2,066 research outputs found
IoT Data Analytics in Dynamic Environments: From An Automated Machine Learning Perspective
With the wide spread of sensors and smart devices in recent years, the data
generation speed of the Internet of Things (IoT) systems has increased
dramatically. In IoT systems, massive volumes of data must be processed,
transformed, and analyzed on a frequent basis to enable various IoT services
and functionalities. Machine Learning (ML) approaches have shown their capacity
for IoT data analytics. However, applying ML models to IoT data analytics tasks
still faces many difficulties and challenges, specifically, effective model
selection, design/tuning, and updating, which have brought massive demand for
experienced data scientists. Additionally, the dynamic nature of IoT data may
introduce concept drift issues, causing model performance degradation. To
reduce human efforts, Automated Machine Learning (AutoML) has become a popular
field that aims to automatically select, construct, tune, and update machine
learning models to achieve the best performance on specified tasks. In this
paper, we conduct a review of existing methods in the model selection, tuning,
and updating procedures in the area of AutoML in order to identify and
summarize the optimal solutions for every step of applying ML algorithms to IoT
data analytics. To justify our findings and help industrial users and
researchers better implement AutoML approaches, a case study of applying AutoML
to IoT anomaly detection problems is conducted in this work. Lastly, we discuss
and classify the challenges and research directions for this domain.Comment: Published in Engineering Applications of Artificial Intelligence
(Elsevier, IF:7.8); Code/An AutoML tutorial is available at Github link:
https://github.com/Western-OC2-Lab/AutoML-Implementation-for-Static-and-Dynamic-Data-Analytic
AIDPS:Adaptive Intrusion Detection and Prevention System for Underwater Acoustic Sensor Networks
Underwater Acoustic Sensor Networks (UW-ASNs) are predominantly used for
underwater environments and find applications in many areas. However, a lack of
security considerations, the unstable and challenging nature of the underwater
environment, and the resource-constrained nature of the sensor nodes used for
UW-ASNs (which makes them incapable of adopting security primitives) make the
UW-ASN prone to vulnerabilities. This paper proposes an Adaptive decentralised
Intrusion Detection and Prevention System called AIDPS for UW-ASNs. The
proposed AIDPS can improve the security of the UW-ASNs so that they can
efficiently detect underwater-related attacks (e.g., blackhole, grayhole and
flooding attacks). To determine the most effective configuration of the
proposed construction, we conduct a number of experiments using several
state-of-the-art machine learning algorithms (e.g., Adaptive Random Forest
(ARF), light gradient-boosting machine, and K-nearest neighbours) and concept
drift detection algorithms (e.g., ADWIN, kdqTree, and Page-Hinkley). Our
experimental results show that incremental ARF using ADWIN provides optimal
performance when implemented with One-class support vector machine (SVM)
anomaly-based detectors. Furthermore, our extensive evaluation results also
show that the proposed scheme outperforms state-of-the-art bench-marking
methods while providing a wider range of desirable features such as scalability
and complexity
Development and evaluation of a fault detection and identification scheme for the WVU YF-22 UAV using the artificial immune system approach
A failure detection and identification (FDI) scheme is developed for a small remotely controlled jet aircraft based on the Artificial Immune System (AIS) paradigm. Pilot-in-the-loop flight data are used to develop and test a scheme capable of identifying known and unknown aircraft actuator and sensor failures. Negative selection is used as the main mechanism for self/non-self definition; however, an alternative approach using positive selection to enhance performance is also presented. Tested failures include aileron and stabilator locked at trim and angular rate sensor bias. Hyper-spheres are chosen to represent detectors. Different definitions of distance for the matching rules are applied and their effect on the behavior of hyper-bodies is discussed. All the steps involved in the creation of the scheme are presented including design selections embedded in the different algorithms applied to generate the detectors set. The evaluation of the scheme is performed in terms of detection rate, false alarms, and detection time for normal conditions and upset conditions. The proposed detection scheme achieves good detection performance for all flight conditions considered. This approach proves promising potential to cope with the multidimensional characteristics of integrated/comprehensive detection for aircraft sub-system failures.;A preliminary performance comparison between an AIS based FDI scheme and a Neural Network and Floating Threshold based one is presented including groundwork on assessing possible improvements on pilot situational awareness aided by FDI schemes. Initial results favor the AIS approach to FDI due to its rather undemanding adaptation capabilities to new environments. The presence of the FDI scheme suggests benefits for the interaction between the pilot and the upset conditions by improving the accuracy of the identification of each particular failure and decreasing the detection delays
Adaptive Anomaly Detection via Self-Calibration and Dynamic Updating
The deployment and use of Anomaly Detection (AD) sensors often requires the intervention of a human expert to manually calibrate and optimize their performance. Depending on the site and the type of traffic it receives, the operators might have to provide recent and sanitized training data sets, the characteristics of expected traffic (i.e. outlier ratio), and exceptions or even expected future modifications of system's behavior. In this paper, we study the potential performance issues that stem from fully automating the AD sensors' day-to-day maintenance and calibration. Our goal is to remove the dependence on human operator using an unlabeled, and thus potentially dirty, sample of incoming traffic. To that end, we propose to enhance the training phase of AD sensors with a self-calibration phase, leading to the automatic determination of the optimal AD parameters. We show how this novel calibration phase can be employed in conjunction with previously proposed methods for training data sanitization resulting in a fully automated AD maintenance cycle. Our approach is completely agnostic to the underlying AD sensor algorithm. Furthermore, the self-calibration can be applied in an online fashion to ensure that the resulting AD models reflect changes in the system's behavior which would otherwise render the sensor's internal state inconsistent. We verify the validity of our approach through a series of experiments where we compare the manually obtained optimal parameters with the ones computed from the self-calibration phase. Modeling traffic from two different sources, the fully automated calibration shows a 7.08% reduction in detection rate and a 0.06% increase in false positives, in the worst case, when compared to the optimal selection of parameters. Finally, our adaptive models outperform the statically generated ones retaining the gains in performance from the sanitization process over time
The dendritic cell algorithm for intrusion detection
As one of the solutions to intrusion detection problems, Artificial Immune
Systems (AIS) have shown their advantages. Unlike genetic algorithms, there is
no one archetypal AIS, instead there are four major paradigms. Among them, the
Dendritic Cell Algorithm (DCA) has produced promising results in various
applications. The aim of this chapter is to demonstrate the potential for the
DCA as a suitable candidate for intrusion detection problems. We review some of
the commonly used AIS paradigms for intrusion detection problems and
demonstrate the advantages of one particular algorithm, the DCA. In order to
clearly describe the algorithm, the background to its development and a formal
definition are given. In addition, improvements to the original DCA are
presented and their implications are discussed, including previous work done on
an online analysis component with segmentation and ongoing work on automated
data preprocessing. Based on preliminary results, both improvements appear to
be promising for online anomaly-based intrusion detection.Comment: Bio-Inspired Communications and Networking, IGI Global, 84-102, 201
'Immune System Approaches to Intrusion Detection - A Review'
Abstract. The use of artificial immune systems in intrusion detection is
an appealing concept for two reasons. Firstly, the human immune system
provides the human body with a high level of protection from invading
pathogens, in a robust, self-organised and distributed manner. Secondly,
current techniques used in computer security are not able to cope with
the dynamic and increasingly complex nature of computer systems and their security. It is hoped that biologically inspired approaches in this area, including the use of immune-based systems will be able to meet this challenge. Here we collate the algorithms used, the development of the systems and the outcome of their implementation. It provides an introduction and review of the key developments within this field, in addition to making suggestions for future research
- …