Biblio

Tourism is one of the main sources of income in Australia. The number of tourists will affect airlines, hotels and other stakeholders. Predicting the arrival of tourists can make full preparations for welcoming tourists. This paper selects Queensland Tourism data as intelligent data. Carry out data visualization around the intelligent data, establish seasonal ARIMA model, find out the characteristics and predict. In order to improve the accuracy of prediction. Based on the tourism data around Queensland, build a 10 layer Back Propagation neural network model. It is proved that the network shows good performance for the data prediction of this paper.

The research try to implements an intelligent network operation management system for enterprise networks. First, based on Flask-state software architecture, the system adapt to Phytium CPU and Galaxy Kylin operating system successfully. Second, using the Isolation Forest algorithm, the system implements the anomaly detection of host data such as CPU usage. Third, using the Holt-winters seasonal prediction model, the system can predict time series data such as network I/O. The results show that the system can realizes anomaly detection and time series data prediction more precisely and intelligently.

Remotely connected devices have been adopted in several industrial control systems (ICS) recently due to the advancement in the Industrial Internet of Things (IIoT). This led to new security vulnerabilities because of the expansion of the attack surface. Moreover, cybersecurity incidents in critical infrastructures are increasing. In the ICS, RS-485 cables are widely used in its network for serial communication between each component. However, almost 30 years ago, most of the industrial network protocols implemented over RS-485 such as Modbus were designed without security features. Therefore, anomaly detection is required in industrial control networks to secure communication in the systems. The goal of this paper is to study unsupervised anomaly detection in RS-485 traffic using autoencoders. Five threat scenarios in the physical layer of the industrial control network are proposed. The novelty of our method is that RS-485 traffic is collected indirectly by an analog-to-digital converter. In the experiments, multilayer perceptron (MLP), 1D convolutional, Long Short-Term Memory (LSTM) autoencoders are trained to detect anomalies. The results show that three autoencoders effectively detect anomalous traffic with F1-scores of 0.963, 0.949, and 0.928 respectively. Due to the indirect traffic collection, our method can be practically applied in the industrial control network.

In this paper, we quantify elements representing video features and we propose the bitrate prediction of compressed encoding video using deep learning. Particularly, to overcome disadvantage that we cannot predict bitrate of compression video by using Constant Rate Factor (CRF), we use deep learning. We can find element of video feature with relationship of bitrate when we compress the video, and we can confirm its possibility to find relationship through various deep learning techniques.

A botnet is a new type of attack method developed and integrated on the basis of traditional malicious code such as network worms and backdoor tools, and it is extremely threatening. This course combines deep learning and neural network methods in machine learning methods to detect and classify the existence of botnets. This sample does not rely on any prior features, the final multi-class classification accuracy rate is higher than 98.7%, the effect is significant.

For multi-source heterogeneous complex data types of data cleaning and visual display, we proposed to build dynamic multimode visualization analysis tool, according to the different types of data designed by the user in accordance with the data model, and use visualization technology tools to build and use CQRS technology to design, external interface using a RESTFul architecture, The domain model and data query are completely separated, and the underlying data store adopts Hbase, ES and relational database. Drools is adopted in the data flow engine. According to the internal algorithm, three kinds of graphs can be output, namely, transaction relationship network analysis graph, capital flow analysis graph and transaction timing analysis graph, which can reduce the difficulty of analysis and help users to analyze data in a more friendly way

Recent years have witnessed a surge in ransomware attacks. Especially, many a new variant of ransomware has continued to emerge, employing more advanced techniques distributing the payload while avoiding detection. This renders the traditional static ransomware detection mechanism ineffective. In this paper, we present our Hardware Anomaly Realtime Detection - Lightweight (HARD-Lite) framework that employs semi-supervised machine learning method to detect ransomware using low-level hardware information. By using an LSTM network with a weighted majority voting ensemble and exponential moving average, we are able to take into consideration the temporal aspect of hardware-level information formed as time series in order to detect deviation in system behavior, thereby increasing the detection accuracy whilst reducing the number of false positives. Testing against various ransomware across multiple families, HARD-Lite has demonstrated remarkable effectiveness, detecting all cases tested successfully. What's more, with a hierarchical design that distributing the classifier from the user machine that is under monitoring to a server machine, Hard-Lite enables good scalability as well.

Keystroke dynamics is one solution to enhance the security of password authentication without adding any disruptive handling for users. Industries are looking for more security without impacting too much user experience. Considered as a friction-less solution, keystroke dynamics is a powerful solution to increase trust during user authentication without adding charge to the user. In this paper, we address the problem of user authentication considering the keystroke dynamics modality. We proposed a new approach based on the conversion of behavioral biometrics data (time series) into a 3D image. This transformation process keeps all the characteristics of the behavioral signal. The time series do not receive any filtering operation with this transformation and the method is bijective. This transformation allows us to train images based on convolutional neural networks. We evaluate the performance of the authentication system in terms of Equal Error Rate (EER) on a significant dataset and we show the efficiency of the proposed approach on a multi-instance system.

The security of manycore systems has become increasingly critical. In system-on-chips (SoCs), Hardware Trojans (HTs) manipulate the functionalities of the routing components to saturate the on-chip network, degrade performance, and result in the leakage of sensitive data. Existing HT detection techniques, including runtime monitoring and state-of-the-art learning-based methods, are unable to timely and accurately identify the implanted HTs, due to the increasingly dynamic and complex nature of on-chip communication behaviors. We propose AGAPE, a novel Generative Adversarial Network (GAN)-based anomaly detection and mitigation method against HTs for secured on-chip communication. AGAPE learns the distribution of the multivariate time series of a number of NoC attributes captured by on-chip sensors under both HT-free and HT-infected working conditions. The proposed GAN can learn the potential latent interactions among different runtime attributes concurrently, accurately distinguish abnormal attacked situations from normal SoC behaviors, and identify the type and location of the implanted HTs. Using the detection results, we apply the most suitable protection techniques to each type of detected HTs instead of simply isolating the entire HT-infected router, with the aim to mitigate security threats as well as reducing performance loss. Simulation results show that AGAPE enhances the HT detection accuracy by 19%, reduces network latency and power consumption by 39% and 30%, respectively, as compared to state-of-the-art security designs.

In view of the problems that the existing power grid risk assessment mainly depends on the data fusion of decision-making level, which has strong subjectivity and less effective information, this paper proposes a risk assessment method of microgrid system based on random matrix theory. Firstly, the time series data of multiple sensors are constructed into a high-dimensional matrix according to the different parameter types and nodes; Then, based on random matrix theory and sliding time window processing, the average spectral radius sequence is calculated to characterize the state of microgrid system. Finally, an example is given to verify the effectiveness of the method.

As the effects of climate change are becoming more and more evident, the importance of improved situation awareness is also gaining more attention, both in the context of preventive environmental monitoring and in the context of acute crisis response. One important aspect of situation awareness is the correct and thorough monitoring of air pollutants. The monitoring is threatened by sensor faults, power or network failures, or other hazards leading to missing or incorrect data transmission. For this reason, in this work we propose two complementary approaches for predicting missing sensor data and a combined technique for detecting outliers. The proposed solution can enhance the performance of low-cost sensor systems, closing the gap of missing measurements due to network unavailability, detecting drift and outliers thus paving the way to its use as an alert system for reportable events. The techniques have been deployed and tested also in a low power microcontroller environment, verifying the suitability of such a computing power to perform the inference locally, leading the way to an edge implementation of a virtual sensor digital twin.

To improve efficiency and resource usage in data retrieval, an Internet of Things (IoT) search engine organizes a vast amount of scattered data and responds to client queries with processed results. Machine learning provides a deep understanding of complex patterns and enables enhanced feedback to users through well-trained models. Nonetheless, machine learning models are prone to adversarial attacks via the injection of elaborate perturbations, resulting in subverted outputs. Particularly, adversarial attacks on time-series data demand urgent attention, as sensors in IoT systems are collecting an increasing volume of sequential data. This paper investigates adversarial attacks on time-series analysis in an IoT search engine (IoTSE) system. Specifically, we consider the Long Short-Term Memory (LSTM) Recurrent Neural Network (RNN) as our base model, implemented in a simulated federated learning scheme. We propose the Federated Adversarial Learning for IoT Search Engine (FALIoTSE) that exploits the shared parameters of the federated model as the target for adversarial example generation and resiliency. Using a real-world smart parking garage dataset, the impact of an attack on FALIoTSE is demonstrated under various levels of perturbation. The experiments show that the training error increases significantly with noises from the gradient.

The ternary interval number contains more comprehensive information than the exact number, and the prediction of the ternary interval number is more conducive to intelligent decision-making. In order to reduce the overfitting problem of the neural network model, a combination prediction method of the BP neural network and the matrix GM (1, 1) model for the ternary interval number sequence is proposed in the paper, and based on the proposed method to predict the passenger volume. The matrix grey model for the ternary interval number sequence (MTIGM (1, 1)) can stably predict the overall development trend of a time series. Considering the integrity of interval numbers, the BP neural network model is established by combining the lower, middle and upper boundary points of the ternary interval numbers. The combined weights of MTIGM (1, 1) and the BP neural network are determined based on the grey relational degree. The combined method is used to predict the total passenger volume and railway passenger volume of China, and the prediction effect is better than MTIGM (1, 1) and BP neural network.

The advent of IoT edge devices has enabled the collection of rich datasets, as part of Mobile Crowd Sensing (MCS), which has emerged as a key enabler for a wide gamut of safety-critical applications ranging from traffic control, environmental monitoring to assistive healthcare. Despite the clear advantages that such unprecedented quantity of data brings forth, it is also subject to inherent data trustworthiness challenges due to factors such as malevolent input and faulty sensors. Compounding this issue, there has been a plethora of proposed solutions, based on the use of traditional machine learning algorithms, towards assessing and sifting faulty data without any assumption on the trustworthiness of their source. However, there are still a number of open issues: how to cope with the presence of strong, colluding adversaries while at the same time efficiently managing this high influx of incoming user data. In this work, we meet these challenges by proposing the hybrid use of Deep Learning schemes (i.e., LSTMs) and conventional Machine Learning classifiers (i.e. One-Class Classifiers) for detecting and filtering out false data points. We provide a prototype implementation coupled with a detailed performance evaluation under various (attack) scenarios, employing both real and synthetic datasets. Our results showcase how the proposed solution outperforms various existing resilient aggregation and outlier detection schemes.

A comparative analysis of the classical and approximation methods of spectral analysis of fast-variable processes in technical systems is carried out. It is shown that the approximation methods make it possible to substantially remove the contradiction between the requirements for spectrum smoothing and its frequency resolution. On practical examples of vibroacoustic signals, the effectiveness of approximation methods is shown. The Prony method was used to process the time series. The interactive frequency segmentation method and the direct identification method were used for approximation and frequency characteristics.

Existing group shilling attack detection methods mainly depend on human feature engineering to extract group attack behavior features, which requires a high knowledge cost. To address this problem, we propose a group shilling attack detection method based on maximum density subtensor mining. First, the rating time series of each item is divided into time windows and the item tensor groups are generated by establishing the user-rating-time window data models of three-dimensional tensor. Second, the M-Zoom model is applied to mine the maximum dense subtensor of each item, and the subtensor groups with high consistency of behaviors are selected as candidate groups. Finally, a dual-input convolutional neural network model is designed to automatically extract features for the classification of real users and group attack users. The experimental results on the Amazon and Netflix datasets show the effectiveness of the proposed method.

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is commonly utilized as a technology for avoiding attacks to Web sites by bots. State-of-the-art CAPTCHAs vary in difficulty based on the client's behavior, allowing for efficient bot detection without sacrificing simplicity. In this research, we focus on detecting bots by supervised machine learning from access-log time series in the past. We have analysed access logs to several Web services which are using a commercial cloud-based CAPTCHA service, Capy Puzzle CAPTCHA. Experiments show that bot detection in attacks over a month can be performed with high accuracy by precursory analysis of the access log in only the first day as training data. In addition, we have manually analyzed the data that are found to be False Positive in the discrimination results, and it is found that the proposed model actually detects access by bots, which had been overlooked in the first-stage manual discrimination of flags in preparation of training data.

Recent advancements of spatial audio technologies to enhance human’s emotional and immersive experiences are gathering attention. Many studies are clarifying the neural mechanisms of acoustic spatial perception; however, they are limited to the evaluation of mechanisms using basic sound stimuli. Therefore, it remains challenging to evaluate the experience of actual music contents and to verify the effects of higher-order neurophysiological responses including a sense of immersive and realistic experience. To investigate the effects of spatial audio experience, we verified the psychophysiological responses of immersive spatial audio experience using sound field synthesis (SFS) technology. Specifically, we evaluated alpha power as the central nervous system activity, heart rate/heart rate variability and skin conductance as the autonomic nervous system activity during an acoustic experience of an actual music content by comparing stereo and SFS conditions. As a result, statistically significant differences (p \textbackslashtextless 0.05) were detected in the changes in alpha wave power, high frequency wave power of heart rate variability (HF), and skin conductance level (SCL) among the conditions. The results of the SFS condition showed enhanced the changes in alpha power in the frontal and parietal regions, suggesting enhancement of emotional experience. The results of the SFS condition also suggested that close objects are grouped and perceived on the basis of the spatial proximity of sounds in the presence of multiple sound sources. It is demonstrating that the potential use of SFS technology can enhance emotional and immersive experiences by spatial acoustic expression.

Cloud computing is one of the greatest innovations and emerging technologies of the century. It incorporates networks, databases, operating systems, and virtualization technologies thereby bringing the security challenges associated with these technologies. Security Measures such as two-factor authentication, intrusion detection systems, and data backup are already in place to handle most of the security threats and vulnerabilities associated with these technologies but there are still other threats that may not be easily detected. Such a threat is a malicious user gaining access to the Virtual Machines (VMs) of other genuine users and using the Virtual Machine resources for their benefits without the knowledge of the user or the cloud service provider. This research proposes a model for proactive monitoring and detection of anomalies in VM resource usage. The proposed model can detect and pinpoint the time such anomaly occurred. Isolation Forest and One-Class Support Vector Machine (OCSVM) machine learning algorithms were used to train and test the model on sampled virtual machine workload trace using a combination of VM resource metrics together. OCSVM recorded an average F1-score of 0.97 and 0.89 for hourly and daily time series respectively while Isolation Forest has an average of 0.93 and 0.80 for hourly and daily time series. This result shows that both algorithms work for the model however OCSVM had a higher classification success rate than Isolation Forest.

An open source software package for performing dynamic RMS simulation of small to medium-sized power systems is presented, written entirely in the Python programming language. The main objective is to facilitate fast prototyping of new wide area monitoring, control and protection applications for the future power system by enabling seamless integration with other tools available for Python in the open source community, e.g. for signal processing, artificial intelligence, communication protocols etc. The focus is thus transparency and expandability rather than computational efficiency and performance.The main purpose of this paper, besides presenting the code and some results, is to share interesting experiences with the power system community, and thus stimulate wider use and further development. Two interesting conclusions at the current stage of development are as follows:First, the simulation code is fast enough to emulate real-time simulation for small and medium-size grids with a time step of 5 ms, and allows for interactive feedback from the user during the simulation. Second, the simulation code can be uploaded to an online Python interpreter, edited, run and shared with anyone with a compatible internet browser. Based on this, we believe that the presented simulation code could be a valuable tool, both for researchers in early stages of prototyping real-time applications, and in the educational setting, for students developing intuition for concepts and phenomena through real-time interaction with a running power system model.

With the popularity of smart devices in the power grid and the advancement of data collection technology, the amount of electricity usage data has exploded in recent years, which is beneficial for optimizing service quality and grid operation. However, current data analysis is mainly based on cloud platforms, which poses challenges to transmission bandwidth, computing resources, and transmission delays. To solve the problem, this paper proposes a graph convolution neural networks (GCNs) based edge-cloud collaborative anomaly detection model. Specifically, the time series is converted into graph data based on visibility graph model, and graph convolutional network model is adopted to classify the labeled graph data for anomaly detection. Then a model segmentation method is proposed to adaptively divide the anomaly detection model between the edge equipment and the back-end server. Experimental results show that the proposed scheme provides an effective solution to edge anomaly detection and can make full use of the computing resources of terminal equipment.

Distributed acoustic sensing (DAS) systems based on fiber brag grating (FBG) have been widely used for distributed temperature and strain sensing over the past years, and function well in perimeter security monitoring and structural health monitoring. However, with relevant algorithms functioning with low accuracy, the DAS system presently has trouble in signal recognition, which puts forward a higher requirement on a high-precision identification method. In this paper, we propose an improved recognition method based on relative fundamental signal processing methods and convolutional neural network (CNN) to construct a mathematical model of disturbance FBG signal recognition. Firstly, we apply short-time energy (STE) to extract original disturbance signals. Secondly, we adopt short-time Fourier transform (STFT) to divide a longer time signal into short segments. Finally, we employ a CNN model, which has already been trained to recognize disturbance signals. Experimental results conducted in the real environments show that our proposed algorithm can obtain accuracy over 96.5%.

In this paper, we present a theoretical approach concerning the econometric modelling for the estimation of cyber-security risk, with the use of time-series analysis methods and alternatively with Machine Learning (ML) based, deep learning methodology. Also we present work performed in the framework of SAINT H2020 Project [1], concerning innovative data mining techniques, based on automated web scrapping, for the retrieving of the relevant time-series data. We conclude with a review of emerging challenges in cyber-risk assessment brought by the rapid development of adversarial AI.

Several previous studies have focused on Distributed Denial of Service (DDoS) attacks, which are a crucial problem in computer network security. In this paper we explore the applicability of a a time series method known as a matrix profile to the anomaly based DDoS attacks detection. The study thus examined how the matrix profile method performed in diverse situations related to DDoS attacks, as well as identifying those features that are most applicable in various scenarios. Based on reported empirical evaluation the matrix profile method is shown to be efficient against most of the considered types of DDoS attacks.

Anonymity is one of the biggest concerns in web security and traffic management. Though web users are concerned about privacy and security various methods are being adopted in making the web more vulnerable. Browsing the web anonymously not only threatens the integrity but also questions the motive of such activity. It is important to classify the network traffic and prevent source and destination from hiding with each other unless it is for benign activity. The paper proposes various methods to classify the dark web at different levels or hierarchies. Various preprocessing techniques are proposed for feature selection and dimensionality reduction. Anon17 dataset is used for training and testing the model. Three levels of classification are proposed in the paper based on the network, traffic type, and application.