Detecting anomalies in BACnet network data

Over the last few years, the volume of data in the Building Automation System (BAS) networks has increased exponentially. Nowadays, it is possible to obtain several kinds of data from building networks such as data based on individual service type, specific building location and even specific time of the day. As a consequence, large volumes of data with more variables have to be considered when performing the data analysis. This means that there is a need to identify the most important variables for analysis. In this paper, we introduce a framework which allows the characterization of BACnet network traffic data by means of machine learning techniques. This framework is based on unsupervised machine learning methods, specifically, Principal Components Analysis and Clustering. Such methods are used because of the large volume of data that needs to be taken into consideration, preventing the manual labeling of the data which is required for supervised learning methods. We show the efficiency and effectiveness of the framework in detecting anomalies by performing experiments on different BACnet network traffic data, captured by Wireshark, together with synthetically generated data.

Tonejc, Jernej; Kaur, Jaspreet; Kobekova, Alexandra (2016): Detecting anomalies in BACnet network data. Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-650-3. pp. 253-264. Bonn. 5.-7. April 2016

Sammlungen

P256 - Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit

Komplettanzeige

Detecting anomalies in BACnet network data

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen