The 8th International Conference on Time Series and Forecasting

The aim of ITISE 2022 is to create a friendly environment that could lead to the establishment or strengthening of scientific collaborations and exchanges among attendees. Therefore, ITISE 2022 is soliciting high-quality original research papers (including significant works-in-progress) on any aspect time series analysis and forecasting, in order to motivating the generation and use of new knowledge, computational techniques and methods on forecasting in a wide range of fields

An artificial neural network model for predicting freeway work zone delays with big data

Lane closures due to road reconstruction and maintenance have resulted in a major source of non-recurring congestion on freeways. It is extremely important to accurately quantify the associated mobility impact so that a cost-effective work zone schedule and an efficient traffic management plan can be developed. Therefore, the development of a sound model for predicting delays or road users is desirable. A comprehensive literature review on existing work zone delay prediction models (i.e., deterministic queuing model and shock wave model) is conducted in this study, which explores the advantages, disadvantages, and limitations of different modeling approaches. The performance of those models seems restricted to predict congestion impact under space-varying (i.e., road geometry, number of lanes, lane width, etc.) and time-varying (i.e., traffic volume) conditions. To advance the delay prediction accuracy, a multivariate non-linear regression (MNR) model is developed first by incorporating big data to capture the relationship of speed versus the ratio of approaching traffic volume to work zone capacity for work zone delay prediction. The MNR model demonstrates itself able to predict spatio-temporal delays with reasonable accuracy. A more advanced model called ANN-SVM is developed later to further improve the prediction accuracy, which integrates a support vector machine (SVM) model and an artificial neural network (ANN) model. The SVM model is responsible to predict work zone capacity, and the ANN model is responsible to predict delays. The ultimate goal of ANN-SVM aims to predict spatio-temporal delays caused by a work zone on freeways in the statewide of New Jersey subject to road geometry, number of lane closure, and work zone duration in different times of a day and days of a week. There are 274 work zones with complete information for the proposed model development, which are identified by mapping data from different sources, including OpenReach, Plan4Safety, New Jersey Straight Line Diagram (NJSLD), New Jersey Congestion Management System (NJCMS), and INRIX. Big data analytics is used to examining this massive data for developing the proposed model in a reliable and efficient way. A comparative analysis is conducted by comparing the ANN-SVM results with those produced by MNR, RUCM (NJDOT Road User Cost Manual approach), and ANN-HCM (the ANN model with work zone capacity suggested by Highway Capacity Manual). It is found that ANN-SVM in general outperforms other models in terms of prediction accuracy and reliability. To demonstrate the applicability of the proposed model, an analysis tool, which adapts to ANN-SVM, is developed to produce graphical information. It is worth noting that the analysis tool is very user friendly and can be easily applied to assess the impact of any work zones on New Jersey freeways. This tool can assist transportation agencies visualize bottlenecks and congestion hot spots caused by a work zone, effectively quantify and assess the associated impact, and make suitable decisions (i.e., determining the best starting time of a work zone to minimize delays to the road users). Furthermore, ANN-SVM can be applied to develop, evaluate, and improve traffic management and congestion mitigation plans and to calculate contractor penalty based on cost overruns as well as incentive reward schedule in case of early work competition

The Unbalanced Classification Problem: Detecting Breaches in Security

This research proposes several methods designed to improve solutions for security classification problems. The security classification problem involves unbalanced, high-dimensional, binary classification problems that are prevalent today. The imbalance within this data involves a significant majority of the negative class and a minority positive class. Any system that needs protection from malicious activity, intruders, theft, or other types of breaches in security must address this problem. These breaches in security are considered instances of the positive class. Given numerical data that represent observations or instances which require classification, state of the art machine learning algorithms can be applied. However, the unbalanced and high-dimensional structure of the data must be considered prior to applying these learning methods. High-dimensional data poses a “curse of dimensionality” which can be overcome through the analysis of subspaces. Exploration of intelligent subspace modeling and the fusion of subspace models is proposed. Detailed analysis of the one-class support vector machine, as well as its weaknesses and proposals to overcome these shortcomings are included. A fundamental method for evaluation of the binary classification model is the receiver operating characteristic (ROC) curve and the area under the curve (AUC). This work details the underlying statistics involved with ROC curves, contributing a comprehensive review of ROC curve construction and analysis techniques to include a novel graphic for illustrating the connection between ROC curves and classifier decision values. The major innovations of this work include synergistic classifier fusion through the analysis of ROC curves and rankings, insight into the statistical behavior of the Gaussian kernel, and novel methods for applying machine learning techniques to defend against computer intrusion detection. The primary empirical vehicle for this research is computer intrusion detection data, and both host-based intrusion detection systems (HIDS) and network-based intrusion detection systems (NIDS) are addressed. Empirical studies also include military tactical scenarios

Traffic Prediction using Artificial Intelligence: Review of Recent Advances and Emerging Opportunities

Traffic prediction plays a crucial role in alleviating traffic congestion which represents a critical problem globally, resulting in negative consequences such as lost hours of additional travel time and increased fuel consumption. Integrating emerging technologies into transportation systems provides opportunities for improving traffic prediction significantly and brings about new research problems. In order to lay the foundation for understanding the open research challenges in traffic prediction, this survey aims to provide a comprehensive overview of traffic prediction methodologies. Specifically, we focus on the recent advances and emerging research opportunities in Artificial Intelligence (AI)-based traffic prediction methods, due to their recent success and potential in traffic prediction, with an emphasis on multivariate traffic time series modeling. We first provide a list and explanation of the various data types and resources used in the literature. Next, the essential data preprocessing methods within the traffic prediction context are categorized, and the prediction methods and applications are subsequently summarized. Lastly, we present primary research challenges in traffic prediction and discuss some directions for future research.Comment: Published in Transportation Research Part C: Emerging Technologies (TR_C), Volume 145, 202

On Organization of Information: Approach and Early Work

In this report we describe an approach for organizing information for presentation and display. "e approach stems from the observation that there is a stepwise progression in the way signals (from the environment and the system under consideration) are extracted and transformed into data, and then analyzed and abstracted to form representations (e.g., indications and icons) on the user interface. In physical environments such as aerospace and process control, many system components and their corresponding data and information are interrelated (e.g., an increase in a chamber s temperature results in an increase in its pressure). "ese interrelationships, when presented clearly, allow users to understand linkages among system components and how they may affect one another. Organization of these interrelationships by means of an orderly structure provides for the so-called "big picture" that pilots, astronauts, and operators strive for

Global Cyber Attack Forecast using AI Techniques

The advancement of internet technology and growing involvement in the cyber world have made us prone to cyber-attacks inducing severe damage to individuals and organizations, including financial loss, identity theft, and reputational damage. The rapid emergence and evolution of new networks and new opportunities for businesses and technologies are increasing threats to security vulnerabilities. Hence cyber-crime analysis is one of the wide range applications of Data Mining that can be eventually used to predict and detect crime. However, there are several constraints while analyzing cyber-attacks, which are yet to be resolved for more accurate cyber security inspection. Although there are many strategies for intrusion detection, predicting upcoming cyber threats remains an open research challenge. Hence, this thesis seeks to utilize temporal correlations among attack frequencies within specific time periods to predict the future severity of cyber incidents. The research aims to address the current research limitations by introducing a real-time data collection framework that will provide up-to-date cyber-attack data. Furthermore, a platform for cyber-attack trend analysis has been developed using Power BI to provide insight into the current cyber-attack trend. A correlation was identified in the reported attack volume across consecutive time frames through collected attack data analysis. This thesis introduces a predictive model that forecasts the frequency of cyber-attacks within a specified time window, using solely a historical record of attack counts. The research includes various machine learning and deep learning methods to develop a prediction system based on multiple time frames with an over 15% improvement in accuracy compared to the conventional baseline model. Namely, our research demonstrates that cyber incidents are not entirely random, and by analyzing patterns and trends in past incidents, developed AI techniques can be used to improve cybersecurity measures and prevent future attacks

Electricity Price Time Series Forecasting in Deregulated Markets Using Recurrent Neural Network Based Approaches

Ph.DDOCTOR OF PHILOSOPH

Multi-Sensor Data Fusion for Travel Time Estimation

The importance of travel time estimation has increased due to the central role it plays in a number of emerging intelligent transport systems and services including Advanced Traveller Information Systems (ATIS), Urban Traffic Control (UTC), Dynamic Route Guidance (DRG), Active Traffic Management (ATM), and network performance monitoring. Along with the emerging of new sensor technologies, the much greater volumes of near real time data provided by these new sensor systems create opportunities for significant improvement in travel time estimation. Data fusion as a recent technique leads to a promising solution to this problem. This thesis presents the development and testing of new methods of multi-sensor data fusion for the accurate, reliable and robust estimation of travel time. This thesis reviews the state-of-art data fusion approaches and its application in transport domain, and discusses both of opportunities and challenging of applying data fusion into travel time estimation in a heterogeneous real time data environment. For a particular England highway scenario where ILDs and ANPR data are largely available, a simple but practical fusion method is proposed to estimate the travel time based on a novel relationship between space-mean-speed and time-mean-speed. In developing a general fusion framework which is able to fuse ILDs, GPS and ANPR data, the Kalman filter is identified as the most appropriate fundamental fusion technique upon which to construct the required framework. This is based both on the ability of the Kalman filter to flexibly accommodate well-established traffic flow models which describe the internal physical relation between the observed variables and objective estimates and on its ability to integrate and propagate in a consistent fashion the uncertainty associated with different data sources. Although the standard linear Kalman filter has been used for multi-sensor travel time estimation in the previous research, the novelty of this research is to develop a nonlinear Kalman filter (EKF and UKF) fusion framework which improves the estimation performance over those methods based on the linear Kalman filter. This proposed framework is validated by both of simulation and real-world scenarios, and is demonstrated the effectiveness of estimating travel time by fusing multi-sensor sources

Decision Support Elements and Enabling Techniques to Achieve a Cyber Defence Situational Awareness Capability

[ES] La presente tesis doctoral realiza un análisis en detalle de los elementos de decisión necesarios para mejorar la comprensión de la situación en ciberdefensa con especial énfasis en la percepción y comprensión del analista de un centro de operaciones de ciberseguridad (SOC). Se proponen dos arquitecturas diferentes basadas en el análisis forense de flujos de datos (NF3). La primera arquitectura emplea técnicas de Ensemble Machine Learning mientras que la segunda es una variante de Machine Learning de mayor complejidad algorítmica (lambda-NF3) que ofrece un marco de defensa de mayor robustez frente a ataques adversarios. Ambas propuestas buscan automatizar de forma efectiva la detección de malware y su posterior gestión de incidentes mostrando unos resultados satisfactorios en aproximar lo que se ha denominado un SOC de próxima generación y de computación cognitiva (NGC2SOC). La supervisión y monitorización de eventos para la protección de las redes informáticas de una organización debe ir acompañada de técnicas de visualización. En este caso, la tesis aborda la generación de representaciones tridimensionales basadas en métricas orientadas a la misión y procedimientos que usan un sistema experto basado en lógica difusa. Precisamente, el estado del arte muestra serias deficiencias a la hora de implementar soluciones de ciberdefensa que reflejen la relevancia de la misión, los recursos y cometidos de una organización para una decisión mejor informada. El trabajo de investigación proporciona finalmente dos áreas claves para mejorar la toma de decisiones en ciberdefensa: un marco sólido y completo de verificación y validación para evaluar parámetros de soluciones y la elaboración de un conjunto de datos sintéticos que referencian unívocamente las fases de un ciberataque con los estándares Cyber Kill Chain y MITRE ATT & CK.[CA] La present tesi doctoral realitza una anàlisi detalladament dels elements de decisió necessaris per a millorar la comprensió de la situació en ciberdefensa amb especial èmfasi en la percepció i comprensió de l'analista d'un centre d'operacions de ciberseguretat (SOC). Es proposen dues arquitectures diferents basades en l'anàlisi forense de fluxos de dades (NF3). La primera arquitectura empra tècniques de Ensemble Machine Learning mentre que la segona és una variant de Machine Learning de major complexitat algorítmica (lambda-NF3) que ofereix un marc de defensa de major robustesa enfront d'atacs adversaris. Totes dues propostes busquen automatitzar de manera efectiva la detecció de malware i la seua posterior gestió d'incidents mostrant uns resultats satisfactoris a aproximar el que s'ha denominat un SOC de pròxima generació i de computació cognitiva (NGC2SOC). La supervisió i monitoratge d'esdeveniments per a la protecció de les xarxes informàtiques d'una organització ha d'anar acompanyada de tècniques de visualització. En aquest cas, la tesi aborda la generació de representacions tridimensionals basades en mètriques orientades a la missió i procediments que usen un sistema expert basat en lògica difusa. Precisament, l'estat de l'art mostra serioses deficiències a l'hora d'implementar solucions de ciberdefensa que reflectisquen la rellevància de la missió, els recursos i comeses d'una organització per a una decisió més ben informada. El treball de recerca proporciona finalment dues àrees claus per a millorar la presa de decisions en ciberdefensa: un marc sòlid i complet de verificació i validació per a avaluar paràmetres de solucions i l'elaboració d'un conjunt de dades sintètiques que referencien unívocament les fases d'un ciberatac amb els estàndards Cyber Kill Chain i MITRE ATT & CK.[EN] This doctoral thesis performs a detailed analysis of the decision elements necessary to improve the cyber defence situation awareness with a special emphasis on the perception and understanding of the analyst of a cybersecurity operations center (SOC). Two different architectures based on the network flow forensics of data streams (NF3) are proposed. The first architecture uses Ensemble Machine Learning techniques while the second is a variant of Machine Learning with greater algorithmic complexity (lambda-NF3) that offers a more robust defense framework against adversarial attacks. Both proposals seek to effectively automate the detection of malware and its subsequent incident management, showing satisfactory results in approximating what has been called a next generation cognitive computing SOC (NGC2SOC). The supervision and monitoring of events for the protection of an organisation's computer networks must be accompanied by visualisation techniques. In this case, the thesis addresses the representation of three-dimensional pictures based on mission oriented metrics and procedures that use an expert system based on fuzzy logic. Precisely, the state-of-the-art evidences serious deficiencies when it comes to implementing cyber defence solutions that consider the relevance of the mission, resources and tasks of an organisation for a better-informed decision. The research work finally provides two key areas to improve decision-making in cyber defence: a solid and complete verification and validation framework to evaluate solution parameters and the development of a synthetic dataset that univocally references the phases of a cyber-attack with the Cyber Kill Chain and MITRE ATT & CK standards.Llopis Sánchez, S. (2023). Decision Support Elements and Enabling Techniques to Achieve a Cyber Defence Situational Awareness Capability [Tesis doctoral]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/19424