490 research outputs found
Incremental learning for large-scale stream data and its application to cybersecurity
As many human currently depend on technologies to assist with daily tasks,
there are more and more applications which have been developed to be fit in one
small gadget such as smart phone and tablet. Thus, by carrying this small gadget
alone, most of our tasks are able to be settled efficiently and fast. Until the end
of 20th century, mobile phones are only used to call and to send short message
service (sms). However, in early 21st century, a rapid revolution of communi�cation technology from mobile phone into smart phone has been seen in which
the smart phone is equipped by 4G Internet line along with the telephone service
provider line. Thus, the users are able to make a phone call, send messages using
variety of application such as Whatsapp and Line, send email, serving websites,
accessing maps and handling some daily tasks via online using online banking,
online shopping and online meetings via video conferences. In previous years, if
there are cases of missing children or missing cars, the victims would rely on the
police investigation. But now, as easy as uploading a notification about the loss
on Facebook and spread the news among Facebook users, there are more people
are able to help in the search. Despite the advantages that can be obtained using
these technologies, there are a group of irresponsible people who take advan�tage of current technologies for their own self-interest. Among the applications
that are usually being used by almost Internet users and also are often misused
by cyber criminals are email and websites. Therefore, we take this initiative to
make enhancement in cyber security application to avoid the Internet users from
being trapped and deceived by the trick of cyber criminals by developing detec�tion system of malicious spam email and Distributed Denial of Services (DDoS) 377.1781.8781$0,1$+
iii
backscatter.
Imagine that a notice with a logo of Mobile Phone company is received by
an email informing that the customer had recently run up a large mobile phone
bill. A link regarding the bill is attached for him/her to find out the details.
Since, the customer thinks that the billing might be wrong, thus the link is
clicked. However, the link is directed to a webpage which displays a status that
currently the webpage is under construction. Then the customer closes the page
and thinking of to visit the website again at other time. Unfortunately, after
a single click actually a malicious file is downloaded and installed without the
customer aware of it. That malicious file most probably is a Trojan that capable
to steal confidential information from victim’s computer. On the next day, when
the same person is using the same computer to log in the online banking, all
of a sudden find out that his/her money is lost totally. This is one of a worst
case scenario of malicious spam email which is usually handled by cybersecurity
field. Another different case of cybersecurity is the Distributed Denial of Services
(DDoS) attack. Let say, Company X is selling flowers via online in which the
market is from the local and international customer. The online business of
Company X is running normally as usual, until a day before mother’s day, the
webpage of Company X is totally down and the prospective customers could not
open the webpage to make order to be sent specially for their beloved mother.
Thus, the customers would search another company that sells the same item. The
Company X server is down, most probably because of the DDoS attack where a
junk traffic is sent to that company server which makes that server could not
serve the request by the legitimate customers. This attack effect not only the
profit of the company, but also reputation damage, regular customer turnover
and productivity decline.
Unfortunately, it is difficult for a normal user like us to detect malicious spam 377$
3(53867$.1781.8781+
email or DDoS attack with naked eyes. It is because recently the spammers
and attacker had improved their strategy so that the malicious email and the
DDoS packets are hardly able to be differentiated with the normal email and
data packets. Once the Social Engineering is used by the spammers to create
relevant email content in the malicious spam email and when a new campaign
of DDoS attack is launched by the attacker, no normal users are capable to
distinguish the benign and malicious email or data packets. This is where my
Ph.D project comes in handy. My Ph.d is focusing on constructing a detection
system of malicious spam email and DDoS attack using a large number of dataset
which are obtained by a server that collect double-bounce email and darknet for
malicious spam email detection system and DDoS backscatter detection system,
respectively. As many up-to-date data are used during the learning, the detection
system would become more robust to the latest strategy of the cybercriminal.
Therefore, the scenario mentioned above can be avoided by assisting the user
with important information at the user-end such as malicious spam email filter
or at the server firewall. First of all, the method to learn large-scale stream
data must be solved before implementing it in the detection system. Therefore,
in Chapter 2, the general learning strategy of large-scale data is introduced to
be used in the cybersecurity applications which are discussed in Chapter 3 and
Chapter 4, respectively.
One of a critical criterion of the detection system is capable to learn fast because
after the learning, the updated information needs to be passed to user to avoid
the user from being deceived by the cybercriminal. To process large-scale data
sequences, it is important to choose a suitable learning algorithm that is capable
to learn in real time. Incremental learning has an ability to process large data
in chunk and update the parameters after learning each chunk. Such type of
learning keep and update only the minimum information on a classifier model. 377.1781.8781$0,1$+
Therefore, it requires relatively small memory and short learning time. On the
other hand, batch learning is not suitable because it needs to store all training
data, which consume a large memory capacity. Due to the limited memory, it is
certainly impossible to process online large-scale data sequences using the batch
learning. Therefore, the learning of large-scale stream data should be conducted
incrementally.
This dissertation contains of five chapters. In Chapter 1, the concept of in�cremental learning is briefly described and basic theories on Resource Allocating
Network (RAN) and conventional data selection method are discussed in this
chapter. Besides that, the overview of this dissertation is also elaborated in this
chapter. In Chapter 2, we propose a new algorithm based on incremental Radial
Basis Function Network (RBFN) to accelerate the learning in stream data. The
data sequences are represented as a large chunk size of data given continuously
within a short time. In order to learn such data, the learning should be carried
out incrementally. Since it is certainly impossible to learn all data in a short pe�riod, selecting essential data from a given chunk can shorten the learning time. In
our method, we select data that are located in untrained or “not well-learned”
region and discard data at trained or “well-learned” region. These regions are
represented by margin flag. Each region is consisted of similar data which are
near to each other. To search the similar data, the well-known LSH method pro�posed by Andoni et al. is used. The LSH method indeed has proven be able to
quickly find similar objects in a large database. Moreover, we utilize the LSH ʼs
properties; hash value and Hash Table to further reduced the processing time. A
flag as a criterion to decide whether to choose or not the training data is added in
the Hash Table and is updated in each chunk sequence. Whereas, the hash value
of RBF bases that is identical with the hash value of the training data is used to
select the RBF bases that is near to the training data. The performance results of 377$
3(53867$.1781.8781+
vi
the numerical simulation on nine UC Irvine (UCI) Machine Learning Repository
datasets indicate that the proposed method can reduce the learning time, while
keeping the similar accuracy rate to the conventional method. These results indi�cate that the proposed method can improve the RAN learning algorithm towards
the large-scale stream data processing.
In Chapter 3, we propose a new online system to detect malicious spam emails
and to adapt to the changes of malicious URLs in the body of spam emails by
updating the system daily. For this purpose, we develop an autonomous system
that learns from double-bounce emails collected at a mail server. To adapt to new
malicious campaigns, only new types of spam emails are learned by introducing an
active learning scheme into a classifier model. Here, we adopt Resource Allocating
Network with Locality Sensitive Hashing (RAN-LSH) as a classifier model with
data selection. In this data selection, the same or similar spam emails that
have already been learned are quickly searched for a hash table using Locally
Sensitive Hashing, and such spam emails are discarded without learning. On
the other hand, malicious spam emails are sometimes drastically changed along
with a new arrival of malicious campaign. In this case, it is not appropriate to
classify such spam emails into malicious or benign by a classifier. It should be
analyzed by using a more reliable method such as a malware analyzer. In order
to find new types of spam emails, an outlier detection mechanism is implemented
in RAN-LSH. To analyze email contents, we adopt the Bag-of-Words (BoW)
approach and generate feature vectors whose attributes are transformed based
on the normalized term frequency-inverse document frequency. To evaluate the
developed system, we use a dataset of double-bounce spam emails which are
collected from March 1, 2013 to May 10, 2013. In the experiment, we study the
effect of introducing the outlier detection in RAN-LSH. As a result, by introducing
the outlier detection, we confirm that the detection accuracy is enhanced on 377.1781.8781+
average over the testing period.
In Chapter 4, we propose a fast Distributed Denial of Service (DDoS) backscat�ter detection system to detect DDoS backscatter from a combination of protocols
and ports other than the following two labeled packets: Transmission Control
Protocol (TCP) Port 80 (80/TCP) and User datagram Protocol (UDP) Port 53
(53/UDP). Usually, it is hard to detect DDoS backscatter from the unlabeled
packets, where an expert is needed to analyze every packet manually. Since it
is a costly approach, we propose a detection system using Resource Allocating
Network (RAN) with data selection to select essential data. Using this method,
the learning time is shorten, and thus, the DDoS backscatter can be detected
fast. This detection system consists of two modules which are pre-processing
and classifier. With the former module, the packets information are transformed
into 17 feature-vectors. With the latter module, the RAN-LSH classifier is used,
where only data located at untrained region are selected. The performance of the
proposed detection system is evaluated using 9,968 training data from 80/TCP
and 53/UDP, whereas 5,933 test data are from unlabeled packets which are col�lected from January 1st, 2013 until January 20th, 2014 at National Institute of
Information and Communications Technology (NICT), Japan. The results indi�cate that detection system can detect the DDoS backscatter from both labeled
and unlabeled packets with high recall and precision rate within a short time.
Finally, in Chapter 5, we discussed the conclusions and the future work of our
study: RAN-LSH classifier, malicious spam email detection system and DDoS
backscatter detection system
Power Quality Improvement of Distributed Generation Integrated Network with Unified Power Quality Conditioner.
With the increased penetration of small scale renewable energy sources in the electrical distribution network, maintenance or improvement of power quality has become more critical than ever where the level of voltage and current harmonics or disturbances can vary widely. For this reason, Custom Power Devices (CPDs) such as the Unified Power Quality Conditioner (UPQC) can be the most appropriate solution for enhancing the dynamic performance of the distribution network, where accurate prior knowledge may not be available. Therefore, the main objective of the present research is to investigate the (i) placement (ii) integration (iii) capacity enhancement and (iv) real time control of the Unified Power Quality Conditioner (UPQC) to improve the power quality (PQ) of a distributed generation (DG) network connected to the grid or microgrid
Improving skills in rounding off the whole number
This study was conducted to address teaching and learning skills in rounding off a whole number. This study consisted of 15 years 4 students from the Kong Nan Chinese Primary School, Parit Raja, Johor, Malaysia. Initial survey to identify this problem was carried out by analyzing the exercise books and exercises in pre-test. Based on these analyses, a large number of students were not proficient in relevant skills. A ‘q’ technique was introduced as an approach in teaching and learning to help students master the skills of rounding whole numbers. In summary, this technique helps students to remember the sequence of processes and process in rounding numbers. A total of four sessions of teaching and learning activities that take less than an hour have been implemented specifically to help students to master this technique. Results of the implementation of these activities have shown very positive results among the students. Two post tests were carried out to see the effectiveness of techniques and the results shows that 100% of students were able to answer correctly at least three questions correctly. The t-test analysis was clearly showed the effectiveness of ‘q’ technique. This technique also indirectly helps to maintain and increase student interest in learning Mathematics. This is shown with the active involvement of students in answering questions given by the teacher
Mitigation of Power Quality Problems Using Custom Power Devices: A Review
Electrical power quality (EPQ) in distribution systems is a critical issue for commercial, industrial and residential applications. The new concept of advanced power electronic based Custom Power Devices (CPDs) mainly distributed static synchronous compensator (D-STATCOM), dynamic voltage restorer (DVR) and unified power quality conditioner (UPQC) have been developed due to lacking the performance of traditional compensating devices to minimize power quality disturbances. This paper presents a comprehensive review on D-STATCOM, DVR and UPQC to solve the electrical power quality problems of the distribution networks. This is intended to present a broad overview of the various possible DSTATCOM, DVR and UPQC configurations for single-phase (two wire) and three-phase (three-wire and four-wire) networks and control strategies for the compensation of various power quality disturbances. Apart from this, comprehensive explanation, comparison, and discussion on D-STATCOM, DVR, and UPQC are presented. This paper is aimed to explore a broad prospective on the status of D-STATCOMs, DVRs, and UPQCs to researchers, engineers and the community dealing with the power quality enhancement. A classified list of some latest research publications on the topic is also appended for a quick reference
Power quality and electromagnetic compatibility: special report, session 2
The scope of Session 2 (S2) has been defined as follows by the Session Advisory Group and the Technical Committee: Power Quality (PQ), with the more general concept of electromagnetic compatibility (EMC) and with some related safety problems in electricity distribution systems.
Special focus is put on voltage continuity (supply reliability, problem of outages) and voltage quality (voltage level, flicker, unbalance, harmonics). This session will also look at electromagnetic compatibility (mains frequency to 150 kHz), electromagnetic interferences and electric and magnetic fields issues. Also addressed in this session are electrical safety and immunity concerns (lightning issues, step, touch and transferred voltages).
The aim of this special report is to present a synthesis of the present concerns in PQ&EMC, based on all selected papers of session 2 and related papers from other sessions, (152 papers in total). The report is divided in the following 4 blocks:
Block 1: Electric and Magnetic Fields, EMC, Earthing systems
Block 2: Harmonics
Block 3: Voltage Variation
Block 4: Power Quality Monitoring
Two Round Tables will be organised:
- Power quality and EMC in the Future Grid (CIGRE/CIRED WG C4.24, RT 13)
- Reliability Benchmarking - why we should do it? What should be done in future? (RT 15
Dynamic Voltage Restorer Application for Power Quality Improvement in Electrical Distribution System: An Overview
Dynamic Voltage Restorer (DVR) is a custom power device that is used to improve voltage
disturbances in electrical distribution system. The components of the DVR consist of voltage source
inverter (VSI), injection transformers, passive filters and energy storage. The main function of the
DVR is used to inject three phase voltage in series and in synchronism with the grid voltages in order
to compensate voltage disturbances. The Development of (DVR) has been proposed by many
researchers. This paper presents a review of the researches on the DVR application for power quality
Improvement in electrical distribution network. The types of DVR control strategies and its
configuration has been discussed and may assist the researchers in this area to develop and proposed
their new idea in order to build the prototype and controller
Design And Simulation Of Interline Unified Power Quality Conditioner (Iupqc) By Using Fuzzy Logic Controller
This paper proposes anew connection for a unified power quality conditioner (UPQC) to improve the power quality of two feeders in a distribution system. The interline custom power devices named Interline Unified Power Quality Conditioner (IUPQC) is improved for various power quality disturbances and modeled in MATLAB/SIMULINK by using fuzzy logic controller. The developed topology can be used for simultaneous compensation of voltage and current imperfections in a multi bus/multi feeder system. The proposed IUPQC is designed for medium voltage level (11 kV) and effective Enhanced Phase Locked Loop (EPLL) with Fuzzy based control technique is used to detect and extract the PQ disturbances. The performance of Series Compensator of IUPQC is evaluated through extensive simulations for mitigating unbalanced voltage sags with phase jumps and interruption. The performance of Shunt Compensator of IUPQC is also tested for harmonic and reactive power compensation that are not investigated before in literature. It is verified that IUPQC which is connected to two feeders, can compensate current and voltage distortions successfully in these feeders according to the results obtained using MATLAB/SIMULINK
- …