Learning to Detect: A Data-driven Approach for Network Intrusion Detection

With massive data being generated daily and the ever-increasing interconnectivity of the world’s Internet infrastructures, a machine learning based intrusion detection system (IDS) has become a vital component to protect our economic and national security. In this paper, we perform a comprehensive study on NSL-KDD, a network traffic dataset, by visualizing patterns and employing different learning-based models to detect cyber attacks. Unlike previous shallow learning and deep learning models that use the single learning model approach for intrusion detection, we adopt a hierarchy strategy, in which the intrusion and normal behavior are classified firstly, and then the specific types of attacks are classified. We demonstrate the advantage of the unsupervised representation learning model in binary intrusion detection tasks. Besides, we alleviate the data imbalance problem with SVM-SMOTE oversampling technique in 4-class classification and further demonstrate the effectiveness and the drawback of the oversampling mechanism with a deep neural network as a base model. Index Terms—Intrusio

UWB-INS Fusion Positioning Based on a Two-Stage Optimization Algorithm

Ultra-wideband (UWB) is a carrier-less communication technology that transmits data using narrow pulses of non-sine waves on the nanosecond scale. The UWB positioning system uses the multi-lateral positioning algorithm to accurately locate the target, and the positioning accuracy is seriously affected by the non-line-of-sight (NLOS) error. The existing non-line-of-sight error compensation methods lack multidimensional consideration. To combine the advantages of various methods, a two-stage UWB-INS fusion localization algorithm is proposed. In the first stage, an NLOS signal filter is designed based on support vector machines (SVM). In the second stage, the results of UWB and Inertial Navigation System (INS) are fused based on Kalman filter algorithm. The two-stage fusion localization algorithm achieves a great improvement on positioning system, it can improve the localization accuracy by 79.8% in the NLOS environment and by 36% in the (line-of-sight) LOS environment

Communication Aware UAV Swarm Surveillance Based on Hierarchical Architecture

Multi-agent unmanned aerial vehicle (UAV) teaming becomes an essential part in science mission, modern warfare surveillance, and disaster rescuing. This paper proposes a decentralized UAV swarm persistent monitoring strategy in realizing continuous sensing coverage and network service. A two-layer (high altitude and low altitude) UAV teaming hierarchical structure is adopted in realizing the accurate object tracking in the area of interest (AOI). By introducing the UAV communication channel model in its path planning, both centralized and decentralized control schemes would be evaluated in the waypoint tracking simulation. The UAV swarm network service and object tracking are measured by metrics of communication link quality and waypoints tracking accuracy. UAV swarm network connectivity are evaluated over different aspects, such as stability and volatility. The comparison of proposed algorithms is presented with simulations. The result shows that the decentralized scheme outperforms the centralized scheme in the mission of persistent surveillance, especially on maintaining the stability of inner UAV swarm network while tracking moving objects

Optimal Choices for the E-Tailer with Inventory Rationing, Hybrid Channel Strategies, and Service Level Constraint under Multiperiod Environments

This paper investigates optimal choices for the e-tailer with inventory rationing, hybrid channel strategies, and service level constraint under multiperiod environment. Based on different operational conditions, five mathematical models are proposed for the e-tailer who faces two types of fuzzy demand and a framework is designed to illustrate the e-tailer’s operation in different models. This paper presents the advantages of inventory rationing and hybrid channel strategies and analyzes the influences of channel differences variability on optimal choices for the e-tailer, where the channel differences include margin difference of priority and margin difference of channel. Through computer simulation, the optimal choices for the e-tailer under different multiperiod environments are obtained, and the influences of margin difference of priority and margin difference of channel on the e-tailer’s optimal choices are also examined. Experiment results show that the pure-play drop shipping model and the hybrid channel with inventory rationing model are the optimal choices for the e-tailer; these findings have valuable guiding significance for the e-tailer to make optimal tactical decisions under multiperiod environment

Federated Variational Learning for Anomaly Detection in Multivariate Time Series

Anomaly detection has been a challenging task given high-dimensional multivariate time series data generated by networked sensors and actuators in Cyber-Physical Systems (CPS). Besides the highly nonlinear, complex, and dynamic nature of such time series, the lack of labeled data impedes data exploitation in a supervised manner and thus prevents an accurate detection of abnormal phenomenons. On the other hand, the collected data at the edge of the network is often privacy sensitive and large in quantity, which may hinder the centralized training at the main server. To tackle these issues, we propose an unsupervised time series anomaly detection framework in a federated fashion to continuously monitor the behaviors of interconnected devices within a network and alert for abnormal incidents so that countermeasures can be taken before undesired consequences occur. To be specific, we leave the training data distributed at the edge to learn a shared Variational Autoencoder (VAE) based on Convolutional Gated Recurrent Unit (ConvGRU) model, which jointly captures feature and temporal dependencies in the multivariate time series data for representation learning and downstream anomaly detection tasks. Experiments on three real-world networked sensor datasets illustrate the advantage of our approach over other state-of-the-art models. We also conduct extensive experiments to demonstrate the effectiveness of our detection framework under non-federated and federated settings in terms of overall performance and detection latency