A Modified EM Algorithm for Shrinkage Estimation in Multivariate Hidden Markov Models

Τα κρυμμένα Μαρκοβιανά μοντέλα χρησιμοποιούνται σε ένα ευρύ πεδίο εφαρμογών, λόγω της κατασκευής τους που τα καθιστά μαθηματικώς διαχειρίσιμα και επιτρέπει τη χρήση αποτελεσματικών υπολογιστικών τεχνικών. ́Εχουν αναπτυχθεί μέθοδοι για την εκτίμηση των παραμέτρων του μοντέλου, όπως ο αλγόριθμος EM, αλλά και για την εύρεση των κρυμμένων καταστάσεων της Μαρκοβιανής αλυσίδας, όπως ο αλγόριθμος Viterbi. Σε εφαρμογές στις οποίες η διάσταση των δεδομένων είναι συγκρίσιμη με το μέγεθος του δέιγματος, είναι γνωστό πως ο δειγματικός πίνακας συνδιακύμανσης είναι αριθμητικά ασταθής, γεγονός που επηρεάζει άμεσα το βήμα μεγιστοποίησης (M-step) του αλγορίθμου EM, στο οποίο εμπλέκεται ο υπολογισμός του αντιστρόφου του. Το πρόβλημα αυτό μπορεί να ενταθεί λόγω ενδεχόμενης ύπαρξης καταστάσεων οι οποίες εμφανίζονται σπάνια, με αποτέλεσμα το μέγεθος δείγματος για την εκτίμηση των αντίστοιχων παραμέτρων να είναι μικρό. Επομένως, η άμεση χρήση αυτών των μεθόδων είναι πιθανό να οδηγήσει σε αριθμητικά προβ- λήματα, όσον αφορά στην εκτίμηση του πίνακα συνδιακύμανσης και του αντιστρόφου του, επηρεάζοντας επιπλέον την εκτίμηση του πίνακα πιθανοτήτων μετάβασης και την ανακατασκευή της κρυμμένης Μαρκο- βιανής αλυσίδας. Στη συγκεκριμένη εργασία μελετάται θεωρητικά και αλγοριθμικά μία τροποποίηση του αλγορίθμου EM, έτσι ώστε ο εκτιμήτης που προκύπτει για τον πίνακα συνδιακύμανσης, κατά το βήμα μεγιστοποίησης, να είναι αυτός που απορρέει από τη χρήση της μεθόδου συρρίκνωσης (shrinkage). Για τον σκοπό αυτό, στη συνάρτηση της λογαριθμικής πιθανοφάνειας ενσωματώνονται κάποιες ποινές, ώστε να κανονικοποιηθεί το αντίστοιχο πρόβλημα μεγιστοποίησης. Η συνάρτηση αυτή, χρησιμοποιείται και στο βήμα εκτίμησης (E-step). Επίσης, μελετάται αλγοριθμικά και μία παραλλαγή αυτής της μεθόδου, στην οποία η συνάρτηση με τις ποινές χρησιμοποιείται μόνο κατά το βήμα μεγιστοποίησης (M-step).Hidden Markov models are used in a wide range of applications due to their construction that renders them mathematically tractable and allows for the use of efficient computational techniques. There are methods for the estimation of the model’s parameters, such as the EM algorithm, but also for the estimation of the hidden states of the underlying Markov chain, such as the Viterbi algorithm. In applications where the dimension of the data is comparable to the sample size, the sample covariance matrix is known to be ill-conditioned, which directly affects the maximisation step (M- step) of the EM algorithm, where its inverse is involved in the computations. This problem might be amplified if there are rarely visited states resulting in a small sample size for the estimation of the corresponding parameters. Therefore, the direct implementation of these methods can be proved to be troublesome, as many computational problems might occur in the estimation of the covariance matrix and its inverse, further affecting the estimation of the one-step transition probability matrix and the reconstruction of the hidden Markov chain. In this paper, a modified version of the EM algorithm is studied, both theoretically and computa- tionally, in order to obtain the shrinkage estimator of the covariance matrix during the maximisation step. This is achieved by maximising a penalised log-likelihood function, which is also used in the estimation step (E-step). A variant of this modified version, where the penalised log-likelihood func- tion is only used in the maximisation step (M-step), is also studied computationally

Secure and authenticated access to LLN resources through policy constraints

Ubiquitous devices comprising several resource-constrained sensors and actuators while having the long desired Internet connectivity, are becoming part of many solutions that seek to enhance user’s environment smartness and quality of living. Their intrinsic resource limitations however constitute critical requirements, such as security, a great challenge. When these nodes are associated with applications that might have an impact in user’s privacy or even become life threatening, the security issues are of primary concern. Access to these resources should be appropriately controlled to ensure that such wearable nodes are adequately protected. On the other hand, it is very important to not restrict access to only a very closed group of entities. This work presents a service oriented architecture that utilizes policy-based, unified, cross-platform and flexible access control to allow authenticated entities consume the services provided by wearable nodes while protecting their valuable resources

The THREAT-ARREST Cyber-Security Training Platform

Cyber security is always a main concern for critical infrastructures and nation-wide safety and sustainability. Thus, advanced cyber ranges and security training is becoming imperative for the involved organizations. This paper presets a cyber security training platform, called THREAT-ARREST. The various platform modules can analyze an organization’s system, identify the most critical threats, and tailor a training program to its personnel needs. Then, different training programmes are created based on the trainee types (i.e. administrator, simple operator, etc.), providing several teaching procedures and accomplishing diverse learning goals. One of the main novelties of THREAT-ARREST is the modelling of these programmes along with the runtime monitoring, management, and evaluation operations. The platform is generic. Nevertheless, its applicability in a smart energy case study is detailed

Modern Aspects of Cyber-Security Training and Continuous Adaptation of Programmes to Trainees

Nowadays, more-and-more cyber-security training is emerging as an essential process for the lifelong personnel education in organizations, especially for those which operate critical infrastructures. This is due to security breaches on popular services that become publicly known and raise people’s security awareness. Except from large organizations, small-to-medium enterprises and individuals need to keep their knowledge on the related topics up-to-date as a means to protect their business operation or to obtain professional skills. Therefore, the potential target-group may range from simple users, who require basic knowledge on the current threat landscape and how to operate the related defense mechanisms, to security experts, who require hands-on experience in responding to security incidents. This high diversity makes training and certification quite a challenging task. This study combines pedagogical practices and cyber-security modelling in an attempt to support dynamically adaptive training procedures. The training programme is initially tailored to the trainee’s needs, promoting the continuous adaptation to his/her performance afterwards. As the trainee accomplishes the basic evaluation tasks, the assessment starts involving more advanced features that demand a higher level of understanding. The overall method is integrated in a modern cyber-ranges platform, and a pilot training programme for smart shipping employees is presented

Lightweight password hashing scheme for embedded systems

Passwords constitute the main mean for authentication in computer systems. In order to maintain the user-related information at the service provider end, password hashing schemes (PHS) are utilized. The limited and old-fashioned solutions led the international cryptographic community to conduct the Password Hashing Competition (PHC). The competition will propose a small portfolio of schemes suitable for widespread usage until 2015. Embedded systems form a special application domain, utilizing devices with inherent computational limitations. Lightweight cryptography focuses in designing schemes for such devices and targets moderate levels of security. In this paper, a lightweight poly PHS suitable for lightweight cryptography is presented. At first, we design two lightweight versions of the PHC schemes Catena and PolyPassHash. Then, we integrate them and implement the proposed scheme – called LightPolyPHS. A fair comparison with similar proposals on mainstream computer is presented

Geometric-phase-propagator approach to time-dependent quantum systems

A field-theoretical approach to the scattering off an oscillating quantum system is developed. As a key ingredient it employs the adiabatic eigenstate basis and consists of a perturbative scheme for the calculation of the geometric phases influencing the transmission through the time-dependent potential landscape. The main advantage is the identification of basic diagrams which allow for an immediate interpretation of the underlying elementary physical processes contributing to the scattering and transmission behavior. We apply our method to the simple, but prototypical, problem of transmission through an one-dimensional oscillating δ potential and demonstrate how it enables a deeper understanding of the relevant physical processes

XSACd—Cross-domain resource sharing & access control for smart environments

Computing devices permeate working and living environments, affecting all aspects of modern everyday lives; a trend which is expected to intensify in the coming years. In the residential setting, the enhanced features and services provided by said computing devices constitute what is typically referred to as a “smart home”. However, the direct interaction smart devices often have with the physical world, along with the processing, storage and communication of data pertaining to users’ lives, i.e. private sensitive in nature, bring security concerns into the limelight. The resource-constraints of the platforms being integrated into a smart home environment, and their heterogeneity in hardware, network and overlaying technologies, only exacerbate the above issues. This paper presents XSACd, a cross-domain resource sharing & access control framework for smart environments, combining the well-studied fine-grained access control provided by the eXtensible Access Control Markup Language (XACML) with the benefits of Service Oriented Architectures, through the use of the Devices Profile for Web Services (DPWS). Based on standardized technologies, it enables seamless interactions and fine-grained policy-based management of heterogeneous smart devices, including support for communication between distributed networks, via the associated MQ Telemetry Transport protocol (MQTT)–based proxies. The framework is implemented in full, and its performance is evaluated on a test bed featuring relatively resource-constrained smart platforms and embedded devices, verifying the feasibility of the proposed approac

Policy-Controlled Authenticated Access to LLN-Connected Healthcare Resources.

Ubiquitous devices comprising several resource-constrained nodes with sensors, actuators, and networking capabilities are becoming part of many solutions that seek to enhance user's environment smartness and quality of living, prominently including enhanced healthcare services. In such an environment, security issues are of primary concern as a potential resource misuse can severely impact user's privacy or even become life threatening. Access to these resources should be appropriately controlled to ensure that eHealth nodes are adequately protected and the services are available to authorized entities. The intrinsic resource limitations of these nodes, however, make satisfying these requirements a great challenge. This paper proposes and analyzes a service-oriented architecture that provides a policy-based, unified, cross-platform, and flexible access control mechanism, allowing authorized entities to consume services provided by eHealth nodes while protecting their valuable resources. The scheme is XACML driven, although modifications to the related standardized architecture are proposed to satisfy the requirements imposed by nodes that comprise low-power and lossy networks (LLNs). A proof-of-concept implementation is presented, along with the associated performance evaluation, confirming the feasibility of the proposed approach

Chameleon - A New Kind of Stream Cipher

Stream cipher systems are used to protect intellectual property in pay-TV and a number of other applications. In some of these, it would be convenient if a single ciphertext could be broadcast, and subscribers given slightly different deciphering keys that had the effect of producing slightly different plaintexts, so that a subscriber who illegally resold material licensed to him could be traced. Previously, this could be done using a one-time pad, or with complicated hierarchical key management schemes. In this paper we show how to endow any stream cipher with this potentially useful property. We also show a simple 3-resilient traitor tracing scheme based on random coding with which it can be used