A Survey of Intrusion Detection Using Deep Learning in Internet of Things

The use of deep learning in various models is a powerful tool in detecting IoT attacks, identifying new types of intrusion to access a better secure network. Need to developing an intrusion detection system to detect and classify attacks in appropriate time and automated manner increases especially due to the use of IoT and the nature of its data that causes increasing in attacks. Malicious attacks are continuously changing, that cause new attacks. In this paper we present a survey about the detection of anomalies, thus intrusion detection by distinguishing between normal behavior and malicious behavior while analyzing network traffic to discover new attacks. This paper surveys previous researches by evaluating their performance through two categories of new datasets of real traffic are (CSE-CIC-IDS2018 dataset, Bot-IoT dataset). To evaluate the performance we show accuracy measurement for detect intrusion in different systems.

Using Transfer Learning to Build Physics-Informed Machine Learning Models for Improved Wind Farm Monitoring

This paper introduces a novel, transfer-learning-based approach to include physics into data-driven normal behavior monitoring models which are used for detecting turbine anomalies. For this purpose, a normal behavior model is pretrained on a large simulation database and is recalibrated on the available SCADA data via transfer learning. For two methods, a feed-forward artificial neural network (ANN) and an autoencoder, it is investigated under which conditions it can be helpful to include simulations into SCADA-based monitoring systems. The results show that when only one month of SCADA data is available, both the prediction accuracy as well as the prediction robustness of an ANN are significantly improved by adding physics constraints from a pretrained model. As the autoencoder reconstructs the power from itself, it is already able to accurately model the normal behavior power. Therefore, including simulations into the model does not improve its prediction performance and robustness significantly. The validation of the physics-informed ANN on one month of raw SCADA data shows that it is able to successfully detect a recorded blade angle anomaly with an improved precision due to fewer false positives compared to its purely SCADA data-based counterpart.

Knowing the unknown: The hunting loop

There are several ways to improve an organization’s cybersecurity protection against intruders. One of the ways is to proactively hunt for threats, i.e., threat hunting. Threat Hunting empowers organizations to detect the presence of intruders in their environment. It identifies and searches the tactics, techniques, and procedures (TTP) of the attackers to find them in the environment. To know what to look for in the collected data and environment, it is required to know and understand the attacker's TTPs. An attacker's TTPs information usually comes from signatures, indicators, and behavior observed in threat intelligence sources. Traditionally, threat hunting involves the analysis of collected logs for Indicator of Compromise (IOCs) through different tools. However, network and security infrastructure devices generate large volumes of logs and can be challenging to analyze thus leaving gaps in the detection process. Similarly, it is very difficult to identify the required IOCs and thus sometimes makes it difficult to hunt the threat which is one of the major drawbacks of the traditional threat hunting processes and frameworks. To address this issue, intelligent automated processes using machine learning can improve the threat hunting process, that will plug those gaps before an attacker can exploit them. This paper aims to propose a machine learning-based threat-hunting model that will be able to fill the gaps in the threat detection process and effectively detect the unknown adversaries by training the machine learning algorithms via extensive datasets of TTPs and normal behavior of the system and target environment. The model is comprised of five main stages. These are Hypotheses Development, Equip, Hunt, Respond and Feedback stages. This threat hunting model is a bit ahead of the traditional models and frameworks by employing machine learning algorithms.

GPS-Spoofing Attack Detection Technology for UAVs Based on Kullback–Leibler Divergence

Here, we developed a method for detecting cyber security attacks aimed at spoofing the Global Positioning System (GPS) signal of an Unmanned Aerial Vehicle (UAV). Most methods for detecting UAV anomalies indicative of an attack use machine learning or other such methods that compare normal behavior with abnormal behavior. Such approaches require large amounts of data and significant “training” time to prepare and implement the system. Instead, we consider a new approach based on other mathematical methods for detecting UAV anomalies without the need to first collect a large amount of data and describe normal behavior patterns. Doing so can simplify the process of creating an anomaly detection system, which can further facilitate easier implementation of intrusion detection systems in UAVs. This article presents issues related to ensuring the information security of UAVs. Development of the GPS spoofing detection method for UAVs is then described, based on a preliminary study that made it possible to form a mathematical apparatus for solving the problem. We then explain the necessary analysis of parameters and methods of data normalization, and the analysis of the Kullback—Leibler divergence measure needed to detect anomalies in UAV systems.

Detection of Anomalies in the Traffic of IoT Devices

The article proposes an approach to finding anomalies in the traffic of IoT devices based on time series analysis and assessing normal and abnormal behavior using statistical methods. The main goal of the proposed approach is to combine statistical methods for detecting anomalies using unlabeled data and plotting key characteristics of device profiles. Within this approach the following techniques for traffic analysis has been developed and implemented: a technique for a feature extraction, a normal behavior boundary building technique and an anomaly detection technique. To evaluate the proposed approach, we used a technique for generating event logs from devices with the generation of anomalous markup. The experiments shown that the GESD-test gives the best results for anomaly detection in IoT traffic.

Detection of Abnormal Activity to Alert the Nearby Persons via M-DNN Based Surveillance System

In today's environment, video surveillance is critical. When artificial intelligence, machine learning, and deep learning were introduced into the system, the technology had progressed much too far. Different methods are in place using the above combinations to help distinguish various wary activities from the live tracking of footages. Human behavior is the most unpredictable, and determining whether it is suspicious or normal is quite tough. In a theoretical setting, a deep learning approach is utilized to detect suspicious or normal behavior and sends an alarm to the nearby people if suspicious activity is predicted. In this paper, data fusion technique is used for feature extraction which gives an accurate outcome. Moreover, the classes are classified by the well effective machine learning approach of modified deep neural network (M-DNN), that predicts the classes very well. The proposed method gains 95% accuracy, as well the advanced system is contrast with previous methods like artificial neural network (ANN), random forest (RF) and support vector machine (SVM). This approach is well fitted for dynamic and static conditions.

Application of Artificial Intelligence and Machine Learning to Detect Drilling Anomalies Leading to Stuck Pipe Incidents

This project used predictive analytics and machine learning-based modeling to detect drilling anomalies, namely stuck pipe events. Analysis focused on historical drilling data and real-time operational data to address the limitations of physics-based modeling. This project was designed to enable drilling crews to minimize downtime and non-productive time through real-time anomaly management. The solution used data science techniques to overcome data consistency/quality issues and flag drilling anomalies leading to a stuck pipe event. Predictive machine learning models were deployed across seven wells in different fields. The models analyzed both historical and real-time data across various data channels to identify anomalies (difficulties that impact non-productive time). The modeling approach mimicked the behavior of drillers using surface parameters. Small deviations from normal behavior were identified based on combinations of surface parameters, and automated machine learning was used to accelerate and optimize the modeling process. The output was a risk score that flags deviations in rig surface parameters. During the development phase, multiple data science approaches were attempted to monitor the overall health of the drilling process. They analyzed both historical and real-time data from torque, hole depth and deviation, standpipe pressure, and various other data channels. The models detected drilling anomalies with a harmonic model accuracy of 80% and produced valid alerts on 96% of stuck pipe and tight hole events. The average forewarning was two hours. This allowed personnel ample time to make corrections before stuck pipe events could occur. This also enabled the drilling operator to save the company upwards of millions of dollars in drilling costs and downtime. This project introduced novel data aggregation and deep learning-based normal behavior modeling methods. It demonstrates the benefits of adopting predictive analytics and machine learning in drilling operations. The approach enabled operators to mitigate data issues and demonstrate real-time, high-frequency and high-accuracy predictions. As a result, the operator was able to significantly reduce non-productive time.

Cattle’s Physiology and Behavior Responses Which Transported by Camara Nusantara Vessel

This study aimed to assess the welfare and performance of Bali cattle transported by Camara Nusantara vessel. We observed five-day transporting of 30 Bali cattle (1-2 years old, 100-200kg body weight) from cattle loading at Tenau Port, Kupang and cattle handling during sea transportation to cattle unloading at Tanjung Priok Port, Jakarta. The measured parameters were cattle’s physiological responses, including body surface temperature, foaming (excessive foam around their mouth), respiration (respiration rate during transportation), and panting (any panting behavior during the transport). The behavioral responses measured in this study were feeding behavior (do cattle eat normally during transportation process), lying (can cattle lie normally), agonistic interaction (mounting, head fighting, etc.), freeze during the loading/ unloading process (stop walking during loading and unloading process), coercion (cattle was hit during loading and unloading process), and slip/fall (cattle slipped or fell during loading and unloading process). The welfare evaluation was carried out by scoring system on the observed parameters. The result showed that the cattle showed a normal physiological response, except their body surface temperature was slightly above normal, i.e., 32-35oC. The cattle also showed normal behavior responses except for coercion. The average score gets from this study was 2.5, indicative of slightly poor physiology and behavior when cattle being transported.

A Perspective Roadmap for IoMT-Based Early Detection and Care of the Neural Disorder, Dementia

The Internet of Medical Things (IoMT) has emerged as one of the most important key applications of IoT. IoMT makes the diagnosis and care more convenient and reliable with proven results. The paper presents the technology, open issues, and challenges of IoMT-based systems. It explores the various types of sensors and smart equipment based on IoMT and used for diagnosis and patient care. A comprehensive survey of early detection and postdetection care of the neural disorder dementia is conducted. The paper also presents a postdiagnosis dementia care model named “Demencare.” This model incorporates eight sensors capable of tracking the daily routine of dementia patient. The patients can be monitored locally by an edge computing device kept at their premises. The medical experts may also monitor the patients’ status for any deviation from normal behavior. IoMT enables better postdiagnosis care for neural disorders, like dementia and Alzheimer’s. The patient’s behavior and vital parameters are always available despite the remote location of the patients. The data of the patients may be classified, and new insights may be obtained to tackle patients in a better manner.

Dissociative Fugue: A Case Report

A dissociative fugue occurs when an individual with dissociative amnesia wanders away from their familiar surroundings, maintaining self‑care and apparently normal behavior to observers, lasting from hours to months in a row. New identities can be assumed and even organized travel can occur. While dissociative amnesia by itself may have a prevalence of around 7.2%, dissociative fugue is a rare entity, with unknown prevalence, and there are few reports in the literature. In this article, we describe a case of dissociative fugue in a 34‑year old woman that lasted eight months. Dissociative amnesia with fugue remains an interesting topic for further research since it can present a diagnostic challenge, there are currently no evidence‑based pharmacological treatments and prognosis varies greatly between patients.