6 research outputs found
Autoencoders for strategic decision support
In the majority of executive domains, a notion of normality is involved in
most strategic decisions. However, few data-driven tools that support strategic
decision-making are available. We introduce and extend the use of autoencoders
to provide strategically relevant granular feedback. A first experiment
indicates that experts are inconsistent in their decision making, highlighting
the need for strategic decision support. Furthermore, using two large
industry-provided human resources datasets, the proposed solution is evaluated
in terms of ranking accuracy, synergy with human experts, and dimension-level
feedback. This three-point scheme is validated using (a) synthetic data, (b)
the perspective of data quality, (c) blind expert validation, and (d)
transparent expert evaluation. Our study confirms several principal weaknesses
of human decision-making and stresses the importance of synergy between a model
and humans. Moreover, unsupervised learning and in particular the autoencoder
are shown to be valuable tools for strategic decision-making
Detection and Prevention Against Poisoning Attacks in Federated Learning
This paper proposes and investigates a new approach for detecting and
preventing several different types of poisoning attacks from affecting a
centralized Federated Learning model via average accuracy deviation detection
(AADD). By comparing each client's accuracy to all clients' average accuracy,
AADD detect clients with an accuracy deviation. The implementation is further
able to blacklist clients that are considered poisoned, securing the global
model from being affected by the poisoned nodes. The proposed implementation
shows promising results in detecting poisoned clients and preventing the global
model's accuracy from deteriorating
Machine Learning to Improve Security Operations Centers
Since the onset of the internet, the world has embraced this new technology and used it to collectively advance Humanity. Companies have followed the trend from the physical to the digital world, taking with them all their associated value. In order to safeguard this value, security needed to evolve, with enterprises employing departments of highly trained professionals. Nevertheless, the ever increasing amount of information in need of evaluation by these professionals requires the deployment of automation techniques, aiding in data analysis and bulk task processing, to reduce detection time and as such improve mitigation. This work proposes a novel tool designed to help in attack detection and alert aggregation, by leveraging machine learning techniques. The proposed solution is described in full and showcased using real data from an example implementation.Desde o aparecimento da internet, esta nova tecnologia tem sido usada para avançar a Humanidade. O mercado seguiu as tendências, passando do mundo físico para o digital e levando consigo todo o seu valor associado. De forma a salvaguardar este valor, a segurança precisou de se adaptar, com empresas a dedicarem departamentos inteiros com esse objetivo. No entanto, a quantidade cada vez mais elevada de informação a analisar exige o desenvolvimento de técnicas automáticas de processamento de dados e execução de tarefas em massa, para diminuir o tempo de deteção de ataques permitindo uma mitigação mais ágil dos mesmos. Este trabalho propõe uma ferramenta projetada para ajudar na deteção de ataques e agregação de alertas, usando técnicas de inteligência artificial. A solução proposta é descrita na íntegra e apresentada usando dados reais aplicados a uma implementação de exemplo
A survey on explainable anomaly detection
NWOAlgorithms and the Foundations of Software technolog
On the Secure and Resilient Design of Connected Vehicles: Methods and Guidelines
Vehicles have come a long way from being purely mechanical systems to systems that consist of an internal network of more than 100 microcontrollers and systems that communicate with external entities, such as other vehicles, road infrastructure, the manufacturer’s cloud and external applications. This combination of resource constraints, safety-criticality, large attack surface and the fact that millions of people own and use them each day, makes securing vehicles particularly challenging as security practices and methods need to be tailored to meet these requirements.This thesis investigates how security demands should be structured to ease discussions and collaboration between the involved parties and how requirements engineering can be accelerated by introducing generic security requirements. Practitioners are also assisted in choosing appropriate techniques for securing vehicles by identifying and categorising security and resilience techniques suitable for automotive systems. Furthermore, three specific mechanisms for securing automotive systems and providing resilience are designed and evaluated. The first part focuses on cyber security requirements and the identification of suitable techniques based on three different approaches, namely (i) providing a mapping to security levels based on a review of existing security standards and recommendations; (ii) proposing a taxonomy for resilience techniques based on a literature review; and (iii) combining security and resilience techniques to protect automotive assets that have been subject to attacks. The second part presents the design and evaluation of three techniques. First, an extension for an existing freshness mechanism to protect the in-vehicle communication against replay attacks is presented and evaluated. Second, a trust model for Vehicle-to-Vehicle communication is developed with respect to cyber resilience to allow a vehicle to include trust in neighbouring vehicles in its decision-making processes. Third, a framework is presented that enables vehicle manufacturers to protect their fleet by detecting anomalies and security attacks using vehicle trust and the available data in the cloud