165 research outputs found
SoK: Realistic Adversarial Attacks and Defenses for Intelligent Network Intrusion Detection
Machine Learning (ML) can be incredibly valuable to automate anomaly detection and cyber-attack classification, improving the way that Network Intrusion Detection (NID) is performed. However, despite the benefits of ML models, they are highly susceptible to adversarial cyber-attack examples specifically crafted to exploit them. A wide range of adversarial attacks have been created and researchers have worked on various defense strategies to safeguard ML models, but most were not intended for the specific constraints of a communication network and its communication protocols, so they may lead to unrealistic examples in the NID domain. This Systematization of Knowledge (SoK) consolidates and summarizes the state-of-the-art adversarial learning approaches that can generate realistic examples and could be used in real ML development and deployment scenarios with real network traffic flows. This SoK also describes the open challenges regarding the use of adversarial ML in the NID domain, defines the fundamental properties that are required for an adversarial example to be realistic, and provides guidelines for researchers to ensure that their future experiments are adequate for a real communication network.The present work was partially supported by the Norte Portugal Regional Operational Programme (NORTE 2020), under the PORTUGAL 2020 Partnership Agreement, through the European Regional Development Fund (ERDF), within project ”Cybers SeC IP” (NORTE-01-0145-FEDER000044). This work has also received funding from UIDB/00760/2020.info:eu-repo/semantics/acceptedVersio
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection
Adversarial attacks pose a major threat to machine learning and to the
systems that rely on it. In the cybersecurity domain, adversarial cyber-attack
examples capable of evading detection are especially concerning. Nonetheless,
an example generated for a domain with tabular data must be realistic within
that domain. This work establishes the fundamental constraint levels required
to achieve realism and introduces the Adaptative Perturbation Pattern Method
(A2PM) to fulfill these constraints in a gray-box setting. A2PM relies on
pattern sequences that are independently adapted to the characteristics of each
class to create valid and coherent data perturbations. The proposed method was
evaluated in a cybersecurity case study with two scenarios: Enterprise and
Internet of Things (IoT) networks. Multilayer Perceptron (MLP) and Random
Forest (RF) classifiers were created with regular and adversarial training,
using the CIC-IDS2017 and IoT-23 datasets. In each scenario, targeted and
untargeted attacks were performed against the classifiers, and the generated
examples were compared with the original network traffic flows to assess their
realism. The obtained results demonstrate that A2PM provides a scalable
generation of realistic adversarial examples, which can be advantageous for
both adversarial training and attacks.Comment: 18 pages, 6 tables, 10 figures, Future Internet journa
Herb-Drug Interactions: A Holistic Decision Support System in Healthcare
Complementary and alternative medicine are commonly used concomitantly with
conventional medications leading to adverse drug reactions and even fatality in
some cases. Furthermore, the vast possibility of herb-drug interactions
prevents health professionals from remembering or manually searching them in a
database. Decision support systems are a powerful tool that can be used to
assist clinicians in making diagnostic and therapeutic decisions in patient
care. Therefore, an original and hybrid decision support system was designed to
identify herb-drug interactions, applying artificial intelligence techniques to
identify new possible interactions. Different machine learning models will be
used to strengthen the typical rules engine used in these cases. Thus, using
the proposed system, the pharmacy community, people's first line of contact
within the Healthcare System, will be able to make better and more accurate
therapeutic decisions and mitigate possible adverse events
Machine Reading at Scale: A Search Engine for Scientific and Academic Research
The Internet, much like our universe, is ever-expanding. Information, in the most varied formats, is continuously added to the point of information overload. Consequently, the ability to navigate this ocean of data is crucial in our day-to-day lives, with familiar tools such as search engines carving a path through this unknown. In the research world, articles on a myriad of topics with distinct complexity levels are published daily, requiring specialized tools to facilitate the access and assessment of the information within. Recent endeavors in artificial intelligence, and in natural language processing in particular, can be seen as potential solutions for breaking information overload and provide enhanced search mechanisms by means of advanced algorithms. As the advent of transformer-based language models contributed to a more comprehensive analysis of both text-encoded intents and true document semantic meaning, there is simultaneously a need for additional computational resources. Information retrieval methods can act as low-complexity, yet reliable, filters to feed heavier algorithms, thus reducing computational requirements substantially. In this work, a new search engine is proposed, addressing machine reading at scale in the context of scientific and academic research. It combines state-of-the-art algorithms for information retrieval and reading comprehension tasks to extract meaningful answers from a corpus of scientific documents. The solution is then tested on two current and relevant topics, cybersecurity and energy, proving that the system is able to perform under distinct knowledge domains while achieving competent performance.This work has received funding from the following projects: UIDB/00760/2020 and UIDP/00760/2020.info:eu-repo/semantics/publishedVersio
SoK: Realistic Adversarial Attacks and Defenses for Intelligent Network Intrusion Detection
Machine Learning (ML) can be incredibly valuable to automate anomaly
detection and cyber-attack classification, improving the way that Network
Intrusion Detection (NID) is performed. However, despite the benefits of ML
models, they are highly susceptible to adversarial cyber-attack examples
specifically crafted to exploit them. A wide range of adversarial attacks have
been created and researchers have worked on various defense strategies to
safeguard ML models, but most were not intended for the specific constraints of
a communication network and its communication protocols, so they may lead to
unrealistic examples in the NID domain. This Systematization of Knowledge (SoK)
consolidates and summarizes the state-of-the-art adversarial learning
approaches that can generate realistic examples and could be used in real ML
development and deployment scenarios with real network traffic flows. This SoK
also describes the open challenges regarding the use of adversarial ML in the
NID domain, defines the fundamental properties that are required for an
adversarial example to be realistic, and provides guidelines for researchers to
ensure that their future experiments are adequate for a real communication
network.Comment: 31 pages, 3 tables, 6 figures, Computers and Security journa
Multilevel negotiation in smart grids for VPP management of distributed resources
A multilevel negotiation mechanism for operating smart grids and negotiating in electricity markets considers the advantages of virtual power player management
EPEX ontology: Enhancing agent-based electricity market simulation
Electricity markets worldwide are complex and dynamic environments with very particular characteristics. The markets' restructuring and evolution into regional and continental scales, along with the constant changes brought by the increasing necessity for an adequate integration of renewable energy sources are the main drivers. Multi-agent based software is particularly well fitted to analyse dynamic and adaptive systems with complex interactions among its constituents, such as electricity markets. This paper proposes the use of ontologies to enable the exchange of information and knowledge, to test different market models and to allow market players from different systems to interact in common market environments. Focusing, namely, on the EPEX electricity market.This work has received funding from the European Union's Horizon 2020 research and innovation programme under the Marie Sklodowska-Curie grant agreement No 641794 (project DREAM-GO) and from FEDER Funds through COMPETE program and from National Funds through FCT under the project UID/EEA/00760/2013.info:eu-repo/semantics/publishedVersio
MASCEM: electricity markets simulation with strategic agents
Electricity markets are complex environments, involving numerous entities trying to obtain the best advantages and profits while limited by power-network characteristics and constraints.1 The restructuring and consequent deregulation of electricity markets introduced a new economic dimension to the power industry. Some observers have criticized the restructuring process, however, because it has failed to improve market efficiency and has complicated the assurance of reliability and fairness of operations.
To study and understand this type of market, we developed the Multiagent Simulator of Competitive Electricity Markets (MASCEM) platform based on multiagent simulation. The MASCEM multiagent model includes players with strategies for bid definition, acting in forward, day-ahead, and balancing markets and considering both simple and complex bids. Our goal with MASCEM was to simulate as many market models and player types as possible. This approach makes MASCEM both a short- and mediumterm simulation as well as a tool to support long-term decisions, such as those taken by regulators.
This article proposes a new methodology integrated in MASCEM for bid definition in electricity markets. This methodology uses reinforcement learning algorithms to let players perceive changes in the environment, thus helping them react to the dynamic environment and adapt their bids accordingly
Ensemble learning for electricity consumption forecasting in office buildings
This paper presents three ensemble learning models for short term load forecasting. Machine learning has evolved quickly in recent years, leading to novel and advanced models that are improving the forecasting results in multiple fields. However, in highly dynamic fields such as power and energy systems, dealing with the fast acquisition of large amounts of data from multiple data sources and taking advantage from the correlation between the multiple available variables is a challenging task, for which current models are not prepared. Ensemble learning is bringing promising results in this sense, as, by combining the results and use of multiple learners, is able to find new ways for current learning models to be used and optimized. In this paper three ensemble learning models are developed and the respective results compared: gradient boosted regression trees, random forests and an adaptation of Adaboost. Results for electricity consumption forecasting in hour-ahead are presented using a case-study based on real data from an office building. Results show that the adapted Adaboost model outperforms the reference models for hour-ahead load forecasting.This work has been developed under the SPET project - PTDC/EEI-EEE/29165/2017 and has received funding from UID/EEA/00760/2019, funded by FEDER Funds through COMPETE andby National Funds through FCTinfo:eu-repo/semantics/publishedVersio
- …