The model of an anomaly detector for HiLumi LHC magnets based on Recurrent Neural Networks and adaptive quantization

This paper focuses on an examination of an applicability of Recurrent Neural Network models for detecting anomalous behavior of the CERN superconducting magnets. In order to conduct the experiments, the authors designed and implemented an adaptive signal quantization algorithm and a custom GRU-based detector and developed a method for the detector parameters selection. Three different datasets were used for testing the detector. Two artificially generated datasets were used to assess the raw performance of the system whereas the 231 MB dataset composed of the signals acquired from HiLumi magnets was intended for real-life experiments and model training. Several different setups of the developed anomaly detection system were evaluated and compared with state-of-the-art OC-SVM reference model operating on the same data. The OC-SVM model was equipped with a rich set of feature extractors accounting for a range of the input signal properties. It was determined in the course of the experiments that the detector, along with its supporting design methodology, reaches F1 equal or very close to 1 for almost all test sets. Due to the profile of the data, the best_length setup of the detector turned out to perform the best among all five tested configuration schemes of the detection system. The quantization parameters have the biggest impact on the overall performance of the detector with the best values of input/output grid equal to 16 and 8, respectively. The proposed solution of the detection significantly outperformed OC-SVM-based detector in most of the cases, with much more stable performance across all the datasets.Comment: Related to arXiv:1702.0083

Anomaly detection in smart city wireless sensor networks

Aquesta tesi proposa una plataforma de detecció d’intrusions per a revelar atacs a les xarxes de sensors sense fils (WSN, per les sigles en anglès) de les ciutats intel·ligents (smart cities). La plataforma està dissenyada tenint en compte les necessitats dels administradors de la ciutat intel·ligent, els quals necessiten accés a una arquitectura centralitzada que pugui gestionar alarmes de seguretat en un sistema altament heterogeni i distribuït. En aquesta tesi s’identifiquen els diversos passos necessaris des de la recollida de dades fins a l’execució de les tècniques de detecció d’intrusions i s’avalua que el procés sigui escalable i capaç de gestionar dades típiques de ciutats intel·ligents. A més, es comparen diversos algorismes de detecció d’anomalies i s’observa que els mètodes de vectors de suport d’una mateixa classe (one-class support vector machines) resulten la tècnica multivariant més adequada per a descobrir atacs tenint en compte les necessitats d’aquest context. Finalment, es proposa un esquema per a ajudar els administradors a identificar els tipus d’atacs rebuts a partir de les alarmes disparades.Esta tesis propone una plataforma de detección de intrusiones para revelar ataques en las redes de sensores inalámbricas (WSN, por las siglas en inglés) de las ciudades inteligentes (smart cities). La plataforma está diseñada teniendo en cuenta la necesidad de los administradores de la ciudad inteligente, los cuales necesitan acceso a una arquitectura centralizada que pueda gestionar alarmas de seguridad en un sistema altamente heterogéneo y distribuido. En esta tesis se identifican los varios pasos necesarios desde la recolección de datos hasta la ejecución de las técnicas de detección de intrusiones y se evalúa que el proceso sea escalable y capaz de gestionar datos típicos de ciudades inteligentes. Además, se comparan varios algoritmos de detección de anomalías y se observa que las máquinas de vectores de soporte de una misma clase (one-class support vector machines) resultan la técnica multivariante más adecuada para descubrir ataques teniendo en cuenta las necesidades de este contexto. Finalmente, se propone un esquema para ayudar a los administradores a identificar los tipos de ataques recibidos a partir de las alarmas disparadas.This thesis proposes an intrusion detection platform which reveals attacks in smart city wireless sensor networks (WSN). The platform is designed taking into account the needs of smart city administrators, who need access to a centralized architecture that can manage security alarms in a highly heterogeneous and distributed system. In this thesis, we identify the various necessary steps from gathering WSN data to running the detection techniques and we evaluate whether the procedure is scalable and capable of handling typical smart city data. Moreover, we compare several anomaly detection algorithms and we observe that one-class support vector machines constitute the most suitable multivariate technique to reveal attacks, taking into account the requirements in this context. Finally, we propose a classification schema to assist administrators in identifying the types of attacks compromising their networks

Energy-efficient early emergency detection for healthcare monitoring on WBAN platform

This dissertation introduces an innovative structure aimed at improving anomaly detection and predictive analyses in Wireless Body Area Networks (WBANs), a crucial technology within the realm of digital healthcare. Motivated by the need to improve diagnostic precision and clinical decision-making, especially in environments constrained by the computational limitations of edge devices, this research aims to revolutionise patient monitoring systems. The research begins with a comprehensive review of current WBAN technologies and their applications in healthcare. It identifies a distinct gap in the ability of these systems to adapt to the dynamic and complex nature of patient health monitoring. Traditional WBAN methodologies, heavily reliant on static thresholds and centralised cloud-based processing, often fall short of effectively managing the nuanced and varied data derived from patient monitoring, leading to real-time responsiveness and energy efficiency challenges. The research progresses from static to dynamic threshold to address these challenges, enhancing the system's adaptability to fluctuating health indicators. The Multi-Level Classification Threshold Algorithm (MLCTA) was formulated to refine the classification of health-related data. The study subsequently presents a compound method that combines threshold-based techniques with linear regression analysis. This integration significantly bolsters the model's predictive capacity for health incidents by providing a more profound comprehension of vital sign patterns. When used in conjunction with actual patient data, this approach notably heightens the precision of health event forecasts. The framework includes a series of progressively advanced algorithms: The Modified Adaptive Local Emergency Detection (MALED) lays the groundwork with its adaptive response to health data changes. This is enhanced by the Differential Change Analysis (DCA), which introduces sensitivity to the rate of change in vital signs for early anomaly detection. The Local Emergency Detection Algorithm Using Adaptive Sampling (LEDAS) further optimises this framework by implementing adaptive sampling based on the patient's health status, ensuring efficient data collection. The pinnacle of this progression is the Sequential Multi-Dimensional Trend Analysis (SMDTA), which offers a comprehensive multi-dimensional analysis of health data, identifying intricate patterns and relationships among various vital signs for precise health predictions. Additionally, incorporating dynamic thresholds across these algorithms refines anomaly detection, making the system more flexible and responsive to changing patient health dynamics. Together, these algorithms represent a significant leap from basic monitoring systems to advanced networks capable of sophisticated multi-dimensional health analysis. Empirical evaluation using actual patient data from clinical databases demonstrated the superior efficacy of the proposed framework. Notably, the hybrid approach combining linear regression with threshold-based methods achieved near 96% accuracy in anomaly detection, significantly reducing the false-positive rate to 2%. Furthermore, the optimised local emergency detection strategies led to an average 85% reduction in data transmissions, contributing to a 19% decrease in energy consumption compared to existing methods, thereby underscoring the system's suitability for energy-constrained environments. The results of this research highlight not only the potential of advanced WBAN systems in enhancing healthcare delivery but also pave the way for future developments in medical technology. The proposed framework and its algorithms open new avenues in clinical decision-making, offering robust, efficient, and user-friendly solutions for healthcare professionals and patients