Wireless sensor networks are often distributed
which makes detection of cyber-attacks or misconfiguration hard.
Topology and data patterns change may result from attacks
leading to the compromise of data and service availability or
indicate operational problems. Graphs are often used to model
topology and data paths to describe and compare state of a
system. For anomaly detection, the definition of normal patterns,
deviation from normal, and criteria when to declare anomaly
are required. In this contribution the process of acquisition of
normal patterns (ground truth), and criteria when to declare
anomaly based on graph comparison are proposed. The anomaly
detection is suitable for deployment at the edge of a network.
Finally, the inability to define all security threats is addressed
by a custom tree-based classifier which only requires normal
patterns for training. A simulated wireless sensor network was
used to acquire data and apply the method. Our experiments
show that data and topology change can be detected at the edge
of a network.
Original languageEnglish
Number of pages8
Publication statusPublished - 16 Jul 2021
EventEmerging Topics in Sensor Networks: (a joint event of the SmaCE, WPSN, REFRESH) -
Duration: 14 Jul 202116 Jul 2021


WorkshopEmerging Topics in Sensor Networks
Internet address


  • Anomaly detection
  • Machine learning
  • Sensor networks
  • Data pattern
  • Topology
  • Graph
  • Cyber-security
  • Fault detection


Dive into the research topics of 'Anomaly detection of data and topology patterns in WSNs'. Together they form a unique fingerprint.

Cite this