Abstract (EN):
The present work introduces a hybrid integration of the self-organizing map and the hidden Markov model (HMM) for anomaly detection in 802.11 wireless networks. The self-organizing hidden Markov model map (SOHMMM) deals with the spatial connections of HMMs, along with the inherent temporal dependencies of data sequences. In essence, an HMM is associated with each neuron of the SOHMMM lattice. In this paper, the SOHMMM algorithm is employed for anomaly detection in 802.11 wireless access point usage data. Furthermore, we extend the SOHMMM online gradient descent unsupervised learning algorithm for multivariate Gaussian emissions. The experimental analysis uses two types of data: synthetic data to investigate the accuracy and convergence of the SOHMMM algorithm and wireless simulation data to verify the significance and efficiency of the algorithm in anomaly detection. The sensitivity and specificity of the SOHMMM algorithm in anomaly detection are compared to two other approaches, namely HMM initialized with universal background model (HMM-UBM) and SOHMMM with zero neighborhood (Z-SOHMMM). The results from the wireless simulation experiments show that SOHMMM outperformed the aforementioned approaches in all the presented anomalous scenarios.
Language:
English
Type (Professor's evaluation):
Scientific
No. of pages:
18