585 research outputs found

    Security techniques for sensor systems and the Internet of Things

    Get PDF
    Sensor systems are becoming pervasive in many domains, and are recently being generalized by the Internet of Things (IoT). This wide deployment, however, presents significant security issues. We develop security techniques for sensor systems and IoT, addressing all security management phases. Prior to deployment, the nodes need to be hardened. We develop nesCheck, a novel approach that combines static analysis and dynamic checking to efficiently enforce memory safety on TinyOS applications. As security guarantees come at a cost, determining which resources to protect becomes important. Our solution, OptAll, leverages game-theoretic techniques to determine the optimal allocation of security resources in IoT networks, taking into account fixed and variable costs, criticality of different portions of the network, and risk metrics related to a specified security goal. Monitoring IoT devices and sensors during operation is necessary to detect incidents. We design Kalis, a knowledge-driven intrusion detection technique for IoT that does not target a single protocol or application, and adapts the detection strategy to the network features. As the scale of IoT makes the devices good targets for botnets, we design Heimdall, a whitelist-based anomaly detection technique for detecting and protecting against IoT-based denial of service attacks. Once our monitoring tools detect an attack, determining its actual cause is crucial to an effective reaction. We design a fine-grained analysis tool for sensor networks that leverages resident packet parameters to determine whether a packet loss attack is node- or link-related and, in the second case, locate the attack source. Moreover, we design a statistical model for determining optimal system thresholds by exploiting packet parameters variances. With our techniques\u27 diagnosis information, we develop Kinesis, a security incident response system for sensor networks designed to recover from attacks without significant interruption, dynamically selecting response actions while being lightweight in communication and energy overhead

    Exploiting gan as an oversampling method for imbalanced data augmentation with application to the fault diagnosis of an industrial robot

    Get PDF
    O diagnóstico inteligente de falhas baseado em aprendizagem máquina geralmente requer um conjunto de dados balanceados para produzir um desempenho aceitável. No entanto, a obtenção de dados quando o equipamento industrial funciona com falhas é uma tarefa desafiante, resultando frequentemente num desequilíbrio entre dados obtidos em condições nominais e com falhas. As técnicas de aumento de dados são das abordagens mais promissoras para mitigar este problema. Redes adversárias generativas (GAN) são um tipo de modelo generativo que consiste de um módulo gerador e de um discriminador. Por meio de aprendizagem adversária entre estes módulos, o gerador otimizado pode produzir padrões sintéticos que podem ser usados para amumento de dados. Investigamos se asGANpodem ser usadas como uma ferramenta de sobre amostra- -gem para compensar um conjunto de dados desequilibrado em uma tarefa de diagnóstico de falhas num manipulador robótico industrial. Realizaram-se uma série de experiências para validar a viabilidade desta abordagem. A abordagem é comparada com seis cenários, incluindo o método clássico de sobre amostragem SMOTE. Os resultados mostram que a GAN supera todos os cenários comparados. Para mitigar dois problemas reconhecidos no treino das GAN, ou seja, instabilidade de treino e colapso de modo, é proposto o seguinte. Propomos uma generalização da GAN de erro quadrado médio (MSE GAN) da Wasserstein GAN com penalidade de gradiente (WGAN-GP), referida como VGAN (GAN baseado numa matriz V) para mitigar a instabilidade de treino. Além disso, propomos um novo critério para rastrear o modelo mais adequado durante o treino. Experiências com o MNIST e no conjunto de dados do manipulador robótico industrial mostram que o VGAN proposto supera outros modelos competitivos. A rede adversária generativa com consistência de ciclo (CycleGAN) visa lidar com o colapso de modo, uma condição em que o gerador produz pouca ou nenhuma variabilidade. Investigamos a distância fatiada de Wasserstein (SWD) na CycleGAN. O SWD é avaliado tanto no CycleGAN incondicional quanto no CycleGAN condicional com e sem mecanismos de compressão e excitação. Mais uma vez, dois conjuntos de dados são avaliados, ou seja, o MNIST e o conjunto de dados do manipulador robótico industrial. Os resultados mostram que o SWD tem menor custo computacional e supera o CycleGAN convencional.Machine learning based intelligent fault diagnosis often requires a balanced data set for yielding an acceptable performance. However, obtaining faulty data from industrial equipment is challenging, often resulting in an imbalance between data acquired in normal conditions and data acquired in the presence of faults. Data augmentation techniques are among the most promising approaches to mitigate such issue. Generative adversarial networks (GAN) are a type of generative model consisting of a generator module and a discriminator. Through adversarial learning between these modules, the optimised generator can produce synthetic patterns that can be used for data augmentation. We investigate whether GAN can be used as an oversampling tool to compensate for an imbalanced data set in an industrial robot fault diagnosis task. A series of experiments are performed to validate the feasibility of this approach. The approach is compared with six scenarios, including the classical oversampling method (SMOTE). Results show that GAN outperforms all the compared scenarios. To mitigate two recognised issues in GAN training, i.e., instability and mode collapse, the following is proposed. We proposed a generalization of both mean sqaure error (MSE GAN) and Wasserstein GAN with gradient penalty (WGAN-GP), referred to as VGAN (the V-matrix based GAN) to mitigate training instability. Also, a novel criterion is proposed to keep track of the most suitable model during training. Experiments on both the MNIST and the industrial robot data set show that the proposed VGAN outperforms other competitive models. Cycle consistency generative adversarial network (CycleGAN) is aiming at dealing with mode collapse, a condition where the generator yields little to none variability. We investigate the sliced Wasserstein distance (SWD) for CycleGAN. SWD is evaluated in both the unconditional CycleGAN and the conditional CycleGAN with and without squeeze-and-excitation mechanisms. Again, two data sets are evaluated, i.e., the MNIST and the industrial robot data set. Results show that SWD has less computational cost and outperforms conventional CycleGAN

    Advanced applications for smart energy systems considering grid-interactive demand response

    Get PDF

    Advanced applications for smart energy systems considering grid-interactive demand response

    Get PDF

    Towards next generation WLANs: exploiting coordination and cooperation

    Get PDF
    Wireless Local Area Networks (WLANs) operating in the industrial, scientific and medical (ISM) radio bands have gained great popularity and increasing usage over the past few years. The corresponding MAC/PHY specification, the IEEE 802.11 standard, has also evolved to adapt to such development. However, as the number of WLAN mobile users increases, and as their needs evolve in the face of new applications, there is an ongoing need for the further evolution of the IEEE 802.11 standard. In this thesis we propose several MAC/PHY layer protocols and schemes that will provide more system throughput, lower packet delivery delay and lessen the power consumption of mobile devices. Our work investigates three approaches that lead to improved WLAN performance: 1) cross-layer design of the PHY and MAC layers for larger system throughput, 2) exploring the use of implicit coordination among clients to increase the efficiency of random media access, and 3) improved packets dispatching by the access points (APs) to preserve the battery of mobile devices. Each proposed solution is supported by theoretical proofs and extensively studied by simulations or experiments on testbeds

    Performance Evaluation of Network Anomaly Detection Systems

    Get PDF
    Nowadays, there is a huge and growing concern about security in information and communication technology (ICT) among the scientific community because any attack or anomaly in the network can greatly affect many domains such as national security, private data storage, social welfare, economic issues, and so on. Therefore, the anomaly detection domain is a broad research area, and many different techniques and approaches for this purpose have emerged through the years. Attacks, problems, and internal failures when not detected early may badly harm an entire Network system. Thus, this thesis presents an autonomous profile-based anomaly detection system based on the statistical method Principal Component Analysis (PCADS-AD). This approach creates a network profile called Digital Signature of Network Segment using Flow Analysis (DSNSF) that denotes the predicted normal behavior of a network traffic activity through historical data analysis. That digital signature is used as a threshold for volume anomaly detection to detect disparities in the normal traffic trend. The proposed system uses seven traffic flow attributes: Bits, Packets and Number of Flows to detect problems, and Source and Destination IP addresses and Ports, to provides the network administrator necessary information to solve them. Via evaluation techniques, addition of a different anomaly detection approach, and comparisons to other methods performed in this thesis using real network traffic data, results showed good traffic prediction by the DSNSF and encouraging false alarm generation and detection accuracy on the detection schema. The observed results seek to contribute to the advance of the state of the art in methods and strategies for anomaly detection that aim to surpass some challenges that emerge from the constant growth in complexity, speed and size of today’s large scale networks, also providing high-value results for a better detection in real time.Atualmente, existe uma enorme e crescente preocupação com segurança em tecnologia da informação e comunicação (TIC) entre a comunidade científica. Isto porque qualquer ataque ou anomalia na rede pode afetar a qualidade, interoperabilidade, disponibilidade, e integridade em muitos domínios, como segurança nacional, armazenamento de dados privados, bem-estar social, questões econômicas, e assim por diante. Portanto, a deteção de anomalias é uma ampla área de pesquisa, e muitas técnicas e abordagens diferentes para esse propósito surgiram ao longo dos anos. Ataques, problemas e falhas internas quando não detetados precocemente podem prejudicar gravemente todo um sistema de rede. Assim, esta Tese apresenta um sistema autônomo de deteção de anomalias baseado em perfil utilizando o método estatístico Análise de Componentes Principais (PCADS-AD). Essa abordagem cria um perfil de rede chamado Assinatura Digital do Segmento de Rede usando Análise de Fluxos (DSNSF) que denota o comportamento normal previsto de uma atividade de tráfego de rede por meio da análise de dados históricos. Essa assinatura digital é utilizada como um limiar para deteção de anomalia de volume e identificar disparidades na tendência de tráfego normal. O sistema proposto utiliza sete atributos de fluxo de tráfego: bits, pacotes e número de fluxos para detetar problemas, além de endereços IP e portas de origem e destino para fornecer ao administrador de rede as informações necessárias para resolvê-los. Por meio da utilização de métricas de avaliação, do acrescimento de uma abordagem de deteção distinta da proposta principal e comparações com outros métodos realizados nesta tese usando dados reais de tráfego de rede, os resultados mostraram boas previsões de tráfego pelo DSNSF e resultados encorajadores quanto a geração de alarmes falsos e precisão de deteção. Com os resultados observados nesta tese, este trabalho de doutoramento busca contribuir para o avanço do estado da arte em métodos e estratégias de deteção de anomalias, visando superar alguns desafios que emergem do constante crescimento em complexidade, velocidade e tamanho das redes de grande porte da atualidade, proporcionando também alta performance. Ainda, a baixa complexidade e agilidade do sistema proposto contribuem para que possa ser aplicado a deteção em tempo real

    Parallel and Distributed Computing

    Get PDF
    The 14 chapters presented in this book cover a wide variety of representative works ranging from hardware design to application development. Particularly, the topics that are addressed are programmable and reconfigurable devices and systems, dependability of GPUs (General Purpose Units), network topologies, cache coherence protocols, resource allocation, scheduling algorithms, peertopeer networks, largescale network simulation, and parallel routines and algorithms. In this way, the articles included in this book constitute an excellent reference for engineers and researchers who have particular interests in each of these topics in parallel and distributed computing
    • …
    corecore