Visible to the public Biblio

Found 135 results

Filters: Keyword is Clustering algorithms  [Clear All Filters]
Sivasankarareddy, V., Sundari, G..  2022.  Clustering-based routing protocol using FCM-RSOA and DNA cryptography algorithm for smart building. 2022 IEEE 2nd Mysore Sub Section International Conference (MysuruCon). :1—8.
The WSN nodes are arranged uniformly or randomly on the area of need for gathering the required data. The admin utilizes wireless broadband networks to connect to the Internet and acquire the required data from the base station (BS). However, these sensor nodes play a significant role in a variety of professional and industrial domains, but some of the concerns stop the growth of WSN, such as memory, transmission, battery power and processing power. The most significant issue with these restrictions is to increase the energy efficiency for WSN with rapid and trustworthy data transfer. In this designed model, the sensor nodes are clustered using the FCM (Fuzzy C-Means) clustering algorithm with the Reptile Search Optimization (RSO) for finding the centre of the cluster. The cluster head is determined by using African vulture optimization (AVO). For selecting the path of data transmission from the cluster head to the base station, the adaptive relay nodes are selected using the Fuzzy rule. These data from the base station are given to the server with a DNA cryptography encryption algorithm for secure data transmission. The performance of the designed model is evaluated with specific parameters such as average residual energy, throughput, end-to-end delay, information loss and execution time for a secure and energy-efficient routing protocol. These evaluated values for the proposed model are 0.91 %, 1.17Mbps, 1.76 ms, 0.14 % and 0.225 s respectively. Thus, the resultant values of the proposed model show that the designed clustering-based routing protocol using FCM-RSOA and DNA cryptography for smart building performs better compared to the existing techniques.
Xin, Wu, Shen, Qingni, Feng, Ke, Xia, Yutang, Wu, Zhonghai, Lin, Zhenghao.  2022.  Personalized User Profiles-based Insider Threat Detection for Distributed File System. 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1441—1446.
In recent years, data security incidents caused by insider threats in distributed file systems have attracted the attention of academia and industry. The most common way to detect insider threats is based on user profiles. Through analysis, we realize that based on existing user profiles are not efficient enough, and there are many false positives when a stable user profile has not yet been formed. In this work, we propose personalized user profiles and design an insider threat detection framework, which can intelligently detect insider threats for securing distributed file systems in real-time. To generate personalized user profiles, we come up with a time window-based clustering algorithm and a weighted kernel density estimation algorithm. Compared with non-personalized user profiles, both the Recall and Precision of insider threat detection based on personalized user profiles have been improved, resulting in their harmonic mean F1 increased to 96.52%. Meanwhile, to reduce the false positives of insider threat detection, we put forward operation recommendations based on user similarity to predict new operations that users will produce in the future, which can reduce the false positive rate (FPR). The FPR is reduced to 1.54% and the false positive identification rate (FPIR) is as high as 92.62%. Furthermore, to mitigate the risks caused by inaccurate authorization for users, we present user tags based on operation content and permission. The experimental results show that our proposed framework can detect insider threats more effectively and precisely, with lower FPR and high FPIR.
Han, Liquan, Xie, Yushan, Fan, Di, Liu, Jinyuan.  2022.  Improved differential privacy K-means clustering algorithm for privacy budget allocation. 2022 International Conference on Computer Engineering and Artificial Intelligence (ICCEAI). :221–225.
In the differential privacy clustering algorithm, the added random noise causes the clustering centroids to be shifted, which affects the usability of the clustering results. To address this problem, we design a differential privacy K-means clustering algorithm based on an adaptive allocation of privacy budget to the clustering effect: Adaptive Differential Privacy K-means (ADPK-means). The method is based on the evaluation results generated at the end of each iteration in the clustering algorithm. First, it dynamically evaluates the effect of the clustered sets at the end of each iteration by measuring the separation and tightness between the clustered sets. Then, the evaluation results are introduced into the process of privacy budget allocation by weighting the traditional privacy budget allocation. Finally, different privacy budgets are assigned to different sets of clusters in the iteration to achieve the purpose of adaptively adding perturbation noise to each set. In this paper, both theoretical and experimental results are analyzed, and the results show that the algorithm satisfies e-differential privacy and achieves better results in terms of the availability of clustering results for the three standard datasets.
Vogel, Michael, Schuster, Franka, Kopp, Fabian Malte, König, Hartmut.  2022.  Data Volume Reduction for Deep Packet Inspection by Multi-layer Application Determination. 2022 IEEE International Conference on Cyber Security and Resilience (CSR). :44–49.
Attack detection in enterprise networks is increasingly faced with large data volumes, in part high data bursts, and heavily fluctuating data flows that often cause arbitrary discarding of data packets in overload situations which can be used by attackers to hide attack activities. Attack detection systems usually configure a comprehensive set of signatures for known vulnerabilities in different operating systems, protocols, and applications. Many of these signatures, however, are not relevant in each context, since certain vulnerabilities have already been eliminated, or the vulnerable applications or operating system versions, respectively, are not installed on the involved systems. In this paper, we present an approach for clustering data flows to assign them to dedicated analysis units that contain only signature sets relevant for the analysis of these flows. We discuss the performance of this clustering and show how it can be used in practice to improve the efficiency of an analysis pipeline.
Joon, Ranjita, Tomar, Parul.  2022.  Cognitive Radio Wireless Sensor Networks: A Survey. 2022 Fifth International Conference on Computational Intelligence and Communication Technologies (CCICT). :216–222.
There has been a significant rise in the use of wireless sensor networks (WSNs) in the past few years. It is evident that WSNs operate in unlicensed spectrum bands [1]. But due to the increasing usage in unlicensed spectrum band this band is getting overcrowded. The recent development of cognitive radio technology [2, 3] has made possible the utilization of licensed spectrum band in an opportunistic manner. This paper studies an introduction to Cognitive Radio Technology, Cognitive Radio Wireless Sensor Networks, its Advantages & Challenges, Cognitive Radio Technology Applications and a comparative analysis of node clustering techniques in CWSN.
Khan, Rashid, Saxena, Neetesh, Rana, Omer, Gope, Prosanta.  2022.  ATVSA: Vehicle Driver Profiling for Situational Awareness. 2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). :348–357.

Increasing connectivity and automation in vehicles leads to a greater potential attack surface. Such vulnerabilities within vehicles can also be used for auto-theft, increasing the potential for attackers to disable anti-theft mechanisms implemented by vehicle manufacturers. We utilize patterns derived from Controller Area Network (CAN) bus traffic to verify driver “behavior”, as a basis to prevent vehicle theft. Our proposed model uses semi-supervised learning that continuously profiles a driver, using features extracted from CAN bus traffic. We have selected 15 key features and obtained an accuracy of 99% using a dataset comprising a total of 51 features across 10 different drivers. We use a number of data analysis algorithms, such as J48, Random Forest, JRip and clustering, using 94K records. Our results show that J48 is the best performing algorithm in terms of training and testing (1.95 seconds and 0.44 seconds recorded, respectively). We also analyze the effect of using a sliding window on algorithm performance, altering the size of the window to identify the impact on prediction accuracy.

G, Emayashri, R, Harini, V, Abirami S, M, Benedict Tephila.  2022.  Electricity-Theft Detection in Smart Grids Using Wireless Sensor Networks. 2022 8th International Conference on Advanced Computing and Communication Systems (ICACCS). 1:2033—2036.
Satisfying the growing demand for electricity is a huge challenge for electricity providers without a robust and good infrastructure. For effective electricity management, the infrastructure has to be strengthened from the generation stage to the transmission and distribution stages. In the current electrical infrastructure, the evolution of smart grids provides a significant solution to the problems that exist in the conventional system. Enhanced management visibility and better monitoring and control are achieved by the integration of wireless sensor network technology in communication systems. However, to implement these solutions in the existing grids, the infrastructural constraints impose a major challenge. Along with the choice of technology, it is also crucial to avoid exorbitant implementation costs. This paper presents a self-stabilizing hierarchical algorithm for the existing electrical network. Neighborhood Area Networks (NAN) and Home Area Networks (HAN) layers are used in the proposed architecture. The Home Node (HN), Simple Node (SN) and Cluster Head (CH) are the three types of nodes used in the model. Fraudulent users in the system are identified efficiently using the proposed model based on the observations made through simulation on OMNeT++ simulator.
Praveen Kumar, K., Sree Ranganayaki, V..  2022.  Energy Saving Using Privacy Data Secure Aggregation Algorithm. 2022 International Conference on Breakthrough in Heuristics And Reciprocation of Advanced Technologies (BHARAT). :99—102.
For the Internet of things (IoT) secure data aggregation issues, data privacy-preserving and limited computation ability and energy of nodes should be tradeoff. Based on analyzing the pros-and-cons of current works, a low energy- consuming secure data aggregation method (LCSDA) was proposed. This method uses shortest path principle to choose neighbor nodes and generates the data aggregation paths in the cluster based on prim minimum spanning tree algorithm. Simulation results show that this method could effectively cut down energy consumption and reduce the probability of cluster head node being captured, in the same time preserving data privacy.
Siriwardhana, Yushan, Porambage, Pawani, Liyanage, Madhusanka, Ylianttila, Mika.  2022.  Robust and Resilient Federated Learning for Securing Future Networks. 2022 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit). :351—356.
Machine Learning (ML) and Artificial Intelligence (AI) techniques are widely adopted in the telecommunication industry, especially to automate beyond 5G networks. Federated Learning (FL) recently emerged as a distributed ML approach that enables localized model training to keep data decentralized to ensure data privacy. In this paper, we identify the applicability of FL for securing future networks and its limitations due to the vulnerability to poisoning attacks. First, we investigate the shortcomings of state-of-the-art security algorithms for FL and perform an attack to circumvent FoolsGold algorithm, which is known as one of the most promising defense techniques currently available. The attack is launched with the addition of intelligent noise at the poisonous model updates. Then we propose a more sophisticated defense strategy, a threshold-based clustering mechanism to complement FoolsGold. Moreover, we provide a comprehensive analysis of the impact of the attack scenario and the performance of the defense mechanism.
Sravani, T., Suguna, M.Raja.  2022.  Comparative Analysis Of Crime Hotspot Detection And Prediction Using Convolutional Neural Network Over Support Vector Machine with Engineered Spatial Features Towards Increase in Classifier Accuracy. 2022 International Conference on Business Analytics for Technology and Security (ICBATS). :1—5.
The major aim of the study is to predict the type of crime that is going to happen based on the crime hotspot detected for the given crime data with engineered spatial features. crime dataset is filtered to have the following 2 crime categories: crime against society, crime against person. Crime hotspots are detected by using the Novel Hierarchical density based Spatial Clustering of Application with Noise (HDBSCAN) Algorithm with the number of clusters optimized using silhouette score. The sample data consists of 501 crime incidents. Future types of crime for the given location are predicted by using the Support Vector Machine (SVM) and Convolutional Neural Network (CNN) algorithms (N=5). The accuracy of crime prediction using Support Vector Machine classification algorithm is 94.01% and Convolutional Neural Network algorithm is 79.98% with the significance p-value of 0.033. The Support Vector Machine algorithm is significantly better in accuracy for prediction of type of crime than Convolutional Neural Network (CNN).
Rakin, Adnan Siraj, Chowdhuryy, Md Hafizul Islam, Yao, Fan, Fan, Deliang.  2022.  DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories. 2022 IEEE Symposium on Security and Privacy (SP). :1157–1174.
Recent advancements in Deep Neural Networks (DNNs) have enabled widespread deployment in multiple security-sensitive domains. The need for resource-intensive training and the use of valuable domain-specific training data have made these models the top intellectual property (IP) for model owners. One of the major threats to DNN privacy is model extraction attacks where adversaries attempt to steal sensitive information in DNN models. In this work, we propose an advanced model extraction framework DeepSteal that steals DNN weights remotely for the first time with the aid of a memory side-channel attack. Our proposed DeepSteal comprises two key stages. Firstly, we develop a new weight bit information extraction method, called HammerLeak, through adopting the rowhammer-based fault technique as the information leakage vector. HammerLeak leverages several novel system-level techniques tailored for DNN applications to enable fast and efficient weight stealing. Secondly, we propose a novel substitute model training algorithm with Mean Clustering weight penalty, which leverages the partial leaked bit information effectively and generates a substitute prototype of the target victim model. We evaluate the proposed model extraction framework on three popular image datasets (e.g., CIFAR-10/100/GTSRB) and four DNN architectures (e.g., ResNet-18/34/Wide-ResNetNGG-11). The extracted substitute model has successfully achieved more than 90% test accuracy on deep residual networks for the CIFAR-10 dataset. Moreover, our extracted substitute model could also generate effective adversarial input samples to fool the victim model. Notably, it achieves similar performance (i.e., 1-2% test accuracy under attack) as white-box adversarial input attack (e.g., PGD/Trades).
ISSN: 2375-1207
Choudhary, Swapna, Dorle, Sanjay.  2021.  Empirical investigation of VANET-based security models from a statistical perspective. 2021 International Conference on Computational Intelligence and Computing Applications (ICCICA). :1—8.
Vehicular ad-hoc networks (VANETs) are one of the most stochastic networks in terms of node movement patterns. Due to the high speed of vehicles, nodes form temporary clusters and shift between clusters rapidly, which limits the usable computational complexity for quality of service (QoS) and security enhancements. Hence, VANETs are one of the most insecure networks and are prone to various attacks like Masquerading, Distributed Denial of Service (DDoS) etc. Various algorithms have been proposed to safeguard VANETs against these attacks, which vary concerning security and QoS performance. These algorithms include linear rule-checking models, software-defined network (SDN) rules, blockchain-based models, etc. Due to such a wide variety of model availability, it becomes difficult for VANET designers to select the most optimum security framework for the network deployment. To reduce the complexity of this selection, the paper reviews statistically investigate a wide variety of modern VANET-based security models. These models are compared in terms of security, computational complexity, application and cost of deployment, etc. which will assist network designers to select the most optimum models for their application. Moreover, the paper also recommends various improvements that can be applied to the reviewed models, to further optimize their performance.
Zhang, Jiachao, Yu, Peiran, Qi, Le, Liu, Song, Zhang, Haiyu, Zhang, Jianzhong.  2021.  FLDDoS: DDoS Attack Detection Model based on Federated Learning. 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :635–642.
Recently, DDoS attack has developed rapidly and become one of the most important threats to the Internet. Traditional machine learning and deep learning methods can-not train a satisfactory model based on the data of a single client. Moreover, in the real scenes, there are a large number of devices used for traffic collection, these devices often do not want to share data between each other depending on the research and analysis value of the attack traffic, which limits the accuracy of the model. Therefore, to solve these problems, we design a DDoS attack detection model based on federated learning named FLDDoS, so that the local model can learn the data of each client without sharing the data. In addition, considering that the distribution of attack detection datasets is extremely imbalanced and the proportion of attack samples is very small, we propose a hierarchical aggregation algorithm based on K-Means and a data resampling method based on SMOTEENN. The result shows that our model improves the accuracy by 4% compared with the traditional method, and reduces the number of communication rounds by 40%.
Sreemol, R, Santosh Kumar, M B, Sreekumar, A.  2021.  Improvement of Security in Multi-Biometric Cryptosystem by Modulus Fuzzy Vault Algorithm. 2021 International Conference on Advances in Computing and Communications (ICACC). :1—7.
Numerous prevalent techniques build a Multi-Modal Biometric (MMB) system that struggles in offering security and also revocability onto the templates. This work proffered a MMB system centred on the Modulus Fuzzy Vault (MFV) aimed at resolving these issues. The methodology proposed includes Fingerprint (FP), Palmprint (PP), Ear and also Retina images. Utilizing the Boosted Double Plateau Histogram Equalization (BDPHE) technique, all images are improved. Aimed at removing the unnecessary things as of the ear and the blood vessels are segmented as of the retina images utilizing the Modified Balanced Iterative Reducing and Clustering using Hierarchy (MBIRCH) technique. Next, the input traits features are extracted; then the essential features are chosen as of the features extracted utilizing the Bidirectional Deer Hunting optimization Algorithm (BDHOA). The features chosen are merged utilizing the Normalized Feature Level and Score Level (NFLSL) fusion. The features fused are saved securely utilizing Modulus Fuzzy Vault. Upto fusion, the procedure is repeated aimed at the query image template. Next, the de-Fuzzy Vault procedure is executed aimed at the query template, and then the key is detached by matching the query template’s and input biometric template features. The key separated is analogized with the threshold that categorizes the user as genuine or else imposter. The proposed BDPHE and also MFV techniques function efficiently than the existent techniques.
Chen, Tong, Xiang, Yingxiao, Li, Yike, Tian, Yunzhe, Tong, Endong, Niu, Wenjia, Liu, Jiqiang, Li, Gang, Alfred Chen, Qi.  2021.  Protecting Reward Function of Reinforcement Learning via Minimal and Non-catastrophic Adversarial Trajectory. 2021 40th International Symposium on Reliable Distributed Systems (SRDS). :299—309.
Reward functions are critical hyperparameters with commercial values for individual or distributed reinforcement learning (RL), as slightly different reward functions result in significantly different performance. However, existing inverse reinforcement learning (IRL) methods can be utilized to approximate reward functions just based on collected expert trajectories through observing. Thus, in the real RL process, how to generate a polluted trajectory and perform an adversarial attack on IRL for protecting reward functions has become the key issue. Meanwhile, considering the actual RL cost, generated adversarial trajectories should be minimal and non-catastrophic for ensuring normal RL performance. In this work, we propose a novel approach to craft adversarial trajectories disguised as expert ones, for decreasing the IRL performance and realize the anti-IRL ability. Firstly, we design a reward clustering-based metric to integrate both advantages of fine- and coarse-grained IRL assessment, including expected value difference (EVD) and mean reward loss (MRL). Further, based on such metric, we explore an adversarial attack based on agglomerative nesting algorithm (AGNES) clustering and determine targeted states as starting states for reward perturbation. Then we employ the intrinsic fear model to predict the probability of imminent catastrophe, supporting to generate non-catastrophic adversarial trajectories. Extensive experiments of 7 state-of-the-art IRL algorithms are implemented on the Object World benchmark, demonstrating the capability of our proposed approach in (a) decreasing the IRL performance and (b) having minimal and non-catastrophic adversarial trajectories.
Mukeshimana, C., Kupriyanov, M. S..  2021.  Adaptive Neuro-fuzzy System (ANFIS) of Information Interaction in Industrial Internet of Things Networks Taking into Account Load Balancing. 2021 II International Conference on Neural Networks and Neurotechnologies (NeuroNT). :43—46.
The main aim of the Internet of things is to improve the safety of the device through inter-Device communication (IDC). Various applications are emerging in Internet of things. Various aspects of Internet of things differ from Internet of things, especially the nodes have more velocity which causes the topology to change rapidly. The requirement of researches in the concept of Internet of things increases rapidly because Internet of things face many challenges on the security, protocols and technology. Despite the fact that the problem of organizing the interaction of IIoT devices has already attracted a lot of attention from many researchers, current research on routing in IIoT cannot effectively solve the problem of data exchange in a self-adaptive and self-organized way, because the number of connected devices is quite large. In this article, an adaptive neuro-fuzzy clustering algorithm is presented for the uniform distribution of load between interacting nodes. We synthesized fuzzy logic and neural network to balance the choice of the optimal number of cluster heads and uniform load distribution between sensors. Comparison is made with other load balancing methods in such wireless sensor networks.
hong, Xue, zhifeng, Liao, yuan, Wang, ruidi, Xu, zhuoran, Xu.  2020.  Research on risk severity decision of cluster supply chain based on data flow fuzzy clustering. 2020 Chinese Control And Decision Conference (CCDC). :2810—2815.
Based on the analysis of cluster supply chain risk characteristics, starting from the analysis of technical risk dimensions, information risk dimensions, human risk dimensions, and capital risk dimensions, a cluster supply chain risk severity assessment index system is designed. The fuzzy C-means clustering algorithm based on data flow is used to cluster each supply chain, analyze the risk severity of the supply chain, and evaluate the decision of the supply chain risk severity level based on the cluster weights and cluster center range. Based on the analytic hierarchy process, the risk severity of the entire clustered supply chain is made an early warning decision, and the clustered supply chain risk severity early warning level is obtained. The results of simulation experiments verify the feasibility of the decision method for cluster supply chain risk severity, and improve the theoretical support for cluster supply chain risk severity prediction.
Perarasi, T., Vidhya, S., Moses M., Leeban, Ramya, P..  2020.  Malicious Vehicles Identifying and Trust Management Algorithm for Enhance the Security in 5G-VANET. 2020 Second International Conference on Inventive Research in Computing Applications (ICIRCA). :269—275.
In this fifth generation of vehicular communication, the security against various malicious attacks are achieved by using malicious vehicles identification and trust management (MAT) algorithm. Basically, the proposed MAT algorithm performs in two dimensions, they are (i) Node trust and (ii) information trust accompanied with a digital signature and hash chain concept. In node trust, the MAT algorithm introduces the special form of key exchanging algorithm to every members of public group key, and later the vehicles with same target location are formed into cluster. The public group key is common for each participant but everyone maintain their own private key to produce the secret key. The proposed MAT algorithm, convert the secrete key into some unique form that allows the CMs (cluster members) to decipher that secrete key by utilizing their own private key. This key exchanging algorithm is useful to prevent the various attacks, like impersonate attack, man in middle attack, etc. In information trust, the MAT algorithm assigns some special nodes (it has common distance from both vehicles) for monitoring the message forwarding activities as well as routing behavior at particular time. This scheme is useful to predict an exact intruder and after time out the special node has dropped all the information. The proposed MAT algorithm accurately evaluates the trustworthiness of each node as well as information to control different attacks and become efficient for improving a group lifetime, stability of cluster, and vehicles that are located on their target place at correct time.
Fuquan, Huang, Zhiwei, Liu, Jianyong, Zhou, Guoyi, Zhang, Likuan, Gong.  2021.  Vulnerability Analysis of High-Performance Transmission and Bearer Network of 5G Smart Grid Based on Complex Network. 2021 IEEE 9th International Conference on Information, Communication and Networks (ICICN). :292—297.
5G smart grid applications rely on its high-performance transmission and bearer network. With the help of complex network theory, this paper first analyzes the complex network characteristic parameters of 5G smart grid, and explains the necessity and supporting significance of network vulnerability analysis for efficient transmission of 5G network. Then the node importance analysis algorithm based on node degree and clustering coefficient (NIDCC) is proposed. According to the results of simulation analysis, the power network has smaller path length and higher clustering coefficient in terms of static parameters, which indicates that the speed and breadth of fault propagation are significantly higher than that of random network. It further shows the necessity of network vulnerability analysis. By comparing with the other two commonly used algorithms, we can see that NIDCC algorithm can more accurately estimate and analyze the weak links of the network. It is convenient to carry out the targeted transformation of the power grid and the prevention of blackout accidents.
Wang, Shilei, Wang, Hui, Yu, Hongtao, Zhang, Fuzhi.  2021.  Detecting shilling groups in recommender systems based on hierarchical topic model. 2021 IEEE International Conference on Artificial Intelligence and Computer Applications (ICAICA). :832—837.
In a group shilling attack, attackers work collaboratively to inject fake profiles aiming to obtain desired recommendation result. This type of attacks is more harmful to recommender systems than individual shilling attacks. Previous studies pay much attention to detect individual attackers, and little work has been done on the detection of shilling groups. In this work, we introduce a topic modeling method of natural language processing into shilling attack detection and propose a shilling group detection method on the basis of hierarchical topic model. First, we model the given dataset to a series of user rating documents and use the hierarchical topic model to learn the specific topic distributions of each user from these rating documents to describe user rating behaviors. Second, we divide candidate groups based on rating value and rating time which are not involved in the hierarchical topic model. Lastly, we calculate group suspicious degrees in accordance with several indicators calculated through the analysis of user rating distributions, and use the k-means clustering algorithm to distinguish shilling groups. The experimental results on the Netflix and Amazon datasets show that the proposed approach performs better than baseline methods.
Ayub, Md. Ahsan, Sirai, Ambareen.  2021.  Similarity Analysis of Ransomware based on Portable Executable (PE) File Metadata. 2021 IEEE Symposium Series on Computational Intelligence (SSCI). :1–6.
Threats, posed by ransomware, are rapidly increasing, and its cost on both national and global scales is becoming significantly high as evidenced by the recent events. Ransomware carries out an irreversible process, where it encrypts victims' digital assets to seek financial compensations. Adversaries utilize different means to gain initial access to the target machines, such as phishing emails, vulnerable public-facing software, Remote Desktop Protocol (RDP), brute-force attacks, and stolen accounts. To combat these threats of ransomware, this paper aims to help researchers gain a better understanding of ransomware application profiles through static analysis, where we identify a list of suspicious indicators and similarities among 727 active ran-somware samples. We start with generating portable executable (PE) metadata for all the studied samples. With our domain knowledge and exploratory data analysis tasks, we introduce some of the suspicious indicators of the structure of ransomware files. We reduce the dimensionality of the generated dataset by using the Principal Component Analysis (PCA) technique and discover clusters by applying the KMeans algorithm. This motivates us to utilize the one-class classification algorithms on the generated dataset. As a result, the algorithms learn the common data boundary in the structure of our studied ransomware samples, and thereby, we achieve the data-driven similarities. We use the findings to evaluate the trained classifiers with the test samples and observe that the Local Outlier Factor (LoF) performs better on all the selected feature spaces compared to the One-Class SVM and the Isolation Forest algorithms.
Ahuja, Bharti, Doriya, Rajesh.  2021.  An Unsupervised Learning Approach for Visual Data Compression with Chaotic Encryption. 2021 Fourth International Conference on Electrical, Computer and Communication Technologies (ICECCT). :1—4.
The increased demand of multimedia leads to shortage of network bandwidth and memory capacity. As a result, image compression is more significant for decreasing data redundancy, saving storage space and bandwidth. Along with the compression the next major challenge in this field is to safeguard the compressed data further from the spy which are commonly known as hackers. It is evident that the major increments in the fields like communication, wireless sensor network, data science, cloud computing and machine learning not only eases the operations of the related field but also increases the challenges as well. This paper proposes a worthy composition for image compression encryption based on unsupervised learning i.e. k-means clustering for compression with logistic chaotic map for encryption. The main advantage of the above combination is to address the problem of data storage and the security of the visual data as well. The algorithm reduces the size of the input image and also gives the larger key space for encryption. The validity of the algorithm is testified with the PSNR, MSE, SSIM and Correlation coefficient.
Fu, Chen, Rui, Yu, Wen-mao, Liu.  2021.  Internet of Things Attack Group Identification Model Combined with Spectral Clustering. 2021 IEEE 21st International Conference on Communication Technology (ICCT). :778–782.
In order to solve the problem that the ordinary intrusion detection model cannot effectively identify the increasingly complex, continuous, multi-source and organized network attacks, this paper proposes an Internet of Things attack group identification model to identify the planned and organized attack groups. The model takes the common attack source IP, target IP, time stamp and target port as the characteristics of the attack log data to establish the identification benchmark of the attack gang behavior. The model also combines the spectral clustering algorithm to cluster different attackers with similar attack behaviors, and carries out the specific image analysis of the attack gang. In this paper, an experimental detection was carried out based on real IoT honey pot attack log data. The spectral clustering was compared with Kmeans, DBSCAN and other clustering algorithms. The experimental results shows that the contour coefficient of spectral clustering was significantly higher than that of other clustering algorithms. The recognition model based on spectral clustering proposed in this paper has a better effect, which can effectively identify the attack groups and mine the attack preferences of the groups.
Elmalaki, Salma, Ho, Bo-Jhang, Alzantot, Moustafa, Shoukry, Yasser, Srivastava, Mani.  2019.  SpyCon: Adaptation Based Spyware in Human-in-the-Loop IoT. 2019 IEEE Security and Privacy Workshops (SPW). :163–168.
Personalized IoT adapt their behavior based on contextual information, such as user behavior and location. Unfortunately, the fact that personalized IoT adapt to user context opens a side-channel that leaks private information about the user. To that end, we start by studying the extent to which a malicious eavesdropper can monitor the actions taken by an IoT system and extract user's private information. In particular, we show two concrete instantiations (in the context of mobile phones and smart homes) of a new category of spyware which we refer to as Context-Aware Adaptation Based Spyware (SpyCon). Experimental evaluations show that the developed SpyCon can predict users' daily behavior with an accuracy of 90.3%. Being a new spyware with no known prior signature or behavior, traditional spyware detection that is based on code signature or system behavior are not adequate to detect SpyCon. We discuss possible detection and mitigation mechanisms that can hinder the effect of SpyCon.
Zhang, Xiaoyu, Fujiwara, Takanori, Chandrasegaran, Senthil, Brundage, Michael P., Sexton, Thurston, Dima, Alden, Ma, Kwan-Liu.  2021.  A Visual Analytics Approach for the Diagnosis of Heterogeneous and Multidimensional Machine Maintenance Data. 2021 IEEE 14th Pacific Visualization Symposium (PacificVis). :196–205.
Analysis of large, high-dimensional, and heterogeneous datasets is challenging as no one technique is suitable for visualizing and clustering such data in order to make sense of the underlying information. For instance, heterogeneous logs detailing machine repair and maintenance in an organization often need to be analyzed to diagnose errors and identify abnormal patterns, formalize root-cause analyses, and plan preventive maintenance. Such real-world datasets are also beset by issues such as inconsistent and/or missing entries. To conduct an effective diagnosis, it is important to extract and understand patterns from the data with support from analytic algorithms (e.g., finding that certain kinds of machine complaints occur more in the summer) while involving the human-in-the-loop. To address these challenges, we adopt existing techniques for dimensionality reduction (DR) and clustering of numerical, categorical, and text data dimensions, and introduce a visual analytics approach that uses multiple coordinated views to connect DR + clustering results across each kind of the data dimension stated. To help analysts label the clusters, each clustering view is supplemented with techniques and visualizations that contrast a cluster of interest with the rest of the dataset. Our approach assists analysts to make sense of machine maintenance logs and their errors. Then the gained insights help them carry out preventive maintenance. We illustrate and evaluate our approach through use cases and expert studies respectively, and discuss generalization of the approach to other heterogeneous data.