XPySom: High-performance self-organizing maps

In this paper, we introduce XPySom, a new open-source Python implementation of the well-known Self-Organizing Maps (SOM) technique. It is designed to achieve high performance on a single node, exploiting widely available Python libraries for vector processing on multi-core CPUs and GP-GPUs. We present results from an extensive experimental evaluation of XPySom in comparison to widely used open-source SOM implementations, showing that it outperforms the other available alternatives. Indeed, our experimentation carried out using the Extended MNIST open data set shows a speed-up of about 7x and 100x when compared to the best open-source multi-core implementations we could find with multi-core and GP-GPU acceleration, respectively, achieving the same accuracy levels in terms of quantization error

Implementation of Weighted Centroid Neural Network for Edge Preserving Image Compression

Image compression is a type of data compression applied to images. The objective of image compression is to reduce the cost for storage or transmission. Image compression is associated with removing redundant information of image data. Image storage is required for several purposes like document, medical images, etc. In this paper, an edge preserving image compression algorithm based on an unsupervised competitive neural network called weighted centroid neural network (WCNN), is implemented and compared to the other algorithms. The WCNN algorithm allots more representative vectors from the edges of the image than the interior of the image thus helping in better edge preservation of the reconstructed image. After experimenting with the cluster count it is evident that with the increase in the number of cluster the quality of the picture is improved, which is the expected behavior as more clusters leads to more representational vectors

Are Machine Learning Based Intrusion Detection System Always Secure?:An insight into tampered learning

Machine learning is successful in many applications including securing a network from unseen attack. The application of learning algorithm for detecting anomaly in a Network has been fundamental since few years. With increasing use of machine learning techniques it has become important to study to what extent it is good to be dependent on them. Altogether a different discipline called ‘Adversarial Learning’ have come up as a separate dimension of study. The work in this paper is to test the robustness of online machine learning based IDS to carefully crafted packets by attacker called poison packets. The objective is to observe how a remote attacker can deviate the normal behavior of machine learning based classifier in the IDS by injecting the network with carefully crafted packets externally, that may seem normal by the classification algorithm and the instance made part of its future training set. This behavior eventually can lead to a poison learning by the classification algorithm in the long run, resulting in misclassification of true attack instances. This work explores one such approach with SOM and SVM as the online learning based classification algorithms

Data mining using neural networks

Data mining is about the search for relationships and global patterns in large databases that are increasing in size. Data mining is beneficial for anyone who has a huge amount of data, for example, customer and business data, transaction, marketing, financial, manufacturing and web data etc. The results of data mining are also referred to as knowledge in the form of rules, regularities and constraints. Rule mining is one of the popular data mining methods since rules provide concise statements of potentially important information that is easily understood by end users and also actionable patterns. At present rule mining has received a good deal of attention and enthusiasm from data mining researchers since rule mining is capable of solving many data mining problems such as classification, association, customer profiling, summarization, segmentation and many others. This thesis makes several contributions by proposing rule mining methods using genetic algorithms and neural networks. The thesis first proposes rule mining methods using a genetic algorithm. These methods are based on an integrated framework but capable of mining three major classes of rules. Moreover, the rule mining processes in these methods are controlled by tuning of two data mining measures such as support and confidence. The thesis shows how to build data mining predictive models using the resultant rules of the proposed methods. Another key contribution of the thesis is the proposal of rule mining methods using supervised neural networks. The thesis mathematically analyses the Widrow-Hoff learning algorithm of a single-layered neural network, which results in a foundation for rule mining algorithms using single-layered neural networks. Three rule mining algorithms using single-layered neural networks are proposed for the three major classes of rules on the basis of the proposed theorems. The thesis also looks at the problem of rule mining where user guidance is absent. The thesis proposes a guided rule mining system to overcome this problem. The thesis extends this work further by comparing the performance of the algorithm used in the proposed guided rule mining system with Apriori data mining algorithm. Finally, the thesis studies the Kohonen self-organization map as an unsupervised neural network for rule mining algorithms. Two approaches are adopted based on the way of self-organization maps applied in rule mining models. In the first approach, self-organization map is used for clustering, which provides class information to the rule mining process. In the second approach, automated rule mining takes the place of trained neurons as it grows in a hierarchical structure

Review of Classification Algorithms with Changing Inter-Class Distances

Peer reviewedPublisher PD

Approaches to hazard-oriented groundwater management based on multivariate analysis of groundwater quality

Drinking water extracted near rivers in alluvial aquifers is subject to potential microbial contamination due to rapidly infiltrating river water during high discharge events. The heterogeneity of river-groundwater interaction and hydrogeological characteristics of the aquifer renders a complex pattern of groundwater quality. The quality of the extracted drinking water can be managed using decision support and HACCP (Hazard Analysis and Critical Control Point) systems, but the detection of potential contamination remains a complex task to master. The methodology proposed herein uses a combination of high-resolution measurements and multivariate statistical analyses to characterise actual groundwater quality and detect potential contamination. The aim of this project was to improve the protection of riverine groundwater extraction wells and to increase the degrees of freedom available to the management of fluvial planes with drinking-water production and aquifer recharge by river-groundwater interaction. The monitoring network was set up in the Reinacherheide in North-west Switzerland and encompassed the depth-oriented installation of multiparameter instruments, a surface-water monitoring station and a flow-through cell with an automated sampler and high-precision measurement instruments. The parameters recorded included temperature, electrical conductivity, spectral absorption coefficient, particle density and turbidity. Two of the observation wells were equipped with a telemetry system and the flow cell could be controlled remotely. The well-field encompassed eight groundwater extraction wells. The optimal choice of observation wells and indicator parameters was assessed using principal component analysis of groundwater head, temperature and electrical conductivity time-series to detect the influence of, for example, river-water infiltration or river-stage fluctuations on the time-series recorded in the groundwater observation wells. Groundwater head was susceptible to pressure waves induced by both river-stage fluctuations and groundwater extraction. Temperature time-series showed only weak responses to high discharge events. Electrical conductivity, however, showed a distance-driven response pattern to high discharge events. To further assess the representative strength of individual groundwater quality indicator parameters for identifying microbial contamination, a bi-weekly and a high-resolution sampling campaign were carried out. The results showed high faecal-indicator bacteria densities (E. coli and Enterococcus sp.) at the beginning of high discharge events, followed by a rapid decrease, leading to a strong hit-and-miss characteristic in the bi-weekly sampling campaign. The third approach applied used the neural network-based combination of self-organizing maps and Sammon's projection (SOM-SM) to detect shifts in groundwater quality system states. The nonlinear analysis was carried out with groundwater head, temperature and electrical conductivity time-series from six observation wells. The subsequent shading of the projected trajectory of system states with independent time-series (spectral absorption coefficient and particle density) allowed the identification of critical system states, when actual groundwater quality decreased and contamination of the extraction wells was imminent. The time at which the changes in system state occurred and were detected were used as potential warning indicators for the water supplier. The effects of altered groundwater extraction (as a consequence of the SOM-SM warning) were then simulated using a groundwater flow model. The outcome of the SOM-SM analysis is, thus, proposed as an interface between the monitoring system and extraction-well management system. The proposed approach incorporates hydrogeological knowledge and the analysis of prevalent conditions concerning river-groundwater interaction with real-time telemetric data transfer, data-base management and nonlinear statistical analysis to detect deterioration in actual groundwater quality due to rapidly infiltrating river water. As the SOM-SM is not based on threshold values and independent of indicator parameters, the approach can be transferred to other sites with similar characteristics

Near Real-Time Anomaly Detection in NFV Infrastructures

This paper presents a scalable cloud-based archi-tecture for near real-time anomaly detection in the Vodafone NFV infrastructure, spanning across multiple data centers in 11 European countries. Our solution aims at processing in real-time system-level data coming from the monitoring subsystem of the infrastructure, raising alerts to operators as soon as the incoming data presents anomalous patterns. A number of different anomaly detection techniques have been implemented for the proposed architecture, and results from their comparative evaluation are reported, based on real monitoring data coming from one of the monitored data centers, where a number of interesting anomalies have been manually identified. Part of this labelled data-set is also released under an open data license, for possible reuse by other researchers

Explainable Neural Networks based Anomaly Detection for Cyber-Physical Systems

Cyber-Physical Systems (CPSs) are the core of modern critical infrastructure (e.g. power-grids) and securing them is of paramount importance. Anomaly detection in data is crucial for CPS security. While Artificial Neural Networks (ANNs) are strong candidates for the task, they are seldom deployed in safety-critical domains due to the perception that ANNs are black-boxes. Therefore, to leverage ANNs in CPSs, cracking open the black box through explanation is essential. The main objective of this dissertation is developing explainable ANN-based Anomaly Detection Systems for Cyber-Physical Systems (CP-ADS). The main objective was broken down into three sub-objectives: 1) Identifying key-requirements that an explainable CP-ADS should satisfy, 2) Developing supervised ANN-based explainable CP-ADSs, 3) Developing unsupervised ANN-based explainable CP-ADSs. In achieving those objectives, this dissertation provides the following contributions: 1) a set of key-requirements that an explainable CP-ADS should satisfy, 2) a methodology for deriving summaries of the knowledge of a trained supervised CP-ADS, 3) a methodology for validating derived summaries, 4) an unsupervised neural network methodology for learning cyber-physical (CP) behavior, 5) a methodology for visually and linguistically explaining the learned CP behavior. All the methods were implemented on real-world and benchmark datasets. The set of key-requirements presented in the first contribution was used to evaluate the performance of the presented methods. The successes and limitations of the presented methods were identified. Furthermore, steps that can be taken to overcome the limitations were proposed. Therefore, this dissertation takes several necessary steps toward developing explainable ANN-based CP-ADS and serves as a framework that can be expanded to develop trustworthy ANN-based CP-ADSs