Revitalizing Self-Organizing Map: Anomaly Detection using Forecasting Error Patterns

Name: Revitalizing Self-Organizing Map: Anomaly Detection using Forecasting Error Patterns
Start: 2021-06-22T09:30:00Z
End: 2021-06-24T16:30:00Z
Location: Online via Hopin Platform

Young Geun Kim, Jeong-Han Yun, Siho Han, Hyoung Chun Kim, Simon S. Woo

event

Screenshot of the virtual conference

Abstract

We introduce Self-Organizing Map-based Anomaly Detector (SOMAD), an anomaly detection framework based on a novel test statistic, SomAnomaly, for Cyber-Physical System (CPS) security. Upon evaluation on two popular CPS datasets, we demonstrate that SOMAD outperforms baseline approaches through online multiple testing, using Time-Series Aware Precision and Recall (TaPR) metrics. Accordingly, we empirically demonstrate that forecasting error patterns of raw CPS data can be useful when detecting anomalies through a fast, statistical multiple testing approach such as ours.

Date

Jun 22, 2021 9:30 AM — Jun 24, 2021 4:30 PM

Event

36th IFIP TC-11 International Conference on Information Security and Privacy Protection (SEC 2021)

Location

Online via Hopin Platform

Department of Informatics at the University of Oslo, Oslo, NO 0373

Kim Y.G., Yun JH., Han S., Kim H.C., Woo S.S. (2021) Revitalizing Self-Organizing Map: Anomaly Detection Using Forecasting Error Patterns. In: Jøsang A., Futcher L., Hagen J. (eds) ICT Systems Security and Privacy Protection. SEC 2021. IFIP Advances in Information and Communication Technology, vol 625. Springer, Cham. https://doi.org/10.1007/978-3-030-78120-0_25

in Session 11: Machine Learning for Security (06-24 11:00 CEST - 13:00 CEST).

conference anomaly-detection time-series self-organizing-map cyber-physical-system