Skip to main content
SpringerLink
Log in

Anomaly Detection in the HVAC System Operation by a RadViz Based Visualization-Driven Approach

  • Conference paper
  • First Online:
Computer Security (CyberICPS 2019, SECPRE 2019, SPOSE 2019, ADIoT 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11980))

Abstract

The appearance of the smart houses, buildings, and cities has defined new attack scenarios targeting industrial information systems. The paper suggests a visualization-driven approach to the analysis of the data from heating, ventilating and conditioning system (HVAC). The key element of the approach is the RadViz visualization that is used to form daily operation patterns and can detect suspicious deviations that could be the signs of fraudulent activity in the system. It is supplemented by a matrix-based representation of the HVAC parameters that is constructed in the way that allows highlighting changes in values of parameters being analyzed. The distinctive feature of the proposed visualization models is the ability to display data from different data sources. To demonstrate and evaluate the efficiency of the proposed approach we used the VAST MiniChallenge-2 2016 data set that contains logs from the HVAC system and the access control system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Ciholas, P., Lennie, A., Sadigova, P., Such, J.M.: The security of smart buildings: a systematic literature review. https://arxiv.org/abs/1901.05837v3. Accessed 28 Jan 2019

  2. Mirsky, Y., Guri, M., Elovici, Y.: HVACKer: bridging the air-gap by attacking the air conditioning system https://arxiv.org/abs/1703.10454. Accessed 9 Aug 2019

  3. Mundt, P., Wickboldt, P.: Security in building automation systems-a first analysis. In: International Conference On Cyber Security And Protection of Digital Services (Cyber Security), pp. 1–8. IEEE (2016)

    Google Scholar 

  4. Caviglione, L., Lalande, J.-F., Mazurczyk, W., Wendzel, S.: Analysis of human awareness of security and privacy threats in smart environments. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2015. LNCS, vol. 9190, pp. 165–177. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-20376-8_15

    Chapter  Google Scholar 

  5. Truong, H., Francisco, A., Khosrowpour, A., Taylor, J.E., Mohammadi, N.: Method for visualizing energy use in building information models. Energy Proc. 142, 2541–2546 (2017). https://doi.org/10.1016/j.egypro.2017.12.089

    Article  Google Scholar 

  6. Palm, J., Ellegård, K.: Visualizing energy consumption activities as a tool for developing effective policy. Int. J. Consum. Stud. (2011). https://doi.org/10.1111/j.1470-6431.2010.00974.x

    Article  Google Scholar 

  7. Abdelalim, A., O’Brien, W., Shi, Z.: Development of sankey diagrams to visualize real HVAC performance. Energy Build. 149, 282–297 (2017). https://doi.org/10.1016/j.enbuild.2017.05.040

    Article  Google Scholar 

  8. Janetzko, H., Stoffel, F., Mittelstädt, A., Keim, D.A.: Anomaly detection for visual analytics of power consumption data. Comput. Graph. (2014). https://doi.org/10.1016/j.cag.2013.10.006

    Article  Google Scholar 

  9. Novikova, E.S., Murenin, I.N., Shorov, A.V.: Visualizing anomalous activity in the movement of critical infrastructure employees. In: Proceedings of IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus), St. Petersburg, pp. 504–509 (2017)

    Google Scholar 

  10. Novikova, E., Kotenko, I.: Analytical visualization techniques for security information and event management. In: Proceedings of 21st Euromicro International Conference on Parallel, Distributed, and Network-Based Processing Belfast, Ireland, pp. 519–525 (2013)

    Google Scholar 

  11. Kolomeets, M., Chechulin, A., Kotenko, I., Chevalier, Y.: A visual analytics approach for the cyber forensics based on different views of the network traffic. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. 9(2), 57–73 (2018)

    Google Scholar 

  12. Song, H., Muelder, C.W., Ma, K.-L.: Crucial nodes centric visual monitoring and analysis of computer networks. In: Proceedings of the 2012 International Conference on Cyber Security (CYBERSECURITY 2012). IEEE Computer Society, Washington (2012) https://doi.org/10.1109/CyberSecurity.2012.9

  13. Zhao, Y., Zhou, F., Fan, X.: A real-time visualization framework for IDS alerts. In: Proceedings of the 5th International Symposium on Visual Information Communication and Interaction (VINCI 2012). ACM, New York (2012) https://doi.org/10.1145/2397696.2397698

  14. Arendt, D.L., et al.: Ocelot: user-centered design of a decision support visualization for network quarantine. In: Proceedings of 2015 IEEE Symposium on Visualization for Cyber Security (VizSec), Chicago, IL (2015). https://doi.org/10.1109/VIZSEC.2015.7312763

  15. Chen, S., Guo, C., Yuan, X., Merkle, F., Schaefer, H., Ertl, T.: OCEANS: online collaborative explorative analysis on network security. In: Proceedings of the Eleventh Workshop on Visualization for Cyber Security (VizSec 2014). ACM, New York (2014). https://doi.org/10.1145/2671491.267149

  16. Humphries, C., Prigent, N., Bidan, C.E., Majorczyk, F.: CORGI: combination, organization and reconstruction through graphical interactions. In: Proceedings of the Eleventh Workshop on Visualization for Cyber Security (VizSec 2014). ACM, New York (2014). https://doi.org/10.1145/2671491.2671494

  17. Cappers, B.C.M., van Wijk, J.: SNAPS: semantic network traffic analysis through projection and selection. In: Proceedings of the IEEE Symposium on Visualization for Cyber Security (VizSec 2015), pp. 1–8 (2015). https://doi.org/10.1109/VIZSEC.2015.7312768

  18. Landstorfer, J., Herrmann, I., Stange, J., Dork, M., Wettach, R.: Weaving a carpet from log entries: a network security visualization built with cocreation. In: Proceedings of Visual Analytics Science and Technology (VAST). IEEE (2014)

    Google Scholar 

  19. Mansmann, F., Meier, L., Keim, D.A.: Visualization of host behavior for network security. In: Goodall, J.R., Conti, G., Ma, K.L. (eds.) VizSEC 2007. Mathematics and Visualization, pp. 187–202. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78243-8_13

    Chapter  Google Scholar 

  20. Novikova, E., Kotenko, I.: Visual analytics for detecting anomalous activity in mobile money transfer services. In: Teufel, S., Min, T.A., You, I., Weippl, E. (eds.) CD-ARES 2014. LNCS, vol. 8708, pp. 63–78. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10975-6_5

    Chapter  Google Scholar 

  21. Ankerst, M., Berchtold, S., Keim, D.A.: Similarity clustering of dimensions for an enhanced visualization of multidimensional data. In: Proceedings 1998 IEEE Symposium on Information Visualization (INFOVIS 1998), pp. 52–60. IEEE Computer Society (1998)

    Google Scholar 

  22. Hout, M.C., Papesh, M.H., Goldinger, S.D.: Multidimensional scaling. WIREs Cogn. Sci. 4, 93–103. https://doi.org/10.1002/wcs.1203

    Google Scholar 

  23. van der Maaten, L.J.P., Hinton, G.E.: Visualizing high-dimensional data using t-SNE. J. Mach. Learn. Res. 9(Nov), 2579–2605 (2008)

    MATH  Google Scholar 

  24. Kohonen, T., Honkela, T.: Kohonen network. Scholarpedia 2(1), 1568 (2007)

    Article  Google Scholar 

  25. Di Caro, L., Frias-Martinez, V., Frias-Martinez, E.: Analyzing the role of dimension arrangement for data visualization in radviz. In: Zaki, M.J., Yu, J.X., Ravindran, B., Pudi, V. (eds.) PAKDD 2010. LNCS, vol. 6119, pp. 125–132. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13672-6_13

    Chapter  Google Scholar 

  26. Ester, M., Kriegel, H.-P., Sander, J., Xu, X.: A density-based algorithm for discovering clusters a density-based algorithm for discovering clusters in large spatial databases with noise. In: Simoudis, E., Han, J., Fayyad, U. (eds.) Proceedings of the Second International Conference on Knowledge Discovery and Data Mining (KDD 1996), pp. 226–231. AAAI Press (1996)

    Google Scholar 

  27. Vast Challenge Homepage. http://vacommunity.org/. Accessed 10 Aug 2019

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Saint Petersburg Electrotechnical University “LETI”, Professora Popova Str. 5, Saint-Petersburg, Russia

    Evgenia Novikova & Mikhail Bestuzhev

  2. Laboratory of Computer Security Problems Saint Petersburg Institute for Informatics and Automation (SPIIRAS), Saint-Petersburg, Russia

    Igor Kotenko

Authors
  1. Evgenia Novikova
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mikhail Bestuzhev
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Igor Kotenko
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Evgenia Novikova .

Editor information

Editors and Affiliations

  1. Open University of Cyprus, Latsia, Cyprus

    Sokratis Katsikas

  2. IMT Atlantique, Brest, France

    Frédéric Cuppens

  3. IMT Atlantique, Brest, France

    Nora Cuppens

  4. University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

  5. University of the Aegean, Mytilene, Greece

    Christos Kalloniatis

  6. University of Toronto, Toronto, ON, Canada

    John Mylopoulos

  7. Georgia Institute of Technology, Atlanta, GA, USA

    Annie Antón

  8. University of Piraeus, Piraeus, Greece

    Stefanos Gritzalis

  9. Technical University of Berlin, Berlin, Germany

    Frank Pallas

  10. Alexander von Humboldt Institute for Internet and Society, Berlin, Germany

    Jörg Pohle

  11. Ruhr University Bochum, Bochum, Germany

    Angela Sasse

  12. Technical University of Denmark, Kongens Lyngby, Denmark

    Weizhi Meng

  13. University of Plymouth, Plymouth, UK

    Steven Furnell

  14. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Novikova, E., Bestuzhev, M., Kotenko, I. (2020). Anomaly Detection in the HVAC System Operation by a RadViz Based Visualization-Driven Approach. In: Katsikas, S., et al. Computer Security. CyberICPS SECPRE SPOSE ADIoT 2019 2019 2019 2019. Lecture Notes in Computer Science(), vol 11980. Springer, Cham. https://doi.org/10.1007/978-3-030-42048-2_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-42048-2_26

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-42047-5

  • Online ISBN: 978-3-030-42048-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation