Assessing machine's performance through comparing the same or similar machines is important to implement intelligent maintenance for swarm machine.In this paper,an outlier mining based abnormal machine detection a...Assessing machine's performance through comparing the same or similar machines is important to implement intelligent maintenance for swarm machine.In this paper,an outlier mining based abnormal machine detection algorithm is proposed for this purpose.Firstly,the outlier mining based on clustering is introduced and the definition of cluster-based global outlier factor(CBGOF) is presented.Then the modified swarm intelligence clustering(MSIC) algorithm is suggested and the outlier mining algorithm based on MSIC is proposed.The algorithm can not only cluster machines according to their performance but also detect possible abnormal machines.Finally,a comparison of mobile soccer robots' performance proves the algorithm is feasible and effective.展开更多
As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. Ther...As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.展开更多
Building energy consumption accounts for nearly 40% of global energy consumption, HVAC (Heating, Ventilating, and Air Conditioning) systems are the major building energy consumers, and as one type of HVAC systems, t...Building energy consumption accounts for nearly 40% of global energy consumption, HVAC (Heating, Ventilating, and Air Conditioning) systems are the major building energy consumers, and as one type of HVAC systems, the heat pump air conditioning system, which is more energy-efficient compared to the traditional air conditioning system, is being more widely used to save energy. However, in northern China, extreme climatic conditions increase the cooling and heating load of the heat pump air conditioning system and accelerate the aging of the equipment, and the sensor may detect drifted parameters owing to climate change. This non-linear drifted parameter increases the false alarm rate of the fault detection and the need for unnecessary troubleshooting. In order to overcome the impact of the device aging and the drifted parameter, a Kalman filter and SPC (statistical process control) fault detection method are introduced in this paper. In this method, the model parameter and its standard variance can he estimated by Kalman filter based on the gray model and the real-time data of the air conditioning system. Further, by using SPC to construct the dynamic control limits, false alarm rate is reduced. And this paper mainly focuses on the cold machine failure in the component failure and its soft fault detection. This approach has been tested on a simulation model of the "Sino-German Energy Conservation Demonstration Center" building heat pump air-conditioning system in Shenyang, China, and the results show that the Kalman filter and SPC fault detection method is simple and highly efficient with a low false alarm rate, and it can deal with the difficulties caused by the extreme environment and the non-linear influence of the parameters, and what's more, it provides a good foundation for dynamic fault diagnosis and fault prediction analysis.展开更多
As the significant branch of intelligent vehicle networking technology, the intelligent fatigue driving detection technology has been introduced into the paper in order to recognize the fatigue state of the vehicle dr...As the significant branch of intelligent vehicle networking technology, the intelligent fatigue driving detection technology has been introduced into the paper in order to recognize the fatigue state of the vehicle driver and avoid the traffic accident. The disadvantages of the traditional fatigue driving detection method have been pointed out when we study on the traditional eye tracking technology and traditional artificial neural networks. On the basis of the image topological analysis technology, Haar like features and extreme learning machine algorithm, a new detection method of the intelligent fatigue driving has been proposed in the paper. Besides, the detailed algorithm and realization scheme of the intelligent fatigue driving detection have been put forward as well. Finally, by comparing the results of the simulation experiments, the new method has been verified to have a better robustness, efficiency and accuracy in monitoring and tracking the drivers' fatigue driving by using the human eye tracking technology.展开更多
Malicious software programs usually bypass the detection of anti-virus software by hiding themselves among apparently legitimate programs.In this work,we propose Windows Virtual Machine Introspection(WVMI)to accurat...Malicious software programs usually bypass the detection of anti-virus software by hiding themselves among apparently legitimate programs.In this work,we propose Windows Virtual Machine Introspection(WVMI)to accurately detect those hidden processes by analyzing memory data.WVMI dumps in-memory data of the target Windows operating systems from hypervisor and retrieves EPROCESS structures’address of process linked list first,and then generates Data Type Confidence Table(DTCT).Next,it traverses the memory and identifies the similarities between the nodes in process linked list and the corresponding segments in the memory by utilizing DTCT.Finally,it locates the segments of Windows’EPROCESS and identifies the hidden processes by further comparison.Through extensive experiments,our experiment shows that the WVMI detects the hidden process with high identification rate,and it is independent of different versions of Windows operating system.展开更多
Epilepsy is the most common neurological disorder of the brain that affects people worldwide at any age from newborn to adult. It is characterized by recurrent seizures, which are brief episodes of signs or symptoms d...Epilepsy is the most common neurological disorder of the brain that affects people worldwide at any age from newborn to adult. It is characterized by recurrent seizures, which are brief episodes of signs or symptoms due to abnormal excessive or synchronous neuronal activity in the brain. The electroencephalogram, or EEG, is a physiological method to measure and record the electrical展开更多
With the explosive increase in mobile apps, more and more threats migrate from traditional PC client to mobile device. Compared with traditional Win+Intel alliance in PC, Android+ARM alliance dominates in Mobile Int...With the explosive increase in mobile apps, more and more threats migrate from traditional PC client to mobile device. Compared with traditional Win+Intel alliance in PC, Android+ARM alliance dominates in Mobile Internet, the apps replace the PC client software as the major target of malicious usage. In this paper, to improve the security status of current mobile apps, we propose a methodology to evaluate mobile apps based on cloud computing platform and data mining. We also present a prototype system named MobSafe to identify the mobile app's virulence or benignancy. Compared with traditional method, such as permission pattern based method, MobSafe combines the dynamic and static analysis methods to comprehensively evaluate an Android app. In the implementation, we adopt Android Security Evaluation Framework (ASEF) and Static Android Analysis Framework (SAAF), the two representative dynamic and static analysis methods, to evaluate the Android apps and estimate the total time needed to evaluate all the apps stored in one mobile app market. Based on the real trace from a commercial mobile app market called AppChina, we can collect the statistics of the number of active Android apps, the average number apps installed in one Android device, and the expanding ratio of mobile apps. As mobile app market serves as the main line of defence against mobile malwares, our evaluation results show that it is practical to use cloud computing platform and data mining to verify all stored apps routinely to filter out malware apps from mobile app markets. As the future work, MobSafe can extensively use machine learning to conduct automotive forensic analysis of mobile apps based on the generated multifaceted data in this stage.展开更多
Domain name generation algorithm(DGA)classification is an essential but challenging problem.Both feature-extract-ing machine learning(ML)methods and deep learning(DL)models such as convolutional neural networks and lo...Domain name generation algorithm(DGA)classification is an essential but challenging problem.Both feature-extract-ing machine learning(ML)methods and deep learning(DL)models such as convolutional neural networks and long short-term memory have been developed.However,the performance of these approaches varies with different types of DGAs.Most features in the ML methods can characterize random-looking DGAs better than Word-looking DGAs.To improve the classification performance on word-looking DGAs,subword tokenization is employed for the DL mod-els.Our experimental results proved that the subword tokenization can provide excellent classification performance on the word-looking DGAs.We then propose an integrated scheme that chooses an appropriate method for DGA classification depending on the nature of the DGAs.Results show that the integrated scheme outperformed existing ML and DL methods,and also the subword DL methods.展开更多
Purpose:The purpose of this study is to propose a new method for the end-to-end classification of steel surface defects.Design/methodology/approach:This study proposes an AM-AoN-SNN algorithm,which combines an attenti...Purpose:The purpose of this study is to propose a new method for the end-to-end classification of steel surface defects.Design/methodology/approach:This study proposes an AM-AoN-SNN algorithm,which combines an attention mechanism(AM)with an All-optical Neuron-based spiking neural network(AoN-SNN).The AM enhances network learning and extracts defective features,while the AoN-SNN predicts both the labels of the defects and the final labels of the images.Compared to the conventional Leaky-Integrated and Fire SNN,the AoN-SNN has improved the activation of neurons.Findings:The experimental findings on Northeast University(NEU)-CLS demonstrate that the proposed neural network detection approach outperforms other methods.Furthermore,the network’s effectiveness was tested,and the results indicate that the proposed method can achieve high detection accuracy and strong anti-interference capabilities while maintaining a basic structure.Originality/value:This study introduces a novel approach to classifying steel surface defects using a combination of a shallow AoN-SNN and a hybrid AM with different network architectures.The proposed method is the first study of SNN networks applied to this task.展开更多
基金the National Natural Science Foundation of China (No. 50705054)
文摘Assessing machine's performance through comparing the same or similar machines is important to implement intelligent maintenance for swarm machine.In this paper,an outlier mining based abnormal machine detection algorithm is proposed for this purpose.Firstly,the outlier mining based on clustering is introduced and the definition of cluster-based global outlier factor(CBGOF) is presented.Then the modified swarm intelligence clustering(MSIC) algorithm is suggested and the outlier mining algorithm based on MSIC is proposed.The algorithm can not only cluster machines according to their performance but also detect possible abnormal machines.Finally,a comparison of mobile soccer robots' performance proves the algorithm is feasible and effective.
基金supported by the Ministry of Trade,Industry and Energy(MOTIE)under Training Industrial Security Specialist for High-Tech Industry(RS-2024-00415520)supervised by the Korea Institute for Advancement of Technology(KIAT)the Ministry of Science and ICT(MSIT)under the ICT Challenge and Advanced Network of HRD(ICAN)Program(No.IITP-2022-RS-2022-00156310)supervised by the Institute of Information&Communication Technology Planning&Evaluation(IITP).
文摘As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.
基金Supported by the National Natural Science Foundation Committee of China(61503259)China Postdoctoral Science Foundation Funded Project(2017M611261)+1 种基金Chinese Scholarship Council(201608210107)Hanyu Plan of Shenyang Jianzhu University(XKHY2-64)
文摘Building energy consumption accounts for nearly 40% of global energy consumption, HVAC (Heating, Ventilating, and Air Conditioning) systems are the major building energy consumers, and as one type of HVAC systems, the heat pump air conditioning system, which is more energy-efficient compared to the traditional air conditioning system, is being more widely used to save energy. However, in northern China, extreme climatic conditions increase the cooling and heating load of the heat pump air conditioning system and accelerate the aging of the equipment, and the sensor may detect drifted parameters owing to climate change. This non-linear drifted parameter increases the false alarm rate of the fault detection and the need for unnecessary troubleshooting. In order to overcome the impact of the device aging and the drifted parameter, a Kalman filter and SPC (statistical process control) fault detection method are introduced in this paper. In this method, the model parameter and its standard variance can he estimated by Kalman filter based on the gray model and the real-time data of the air conditioning system. Further, by using SPC to construct the dynamic control limits, false alarm rate is reduced. And this paper mainly focuses on the cold machine failure in the component failure and its soft fault detection. This approach has been tested on a simulation model of the "Sino-German Energy Conservation Demonstration Center" building heat pump air-conditioning system in Shenyang, China, and the results show that the Kalman filter and SPC fault detection method is simple and highly efficient with a low false alarm rate, and it can deal with the difficulties caused by the extreme environment and the non-linear influence of the parameters, and what's more, it provides a good foundation for dynamic fault diagnosis and fault prediction analysis.
基金supported by the National Natural Science Foundation of China(61272357,61300074,61572075)
文摘As the significant branch of intelligent vehicle networking technology, the intelligent fatigue driving detection technology has been introduced into the paper in order to recognize the fatigue state of the vehicle driver and avoid the traffic accident. The disadvantages of the traditional fatigue driving detection method have been pointed out when we study on the traditional eye tracking technology and traditional artificial neural networks. On the basis of the image topological analysis technology, Haar like features and extreme learning machine algorithm, a new detection method of the intelligent fatigue driving has been proposed in the paper. Besides, the detailed algorithm and realization scheme of the intelligent fatigue driving detection have been put forward as well. Finally, by comparing the results of the simulation experiments, the new method has been verified to have a better robustness, efficiency and accuracy in monitoring and tracking the drivers' fatigue driving by using the human eye tracking technology.
基金Supported by the National Natural Science Foundation of China(61170026)
文摘Malicious software programs usually bypass the detection of anti-virus software by hiding themselves among apparently legitimate programs.In this work,we propose Windows Virtual Machine Introspection(WVMI)to accurately detect those hidden processes by analyzing memory data.WVMI dumps in-memory data of the target Windows operating systems from hypervisor and retrieves EPROCESS structures’address of process linked list first,and then generates Data Type Confidence Table(DTCT).Next,it traverses the memory and identifies the similarities between the nodes in process linked list and the corresponding segments in the memory by utilizing DTCT.Finally,it locates the segments of Windows’EPROCESS and identifies the hidden processes by further comparison.Through extensive experiments,our experiment shows that the WVMI detects the hidden process with high identification rate,and it is independent of different versions of Windows operating system.
文摘Epilepsy is the most common neurological disorder of the brain that affects people worldwide at any age from newborn to adult. It is characterized by recurrent seizures, which are brief episodes of signs or symptoms due to abnormal excessive or synchronous neuronal activity in the brain. The electroencephalogram, or EEG, is a physiological method to measure and record the electrical
基金the National Key Basic Research and Development (973) Program of China (Nos. 2012CB315801 and 2011CB302805)the National Natural Science Foundation of China (Nos. 61161140320 and 61233016)Intel Research Council with the title of Security Vulnerability Analysis based on Cloud Platform with Intel IA Architecture
文摘With the explosive increase in mobile apps, more and more threats migrate from traditional PC client to mobile device. Compared with traditional Win+Intel alliance in PC, Android+ARM alliance dominates in Mobile Internet, the apps replace the PC client software as the major target of malicious usage. In this paper, to improve the security status of current mobile apps, we propose a methodology to evaluate mobile apps based on cloud computing platform and data mining. We also present a prototype system named MobSafe to identify the mobile app's virulence or benignancy. Compared with traditional method, such as permission pattern based method, MobSafe combines the dynamic and static analysis methods to comprehensively evaluate an Android app. In the implementation, we adopt Android Security Evaluation Framework (ASEF) and Static Android Analysis Framework (SAAF), the two representative dynamic and static analysis methods, to evaluate the Android apps and estimate the total time needed to evaluate all the apps stored in one mobile app market. Based on the real trace from a commercial mobile app market called AppChina, we can collect the statistics of the number of active Android apps, the average number apps installed in one Android device, and the expanding ratio of mobile apps. As mobile app market serves as the main line of defence against mobile malwares, our evaluation results show that it is practical to use cloud computing platform and data mining to verify all stored apps routinely to filter out malware apps from mobile app markets. As the future work, MobSafe can extensively use machine learning to conduct automotive forensic analysis of mobile apps based on the generated multifaceted data in this stage.
文摘Domain name generation algorithm(DGA)classification is an essential but challenging problem.Both feature-extract-ing machine learning(ML)methods and deep learning(DL)models such as convolutional neural networks and long short-term memory have been developed.However,the performance of these approaches varies with different types of DGAs.Most features in the ML methods can characterize random-looking DGAs better than Word-looking DGAs.To improve the classification performance on word-looking DGAs,subword tokenization is employed for the DL mod-els.Our experimental results proved that the subword tokenization can provide excellent classification performance on the word-looking DGAs.We then propose an integrated scheme that chooses an appropriate method for DGA classification depending on the nature of the DGAs.Results show that the integrated scheme outperformed existing ML and DL methods,and also the subword DL methods.
基金supported by the Jiangsu Agriculture Science and Technology Innovation Fund(Grant No.CX(21)3145).
文摘Purpose:The purpose of this study is to propose a new method for the end-to-end classification of steel surface defects.Design/methodology/approach:This study proposes an AM-AoN-SNN algorithm,which combines an attention mechanism(AM)with an All-optical Neuron-based spiking neural network(AoN-SNN).The AM enhances network learning and extracts defective features,while the AoN-SNN predicts both the labels of the defects and the final labels of the images.Compared to the conventional Leaky-Integrated and Fire SNN,the AoN-SNN has improved the activation of neurons.Findings:The experimental findings on Northeast University(NEU)-CLS demonstrate that the proposed neural network detection approach outperforms other methods.Furthermore,the network’s effectiveness was tested,and the results indicate that the proposed method can achieve high detection accuracy and strong anti-interference capabilities while maintaining a basic structure.Originality/value:This study introduces a novel approach to classifying steel surface defects using a combination of a shallow AoN-SNN and a hybrid AM with different network architectures.The proposed method is the first study of SNN networks applied to this task.
