Anomaly detection in industrial control and cyber-physical systems has gained much attention over the past years due to the increasing modernisation and exposure of industrial environments. Current dangers to the conn...
详细信息
Anomaly detection in industrial control and cyber-physical systems has gained much attention over the past years due to the increasing modernisation and exposure of industrial environments. Current dangers to the connected industry include the theft of industrial intellectual property, denial of service, or the compromise of cloud components;all of which might result in a cyber-attack across the operational network. However, most scientific work employs device logs, which necessitate substantial understanding and preprocessing before they can be used in anomaly detection. In this paper, we propose a network intrusion detection system (NIDS) architecture based on a deep autoencoder trained on network flow data, which has the advantage of not requiring prior knowledge of the network topology or its underlying architecture. Experimental results show that the proposed model can detect anomalies, caused by distributed denial of service attacks, providing a high detection rate and low false alarms, outperforming the state-of-the-art and a baseline model in an unsupervised learning environment. Furthermore, the deep autoencoder model can detect abnormal behaviour in legitimate devices after an attack. We also demonstrate the suitability of the proposed NIDS in a real industrial plant from the alimentary sector, analysing the false positive rate and the viability of the data generation, filtering and preprocessing procedure for a near real time scenario. The suggested NIDS architecture is a low-cost solution that uses only fifteen network-based features, requires minimal processing, operates in unsupervised mode, and is straightforward to deploy in real-world scenarios.
Machine learning is becoming an increasingly popular approach for investigating spatially distributed and subtle neuroanatomical alterations in brain-based disorders. However, some machine learning models have been cr...
详细信息
Machine learning is becoming an increasingly popular approach for investigating spatially distributed and subtle neuroanatomical alterations in brain-based disorders. However, some machine learning models have been criticized for requiring a large number of cases in each experimental group, and for resembling a black box that provides little or no insight into the nature of the data. In this article, we propose an alternative conceptual and practical approach for investigating brain-based disorders which aim to overcome these limitations. We used an artificial neural network known as deep autoencoder to create a normative model using structural magnetic resonance imaging data from 1,113 healthy people. We then used this model to estimate total and regional neuroanatomical deviation in individual patients with schizophrenia and autism spectrum disorder using two independent data sets (n =263). We report that the model was able to generate different values of total neuroanatomical deviation for each disease under investigation relative to their control group (p <.005). Furthermore, the model revealed distinct patterns of neuroanatomical deviations for the two diseases, consistent with the existing neuroimaging literature. We conclude that the deep autoencoder provides a flexible and promising framework for assessing total and regional neuroanatomical deviations in neuropsychiatric populations.
Image retrieval with relevant feedback on large and high-dimensional image databases is a challenging task. In this paper, we propose an image retrieval method, called BCFIR (Binary Codes for Fast Image Retrieval). BC...
详细信息
Image retrieval with relevant feedback on large and high-dimensional image databases is a challenging task. In this paper, we propose an image retrieval method, called BCFIR (Binary Codes for Fast Image Retrieval). BCFIR utilizes sparse discriminant analysis to select the most important original feature set, and solve the small class problem in the relevance feedback. Besides, to increase the retrieval performance on large-scale image databases, in addition to BCFIR mapping real-valued features to short binary codes, it also applies a bagging learning strategy to improve the ability general capabilities of autoencoders. In addition, our proposed method also takes advantage of both labeled and unlabeled samples to improve the retrieval precision. The experimental results on three databases demonstrate that the proposed method obtains competitive precision compared with other state-of-the-art image retrieval methods.
Machine learning techniques for network-based intrusion detection often assume that network traffic does not change over time or that model updates can be easily performed. This paper proposes a novel, reminiscent int...
详细信息
ISBN:
(纸本)9781728181042
Machine learning techniques for network-based intrusion detection often assume that network traffic does not change over time or that model updates can be easily performed. This paper proposes a novel, reminiscent intrusion detection model based on deep autoencoders and transfer learning to ease the model update burden in a twofold implementation. First, a deep autoencoder is used as an additional feature extraction stage to obtain a historical feature representation of network traffic. Second, at model updates, the deep autoencoder parameters are updated through a transfer learning procedure, thus, significantly decreasing the amount of needed labeled training data and the computational costs. Experiments performed on a 8TB dataset containing real and valid network traffic ranging for one year have shown that approaches in the literature cannot handle with the network traffic behavior changes over time, requiring impractical amounts of labeled data to be provided during model training tasks. In addition, if no model updates are performed, the proposed scheme can improve the true-negative rate by up to 23.9%. If done so, it can provide similar accuracy rates of traditional techniques while demanding only 22% of labeled training data and 28% of computational costs.
Heating, Ventilation, and Air Conditioning (HVAC) systems are generally built in a modular manner, comprising several identical subsystems in order to achieve their nominal capacity. These parallel subsystems and elem...
详细信息
ISBN:
(纸本)9783319651729;9783319651712
Heating, Ventilation, and Air Conditioning (HVAC) systems are generally built in a modular manner, comprising several identical subsystems in order to achieve their nominal capacity. These parallel subsystems and elements should have the same behavior and, therefore, differences between them can reveal failures and inefficiency in the system. The complexity in HVAC systems comes from the number of variables involved in these processes. For that reason, dimensionality reduction techniques can be a useful approach to reduce the complexity of the HVAC data and study their operation. However, for most of these techniques, it is not possible to project new data without retraining the projection and, as a result, it is not possible to easily compare several projections. In this paper, a method based on deep autoencoders is used to create a reference model with a HVAC system and new data is projected using this model to be able to compare them. The proposed approach is applied to real data from a chiller with 3 identical compressors at the Hospital of Leon.
In the field of anomaly detection, anomalies are usually very rare compared with normal samples, which is not conducive to the construction of anomaly detection model. In this paper, we propose a semi-supervised anoma...
详细信息
ISBN:
(数字)9781510634107
ISBN:
(纸本)9781510634107
In the field of anomaly detection, anomalies are usually very rare compared with normal samples, which is not conducive to the construction of anomaly detection model. In this paper, we propose a semi-supervised anomaly detection algorithm based on deep autoencoder. With this algorithm, only normal samples are needed to train anomaly detection model. To improve the robustness of the algorithm, Bagging ensemble method is used to train and combine multiple deep autoencoders. In the process of Bagging, dynamic threshold for anomaly detection is applied to increase the diversity of individual autoencoder. Compared with other semi-supervised methods including one-class SVM, SOM and K-Means, our proposed method has obvious superiority in the behavior of anomaly detection.
In recent years, the malicious insider threat has become one of the most significant cyber security threats that an organisation can be subject to. Due to an insider's natural ability to evade deployed information...
详细信息
ISBN:
(纸本)9781538692882
In recent years, the malicious insider threat has become one of the most significant cyber security threats that an organisation can be subject to. Due to an insider's natural ability to evade deployed information security mechanisms such as firewalls and endpoint protections, the detection of an insider threat can be challenging. Moreover, compared to the volume of audit data that an organization collects for the purpose of intrusion/anomaly detection, the digital footprint left by a malicious insider's action can be minuscule. To detect insider threats from large and complex audit data, in this paper, we propose a detection system that implements anomaly detection using an ensemble of deep autoencoders. Each autoencoder in the ensemble is trained using a certain category of audit data, which represents a user's normal behaviour accurately. The reconstruction error obtained between the original and the decoded data is used to measure whether any behaviour is anomalous or not. After the data has been processed by the individually trained autoencoders and the respective reconstruction errors obtained, a joint decision-making mechanism is used to report a user's overall maliciousness score. Numerical experiments are conducted using a benchmark dataset for insider threat detection. Results indicate that the proposed detection system is able to detect all of the malicious insider actions with a reasonable false positive rate.
Malware attacks in the cyber world continue to increase despite the efforts of Malware analysts to combat this problem. Recently, Malware samples have been presented as binary sequences and assembly codes. However, mo...
详细信息
ISBN:
(纸本)9781665493895
Malware attacks in the cyber world continue to increase despite the efforts of Malware analysts to combat this problem. Recently, Malware samples have been presented as binary sequences and assembly codes. However, most researchers focus only on the raw Malware sequence in their proposed solutions, ignoring that the assembly codes may contain important details that enable rapid Malware detection. In this work, we leveraged the capabilities of deep autoencoders to investigate the presence of feature disparities in the assembly and raw binary Malware samples. First, we treated the task as outliers to investigate whether the autoencoder would identify and justify features as samples from the same family. Second, we added noise to all samples and used deep autoencoder to reconstruct the original samples by denoising. Experiments with the Microsoft Malware dataset showed that the byte samples' features differed from the assembly code samples.
Soil liquefaction assessment remains a crucial and complex challenge in seismic geotechnical engineering due to various liquefaction records and limited information, which entails a more generalized off-the-shelf mode...
详细信息
Soil liquefaction assessment remains a crucial and complex challenge in seismic geotechnical engineering due to various liquefaction records and limited information, which entails a more generalized off-the-shelf model that can achieve favourable performance on different data sources. In this work, a deep learning model is built and investigated on the soil liquefaction prediction and a modified transfer learning scheme between different data sources is presented. Various datasets, including shear wave velocity-based, CPT-based, SPT-based, and real cases, are collected and utilized to verify the effectiveness and accuracy of the proposed model. Because different data sources in soil liquefaction generally share several geotechnical and mechanical parameters, we work to combine model prior information, feature mapping and data reconstruction in transfer learning models to tackle multi-source domain adaption, which can be further applied to other predictive analysis and facilitate online learning models in geotechnical engineering. Also, the deep learning model is compared with several classical machine learning and ensemble learning models and the modified transfer learning model is formulated by comparing different feature transformation techniques integrated with various feature-based and instance-based transfer learning methods. The accuracy and effectiveness of the deep learning and modified transfer learning models have been validated in the numerical study.
For a single-structure deep learning fault diagnosis model,its disadvantages are an insufficient feature extraction and weak fault classification *** paper proposes a multi-scale deep feature fusion intelligent fault ...
详细信息
For a single-structure deep learning fault diagnosis model,its disadvantages are an insufficient feature extraction and weak fault classification *** paper proposes a multi-scale deep feature fusion intelligent fault diagnosis method based on information ***,a normal autoencoder,denoising autoencoder,sparse autoencoder,and contractive autoencoder are used in parallel to construct a multi-scale deep neural network feature extraction structure.A deep feature fusion strategy based on information entropy is proposed to obtain low-dimensional features and ensure the robustness of the model and the quality of deep ***,the advantage of the deep belief network probability model is used as the fault classifier to identify the *** effectiveness of the proposed method was verified by a gearbox *** results show that,compared with traditional and existing intelligent fault diagnosis methods,the proposed method can obtain representative information and features from the raw data with higher classification accuracy.
暂无评论