scholarly journals Research on Network Security Situation Awareness Based on the LSTM-DT Model

Sensors ◽  
2021 ◽  
Vol 21 (14) ◽  
pp. 4788
Author(s):  
Haofang Zhang ◽  
Chunying Kang ◽  
Yao Xiao
Keyword(s):  
Risk Assessment ◽  
Network Security ◽  
Situation Awareness ◽  
Quantitative Methods ◽  
Short Term Memory ◽  
Assessment Index ◽  
Original Dataset ◽  
Lstm Network ◽  
Network Risk ◽  
Attack Probability

To better understand the behavior of attackers and describe the network state, we construct an LSTM-DT model for network security situation awareness, which provides risk assessment indicators and quantitative methods. This paper introduces the concept of attack probability, making prediction results more consistent with the actual network situation. The model is focused on the problem of the time sequence of network security situation assessment by using the decision tree algorithm (DT) and long short-term memory(LSTM) network. The biggest innovation of this paper is to change the description of the network situation in the original dataset. The original label only has attack and normal. We put forward a new idea which regards attack as a possibility, obtaining the probability of each attack, and describing the network situation by combining the occurrence probability and attack impact. Firstly, we determine the network risk assessment indicators through the dataset feature distribution, and we give the network risk assessment index a corresponding weight based on the analytic hierarchy process (AHP). Then, the stack sparse auto-encoder (SSAE) is used to learn the characteristics of the original dataset. The attack probability can be predicted by the processed dataset by using the LSTM network. At the same time, the DT algorithm is applied to identify attack types. Finally, we draw the corresponding curve according to the network security situation value at each time. Experiments show that the accuracy of the network situation awareness method proposed in this paper can reach 95%, and the accuracy of attack recognition can reach 87%. Compared with the former research results, the effect is better in describing complex network environment problems.

Network Security Situation Awareness Approach Based on Markov Game Model

2011 ◽  
Vol 22 (3) ◽  
pp. 495-508 ◽  
Author(s):  
Yong ZHANG ◽  
Xiao-Bin TAN ◽  
Xiao-Lin CUI ◽  
Hong-Sheng XI
Keyword(s):  
Network Security ◽  
Situation Awareness ◽  
Game Model ◽  
Markov Game

scholarly journals Power System Transient Stability Assessment Based on Snapshot Ensemble LSTM Network

2021 ◽  
Vol 13 (12) ◽  
pp. 6953
Author(s):  
Yixing Du ◽  
Zhijian Hu
Keyword(s):  
Power Systems ◽  
Power System ◽  
Transient Stability ◽  
Short Term Memory ◽  
Risk Function ◽  
Stability Margin ◽  
Risk Level ◽  
Stability Assessment ◽  
Lstm Network ◽  
Hierarchical Assessment

Data-driven methods using synchrophasor measurements have a broad application prospect in Transient Stability Assessment (TSA). Most previous studies only focused on predicting whether the power system is stable or not after disturbance, which lacked a quantitative analysis of the risk of transient stability. Therefore, this paper proposes a two-stage power system TSA method based on snapshot ensemble long short-term memory (LSTM) network. This method can efficiently build an ensemble model through a single training process, and employ the disturbed trajectory measurements as the inputs, which can realize rapid end-to-end TSA. In the first stage, dynamic hierarchical assessment is carried out through the classifier, so as to screen out credible samples step by step. In the second stage, the regressor is used to predict the transient stability margin of the credible stable samples and the undetermined samples, and combined with the built risk function to realize the risk quantification of transient angle stability. Furthermore, by modifying the loss function of the model, it effectively overcomes sample imbalance and overlapping. The simulation results show that the proposed method can not only accurately predict binary information representing transient stability status of samples, but also reasonably reflect the transient safety risk level of power systems, providing reliable reference for the subsequent control.

scholarly journals The Relationship Between Elder Risk Assessment Index Score and 30-Day Readmission From the Nursing Home

2011 ◽  
Vol 39 (1) ◽  
pp. 91-96 ◽  
Author(s):  
Paul Y. Takahashi ◽  
Anupam Chandra ◽  
Stephen Cha ◽  
Aleta Borrud
Keyword(s):  
Risk Assessment ◽  
Nursing Home ◽  
Index Score ◽  
Assessment Index ◽  
The Relationship

scholarly journals A Combined Method for MEMS Gyroscope Error Compensation Using a Long Short-Term Memory Network and Kalman Filter in Random Vibration Environments

Sensors ◽  
2021 ◽  
Vol 21 (4) ◽  
pp. 1181
Author(s):  
Chenhao Zhu ◽  
Sheng Cai ◽  
Yifan Yang ◽  
Wei Xu ◽  
Honghai Shen ◽  
...  
Keyword(s):  
Kalman Filter ◽  
Standard Deviation ◽  
Error Compensation ◽  
Random Vibration ◽  
Short Term Memory ◽  
Combined Method ◽  
Short Term ◽  
Mems Gyroscope ◽  
Long Short Term Memory ◽  
Lstm Network

In applications such as carrier attitude control and mobile device navigation, a micro-electro-mechanical-system (MEMS) gyroscope will inevitably be affected by random vibration, which significantly affects the performance of the MEMS gyroscope. In order to solve the degradation of MEMS gyroscope performance in random vibration environments, in this paper, a combined method of a long short-term memory (LSTM) network and Kalman filter (KF) is proposed for error compensation, where Kalman filter parameters are iteratively optimized using the Kalman smoother and expectation-maximization (EM) algorithm. In order to verify the effectiveness of the proposed method, we performed a linear random vibration test to acquire MEMS gyroscope data. Subsequently, an analysis of the effects of input data step size and network topology on gyroscope error compensation performance is presented. Furthermore, the autoregressive moving average-Kalman filter (ARMA-KF) model, which is commonly used in gyroscope error compensation, was also combined with the LSTM network as a comparison method. The results show that, for the x-axis data, the proposed combined method reduces the standard deviation (STD) by 51.58% and 31.92% compared to the bidirectional LSTM (BiLSTM) network, and EM-KF method, respectively. For the z-axis data, the proposed combined method reduces the standard deviation by 29.19% and 12.75% compared to the BiLSTM network and EM-KF method, respectively. Furthermore, for x-axis data and z-axis data, the proposed combined method reduces the standard deviation by 46.54% and 22.30% compared to the BiLSTM-ARMA-KF method, respectively, and the output is smoother, proving the effectiveness of the proposed method.

scholarly journals Real-Time Detection of Dictionary DGA Network Traffic Using Deep Learning

2021 ◽  
Vol 2 (2) ◽  
Author(s):  
Kate Highnam ◽  
Domenic Puzio ◽  
Song Luo ◽  
Nicholas R. Jennings
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Real Time ◽  
Network Traffic ◽  
Short Term Memory ◽  
Domain Names ◽  
Control Networks ◽  
Detection Techniques ◽  
Lstm Network ◽  
And Control

AbstractBotnets and malware continue to avoid detection by static rule engines when using domain generation algorithms (DGAs) for callouts to unique, dynamically generated web addresses. Common DGA detection techniques fail to reliably detect DGA variants that combine random dictionary words to create domain names that closely mirror legitimate domains. To combat this, we created a novel hybrid neural network, Bilbo the “bagging” model, that analyses domains and scores the likelihood they are generated by such algorithms and therefore are potentially malicious. Bilbo is the first parallel usage of a convolutional neural network (CNN) and a long short-term memory (LSTM) network for DGA detection. Our unique architecture is found to be the most consistent in performance in terms of AUC, $$F_1$$ F 1 score, and accuracy when generalising across different dictionary DGA classification tasks compared to current state-of-the-art deep learning architectures. We validate using reverse-engineered dictionary DGA domains and detail our real-time implementation strategy for scoring real-world network logs within a large enterprise. In 4 h of actual network traffic, the model discovered at least five potential command-and-control networks that commercial vendor tools did not flag.

scholarly journals Extraction of local and global features by a convolutional neural network–long short-term memory network for diagnosing bearing faults

2021 ◽  
pp. 095440622110165
Author(s):  
Zhang Chao ◽  
Wang Wei-zhi ◽  
Zhang Chen ◽  
Fan Bin ◽  
Wang Jian-guo ◽  
...  
Keyword(s):  
Neural Network ◽  
Fault Diagnosis ◽  
Condition Monitoring ◽  
Short Term Memory ◽  
Vibration Signal ◽  
Short Term ◽  
Global Features ◽  
Term Memory ◽  
Long Short Term Memory ◽  
Lstm Network

Accurate and reliable fault diagnosis is one of the key and difficult issues in mechanical condition monitoring. In recent years, Convolutional Neural Network (CNN) has been widely used in mechanical condition monitoring, which is also a great breakthrough in the field of bearing fault diagnosis. However, CNN can only extract local features of signals. The model accuracy and generalization of the original vibration signals are very low in the process of vibration signal processing only by CNN. Based on the above problems, this paper improves the traditional convolution layer of CNN, and builds the learning module (local feature learning block, LFLB) of the local characteristics. At the same time, the Long Short-Term Memory (LSTM) is introduced into the network, which is used to extract the global features. This paper proposes the new neural network—improved CNN-LSTM network. The extracted deep feature is used for fault classification. The improved CNN-LSTM network is applied to the processing of the vibration signal of the faulty bearing collected by the bearing failure laboratory of Inner Mongolia University of science and technology. The results show that the accuracy of the improved CNN-LSTM network on the same batch test set is 98.75%, which is about 24% higher than that of the traditional CNN. The proposed network is applied to the bearing data collection of Western Reserve University under the condition that the network parameters remain unchanged. The experiment shows that the improved CNN-LSTM network has better generalization than the traditional CNN.

Sign in / Sign up

Export Citation Format

Share Document