scholarly journals Continuous fields: Enhanced in-vehicle anomaly detection using machine learning models

2020 ◽  
Vol 105 ◽  
pp. 102143
Author(s):  
Florian Fenzl ◽  
Roland Rieke ◽  
Yannick Chevalier ◽  
Andreas Dominik ◽  
Igor Kotenko
Keyword(s):  
Machine Learning ◽  
Anomaly Detection ◽  
Learning Models ◽  
Continuous Fields ◽  
Machine Learning Models

scholarly journals Chained Anomaly Detection Models for Federated Learning: An Intrusion Detection Case Study

2018 ◽  
Vol 8 (12) ◽  
pp. 2663 ◽  
Author(s):  
Davy Preuveneers ◽  
Vera Rimmer ◽  
Ilias Tsingenopoulos ◽  
Jan Spooren ◽  
Wouter Joosen ◽  
...  
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Intrusion Detection ◽  
Anomaly Detection ◽  
Training Data ◽  
Learning Models ◽  
Traditional System ◽  
Blockchain Technology ◽  
Malicious Behavior ◽  
Machine Learning Models

The adoption of machine learning and deep learning is on the rise in the cybersecurity domain where these AI methods help strengthen traditional system monitoring and threat detection solutions. However, adversaries too are becoming more effective in concealing malicious behavior amongst large amounts of benign behavior data. To address the increasing time-to-detection of these stealthy attacks, interconnected and federated learning systems can improve the detection of malicious behavior by joining forces and pooling together monitoring data. The major challenge that we address in this work is that in a federated learning setup, an adversary has many more opportunities to poison one of the local machine learning models with malicious training samples, thereby influencing the outcome of the federated learning and evading detection. We present a solution where contributing parties in federated learning can be held accountable and have their model updates audited. We describe a permissioned blockchain-based federated learning method where incremental updates to an anomaly detection machine learning model are chained together on the distributed ledger. By integrating federated learning with blockchain technology, our solution supports the auditing of machine learning models without the necessity to centralize the training data. Experiments with a realistic intrusion detection use case and an autoencoder for anomaly detection illustrate that the increased complexity caused by blockchain technology has a limited performance impact on the federated learning, varying between 5 and 15%, while providing full transparency over the distributed training process of the neural network. Furthermore, our blockchain-based federated learning solution can be generalized and applied to more sophisticated neural network architectures and other use cases.

scholarly journals Analysis of deep learning models for network anomaly detection in Internet of Things

2021 ◽  
pp. 28-37
Author(s):  
Diana Gaifilina ◽  
Igor Kotenko
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Deep Learning ◽  
Internet Of Things ◽  
Anomaly Detection ◽  
Recurrent Neural Network ◽  
Network Traffic ◽  
Learning Models ◽  
Network Anomaly Detection ◽  
Machine Learning Models

Introduction: The article discusses the problem of choosing deep learning models for detecting anomalies in Internet of Things (IoT) network traffic. This problem is associated with the necessity to analyze a large number of security events in order to identify the abnormal behavior of smart devices. A powerful technology for analyzing such data is machine learning and, in particular, deep learning. Purpose: Development of recommendations for the selection of deep learning models for anomaly detection in IoT network traffic. Results: The main results of the research are comparative analysis of deep learning models, and recommendations on the use of deep learning models for anomaly detection in IoT network traffic. Multilayer perceptron, convolutional neural network, recurrent neural network, long short-term memory, gated recurrent units, and combined convolutional-recurrent neural network were considered the basic deep learning models. Additionally, the authors analyzed the following traditional machine learning models: naive Bayesian classifier, support vector machines, logistic regression, k-nearest neighbors, boosting, and random forest. The following metrics were used as indicators of anomaly detection efficiency: accuracy, precision, recall, and F-measure, as well as the time spent on training the model. The constructed models demonstrated a higher accuracy rate for anomaly detection in large heterogeneous traffic typical for IoT, as compared to conventional machine learning methods. The authors found that with an increase in the number of neural network layers, the completeness of detecting anomalous connections rises. This has a positive effect on the recognition of unknown anomalies, but increases the number of false positives. In some cases, preparing traditional machine learning models takes less time. This is due to the fact that the application of deep learning methods requires more resources and computing power. Practical relevance: The results obtained can be used to build systems for network anomaly detection in Internet of Things traffic.

scholarly journals Combining Machine Learning Models Using combo Library

2020 ◽  
Vol 34 (09) ◽  
pp. 13648-13649
Author(s):  
Yue Zhao ◽  
Xuejian Wang ◽  
Cheng Cheng ◽  
Xueying Ding
Keyword(s):  
Machine Learning ◽  
Anomaly Detection ◽  
Ensemble Learning ◽  
Academic Research ◽  
Learning Models ◽  
Model Combination ◽  
Code Coverage ◽  
Industry Applications ◽  
Python Package ◽  
Machine Learning Models

Model combination, often regarded as a key sub-field of ensemble learning, has been widely used in both academic research and industry applications. To facilitate this process, we propose and implement an easy-to-use Python toolkit, combo, to aggregate models and scores under various scenarios, including classification, clustering, and anomaly detection. In a nutshell, combo provides a unified and consistent way to combine both raw and pretrained models from popular machine learning libraries, e.g., scikit-learn, XGBoost, and LightGBM. With accessibility and robustness in mind, combo is designed with detailed documentation, interactive examples, continuous integration, code coverage, and maintainability check; it can be installed easily through Python Package Index (PyPI) or {https://github.com/yzhao062/combo}.

Improving XGBoost with Imagination Sampling

2020 ◽  
Vol 2 (1) ◽  
pp. 3-6
Author(s):  
Eric Holloway
Keyword(s):  
Machine Learning ◽  
General System ◽  
Learning Models ◽  
Starting Point ◽  
Machine Learning Models

Imagination Sampling is the usage of a person as an oracle for generating or improving machine learning models. Previous work demonstrated a general system for using Imagination Sampling for obtaining multibox models. Here, the possibility of importing such models as the starting point for further automatic enhancement is explored.

Sign in / Sign up

Export Citation Format

Share Document