The NTIS website and supporting ordering systems are undergoing a major upgrade from 8PM on September 25th through approximately October 6. During that time, much of the functionality, including subscription and product ordering, shipping, etc., will not be available. You may call NTIS at 1-800-553-6847 or (703) 605-6000 to place an order but you should expect delayed shipment. Please do NOT include credit card numbers in any email you might send NTIS.
Documents in the NTIS Technical Reports collection are the results of federally funded research. They are directly submitted to or collected by NTIS from Federal agencies for permanent accessibility to industry, academia and the public.  Before purchasing from NTIS, you may want to check for free access from (1) the issuing organization's website; (2) the U.S. Government Printing Office's Federal Digital System website; (3) the federal government Internet portal; or (4) a web search conducted using a commercial search engine such as
Accession Number ADA581703
Title Optimal Index Policies for Quickest Localization of Anomaly in Resource- Constrained Cyber Networks.
Publication Date 2013
Media Count 16p
Personal Author A. Swami K. Cohen Q. Zhao
Abstract We consider the problem of quickest localization of anomaly in a resource-constrained cyber network consisting of multiple components. Due to resource constraints, only one component can be probed at a time. The observations are random realizations drawn from two different distributions depending on whether the component is normal or anomalous. Components are assigned priorities. Components with higher priorities in an abnormal state should be fixed before components with lower priorities to reduce the overall damage to the network. We formulate the problem as a priority-based constrained optimization problem. The objective is to minimize the expected weighted sum of completion times of abnormal components subject to error probability constraints. We then propose a two-stage optimization formulation to solve the problem. First, we consider the independent model, in which each component is abnormal independent of other components. Next, we consider the exclusive model, in which only one component is abnormal. We develop optimal index policies under both models. Optimal low-complexity algorithms are derived for the simple hypotheses case, in which the distribution is completely known under both hypotheses. Asymptotically (as the error probability approaches zero) optimal low-complexity algorithms are derived for the composite hypotheses case, where there is uncertainty in the distribution parameters. Simulation results demonstrate the performance of the algorithms.
Keywords Algorithms
Anomaly detection
Anomaly localization
Computer networks
Computerized simulation
Constrained optimization problems
Intrusion detection systems
Intrusion detection(Computers)
Low-complexity algorithms
Maximum likelihood estimation
Optimal index policies
Problem solving
Quick reaction
Resource-constrained cyber networks
Salrt(Sequential adaptive likelihood ratio test)
Sequential detection theory
Sequential hypothesis testing
Sglrt(Sequential generalized likelihood ratio test)
Sprt(Sequential probability ratio test)
Statistical analysis

Source Agency Non Paid ADAS
NTIS Subject Category 72F - Statistical Analysis
62D - Information Processing Standards
Corporate Author California Univ., Davis. Dept. of Electrical and Computer Engineering.
Document Type Technical report
Title Note Research paper.
NTIS Issue Number 1325
Contract Number W911NF-1-12-0086

Science and Technology Highlights

See a sampling of the latest scientific, technical and engineering information from NTIS in the NTIS Technical Reports Newsletter

Acrobat Reader Mobile    Acrobat Reader