A Real-Time Sequential Deep Extreme Learning Machine Cybersecurity Intrusion Detection System

In recent years, cybersecurity has attracted significant interest due to the rapid growth of the Internet of Things (IoT) and the widespread development of computer infrastructure and systems. It is thus becoming particularly necessary to identify cyber-attacks or irregularities in the system and develop an efficient intrusion detection framework that is integral to security. Researchers have worked on developing intrusion detection models that depend on machine learning (ML) methods to address these security problems. An intelligent intrusion detection device powered by data can exploit artificial intelligence (AI), and especially ML, techniques. Accordingly, we propose in this article an intrusion detection model based on a Real-Time Sequential Deep Extreme Learning Machine Cybersecurity Intrusion Detection System (RTS-DELM-CSIDS) security model. The proposed model initially determines the rating of security aspects contributing to their significance and then develops a comprehensive intrusion detection framework focused on the essential characteristics. Furthermore, we investigated the feasibility of our proposed RTS-DELM-CSIDS framework by performing dataset evaluations and calculating accuracy parameters to validate. The experimental findings demonstrate that the RTS-DELM-CSIDS framework outperforms conventional algorithms. Furthermore, the proposed approach has not only research significance but also practical significance.     

A Fused Machine Learning Approach for Intrusion Detection System

The rapid growth in data generation and increased use of computer network devices has amplified the infrastructures of internet. The interconnectivity of networks has brought various complexities in maintaining network availability, consistency, and discretion. Machine learning based intrusion detection systems have become essential to monitor network traffic for malicious and illicit activities. An intrusion detection system controls the flow of network traffic with the help of computer systems. Various deep learning algorithms in intrusion detection systems have played a prominent role in identifying and analyzing intrusions in network traffic. For this purpose, when the network traffic encounters known or unknown intrusions in the network, a machine-learning framework is needed to identify and/or verify network intrusion. The Intrusion detection scheme empowered with a fused machine learning technique (IDS-FMLT) is proposed to detect intrusion in a heterogeneous network that consists of different source networks and to protect the network from malicious attacks. The proposed IDS-FMLT system model obtained 95.18% validation accuracy and a 4.82% miss rate in intrusion detection.     

Optimal Deep Reinforcement Learning for Intrusion Detection in UAVs

In recent years, progressive developments have been observed in recent technologies and the production cost has been continuously decreasing. In such scenario, Internet of Things (IoT) network which is comprised of a set of Unmanned Aerial Vehicles (UAV), has received more attention from civilian to military applications. But network security poses a serious challenge to UAV networks whereas the intrusion detection system (IDS) is found to be an effective process to secure the UAV networks. Classical IDSs are not adequate to handle the latest computer networks that possess maximum bandwidth and data traffic. In order to improve the detection performance and reduce the false alarms generated by IDS, several researchers have employed Machine Learning (ML) and Deep Learning (DL) algorithms to address the intrusion detection problem. In this view, the current research article presents a deep reinforcement learning technique, optimized by Black Widow Optimization (DRL-BWO) algorithm, for UAV networks. In addition, DRL involves an improved reinforcement learning-based Deep Belief Network (DBN) for intrusion detection. For parameter optimization of DRL technique, BWO algorithm is applied. It helps in improving the intrusion detection performance of UAV networks. An extensive set of experimental analysis was performed to highlight the supremacy of the proposed model. From the simulation values, it is evident that the proposed method is appropriate as it attained high precision, recall, F-measure, and accuracy values such as 0.985, 0.993, 0.988, and 0.989 respectively.     

Improving the Detection Rate of Rarely Appearing Intrusions in Network-Based Intrusion Detection Systems

In network-based intrusion detection practices, there are more regular instances than intrusion instances. Because there is always a statistical imbalance in the instances, it is difficult to train the intrusion detection system effectively. In this work, we compare intrusion detection performance by increasing the rarely appearing instances rather than by eliminating the frequently appearing duplicate instances. Our technique mitigates the statistical imbalance in these instances. We also carried out an experiment on the training model by increasing the instances, thereby increasing the attack instances step by step up to 13 levels. The experiments included not only known attacks, but also unknown new intrusions. The results are compared with the existing studies from the literature, and show an improvement in accuracy, sensitivity, and specificity over previous studies. The detection rates for the remote-to-user (R2L) and user-to-root (U2L) categories are improved significantly by adding fewer instances. The detection of many intrusions is increased from a very low to a very high detection rate. The detection of newer attacks that had not been used in training improved from 9% to 12%. This study has practical applications in network administration to protect from known and unknown attacks. If network administrators are running out of instances for some attacks, they can increase the number of instances with rarely appearing instances, thereby improving the detection of both known and unknown new attacks.     

An Intrusion Detection Algorithm Based on Feature Graph

With the development of Information technology and the popularization of Internet, whenever and wherever possible, people can connect to the Internet optionally. Meanwhile, the security of network traffic is threatened by various of online malicious behaviors. The aim of an intrusion detection system (IDS) is to detect the network behaviors which are diverse and malicious. Since a conventional firewall cannot detect most of the malicious behaviors, such as malicious network traffic or computer abuse, some advanced learning methods are introduced and integrated with intrusion detection approaches in order to improve the performance of detection approaches. However, there are very few related studies focusing on both the effective detection for attacks and the representation for malicious behaviors with graph. In this paper, a novel intrusion detection approach IDBFG (Intrusion Detection Based on Feature Graph) is proposed which first filters normal connections with grid partitions, and then records the patterns of various attacks with a novel graph structure, and the behaviors in accordance with the patterns in graph are detected as intrusion behaviors. The experimental results on KDD-Cup 99 dataset show that IDBFG performs better than SVM (Supprot Vector Machines) and Decision Tree which are trained and tested in original feature space in terms of detection rates, false alarm rates and run time.     

基于极限学习机的计量测量技术设计

极限学习机是一种针对单隐含层前馈神经网络的新算法,具有训练速度快,泛化性能高等优点。将其应用于软测量技术,避免了传统神经网络高计算复杂度的缺点,可以实现难以直接测量参数的快速获取,在计量测量技术领域有着广阔的应用前景。     

Enhanced Deep Autoencoder Based Feature Representation Learning for Intelligent Intrusion Detection System

In the era of Big data, learning discriminant feature representation from network traffic is identified has as an invariably essential task for improving the detection ability of an intrusion detection system (IDS). Owing to the lack of accurately labeled network traffic data, many unsupervised feature representation learning models have been proposed with state-of-the-art performance. Yet, these models fail to consider the classification error while learning the feature representation. Intuitively, the learnt feature representation may degrade the performance of the classification task. For the first time in the field of intrusion detection, this paper proposes an unsupervised IDS model leveraging the benefits of deep autoencoder (DAE) for learning the robust feature representation and one-class support vector machine (OCSVM) for finding the more compact decision hyperplane for intrusion detection. Specially, the proposed model defines a new unified objective function to minimize the reconstruction and classification error simultaneously. This unique contribution not only enables the model to support joint learning for feature representation and classifier training but also guides to learn the robust feature representation which can improve the discrimination ability of the classifier for intrusion detection. Three set of evaluation experiments are conducted to demonstrate the potential of the proposed model. First, the ablation evaluation on benchmark dataset, NSL-KDD validates the design decision of the proposed model. Next, the performance evaluation on recent intrusion dataset, UNSW-NB15 signifies the stable performance of the proposed model. Finally, the comparative evaluation verifies the efficacy of the proposed model against recently published state-of-the-art methods.     

Towards Improving the Intrusion Detection through ELM (Extreme Learning Machine)

An IDS (intrusion detection system) provides a foremost front line mechanism to guard networks, systems, data, and information. That’s why intrusion detection has grown as an active study area and provides significant contribution to cyber-security techniques. Multiple techniques have been in use but major concern in their implementation is variation in their detection performance. The performance of IDS lies in the accurate detection of attacks, and this accuracy can be raised by improving the recognition rate and significant reduction in the false alarms rate. To overcome this problem many researchers have used different machine learning techniques. These techniques have limitations and do not efficiently perform on huge and complex data about systems and networks. This work focused on ELM (Extreme Learning Machine) technique due to its good capabilities in classification problems and dealing with huge data. The ELM has different activation functions, but the problem is to find out which function is more suitable and performs well in IDS. This work investigates this problem. Here, Well-known activation functions like: sine, sigmoid and radial basis are explored, investigated and applied to measure their performance on the GA (Genetic Algorithm) features subset and with full features set. The NSL-KDD dataset is used as a benchmark. The empirical results are analyzed, addressed and compared among different activation functions of the ELM. The results show that the radial basis and sine functions perform better on GA feature set than the full feature set while the performance of the sigmoid function is almost equal on both features sets. So, the proposal of GA based feature selection reduced 21 features out of 41 that brought up to 98% accuracy and enhanced overall efficiency of extreme learning machine in intrusion detection.     

基于交叉验证SVM的网络入侵检测

针对传统入侵检测系统漏报率和误报率高的问题,将支持向量机(SVM)应用于入侵检测中,提出了在SVM学习过程中引入交叉验证的方法,采用径向基函数(RBF)作为核,将训练集分成若干子集,每一子集使用其它子集训练得到的分类器进行测试,获得RBF的两个最佳参数后,将其应用于最终的分类器.实验结果表明,该方法能够有效检测入侵攻击,具有更高的检测率和更强的泛化能力,同时具有较低的误报率和漏报率,可以有效地运用于入侵检测系统中.     

Enabling Smart Cities with Cognition Based Intelligent Route Decision in Vehicles Empowered with Deep Extreme Learning Machine

The fast-paced growth of artificial intelligence provides unparalleled opportunities to improve the efficiency of various industries, including the transportation sector. The worldwide transport departments face many obstacles following the implementation and integration of different vehicle features. One of these tasks is to ensure that vehicles are autonomous, intelligent and able to grow their repository of information. Machine learning has recently been implemented in wireless networks, as a major artificial intelligence branch, to solve historically challenging problems through a data-driven approach. In this article, we discuss recent progress of applying machine learning into vehicle networks for intelligent route decision and try to focus on this emerging field. Deep Extreme Learning Machine (DELM) framework is introduced in this article to be incorporated in vehicles so they can take human-like assessments. The present GPS compatibility issues make it difficult for vehicles to take real-time decisions under certain conditions. It leads to the concept of vehicle controller making self-decisions. The proposed DELM based system for self-intelligent vehicle decision makes use of the cognitive memory to store route observations. This overcomes inadequacy of the current in-vehicle route-finding technology and its support. All the relevant route-related information for the ride will be provided to the user based on its availability. Using the DELM method, a high degree of precision in smart decision taking with a minimal error rate is obtained. During investigation, it has been observed that proposed framework has the highest accuracy rate with 70% of training (1435 samples) and 30% of validation (612 samples). Simulation results validate the intelligent prediction of the proposed method with 98.88%, 98.2% accuracy during training and validation respectively.     

XA-GANomaly: An Explainable Adaptive Semi-Supervised Learning Method for Intrusion Detection Using GANomaly

Intrusion detection involves identifying unauthorized network activity and recognizing whether the data constitute an abnormal network transmission. Recent research has focused on using semi-supervised learning mechanisms to identify abnormal network traffic to deal with labeled and unlabeled data in the industry. However, real-time training and classifying network traffic pose challenges, as they can lead to the degradation of the overall dataset and difficulties preventing attacks. Additionally, existing semi-supervised learning research might need to analyze the experimental results comprehensively. This paper proposes XA-GANomaly, a novel technique for explainable adaptive semi-supervised learning using GANomaly, an image anomalous detection model that dynamically trains small subsets to these issues. First, this research introduces a deep neural network (DNN)-based GANomaly for semi-supervised learning. Second, this paper presents the proposed adaptive algorithm for the DNN-based GANomaly, which is validated with four subsets of the adaptive dataset. Finally, this study demonstrates a monitoring system that incorporates three explainable techniques—Shapley additive explanations, reconstruction error visualization, and t-distributed stochastic neighbor embedding—to respond effectively to attacks on traffic data at each feature engineering stage, semi-supervised learning, and adaptive learning. Compared to other single-class classification techniques, the proposed DNN-based GANomaly achieves higher scores for Network Security Laboratory-Knowledge Discovery in Databases and UNSW-NB15 datasets at 13% and 8% of F1 scores and 4.17% and 11.51% for accuracy, respectively. Furthermore, experiments of the proposed adaptive learning reveal mostly improved results over the initial values. An analysis and monitoring system based on the combination of the three explainable methodologies is also described. Thus, the proposed method has the potential advantages to be applied in practical industry, and future research will explore handling unbalanced real-time datasets in various scenarios.     

Early Detection of Diabetic Retinopathy Using Machine Intelligence through Deep Transfer and Representational Learning

Diabetic retinopathy (DR) is a retinal disease that causes irreversible blindness. DR occurs due to the high blood sugar level of the patient, and it is clumsy to be detected at an early stage as no early symptoms appear at the initial level. To prevent blindness, early detection and regular treatment are needed. Automated detection based on machine intelligence may assist the ophthalmologist in examining the patients’ condition more accurately and efficiently. The purpose of this study is to produce an automated screening system for recognition and grading of diabetic retinopathy using machine learning through deep transfer and representational learning. The artificial intelligence technique used is transfer learning on the deep neural network, Inception-v4. Two configuration variants of transfer learning are applied on Inception-v4: Fine-tune mode and fixed feature extractor mode. Both configuration modes have achieved decent accuracy values, but the fine-tuning method outperforms the fixed feature extractor configuration mode. Fine-tune configuration mode has gained 96.6% accuracy in early detection of DR and 97.7% accuracy in grading the disease and has outperformed the state of the art methods in the relevant literature.     

Quasi-Phase Equilibrium Prediction of Multi-Element Alloys Based on Machine Learning and Deep Learning

In this study, a phase field model is established to simulate the microstructure formation during the solidification of dendrites by taking the Al-Cu-Mg ternary alloy as an example, and machine learning and deep learning methods are combined with the Kim-Kim-Suzuki (KKS) phase field model to predict the quasi-phase equilibrium. The paper first uses the least squares method to obtain the required data and then applies eight machine learning methods and five deep learning methods to train the quasi-phase equilibrium prediction models. After obtaining different models, this paper compares the reliability of the established models by using the test data and uses two evaluation criteria to analyze the performance of these models. This work find that the performance of the established deep learning models is generally better than that of the machine learning models, and the Multilayer Perceptron (MLP) based quasi-phase equilibrium prediction model achieves the best performance. Meanwhile the Convolutional Neural Network (CNN) based model also achieves competitive results. The experimental results show that the model proposed in this paper can predict the quasi-phase equilibrium of the KKS phase-field model accurately, which proves that it is feasible to combine machine learning and deep learning methods with phase-field model simulation.     

BotSward: Centrality Measures for Graph-Based Bot Detection Using Machine Learning

The number of botnet malware attacks on Internet devices has grown at an equivalent rate to the number of Internet devices that are connected to the Internet. Bot detection using machine learning (ML) with flow-based features has been extensively studied in the literature. Existing flow-based detection methods involve significant computational overhead that does not completely capture network communication patterns that might reveal other features of malicious hosts. Recently, Graph-Based Bot Detection methods using ML have gained attention to overcome these limitations, as graphs provide a real representation of network communications. The purpose of this study is to build a botnet malware detection system utilizing centrality measures for graph-based botnet detection and ML. We propose BotSward, a graph-based bot detection system that is based on ML. We apply the efficient centrality measures, which are Closeness Centrality (CC), Degree Centrality (CC), and PageRank (PR), and compare them with others used in the state-of-the-art. The efficiency of the proposed method is verified on the available Czech Technical University 13 dataset (CTU-13). The CTU-13 dataset contains 13 real botnet traffic scenarios that are connected to a command-and-control (C&C) channel and that cause malicious actions such as phishing, distributed denial-of-service (DDoS) attacks, spam attacks, etc. BotSward is robust to zero-day attacks, suitable for large-scale datasets, and is intended to produce better accuracy than state-of-the-art techniques. The proposed BotSward solution achieved 99% accuracy in botnet attack detection with a false positive rate as low as 0.0001%.     

基于深度学习的包装组件检测系统研究

目的 针对人工分拣组成的零件包装盒常常会出现缺少部分零件的问题,开发一套集训练、识别、分选于一体的智能分拣系统.方法 在设计过程中,提出一种基于深度学习的改进Yolov3算法,针对工业现场光照、业零件形状和质地等实际因素,对Yolo算法的训练和检测进行改进,通过对包装盒产品的一次拍摄,检测出画面中出现的预设物体,并与标准设置相比对,从而判断出该盒内产品是否有缺料、多料的情况,以此分选出合格与否的包装盒.结果 在物体摆放相互重叠不超过20％的情况下,物体检测的准确率为98.2％,召回率为99.5％.结论 通过文中提出的改进算法,设计的检测系统能够在复杂的工业现场环境下正常工作,并能对包装的完整性进行准确的检测.     

基于流形正则化的批量分层编码极限学习机

针对极限学习机在处理高维数据时存在内存能耗大、分类准确率低、泛化性差等问题,提出了一种批量分层编码极限学习机算法。首先通过对数据集分批处理,以减小数据维度,降低输入复杂性;然后采用多层自动编码器结构对各批次数据进行无监督编码,以实现深层特征提取;最后利用流形正则化思想构建含有继承因子的流形分类器,以保持数据的完整性,提高算法的泛化性能。实验结果表明,该方法实现简单,在NORB,MNIST和USPS数据集上的分类准确率分别可以达到92.16%、99.35%和98.86%,与其它极限学习机算法对比,在降低计算复杂度和减少CPU内存消耗上具有较明显的优势。     

Automated Deep Learning Based Melanoma Detection and Classification Using Biomedical Dermoscopic Images

Melanoma remains a serious illness which is a common form of skin cancer. Since the earlier detection of melanoma reduces the mortality rate, it is essential to design reliable and automated disease diagnosis model using dermoscopic images. The recent advances in deep learning (DL) models find useful to examine the medical image and make proper decisions. In this study, an automated deep learning based melanoma detection and classification (ADL-MDC) model is presented. The goal of the ADL-MDC technique is to examine the dermoscopic images to determine the existence of melanoma. The ADL-MDC technique performs contrast enhancement and data augmentation at the initial stage. Besides, the k-means clustering technique is applied for the image segmentation process. In addition, Adagrad optimizer based Capsule Network (CapsNet) model is derived for effective feature extraction process. Lastly, crow search optimization (CSO) algorithm with sparse autoencoder (SAE) model is utilized for the melanoma classification process. The exploitation of the Adagrad and CSO algorithm helps to properly accomplish improved performance. A wide range of simulation analyses is carried out on benchmark datasets and the results are inspected under several aspects. The simulation results reported the enhanced performance of the ADL-MDC technique over the recent approaches.     

Deep Learning and Machine Learning for Early Detection of Stroke and Haemorrhage

Stroke and cerebral haemorrhage are the second leading causes of death in the world after ischaemic heart disease. In this work, a dataset containing medical, physiological and environmental tests for stroke was used to evaluate the efficacy of machine learning, deep learning and a hybrid technique between deep learning and machine learning on the Magnetic Resonance Imaging (MRI) dataset for cerebral haemorrhage. In the first dataset (medical records), two features, namely, diabetes and obesity, were created on the basis of the values of the corresponding features. The t-Distributed Stochastic Neighbour Embedding algorithm was applied to represent the high-dimensional dataset in a low-dimensional data space. Meanwhile,the Recursive Feature Elimination algorithm (RFE) was applied to rank the features according to priority and their correlation to the target feature and to remove the unimportant features. The features are fed into the various classification algorithms, namely, Support Vector Machine (SVM), K Nearest Neighbours (KNN), Decision Tree, Random Forest, and Multilayer Perceptron. All algorithms achieved superior results. The Random Forest algorithm achieved the best performance amongst the algorithms; it reached an overall accuracy of 99%. This algorithm classified stroke cases with Precision, Recall and F1 score of 98%, 100% and 99%, respectively. In the second dataset, the MRI image dataset was evaluated by using the AlexNet model and AlexNet + SVM hybrid technique. The hybrid model AlexNet + SVM performed is better than the AlexNet model; it reached accuracy, sensitivity, specificity and Area Under the Curve (AUC) of 99.9%, 100%, 99.80% and 99.86%, respectively.     

Deep Learning-Based Hybrid Intelligent Intrusion Detection System

Machine learning (ML) algorithms are often used to design effective intrusion detection (ID) systems for appropriate mitigation and effective detection of malicious cyber threats at the host and network levels. However, cybersecurity attacks are still increasing. An ID system can play a vital role in detecting such threats. Existing ID systems are unable to detect malicious threats, primarily because they adopt approaches that are based on traditional ML techniques, which are less concerned with the accurate classification and feature selection. Thus, developing an accurate and intelligent ID system is a priority. The main objective of this study was to develop a hybrid intelligent intrusion detection system (HIIDS) to learn crucial features representation efficiently and automatically from massive unlabeled raw network traffic data. Many ID datasets are publicly available to the cybersecurity research community. As such, we used a spark MLlib (machine learning library)-based robust classifier, such as logistic regression (LR), extreme gradient boosting (XGB) was used for anomaly detection, and a state-of-the-art DL, such as a long short-term memory autoencoder (LSTMAE) for misuse attack was used to develop an efficient and HIIDS to detect and classify unpredictable attacks. Our approach utilized LSTM to detect temporal features and an AE to more efficiently detect global features. Therefore, to evaluate the efficacy of our proposed approach, experiments were conducted on a publicly existing dataset, the contemporary real-life ISCX-UNB dataset. The simulation results demonstrate that our proposed spark MLlib and LSTMAE-based HIIDS significantly outperformed existing ID approaches, achieving a high accuracy rate of up to 97.52% for the ISCX-UNB dataset respectively 10-fold cross-validation test. It is quite promising to use our proposed HIIDS in real-world circumstances on a large-scale.     

Intelligent Forecasting Model of COVID-19 Novel Coronavirus Outbreak Empowered with Deep Extreme Learning Machine

An epidemic is a quick and widespread disease that threatens many lives and damages the economy. The epidemic lifetime should be accurate so that timely and remedial steps are determined. These include the closing of borders schools, suspension of community and commuting services. The forecast of an outbreak effectively is a very necessary but difficult task. A predictive model that provides the best possible forecast is a great challenge for machine learning with only a few samples of training available. This work proposes and examines a prediction model based on a deep extreme learning machine (DELM). This methodology is used to carry out an experiment based on the recent Wuhan coronavirus outbreak. An optimized prediction model that has been developed, namely DELM, is demonstrated to be able to make a prediction that is fairly best. The results show that the new methodology is useful in developing an appropriate forecast when the samples are far from abundant during the critical period of the disease.During the investigation, it is shown that the proposed approach has the highest accuracy rate of 97.59% with 70% of training, 30% of test and validation. Simulation results validate the prediction effectiveness of the proposed scheme.