A Brief Analysis of Gravitational Search Algorithm (GSA) Publication from 2009 to May 2013

Gravitational Search Algorithm was introduced in year 2009. Since its introduction, the academic community shows a great interest on this algorith. This can be seen by the high number of publications with a short span of time. This paper analyses the publication trend of Gravitational Search Algorithm since its introduction until May 2013. The objective of this paper is to give exposure to reader the publication trend in the area of Gravitational Search Algorithm

Data analytics for modeling and visualizing attack behaviors: A case study on SSH brute force attacks

In this research, we explore a data analytics based approach for modeling and visualizing attack behaviors. To this end, we employ Self-Organizing Map and Association Rule Mining algorithms to analyze and interpret the behaviors of SSH brute force attacks and SSH normal traffic as a case study. The experimental results based on four different data sets show that the patterns extracted and interpreted from the SSH brute force attack data sets are similar to each other but significantly different from those extracted from the SSH normal traffic data sets. The analysis of the attack traffic provides insight into behavior modeling for brute force SSH attacks. Furthermore, this sheds light into how data analytics could help in modeling and visualizing attack behaviors in general in terms of data acquisition and feature extraction

Oil and Gas flow Anomaly Detection on offshore naturally flowing wells using Deep Neural Networks

Dissertation presented as the partial requirement for obtaining a Master's degree in Data Science and Advanced Analytics, specialization in Data ScienceThe Oil and Gas industry, as never before, faces multiple challenges. It is being impugned for being dirty, a pollutant, and hence the more demand for green alternatives. Nevertheless, the world still has to rely heavily on hydrocarbons, since it is the most traditional and stable source of energy, as opposed to extensively promoted hydro, solar or wind power. Major operators are challenged to produce the oil more efficiently, to counteract the newly arising energy sources, with less of a climate footprint, more scrutinized expenditure, thus facing high skepticism regarding its future. It has to become greener, and hence to act in a manner not required previously. While most of the tools used by the Hydrocarbon E&P industry is expensive and has been used for many years, it is paramount for the industry’s survival and prosperity to apply predictive maintenance technologies, that would foresee potential failures, making production safer, lowering downtime, increasing productivity and diminishing maintenance costs. Many efforts were applied in order to define the most accurate and effective predictive methods, however data scarcity affects the speed and capacity for further experimentations. Whilst it would be highly beneficial for the industry to invest in Artificial Intelligence, this research aims at exploring, in depth, the subject of Anomaly Detection, using the open public data from Petrobras, that was developed by experts. For this research the Deep Learning Neural Networks, such as Recurrent Neural Networks with LSTM and GRU backbones, were implemented for multi-class classification of undesirable events on naturally flowing wells. Further, several hyperparameter optimization tools were explored, mainly focusing on Genetic Algorithms as being the most advanced methods for such kind of tasks. The research concluded with the best performing algorithm with 2 stacked GRU and the following vector of hyperparameters weights: [1, 47, 40, 14], which stand for timestep 1, number of hidden units 47, number of epochs 40 and batch size 14, producing F1 equal to 0.97%. As the world faces many issues, one of which is the detrimental effect of heavy industries to the environment and as result adverse global climate change, this project is an attempt to contribute to the field of applying Artificial Intelligence in the Oil and Gas industry, with the intention to make it more efficient, transparent and sustainable

Metaheuristic-Based Neural Network Training And Feature Selector For Intrusion Detection

Intrusion Detection (ID) in the context of computer networks is an essential technique in modern defense-in-depth security strategies. As such, Intrusion Detection Systems (IDSs) have received tremendous attention from security researchers and professionals. An important concept in ID is anomaly detection, which amounts to the isolation of normal behavior of network traffic from abnormal (anomaly) events. This isolation is essentially a classification task, which led researchers to attempt the application of well-known classifiers from the area of machine learning to intrusion detection. Neural Networks (NNs) are one of the most popular techniques to perform non-linear classification, and have been extensively used in the literature to perform intrusion detection. However, the training datasets usually compose feature sets of irrelevant or redundant information, which impacts the performance of classification, and traditional learning algorithms such as backpropagation suffer from known issues, including slow convergence and the trap of local minimum. Those problems lend themselves to the realm of optimization. Considering the wide success of swarm intelligence methods in optimization problems, the main objective of this thesis is to contribute to the improvement of intrusion detection technology through the application of swarm-based optimization techniques to the basic problems of selecting optimal packet features, and optimal training of neural networks on classifying those features into normal and attack instances. To realize these objectives, the research in this thesis follows three basic stages, succeeded by extensive evaluations

Current Studies and Applications of Krill Herd and Gravitational Search Algorithms in Healthcare

Nature-Inspired Computing or NIC for short is a relatively young field that tries to discover fresh methods of computing by researching how natural phenomena function to find solutions to complicated issues in many contexts. As a consequence of this, ground-breaking research has been conducted in a variety of domains, including synthetic immune functions, neural networks, the intelligence of swarm, as well as computing of evolutionary. In the domains of biology, physics, engineering, economics, and management, NIC techniques are used. In real-world classification, optimization, forecasting, and clustering, as well as engineering and science issues, meta-heuristics algorithms are successful, efficient, and resilient. There are two active NIC patterns: the gravitational search algorithm and the Krill herd algorithm. The study on using the Krill Herd Algorithm (KH) and the Gravitational Search Algorithm (GSA) in medicine and healthcare is given a worldwide and historical review in this publication. Comprehensive surveys have been conducted on some other nature-inspired algorithms, including KH and GSA. The various versions of the KH and GSA algorithms and their applications in healthcare are thoroughly reviewed in the present article. Nonetheless, no survey research on KH and GSA in the healthcare field has been undertaken. As a result, this work conducts a thorough review of KH and GSA to assist researchers in using them in diverse domains or hybridizing them with other popular algorithms. It also provides an in-depth examination of the KH and GSA in terms of application, modification, and hybridization. It is important to note that the goal of the study is to offer a viewpoint on GSA with KH, particularly for academics interested in investigating the capabilities and performance of the algorithm in the healthcare and medical domains.Comment: 35 page

Semi-Supervised Deep Neural Network for Network Intrusion Detection

Network security is of vital importance for corporations and institutions. In order to protect valuable computer systems, network data needs to be analyzed so that possible network intrusions can be detected. Supervised machine learning methods achieve high accuracy at classifying network data as normal or malicious, but they require the availability of fully labeled data. The recently developed ladder network, which combines neural networks with unsupervised learning, shows promise in achieving a high accuracy while only requiring a small number of labeled examples. We applied the ladder network to classifying network data using the Third International Knowledge Discovery and Data Mining Tools Competition dataset (KDD 1999). Our experiments, show the ladder network was able to achieve similar results compared to supervised classifiers while using a limited number of labeled samples

Modélisation formelle des systèmes de détection d'intrusions

L’écosystème de la cybersécurité évolue en permanence en termes du nombre, de la diversité, et de la complexité des attaques. De ce fait, les outils de détection deviennent inefficaces face à certaines attaques. On distingue généralement trois types de systèmes de détection d’intrusions : détection par anomalies, détection par signatures et détection hybride. La détection par anomalies est fondée sur la caractérisation du comportement habituel du système, typiquement de manière statistique. Elle permet de détecter des attaques connues ou inconnues, mais génère aussi un très grand nombre de faux positifs. La détection par signatures permet de détecter des attaques connues en définissant des règles qui décrivent le comportement connu d’un attaquant. Cela demande une bonne connaissance du comportement de l’attaquant. La détection hybride repose sur plusieurs méthodes de détection incluant celles sus-citées. Elle présente l’avantage d’être plus précise pendant la détection. Des outils tels que Snort et Zeek offrent des langages de bas niveau pour l’expression de règles de reconnaissance d’attaques. Le nombre d’attaques potentielles étant très grand, ces bases de règles deviennent rapidement difficiles à gérer et à maintenir. De plus, l’expression de règles avec état dit stateful est particulièrement ardue pour reconnaître une séquence d’événements. Dans cette thèse, nous proposons une approche stateful basée sur les diagrammes d’état-transition algébriques (ASTDs) afin d’identifier des attaques complexes. Les ASTDs permettent de représenter de façon graphique et modulaire une spécification, ce qui facilite la maintenance et la compréhension des règles. Nous étendons la notation ASTD avec de nouvelles fonctionnalités pour représenter des attaques complexes. Ensuite, nous spécifions plusieurs attaques avec la notation étendue et exécutons les spécifications obtenues sur des flots d’événements à l’aide d’un interpréteur pour identifier des attaques. Nous évaluons aussi les performances de l’interpréteur avec des outils industriels tels que Snort et Zeek. Puis, nous réalisons un compilateur afin de générer du code exécutable à partir d’une spécification ASTD, capable d’identifier de façon efficiente les séquences d’événements.Abstract : The cybersecurity ecosystem continuously evolves with the number, the diversity, and the complexity of cyber attacks. Generally, we have three types of Intrusion Detection System (IDS) : anomaly-based detection, signature-based detection, and hybrid detection. Anomaly detection is based on the usual behavior description of the system, typically in a static manner. It enables detecting known or unknown attacks but also generating a large number of false positives. Signature based detection enables detecting known attacks by defining rules that describe known attacker’s behavior. It needs a good knowledge of attacker behavior. Hybrid detection relies on several detection methods including the previous ones. It has the advantage of being more precise during detection. Tools like Snort and Zeek offer low level languages to represent rules for detecting attacks. The number of potential attacks being large, these rule bases become quickly hard to manage and maintain. Moreover, the representation of stateful rules to recognize a sequence of events is particularly arduous. In this thesis, we propose a stateful approach based on algebraic state-transition diagrams (ASTDs) to identify complex attacks. ASTDs allow a graphical and modular representation of a specification, that facilitates maintenance and understanding of rules. We extend the ASTD notation with new features to represent complex attacks. Next, we specify several attacks with the extended notation and run the resulting specifications on event streams using an interpreter to identify attacks. We also evaluate the performance of the interpreter with industrial tools such as Snort and Zeek. Then, we build a compiler in order to generate executable code from an ASTD specification, able to efficiently identify sequences of events

Modeling of Filtration Process Using PSO-Neural Network

Modeling of membrane filtration process is a challenging task because it involves many interactions from biological and physical operation behavior. Membrane fouling in filtration process is too complex to understand and to derive a robust model become very difficult. The aim of this paper is to study the potential of neural network based dynamic model for submerged membrane filtration process. The purpose of the model is to represent the dynamic behavior of the filtration process therefore the model can be utilized in the prediction and control. The neural network model was trained using particle swarm optimization (PSO) technique. Three methods of PSO are compared to obtained an optimal model which are random PSO (RPSO), constriction factor PSO (CPSO) and inertia weight PSO (IW-PSO). In the data collection, a random step was applied to the suction pump in order to obtained the permeate flux and transmembrane pressure (TMP) dynamic. The model was evaluated in term of %R2, root mean square error (RMSE,) and mean absolute deviation (MAD). The result of proposed modeling technique showed that the neural network with PSO is capable to model the dynamic behavior of the filtration process

Intrusion detection for industrial control systems

Industrial Control Systems (ICS) are rapidly shifting from closed local networks, to remotely accessible networks. This shift has created a need for strong cybersecurity anomaly and intrusion detection for these systems; however, due to the complexity and diversity of ICSs, well defined and reliable anomaly and intrusion detection systems are still being developed. Machine learning approaches for anomaly and intrusion detection on the network level may provide general protection that can be applied to any ICS. This paper explores two machine learning applications for classifying the attack label of the UNSW-NB15 dataset. The UNSW-NB15 is a benchmark dataset that was created off general network communications and includes labels for normal behavior and attack vectors. A baseline was created using K-Nearest Neighbors (kNN) due to its mathematical simplicity. Once the baseline was created a feed forward artificial neural network known as a Multi-Layer Perceptron (MLP), was implemented for comparison due to its ease of reuse for running in a production environment. The experimental results show that both kNN and MLPs are effective approaches for identifying malicious network traffic; although, both still need to be further refined and improved before implementation on a real-world production scale

Machine Learning assisted Digital Twin for event identification in electrical power system

The challenges of stable operation in the electrical power system are increasing with the infrastructure shifting of the power grid from the centralized energy supply with fossil fuels towards sustainable energy generation. The predominantly RES plants, due to the non-linear electronic switch, have brought harmonic oscillations into the power grid. These changes lead to difficulties in stable operation, reduction of outages and management of variations in electric power systems. The emergence of the Digital Twin in the power system brings the opportunity to overcome these challenges. Digital Twin is a digital information model that accurately represents the state of every asset in a physical system. It can be used not only to monitor the operation states with actionable insights of physical components to drive optimized operation but also to generate abundant data by simulation according to the guidance on design limits of physical systems. The work addresses the topic of the origin of the Digital Twin concept and how it can be utilized in the optimization of power grid operation.Die Herausforderungen für den zuverfässigen Betrieb des elektrischen Energiesystems werden mit der Umwandlung der Infrastruktur in Stromnetz von der zentralen Energieversorgung mit fossilen Brennstoffen hin zu der regenerativen Energieeinspeisung stetig zugenommen. Der Ausbau der erneuerbaren Energien im Zuge der klimapolitischen Zielsetzung zur CO²-Reduzierung und des Ausstiegs aus der Kernenergie wird in Deutschland zügig vorangetrieben. Aufgrund der nichtlinearen elektronischen Schaltanlagen werden die aus EE-Anlagen hervorgegangenen Oberschwingungen in das Stromnetz eingebracht, was nicht nur die Komplexität des Stromnetzes erhöht, sondern auch die Stabilität des Systems beeinflusst. Diese Entwicklungen erschweren den stabilen Betrieb, die Verringerung der Ausfälle und das Management der Netzschwankungen im elektrischen Energiesystem. Das Auftauchen von Digital Twin bringt die Gelegenheit zur Behebung dieser Herausforderung. Digital Twin ist ein digitales Informationsmodell, das den Zustand des physikalischen genau abbildet. Es kann nicht nur zur Überwachung der Betriebszustände mit nachvollziehbarem Einsichten über physischen Komponenten sondern auch zur Generierung der Daten durch Simulationen unter der Berücksichtigung der Auslegungsgrenze verwendet werden. Diesbezüglich widmet sich die Arbeit zunächste der Fragestellung, woher das Digital Twin Konzept stammt und wie das Digitan Twin für die Optimierung des Stromnetzes eingesetzt wird. Hierfür werden die Perspektiven über die dynamische Zustandsschätzung, die Überwachung des des Betriebszustands, die Erkennung der Anomalien usw. im Stromnetz mit Digital Twin spezifiziert. Dementsprechend wird die Umsetzung dieser Applikationen auf dem Lebenszyklus-Management basiert. Im Rahmen des Lebenszyklusschemas von Digital Twin sind drei wesentliche Verfahren von der Modellierung des Digital Twins zur deren Applizierung erforderlich: Parametrierungsprozess für die Modellierung des Digital Twins, Datengenerierung mit Digital Twin Simulation und Anwendung mit Machine Learning Algorithmus für die Erkennung der Anomalie. Die Validierung der Zuverlässigkeit der Parametrierung für Digital Twin und der Eventserkennung erfolgt mittels numerischer Fallstudien. Dazu werden die Algorithmen für Online und Offline zur Parametrierung des Digital Twins untersucht. Im Rahmen dieser Arbeit wird das auf CIGRÉ basierende Referenznetz zur Abbildung des Digital Twin hinsichtlich der Referenzmessdaten parametriert. So sind neben der Synchronmaschine und Umrichter basierende Einspeisung sowie Erreger und Turbine auch regler von Umrichter für den Parametrierungsprozess berücksichtigt. Nach der Validierung des Digital Twins werden die zahlreichen Simulationen zur Datengenerierung durchgeführt. Jedes Event wird mittels der Daten vo Digital Twin mit einem "Fingerprint" erfasst. Das Training des Machine Learning Algorithmus wird dazu mit den simulierten Daten von Digital Twin abgewickelt. Das Erkennungsergebnis wird durch die Fallstudien validiert und bewertet