Anomaly Detection in the WIPER System using A Markov Modulated Poisson Distribution Ping Yan Tim Schoenharl Alec Pawling Greg Madey.

Slides:



Advertisements
Similar presentations
Pattern Finding and Pattern Discovery in Time Series
Advertisements

Lecture 5 This lecture is about: Introduction to Queuing Theory Queuing Theory Notation Bertsekas/Gallager: Section 3.3 Kleinrock (Book I) Basics of Markov.
Hidden Markov Model in Automatic Speech Recognition Z. Fodroczi Pazmany Peter Catholic. Univ.
Change Detection C. Stauffer and W.E.L. Grimson, “Learning patterns of activity using real time tracking,” IEEE Trans. On PAMI, 22(8): , Aug 2000.
Learning HMM parameters
Modeling Process Quality
Tutorial on Hidden Markov Models.
… Hidden Markov Models Markov assumption: Transition model:
HMM-BASED PATTERN DETECTION. Outline  Markov Process  Hidden Markov Models Elements Basic Problems Evaluation Optimization Training Implementation 2-D.
Hidden Markov Model 11/28/07. Bayes Rule The posterior distribution Select k with the largest posterior distribution. Minimizes the average misclassification.
Part 4 b Forward-Backward Algorithm & Viterbi Algorithm CSE717, SPRING 2008 CUBS, Univ at Buffalo.
SWARMFEST An Agent-Based Simulation For Emergency Response Management Timothy Schoenharl, R. Ryan McCune, Greg Madey of the University of Notre Dame.
Statistical based IDS background introduction. Statistical IDS background Why do we do this project Attack introduction IDS architecture Data description.
Greg Madey Albert-László Barabási David Hachen Tim Schoenharl Gabor Szabo Brett Lantz University of Notre Dame Integrated Wireless Phone Based Emergency.
. cmsc726: HMMs material from: slides from Sebastian Thrun, and Yair Weiss.
Probabilistic Analysis of a Large-Scale Urban Traffic Sensor Data Set Jon Hutchins, Alexander Ihler, and Padhraic Smyth Department of Computer Science.
Modeling Count Data over Time Using Dynamic Bayesian Networks Jonathan Hutchins Advisors: Professor Ihler and Professor Smyth.
Chapter 1: Introduction to Statistics
Intrusion and Anomaly Detection in Network Traffic Streams: Checking and Machine Learning Approaches ONR MURI area: High Confidence Real-Time Misuse and.
Activity Detection in Videos Riu Baring CIS 8590 Perception of Intelligent System Temple University Fall 2007.
EM Algorithm in HMM and Linear Dynamical Systems by Yang Jinsan.
Alignment and classification of time series gene expression in clinical studies Tien-ho Lin, Naftali Kaminski and Ziv Bar-Joseph.
Segmental Hidden Markov Models with Random Effects for Waveform Modeling Author: Seyoung Kim & Padhraic Smyth Presentor: Lu Ren.
Fundamentals of Hidden Markov Model Mehmet Yunus Dönmez.
Using Inactivity to Detect Unusual behavior Presenter : Siang Wang Advisor : Dr. Yen - Ting Chen Date : Motion and video Computing, WMVC.
ADAPTIVE EVENT DETECTION USING TIME-VARYING POISSON PROCESSES Kdd06 University of California, Irvine.
Estimating Activity-Travel Patterns from Cellular Network Data
Copyright © 2010, 2007, 2004 Pearson Education, Inc. All Rights Reserved. Section 5-5 Poisson Probability Distributions.
Learning to Detect Events with Markov-Modulated Poisson Processes Ihler, Hutchins and Smyth (2007)
CSC321: Neural Networks Lecture 16: Hidden Markov Models
Hidden Markovian Model. Some Definitions Finite automation is defined by a set of states, and a set of transitions between states that are taken based.
California Pacific Medical Center
MaskIt: Privately Releasing User Context Streams for Personalized Mobile Applications SIGMOD '12 Proceedings of the 2012 ACM SIGMOD International Conference.
2008 Probability Distributions. Question One Sillicom find from their broadband customer service hotline that 15% of their broadband customers have problems.
Beam Sampling for the Infinite Hidden Markov Model by Jurgen Van Gael, Yunus Saatic, Yee Whye Teh and Zoubin Ghahramani (ICML 2008) Presented by Lihan.
Bayesian Travel Time Reliability
1 Hidden Markov Model Observation : O1,O2,... States in time : q1, q2,... All states : s1, s2,... Si Sj.
1 Hidden Markov Model Presented by Qinmin Hu. 2 Outline Introduction Generating patterns Markov process Hidden Markov model Forward algorithm Viterbi.
Chapter 1: Introduction to Statistics. Variables A variable is a characteristic or condition that can change or take on different values. Most research.
Kalman Filtering And Smoothing
1 Hidden Markov Model Observation : O1,O2,... States in time : q1, q2,... All states : s1, s2,..., sN Si Sj.
Module 25: Confidence Intervals and Hypothesis Tests for Variances for One Sample This module discusses confidence intervals and hypothesis tests.
Gibbs Sampling and Hidden Markov Models in the Event Detection Problem By Marc Sobel.
Hidden Markov Model Parameter Estimation BMI/CS 576 Colin Dewey Fall 2015.
Definition of the Hidden Markov Model A Seminar Speech Recognition presentation A Seminar Speech Recognition presentation October 24 th 2002 Pieter Bas.
Chap 5-1 Chapter 5 Discrete Random Variables and Probability Distributions Statistics for Business and Economics 6 th Edition.
Other Models for Time Series. The Hidden Markov Model (HMM)
A Study on Speaker Adaptation of Continuous Density HMM Parameters By Chin-Hui Lee, Chih-Heng Lin, and Biing-Hwang Juang Presented by: 陳亮宇 1990 ICASSP/IEEE.
How many iterations in the Gibbs sampler? Adrian E. Raftery and Steven Lewis (September, 1991) Duke University Machine Learning Group Presented by Iulian.
Generalization Performance of Exchange Monte Carlo Method for Normal Mixture Models Kenji Nagata, Sumio Watanabe Tokyo Institute of Technology.
The Poisson Probability Distribution
Lec. 38 – Data Through Time / Sequences:
Online Conditional Outlier Detection in Nonstationary Time Series
Inference: Conclusion with Confidence
Variational Bayes Model Selection for Mixture Distribution
An INTRODUCTION TO HIDDEN MARKOV MODEL
Module 22: Proportions: One Sample
Baselining PMU Data to Find Patterns and Anomalies
A Non-Parametric Bayesian Method for Inferring Hidden Causes
Hidden Markov Autoregressive Models
STAT 5372: Experimental Statistics
More about Posterior Distributions
1.
Multidimensional Integration Part I
Particle Filters for Event Detection
Handwritten Characters Recognition Based on an HMM Model
ADVANCED ANOMALY DETECTION IN CANARY TESTING
Statistical based IDS background introduction
Lecture 5 This lecture is about: Introduction to Queuing Theory
Presentation transcript:

Anomaly Detection in the WIPER System using A Markov Modulated Poisson Distribution Ping Yan Tim Schoenharl Alec Pawling Greg Madey

Outline Background WIPER MMPP framework Application Experimental Results Conclusions and Future work

Background Time Series A sequence of observations measured on a continuous time period at time intervals Example: economy (Stock, financial), weather, medical etc… Characteristics Data are not independent Displays underlying trends

WIPER System Wireless Phone-based Emergency Response System Functions Detect possible emergencies Improve situational awareness Cell phone call activities reflect human behavior

Data Characteristics Two cities: Small city A: Population – 20,000 Towers – 4 Large city B: Population – 200,000 Towers – 31 Time Period Jan. 15 – Feb. 12, 2006

Tower Activity Small City (4 Towers)

Tower Activity Large City (31 Towers)

15-Day Time Period Data Small City

15-Day Time Period Data Large City

Observations Overall call activity of a city are more uniform than a single tower Call activity for each day displays similar trend Call activity for each day of the week shares similar behavior

MMPP Modeling : Observed Data : Unobserved Data with normal behavior : Unobserved Data with abnormal behavior Both and can be modulated as a Poisson Process.

Modeling Normal Data Poisson distribution Rate Parameter: a function of time ~

Adding Day/hour effects Associated with Monday, Tuesday … Sunday : Average rate of the Poisson process over one week : Time interval, such as minute, half hour, hour etc

Requirements: : Day effect, indicates the changes over the day of the week : Time of day effect, indicates the changes over the time period j on a given day of i

Day Effect

Time of Day Effect

Prior Distributions for Parameters

Modeling Anomalous Data is also a Poisson process with rate Markov process A(t) is used to determine the existence of anomalous events at time t

Continued Transition probabilities matrix

MMPP ~ HMM Typical HMM (Hidden Markov Model) MMPP (Markov Modulated Poisson Process)

Apply MCMC Forward Recursion Calculate conditional distribution of P( A(t) | N(t) ) Backward Recursion Draw sample of and Draw Transition Matrix from Complete Data

Anomaly Detection Posterior probability of A(t) at each time t is an indicator of anomalies Apply MCMC algorithm: 50 iterations

Results

Continued

Conclusions Cell phone data reflects human activities on hourly, daily scale MMPP provides a method of modeling call activity, and detecting anomalous events

Future Work Apply on longer time period, and investigate monthly and seasonal behavior Implement MMPP model as part of real time system on streaming data Incorporate into WIPER system

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.