Deep Predictive Coding Neural Network for RF Anomaly Detection in Wireless Networks

Intrusion detection has become one of the most critical tasks in a wireless network to prevent service outages that can take long to fix. The sheer variety of anomalous events necessitates adopting cognitive anomaly detection methods instead of the traditional signature-based detection techniques. This paper proposes an anomaly detection methodology for wireless systems that is based on monitoring and analyzing radio frequency (RF) spectrum activities. Our detection technique leverages an existing solution for the video prediction problem, and uses it on image sequences generated from monitoring the wireless spectrum. The deep predictive coding network is trained with images corresponding to the normal behavior of the system, and whenever there is an anomaly, its detection is triggered by the deviation between the actual and predicted behavior. For our analysis, we use the images generated from the time-frequency spectrograms and spectral correlation functions of the received RF signal. We test our technique on a dataset which contains anomalies such as jamming, chirping of transmitters, spectrum hijacking, and node failure, and evaluate its performance using standard classifier metrics: detection ratio, and false alarm rate. Simulation results demonstrate that the proposed methodology effectively detects many unforeseen anomalous events in real time. We discuss the applications, which encompass industrial IoT, autonomous vehicle control and mission-critical communications services.Comment: 7 pages, 7 figures, Communications Workshop ICC'1

Emergency Evaluation in Connected and Automated Vehicles

An intelligent transportation system (ITS) provides improved transport efficiency and safety based on vehicle communication. Connected and automated vehicles (CAVs) as part of an ITS are projected to revolutionize the transportation industry, primarily by allowing real-time and seamless information exchange between vehicles and roadside infrastructure. Although these CAVs are expected to offer vast benefits, new problems in terms of safety, security, and privacy will also emerge. Since CAVs continue to rely heavily on vehicle sensors and information obtained from other vehicles and roadside units, abnormal sensors and malicious cyber attacks can lead to destructive results and fatal crashes. Therefore, ensuring reliable and secure information dissemination across vehicles and roadside units is vital for many applications and in the safety-critical aspect of CAVs. As a result, mechanisms that can detect anomalies and identify attack sources in real- time are necessary before the mass deployment of CAVs. This dissertation designs an approach for anomaly detection by utilizing deep Learning (DL), and machine learning (ML) mechanisms, namely Bayesian deep learning (BDL) empowered with discrete wavelet transform (DWT), to detect and identify abnormal behavior in CAVs. The proposed approach’s numerical experiment shows high performance in detecting anomalies and identifying their scores with high accuracy, sensitivity, precision, and F1 - score. Furthermore, this proposed method outperforms baseline BDL and convolutional neural network (CNN) approaches in detecting and identifying anomalies. Performance-wise, the proposed approach is evaluated in terms of the following performance metrics: sensitivity, precision, and F1 - score. Based on the simulation, the proposed approach achieves performance gains of 6.98 %, 9.10 %, and 7.37% over CNN and 11.89 %, 7.32 %, and 9.37% over BDL at duration d = 3 and linspace(0, 6000) for the difficult gradual drift anomaly. In another work, a new architecture of ML-Based Trust (MLBT) mechanism in detecting adversary behaviors in a vehicular-based M2M-C (VBM2M-C) framework is proposed. A combination of extreme Gradient Boost (XGBoost) and binary particle swarm optimization (BPSO) is introduced to detect and identify malicious behaviors within the network. The proposed MLBT is evaluated over different probabilities of attacks. The results of this evaluation show that the proposed approach outperforms the state-of-the-art mechanisms by 10% inaccuracy, 9% in true positive rate (tpr), and lowers false positive rate (fpr) by 9 %, 10% in precision, 8.10% in recall, 9.3% in sensitivity, and 10% in F1 - score with reference to the attacker density of 30% in the selected metrics better than the compared approaches. Moreover, an innovative data-driven approach was equally developed, which involves the combination of discrete wavelet transform (DWT) and double deep Q network (DDQN) method for anomaly detection in CAVs. The DDQN is modified to accommodate classification by taking the state’s data feature while labeling as the action. The features in DWT and DDQN are combined to enhance anomaly detection performance in CAV networks. The DWT smoothens the basic safety messages (BSMs) sensor reading before the BSMs are fed into the DDQN approach. F1 - score and sensitivity are used to access the performance of the proposed method. Overall, the proposed method achieves a performance gain of 20% and 10% at a small density of anomaly distribution and 12% and 8% at a high density of anomaly distribution for ensemble multilayer perceptron (EMLP) and support vector machine (SVM)

Bioelectronic Sensor Nodes for Internet of Bodies

Energy-efficient sensing with Physically-secure communication for bio-sensors on, around and within the Human Body is a major area of research today for development of low-cost healthcare, enabling continuous monitoring and/or secure, perpetual operation. These devices, when used as a network of nodes form the Internet of Bodies (IoB), which poses certain challenges including stringent resource constraints (power/area/computation/memory), simultaneous sensing and communication, and security vulnerabilities as evidenced by the DHS and FDA advisories. One other major challenge is to find an efficient on-body energy harvesting method to support the sensing, communication, and security sub-modules. Due to the limitations in the harvested amount of energy, we require reduction of energy consumed per unit information, making the use of in-sensor analytics/processing imperative. In this paper, we review the challenges and opportunities in low-power sensing, processing and communication, with possible powering modalities for future bio-sensor nodes. Specifically, we analyze, compare and contrast (a) different sensing mechanisms such as voltage/current domain vs time-domain, (b) low-power, secure communication modalities including wireless techniques and human-body communication, and (c) different powering techniques for both wearable devices and implants.Comment: 30 pages, 5 Figures. This is a pre-print version of the article which has been accepted for Publication in Volume 25 of the Annual Review of Biomedical Engineering (2023). Only Personal Use is Permitte

TONTA: Trend-based Online Network Traffic Analysis in ad-hoc IoT networks

Internet of Things (IoT) refers to a system of interconnected heterogeneous smart devices communicatingwithout human intervention. A significant portion of existing IoT networks is under the umbrella of ad-hoc andquasi ad-hoc networks. Ad-hoc based IoT networks suffer from the lack of resource-rich network infrastructuresthat are able to perform heavyweight network management tasks using, e.g. machine learning-based NetworkTraffic Monitoring and Analysis (NTMA) techniques. Designing light-weight NTMA techniques that do notneed to be (re-) trained has received much attention due to the time complexity of the training phase. In thisstudy, a novel pattern recognition method, called Trend-based Online Network Traffic Analysis (TONTA), isproposed for ad-hoc IoT networks to monitor network performance. The proposed method uses a statisticallight-weight Trend Change Detection (TCD) method in an online manner. TONTA discovers predominant trendsand recognizes abrupt or gradual time-series dataset changes to analyze the IoT network traffic. TONTA isthen compared with RuLSIF as an offline benchmark TCD technique. The results show that TONTA detectsapproximately 60% less false positive alarms than RuLSIF.publishedVersio

Deep Learning for Network Traffic Monitoring and Analysis (NTMA): A Survey

Modern communication systems and networks, e.g., Internet of Things (IoT) and cellular networks, generate a massive and heterogeneous amount of traffic data. In such networks, the traditional network management techniques for monitoring and data analytics face some challenges and issues, e.g., accuracy, and effective processing of big data in a real-time fashion. Moreover, the pattern of network traffic, especially in cellular networks, shows very complex behavior because of various factors, such as device mobility and network heterogeneity. Deep learning has been efficiently employed to facilitate analytics and knowledge discovery in big data systems to recognize hidden and complex patterns. Motivated by these successes, researchers in the field of networking apply deep learning models for Network Traffic Monitoring and Analysis (NTMA) applications, e.g., traffic classification and prediction. This paper provides a comprehensive review on applications of deep learning in NTMA. We first provide fundamental background relevant to our review. Then, we give an insight into the confluence of deep learning and NTMA, and review deep learning techniques proposed for NTMA applications. Finally, we discuss key challenges, open issues, and future research directions for using deep learning in NTMA applications.publishedVersio

Real-Time Machine Learning Models To Detect Cyber And Physical Anomalies In Power Systems

A Smart Grid is a cyber-physical system (CPS) that tightly integrates computation and networking with physical processes to provide reliable two-way communication between electricity companies and customers. However, the grid availability and integrity are constantly threatened by both physical faults and cyber-attacks which may have a detrimental socio-economic impact. The frequency of the faults and attacks is increasing every year due to the extreme weather events and strong reliance on the open internet architecture that is vulnerable to cyber-attacks. In May 2021, for instance, Colonial Pipeline, one of the largest pipeline operators in the U.S., transports refined gasoline and jet fuel from Texas up the East Coast to New York was forced to shut down after being attacked by ransomware, causing prices to rise at gasoline pumps across the country. Enhancing situational awareness within the grid can alleviate these risks and avoid their adverse consequences. As part of this process, the phasor measurement units (PMU) are among the suitable assets since they collect time-synchronized measurements of grid status (30-120 samples/s), enabling the operators to react rapidly to potential anomalies. However, it is still challenging to process and analyze the open-ended source of PMU data as there are more than 2500 PMU distributed across the U.S. and Canada, where each of which generates more than 1.5 TB/month of streamed data. Further, the offline machine learning algorithms cannot be used in this scenario, as they require loading and scanning the entire dataset before processing. The ultimate objective of this dissertation is to develop early detection of cyber and physical anomalies in a real-time streaming environment setting by mining multi-variate large-scale synchrophasor data. To accomplish this objective, we start by investigating the cyber and physical anomalies, analyzing their impact, and critically reviewing the current detection approaches. Then, multiple machine learning models were designed to identify physical and cyber anomalies; the first one is an artificial neural network-based approach for detecting the False Data Injection (FDI) attack. This attack was specifically selected as it poses a serious risk to the integrity and availability of the grid; Secondly, we extend this approach by developing a Random Forest Regressor-based model which not only detects anomalies, but also identifies their location and duration; Lastly, we develop a real-time hoeffding tree-based model for detecting anomalies in steaming networks, and explicitly handling concept drifts. These models have been tested and the experimental results confirmed their superiority over the state-of-the-art models in terms of detection accuracy, false-positive rate, and processing time, making them potential candidates for strengthening the grid\u27s security

Predictive Abuse Detection for a PLC Smart Lighting Network Based on Automatically Created Models of Exponential Smoothing

One of the basic elements of a Smart City is the urban infrastructure management system, in particular, systems of intelligent street lighting control. However, for their reliable operation, they require special care for the safety of their critical communication infrastructure. This article presents solutions for the detection of different kinds of abuses in network traffic of Smart Lighting infrastructure, realized by Power Line Communication technology. Both the structure of the examined Smart Lighting network and its elements are described. The article discusses the key security problems which have a direct impact on the correct performance of the Smart Lighting critical infrastructure. In order to detect an anomaly/attack, we proposed the usage of a statistical model to obtain forecasting intervals. Then, we calculated the value of the differences between the forecast in the estimated traffic model and its real variability so as to detect abnormal behavior (which may be symptomatic of an abuse attempt). Due to the possibility of appearance of significant fluctuations in the real network traffic, we proposed a procedure of statistical models update which is based on the criterion of interquartile spacing. The results obtained during the experiments confirmed the effectiveness of the presented misuse detection method

AI-big data analytics for building automation and management systems: a survey, actual challenges and future perspectives

In theory, building automation and management systems (BAMSs) can provide all the components and functionalities required for analyzing and operating buildings. However, in reality, these systems can only ensure the control of heating ventilation and air conditioning system systems. Therefore, many other tasks are left to the operator, e.g. evaluating buildings’ performance, detecting abnormal energy consumption, identifying the changes needed to improve efficiency, ensuring the security and privacy of end-users, etc. To that end, there has been a movement for developing artificial intelligence (AI) big data analytic tools as they offer various new and tailor-made solutions that are incredibly appropriate for practical buildings’ management. Typically, they can help the operator in (i) analyzing the tons of connected equipment data; and; (ii) making intelligent, efficient, and on-time decisions to improve the buildings’ performance. This paper presents a comprehensive systematic survey on using AI-big data analytics in BAMSs. It covers various AI-based tasks, e.g. load forecasting, water management, indoor environmental quality monitoring, occupancy detection, etc. The first part of this paper adopts a well-designed taxonomy to overview existing frameworks. A comprehensive review is conducted about different aspects, including the learning process, building environment, computing platforms, and application scenario. Moving on, a critical discussion is performed to identify current challenges. The second part aims at providing the reader with insights into the real-world application of AI-big data analytics. Thus, three case studies that demonstrate the use of AI-big data analytics in BAMSs are presented, focusing on energy anomaly detection in residential and office buildings and energy and performance optimization in sports facilities. Lastly, future directions and valuable recommendations are identified to improve the performance and reliability of BAMSs in intelligent buildings