Visible to the public Biblio

Found 126 results

Filters: Keyword is Classification algorithms  [Clear All Filters]
2022-01-10
Ngo, Quoc-Dung, Nguyen, Huy-Trung, Nguyen, Viet-Dung, Dinh, Cong-Minh, Phung, Anh-Tu, Bui, Quy-Tung.  2021.  Adversarial Attack and Defense on Graph-based IoT Botnet Detection Approach. 2021 International Conference on Electrical, Communication, and Computer Engineering (ICECCE). :1–6.
To reduce the risk of botnet malware, methods of detecting botnet malware using machine learning have received enormous attention in recent years. Most of the traditional methods are based on supervised learning that relies on static features with defined labels. However, recent studies show that supervised machine learning-based IoT malware botnet models are more vulnerable to intentional attacks, known as an adversarial attack. In this paper, we study the adversarial attack on PSI-graph based researches. To perform the efficient attack, we proposed a reinforcement learning based method with a trained target classifier to modify the structures of PSI-graphs. We show that PSI-graphs are vulnerable to such attack. We also discuss about defense method which uses adversarial training to train a defensive model. Experiment result achieves 94.1% accuracy on the adversarial dataset; thus, shows that our defensive model is much more robust than the previous target classifier.
Radhakrishnan, Sangeetha, Akila, A..  2021.  Securing Distributed Database Using Elongated RSA Algorithm. 2021 7th International Conference on Advanced Computing and Communication Systems (ICACCS). 1:1931–1936.
Securing data, management of the authorised access of the user and maintaining the privacy of the data are some of the problems relating with the stored data in the database. The security of the data stored is considered as the major concern which is to be managed in a very serious manner as the users are sensitive about their shared data. The user's data can be protected by the process of cryptography which is considered as the conventional method. Advanced Encryption Standard (AES), Data Encryption Standard(DES), Two Fish, Rivest Shamir Adleman Algorithm (RSA), Attribute Based Encryption (ABE), Blowfish algorithms are considered as some of the cryptographic algorithms. These algorithms are classified into symmetric and asymmetric algorithms. Same key is used for the encryption and decoding technique in symmetric key cryptographic algorithm whereas two keys are used for the asymmetric ones. In this paper, the implementation of one of the asymmetric algorithm RSA with the educational dataset is done. To secure the distributed database, the extended version of the RSA algorithm is implemented as the proposed work.
2021-11-29
Hu, Shengze, He, Chunhui, Ge, Bin, Liu, Fang.  2020.  Enhanced Word Embedding Method in Text Classification. 2020 6th International Conference on Big Data and Information Analytics (BigDIA). :18–22.
For the task of natural language processing (NLP), Word embedding technology has a certain impact on the accuracy of deep neural network algorithms. Considering that the current word embedding method cannot realize the coexistence of words and phrases in the same vector space. Therefore, we propose an enhanced word embedding (EWE) method. Before completing the word embedding, this method introduces a unique sentence reorganization technology to rewrite all the sentences in the original training corpus. Then, all the original corpus and the reorganized corpus are merged together as the training corpus of the distributed word embedding model, so as to realize the coexistence problem of words and phrases in the same vector space. We carried out experiment to demonstrate the effectiveness of the EWE algorithm on three classic benchmark datasets. The results show that the EWE method can significantly improve the classification performance of the CNN model.
2021-11-08
Ma, Zhongrui, Yuanyuan, Huang, Lu, Jiazhong.  2020.  Trojan Traffic Detection Based on Machine Learning. 2020 17th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP). :157–160.
At present, most Trojan detection methods are based on the features of host and code. Such methods have certain limitations and lag. This paper analyzes the network behavior features and network traffic of several typical Trojans such as Zeus and Weasel, and proposes a Trojan traffic detection algorithm based on machine learning. First, model different machine learning algorithms and use Random Forest algorithm to extract features for Trojan behavior and communication features. Then identify and detect Trojans' traffic. The accuracy is as high as 95.1%. Comparing the detection of different machine learning algorithms, experiments show that our algorithm has higher accuracy, which is helpful and useful for identifying Trojan.
2021-10-12
Radhakrishnan, C., Karthick, K., Asokan, R..  2020.  Ensemble Learning Based Network Anomaly Detection Using Clustered Generalization of the Features. 2020 2nd International Conference on Advances in Computing, Communication Control and Networking (ICACCCN). :157–162.
Due to the extraordinary volume of business information, classy cyber-attacks pointing the networks of all enterprise have become more casual, with intruders trying to pierce vast into and grasp broader from the compromised network machines. The vital security essential is that field experts and the network administrators have a common terminology to share the attempt of intruders to invoke the system and to rapidly assist each other retort to all kind of threats. Given the enormous huge system traffic, traditional Machine Learning (ML) algorithms will provide ineffective predictions of the network anomaly. Thereby, a hybridized multi-model system can improve the accuracy of detecting the intrusion in the networks. In this manner, this article presents a novel approach Clustered Generalization oriented Ensemble Learning Model (CGELM) for predicting the network anomaly. The performance metrics of the anticipated approach are Detection Rate (DR) and False Predictive Rate (FPR) for the two heterogeneous data sets namely NSL-KDD and UGR'16. The proposed method provides 98.93% accuracy for DR and 0.14% of FPR against Decision Stump AdaBoost and Stacking Ensemble methods.
2021-09-30
Pamukov, Marin, Poulkov, Vladimir, Shterev, Vasil.  2020.  NSNN Algorithm Performance with Different Neural Network Architectures. 2020 43rd International Conference on Telecommunications and Signal Processing (TSP). :280–284.
Internet of Things (IoT) development and the addition of billions of computationally limited devices prohibit the use of classical security measures such as Intrusion Detection Systems (IDS). In this paper, we study the influence of the implementation of different feed-forward type of Neural Networks (NNs) on the detection Rate of the Negative Selection Neural Network (NSNN) algorithm. Feed-forward and cascade forward NN structures with different number of neurons and different number of hidden layers are tested. For training and testing the NSNN algorithm the labeled KDD NSL dataset is applied. The detection rates provided by the algorithm with several NN structures to determine the optimal solution are calculated and compared. The results show how these different feed-forward based NN architectures impact the performance of the NSNN algorithm.
2021-09-21
Ghanem, Sahar M., Aldeen, Donia Naief Saad.  2020.  AltCC: Alternating Clustering and Classification for Batch Analysis of Malware Behavior. 2020 International Symposium on Networks, Computers and Communications (ISNCC). :1–6.
The most common goal of malware analysis is to determine if a given binary is malware or benign. Another objective is similarity analysis of malware binaries to understand how new samples differ from known ones. Similarity analysis helps to analyze the malware with respect to those already analyzed and guides the discovery of novel aspects that should be analyzed more in depth. In this work, we are concerned with similarities and differences detection of malware binaries. Thousands of malware are created every day and machine learning is an indispensable tool for its analysis. Previous work has studied clustering and classification as competing paradigms. However, in this work, a malware similarity analysis technique (AltCC) is proposed that alternates the use of clustering and classification. In addition it assumes the malware are not available all at once but processed in batches. Initially, clustering is applied to the first batch to group similar binaries into novel malware classes. Then, the discovered classes are used to train a classifier. For the following batches, the classifier is used to decide if a new binary classifies to a known class or otherwise unclassified. The unclassified binaries are clustered and the process repeats. Malware clustering (i.e. labeling) may entail further human expert analysis but dramatically reduces the effort. The effectiveness of AltCC is studied using a dataset of 29,661 malware binaries that represent malware received in six consecutive days/batches. When KMeans is used to label the dataset all at once and its labeling is compared to AltCC's, the adjusted-rand-index scores 0.71.
Zhe, Wang, Wei, Cheng, Chunlin, Li.  2020.  DoS attack detection model of smart grid based on machine learning method. 2020 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS). :735–738.
In recent years, smart grid has gradually become the common development trend of the world's power industry, and its security issues are increasingly valued by researchers. Smart grids have applied technologies such as physical control, data encryption, and authentication to improve their security, but there is still a lack of timely and effective detection methods to prevent the grid from being threatened by malicious intrusions. Aiming at this problem, a model based on machine learning to detect smart grid DoS attacks has been proposed. The model first collects network data, secondly selects features and uses PCA for data dimensionality reduction, and finally uses SVM algorithm for abnormality detection. By testing the SVM, Decision Tree and Naive Bayesian Network classification algorithms on the KDD99 dataset, it is found that the SVM model works best.
Dalal, Kushal Rashmikant.  2020.  Analysing the Role of Supervised and Unsupervised Machine Learning in IoT. 2020 International Conference on Electronics and Sustainable Communication Systems (ICESC). :75–79.
To harness the value of data generated from IoT, there is a crucial requirement of new mechanisms. Machine learning (ML) is among the most suitable paradigms of computation which embeds strong intelligence within IoT devices. Various ML techniques are being widely utilised for improving network security in IoT. These techniques include reinforcement learning, semi-supervised learning, supervised learning, and unsupervised learning. This report aims to critically analyse the role played by supervised and unsupervised ML for the enhancement of IoT security.
2021-09-08
Ali, Jehad, Roh, Byeong-hee, Lee, Byungkyu, Oh, Jimyung, Adil, Muhammad.  2020.  A Machine Learning Framework for Prevention of Software-Defined Networking Controller from DDoS Attacks and Dimensionality Reduction of Big Data. 2020 International Conference on Information and Communication Technology Convergence (ICTC). :515–519.
The controller is an indispensable entity in software-defined networking (SDN), as it maintains a global view of the underlying network. However, if the controller fails to respond to the network due to a distributed denial of service (DDoS) attacks. Then, the attacker takes charge of the whole network via launching a spoof controller and can also modify the flow tables. Hence, faster, and accurate detection of DDoS attacks against the controller will make the SDN reliable and secure. Moreover, the Internet traffic is drastically increasing due to unprecedented growth of connected devices. Consequently, the processing of large number of requests cause a performance bottleneck regarding SDN controller. In this paper, we propose a hierarchical control plane SDN architecture for multi-domain communication that uses a statistical method called principal component analysis (PCA) to reduce the dimensionality of the big data traffic and the support vector machine (SVM) classifier is employed to detect a DDoS attack. SVM has high accuracy and less false positive rate while the PCA filters attribute drastically. Consequently, the performance of classification and accuracy is improved while the false positive rate is reduced.
2021-09-07
Shi, Jiayu, Wu, Bin.  2020.  Detection of DDoS Based on Gray Level Co-Occurrence Matrix Theory and Deep Learning. 2020 5th International Conference on Mechanical, Control and Computer Engineering (ICMCCE). :1615–1618.
There have been researches on Distributed Denial of Service (DDoS) attack detection based on deep learning, but most of them use the feature data processed by data mining for feature learning and classification. Based on the original data flow, this paper combines the method of Gray Level Co-occurrence Matrix (GLCM), which not only retains the original data but also can further extract the potential relationship between the original data. The original data matrix and the reconstructed matrix were taken as the input of the model, and the Convolutional Neural Network(CNN) was used for feature learning. Finally, the classifier model was trained for detection. The experimental part is divided into two parts: comparing the detection effect of different data processing methods and different deep learning algorithms; the effectiveness and objectivity of the proposed method are verified by comparing the detection effect of the deep learning algorithm with that of the statistical analysis feature algorithm.
Priya, S.Shanmuga, Sivaram, M., Yuvaraj, D., Jayanthiladevi, A..  2020.  Machine Learning Based DDOS Detection. 2020 International Conference on Emerging Smart Computing and Informatics (ESCI). :234–237.
One of a high relentless attack is the crucial distributed DoS attacks. The types and tools for this attacks increases day-to-day as per the technology increases. So the methodology for detection of DDoS should be advanced. For this purpose we created an automated DDoS detector using ML which can run on any commodity hardware. The results are 98.5 % accurate. We use three classification algorithms KNN, RF and NB to classify DDoS packets from normal packets using two features, delta time and packet size. This detector mostly can detect all types of DDoS such as ICMP flood, TCP flood, UDP flood etc. In the older systems they detect only some types of DDoS attacks and some systems may require a large number of features to detect DDoS. Some systems may work only with certain protocols only. But our proposed model overcome these drawbacks by detecting the DDoS of any type without a need of specific protocol that uses less amount of features.
2021-08-31
Hu, Dongfang, Xu, Bin, Wang, Jun, Han, Linfeng, Liu, Jiayi.  2020.  A Shilling Attack Model Based on TextCNN. 2020 IEEE 3rd International Conference on Automation, Electronics and Electrical Engineering (AUTEEE). :282–289.
With the development of the Internet, the amount of information on the Internet is increasing rapidly, which makes it difficult for people to select the information they really want. A recommendation system is an effective way to solve this problem. Fake users can be injected by criminals to attack the recommendation system; therefore, accurate identification of fake users is a necessary feature of the recommendation system. Existing fake user detection algorithms focus on designing recognition methods for different types of attacks and have limited detection capabilities against unknown or hybrid attacks. The use of deep learning models can automate the extraction of false user scoring features, but neural network models are not applicable to discrete user scoring data. In this paper, random walking is used to rearrange the otherwise discrete user rating data into a rating feature matrix with spatial continuity. The rating data and the text data have some similarity in the distribution mode. By effective analogy, the TextCNN model originally used in NLP domain can be improved and applied to the classification task of rating feature matrix. Combining the ideas of random walking and word vector processing, this paper proposes a TextCNN detection model for user rating data. To verify the validity of the proposed model, the model is tested on MoiveLens dataset against 7 different attack detection algorithms, and exhibits better performance when compared with 4 attack detection algorithms. Especially for the Aop attack, the proposed model has nearly 100% detection performance with F1 - value as the evaluation index.
2021-08-17
Zhang, Yu-Yan, Chen, Xing-Xing, Zhang, Xu.  2020.  PCHA: A Fast Packet Classification Algorithm For IPv6 Based On Hash And AVL Tree. 2020 IEEE 13th International Conference on Cloud Computing (CLOUD). :397–404.
As the core infrastructure of cloud data operation, exchange and storage, data centerneeds to ensure its security and reliability, which are the important prerequisites for the development of cloud computing. Due to various illegal accesses, attacks, viruses and other security threats, it is necessary to protect the boundary of cloud data center through security gateway. Since the traffic growing up to gigabyte level, the secure gateway must ensure high transmission efficiency and different network services to support the cloud services. In addition, data center is gradually evolving from IPv4 to IPv6 due to excessive consumption of IP addresses. Packet classification algorithm, which can divide packets into different specific streams, is very important for QoS, real-time data stream application and firewall. Therefore, it is necessary to design a high performance IPv6 packet classification algorithm suitable for security gateway.AsIPv6 has a128-bitIP address and a different packet structure compared with IPv4, the traditional IPv4 packet classification algorithm is not suitable properly for IPv6 situations. This paper proposes a fast packet classification algorithm for IPv6 - PCHA (packet classification based on hash andAdelson-Velsky-Landis Tree). It adopts the three flow classification fields of source IPaddress(SA), destination IPaddress(DA) and flow label(FL) in the IPv6 packet defined by RFC3697 to implement fast three-tuple matching of IPv6 packet. It is through hash matching of variable length IPv6 address and tree matching of shorter flow label. Analysis and testing show that the algorithm has a time complexity close to O(1) in the acceptable range of space complexity, which meets the requirements of fast classification of IPv6 packetsand can adapt well to the changes in the size of rule sets, supporting fast preprocessing of rule sets. Our algorithm supports the storage of 500,000 3-tuple rules on the gateway device and can maintain 75% of the performance of throughput for small packets of 78 bytes.
2021-08-02
Pedramnia, Kiyana, Shojaei, Shayan.  2020.  Detection of False Data Injection Attack in Smart Grid Using Decomposed Nearest Neighbor Techniques. 2020 10th Smart Grid Conference (SGC). :1—6.
Smart grid communication system deeply rely on information technologies which makes it vulnerable to variable cyber-attacks. Among possible attacks, False Data Injection (FDI) Attack has created a severe threat to smart grid control system. Attackers can manipulate smart grid measurements such as collected data of phasor measurement units (PMU) by implementing FDI attacks. Detection of FDI attacks with a simple and effective approach, makes the system more reliable and prevents network outages. In this paper we propose a Decomposed Nearest Neighbor algorithm to detect FDI attacks. This algorithm improves traditional k-Nearest Neighbor by using metric learning. Also it learns the local-optima free distance metric by solving a convex optimization problem which makes it more accurate in decision making. We test the proposed method on PMU dataset and compare the results with other beneficial machine learning algorithms for FDI attack detection. Results demonstrate the effectiveness of the proposed approach.
2021-06-30
Zhao, Yi, Jia, Xian, An, Dou, Yang, Qingyu.  2020.  LSTM-Based False Data Injection Attack Detection in Smart Grids. 2020 35th Youth Academic Annual Conference of Chinese Association of Automation (YAC). :638—644.
As a typical cyber-physical system, smart grid has attracted growing attention due to the safe and efficient operation. The false data injection attack against energy management system is a new type of cyber-physical attack, which can bypass the bad data detector of the smart grid to influence the results of state estimation directly, causing the energy management system making wrong estimation and thus affects the stable operation of power grid. We transform the false data injection attack detection problem into binary classification problem in this paper, which use the long-term and short-term memory network (LSTM) to construct the detection model. After that, we use the BP algorithm to update neural network parameters and utilize the dropout method to alleviate the overfitting problem and to improve the detection accuracy. Simulation results prove that the LSTM-based detection method can achieve higher detection accuracy comparing with the BPNN-based approach.
Lu, Xiao, Jing, Jiangping, Wu, Yi.  2020.  False Data Injection Attack Location Detection Based on Classification Method in Smart Grid. 2020 2nd International Conference on Artificial Intelligence and Advanced Manufacture (AIAM). :133—136.
The state estimation technology is utilized to estimate the grid state based on the data of the meter and grid topology structure. The false data injection attack (FDIA) is an information attack method to disturb the security of the power system based on the meter measurement. Current FDIA detection researches pay attention on detecting its presence. The location information of FDIA is also important for power system security. In this paper, locating the FDIA of the meter is regarded as a multi-label classification problem. Each label represents the state of the corresponding meter. The ensemble model, the multi-label decision tree algorithm, is utilized as the classifier to detect the exact location of the FDIA. This method does not need the information of the power topology and statistical knowledge assumption. The numerical experiments based on the IEEE-14 bus system validates the performance of the proposed method.
2021-06-01
Jing, Si-Yuan, Yang, Jun.  2020.  Efficient attribute reduction based on rough sets and differential evolution algorithm. 2020 16th International Conference on Computational Intelligence and Security (CIS). :217–222.
Attribute reduction algorithms in rough set theory can be classified into two groups, i.e. heuristics algorithms and computational intelligence algorithms. The former has good search efficiency but it can not find the global optimal reduction. Conversely, the latter is possible to find global optimal reduction but usually suffers from premature convergence. To address this problem, this paper proposes a two-stage algorithm for finding high quality reduction. In first stage, a classical differential evolution algorithm is employed to rapidly approach the optimal solution. When the premature convergence is detected, a local search algorithm which is intuitively a forward-backward heuristics is launched to improve the quality of the reduction. Experiments were performed on six UCI data sets and the results show that the proposed algorithm can outperform the existing computational intelligence algorithms.
2021-05-26
Zhengbo, Chen, Xiu, Liu, Yafei, Xing, Miao, Hu, Xiaoming, Ju.  2020.  Markov Encrypted Data Prefetching Model Based On Attribute Classification. 2020 5th International Conference on Computer and Communication Systems (ICCCS). :54—59.

In order to improve the buffering performance of the data encrypted by CP-ABE (ciphertext policy attribute based encryption), this paper proposed a Markov prefetching model based on attribute classification. The prefetching model combines the access strategy of CP-ABE encrypted file, establishes the user relationship network according to the attribute value of the user, classifies the user by the modularity-based community partitioning algorithm, and establishes a Markov prefetching model based on attribute classification. In comparison with the traditional Markov prefetching model and the classification-based Markov prefetching model, the attribute-based Markov prefetching model is proposed in this paper has higher prefetch accuracy and coverage.

2021-05-25
Hopkins, Stephen, Kalaimannan, Ezhil, John, Caroline Sangeetha.  2020.  Cyber Resilience using State Estimation Updates Based on Cyber Attack Matrix Classification. 2020 IEEE Kansas Power and Energy Conference (KPEC). :1—6.
Cyber-physical systems (CPS) maintain operation, reliability, and safety performance using state estimation and control methods. Internet connectivity and Internet of Things (IoT) devices are integrated with CPS, such as in smart grids. This integration of Operational Technology (OT) and Information Technology (IT) brings with it challenges for state estimation and exposure to cyber-threats. This research establishes a state estimation baseline, details the integration of IT, evaluates the vulnerabilities, and develops an approach for detecting and responding to cyber-attack data injections. Where other approaches focus on integration of IT cyber-controls, this research focuses on development of classification tools using data currently available in state estimation methods to quantitatively determine the presence of cyber-attack data. The tools may increase computational requirements but provide methods which can be integrated with existing state estimation methods and provide for future research in state estimation based cyber-attack incident response. A robust cyber-resilient CPS includes the ability to detect and classify a cyber-attack, determine the true system state, and respond to the cyber-attack. The purpose of this paper is to establish a means for a cyber aware state estimator given the existence of sub-erroneous outlier detection, cyber-attack data weighting, cyber-attack data classification, and state estimation cyber detection.
Chao, Henry, Stark, Benjamin, Samarah, Mohammad.  2019.  Analysis of Learning Modalities Towards Effective Undergraduate Cybersecurity Education Design. 2019 IEEE International Conference on Engineering, Technology and Education (TALE). :1—6.
Cybersecurity education is a critical component of today's computer science and IT curriculum. To provide for a highly effective cybersecurity education, we propose using machine-learning techniques to identify common learning modalities of cybersecurity students in order to optimize how cybersecurity core topics, threats, tools and techniques are taught. We test various hypothesis, e.g. that students of selected VARK learning styles will outperform their peers. The results indicate that for the class assignments in our study preference of read/write and kinesthetic modalities yielded the best results. This further indicates that specific learning instruments can be tailored for students based on their individual VARK learning styles.
2021-05-13
Wu, Xiaohe, Calderon, Juan, Obeng, Morrison.  2021.  Attribution Based Approach for Adversarial Example Generation. SoutheastCon 2021. :1–6.
Neural networks with deep architectures have been used to construct state-of-the-art classifiers that can match human level accuracy in areas such as image classification. However, many of these classifiers can be fooled by examples slightly modified from their original forms. In this work, we propose a novel approach for generating adversarial examples that makes use of only attribution information of the features and perturbs only features that are highly influential to the output of the classifier. We call this approach Attribution Based Adversarial Generation (ABAG). To demonstrate the effectiveness of this approach, three somewhat arbitrary algorithms are proposed and examined. In the first algorithm all non-zero attributions are utilized and associated features perturbed; in the second algorithm only the top-n most positive and top-n most negative attributions are used and corresponding features perturbed; and in the third algorithm the level of perturbation is increased in an iterative manner until an adversarial example is discovered. All of the three algorithms are implemented and experiments are performed on the well-known MNIST dataset. Experiment results show that adversarial examples can be generated very efficiently, and thus prove the validity and efficacy of ABAG - utilizing attributions for the generation of adversarial examples. Furthermore, as shown by examples, ABAG can be adapted to provides a systematic searching approach to generate adversarial examples by perturbing a minimum amount of features.
2021-04-08
Zhang, T., Zhao, P..  2010.  Insider Threat Identification System Model Based on Rough Set Dimensionality Reduction. 2010 Second World Congress on Software Engineering. 2:111—114.
Insider threat makes great damage to the security of information system, traditional security methods are extremely difficult to work. Insider attack identification plays an important role in insider threat detection. Monitoring user's abnormal behavior is an effective method to detect impersonation, this method is applied to insider threat identification, to built user's behavior attribute information database based on weights changeable feedback tree augmented Bayes network, but data is massive, using the dimensionality reduction based on rough set, to establish the process information model of user's behavior attribute. Using the minimum risk Bayes decision can effectively identify the real identity of the user when user's behavior departs from the characteristic model.
Bouzar-Benlabiod, L., Rubin, S. H., Belaidi, K., Haddar, N. E..  2020.  RNN-VED for Reducing False Positive Alerts in Host-based Anomaly Detection Systems. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :17–24.
Host-based Intrusion Detection Systems HIDS are often based on anomaly detection. Several studies deal with anomaly detection by analyzing the system-call traces and get good detection rates but also a high rate off alse positives. In this paper, we propose a new anomaly detection approach applied on the system-call traces. The normal behavior learning is done using a Sequence to sequence model based on a Variational Encoder-Decoder (VED) architecture that integrates Recurrent Neural Networks (RNN) cells. We exploit the semantics behind the invoking order of system-calls that are then seen as sentences. A preprocessing phase is added to structure and optimize the model input-data representation. After the learning step, a one-class classification is run to categorize the sequences as normal or abnormal. The architecture may be used for predicting abnormal behaviors. The tests are achieved on the ADFA-LD dataset.
2021-03-29
Al-Janabi, S. I. Ali, Al-Janabi, S. T. Faraj, Al-Khateeb, B..  2020.  Image Classification using Convolution Neural Network Based Hash Encoding and Particle Swarm Optimization. 2020 International Conference on Data Analytics for Business and Industry: Way Towards a Sustainable Economy (ICDABI). :1–5.
Image Retrieval (IR) has become one of the main problems facing computer society recently. To increase computing similarities between images, hashing approaches have become the focus of many programmers. Indeed, in the past few years, Deep Learning (DL) has been considered as a backbone for image analysis using Convolutional Neural Networks (CNNs). This paper aims to design and implement a high-performance image classifier that can be used in several applications such as intelligent vehicles, face recognition, marketing, and many others. This work considers experimentation to find the sequential model's best configuration for classifying images. The best performance has been obtained from two layers' architecture; the first layer consists of 128 nodes, and the second layer is composed of 32 nodes, where the accuracy reached up to 0.9012. The proposed classifier has been achieved using CNN and the data extracted from the CIFAR-10 dataset by the inception model, which are called the Transfer Values (TRVs). Indeed, the Particle Swarm Optimization (PSO) algorithm is used to reduce the TRVs. In this respect, the work focus is to reduce the TRVs to obtain high-performance image classifier models. Indeed, the PSO algorithm has been enhanced by using the crossover technique from genetic algorithms. This led to a reduction of the complexity of models in terms of the number of parameters used and the execution time.