GGrantIndex
← Search

Low Latency Anomaly Detections with Imperfect Data Models

$300,000FY2017ENGNSF

University Of Arkansas, Fayetteville AR

Investigators

Abstract

Anomaly detection has a wide range of applications, such as fault detection for critical infrastructure, intrusion detection for cyber-physical systems, and fraud detection for financial services. Detection delay, which is defined as the time difference between the occurrence and detection of an anomaly event, is critical for many practical applications. A longer detection delay might lead to catastrophic results, such as the collapse of a bridge or the loss of power to millions of people. With a shorter detection delay, remedial actions or countermeasures can be carried out in a timely manner to significantly reduce the damages caused by faults, attacks, accidents, or disasters. This project will develop a new paradigm of low-latency anomaly detection methods that can minimize the detection delay while maintaining satisfactory detection accuracy. This is different from most current anomaly detection techniques, which focus solely on detection accuracy with little or no attention given to detection delays. The proposed low-latency anomaly detection methods can be applied to a wide range of civil, industrial, scientific, and military applications, such as power plants, communication networks, surveillance, structure health monitoring, and financial transactions. Outcomes of the proposed research work can significantly reduce the response time to anomaly events, thus minimizing the damages and economic losses caused by cyber-attacks, system failures, fraudulent activities, or natural disasters. Technologies developed through this project can improve the safety and security in both the physical and cyber-space, and promote the competitiveness and economic development of the United States. Expertise gained through the proposed research work will be used to facilitate the development of new course materials and student research projects, and enhance students' learning experiences from the perspectives of both technology innovations and social impacts. The goal of this project is to develop low-latency anomaly detection methods with imperfect data models. The design objective is to minimize the detection delay while maintaining satisfactory detection accuracy. One of the most formidable challenges faced by low-latency anomaly detection is the accurate modeling of the data used during detection. Since a decision needs to be made with minimum delay, there is extremely limited amount of data that can be used for model training or model selection, especially for data generated by the anomaly events. In recognition of the paramount difficulty in obtaining the precise data models, this project aims to proactively develop new detection methods tailored specifically for imperfect data models. The proposed research activities will transform the research on anomaly detection from the following perspectives. First, using detection delay instead of detection accuracy as the primary design metric can significantly reduce the amount of time required to detect an anomaly event, while still maintaining satisfactory detection accuracy through additional design constraints. Second, the low-latency detection algorithms are designed specifically for systems with imperfect data models. The fundamental performance limits imposed by model uncertainty on the detection latency are analytically characterized by using the Kullback-Leibler divergence between the true and imperfect models. The analytical results are used to guide the design of parametric and non-parametric low-latency algorithms, which can provide a theoretical guarantee on the worst case delay. Third, the newly developed theories and algorithms will be applied to the fault detection of electrical machines and the intrusion detection for smart grids, where the designs are performed by considering the unique challenges and opportunities of these cyber-physical systems.

View original record on NSF Award Search →