Anomaly detection

Context

IT security

Problem

The elevators at an international airport are connected to the internet for support and monitoring reasons. To ensure this system is robust against cyber attacks our client monitors the internet traffic that reaches the elevator. There’s a huge amount of encrypted data that follows a regular pattern when the elevator is functioning normally. When there’s a cyber attack the data stream shows different patterns, however it’s difficult to predict what these patterns will look like and due to the volume of data it’s impossible for humans to manually monitor it.

Solution

We trained an AI model to detect changes in the data stream that fall outside of the regular pattern. By using an unsupervised machine learning approach we did not need labeled examples of previous attacks and the model is robust to data patterns that it has not seen yet. Once the model was trained it was deployed on lightweight servers which allowed it to scale easily.

Results

Over 500 elevators can now be monitored by one IT Security Officer and the Officer will only need to investigate the elevator data more closely when an anomaly is detected. This results in more security and less operational costs.