Visible to the public Biblio

Filters: Keyword is Decision trees  [Clear All Filters]
2021-09-21
bin Asad, Ashub, Mansur, Raiyan, Zawad, Safir, Evan, Nahian, Hossain, Muhammad Iqbal.  2020.  Analysis of Malware Prediction Based on Infection Rate Using Machine Learning Techniques. 2020 IEEE Region 10 Symposium (TENSYMP). :706–709.
In this modern, technological age, the internet has been adopted by the masses. And with it, the danger of malicious attacks by cybercriminals have increased. These attacks are done via Malware, and have resulted in billions of dollars of financial damage. This makes the prevention of malicious attacks an essential part of the battle against cybercrime. In this paper, we are applying machine learning algorithms to predict the malware infection rates of computers based on its features. We are using supervised machine learning algorithms and gradient boosting algorithms. We have collected a publicly available dataset, which was divided into two parts, one being the training set, and the other will be the testing set. After conducting four different experiments using the aforementioned algorithms, it has been discovered that LightGBM is the best model with an AUC Score of 0.73926.
2021-04-29
Fischer, A., Janneck, J., Kussmaul, J., Krätzschmar, N., Kerschbaum, F., Bodden, E..  2020.  PASAPTO: Policy-aware Security and Performance Trade-off Analysis–Computation on Encrypted Data with Restricted Leakage. 2020 IEEE 33rd Computer Security Foundations Symposium (CSF). :230—245.

This work considers the trade-off between security and performance when revealing partial information about encrypted data computed on. The focus of our work is on information revealed through control flow side-channels when executing programs on encrypted data. We use quantitative information flow to measure security, running time to measure performance and program transformation techniques to alter the trade-off between the two. Combined with information flow policies, we perform a policy-aware security and performance trade-off (PASAPTO) analysis. We formalize the problem of PASAPTO analysis as an optimization problem, prove the NP-hardness of the corresponding decision problem and present two algorithms solving it heuristically. We implemented our algorithms and combined them with the Dataflow Authentication (DFAuth) approach for outsourcing sensitive computations. Our DFAuth Trade-off Analyzer (DFATA) takes Java Bytecode operating on plaintext data and an associated information flow policy as input. It outputs semantically equivalent program variants operating on encrypted data which are policy-compliant and approximately Pareto-optimal with respect to leakage and performance. We evaluated DFATA in a commercial cloud environment using Java programs, e.g., a decision tree program performing machine learning on medical data. The decision tree variant with the worst performance is 357% slower than the fastest variant. Leakage varies between 0% and 17% of the input.

2021-03-09
Susanto, Stiawan, D., Arifin, M. A. S., Idris, M. Y., Budiarto, R..  2020.  IoT Botnet Malware Classification Using Weka Tool and Scikit-learn Machine Learning. 2020 7th International Conference on Electrical Engineering, Computer Sciences and Informatics (EECSI). :15—20.

Botnet is one of the threats to internet network security-Botmaster in carrying out attacks on the network by relying on communication on network traffic. Internet of Things (IoT) network infrastructure consists of devices that are inexpensive, low-power, always-on, always connected to the network, and are inconspicuous and have ubiquity and inconspicuousness characteristics so that these characteristics make IoT devices an attractive target for botnet malware attacks. In identifying whether packet traffic is a malware attack or not, one can use machine learning classification methods. By using Weka and Scikit-learn analysis tools machine learning, this paper implements four machine learning algorithms, i.e.: AdaBoost, Decision Tree, Random Forest, and Naïve Bayes. Then experiments are conducted to measure the performance of the four algorithms in terms of accuracy, execution time, and false positive rate (FPR). Experiment results show that the Weka tool provides more accurate and efficient classification methods. However, in false positive rate, the use of Scikit-learn provides better results.

Injadat, M., Moubayed, A., Shami, A..  2020.  Detecting Botnet Attacks in IoT Environments: An Optimized Machine Learning Approach. 2020 32nd International Conference on Microelectronics (ICM). :1—4.

The increased reliance on the Internet and the corresponding surge in connectivity demand has led to a significant growth in Internet-of-Things (IoT) devices. The continued deployment of IoT devices has in turn led to an increase in network attacks due to the larger number of potential attack surfaces as illustrated by the recent reports that IoT malware attacks increased by 215.7% from 10.3 million in 2017 to 32.7 million in 2018. This illustrates the increased vulnerability and susceptibility of IoT devices and networks. Therefore, there is a need for proper effective and efficient attack detection and mitigation techniques in such environments. Machine learning (ML) has emerged as one potential solution due to the abundance of data generated and available for IoT devices and networks. Hence, they have significant potential to be adopted for intrusion detection for IoT environments. To that end, this paper proposes an optimized ML-based framework consisting of a combination of Bayesian optimization Gaussian Process (BO-GP) algorithm and decision tree (DT) classification model to detect attacks on IoT devices in an effective and efficient manner. The performance of the proposed framework is evaluated using the Bot-IoT-2018 dataset. Experimental results show that the proposed optimized framework has a high detection accuracy, precision, recall, and F-score, highlighting its effectiveness and robustness for the detection of botnet attacks in IoT environments.

Herrera, A. E. Hinojosa, Walshaw, C., Bailey, C..  2020.  Improving Black Box Classification Model Veracity for Electronics Anomaly Detection. 2020 15th IEEE Conference on Industrial Electronics and Applications (ICIEA). :1092–1097.
Data driven classification models are useful to assess quality of manufactured electronics. Because decisions are taken based on the models, their veracity is relevant, covering aspects such as accuracy, transparency and clarity. The proposed BB-Stepwise algorithm aims to improve the classification model transparency and accuracy of black box models. K-Nearest Neighbours (KNN) is a black box model which is easy to implement and has achieved good classification performance in different applications. In this paper KNN-Stepwise is illustrated for fault detection of electronics devices. The results achieved shows that the proposed algorithm was able to improve the accuracy, veracity and transparency of KNN models and achieve higher transparency and clarity, and at least similar accuracy than when using Decision Tree models.
2021-03-04
Crescenzo, G. D., Bahler, L., McIntosh, A..  2020.  Encrypted-Input Program Obfuscation: Simultaneous Security Against White-Box and Black-Box Attacks. 2020 IEEE Conference on Communications and Network Security (CNS). :1—9.

We consider the problem of protecting cloud services from simultaneous white-box and black-box attacks. Recent research in cryptographic program obfuscation considers the problem of protecting the confidentiality of programs and any secrets in them. In this model, a provable program obfuscation solution makes white-box attacks to the program not more useful than black-box attacks. Motivated by very recent results showing successful black-box attacks to machine learning programs run by cloud servers, we propose and study the approach of augmenting the program obfuscation solution model so to achieve, in at least some class of application scenarios, program confidentiality in the presence of both white-box and black-box attacks.We propose and formally define encrypted-input program obfuscation, where a key is shared between the entity obfuscating the program and the entity encrypting the program's inputs. We believe this model might be of interest in practical scenarios where cloud programs operate over encrypted data received by associated sensors (e.g., Internet of Things, Smart Grid).Under standard intractability assumptions, we show various results that are not known in the traditional cryptographic program obfuscation model; most notably: Yao's garbled circuit technique implies encrypted-input program obfuscation hiding all gates of an arbitrary polynomial circuit; and very efficient encrypted-input program obfuscation for range membership programs and a class of machine learning programs (i.e., decision trees). The performance of the latter solutions has only a small constant overhead over the equivalent unobfuscated program.

2021-02-10
Tanana, D..  2020.  Behavior-Based Detection of Cryptojacking Malware. 2020 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT). :0543—0545.
With rise of cryptocurrency popularity and value, more and more cybercriminals seek to profit using that new technology. Most common ways to obtain illegitimate profit using cryptocurrencies are ransomware and cryptojacking also known as malicious mining. And while ransomware is well-known and well-studied threat which is obvious by design, cryptojacking is often neglected because it's less harmful and much harder to detect. This article considers question of cryptojacking detection. Brief history and definition of cryptojacking are described as well as reasons for designing custom detection technique. We also propose complex detection technique based on CPU load by an application, which can be applied to both browser-based and executable-type cryptojacking samples. Prototype detection program based on our technique was designed using decision tree algorithm. The program was tested in a controlled virtual machine environment and achieved 82% success rate against selected number of cryptojacking samples. Finally, we'll discuss generalization of proposed technique for future work.
2021-01-11
Bhat, P., Batakurki, M., Chari, M..  2020.  Classifier with Deep Deviation Detection in PoE-IoT Devices. 2020 IEEE International Conference on Electronics, Computing and Communication Technologies (CONECCT). :1–3.
With the rapid growth in diversity of PoE-IoT devices and concept of "Edge intelligence", PoE-IoT security and behavior analysis is the major concern. These PoE-IoT devices lack visibility when the entire network infrastructure is taken into account. The IoT devices are prone to have design faults in their security capabilities. The entire network may be put to risk by attacks on vulnerable IoT devices or malware might get introduced into IoT devices even by routine operations such as firmware upgrade. There have been various approaches based on machine learning(ML) to classify PoE-IoT devices based on network traffic characteristics such as Deep Packet Inspection(DPI). In this paper, we propose a novel method for PoE-IoT classification where ML algorithm, Decision Tree is used. In addition to classification, this method provides useful insights to the network deployment, based on the deviations detected. These insights can further be used for shaping policies, troubleshooting and behavior analysis of PoE-IoT devices.
2020-12-14
Dong, D., Ye, Z., Su, J., Xie, S., Cao, Y., Kochan, R..  2020.  A Malware Detection Method Based on Improved Fireworks Algorithm and Support Vector Machine. 2020 IEEE 15th International Conference on Advanced Trends in Radioelectronics, Telecommunications and Computer Engineering (TCSET). :846–851.
The increasing of malwares has presented a serious threat to the security of computer systems in recent years. Traditional signature-based anti-virus systems are not able to detect metamorphic and previously unseen malwares and it inspires people to use machine learning methods such as Naive Bayes and Decision Tree to identity malicious executables. Among these methods, detecting malwares by using Support Vector Machine (SVM) is one of the most effective approaches. However, the parameters of SVM have serious impacts on its classification performance. In order to find the optimal parameter combination and avoid the problem of falling into local optimal solution, many methods based on evolutionary algorithms are proposed, including Particle Swarm Optimization (PSO), Genetic Algorithm (GA), Differential Evolution (DE) and others. But these algorithms still face the problem of being trapped into local solution spaces in different degree. In this paper, an improved fireworks algorithm is presented and applied to search parameters of SVM: penalty factor c and kernel function parameter g. To research the performance of the proposed algorithm, numeric experiments are made and compared with some typical algorithms, the experimental results demonstrate it outperforms other algorithms.
2020-09-04
Liang, Jiaqi, Li, Linjing, Chen, Weiyun, Zeng, Daniel.  2019.  Targeted Addresses Identification for Bitcoin with Network Representation Learning. 2019 IEEE International Conference on Intelligence and Security Informatics (ISI). :158—160.

The anonymity and decentralization of Bitcoin make it widely accepted in illegal transactions, such as money laundering, drug and weapon trafficking, gambling, to name a few, which has already caused significant security risk all around the world. The obvious de-anonymity approach that matches transaction addresses and users is not possible in practice due to limited annotated data set. In this paper, we divide addresses into four types, exchange, gambling, service, and general, and propose targeted addresses identification algorithms with high fault tolerance which may be employed in a wide range of applications. We use network representation learning to extract features and train imbalanced multi-classifiers. Experimental results validated the effectiveness of the proposed method.

2020-08-28
He, Chengkang, Cui, Aijiao, Chang, Chip-Hong.  2019.  Identification of State Registers of FSM Through Full Scan by Data Analytics. 2019 Asian Hardware Oriented Security and Trust Symposium (AsianHOST). :1—6.

Finite-state machine (FSM) is widely used as control unit in most digital designs. Many intellectual property protection and obfuscation techniques leverage on the exponential number of possible states and state transitions of large FSM to secure a physical design with the reason that it is challenging to retrieve the FSM design from its downstream design or physical implementation without knowledge of the design. In this paper, we postulate that this assumption may not be sustainable with big data analytics. We demonstrate by applying a data mining technique to analyze sufficiently large amount of data collected from a full scan design to identify its FSM state registers. An impact metric is introduced to discriminate FSM state registers from other registers. A decision tree algorithm is constructed from the scan data for the regression analysis of the dependency of other registers on a chosen register to deduce its impact. The registers with the greater impact are more likely to be the FSM state registers. The proposed scheme is applied on several complex designs from OpenCores. The experiment results show the feasibility of our scheme in correctly identifying most FSM state registers with a high hit rate for a large majority of the designs.

2020-08-24
Thirumaran, M., Moshika, A., Padmanaban, R..  2019.  Hybrid Model for Web Application Vulnerability Assessment Using Decision Tree and Bayesian Belief Network. 2019 IEEE International Conference on System, Computation, Automation and Networking (ICSCAN). :1–7.
In the existing situation, most of the business process are running through web applications. This helps the enterprises to grow their business efficiently which creates a good consumer relationship. But the main problem is that they failed to provide a vulnerable free environment. To overcome this issue in web applications, vulnerability assessment should be made periodically. They are many vulnerability assessment methodologies which occur earlier are not much proactive. So, machine learning is needed to provide a combined solution to determine vulnerability occurrence and percentage of vulnerability occurred in logical web pages. We use Decision Tree and Bayesian Belief Network (BBN) as a collective solution to find either vulnerability occur in web applications and the vulnerability occurred percentage on different logical web pages.
2020-07-13
Agrawal, Shriyansh, Sanagavarapu, Lalit Mohan, Reddy, YR.  2019.  FACT - Fine grained Assessment of web page CredibiliTy. TENCON 2019 - 2019 IEEE Region 10 Conference (TENCON). :1088–1097.
With more than a trillion web pages, there is a plethora of content available for consumption. Search Engine queries invariably lead to overwhelming information, parts of it relevant and some others irrelevant. Often the information provided can be conflicting, ambiguous, and inconsistent contributing to the loss of credibility of the content. In the past, researchers have proposed approaches for credibility assessment and enumerated factors influencing the credibility of web pages. In this work, we detailed a WEBCred framework for automated genre-aware credibility assessment of web pages. We developed a tool based on the proposed framework to extract web page features instances and identify genre a web page belongs to while assessing it's Genre Credibility Score ( GCS). We validated our approach on `Information Security' dataset of 8,550 URLs with 171 features across 7 genres. The supervised learning algorithm, Gradient Boosted Decision Tree classified genres with 88.75% testing accuracy over 10 fold cross-validation, an improvement over the current benchmark. We also examined our approach on `Health' domain web pages and had comparable results. The calculated GCS correlated 69% with crowdsourced Web Of Trust ( WOT) score and 13% with algorithm based Alexa ranking across 5 Information security groups. This variance in correlation states that our GCS approach aligns with human way ( WOT) as compared to algorithmic way (Alexa) of web assessment in both the experiments.
2020-07-09
Nisha, D, Sivaraman, E, Honnavalli, Prasad B.  2019.  Predicting and Preventing Malware in Machine Learning Model. 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1—7.

Machine learning is a major area in artificial intelligence, which enables computer to learn itself explicitly without programming. As machine learning is widely used in making decision automatically, attackers have strong intention to manipulate the prediction generated my machine learning model. In this paper we study about the different types of attacks and its countermeasures on machine learning model. By research we found that there are many security threats in various algorithms such as K-nearest-neighbors (KNN) classifier, random forest, AdaBoost, support vector machine (SVM), decision tree, we revisit existing security threads and check what are the possible countermeasures during the training and prediction phase of machine learning model. In machine learning model there are 2 types of attacks that is causative attack which occurs during the training phase and exploratory attack which occurs during the prediction phase, we will also discuss about the countermeasures on machine learning model, the countermeasures are data sanitization, algorithm robustness enhancement, and privacy preserving techniques.

2020-06-22
Lv, Chaoxian, Li, Qianmu, Long, Huaqiu, Ren, Yumei, Ling, Fei.  2019.  A Differential Privacy Random Forest Method of Privacy Protection in Cloud. 2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). :470–475.
This paper proposes a new random forest classification algorithm based on differential privacy protection. In order to reduce the impact of differential privacy protection on the accuracy of random forest classification, a hybrid decision tree algorithm is proposed in this paper. The hybrid decision tree algorithm is applied to the construction of random forest, which balances the privacy and classification accuracy of the random forest algorithm based on differential privacy. Experiment results show that the random forest algorithm based on differential privacy can provide high privacy protection while ensuring high classification performance, achieving a balance between privacy and classification accuracy, and has practical application value.
2020-06-08
Huang, Jiamin, Lu, Yueming, Guo, Kun.  2019.  A Hybrid Packet Classification Algorithm Based on Hash Table and Geometric Space Partition. 2019 IEEE Fourth International Conference on Data Science in Cyberspace (DSC). :587–592.
The emergence of integrated space-ground network (ISGN), with more complex network conditions compared with tradition network, requires packet classification to achieve high performance. Packet classification plays an important role in the field of network security. Although several existing classification schemes have been proposed recently to improve classification performance, the performance of these schemes is unable to meet the high-speed packet classification requirement in ISGN. To tackle this problem, a hybrid packet classification algorithm based on hash table and geometric space partition (HGSP) is proposed in this paper. HGSP falls into two sections: geometric space partition and hash matching. To improve the classification speed under the same accuracy, a parallel structure of hash table is designed to match the huge packets for classifying. The experimental results demonstrate that the matching time of HGSP algorithm is reduced by 40%-70% compared with traditional Hicuts algorithm. Particularly, with the growth of ruleset, the advantage of HGSP algorithm will become more obvious.
2020-05-26
Jim, Lincy Elizebeth, Chacko, Jim.  2019.  Decision Tree based AIS strategy for Intrusion Detection in MANET. TENCON 2019 - 2019 IEEE Region 10 Conference (TENCON). :1191–1195.
Mobile Ad hoc Networks (MANETs) are wireless networks that are void of fixed infrastructure as the communication between nodes are dependent on the liaison of each node in the network. The efficacy of MANET in critical scenarios like battlefield communications, natural disaster require new security strategies and policies to guarantee the integrity of nodes in the network. Due to the inherent frailty of MANETs, new security measures need to be developed to defend them. Intrusion Detection strategy used in wired networks are unbefitting for wireless networks due to reasons not limited to resource constraints of participating nodes and nature of communication. Nodes in MANET utilize multi hop communication to forward packets and this result in consumption of resources like battery and memory. The intruder or cheat nodes decide to cooperate or non-cooperate with other nodes. The cheat nodes reduce the overall effectiveness of network communications such as reduced packet delivery ratio and sometimes increase the congestion of the network by forwarding the packet to wrong destination and causing packets to take more times to reach the appropriate final destination. In this paper a decision tree based artificial immune system (AIS) strategy is utilized to detect such cheat nodes thereby improving the efficiency of packet delivery.
2020-04-10
Newaz, AKM Iqtidar, Sikder, Amit Kumar, Rahman, Mohammad Ashiqur, Uluagac, A. Selcuk.  2019.  HealthGuard: A Machine Learning-Based Security Framework for Smart Healthcare Systems. 2019 Sixth International Conference on Social Networks Analysis, Management and Security (SNAMS). :389—396.
The integration of Internet-of-Things and pervasive computing in medical devices have made the modern healthcare system “smart.” Today, the function of the healthcare system is not limited to treat the patients only. With the help of implantable medical devices and wearables, Smart Healthcare System (SHS) can continuously monitor different vital signs of a patient and automatically detect and prevent critical medical conditions. However, these increasing functionalities of SHS raise several security concerns and attackers can exploit the SHS in numerous ways: they can impede normal function of the SHS, inject false data to change vital signs, and tamper a medical device to change the outcome of a medical emergency. In this paper, we propose HealthGuard, a novel machine learning-based security framework to detect malicious activities in a SHS. HealthGuard observes the vital signs of different connected devices of a SHS and correlates the vitals to understand the changes in body functions of the patient to distinguish benign and malicious activities. HealthGuard utilizes four different machine learning-based detection techniques (Artificial Neural Network, Decision Tree, Random Forest, k-Nearest Neighbor) to detect malicious activities in a SHS. We trained HealthGuard with data collected for eight different smart medical devices for twelve benign events including seven normal user activities and five disease-affected events. Furthermore, we evaluated the performance of HealthGuard against three different malicious threats. Our extensive evaluation shows that HealthGuard is an effective security framework for SHS with an accuracy of 91 % and an F1 score of 90 %.
2020-04-03
Calvert, Chad L., Khoshgoftaar, Taghi M..  2019.  Threshold Based Optimization of Performance Metrics with Severely Imbalanced Big Security Data. 2019 IEEE 31st International Conference on Tools with Artificial Intelligence (ICTAI). :1328—1334.

Proper evaluation of classifier predictive models requires the selection of appropriate metrics to gauge the effectiveness of a model's performance. The Area Under the Receiver Operating Characteristic Curve (AUC) has become the de facto standard metric for evaluating this classifier performance. However, recent studies have suggested that AUC is not necessarily the best metric for all types of datasets, especially those in which there exists a high or severe level of class imbalance. There is a need to assess which specific metrics are most beneficial to evaluate the performance of highly imbalanced big data. In this work, we evaluate the performance of eight machine learning techniques on a severely imbalanced big dataset pertaining to the cyber security domain. We analyze the behavior of six different metrics to determine which provides the best representation of a model's predictive performance. We also evaluate the impact that adjusting the classification threshold has on our metrics. Our results find that the C4.5N decision tree is the optimal learner when evaluating all presented metrics for severely imbalanced Slow HTTP DoS attack data. Based on our results, we propose that the use of AUC alone as a primary metric for evaluating highly imbalanced big data may be ineffective, and the evaluation of metrics such as F-measure and Geometric mean can offer substantial insight into the true performance of a given model.

2020-03-30
Scherzinger, Stefanie, Seifert, Christin, Wiese, Lena.  2019.  The Best of Both Worlds: Challenges in Linking Provenance and Explainability in Distributed Machine Learning. 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS). :1620–1629.
Machine learning experts prefer to think of their input as a single, homogeneous, and consistent data set. However, when analyzing large volumes of data, the entire data set may not be manageable on a single server, but must be stored on a distributed file system instead. Moreover, with the pressing demand to deliver explainable models, the experts may no longer focus on the machine learning algorithms in isolation, but must take into account the distributed nature of the data stored, as well as the impact of any data pre-processing steps upstream in their data analysis pipeline. In this paper, we make the point that even basic transformations during data preparation can impact the model learned, and that this is exacerbated in a distributed setting. We then sketch our vision of end-to-end explainability of the model learned, taking the pre-processing into account. In particular, we point out the potentials of linking the contributions of research on data provenance with the efforts on explainability in machine learning. In doing so, we highlight pitfalls we may experience in a distributed system on the way to generating more holistic explanations for our machine learning models.
2020-02-26
Matin, Iik Muhamad Malik, Rahardjo, Budi.  2019.  Malware Detection Using Honeypot and Machine Learning. 2019 7th International Conference on Cyber and IT Service Management (CITSM). 7:1–4.

Malware is one of the threats to information security that continues to increase. In 2014 nearly six million new malware was recorded. The highest number of malware is in Trojan Horse malware while in Adware malware is the most significantly increased malware. Security system devices such as antivirus, firewall, and IDS signature-based are considered to fail to detect malware. This happens because of the very fast spread of computer malware and the increasing number of signatures. Besides signature-based security systems it is difficult to identify new methods, viruses or worms used by attackers. One other alternative in detecting malware is to use honeypot with machine learning. Honeypot can be used as a trap for packages that are suspected while machine learning can detect malware by classifying classes. Decision Tree and Support Vector Machine (SVM) are used as classification algorithms. In this paper, we propose architectural design as a solution to detect malware. We presented the architectural proposal and explained the experimental method to be used.

Al-issa, Abdulaziz I., Al-Akhras, Mousa, ALsahli, Mohammed S., Alawairdhi, Mohammed.  2019.  Using Machine Learning to Detect DoS Attacks in Wireless Sensor Networks. 2019 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology (JEEIT). :107–112.

Widespread use of Wireless Sensor Networks (WSNs) introduced many security threats due to the nature of such networks, particularly limited hardware resources and infrastructure less nature. Denial of Service attack is one of the most common types of attacks that face such type of networks. Building an Intrusion Detection and Prevention System to mitigate the effect of Denial of Service attack is not an easy task. This paper proposes the use of two machine learning techniques, namely decision trees and Support Vector Machines, to detect attack signature on a specialized dataset. The used dataset contains regular profiles and several Denial of Service attack scenarios in WSNs. The experimental results show that decision trees technique achieved better (higher) true positive rate and better (lower) false positive rate than Support Vector Machines, 99.86% vs 99.62%, and 0.05% vs. 0.09%, respectively.

2020-02-17
Murudkar, Chetana V., Gitlin, Richard D..  2019.  QoE-Driven Anomaly Detection in Self-Organizing Mobile Networks Using Machine Learning. 2019 Wireless Telecommunications Symposium (WTS). :1–5.
Current procedures for anomaly detection in self-organizing mobile communication networks use network-centric approaches to identify dysfunctional serving nodes. In this paper, a user-centric approach and a novel methodology for anomaly detection is proposed, where the Quality of Experience (QoE) metric is used to evaluate the end-user experience. The system model demonstrates how dysfunctional serving eNodeBs are successfully detected by implementing a parametric QoE model using machine learning for prediction of user QoE in a network scenario created by the ns-3 network simulator. This approach can play a vital role in the future ultra-dense and green mobile communication networks that are expected to be both self- organizing and self-healing.
2020-02-10
Li, Meng, Wu, Bin, Wang, Yaning.  2019.  Comment Spam Detection via Effective Features Combination. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1–6.

Comment spam is one of the great challenges faced by forum administrators. Detecting and blocking comment spam can relieve the load on servers, improve user experience and purify the network conditions. This paper focuses on the detection of comment spam. The behaviors of spammer and the content of spam were analyzed. According to analysis results, two types of effective features are extracted which can make a better description of spammer characteristics. Additionally, a gradient boosting tree algorithm was used to construct the comment spam detector based on the extracted features. Our proposed method is examined on a blog spam dataset which was published by previous research, and the result illustrates that our method performs better than the previous method on detection accuracy. Moreover, the CPU time is recorded to demonstrate that the time spent on both training and testing maintains a small value.

2020-01-28
Bernardi, Mario Luca, Cimitile, Marta, Martinelli, Fabio, Mercaldo, Francesco.  2019.  Keystroke Analysis for User Identification Using Deep Neural Networks. 2019 International Joint Conference on Neural Networks (IJCNN). :1–8.

The current authentication systems based on password and pin code are not enough to guarantee attacks from malicious users. For this reason, in the last years, several studies are proposed with the aim to identify the users basing on their typing dynamics. In this paper, we propose a deep neural network architecture aimed to discriminate between different users using a set of keystroke features. The idea behind the proposed method is to identify the users silently and continuously during their typing on a monitored system. To perform such user identification effectively, we propose a feature model able to capture the typing style that is specific to each given user. The proposed approach is evaluated on a large dataset derived by integrating two real-world datasets from existing studies. The merged dataset contains a total of 1530 different users each writing a set of different typing samples. Several deep neural networks, with an increasing number of hidden layers and two different sets of features, are tested with the aim to find the best configuration. The final best classifier scores a precision equal to 0.997, a recall equal to 0.99 and an accuracy equal to 99% using an MLP deep neural network with 9 hidden layers. Finally, the performances obtained by using the deep learning approach are also compared with the performance of traditional decision-trees machine learning algorithm, attesting the effectiveness of the deep learning-based classifiers in the domain of keystroke analysis.