Application-Level Anomaly Detection for the Master Caution Panel

Abstract

The goal of this work was to study how to monitor a large distributed system and apply machine learning methods to, and generate models of, its normal operation. With this done, the generated model(s) may be used to actively detect abnormal executions at run-time which may indicate improper use, attacks, or internal faults of the monitored system in question. We used the data collected by Master Caution Panel (MCP) software for the Theater Battle Management Core System (TBMCS) as sample data to test our machine learning methods. The MCP system has been under development for some time. It shares the same goal, but is based upon carefully designed and crafted "logic modules" that issue alerts when conditions warrant. The goal here is to use the existing monitoring and alert functions of MCP as a baseline to determine whether automated learning systems can achieve comparable performance in an automated fashion. A positive outcome of this study could suggest general principles of use in a wide range of mission critical systems.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jul 01, 2005
Accession Number
ADA437103

Entities

People

  • Salvatore J. Stolfo

Organizations

  • Columbia University

Tags

Communities of Interest

  • Autonomy
  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Anomaly Detection
  • Battle Management
  • Change Detection
  • Cybersecurity
  • Data Acquisition
  • Data Sets
  • Databases
  • Detection
  • Detectors
  • Intrusion Detection
  • Learning
  • Machine Learning
  • Monitoring
  • New York
  • Probability
  • Unsupervised Machine Learning

Readers

  • Sensor Fusion and Tracking Systems.
  • Software Engineering.
  • Systems Analysis and Design

Technology Areas

  • AI & ML
  • AI & ML - Neural Networks