AN INTELLIGENT MODEL BASED ON DEEP TRANSFER LEARNING FOR DETECTING ANOMALIES IN CYBER-PHYSICAL SYSTEMS

Context. The problem of detecting anomalies from signals of cyber-physical systems based on spectrogram and scalogram images is considered. The object of the research is complex industrial equipment with heterogeneous sensory systems of different nature. Objective. The goal of the work is the development of a method for signal anomalies detection based on transfer learning with the extreme gradient boosting algorithm. Method. An approach based on transfer learning and the extreme gradient boosting algorithm, developed for detecting anomalies in acoustic signals of cyber-physical systems, is proposed. Little research has been done in this area, and therefore various pre-trained deep neural model architectures have been studied to improve anomaly detection. Transfer learning uses weights from a deep neural model, pre-trained on a large dataset, and can be applied to a small dataset to provide convergence without overfitting. The classic approach to this problem usually involves signal processing techniques that extract valuable information from sensor data. This paper performs an anomaly detection task using a deep learning architecture to work with acoustic signals that are preprocessed to produce a spectrogram and scalogram. The SPOCU activation function was considered to improve the accuracy of the proposed approach. The extreme gradient boosting algorithm was used because it has high performance and requires little computational resources during the training phase. This algorithm can significantly improve the detection of anomalies in industrial equipment signals. Results. The developed approach is implemented in software and evaluated for the anomaly detection task in acoustic signals of cyber-physical systems on the MIMII dataset. Conclusions. The conducted experiments have confirmed the efficiency of the proposed approach and allow recommending it for practical use in diagnosing the state of industrial equipment. Prospects for further research may lie in the application of ensemble approaches based on transfer learning to various real datasets to improve the performance and fault-tolerance of cyber-physical systems.

An intelligent evolutionary extreme gradient boosting algorithm development for modeling scour depths under submerged weir

Information Sciences ◽

10.1016/j.ins.2021.04.063 ◽

2021 ◽

Author(s):

Hai Tao ◽

Maria Habib ◽

Ibrahim Aljarah ◽

Hossam Faris ◽

Haitham Abdulmohsin Afan ◽

...

Keyword(s):

Gradient Boosting ◽

Algorithm Development ◽

Many-Objective Optimization for Anomaly Detection on Multi-Layer Complex Interaction Networks

Applied Sciences ◽

10.3390/app11094005 ◽

2021 ◽

Vol 11 (9) ◽

pp. 4005

Author(s):

Asep Maulana ◽

Martin Atzmueller

Keyword(s):

Anomaly Detection ◽

Complex Networks ◽

Pareto Front ◽

Scoring Function ◽

Cyber Physical Systems ◽

Complex Interaction ◽

Interaction Networks ◽

Physical Systems ◽

Human Interactions ◽

Different Levels

Anomaly detection in complex networks is an important and challenging task in many application domains. Examples include analysis and sensemaking in human interactions, e.g., in (social) interaction networks, as well as the analysis of the behavior of complex technical and cyber-physical systems such as suspicious transactions/behavior in financial or routing networks; here, behavior and/or interactions typically also occur on different levels and layers. In this paper, we focus on detecting anomalies in such complex networks. In particular, we focus on multi-layer complex networks, where we consider the problem of finding sets of anomalous nodes for group anomaly detection. Our presented method is based on centrality-based many-objective optimization on multi-layer networks. Starting from the Pareto Front obtained via many-objective optimization, we rank anomaly candidates using the centrality information on all layers. This ranking is formalized via a scoring function, which estimates relative deviations of the node centralities, considering the density of the network and its respective layers. In a human-centered approach, anomalous sets of nodes can then be identified. A key feature of this approach is its interpretability and explainability, since we can directly assess anomalous nodes in the context of the network topology. We evaluate the proposed method using different datasets, including both synthetic as well as real-world network data. Our results demonstrate the efficacy of the presented approach.

Proceedings of the 6th International Conference on Information Systems Security and Privacy ◽

Anomaly Detection in Communication Networks of Cyber-physical Systems using Cross-over Data Compression

10.5220/0008964104980505 ◽

2020 ◽

Author(s):

Hubert Schölnast ◽

Paul Tavolato ◽

Philipp Kreimel

Keyword(s):

Anomaly Detection ◽

Data Compression ◽

Communication Networks ◽

Cyber Physical Systems ◽

Physical Systems

Secure Cyber-Physical Systems for Smart Cities - Advances in Computer and Electrical Engineering ◽

Detecting Intrusions in Cyber-Physical Systems of Smart Cities

10.4018/978-1-5225-7189-6.ch004 ◽

2019 ◽

pp. 74-102 ◽

Cited By ~ 2

Author(s):

Ismail Butun ◽

Patrik Österberg

Keyword(s):

Anomaly Detection ◽

Smart Cities ◽

Cyber Physical Systems ◽

Security And Privacy ◽

Security Vulnerabilities ◽

Physical Systems ◽

Detection Systems ◽

Comprehensive Survey ◽

Privacy Violation ◽

Detection Schemes

Interfacing the smart cities with cyber-physical systems (CPSs) improves cyber infrastructures while introducing security vulnerabilities that may lead to severe problems such as system failure, privacy violation, and/or issues related to data integrity if security and privacy are not addressed properly. In order for the CPSs of smart cities to be designed with proactive intelligence against such vulnerabilities, anomaly detection approaches need to be employed. This chapter will provide a brief overview of the security vulnerabilities in CPSs of smart cities. Following a thorough discussion on the applicability of conventional anomaly detection schemes in CPSs of smart cities, possible adoption of distributed anomaly detection systems by CPSs of smart cities will be discussed along with a comprehensive survey of the state of the art. The chapter will discuss challenges in tailoring appropriate anomaly detection schemes for CPSs of smart cities and provide insights into future directions for the researchers working in this field.

An Anomaly Mitigation Framework for IoT Using Fog Computing

Electronics ◽

10.3390/electronics9101565 ◽

2020 ◽

Vol 9 (10) ◽

pp. 1565

Author(s):

Muhammad Aminu Lawal ◽

Riaz Ahmed Shaikh ◽

Syed Raheel Hassan

Keyword(s):

Smart Cities ◽

Fog Computing ◽

Multiclass Classification ◽

Attack Detection ◽

Gradient Boosting ◽

Ip Address ◽

Computing Paradigm ◽

Security Challenges ◽

The advancement in IoT has prompted its application in areas such as smart homes, smart cities, etc., and this has aided its exponential growth. However, alongside this development, IoT networks are experiencing a rise in security challenges such as botnet attacks, which often appear as network anomalies. Similarly, providing security solutions has been challenging due to the low resources that characterize the devices in IoT networks. To overcome these challenges, the fog computing paradigm has provided an enabling environment that offers additional resources for deploying security solutions such as anomaly mitigation schemes. In this paper, we propose a hybrid anomaly mitigation framework for IoT using fog computing to ensure faster and accurate anomaly detection. The framework employs signature- and anomaly-based detection methodologies for its two modules, respectively. The signature-based module utilizes a database of attack sources (blacklisted IP addresses) to ensure faster detection when attacks are executed from the blacklisted IP address, while the anomaly-based module uses an extreme gradient boosting algorithm for accurate classification of network traffic flow into normal or abnormal. We evaluated the performance of both modules using an IoT-based dataset in terms response time for the signature-based module and accuracy in binary and multiclass classification for the anomaly-based module. The results show that the signature-based module achieves a fast attack detection of at least six times faster than the anomaly-based module in each number of instances evaluated. The anomaly-based module using the XGBoost classifier detects attacks with an accuracy of 99% and at least 97% for average recall, average precision, and average F1 score for binary and multiclass classification. Additionally, it recorded 0.05 in terms of false-positive rates.

T4SE-XGB: Interpretable Sequence-Based Prediction of Type IV Secreted Effectors Using eXtreme Gradient Boosting Algorithm

Frontiers in Microbiology ◽

10.3389/fmicb.2020.580382 ◽

2020 ◽

Vol 11 ◽

Author(s):

Tianhang Chen ◽

Xiangeng Wang ◽

Yanyi Chu ◽

Yanjing Wang ◽

Mingming Jiang ◽

...

Keyword(s):

Gradient Boosting ◽

Type Iv ◽

A Host-Based Anomaly Detection Framework Using XGBoost and LSTM for IoT Devices

Wireless Communications and Mobile Computing ◽

10.1155/2020/8838571 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13

Author(s):

Xiali Wang ◽

Xiang Lu

Keyword(s):

Anomaly Detection ◽

Detection System ◽

Gradient Boosting ◽

System Call ◽

Iot Security ◽

Ip Camera ◽

Iot Devices ◽

System Call Sequences ◽

Abnormal Behaviors

The Internet of Things (IoT) is rapidly spreading in various application scenarios through its salient features in ubiquitous device connections, ranging from agriculture and industry to transportation and other fields. As the increasing spread of IoT applications, IoT security is gradually becoming one of the most significant issues to guard IoT devices against various cybersecurity threats. Usually, IoT devices are the main components responsible for sensing, computing, and transmitting; in this case, how to efficiently protect the IoT device itself away from cyber attacks, like malware, virus, and worm, becomes the vital point in IoT security. This paper presents a brand new architecture of intrusion detection system (IDS) for IoT devices, which is designed to identify device- or host-oriented attacks in a lightweight manner in consideration of limited computation resources on IoT devices. To this end, in this paper, we propose a stacking model to couple the Extreme Gradient Boosting (XGBoost) model and the Long Short-Term Memory (LSTM) model together for the abnormal state analysis on the IoT devices. More specifically, we adopt the system call sequence as the indicators of abnormal behaviors. The collected system call sequences are firstly processed by the famous n-gram model, which is a common method used for host-based intrusion detections. Then, the proposed stacking model is used to identify abnormal behaviors hidden in the system call sequences. To evaluate the performance of the proposed model, we establish a real-setting IP camera system and place several typical IoT attacks on the victim IP camera. Extensive experimental evaluations show that the stacking model has outperformed other existing anomaly detection solutions, and we are able to achieve a 0.983 AUC score in real-world data. Numerical testing demonstrates that the XGBoost-LSTM stacking model has excellent performance, stability, and the ability of generalization.

Proceedings of 2018 Chinese Intelligent Systems Conference - Lecture Notes in Electrical Engineering ◽

An Extreme Gradient Boosting Algorithm for Short-Term Load Forecasting Using Power Grid Big Data

10.1007/978-981-13-2288-4_46 ◽

2018 ◽

pp. 479-490

Author(s):

Liqiang Ren ◽

Limin Zhang ◽

Haipeng Wang ◽

Qiang Guo

Keyword(s):

Big Data ◽

Power Grid ◽

Load Forecasting ◽

Gradient Boosting ◽

Short Term ◽

Short Term Load Forecasting ◽

An Integrated Framework for Privacy-Preserving based Anomaly Detection for Cyber-Physical Systems

IEEE Transactions on Sustainable Computing ◽

10.1109/tsusc.2019.2906657 ◽

2019 ◽

pp. 1-1 ◽

Cited By ~ 12

Author(s):

Marwa Keshk ◽

Elena Sitnikova ◽

Nour Moustafa ◽

Jiankun Hu ◽

Ibrahim Khalil

Keyword(s):

Anomaly Detection ◽

Cyber Physical Systems ◽

Privacy Preserving ◽

Physical Systems ◽

Integrated Framework

Property Rental Price Prediction Using the Extreme Gradient Boosting Algorithm

IJIIS: International Journal of Informatics and Information Systems ◽

10.47738/ijiis.v3i2.65 ◽

2020 ◽

Vol 3 (2) ◽

pp. 54-59

Author(s):

Marco Febriadi Kokasih ◽

Adi Suryaputra Paramita

Keyword(s):

Prediction Model ◽

Prediction Models ◽

Gradient Boosting ◽

Fair Price ◽

Price Prediction ◽

Online Marketplace ◽

Property Owners ◽

Online marketplace in the field of property renting like Airbnb is growing. Many property owners have begun renting out their properties to fulfil this demand. Determining a fair price for both property owners and tourists is a challenge. Therefore, this study aims to create a software that can create a prediction model for property rent price. Variable that will be used for this study is listing feature, neighbourhood, review, date and host information. Prediction model is created based on the dataset given by the user and processed with Extreme Gradient Boosting algorithm which then will be stored in the system. The result of this study is expected to create prediction models for property rent price for property owners and tourists consideration when considering to rent a property. In conclusion, Extreme Gradient Boosting algorithm is able to create property rental price prediction with the average of RMSE of 10.86 or 13.30%.