A Self Healing Microservices Architecture: A Case Study in Docker Swarm Cluster

One desired aspect of a self-adapting microservices architecture is the ability to continuously monitor the operational environment, detect and observe anomalous behaviour as well as implement a reasonable policy for self-scaling, self-healing, and self-tuning the computational resources in order to dynamically respond to a sudden change in its operational environment. Often the behaviour of a microservices architecture continuously changes over time and the identification of both normal and abnormal behaviours of running services becomes a challenging task. This paper proposes a self-healing Microservice architecture that continuously monitors the operational environment, detects and observes anomalous behaviours, and provides a reasonable adaptation policy using a multi-dimensional utility-based model. This model preserves the cluster state and prevents multiple actions to taking place at the same time. It also guarantees that the executed adaptation action fits the current execution context and achieves the adaptation goals. The results show the ability of this model to dynamically scale the architecture horizontally or vertically in response to the context changes

Data-driven approach for creating synthetic electronic medical records

<p>Abstract</p> <p>Background</p> <p>New algorithms for disease outbreak detection are being developed to take advantage of full electronic medical records (EMRs) that contain a wealth of patient information. However, due to privacy concerns, even anonymized EMRs cannot be shared among researchers, resulting in great difficulty in comparing the effectiveness of these algorithms. To bridge the gap between novel bio-surveillance algorithms operating on full EMRs and the lack of non-identifiable EMR data, a method for generating complete and synthetic EMRs was developed.</p> <p>Methods</p> <p>This paper describes a novel methodology for generating complete synthetic EMRs both for an outbreak illness of interest (tularemia) and for background records. The method developed has three major steps: 1) synthetic patient identity and basic information generation; 2) identification of care patterns that the synthetic patients would receive based on the information present in real EMR data for similar health problems; 3) adaptation of these care patterns to the synthetic patient population.</p> <p>Results</p> <p>We generated EMRs, including visit records, clinical activity, laboratory orders/results and radiology orders/results for 203 synthetic tularemia outbreak patients. Validation of the records by a medical expert revealed problems in 19% of the records; these were subsequently corrected. We also generated background EMRs for over 3000 patients in the 4-11 yr age group. Validation of those records by a medical expert revealed problems in fewer than 3% of these background patient EMRs and the errors were subsequently rectified.</p> <p>Conclusions</p> <p>A data-driven method was developed for generating fully synthetic EMRs. The method is general and can be applied to any data set that has similar data elements (such as laboratory and radiology orders and results, clinical activity, prescription orders). The pilot synthetic outbreak records were for tularemia but our approach may be adapted to other infectious diseases. The pilot synthetic background records were in the 4-11 year old age group. The adaptations that must be made to the algorithms to produce synthetic background EMRs for other age groups are indicated.</p

Comparison of Network Intrusion Detection Performance Using Feature Representation

P. 463-475Intrusion detection is essential for the security of the components of any network. For that reason, several strategies can be used in Intrusion Detection Systems (IDS) to identify the increasing attempts to gain unauthorized access with malicious purposes including those base on machine learning. Anomaly detection has been applied successfully to numerous domains and might help to identify unknown attacks. However, there are existing issues such as high error rates or large dimensionality of data that make its deployment di cult in real-life scenarios. Representation learning allows to estimate new latent features of data in a low-dimensionality space. In this work, anomaly detection is performed using a previous feature learning stage in order to compare these methods for the detection of intrusions in network tra c. For that purpose, four di erent anomaly detection algorithms are applied to recent network datasets using two di erent feature learning methods such as principal component analysis and autoencoders. Several evaluation metrics such as accuracy, F1 score or ROC curves are used for comparing their performance. The experimental results show an improvement for two of the anomaly detection methods using autoencoder and no signi cant variations for the linear feature transformationS

An open challenge to advance probabilistic forecasting for dengue epidemics

This is the final version. Available on open access from the National Academy of Sciences via the DOI in this recordData Availability: Data deposition: The data are available at https://github.com/cdcepi/dengue-forecasting-project-2015 (DOI: https://doi.org/10.5281/zenodo.3519270).A wide range of research has promised new tools for forecasting infectious disease dynamics, but little of that research is currently being applied in practice, because tools do not address key public health needs, do not produce probabilistic forecasts, have not been evaluated on external data, or do not provide sufficient forecast skill to be useful. We developed an open collaborative forecasting challenge to assess probabilistic forecasts for seasonal epidemics of dengue, a major global public health problem. Sixteen teams used a variety of methods and data to generate forecasts for 3 epidemiological targets (peak incidence, the week of the peak, and total incidence) over 8 dengue seasons in Iquitos, Peru and San Juan, Puerto Rico. Forecast skill was highly variable across teams and targets. While numerous forecasts showed high skill for midseason situational awareness, early season skill was low, and skill was generally lowest for high incidence seasons, those for which forecasts would be most valuable. A comparison of modeling approaches revealed that average forecast skill was lower for models including biologically meaningful data and mechanisms and that both multimodel and multiteam ensemble forecasts consistently outperformed individual model forecasts. Leveraging these insights, data, and the forecasting framework will be critical to improve forecast skill and the application of forecasts in real time for epidemic preparedness and response. Moreover, key components of this project-integration with public health needs, a common forecasting framework, shared and standardized data, and open participation-can help advance infectious disease forecasting beyond dengue

sensors network optimization by a novel genetic algorithm

IFIPThis paper describes the optimization of a sensor network by a novel Genetic Algorithm (GA) that we call King Mutation C2. For a given distribution of sensors, the goal of the system is to determine the optimal combination of sensors that ca

A two-stage classifier approach for network intrusion detection

Network Intrusion Detection Systems (NIDS) are essential to combat security threats in network environments. These systems monitor and detect malicious behavior to provide automated methods of identifying and dealing with attacks or security breaches in a network. Machine learning is a promising approach in the development of effective NIDS. One of the problems faced in the development of such systems is that the datasets used in the construction of classifiers are typically imbalanced. This is because the classification categories do not have relatively equal representation in the datasets. This study investigates a two-stage classifier approach to NIDS based on imbalanced intrusion detection datasets by separating the training and detection of minority and majority intrusion classes. The purpose of this is to allow flexibility in the classification process, for example, two different classifiers can be used for detecting minority and majority classes respectively. In this paper, we performed experiments using the random forests classifier and the contemporary UNSW-NB15 dataset was used to evaluate the effectiveness of the proposed approach

A fuzzy based MCDM methodology for risk evaluation of cyber security technologies

International Conference on Intelligent and Fuzzy Systems, INFUS 2019 -- 23 July 2019 through 25 July 2019 -- 228529Cyber security that also known as information technology security is to protect computers, mobile devices, servers, electronic systems and networks from malicious digital attacks. In recent years, cyber security threats have been a growing problem for any critical digital infrastructure and various cyber-attacks created over the Internet are also becoming a big issue for the society. Therefore, the use of technologies developed to provide cyber security is very important. However, the risks of cyber security technologies should be taken into account when choosing among cyber security technologies. For this aim, we have proposed a multi-criteria decision making (MCDM) methodology based on hesitant fuzzy sets (HFSs) that gives experts extra flexibility in using linguistic terms to evaluate the criteria and alternatives to determine the best cyber security technology. For this aim, a study has also been discussed which deals with risk factors in the selection of cyber security technologies via fuzzy MCDM process. © 2020, Springer Nature Switzerland AG