Anomaly Detection Based on Multiple Streams Clustering for Train Real-Time Ethernet

Anomaly Detection Based on Multiple Streams Clustering for Train Real-Time Ethernet

With the increasing traffic of train communication network (TCN), real-time Ethernet becomes the development trend. However, Train Control and Management System (TCMS) is inevitably faced with more security threats than before because of the openness of Ethernet communication protocol. It is necessa...

Full description

Bibliographic Details
Main Authors: Jing Liu*, Yunjuan Peng, Dalin Zhang
Format: Article
Language:English
Published: Faculty of Mechanical Engineering in Slavonski Brod, Faculty of Electrical Engineering in Osijek, Faculty of Civil Engineering in Osijek 2021-01-01
Series:Tehnički Vjesnik
Subjects:
anomaly detection
decay window
multiple streams
real-time Ethernet
Online Access:https://hrcak.srce.hr/file/379505
Description
Summary:With the increasing traffic of train communication network (TCN), real-time Ethernet becomes the development trend. However, Train Control and Management System (TCMS) is inevitably faced with more security threats than before because of the openness of Ethernet communication protocol. It is necessary to introduce effective security mechanism into TCN. Therefore, we propose a train real-time Ethernet anomaly detection system (TREADS). TREADS introduces a multiple streams clustering algorithm to realize anomaly detection, which considers the correlation between the data dimensions and adopts the decay window to pay more attention to the recent data. In the experiment, the reliability of TREADS is tested based on the TRDP data set collected from the real network environment, and the models of anomaly detection algorithms are established for evaluation. Experimental results show that TREADS can provide a high reliability guarantee, besides, the algorithm can detect and analyze network anomalies more efficiently and accurately.
ISSN:1330-3651
1848-6339

Similar Items