Improving Diversity and Quality of Adversarial Examples in Adversarial Transformation Network

This paper proposes a method to mitigate two major issues of Adversarial Transformation Networks (ATN) including the low diversity and the low quality of adversarial examples. In order to deal with the first issue, this research proposes a stacked convolutional autoencoder based on pattern to generalize ATN. This proposed autoencoder could support different patterns such as all-feature pattern , border feature pattern , and class model map pattern . In order to deal with the second issue, this paper presents an algorithm to improve the quality of adversarial examples in terms of L 0 -norm and L 2 -norm. This algorithm employs an adversarial feature ranking heuristics such as JSMA and COI to prioritize adversarial features. To demonstrate the advantages of the proposed method, comprehensive experiments have been conducted on the MNIST dataset and the CIFAR-10 dataset. For the first issue, the proposed autoencoder can generate diverse adversarial examples with the average success rate above 99%. For the second issue, the proposed algorithm could not only improve the quality of adversarial examples significantly but also maintain the average success rate. In terms of L 0 -norm, the proposed algorithm could decrease from hundreds of adversarial features to one adversarial feature. In terms of L 2 -norm, the proposed algorithm could reduce the average distance considerably. These results show that the proposed method is capable of generating high-quality and diverse adversarial examples in practice.

Greedy 3-Point Search (G3PS)—A Novel Algorithm for Pharmacophore Alignment

Chemical features of small molecules can be abstracted to 3D pharmacophore models, which are easy to generate, interpret, and adapt by medicinal chemists. Three-dimensional pharmacophores can be used to efficiently match and align molecules according to their chemical feature pattern, which facilitates the virtual screening of even large compound databases. Existing alignment methods, used in computational drug discovery and bio-activity prediction, are often not suitable for finding matches between pharmacophores accurately as they purely aim to minimize RMSD or maximize volume overlap, when the actual goal is to match as many features as possible within the positional tolerances of the pharmacophore features. As a consequence, the obtained alignment results are often suboptimal in terms of the number of geometrically matched feature pairs, which increases the false-negative rate, thus negatively affecting the outcome of virtual screening experiments. We addressed this issue by introducing a new alignment algorithm, Greedy 3-Point Search (G3PS), which aims at finding optimal alignments by using a matching-feature-pair maximizing search strategy while at the same time being faster than competing methods.

A Vibrational Signal Fault Diagnosis Rule Extraction Method Based on DST-ACI Discriminant Criterion

A fault diagnosis rule extraction method oriented to machine foot signal based on dynamic support threshold and association coefficient interestingness (DST-ACI) discriminant criterion is proposed in this paper. The new method includes three main innovations. First, the feature state coding method based on K-means clustering fully takes into account the imbalanced distribution of signal feature values due to the noise interference, and divide the signal feature values into several range intervals to generate the feature state code. Second, the frequent feature pattern mining method based on dynamic support threshold (DST) discriminant criterion can dynamically adjust support threshold according to the frequency of the feature states in each candidate pattern. Third, the fault diagnosis rule extraction method based on the association coefficient interestingness (ACI) discriminant criterion introduces a new metrics called ACI to evaluate the correlation between the pattern and the fault. Four types of fault simulation experiments were carried out, and the performance of the DST-ACI method was tested using the collected vibration signal. The results show that compared with the coding method based on equal-width discretization or equal-density discretization, the accuracy of the transactional dataset generated by the feature state coding method based on K-means clustering is higher. Compared with the frequent feature pattern mining method based on the constant support threshold criterion, the pattern mined by the DST-based criterion has generally higher support. Compared with the existing confidence-lift-based and confidence-improint-based fault diagnosis rule extraction frameworks, the positive correlation between the feature states and the fault type of the rules extracted based on the DST-ACI framework is generally stronger.

UGRansome1819: A Novel Dataset for Anomaly Detection and Zero-Day Threats

This research attempts to introduce the production methodology of an anomaly detection dataset using ten desirable requirements. Subsequently, the article presents the produced dataset named UGRansome, created with up-to-date and modern network traffic (netflow), which represents cyclostationary patterns of normal and abnormal classes of threatening behaviours. It was discovered that the timestamp of various network attacks is inferior to one minute and this feature pattern was used to record the time taken by the threat to infiltrate a network node. The main asset of the proposed dataset is its implication in the detection of zero-day attacks and anomalies that have not been explored before and cannot be recognised by known threats signatures. For instance, the UDP Scan attack has been found to utilise the lowest netflow in the corpus, while the Razy utilises the highest one. In turn, the EDA2 and Globe malware are the most abnormal zero-day threats in the proposed dataset. These feature patterns are included in the corpus, but derived from two well-known datasets, namely, UGR’16 and ransomware that include real-life instances. The former incorporates cyclostationary patterns while the latter includes ransomware features. The UGRansome dataset was tested with cross-validation and compared to the KDD99 and NSL-KDD datasets to assess the performance of Ensemble Learning algorithms. False alarms have been minimized with a null empirical error during the experiment, which demonstrates that implementing the Random Forest algorithm applied to UGRansome can facilitate accurate results to enhance zero-day threats detection. Additionally, most zero-day threats such as Razy, Globe, EDA2, and TowerWeb are recognised as advanced persistent threats that are cyclostationary in nature and it is predicted that they will be using spamming and phishing for intrusion. Lastly, achieving the UGRansome balance was found to be NP-Hard due to real life-threatening classes that do not have a uniform distribution in terms of several instances.

MTAD-TF: Multivariate Time Series Anomaly Detection Using the Combination of Temporal Pattern and Feature Pattern

Currently, multivariate time series anomaly detection has made great progress in many fields and occupied an important position. The common limitation of many related studies is that there is only temporal pattern without capturing the relationship between variables and the loss of information leads to false warnings. Our article proposes an unsupervised multivariate time series anomaly detection. In the prediction part, multiscale convolution and graph attention network are mainly used to capture information in temporal pattern with feature pattern. The threshold selection part uses the root mean square error between the predicted value and the actual value to perform extreme value analysis to obtain the threshold. Finally, the model in this paper outperforms other latest models on actual datasets.