their impact on detection and termination rates for neural tube defects and Down's syndrome

    DEFF Research Database (Denmark)

    Boyd, P A; Devigan, C; Khoshnood, B;

    2008-01-01

    screening policies in 18 countries and 1.13 million births in 12 countries in 2002-04. METHODS: (i) Questionnaire on national screening policies and termination of pregnancy for fetal anomaly (TOPFA) laws in 2004. (ii) Analysis of data on prenatal detection and termination for Down's syndrome and neural...... tube defects (NTDs) using the EUROCAT database. MAIN OUTCOME MEASURES: Existence of national prenatal screening policies, legal gestation limit for TOPFA, prenatal detection and termination rates for Down's syndrome and NTD. RESULTS: Ten of the 18 countries had a national country-wide policy for Down...... associated with wide country variation in prenatal detection rates for Down's syndrome and NTD....

  9. Quickest detection in coupled systems

    CERN Document Server

    Hadjiliadis, Olympia; Poor, H Vincent

    2009-01-01

    This work considers the problem of quickest detection of signals in a coupled system of N sensors, which receive continuous sequential observations from the environment. It is assumed that the signals, which are modeled a general Ito processes, are coupled across sensors, but that their onset times may differ from sensor to sensor. The objective is the optimal detection of the first time at which any sensor in the system receives a signal. The problem is formulated as a stochastic optimization problem in which an extended average Kullback- Leibler divergence criterion is used as a measure of detection delay, with a constraint on the mean time between false alarms. The case in which the sensors employ cumulative sum (CUSUM) strategies is considered, and it is proved that the minimum of N CUSUMs is asymptotically optimal as the mean time between false alarms increases without bound.

  10. Automatic Detection and Classification of Pole-Like Objects in Urban Point Cloud Data Using an Anomaly Detection Algorithm

    OpenAIRE

    Borja Rodríguez-Cuenca; Silverio García-Cortés; Celestino Ordóñez; Maria C. Alonso

    2015-01-01

    Detecting and modeling urban furniture are of particular interest for urban management and the development of autonomous driving systems. This paper presents a novel method for detecting and classifying vertical urban objects and trees from unstructured three-dimensional mobile laser scanner (MLS) or terrestrial laser scanner (TLS) point cloud data. The method includes an automatic initial segmentation to remove the parts of the original cloud that are not of interest for detecting vertical o...

  11. Optical detection in microfluidic systems

    DEFF Research Database (Denmark)

    Mogensen, Klaus Bo; Kutter, Jörg Peter

    2009-01-01

    Optical detection schemes continue to be favoured for measurements in microfluidic systems. A selection of the latest progress mainly within the last two years is critically reviewed. Emphasis is on integrated solutions, such as planar waveguides, coupling schemes to the outside world, evanescent...

  12. Semi autonomous mine detection system

    Energy Technology Data Exchange (ETDEWEB)

    Douglas Few; Roelof Versteeg; Herman Herman

    2010-04-01

    CMMAD is a risk reduction effort for the AMDS program. As part of CMMAD, multiple instances of semi autonomous robotic mine detection systems were created. Each instance consists of a robotic vehicle equipped with sensors required for navigation and marking, a countermine sensors and a number of integrated software packages which provide for real time processing of the countermine sensor data as well as integrated control of the robotic vehicle, the sensor actuator and the sensor. These systems were used to investigate critical interest functions (CIF) related to countermine robotic systems. To address the autonomy CIF, the INL developed RIK was extended to allow for interaction with a mine sensor processing code (MSPC). In limited field testing this system performed well in detecting, marking and avoiding both AT and AP mines. Based on the results of the CMMAD investigation we conclude that autonomous robotic mine detection is feasible. In addition, CMMAD contributed critical technical advances with regard to sensing, data processing and sensor manipulation, which will advance the performance of future fieldable systems. As a result, no substantial technical barriers exist which preclude – from an autonomous robotic perspective – the rapid development and deployment of fieldable systems.

  13. Does the Neptunian system of satellites challenge a gravitational origin for the Pioneer anomaly?

    CERN Document Server

    Iorio, Lorenzo

    2009-01-01

    If the Pioneer Anomaly was a genuine dynamical effect of gravitational origin, it should also affect the orbital motions of the solar system's bodies moving in the space regions in which the PA manifested itself in its presently known form, i.e. as a constant and uniform acceleration approximately directed towards the Sun with a non-zero magnitude (8.74+/-1.33) x 10^-10 m s^-2 after 20 au from the Sun. We preliminarily investigate its effects on the orbital motions of the Neptunian satellites Triton, Nereid and Proteus, located at about 30 au from the Sun, both analytically and numerically. The analytical calculations show that the PA-induced radial and transverse perturbations of Triton are of the order of a few km yr^-1, those of Nereid are about 10+/-100 km yr^-1, while Proteus experiences radial and transverse shifts of the order of 0.1 km yr^-1. The out-of-plane perturbations are negligible, apart from that of Nereid which amounts to about 20 km yr^-1. The corresponding orbital uncertainties obtained fro...

  14. Competing Orders and Anomalies

    Science.gov (United States)

    Moon, Eun-Gook

    2016-08-01

    A conservation law is one of the most fundamental properties in nature, but a certain class of conservation “laws” could be spoiled by intrinsic quantum mechanical effects, so-called quantum anomalies. Profound properties of the anomalies have deepened our understanding in quantum many body systems. Here, we investigate quantum anomaly effects in quantum phase transitions between competing orders and striking consequences of their presence. We explicitly calculate topological nature of anomalies of non-linear sigma models (NLSMs) with the Wess-Zumino-Witten (WZW) terms. The non-perturbative nature is directly related with the ’t Hooft anomaly matching condition: anomalies are conserved in renormalization group flow. By applying the matching condition, we show massless excitations are enforced by the anomalies in a whole phase diagram in sharp contrast to the case of the Landau-Ginzburg-Wilson theory which only has massive excitations in symmetric phases. Furthermore, we find non-perturbative criteria to characterize quantum phase transitions between competing orders. For example, in 4D, we show the two competing order parameter theories, CP(1) and the NLSM with WZW, describe different universality class. Physical realizations and experimental implication of the anomalies are also discussed.

  15. Space-borne detection of volcanic carbon dioxide anomalies: The importance of ground-based validation networks

    Science.gov (United States)

    Schwandner, F. M.; Carn, S. A.; Corradini, S.; Merucci, L.; Salerno, G.; La Spina, A.

    2012-04-01

    We have investigated the feasibility of space-borne detection of volcanic carbon dioxide (CO2) anomalies, and their integration with ground-based observations. Three goals provide motivation to their integration: (a) development of new volcano monitoring techniques, with better spatial and temporal coverage, because pre-eruptive volcanic CO2 emissions are potentially the earliest available indicators of volcanic unrest; (b) improvement the currently very poor global CO2 source strength inventory for volcanoes, and (c) use of volcanic CO2 emissions for high altitude strong point source emission and dispersion studies. (1) Feasibility of space-borne detection of volcanic CO2 anomalies. Volcanoes are highly variable but continuous CO2 emitters, distributed globally, and emissions often occur at high altitudes. To detect strong point sources of CO2 from space, several hurdles have to be overcome: orographic clouds, unknown dispersion behavior, a high CO2 background in the troposphere, and sparse data coverage from existing satellite sensors. These obstacles can be overcome by a small field of view, enhanced spectral resolving power, and by employing repeat target mode observation strategies. The Japanese GOSAT instrument has been operational since January 2009, producing CO2 total column measurements with a repeat cycle of 3 days and a field of view of 10km. GOSAT thus has the potential to provide spatially integrated data for entire volcanic edifices, especially in target mode. Since summer 2010 we have conducted repeated target mode observations of over 20 persistently active global volcanoes including Etna (Italy), Erta Ale (Ethiopia), and Ambrym (Vanuatu), using L2 GOSAT FTS SWIR data. One of our best-studied test cases is Mt. Etna on Sicily (Italy), which reawakened in 2011 after a period of quiescence and produced a sequence of eruptive activities including lava fountaining events, coinciding with target-mode GOSAT observations conducted there since 2010. For the

  16. Performance Enhancement of Intrusion Detection using Neuro - Fuzzy Intelligent System

    Directory of Open Access Journals (Sweden)

    Dr. K. S. Anil Kumar

    2014-10-01

    Full Text Available This research work aims at developing hybrid algorithms using data mining techniques for the effective enhancement of anomaly intrusion detection performance. Many proposed algorithms have not addressed their reliability with varying amount of malicious activity or their adaptability for real time use. The study incorporates a theoretical basis for improvement in performance of IDS using K-medoids Algorithm, Fuzzy Set Algorithm, Fuzzy Rule System and Neural Network techniques. Also statistical significance of estimates has been looked into for finalizing the best one using DARPA network traffic datasets.

  17. Detection of flux increase of high-energy particles in the region of Brazil geomagnetic anomaly on September 10. 1985

    International Nuclear Information System (INIS)

    Case of abrupt increase of high-energy particle intensity recorded on 10.09.1985 in the region of Brazil anomaly is described. Experiment was carried out on board of Salyut-7 orbital station from 01.08 up to 30.11.85 (using measurement separate series) by means of MARIA scintillation time-of-flight magnetic spectrometer, which recorded high-energy electrons and positrons. Recorded increases of the instrument counting rate in the region of Brazil geomagnetic anomaly are linked with precipitation of high energy electrons and protons from the Earth radiation belt. Existance of correlation between the observed phenomena and earth-quakes is possible

  18. A pattern recognition system for JPEG steganography detection

    Science.gov (United States)

    Chen, C. L. Philip; Chen, Mei-Ching; Agaian, Sos; Zhou, Yicong; Roy, Anuradha; Rodriguez, Benjamin M.

    2012-10-01

    This paper builds up a pattern recognition system to detect anomalies in JPEG images, especially steganographic content. The system consists of feature generation, feature ranking and selection, feature extraction, and pattern classification. These processes tend to capture image characteristics, reduce the problem dimensionality, eliminate the noise inferences between features, and further improve classification accuracies on clean and steganography JPEG images. Based on the discussion and analysis of six popular JPEG steganography methods, the entire recognition system results in higher classification accuracies between clean and steganography classes compared to merely using individual feature subset for JPEG steganography detection. The strength of feature combination and preprocessing has been integrated even when a small amount of information is embedded. The work demonstrated in this paper is extensible and can be improved by integrating various new and current techniques.

  19. Networked gamma radiation detection system for tactical deployment

    Science.gov (United States)

    Mukhopadhyay, Sanjoy; Maurer, Richard; Wolff, Ronald; Smith, Ethan; Guss, Paul; Mitchell, Stephen

    2015-08-01

    A networked gamma radiation detection system with directional sensitivity and energy spectral data acquisition capability is being developed by the National Security Technologies, LLC, Remote Sensing Laboratory to support the close and intense tactical engagement of law enforcement who carry out counterterrorism missions. In the proposed design, three clusters of 2″ × 4″ × 16″ sodium iodide crystals (4 each) with digiBASE-E (for list mode data collection) would be placed on the passenger side of a minivan. To enhance localization and facilitate rapid identification of isotopes, advanced smart real-time localization and radioisotope identification algorithms like WAVRAD (wavelet-assisted variance reduction for anomaly detection) and NSCRAD (nuisance-rejection spectral comparison ratio anomaly detection) will be incorporated. We will test a collection of algorithms and analysis that centers on the problem of radiation detection with a distributed sensor network. We will study the basic characteristics of a radiation sensor network and focus on the trade-offs between false positive alarm rates, true positive alarm rates, and time to detect multiple radiation sources in a large area. Empirical and simulation analyses of critical system parameters, such as number of sensors, sensor placement, and sensor response functions, will be examined. This networked system will provide an integrated radiation detection architecture and framework with (i) a large nationally recognized search database equivalent that would help generate a common operational picture in a major radiological crisis; (ii) a robust reach back connectivity for search data to be evaluated by home teams; and, finally, (iii) a possibility of integrating search data from multi-agency responders.

  20. Mine Safety Detection System (MSDS)

    OpenAIRE

    Ballard, B.; Degnan, T.; Kipp, M.; Johnson, J; Miller, D.; Minto, M.

    2012-01-01

    Systems Engineering Project Report Approved for public release, distribution unlimited The search, detection, identification and assessment components of the U.S. Navys organic modular in-stride Mine Countermeasure (MCM) Concept of Operations (CONOPS) have been evaluated for their effectiveness as part of a hypothetical exercise in response to the existence of sea mines placed in the sea lanes of the Strait of Hormuz. The current MCM CONOPS has been shown to be capable of supporting the...

  1. Evaluation of Intrusion Detection Systems

    OpenAIRE

    Ulvila, Jacob W.; Gaffney, John E.

    2003-01-01

    This paper presents a comprehensive method for evaluating intrusion detection systems (IDSs). It integrates and extends ROC (receiver operating characteristic) and cost analysis methods to provide an expected cost metric. Results are given for determining the optimal operation of an IDS based on this expected cost metric. Results are given for the operation of a single IDS and for a combination of two IDSs. The method is illustrated for: 1) determining the best operating point for a single an...

  2. The Autonomous Pathogen Detection System

    Energy Technology Data Exchange (ETDEWEB)

    Dzenitis, J M; Makarewicz, A J

    2009-01-13

    We developed, tested, and now operate a civilian biological defense capability that continuously monitors the air for biological threat agents. The Autonomous Pathogen Detection System (APDS) collects, prepares, reads, analyzes, and reports results of multiplexed immunoassays and multiplexed PCR assays using Luminex{copyright} xMAP technology and flow cytometer. The mission we conduct is particularly demanding: continuous monitoring, multiple threat agents, high sensitivity, challenging environments, and ultimately extremely low false positive rates. Here, we introduce the mission requirements and metrics, show the system engineering and analysis framework, and describe the progress to date including early development and current status.

  3. Anomaly Detection in Stock Marketplace Based on Market Microstructure%市场微结构的股市交易异常行为检测

    Institute of Scientific and Technical Information of China (English)

    林杨

    2013-01-01

    It is well known that many defects exist in current stock market, such as information abuse and price manipulation. Anomaly detection is helpful to enhance the integrity, fairness and transparence of stock market so it becomes a key link in financial regulatory system. Unfortunately , existing approaches were low performing as they rarely focused on analyzing the intraday information and mining potential trading behaviors. It proposed a method, which based on market mi-crostructure, to detect abnormal trading behaviors. An experiment was presented demonstrating the feasibility and effectiveness of this approach.%股票市场存在诸多弊端,如滥用客户信息,价格操纵等.股市监控是金融监管体系中不可缺少的一环,它对市场交易的诚信、公平和公开透明起到重要作用.现有检测交易异常行为的诸多方法中,很少分析股市即日数据并挖掘潜在的交易行为来检测异常.股市是一个复杂的非线性系统,一套可行高效的异常行为检测方法是股市异常行为监控的重要课题.提出一种基于市场微结构的异常交易行为检测方法,该方法能较有效地检测出股市存在的异常交易行为.最后,通过实例说明该方法的可行性和有效性.

  4. Nucleic acid detection system and method for detecting influenza

    Energy Technology Data Exchange (ETDEWEB)

    Cai, Hong; Song, Jian

    2015-03-17

    The invention provides a rapid, sensitive and specific nucleic acid detection system which utilizes isothermal nucleic acid amplification in combination with a lateral flow chromatographic device, or DNA dipstick, for DNA-hybridization detection. The system of the invention requires no complex instrumentation or electronic hardware, and provides a low cost nucleic acid detection system suitable for highly sensitive pathogen detection. Hybridization to single-stranded DNA amplification products using the system of the invention provides a sensitive and specific means by which assays can be multiplexed for the detection of multiple target sequences.

  5. A comparison of classical and intelligent methods to detect potential thermal anomalies before the 11 August 2012 Varzeghan, Iran, earthquake (Mw = 6.4

    Directory of Open Access Journals (Sweden)

    M. Akhoondzadeh

    2013-04-01

    Full Text Available In this paper, a number of classical and intelligent methods, including interquartile, autoregressive integrated moving average (ARIMA, artificial neural network (ANN and support vector machine (SVM, have been proposed to quantify potential thermal anomalies around the time of the 11 August 2012 Varzeghan, Iran, earthquake (Mw = 6.4. The duration of the data set, which is comprised of Aqua-MODIS land surface temperature (LST night-time snapshot images, is 62 days. In order to quantify variations of LST data obtained from satellite images, the air temperature (AT data derived from the meteorological station close to the earthquake epicenter has been taken into account. For the models examined here, results indicate the following: (i ARIMA models, which are the most widely used in the time series community for short-term forecasting, are quickly and easily implemented, and can efficiently act through linear solutions. (ii A multilayer perceptron (MLP feed-forward neural network can be a suitable non-parametric method to detect the anomalous changes of a non-linear time series such as variations of LST. (iii Since SVMs are often used due to their many advantages for classification and regression tasks, it can be shown that, if the difference between the predicted value using the SVM method and the observed value exceeds the pre-defined threshold value, then the observed value could be regarded as an anomaly. (iv ANN and SVM methods could be powerful tools in modeling complex phenomena such as earthquake precursor time series where we may not know what the underlying data generating process is. There is good agreement in the results obtained from the different methods for quantifying potential anomalies in a given LST time series. This paper indicates that the detection of the potential thermal anomalies derive credibility from the overall efficiencies and potentialities of the four integrated methods.

  6. A comparison of classical and intelligent methods to detect potential thermal anomalies before the 11 August 2012 Varzeghan, Iran, earthquake (Mw = 6.4)

    Science.gov (United States)

    Akhoondzadeh, M.

    2013-04-01

    In this paper, a number of classical and intelligent methods, including interquartile, autoregressive integrated moving average (ARIMA), artificial neural network (ANN) and support vector machine (SVM), have been proposed to quantify potential thermal anomalies around the time of the 11 August 2012 Varzeghan, Iran, earthquake (Mw = 6.4). The duration of the data set, which is comprised of Aqua-MODIS land surface temperature (LST) night-time snapshot images, is 62 days. In order to quantify variations of LST data obtained from satellite images, the air temperature (AT) data derived from the meteorological station close to the earthquake epicenter has been taken into account. For the models examined here, results indicate the following: (i) ARIMA models, which are the most widely used in the time series community for short-term forecasting, are quickly and easily implemented, and can efficiently act through linear solutions. (ii) A multilayer perceptron (MLP) feed-forward neural network can be a suitable non-parametric method to detect the anomalous changes of a non-linear time series such as variations of LST. (iii) Since SVMs are often used due to their many advantages for classification and regression tasks, it can be shown that, if the difference between the predicted value using the SVM method and the observed value exceeds the pre-defined threshold value, then the observed value could be regarded as an anomaly. (iv) ANN and SVM methods could be powerful tools in modeling complex phenomena such as earthquake precursor time series where we may not know what the underlying data generating process is. There is good agreement in the results obtained from the different methods for quantifying potential anomalies in a given LST time series. This paper indicates that the detection of the potential thermal anomalies derive credibility from the overall efficiencies and potentialities of the four integrated methods.

  7. Ionization detection system for aerosols

    Science.gov (United States)

    Jacobs, Martin E.

    1977-01-01

    This invention relates to an improved smoke-detection system of the ionization-chamber type. In the preferred embodiment, the system utilizes a conventional detector head comprising a measuring ionization chamber, a reference ionization chamber, and a normally non-conductive gas triode for discharging when a threshold concentration of airborne particulates is present in the measuring chamber. The improved system utilizes a measuring ionization chamber which is modified to minimize false alarms and reductions in sensitivity resulting from changes in ambient temperature. In the preferred form of the modification, an annular radiation shield is mounted about the usual radiation source provided to effect ionization in the measuring chamber. The shield is supported by a bimetallic strip which flexes in response to changes in ambient temperature, moving the shield relative to the source so as to vary the radiative area of the source in a manner offsetting temperature-induced variations in the sensitivity of the chamber.

  8. Anomaly Extraction in Networks

    Directory of Open Access Journals (Sweden)

    Mr. Naushad Mujawar

    2014-03-01

    Full Text Available The application detects anomaly in network using techniques like histogram, cloning voting, filtering. To extract anomalous flows, one could build a model describing normal flow characteristics and use the model to identify deviating flows. We can compare flows of packets on network with previous flows, like new flows that were not previously observed or flows with significant increase/decrease in their volume. Identify an anomalous flow that combines and consolidates information from multiple histogram-based anomaly detectors [1] [4] [8]. Compared to other possible approaches. Build a histogram based detector that (i applies histogram cloning[1][4], i.e., maintains multiple randomized histograms to obtain additional views of network traffic[3]; and (ii uses the Kullback-Leibler (KL distance to detect anomalies.

  9. Inverter Anomaly Detection Algorithm Research and Simulation%变频器异常检测方法研究与仿真

    Institute of Scientific and Technical Information of China (English)

    莫桂江

    2012-01-01

    Put forward a kind of abnormal parameter mapping estimate of the frequency converter dynamic parameters abnormal detection algorithm is proposed. Extraction frequency converter dynamic anomalies parameters, establishes the dynamic parameter and converter the mapping relationship between the parts of frequency converter dynamic parameters for nonlinear transform, the calculation of frequency converter dynamic parameters abnormal interval remove interference. Experiments show that the detection means to be able lo improve the frequency converter anomaly detection accuracy, can accurate detection fault components.%提出了一种异常参数映射估计的变频器异常动态参数检测算法.提取变频器异常动态参数,建立动态参数与变频器部件之间的映射关系,对变频器动态参数进行非线性变换,计算变频器动态参数异常区间排除干扰.实验证明,这种检测方式能够提高变频器异常检测的准确率,能够准确检测故障部件.

  10. Ventriculomegaly with non-CNS anomalies

    International Nuclear Information System (INIS)

    We correlated fetal magnetic resonance (MR) imaging findings with postnatal clinical findings to assess ventriculomegaly with non-CNS anomalies. From 2002 to 2010, 52 fetuses underwent a MRI for evaluation of ventriculomegaly after ultrasonography (US). Ten of the 52 demonstrated anomalies outside the central nervous system (CNS), including trisomy 8, trisomy 18, X-linked hydrocephalus, CHARGE/Potter sequences, VATER association, oral-facial-digital syndrome, esophageal atresia type C, or external auditory canal stenosis. Examinations were performed between 24 and 35 weeks' gestation. MR imaging was performed in a 1.5-tesla unit using a phased-array coil without preparation. Fetal MR imaging showed abnormalities of the kidney, bladder, duodenum, and thumbs but did not permit diagnosis of esophageal atresia type C or craniofacial, anorectal, or skeletal anomalies. Cardiac anomaly was most frequent, but fetal MR imaging did not allow final diagnosis of congenital heart disease. On both US and MR imaging, esophageal atresia type C and anorectal anomaly were undetected; normal rectal signal in a case of anorectal anomaly without urorectal fistula did not lead to suspicion of anomaly. Observation of adducted thumbs on MR imaging is an important sign of X-linked hydrocephalus. The slice area used in this study did not cover polydactyly, which accompanies oral-facial-digital syndrome. US and MR imaging are complementary imaging methods used to evaluate ventriculomegaly. Fetal MR imaging should cover the kidney, bladder, and fingers. Further work is needed to determine the anomalies that can be clearly detected by fetal MR imaging. (author)

  11. Electrochemical anomalies of protic ionic liquid - Water systems: A case study using ethylammonium nitrate - Water system

    Science.gov (United States)

    Abe, Hiroshi; Nakama, Kazuya; Hayashi, Ryotaro; Aono, Masami; Takekiyo, Takahiro; Yoshimura, Yukihiro; Saihara, Koji; Shimizu, Akio

    2016-08-01

    Electrochemical impedance spectroscopy was used to evaluate protic ionic liquid (pIL)-water mixtures in the temperature range of -35-25 °C. The pIL used in this study was ethylammonium nitrate (EAN). At room temperature, the resonant mode of conductivity was observed in the high frequency region. The anomalous conductivity disappeared once solidification occurred at low temperatures. The kinetic pH of the EAN-water system was investigated at a fixed temperature. Rhythmic pH oscillations in the EAN-H2O mixtures were induced at 70 water mixture are caused in an intermediate state between pIL and bulk water. From the ab initio calculations, it was observed that the dipole moment of the EAN-water complex shows a discrete jump at around 85 mol% H2O. Water-mediated hydrogen bonding network drastically changes at the crossover concentration.

  12. Geoelectrical Characterization of the Punta Banda System: A Possible Structural Control for the Geothermal Anomalies

    Science.gov (United States)

    Arango-Galvan, C.; Flores-Marquez, E.; Prol-Ledesma, R.; Working Group, I.

    2007-05-01

    The lack of sufficient drinking water in México has become a very serious problem, especially in the northern desert regions of the country. In order to give a real solution to this phenomenon the IMPULSA research program has been created to develope novel technologies based on desalination of sea and brackish water using renewable sources of energy to face the problem. The Punta Banda geothermal anomaly is located towards the northern part of Baja California Peninsula (Mexico). High water temperatures in some wells along the coast depicted a geothermal anomaly. An audiomagnetotelluric survey was carried out in the area as a preliminary study, both to understand the process generating these anomalous temperatures and to assess its potential exploitation to supply hot water to desalination plants. Among the electromagnetic methods, the audiomagnetotellurics (AMT) method is appropriated for deep groundwater and geothermal studies. The survey consisted of 27 AMT stations covering a 5 km profile along the Agua Blanca Fault. The employed array allowed us to characterize the geoelectrical properties of the main structures up to 500 m depth. Two main geoelectrical zones were identified: 1) a shallow low resistivity media located at the central portion of the profile, coinciding with the Maneadero valley and 2) two high resitivity structures bordering the conductive zone possibly related to NS faulting, already identified by previous geophysical studies. These results suggest that the main geothermal anomalies are controlled by the dominant structural regime in the zone.

  13. Prenatal sonographic diagnosis of focal musculoskeletal anomalies

    Energy Technology Data Exchange (ETDEWEB)

    Ryu, Jung Kyu; Cho, Jeong Yeon; Lee, Young Ho; Kim, Ei Jeong; Chun, Yi Kyeong [Samsung Cheil Hospital, Sungkyunkwan University School of Medicine, Seoul (Korea, Republic of)

    2002-09-15

    Focal musculoskeletal anomalies are various and may be an isolated finding or may be found in conjunction with numerous associations, including genetic syndromes, Karyotype abnormals, central nervous system anomalies and other general musculoskeletal disorders. Early prenatal diagnosis of these focal musculoskeletal anomalies nor only affects prenatal care and postnatal outcome but also helps in approaching other numerous associated anomalies.

  14. Intrusion Detection Systems Based on Artificial Intelligence Techniques in Wireless Sensor Networks

    OpenAIRE

    Nabil Ali Alrajeh; Lloret, J

    2013-01-01

    Intrusion detection system (IDS) is regarded as the second line of defense against network anomalies and threats. IDS plays an important role in network security. There are many techniques which are used to design IDSs for specific scenario and applications. Artificial intelligence techniques are widely used for threats detection. This paper presents a critical study on genetic algorithm, artificial immune, and artificial neural network (ANN) based IDSs techniques used in wireless sensor netw...

  15. Seismic infrared anomalies detection in the case of the Wenchuan earthquake using bi-angular advanced along-track scanning radiometer data

    OpenAIRE

    Pan Xiong; Xuhui Shen; Xingfa Gu; Qingyan Meng; Liming Zhao; Yanhua Zhao; Yan Li; Jianting Dong

    2015-01-01

    The paper has developed Robust Satellite data analysis Technique (RST) to detect seismic anomalies in the case of the Wenchuan earthquake occurred on May 12, 2008, using the bi-angular Advanced Along-Track Scanning Radiometer (AATSR) gridded brightness temperature (BT) data based on spatial/temporal continuity and confutation analysis. The proposed method has been applied to analyze the Wenchuan earthquake with longitude from 95°E to 111°E and latitude from 23°N to 39°N, and a full data-set o...

  16. A real time OCSVM Intrusion Detection module with low overhead for SCADA systems

    Directory of Open Access Journals (Sweden)

    Leandros A. Maglaras

    2014-10-01

    Full Text Available In this paper we present a intrusion detection module capable of detecting malicious network traffic in a SCADA (Supervisory Control and Data Acquisition system. Malicious data in a SCADA system disrupt its correct functioning and tamper with its normal operation. OCSVM (One-Class Support Vector Machine is an intrusion detection mechanism that does not need any labeled data for training or any information about the kind of anomaly is expecting for the detection process. This feature makes it ideal for processing SCADA environment data and automate SCADA performance monitoring. The OCSVM module developed is trained by network traces off line and detect anomalies in the system real time. In order to decrease the overhead induced by communicated alarms we propose a new detection mechanism that is based on the combination of OCSVM with a recursive k-means clustering procedure. The proposed intrusion detection module K??OCSVMis capable to distinguish severe alarms from possible attacks regardless of the values of parameters and , making it ideal for real-time intrusion detection mechanisms for SCADA systems. The most severe alarms are then communicated with the use of IDMEF files to an IDSIDS (Intrusion Detection System system that is developed under CockpitCI project. Alarm messages carry information about the source of the incident, the time of the intrusion and a classification of the alarm.

  17. Thermal animal detection system (TADS)

    Energy Technology Data Exchange (ETDEWEB)

    Desholm, M.

    2003-03-01

    This report presents data from equipment tests and software development for the Thermal Animal Detection System (TADS) development project: 'Development of a method for estimating collision frequency between migrating birds and offshore wind turbines'. The technical tests were performed to investigate the performance of remote controlling, video file compression tool and physical stress of the thermal camera when operating outdoors and under the real time vibration conditions at a 2 MW turbine. Furthermore, experimental tests on birds were performed to describe the decreasing detectability with distance on free flying birds, the performance of the thermal camera during poor visibility, and finally, the performance of the thermal sensor software developed for securing high -quality data. In general, it can be concluded that the thermal camera and its related hardware and software, the TADS, are capable of recording migrating birds approaching the rotating blades of a turbine, even under conditions with poor visibility. If the TADS is used in a vertical viewing scenario it would comply with the requirements for a setup used for estimating the avian collision frequency at offshore wind turbines. (au)

  18. 调试中基于文法编码的日志异常检测算法%A Log Anomaly Detection Algorithm for Debugging Based on Grammar-Based Codes

    Institute of Scientific and Technical Information of China (English)

    王楠; 韩冀中; 方金云

    2013-01-01

    调试软件中的非确定错误对软件开发有重要意义.近年来,随着云计算系统的快速发展和对录制重放调试方法研究的深入,使用异常检测方法从大量文本日志或控制流日志等数据中找出异常的信息对调试愈发重要.传统的异常检测算法大多是为检测和防范攻击而设计的,它们很多基于马尔可夫假设,对事件流上的剧烈变化很敏感.但是新的问题要求异常检测能够检出语义级别的异常行为.实验表明现有的基于马尔可夫假设的异常检测算法在这方面表现不佳.提出了一种新的基于文法编码的异常检测算法.该算法不依赖于统计模型、概率模型、机器学习及马尔可夫假设,设计和实现都极为简单.实验表明在检测高层次的语义异常方面,该算法比传统方法有优势.%Debugging non-deterministic bugs has long been an important research area in software development. In recent years, with the rapid emerging of large cloud computing systems and the development of record replay debugging, the key of such debugging problem becomes mining anomaly information from text console logs and/or execution flow logs. Anomaly detection algorithms can therefore be used in this area. However, although many approaches have been proposed, traditional anomaly detection algorithms are designed for detecting network attacking and not suitable for the new problems. One important reason is the Markov assumption on which many traditional anomaly detection methods are based. Markov-based methods are sensitive to harshly trashing in event transitions. In contrast, the new problems in system diagnosing require the abilities of detecting semantic misbehaviors. Experiment results show the powerless of Markov-based methods on those problems. This paper presents a novel anomaly detection algorithm which is based on grammar-based codes. Different from previous approaches, our algorithm is a non-Markov approach. It doesn

  19. Distributed Impact Detection System Project

    Data.gov (United States)

    National Aeronautics and Space Administration — Automated impact detection and characterization on manned spacecraft has been an elusive goal due to the transitory nature of the detectable high-frequency signals....

  20. Prenatal Sonographic Diagnosis of Focal Musculoskeletal Anomalies

    OpenAIRE

    Ryu, Jung Kyu; Cho, Jeong Yeon; Choi, Jong Sun

    2003-01-01

    Focal musculoskeletal anomalies vary, and can manifest as part of a syndrome or be accompanied by numerous other conditions such as genetic disorders, karyotype abnormalities, central nervous system anomalies and other skeletal anomalies. Isolated focal musculoskeletal anomaly does, however, also occur; its early prenatal diagnosis is important in deciding prenatal care, and also helps in counseling parents about the postnatal effects of numerous possible associated anomalies. We have encount...

  1. Leading anomalies, the drift Hamiltonian and the relativistic two-body system

    CERN Document Server

    Nabet, Bernard M

    2014-01-01

    We suggest to solve for the motion of the two body problem in General Relativity by identifying the leading violation of conserved quantities, referred to as (relativistic) anomalies, ordered by the post-Newtonian order at which they appear. This differs from the standard procedure of obtaining the full solution up to a prescribed order. We find that the reduced Hamiltonian which describes the drift in the space of conserved quantities is given by the average of the perturbation Hamiltonian. Using this approach the averaging is done prior to the derivation of time evolution, thereby economizing the computation. The computations become similar to those in the Hamilton-Jacobi method, while staying in the more comfortable setting of the Hamiltonian formulation. We apply this approach of leading anomalies and the drift Hamiltonian to the binary problem and treat several perturbations: 1PN, spin-orbit and spin-spin. On the way we discuss the interpretation of the Laplace-Runge-Lenz vector as a generator of scale-p...

  2. Quantitative identification of mutant alleles derived from lung cancer in plasma cell-free DNA via anomaly detection using deep sequencing data.

    Directory of Open Access Journals (Sweden)

    Yoji Kukita

    Full Text Available The detection of rare mutants using next generation sequencing has considerable potential for diagnostic applications. Detecting circulating tumor DNA is the foremost application of this approach. The major obstacle to its use is the high read error rate of next-generation sequencers. Rather than increasing the accuracy of final sequences, we detected rare mutations using a semiconductor sequencer and a set of anomaly detection criteria based on a statistical model of the read error rate at each error position. Statistical models were deduced from sequence data from normal samples. We detected epidermal growth factor receptor (EGFR mutations in the plasma DNA of lung cancer patients. Single-pass deep sequencing (>100,000 reads was able to detect one activating mutant allele in 10,000 normal alleles. We confirmed the method using 22 prospective and 155 retrospective samples, mostly consisting of DNA purified from plasma. A temporal analysis suggested potential applications for disease management and for therapeutic decision making to select epidermal growth factor receptor tyrosine kinase inhibitors (EGFR-TKI.

  3. Trouble Brewing: Using Observations of Invariant Behavior to Detect Malicious Agency in Distributed Control Systems

    Science.gov (United States)

    McEvoy, Thomas Richard; Wolthusen, Stephen D.

    Recent research on intrusion detection in supervisory data acquisition and control (SCADA) and DCS systems has focused on anomaly detection at protocol level based on the well-defined nature of traffic on such networks. Here, we consider attacks which compromise sensors or actuators (including physical manipulation), where intrusion may not be readily apparent as data and computational states can be controlled to give an appearance of normality, and sensor and control systems have limited accuracy. To counter these, we propose to consider indirect relations between sensor readings to detect such attacks through concurrent observations as determined by control laws and constraints.

  4. 基于用户行为周期的移动设备异常检测方法%User BehaviorCycle-Based Statistical Approach for Anomaly Detecting on Mobile Devices

    Institute of Scientific and Technical Information of China (English)

    吴志忠; 周学海

    2015-01-01

    In this paper, we present a distributed anomaly detection system for mobile devices. The proposed framework realizes a client-server architecture, the client continuously extracts various features of mobile device and transfers to the server, and the server’s major task is to detect anomaly using state-of-art detection algorithms. According to the regularity of human daily activity and the periodic of using mobile device, we also propose a novel user behavior cycle based statistical approach, in which the abnormal is determined by the distance from the undetermined feature vector to the similar time segments’ vectors of previous cycles. We use the Mahalanobis distance as distance metric since it is rarely affected by the correlate and value range of features. Evaluation results demonstrated that the proposed framework and novel anomaly detection algorithm could effectively improve the detection rate of malwares on mobile devices.%本文提出了一种分布式的移动设备异常检测系统,该系统采用客户端-服务器架构,客户端程序在移动设备上持续提取特征并传送给服务器,服务器使用异常检测算法分析特征。根据人类日常活动的规律性以及用户使用移动设备的周期性,我们还提出了一种基于用户行为周期的异常检测方法,通过比较待检测特征向量和以往周期相近时间段的特征向量集的距离即可判定该特征向量是否异常,向量比较时采用不受特征间关联以及特征取值范围影响的马氏距离作为距离衡量的标准。实验证明我们采用的移动设备异常检测系统框架和检测方法能够有效提高对移动设备恶意程序的检测率。

  5. Fetal renal anomalies : diagnosis, management, and outcome

    NARCIS (Netherlands)

    Damen-Elias, Henrica Antonia Maria

    2004-01-01

    In two to three percent of fetuses structural anomalies can be found with prenatal ultrasound investigation. Anomalies of the urinary tract account for 15 to 20% of these anomalies with a detection rate of approximately of 90%. In Chapter 2, 3 and 4 we present reference curves for size and growth of

  6. Magnetoelectric coupling driven dielectric anomaly in non-polar system SeCuO3

    International Nuclear Information System (INIS)

    The non-polar material SeCuO3, which contains Cu2+ with S=1/2 spin and Se4+, has a highly distorted perovskite structure due to the small radii of Se4+ cations. The dielectric constant displays a critical decrease at 25 K, at which temperature the ferromagnetic ordering of the Cu2+ spin appears, suggesting a strong coupling between the magnetic and dielectric properties. Studies on SeCuO3 show that the magnetic and electrical subsystems reciprocally correlate via the hybridization of sp and pd. We conclude that the spin-pair correlation along the b-axis plays a significant role in the decrease of the dielectric constant around the magnetic transition temperature via the magnetoelectric coupling, and successfully explain the dielectric anomaly. The obtained dielectric constant and the magnetocapacitance for SeCuO3 are quantitative agreement with experimental results.

  7. Controls on Martian Hydrothermal Systems: Application to Valley Network and Magnetic Anomaly Formation

    Science.gov (United States)

    Harrison, Keith P.; Grimm, Robert E.

    2002-01-01

    Models of hydrothermal groundwater circulation can quantify limits to the role of hydrothermal activity in Martian crustal processes. We present here the results of numerical simulations of convection in a porous medium due to the presence of a hot intruded magma chamber. The parameter space includes magma chamber depth, volume, aspect ratio, and host rock permeability and porosity. A primary goal of the models is the computation of surface discharge. Discharge increases approximately linearly with chamber volume, decreases weakly with depth (at low geothermal gradients), and is maximized for equant-shaped chambers. Discharge increases linearly with permeability until limited by the energy available from the intrusion. Changes in the average porosity are balanced by changes in flow velocity and therefore have little effect. Water/rock ratios of approximately 0.1, obtained by other workers from models based on the mineralogy of the Shergotty meteorite, imply minimum permeabilities of 10(exp -16) sq m2 during hydrothermal alteration. If substantial vapor volumes are required for soil alteration, the permeability must exceed 10(exp -15) sq m. The principal application of our model is to test the viability of hydrothermal circulation as the primary process responsible for the broad spatial correlation of Martian valley networks with magnetic anomalies. For host rock permeabilities as low as 10(exp -17) sq m and intrusion volumes as low as 50 cu km, the total discharge due to intrusions building that part of the southern highlands crust associated with magnetic anomalies spans a comparable range as the inferred discharge from the overlying valley networks.

  8. System for detecting nuclear explosions

    International Nuclear Information System (INIS)

    Apparatus for detecting underground nuclear explosions is described that is comprised of an antenna located in the dielectric substance of a deep waveguide in the earth and adapted to detect low frequency electromagnetic waves generated by a nuclear explosion, the deep waveguide comprising the high conductivity upper sedimentary layers of the earth, the dielectric basement rock, and a high conductivity layer of basement rock due to the increased temperature thereof at great depths, and means for receiving the electromagnetic waves detected by said antenna means

  9. The System Design of a Node of P2P Networks for Intrusion Detection

    Directory of Open Access Journals (Sweden)

    Lei Ding

    2013-08-01

    Full Text Available To improve the measuring accuracy of intrusion detection, a system design of a node for intrusion detection is proposed in this paper. First, the technology that applies the traditional intrusion detection method, such as anomaly detection and misuse detection, into P2P networks is presented. Next, to build the trust relationship among the nodes, and realize the cooperation mechanism of data detection, collection and response among the nodes of P2P networks, the corresponding solving plans, such as topological structure, trust model, information share and information fusion, are proposed in this paper. Then the concept of network telescope is presented to broaden the field of vision of malicious attacks and abnormal network packets in the propagation path. Finally, a system design of a node for intrusion detection using the honeypot technology is proposed in this paper.

  10. Neutron Interrogation System For Underwater Threat Detection And Identification

    Science.gov (United States)

    Barzilov, Alexander P.; Novikov, Ivan S.; Womble, Phil C.

    2009-03-01

    Wartime and terrorist activities, training and munitions testing, dumping and accidents have generated significant munitions contamination in the coastal and inland waters in the United States and abroad. Although current methods provide information about the existence of the anomaly (for instance, metal objects) in the sea bottom, they fail to identify the nature of the found objects. Field experience indicates that often in excess of 90% of objects excavated during the course of munitions clean up are found to be non-hazardous items (false alarm). The technology to detect and identify waterborne or underwater threats is also vital for protection of critical infrastructures (ports, dams, locks, refineries, and LNG/LPG). We are proposing a compact neutron interrogation system, which will be used to confirm possible threats by determining the chemical composition of the suspicious underwater object. The system consists of an electronic d-T 14-MeV neutron generator, a gamma detector to detect the gamma signal from the irradiated object and a data acquisition system. The detected signal then is analyzed to quantify the chemical elements of interest and to identify explosives or chemical warfare agents.

  11. Neutron Interrogation System For Underwater Threat Detection And Identification

    International Nuclear Information System (INIS)

    Wartime and terrorist activities, training and munitions testing, dumping and accidents have generated significant munitions contamination in the coastal and inland waters in the United States and abroad. Although current methods provide information about the existence of the anomaly (for instance, metal objects) in the sea bottom, they fail to identify the nature of the found objects. Field experience indicates that often in excess of 90% of objects excavated during the course of munitions clean up are found to be non-hazardous items (false alarm). The technology to detect and identify waterborne or underwater threats is also vital for protection of critical infrastructures (ports, dams, locks, refineries, and LNG/LPG). We are proposing a compact neutron interrogation system, which will be used to confirm possible threats by determining the chemical composition of the suspicious underwater object. The system consists of an electronic d-T 14-MeV neutron generator, a gamma detector to detect the gamma signal from the irradiated object and a data acquisition system. The detected signal then is analyzed to quantify the chemical elements of interest and to identify explosives or chemical warfare agents.

  12. Intrusion detection system and technology of layered wireless sensor network based on Agent

    Directory of Open Access Journals (Sweden)

    Genjian Yu

    2013-08-01

    Full Text Available The intrusion detection system and technology of classified layered-wireless sensor network was able to meet the high safety requirements of wireless sensor network, it is urgent for us to improve the identification and generalization of detection system about characters of intrusion. In this paper, we design an intelligent intrusion detection system which realize intelligence, the effective and direct way was to add the methods,  and it was used for identification and generalization of intrusion characters to the Agent function of intrusion detection. It could obtain credible judgment by updating and examining the database for the actions which the general misuse detection or anomaly detection were not sure if the intrusion was formed.

  13. Multi-Vector Portable Intrusion Detection System

    OpenAIRE

    Moyers, Benjamin

    2009-01-01

    This research describes an intrusion detection system designed to fulfill the need for increased mobile device security. The Battery-Sensing Intrusion Protection System (B-SIPS) [1] initially took a non-conventional approach to intrusion detection by recognizing attacks based on anomalous Instantaneous Current (IC) drainage. An extension of B-SIPS, the Multi-Vector Portable Intrusion Detection System (MVP-IDS) validates the idea of recognizing attacks based on anomalous IC drain by correlat...

  14. On the statistical correlation between the ionospheric perturbations as detected by subionospheric VLF/LF propagation anomalies and earthquakes

    Directory of Open Access Journals (Sweden)

    Y. Kasahara

    2008-07-01

    Full Text Available Relatively long-period (4 years data on different propagation paths by means of Japanese-Pacific VLF/LF network observation, are used to obtain further statistical significance on the correlation of ionospheric perturbations as revealed by VLF/LF propagation anomalies with earthquakes. Earthquakes with magnitude greater than 6.0, taken place only within the fifth Fresnel zone of each great-circle path are selected for the correlation study. It is finally found based on the superimposed epoch analysis that the nighttime trend (average amplitude exhibits a significant decrease exceeding 2σ (σ: standard deviation several days before the earthquake and the nighttime fluctuation exceeds the corresponding 2σ again several days before the earthquake when the earthquake depth is smaller than 30 km (shallow earthquakes. However, when we treat all earthquakes including deep earthquakes, the trend shows a significant decrease (just approaching 2σ line, and the nighttime fluctuation shows a less significant broad enhancement before the EQ.

  15. ISOTOPIC ANOMALIES IN PRIMITIVE SOLAR SYSTEM MATTER: SPIN-STATE-DEPENDENT FRACTIONATION OF NITROGEN AND DEUTERIUM IN INTERSTELLAR CLOUDS

    International Nuclear Information System (INIS)

    Organic material found in meteorites and interplanetary dust particles is enriched in D and 15N. This is consistent with the idea that the functional groups carrying these isotopic anomalies, nitriles and amines, were formed by ion-molecule chemistry in the protosolar nebula. Theoretical models of interstellar fractionation at low temperatures predict large enrichments in both D and 15N and can account for the largest isotopic enrichments measured in carbonaceous meteorites. However, more recent measurements have shown that, in some primitive samples, a large 15N enrichment does not correlate with one in D, and that some D-enriched primitive material displays little, if any, 15N enrichment. By considering the spin-state dependence in ion-molecule reactions involving the ortho and para forms of H2, we show that ammonia and related molecules can exhibit such a wide range of fractionation for both 15N and D in dense cloud cores. We also show that while the nitriles, HCN and HNC, contain the greatest 15N enrichment, this is not expected to correlate with extreme D enrichment. These calculations therefore support the view that solar system 15N and D isotopic anomalies have an interstellar heritage. We also compare our results to existing astronomical observations and briefly discuss future tests of this model.

  16. ISOTOPIC ANOMALIES IN PRIMITIVE SOLAR SYSTEM MATTER: SPIN-STATE-DEPENDENT FRACTIONATION OF NITROGEN AND DEUTERIUM IN INTERSTELLAR CLOUDS

    Energy Technology Data Exchange (ETDEWEB)

    Wirstroem, Eva S.; Cordiner, Martin A.; Charnley, Steven B.; Milam, Stefanie N., E-mail: ewirstrom@gmail.com [Astrochemistry Laboratory and Goddard Center for Astrobiology, NASA Goddard Space Flight Center, Greenbelt, MD 20770 (United States)

    2012-09-20

    Organic material found in meteorites and interplanetary dust particles is enriched in D and {sup 15}N. This is consistent with the idea that the functional groups carrying these isotopic anomalies, nitriles and amines, were formed by ion-molecule chemistry in the protosolar nebula. Theoretical models of interstellar fractionation at low temperatures predict large enrichments in both D and {sup 15}N and can account for the largest isotopic enrichments measured in carbonaceous meteorites. However, more recent measurements have shown that, in some primitive samples, a large {sup 15}N enrichment does not correlate with one in D, and that some D-enriched primitive material displays little, if any, {sup 15}N enrichment. By considering the spin-state dependence in ion-molecule reactions involving the ortho and para forms of H{sub 2}, we show that ammonia and related molecules can exhibit such a wide range of fractionation for both {sup 15}N and D in dense cloud cores. We also show that while the nitriles, HCN and HNC, contain the greatest {sup 15}N enrichment, this is not expected to correlate with extreme D enrichment. These calculations therefore support the view that solar system {sup 15}N and D isotopic anomalies have an interstellar heritage. We also compare our results to existing astronomical observations and briefly discuss future tests of this model.

  17. Isotopic Anomalies in Primitive Solar System Matter: Spin-State-Dependent Fractionation of Nitrogen and Deuterium in Interstellar Clouds

    Science.gov (United States)

    Wirstrom, Eva S.; Charnley, Steven B.; Cordiner, Martin A.; Milam, Stefanie N.

    2012-01-01

    Organic material found in meteorites and interplanetary dust particles is enriched in D and N-15. This is consistent with the idea that the functional groups carrying these isotopic anomalies, nitriles and amines, were formed by ion-molecule chemistry in the protosolar nebula, Theoretical models of interstellar fractionation at low temperatures predict large enrichments in both D and N-15 and can account for the largest isotopic enrichments measured in carbonaceous meteorites. However, more recent measurements have shown that, in some primitive samples, a large N-15 enrichment does not correlate with one in D, and that some D-enriched primitive material displays little, if any, N-15 enrichment. By considering the spin-state dependence in ion-molecule reactions involving the ortho and para forms of H2, we show that ammonia and related molecules can exhibit such a wide range of fractionation for both N-15 and D in dense cloud cores. We also show that while the nitriles, HCN and HNC, contain the greatest N=15 enrichment, this is not expected to correlate with extreme D enrichment. These calculations therefore support the view that solar system N-15 and D isotopic anomalies have an interstellar heritage. We also compare our results to existing astronomical observations and briefly discuss future tests of this model.

  18. Isotopic Anomalies in Primitive Solar System Matter: Spin-State Dependent Fractionation of Nitrogen and Deuterium in Interstellar Clouds

    Science.gov (United States)

    Wirstrom, Eva S.; Charnley, Steven B.; Cordiner, Martin A.; Milan, Stefanie N.

    2012-01-01

    Organic material found in meteorites and interplanetary dust particles is enriched in D and N-15, This is consistent with the idea that the functional groups carrying these isotopic anomalies, nitriles and amines, were formed by ion-molecule chemistry in the protosolar core. Theoretical models of interstellar fractionation at low temperatures predict large enrichments in both D and N-15 and can account for the largest isotop c enrichments measured in carbonaceous meteorites, However, more recent measurements have shown that, in some primitive samples, a large N-15 enrichment does not correlate with one in D, and that some D-enriched primitive material displays little, if any, N-15 enrichment. By considering the spin-state dependence in ion-molecule reactions involving the ortho and para forms of H2, we show that ammonia and related molecules can exhibit such a wide range of fractionation for both N-15 and D in dense cloud cores, We also show that while the nitriles, HCN and HNC, contain the greatest N-15 enrichment, this is not expected to correlate with extreme D emichment. These calculations therefore support the view that Solar System N-15 and D isotopic anomalies have an interstellar heritage, We also compare our results to existing astronomical observations and briefly discuss future tests of this model.

  19. A Population-Based Case-Control Study of Drinking-Water Nitrate and Congenital Anomalies Using Geographic Information Systems (GIS to Develop Individual-Level Exposure Estimates

    Directory of Open Access Journals (Sweden)

    Caitlin E. Holtby

    2014-02-01

    Full Text Available Animal studies and epidemiological evidence suggest an association between prenatal exposure to drinking water with elevated nitrate (NO3-N concentrations and incidence of congenital anomalies. This study used Geographic Information Systems (GIS to derive individual-level prenatal drinking-water nitrate exposure estimates from measured nitrate concentrations from 140 temporally monitored private wells and 6 municipal water supplies. Cases of major congenital anomalies in Kings County, Nova Scotia, Canada, between 1988 and 2006 were selected from province-wide population-based perinatal surveillance databases and matched to controls from the same databases. Unconditional multivariable logistic regression was performed to test for an association between drinking-water nitrate exposure and congenital anomalies after adjusting for clinically relevant risk factors. Employing all nitrate data there was a trend toward increased risk of congenital anomalies for increased nitrate exposure levels though this was not statistically significant. After stratification of the data by conception before or after folic acid supplementation, an increased risk of congenital anomalies for nitrate exposure of 1.5–5.56 mg/L (2.44; 1.05–5.66 and a trend toward increased risk for >5.56 mg/L (2.25; 0.92–5.52 was found. Though the study is likely underpowered, these results suggest that drinking-water nitrate exposure may contribute to increased risk of congenital anomalies at levels below the current Canadian maximum allowable concentration.

  20. Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS)

    Energy Technology Data Exchange (ETDEWEB)

    Jared Verba; Michael Milvich

    2008-05-01

    Current Intrusion Detection System (IDS) technology is not suited to be widely deployed inside a Supervisory, Control and Data Acquisition (SCADA) environment. Anomaly- and signature-based IDS technologies have developed methods to cover information technology-based networks activity and protocols effectively. However, these IDS technologies do not include the fine protocol granularity required to ensure network security inside an environment with weak protocols lacking authentication and encryption. By implementing a more specific and more intelligent packet inspection mechanism, tailored traffic flow analysis, and unique packet tampering detection, IDS technology developed specifically for SCADA environments can be deployed with confidence in detecting malicious activity.

  1. Evaluation of thermal remote sensing for detection of thermal anomalies as earthquake precursors: a case study for Malatya-Pütürge-Doganyol (Turkey) Earthquake, July 13, 2003

    OpenAIRE

    Okyay, Ünal

    2012-01-01

    Several studies in last two decades indicated that presence of positive thermal anomalies associated with seismic activities can be detected by satellite thermal sensing methods. This study evaluates the potential of thermal remote sensing for detection of thermal anomalies prior to Malatya-Pütürge-Doğanyol (Turkey) earthquake using MODIS/Terra V5 LST/E (MOD11A1) data. In the previous studies, different methods based on different approaches have been suggested. In this particular study, four ...

  2. DIAGNOSTIC OF ANOMALIES IN DATA-PROCESSING NETWORKS WITH USE OF VARIETY OF INFORMATION EXCHANGE

    Directory of Open Access Journals (Sweden)

    Kucher V. A.

    2015-06-01

    Full Text Available The work is devoted to searching efficient detection methods of anomalous state in data networks. There is a structure of modern informational attacks detecting system. There are short review and analysis of information system network security facilities. Two main technologies of attack detection are described: anomaly detection and misuse detection. It is shown that every detection of anomalies is based on assumption that anomalous behavior is deflection from normal profile of behavior. It is hard to implement this technology, although there is some progress when expert system, fuzzy logic and so on are used for this purpose. Action patterns or symbols assets which describe anomaly activity are used as attack signature in misuse detection method. Author offers to use benefits of both methods for solving the problem

  3. Thermal systems for landmine detection

    Science.gov (United States)

    D'Angelo, Marco; Del Vecchio, Luca; Esposito, Salvatore; Balsi, Marco; Jankowski, Stanislaw

    2009-06-01

    This paper presents new techniques of landmine detection and localization using thermal methods. Described methods use both dynamical and static analysis. The work is based on datasets obtained from the Humanitarian Demining Laboratory of Università La Sapienza di Roma, Italy.

  4. Toward detecting deception in intelligent systems

    Science.gov (United States)

    Santos, Eugene, Jr.; Johnson, Gregory, Jr.

    2004-08-01

    Contemporary decision makers often must choose a course of action using knowledge from several sources. Knowledge may be provided from many diverse sources including electronic sources such as knowledge-based diagnostic or decision support systems or through data mining techniques. As the decision maker becomes more dependent on these electronic information sources, detecting deceptive information from these sources becomes vital to making a correct, or at least more informed, decision. This applies to unintentional disinformation as well as intentional misinformation. Our ongoing research focuses on employing models of deception and deception detection from the fields of psychology and cognitive science to these systems as well as implementing deception detection algorithms for probabilistic intelligent systems. The deception detection algorithms are used to detect, classify and correct attempts at deception. Algorithms for detecting unexpected information rely upon a prediction algorithm from the collaborative filtering domain to predict agent responses in a multi-agent system.

  5. US Army Nuclear Burst Detection System (NBDS)

    International Nuclear Information System (INIS)

    The Nuclear Burst Detection System (NBDS) was developed to meet the Army requirements of an unattended, automatic nuclear burst reporting system. It provides pertinent data for battlefield commanders on a timely basis with high reliability

  6. RASID: A Robust WLAN Device-free Passive Motion Detection System

    CERN Document Server

    Kosba, Ahmed E; Youssef, Moustafa

    2011-01-01

    Device-free passive (DfP) indoor localization is an emerging technology enabling the localization of entities that do not carry any devices nor participate actively in the localization process using the already installed wireless infrastructure. This technology is useful for a variety of applications, where special hardware might not be applicable or affordable such as intrusion detection, smart homes and border protection. In this paper, we present the design, implementation and evaluation of RASID, a DfP system for human motion detection. RASID combines different modules for statistical anomaly detection while adapting to changes in the environment to provide accurate, robust and low-overhead detection of human activities. Evaluation of the system in two different real testbed environments shows that it can achieve an accurate detection capability of 6% miss detection rate and 9% false alarm rate in both environments. In addition, the high accuracy and low overhead performance are robust to changes in the e...

  7. Doses Due to the South Atlantic Anomaly During the Euromir'95 Mission Measured by an On-Board TLD System

    International Nuclear Information System (INIS)

    During the Euromir'95 mission, a specially designed microprocessor-controlled thermoluminescent detector (TLD) system, called the 'Pille'95', was used by ESA astronaut Thomas Reiter to measure the cosmic radiation dose inside the Mir space station. One of the experiment's objectives was to determine the dose fraction on Mir due to the South Atlantic Anomaly (SAA) on an orbit inclined at 51.6 deg. and at an altitude of about 400 km. Using an hourly measuring period for 170 h in automatic mode, dose components both of galactic (independent of SAA) and SAA origin were determined. It was found that the maximum dose due to crossing the SAA was equal to 55 μGy. Averaging all the measurements it was calculated that the mean dose rate inside the Mir was 12-14 μGy.h-1, and that half of this value was caused by the SAA. (author)

  8. Tectonic history of the north portion of the San Andreas fault system, California, inferred from gravity and magnetic anomalies

    Science.gov (United States)

    Griscom, A.; Jachens, R.C.

    1989-01-01

    Geologic and geophysical data for the San Andreas fault system north of San Francisco suggest that the eastern boundary of the Pacific plate migrated eastward from its presumed original position at the base of the continental slope to its present position along the San Andreas transform fault by means of a series of eastward jumps of the Mendocino triple junction. These eastward jumps total a distance of about 150 km since 29 Ma. Correlation of right-laterally displaced gravity and magnetic anomalies that now have components at San Francisco and on the shelf north of Point Arena indicates that the presently active strand of the San Andreas fault north of the San Francisco peninsula formed recently at about 5 Ma when the triple junction jumped eastward a minimum of 100 km to its present location at the north end of the San Andreas fault. -from Authors

  9. MODEL FOR INTRUSION DETECTION SYSTEM

    Directory of Open Access Journals (Sweden)

    Neha Rani

    2012-10-01

    Full Text Available Advancement in wireless communications lead more and more mobile wireless networks e.g., mobile networks [mobile ad hoc networks (MANETs], wireless sensor networks, etc. Some of the challenges in MANET include: Dynamic network topology, Speed, Bandwidth, computation capability, Scalability, Quality of service, Secure and Reliable routing. One of the most important challenges in mobile wireless networks is the Secure and reliable routing and the main characteristic of MANET with respect to security is the lack of clear line of defence. Therefore, the SP routing problem in MANET turns into dynamic optimization problem. In this paper, a path detection algorithm and a model to detect intruders that is misbehaving nodes in the alternative paths is proposed.

  10. Real time prediction of sea level anomaly data with the Prognocean system - comparison of results obtained using different prediction techniques

    Science.gov (United States)

    Mizinski, Bartlomiej; Niedzielski, Tomasz; Kosek, Wieslaw

    2013-04-01

    Prognocean is a near-real time modeling and prediction system elaborated and based at University of Wroclaw, Poland. It operates on gridded Sea Level Anomaly (SLA) data obtained from the Archiving, Validation and Interpretation of Satellite Oceanographic data (AVISO), France. The data acquisition flow from AVISO to Prognocean is entirely automatic and is implemented in Python. The core of the system - including data pre-processing, modeling, prediction, validation and visualization procedures - is composed of a series of R scripts that are interrelated and work at three levels of generalization. The objective of the work presented here is to show the results of our numerical experiment that have been carried out since early 2012. Four prediction models have been implemented to date: (1) extrapolation of polynomial-harmonic model and the extrapolation of polynomial-harmonic model with (2) autoregressive model, (3) threshold autoregressive model and (4) autocovariance procedure. Although the presentation is limited to four models and their predictive skills, Prognocean consists of modules and hence new techniques may be plugged in at any time. In this paper, the comparison of the results into forecasting sea level anomaly maps is presented. Along with sample predictions, with various lead times up to two weeks, we present and discuss a set of root mean square prediction error maps computed in real time after the observations have been available. We identified areas where linear prediction models reveal considerable errors, which may indicate a non-linear mode of sea level change. In addition, we have identified an agreement between the spatial pattern of large prediction errors and the spatial occurrence of key mesoscale ocean eddies.

  11. Development of a Global Agricultural Hotspot Detection and Early Warning System

    Science.gov (United States)

    Lemoine, G.; Rembold, F.; Urbano, F.; Csak, G.

    2015-12-01

    The number of web based platforms for crop monitoring has grown rapidly over the last years and anomaly maps and time profiles of remote sensing derived indicators can be accessed online thanks to a number of web based portals. However, while these systems make available a large amount of crop monitoring data to the agriculture and food security analysts, there is no global platform which provides agricultural production hotspot warning in a highly automatic and timely manner. Therefore a web based system providing timely warning evidence as maps and short narratives is currently under development by the Joint Research Centre. The system (called "HotSpot Detection System of Agriculture Production Anomalies", HSDS) will focus on water limited agricultural systems worldwide. The automatic analysis of relevant meteorological and vegetation indicators at selected administrative units (Gaul 1 level) will trigger warning messages for the areas where anomalous conditions are observed. The level of warning (ranging from "watch" to "alert") will depend on the nature and number of indicators for which an anomaly is detected. Information regarding the extent of the agricultural areas concerned by the anomaly and the progress of the agricultural season will complement the warning label. In addition, we are testing supplementary detailed information from other sources for the areas triggering a warning. These regard the automatic web-based and food security-tailored analysis of media (using the JRC Media Monitor semantic search engine) and the automatic detection of active crop area using Sentinel 1, upcoming Sentinel-2 and Landsat 8 imagery processed in Google Earth Engine. The basic processing will be fully automated and updated every 10 days exploiting low resolution rainfall estimates and satellite vegetation indices. Maps, trend graphs and statistics accompanied by short narratives edited by a team of crop monitoring experts, will be made available on the website on a

  12. Fall Detection Sensor System for the Elderly

    Directory of Open Access Journals (Sweden)

    Alicia Y.C. Tang

    2015-06-01

    Full Text Available Many elderly people are living alone in their homes. If the elderly fall down, it may be difficult for them to request for help. The main objective of this work is to design an android-based fall detection sensor system at affordable cost for the elderly in Malaysia. This paper describes the design of the android-based fall detection sensor system. The system is able to acknowledge a falling incident to the contact person such that the incident can be reported to the ambulance department soonest possible, and to provide necessary medical treatments for the injured elderly. The design and implementation combines both hardware and software that work seamlessly in detecting and reporting a fall at home. The hardware part consists of the falling detection sensor that detects the body position of the user whether it is on a falling mode while the software side consists of some formulas that detect the fallings and triggers the alarm.

  13. Intrusion Detection Approach Using Connectionist Expert System

    Institute of Scientific and Technical Information of China (English)

    MA Rui; LIU Yu-shu; DU Yan-hui

    2005-01-01

    In order to improve the detection efficiency of rule-based expert systems, an intrusion detection approach using connectionist expert system is proposed. The approach converts the AND/OR nodes into the corresponding neurons, adopts the three-layered feed forward network with full interconnection between layers,translates the feature values into the continuous values belong to the interval [0, 1 ], shows the confidence degree about intrusion detection rules using the weight values of the neural networks and makes uncertain inference with sigmoid function. Compared with the rule-based expert system, the neural network expert system improves the inference efficiency.

  14. Evaluating the SEVIRI Fire Thermal Anomaly Detection Algorithm across the Central African Republic Using the MODIS Active Fire Product

    OpenAIRE

    Freeborn, Patrick H.; Wooster, Martin J.; Gareth Roberts; Weidong Xu

    2014-01-01

    Satellite-based remote sensing of active fires is the only practical way to consistently and continuously monitor diurnal fluctuations in biomass burning from regional, to continental, to global scales. Failure to understand, quantify, and communicate the performance of an active fire detection algorithm, however, can lead to improper interpretations of the spatiotemporal distribution of biomass burning, and flawed estimates of fuel consumption and trace gas and aerosol emissions. This work e...

  15. Real-time petroleum spill detection system

    International Nuclear Information System (INIS)

    A real-time autonomous oil and fuel spill detection system has been developed to rapidly detect of a wide range of petroleum products floating on, or suspended in water. The system consists of an array of spill detection buoys distributed within the area to be monitored. The buoys are composed of a float and a multispectral fluorometer, which looks up through the top 5 cm of water to detect floating and suspended petroleum products. The buoys communicate to a base station computer that controls the sampling of the buoys and analyses the data from each buoy to determine if a spill has occurred. If statistically significant background petroleum levels are detected, the system raises an oil spill alarm. The system is useful because early detection of a marine oil spill allows for faster containment, thereby minimizing the contaminated area and reducing cleanup costs. This paper also provided test results for biofouling, various petroleum product detection, water turbidity and wave tolerance. The technology has been successfully demonstrated. The UV light source keeps the optic window free from biofouling, and the electronics are fully submerged so there is no risk that the unit could ignite the vapours of a potential oil spill. The system can also tolerate moderately turbid waters and can therefore be used in many rivers, harbours, water intakes and sumps. The system can detect petroleum products with an average thickness of less than 3 micrometers floating on the water surface. 3 refs., 15 figs

  16. Introduction to Wireless Intrusion Detection Systems

    OpenAIRE

    Milliken, Jonny

    2014-01-01

    The IDS (Intrusion Detection System) is a common means of protecting networked systems from attack or malicious misuse. The development and rollout of an IDS can take many different forms in terms of equipment, protocols, connectivity, cost and automation. This is particularly true of WIDS (Wireless Intrusion Detection Systems) which have many more opportunities and challenges associated with data transmission through an open, shared medium. The operation of a WIDS is a multistep process from...

  17. RIDES: Robust Intrusion Detection System for IP-Based Ubiquitous Sensor Networks

    Directory of Open Access Journals (Sweden)

    Sungwon Lee

    2009-05-01

    Full Text Available TheIP-based Ubiquitous Sensor Network (IP-USN is an effort to build the “Internet of things”. By utilizing IP for low power networks, we can benefit from existing well established tools and technologies of IP networks. Along with many other unresolved issues, securing IP-USN is of great concern for researchers so that future market satisfaction and demands can be met. Without proper security measures, both reactive and proactive, it is hard to envisage an IP-USN realm. In this paper we present a design of an IDS (Intrusion Detection System called RIDES (Robust Intrusion DEtection System for IP-USN. RIDES is a hybrid intrusion detection system, which incorporates both Signature and Anomaly based intrusion detection components. For signature based intrusion detection this paper only discusses the implementation of distributed pattern matching algorithm with the help of signature-code, a dynamically created attack-signature identifier. Other aspects, such as creation of rules are not discussed. On the other hand, for anomaly based detection we propose a scoring classifier based on the SPC (Statistical Process Control technique called CUSUM charts. We also investigate the settings and their effects on the performance of related parameters for both of the components.

  18. RIDES: Robust Intrusion Detection System for IP-Based Ubiquitous Sensor Networks.

    Science.gov (United States)

    Amin, Syed Obaid; Siddiqui, Muhammad Shoaib; Hong, Choong Seon; Lee, Sungwon

    2009-01-01

    The IP-based Ubiquitous Sensor Network (IP-USN) is an effort to build the "Internet of things". By utilizing IP for low power networks, we can benefit from existing well established tools and technologies of IP networks. Along with many other unresolved issues, securing IP-USN is of great concern for researchers so that future market satisfaction and demands can be met. Without proper security measures, both reactive and proactive, it is hard to envisage an IP-USN realm. In this paper we present a design of an IDS (Intrusion Detection System) called RIDES (Robust Intrusion DEtection System) for IP-USN. RIDES is a hybrid intrusion detection system, which incorporates both Signature and Anomaly based intrusion detection components. For signature based intrusion detection this paper only discusses the implementation of distributed pattern matching algorithm with the help of signature-code, a dynamically created attack-signature identifier. Other aspects, such as creation of rules are not discussed. On the other hand, for anomaly based detection we propose a scoring classifier based on the SPC (Statistical Process Control) technique called CUSUM charts. We also investigate the settings and their effects on the performance of related parameters for both of the components. PMID:22412321

  19. Analyzing Spatiotemporal Anomalies through Interactive Visualization

    Directory of Open Access Journals (Sweden)

    Tao Zhang

    2014-06-01

    Full Text Available As we move into the big data era, data grows not just in size, but also in complexity, containing a rich set of attributes, including location and time information, such as data from mobile devices (e.g., smart phones, natural disasters (e.g., earthquake and hurricane, epidemic spread, etc. We are motivated by the rising challenge and build a visualization tool for exploring generic spatiotemporal data, i.e., records containing time location information and numeric attribute values. Since the values often evolve over time and across geographic regions, we are particularly interested in detecting and analyzing the anomalous changes over time/space. Our analytic tool is based on geographic information system and is combined with spatiotemporal data mining algorithms, as well as various data visualization techniques, such as anomaly grids and anomaly bars superimposed on the map. We study how effective the tool may guide users to find potential anomalies through demonstrating and evaluating over publicly available spatiotemporal datasets. The tool for spatiotemporal anomaly analysis and visualization is useful in many domains, such as security investigation and monitoring, situation awareness, etc.

  20. Semantic Plagiarism Detection System Using Ontology Mapping

    Directory of Open Access Journals (Sweden)

    Manjula Shenoy K

    2012-06-01

    Full Text Available Plagiarism detection can play an important role in detecting stealing of original ideas in papers, journals and internet web sites. Checking these manually is simply impossible nowadays due to existence of large digital repository. Ontology is a way of describing documents semantics. Ontology mapping can resolve semantic heterogeneity in documents. Our paper proposes an automatic system for semantic plagiarism detection based on ontology mapping.

  1. Role of Sonography and MRI in Fetal CNS Anomaly

    Directory of Open Access Journals (Sweden)

    Jalal Jalalshokouhi

    2010-05-01

    Full Text Available Current ultrasound equipment allows the antenatal identification of many central nervous system anomalies from early gestation. Diagnostic accuracy, however, remains heavily dependent upon the expertise of the sonologist. Fetal ultrasound is effective in identifying CNS anomalies. Magnetic resonance imaging may play a major role in the evaluation of cases with suboptimal ultrasound visualization, or when specific anomalies are suspected, such as intracranial haemorrhage or migrational disorders."nThis study was performed in two centers, of which anomaly sonography scan was carried out in Nasle Omid clinic by high end ultrasound machines (Aloka a10-version 2009 and Medison Accuvix-XQ and the fetal MRI was performed in Jaam e Jam Imaging center."nAnomaly ultrasound scan and detailed CNS scan was done by checking the size and shape of the skull, symmetry of the CNS, cerebellum, cisterna magna, CSP, lateral ventricles and thalami by 2-6 MHZ abdominal convex transducer and in some cases, high resolution transvaginal sonography was performed for better images."nCases were referred for fetal CNS MRI when ultra-sound was not conclusive for CNS anomaly or better evaluation of the background anomaly."nIn this study, in more than 20 cases we could confirm sonography is the major diagnostic tool for CNS anomalies, if performed by an experienced sonologist and proper equipment. "nMRI has a very important role in confirming ultra-sound findings or detecting CNS anomalies when sonography is not conclusive, if MRI is accomplished based on a proper protocol and read by an experienced radiologist.

  2. Network traffic anomaly detection based on relative entropy%基于相对熵的网络流量异常检测方法

    Institute of Scientific and Technical Information of China (English)

    张登银; 廖建飞

    2012-01-01

    The anomaly detection of network traffic, which aims at detecting abrupt attacks timely and accurately, is important in the field of network security. Existing detection methods, such as the methods based on data mining and wavelet analysis, fail to meet the application requirements of online traffic detection either due to the high complexity of algorithm or the poor detection effect. By introducing the concept of information entropy and calculating relative entropy of the network traffic on the vision of the traffic S dimensions and hierarchies in real-time, this paper proposes a relative entropy based detection method with the time complexity of algorithm at O(N ×log2N ×D) . Experiment analysis shows that the false a-larm rate can be controlled only in 0. 03 ~0. 05 when the detection rate reaches 0. 8 ~0. 85 , which meets the requirements of real-time and accuracy simultaneously.%网络流量的异常检测是网络安全领域一个重要分支,目标是及时准确地检测网络中发生的突发攻击事件.现有流量异常检测方法如数据挖掘、小波分析等方法或因检测效果较差,或因算法复杂,难以满足实时在线流量检测的应用需求.文中引入信息熵概念,通过对网络流量进行分维和分层实时计算网络流量相对熵,提出了一种基于相对熵的流量异常检测方法,算法时间复杂度为O(N×log2N× D).实验分析表明,当检测率达到0.80 ~0.85时,误报率控制在0.03 ~O.05,可同时满足系统实时性和准确性要求.

  3. Doppler colour flow mapping of fetal intracerebral arteries in the presence of central nervous system anomalies

    NARCIS (Netherlands)

    J.W. Wladimiroff (Juriy); R. Heydanus (Rogier); P.A. Stewart (Patricia)

    1993-01-01

    textabstractThe adjunctive role of Doppler colour flow mapping in the evaluation of intracerebral morphology and arterial blood flow in the presence of normal and abnormal central nervous system morphology was determined. A total of 59 fetuses with suspected central nervous system pathology between

  4. Testing Of Network Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Jagadeep Vegunta

    2011-11-01

    Full Text Available Network based intrusion detection system use the models of attacks to identify intrusive behavior ability of systems to detect attacks by quality of models which are called signatures. Some attacks exploits in different ways. For this reason we use testing tools that able to detect goodness of signatures. This technique describes test and evaluate misuse detection models in the case of network-based intrusion detection systems. we use Mutant Exploits are working against vulnerability applications. This mutant exploit is based on mechanism to generate large no. of exploit by applying mutant operators. The results of the systems in detecting these variations pro-vide a quantitative basis for the evaluation of the quality of the corresponding detection model. but here we are going to find defects of this testing and is this test will provide 100% security for this system (or not. and also which technique gives much security among these techniques fuzzy logic, neural networks, hybrid fuzzy and neural networks, naïve bayes, genetic algorithms and data mining.

  5. Computer systems for automatic earthquake detection

    Science.gov (United States)

    Stewart, S.W.

    1974-01-01

    U.S Geological Survey seismologists in Menlo park, California, are utilizing the speed, reliability, and efficiency of minicomputers to monitor seismograph stations and to automatically detect earthquakes. An earthquake detection computer system, believed to be the only one of its kind in operation, automatically reports about 90 percent of all local earthquakes recorded by a network of over 100 central California seismograph stations. The system also monitors the stations for signs of malfunction or abnormal operation. Before the automatic system was put in operation, all of the earthquakes recorded had to be detected by manually searching the records, a time-consuming process. With the automatic detection system, the stations are efficiently monitored continuously. 

  6. IMPROVING CAUSE DETECTION SYSTEMS WITH ACTIVE LEARNING

    Data.gov (United States)

    National Aeronautics and Space Administration — IMPROVING CAUSE DETECTION SYSTEMS WITH ACTIVE LEARNING ISAAC PERSING AND VINCENT NG Abstract. Active learning has been successfully applied to many natural language...

  7. The Pioneer Anomaly

    CERN Document Server

    Turyshev, Slava G

    2010-01-01

    Radio-metric Doppler tracking data received from the Pioneer 10 and 11 spacecraft from heliocentric distances of 20-70 AU has consistently indicated the presence of a small, anomalous, blue-shifted frequency drift uniformly changing with a rate of ~6 x 10^{-9} Hz/s. Ultimately, the drift was interpreted as a constant sunward deceleration of each particular spacecraft at the level of a_P = (8.74 +/- 1.33) x 10^{-10} m/s^2. This apparent violation of the Newton's gravitational inverse-square law has become known as the Pioneer anomaly; the nature of this anomaly remains unexplained. In this review, we summarize the current knowledge of the physical properties of the discovered effect and the conditions that led to its detection and characterization. We review various mechanisms proposed to explain the anomaly and discuss the current state of efforts to determine its nature. A comprehensive new investigation of the anomalous behavior of the two Pioneers has begun recently. The new efforts rely on the much-extend...

  8. Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory

    CERN Document Server

    Kim, Jungwon; Twycross, Jamie; Aickelin, Uwe

    2010-01-01

    The analysis of system calls is one method employed by anomaly detection systems to recognise malicious code execution. Similarities can be drawn between this process and the behaviour of certain cells belonging to the human immune system, and can be applied to construct an artificial immune system. A recently developed hypothesis in immunology, the Danger Theory, states that our immune system responds to the presence of intruders through sensing molecules belonging to those invaders, plus signals generated by the host indicating danger and damage. We propose the incorporation of this concept into a responsive intrusion detection system, where behavioural information of the system and running processes is combined with information regarding individual system calls.

  9. High precision thermal modeling of complex systems with application to the flyby and Pioneer anomaly

    OpenAIRE

    Rievers, Benny; Lämmerzahl, Claus

    2011-01-01

    Thermal modeling of complex systems faces the problems of an effective digitalization of the detailed geometry and properties of the system, calculation of the thermal flows and temperature maps, treatment of the thermal radiation including possible multiple reflections, inclusion of additional external influences, extraction of the radiation pressure from calculated surface data, and computational effectiveness. In previous publications the solution to these problems have been outlined and a...

  10. Detection and intelligent systems for homeland security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Detection and Intelligent Systems for Homeland Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering advanced technology for image and video interpretation systems used for surveillance, which help in solving such problems as identifying faces from live streaming or stored videos. Biometrics for human identification, including eye retinas and irises, and facial patterns are also presented. The book then provides information on sensors for detection of explosive and radioactive materials and methods for sensing chemical

  11. Data Mining and Intrusion Detection Systems

    OpenAIRE

    Zibusiso Dewa; Leandros A. Maglaras

    2016-01-01

    The rapid evolution of technology and the increased connectivity among its components, imposes new cyber-security challenges. To tackle this growing trend in computer attacks and respond threats, industry professionals and academics are joining forces in order to build Intrusion Detection Systems (IDS) that combine high accuracy with low complexity and time efficiency. The present article gives an overview of existing Intrusion Detection Systems (IDS) along with their main principles. Also th...

  12. Energy Efficient Cluster-Based Intrusion Detection System for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Manal Abdullah

    2014-09-01

    Full Text Available Wireless sensor networks (WSNs are network type where sensors are used to collect physical measurements. It has many application areas such as healthcare, weather monitoring and even military applications. Security in this kind of networks is a big concern especially in the applications that required confidentiality and privacy. Therefore, providing a WSN with an intrusion detection system is essential to protect its security from different types of intrusions, cyber-attacks and random faults. Clustering has proven its efficiency in prolong the node as well as the whole WSN lifetime. In this paper we have designed an Intrusion Detection (ID system based on Stable Election Protocol (SEP for clustered heterogeneous WSNs. The benefit of using SEP is that it is a heterogeneous-aware protocol to prolong the time interval before the death of the first node. KDD Cup’99 data set is used as the training data and test data. After normalizing our dataset, we trained the system to detect four types of attacks which are Probe, Dos, U2R and R2L, using 18 features out of the 42 features available in KDD Cup'99 dataset. The research used the K-nearest neighbour (KNN classifier for anomaly detection. The experiments determine K = 5 for best classification and this reveals recognition rate of attacks as 75%. Results are compared with KNN classifier for anomaly detection without using a clustering algorithm.

  13. New Detection System for Heavy Element Research

    CERN Document Server

    Tsyganov, Y S; Voinov, A A; Shumeyko, M V

    2015-01-01

    New detection system design for heavy element research with 48Ca projectile has been reported. This system is based on application of 32 position sensitive strip PIPS detector and low pressure pentane filled TOF detector application in 48Ca induced nuclear reactions. To suppress beam associated background products new version of real time method of active correlations has been applied. Examples of applications in 249Bk+48Ca and 243Am+48Ca reactions are presented. The system development to operate together with the digital ORNL detection system to provide a quick search for recoil to alpha correlation chains has been discussed too.

  14. Flat Surface Damage Detection System (FSDDS)

    Science.gov (United States)

    Williams, Martha; Lewis, Mark; Gibson, Tracy; Lane, John; Medelius, Pedro; Snyder, Sarah; Ciarlariello, Dan; Parks, Steve; Carrejo, Danny; Rojdev, Kristina

    2013-01-01

    The Flat Surface Damage Detection system (FSDDS} is a sensory system that is capable of detecting impact damages to surfaces utilizing a novel sensor system. This system will provide the ability to monitor the integrity of an inflatable habitat during in situ system health monitoring. The system consists of three main custom designed subsystems: the multi-layer sensing panel, the embedded monitoring system, and the graphical user interface (GUI). The GUI LABVIEW software uses a custom developed damage detection algorithm to determine the damage location based on the sequence of broken sensing lines. It estimates the damage size, the maximum depth, and plots the damage location on a graph. Successfully demonstrated as a stand alone technology during 2011 D-RATS. Software modification also allowed for communication with HDU avionics crew display which was demonstrated remotely (KSC to JSC} during 2012 integration testing. Integrated FSDDS system and stand alone multi-panel systems were demonstrated remotely and at JSC, Mission Operations Test using Space Network Research Federation (SNRF} network in 2012. FY13, FSDDS multi-panel integration with JSC and SNRF network Technology can allow for integration with other complementary damage detection systems.

  15. Means and methods used to check radiation detection, signalling and alarm devices in the centralized environment control systems of the INB of CEN-Saclay

    International Nuclear Information System (INIS)

    Having reviewed the prescribed technical measures concerning 'systematic environment controls' in INB (Installations nucleaires de base - basic nuclear facilities) and published in the J.O. (French Official Journal) the authors briefly describe the main radiation detection, signalling and alarm systems at present installed in INB of CEN-Saclay and weigh up the extent to which their characteristics comply with the statutory texts. They then develop the means and methods set up to check on the good working order of these devices which are integrated in centralised one-piece modular analogue or informatics type control systems possible functioning anomalies being classed in two categories: logic type anomalies corresonding to a straightforward breakdown where detection is permanent; developing anomalies corresponding to poor functioning where detection requires a more critical and periodic control. The authors demonstrate the advantages offered by centralised computer type control systems

  16. Towards the detecting of pseudo-Hermitian anomalies for negative square masses neutrinos in intensive magnetic fields

    CERN Document Server

    Rodionov, Vasily

    2016-01-01

    One of the primary goals of contemporary physics of neutrinos after discovery of their masses become the investigation of their electromagnetic properties. This is a necessary step for creation of new physics beyond the Standard Model (SM), which no longer can claim the role theory explaining everything phenomenon of the Universe. On this it should draw attention because SM remains consistent local scheme for any value of the masses of particles $0\\leq m <\\infty $. Now the masses of elementary particles can exceed even Planck's mass $m_{Planck}\\simeq 10^{19}GeV$, which is the largest scale mass in the Universe. For solving this problem of studying of electromagnetic interactions of neutrino we suggest use the methods of relativistic quantum theory with the limiting mass $m\\leq M$. The restriction of mass spectrum of fermions can be obtained in the frame of non-Hermitian (pseudo-Hermitian) fermion systems having the direct application to the neutrino physics. The systems of the similar type include so-calle...

  17. Using exceedance probabilities to detect anomalies in routinely recorded animal health data, with particular reference to foot-and-mouth disease in Viet Nam.

    Science.gov (United States)

    Richards, K K; Hazelton, M L; Stevenson, M A; Lockhart, C Y; Pinto, J; Nguyen, L

    2014-10-01

    The widespread availability of computer hardware and software for recording and storing disease event information means that, in theory, we have the necessary information to carry out detailed analyses of factors influencing the spatial distribution of disease in animal populations. However, the reliability of such analyses depends on data quality, with anomalous records having the potential to introduce significant bias and lead to inappropriate decision making. In this paper we promote the use of exceedance probabilities as a tool for detecting anomalies when applying hierarchical spatio-temporal models to animal health data. We illustrate this methodology through a case study data on outbreaks of foot-and-mouth disease (FMD) in Viet Nam for the period 2006-2008. A flexible binomial logistic regression was employed to model the number of FMD infected communes within each province of the country. Standard analyses of the residuals from this model failed to identify problems, but exceedance probabilities identified provinces in which the number of reported FMD outbreaks was unexpectedly low. This finding is interesting given that these provinces are on major cattle movement pathways through Viet Nam. PMID:25457601

  18. Considerations on fluorides anomalies in Botucatu-Piramboia aquifers system, Parana basin, Brazil

    International Nuclear Information System (INIS)

    Groundwater of a great number of deep wells dug to exploit the Botucatu-Piramboia aquifer system in the Parana Basin, Brazil, have high fluoride concentrations, over 1 ppm, that turns groundwater useless for human supply. Investigations being carried out a the Center for Groundwater Research (CEPAS) of the Institute of Geosciences at USP, Sao Paulo, indicate a relationship between fluoride concentration and groundwater age, dated with radiocarbon. (author)

  19. Force protection demining system (FPDS) detection subsystem

    Science.gov (United States)

    Zachery, Karen N.; Schultz, Gregory M.; Collins, Leslie M.

    2005-06-01

    This study describes the U.S. Army Force Protection Demining System (FPDS); a remotely-operated, multisensor platform developed for reliable detection and neutralization of both anti-tank and anti-personnel landmines. The ongoing development of the prototype multisensor detection subsystem is presented, which integrates an advanced electromagnetic pulsed-induction array and ground penetrating synthetic aperture radar array on a single standoff platform. The FPDS detection subsystem is mounted on a robotic rubber-tracked vehicle and incorporates an accurate and precise navigation/positioning module making it well suited for operation in varied and irregular terrains. Detection sensors are optimally configured to minimize interference without loss in sensitivity or performance. Mine lane test data acquired from the prototype sensors are processed to extract signal- and image-based features for automatic target recognition. Preliminary results using optimal feature and classifier selection indicate the potential of the system to achieve high probabilities of detection while minimizing false alarms. The FPDS detection software system also exploits modern multi-sensor data fusion algorithms to provide real-time detection and discrimination information to the user.

  20. Potential ''anomalies'' in 14N+27Al,28Si and 29Si systems

    International Nuclear Information System (INIS)

    Seven elastic angular distributions and the fusion excitation functions for the 14N + 27AL, 14N + 28Si and 14N + 29Si systems with in the energy range 1.1CM/VB<2.5 are measured. The experimental fusion cross sections were superestimated by the simple one-dimensional barrier penetration model, with a ''frozen'' nuclear proximity potential. Through an effective variation of barrier height, the energy dependent corrections necessary to fit the data are calculated these corrections showed an ''anomalous'' behaviour in the above-barrier energy region. The corresponding imaginary potential parts were then constructed through the use of dispersion relation. (author)