A performance study of anomaly detection using entropy method
This is an incremental improvement for anomaly detection in distributed sensor networks where sensor data lacks correlation.
The study compared entropy-based anomaly detection with elliptical methods on temperature and humidity sensor data from 52 microcontrollers, finding that the entropy method detected more out-of-range sensor nodes due to its independence from correlation requirements.
An experiment to study the entropy method for an anomaly detection system has been performed. The study has been conducted using real data generated from the distributed sensor networks at the Intel Berkeley Research Laboratory. The experimental results were compared with the elliptical method and has been analyzed in two dimensional data sets acquired from temperature and humidity sensors across 52 micro controllers. Using the binary classification to determine the upper and lower boundaries for each series of sensors, it has been shown that the entropy method are able to detect more number of out ranging sensor nodes than the elliptical methods. It can be argued that the better result was mainly due to the lack of elliptical approach which is requiring certain correlation between two sensor series, while in the entropy approach each sensor series is treated independently. This is very important in the current case where both sensor series are not correlated each other.