IntruMine: Mining intruders in untrustworthy data of cyber-physical systems

Lu An Tang, Quanquan Gu, Xiao Yu, Jiawei Han, Thomas La Porta, Alice Leung, Tarek Abdelzaher, Lance Kaplan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Scopus citations

Abstract

A Cyber-Physical System (CPS) integrates physical (i.e., sensor) devices with cyber (i.e., informational) components to form a situation-aware system that re- sponds intelligently to dynamic changes in real-world. It has wide application to scenarios of traffic control, en- vironment monitoring and battlefield surveillance. This study investigates the specific problem of intruder min- ing in CPS: With a large number of sensors deployed in a designated area, the task is real time detection of intruders who enter the area, based on untrustworthy data. We propose a method called IntruMine to detect and verify the intruders. IntruMine constructs monitor- ing graphs to model the relationships between sensors and possible intruders, and computes the position and energy of each intruder with the link information from these monitoring graphs. Finally, a confidence rating is calculated for each potential detection, reducing false positives in the results. IntruMine is a generalized ap- proach. Two classical methods of intruder detection can be seen as special cases of IntruMine under certain con- ditions. We conduct extensive experiments to evaluate the performance of IntruMine on both synthetic and real datasets and the experimental results show that IntruMine has better effectiveness and e±ciency than existing methods.

Original languageEnglish (US)
Title of host publicationProceedings of the 12th SIAM International Conference on Data Mining, SDM 2012
PublisherSociety for Industrial and Applied Mathematics Publications
Pages600-611
Number of pages12
ISBN (Print)9781611972320
DOIs
StatePublished - 2012
Event12th SIAM International Conference on Data Mining, SDM 2012 - Anaheim, CA, United States
Duration: Apr 26 2012Apr 28 2012

Publication series

NameProceedings of the 12th SIAM International Conference on Data Mining, SDM 2012

Other

Other12th SIAM International Conference on Data Mining, SDM 2012
Country/TerritoryUnited States
CityAnaheim, CA
Period4/26/124/28/12

All Science Journal Classification (ASJC) codes

  • Computer Science Applications

Fingerprint

Dive into the research topics of 'IntruMine: Mining intruders in untrustworthy data of cyber-physical systems'. Together they form a unique fingerprint.

Cite this