1,299 research outputs found
Distributed Anomaly Detection using Autoencoder Neural Networks in WSN for IoT
Wireless sensor networks (WSN) are fundamental to the Internet of Things
(IoT) by bridging the gap between the physical and the cyber worlds. Anomaly
detection is a critical task in this context as it is responsible for
identifying various events of interests such as equipment faults and
undiscovered phenomena. However, this task is challenging because of the
elusive nature of anomalies and the volatility of the ambient environments. In
a resource-scarce setting like WSN, this challenge is further elevated and
weakens the suitability of many existing solutions. In this paper, for the
first time, we introduce autoencoder neural networks into WSN to solve the
anomaly detection problem. We design a two-part algorithm that resides on
sensors and the IoT cloud respectively, such that (i) anomalies can be detected
at sensors in a fully distributed manner without the need for communicating
with any other sensors or the cloud, and (ii) the relatively more
computation-intensive learning task can be handled by the cloud with a much
lower (and configurable) frequency. In addition to the minimal communication
overhead, the computational load on sensors is also very low (of polynomial
complexity) and readily affordable by most COTS sensors. Using a real WSN
indoor testbed and sensor data collected over 4 consecutive months, we
demonstrate via experiments that our proposed autoencoder-based anomaly
detection mechanism achieves high detection accuracy and low false alarm rate.
It is also able to adapt to unforeseeable and new changes in a non-stationary
environment, thanks to the unsupervised learning feature of our chosen
autoencoder neural networks.Comment: 6 pages, 7 figures, IEEE ICC 201
Why (and How) Networks Should Run Themselves
The proliferation of networked devices, systems, and applications that we
depend on every day makes managing networks more important than ever. The
increasing security, availability, and performance demands of these
applications suggest that these increasingly difficult network management
problems be solved in real time, across a complex web of interacting protocols
and systems. Alas, just as the importance of network management has increased,
the network has grown so complex that it is seemingly unmanageable. In this new
era, network management requires a fundamentally new approach. Instead of
optimizations based on closed-form analysis of individual protocols, network
operators need data-driven, machine-learning-based models of end-to-end and
application performance based on high-level policy goals and a holistic view of
the underlying components. Instead of anomaly detection algorithms that operate
on offline analysis of network traces, operators need classification and
detection algorithms that can make real-time, closed-loop decisions. Networks
should learn to drive themselves. This paper explores this concept, discussing
how we might attain this ambitious goal by more closely coupling measurement
with real-time control and by relying on learning for inference and prediction
about a networked application or system, as opposed to closed-form analysis of
individual protocols
Towards a Near-real-time Protocol Tunneling Detector based on Machine Learning Techniques
In the very last years, cybersecurity attacks have increased at an
unprecedented pace, becoming ever more sophisticated and costly. Their impact
has involved both private/public companies and critical infrastructures. At the
same time, due to the COVID-19 pandemic, the security perimeters of many
organizations expanded, causing an increase of the attack surface exploitable
by threat actors through malware and phishing attacks. Given these factors, it
is of primary importance to monitor the security perimeter and the events
occurring in the monitored network, according to a tested security strategy of
detection and response. In this paper, we present a protocol tunneling detector
prototype which inspects, in near real time, a company's network traffic using
machine learning techniques. Indeed, tunneling attacks allow malicious actors
to maximize the time in which their activity remains undetected. The detector
monitors unencrypted network flows and extracts features to detect possible
occurring attacks and anomalies, by combining machine learning and deep
learning. The proposed module can be embedded in any network security
monitoring platform able to provide network flow information along with its
metadata. The detection capabilities of the implemented prototype have been
tested both on benign and malicious datasets. Results show 97.1% overall
accuracy and an F1-score equals to 95.6%.Comment: 12 pages, 4 figures, 4 table
Big data analytics for large-scale wireless networks: Challenges and opportunities
© 2019 Association for Computing Machinery. The wide proliferation of various wireless communication systems and wireless devices has led to the arrival of big data era in large-scale wireless networks. Big data of large-scale wireless networks has the key features of wide variety, high volume, real-time velocity, and huge value leading to the unique research challenges that are different from existing computing systems. In this article, we present a survey of the state-of-art big data analytics (BDA) approaches for large-scale wireless networks. In particular, we categorize the life cycle of BDA into four consecutive stages: Data Acquisition, Data Preprocessing, Data Storage, and Data Analytics. We then present a detailed survey of the technical solutions to the challenges in BDA for large-scale wireless networks according to each stage in the life cycle of BDA. Moreover, we discuss the open research issues and outline the future directions in this promising area
Fault Injection Analytics: A Novel Approach to Discover Failure Modes in Cloud-Computing Systems
Cloud computing systems fail in complex and unexpected ways due to unexpected
combinations of events and interactions between hardware and software
components. Fault injection is an effective means to bring out these failures
in a controlled environment. However, fault injection experiments produce
massive amounts of data, and manually analyzing these data is inefficient and
error-prone, as the analyst can miss severe failure modes that are yet unknown.
This paper introduces a new paradigm (fault injection analytics) that applies
unsupervised machine learning on execution traces of the injected system, to
ease the discovery and interpretation of failure modes. We evaluated the
proposed approach in the context of fault injection experiments on the
OpenStack cloud computing platform, where we show that the approach can
accurately identify failure modes with a low computational cost.Comment: IEEE Transactions on Dependable and Secure Computing; 16 pages. arXiv
admin note: text overlap with arXiv:1908.1164
- …