Deep Learning-Based Hybrid Intelligent Intrusion Detection System

Machine learning (ML) algorithms are often used to design effective intrusion detection (ID) systems for appropriate mitigation and effective detection of malicious cyber threats at the host and network levels. However, cybersecurity attacks are still increasing. An ID system can play a vital role in detecting such threats. Existing ID systems are unable to detect malicious threats, primarily because they adopt approaches that are based on traditional ML techniques, which are less concerned with the accurate classification and feature selection. Thus, developing an accurate and intelligent ID system is a priority. The main objective of this study was to develop a hybrid intelligent intrusion detection system (HIIDS) to learn crucial features representation efficiently and automatically from massive unlabeled raw network traffic data. Many ID datasets are publicly available to the cybersecurity research community. As such, we used a spark MLlib (machine learning library)-based robust classifier, such as logistic regression (LR), extreme gradient boosting (XGB) was used for anomaly detection, and a state-of-the-art DL, such as a long short-term memory autoencoder (LSTMAE) for misuse attack was used to develop an efficient and HIIDS to detect and classify unpredictable attacks. Our approach utilized LSTM to detect temporal features and an AE to more efficiently detect global features. Therefore, to evaluate the efficacy of our proposed approach, experiments were conducted on a publicly existing dataset, the contemporary real-life ISCX-UNB dataset. The simulation results demonstrate that our proposed spark MLlib and LSTMAE-based HIIDS significantly outperformed existing ID approaches, achieving a high accuracy rate of up to 97.52% for the ISCX-UNB dataset respectively 10-fold cross-validation test. It is quite promising to use our proposed HIIDS in real-world circumstances on a large-scale.     

Visualization for Explanation of Deep Learning-Based Defect Detection Model Using Class Activation Map

Recently, convolutional neural network (CNN)-based visual inspection has been developed to detect defects on building surfaces automatically. The CNN model demonstrates remarkable accuracy in image data analysis; however, the predicted results have uncertainty in providing accurate information to users because of the “black box” problem in the deep learning model. Therefore, this study proposes a visual explanation method to overcome the uncertainty limitation of CNN-based defect identification. The visual representative gradient-weights class activation mapping (Grad-CAM) method is adopted to provide visually explainable information. A visualizing evaluation index is proposed to quantitatively analyze visual representations; this index reflects a rough estimate of the concordance rate between the visualized heat map and intended defects. In addition, an ablation study, adopting three-branch combinations with the VGG16, is implemented to identify performance variations by visualizing predicted results. Experiments reveal that the proposed model, combined with hybrid pooling, batch normalization, and multi-attention modules, achieves the best performance with an accuracy of 97.77%, corresponding to an improvement of 2.49% compared with the baseline model. Consequently, this study demonstrates that reliable results from an automatic defect classification model can be provided to an inspector through the visual representation of the predicted results using CNN models.     

Identification of Anomaly Scenes in Videos Using Graph Neural Networks

Generally, conventional methods for anomaly detection rely on clustering, proximity, or classification. With the massive growth in surveillance videos, outliers or anomalies find ingenious ways to obscure themselves in the network and make conventional techniques inefficient. This research explores the structure of Graph neural networks (GNNs) that generalize deep learning frameworks to graph-structured data. Every node in the graph structure is labeled and anomalies, represented by unlabeled nodes, are predicted by performing random walks on the node-based graph structures. Due to their strong learning abilities, GNNs gained popularity in various domains such as natural language processing, social network analytics and healthcare. Anomaly detection is a challenging task in computer vision but the proposed algorithm using GNNs efficiently performs the identification of anomalies. The Graph-based deep learning networks are designed to predict unknown objects and outliers. In our case, they detect unusual objects in the form of malicious nodes. The edges between nodes represent a relationship of nodes among each other. In case of anomaly, such as the bike rider in Pedestrians data, the rider node has a negative value for the edge and it is identified as an anomaly. The encoding and decoding layers are crucial for determining how statistical measurements affect anomaly identification and for correcting the graph path to the best possible outcome. Results show that the proposed framework is a step ahead of the traditional approaches in detecting unusual activities, which shows a huge potential in automatically monitoring surveillance videos. Performing autonomous monitoring of CCTV, crime control and damage or destruction by a group of people or crowd can be identified and alarms may be triggered in unusual activities in streets or public places. The suggested GNN model improves accuracy by 4% for the Pedestrian 2 dataset and 12% for the Pedestrian 1 dataset compared to a few state-of-the-art techniques.     

Deep Learning-Based Approach for Arabic Visual Speech Recognition

Lip-reading technologies are rapidly progressing following the breakthrough of deep learning. It plays a vital role in its many applications, such as: human-machine communication practices or security applications. In this paper, we propose to develop an effective lip-reading recognition model for Arabic visual speech recognition by implementing deep learning algorithms. The Arabic visual datasets that have been collected contains 2400 records of Arabic digits and 960 records of Arabic phrases from 24 native speakers. The primary purpose is to provide a high-performance model in terms of enhancing the preprocessing phase. Firstly, we extract keyframes from our dataset. Secondly, we produce a Concatenated Frame Images (CFIs) that represent the utterance sequence in one single image. Finally, the VGG-19 is employed for visual features extraction in our proposed model. We have examined different keyframes: 10, 15, and 20 for comparing two types of approaches in the proposed model: (1) the VGG-19 base model and (2) VGG-19 base model with batch normalization. The results show that the second approach achieves greater accuracy: 94% for digit recognition, 97% for phrase recognition, and 93% for digits and phrases recognition in the test dataset. Therefore, our proposed model is superior to models based on CFIs input.     

Event-Based Anomaly Detection for Non-Public Industrial Communication Protocols in SDN-Based Control Systems

As the main communication mediums in industrial control networks, industrial communication protocols are always vulnerable to extreme exploitations, and it is very difficult to take protective measures due to their serious privacy. Based on the SDN (Software Defined Network) technology, this paper proposes a novel event-based anomaly detection approach to identify misbehaviors using non-public industrial communication protocols, and this approach can be installed in SDN switches as a security software appliance in SDN-based control systems. Furthermore, aiming at the unknown protocol specification and message format, this approach first restructures the industrial communication sessions and merges the payloads from industrial communication packets. After that, the feature selection and event sequence extraction can be carried out by using the N-gram model and K-means algorithm. Based on the obtained event sequences, this approach finally trains an event-based HMM (Hidden Markov Model) to identify aberrant industrial communication behaviors. Experimental results clearly show that the proposed approach has obvious advantages of classification accuracy and detection efficiency.     

Using Object Detection Network for Malware Detection and Identification in Network Traffic Packets

In recent years, the number of exposed vulnerabilities has grown rapidly and more and more attacks occurred to intrude on the target computers using these vulnerabilities such as different malware. Malware detection has attracted more attention and still faces severe challenges. As malware detection based traditional machine learning relies on exports’ experience to design efficient features to distinguish different malware, it causes bottleneck on feature engineer and is also time-consuming to find efficient features. Due to its promising ability in automatically proposing and selecting significant features, deep learning has gradually become a research hotspot. In this paper, aiming to detect the malicious payload and identify their categories with high accuracy, we proposed a packet-based malicious payload detection and identification algorithm based on object detection deep learning network. A dataset of malicious payload on code execution vulnerability has been constructed under the Metasploit framework and used to evaluate the performance of the proposed malware detection and identification algorithm. The experimental results demonstrated that the proposed object detection network can efficiently find and identify malicious payloads with high accuracy.     

Anomaly Detection for Internet of Things Cyberattacks

The Internet of Things (IoT) has been deployed in diverse critical sectors with the aim of improving quality of service and facilitating human lives. The IoT revolution has redefined digital services in different domains by improving efficiency, productivity, and cost-effectiveness. Many service providers have adapted IoT systems or plan to integrate them as integral parts of their systems’ operation; however, IoT security issues remain a significant challenge. To minimize the risk of cyberattacks on IoT networks, anomaly detection based on machine learning can be an effective security solution to overcome a wide range of IoT cyberattacks. Although various detection techniques have been proposed in the literature, existing detection methods address limited cyberattacks and utilize outdated datasets for evaluations. In this paper, we propose an intelligent, effective, and lightweight detection approach to detect several IoT attacks. Our proposed model includes a collaborative feature selection method that selects the best distinctive features and eliminates unnecessary features to build an effective and efficient detection model. In the detection phase, we also proposed an ensemble of learning techniques to improve classification for predicting several different types of IoT attacks. The experimental results show that our proposed method can effectively and efficiently predict several IoT attacks with a higher accuracy rate of 99.984%, a precision rate of 99.982%, a recall rate of 99.984%, and an F1-score of 99.983%.     

基于深度学习的包装组件检测系统研究

目的 针对人工分拣组成的零件包装盒常常会出现缺少部分零件的问题,开发一套集训练、识别、分选于一体的智能分拣系统.方法 在设计过程中,提出一种基于深度学习的改进Yolov3算法,针对工业现场光照、业零件形状和质地等实际因素,对Yolo算法的训练和检测进行改进,通过对包装盒产品的一次拍摄,检测出画面中出现的预设物体,并与标准设置相比对,从而判断出该盒内产品是否有缺料、多料的情况,以此分选出合格与否的包装盒.结果 在物体摆放相互重叠不超过20％的情况下,物体检测的准确率为98.2％,召回率为99.5％.结论 通过文中提出的改进算法,设计的检测系统能够在复杂的工业现场环境下正常工作,并能对包装的完整性进行准确的检测.     

Unsupervised Anomaly Detection via DBSCAN for KPIs Jitters in Network Managements

For many Internet companies, a huge amount of KPIs (e.g., server CPU usage, network usage, business monitoring data) will be generated every day. How to closely monitor various KPIs, and then quickly and accurately detect anomalies in such huge data for troubleshooting and recovering business is a great challenge, especially for unlabeled data. The generated KPIs can be detected by supervised learning with labeled data, but the current problem is that most KPIs are unlabeled. That is a time-consuming and laborious work to label anomaly for company engineers. Build an unsupervised model to detect unlabeled data is an urgent need at present. In this paper, unsupervised learning DBSCAN combined with feature extraction of data has been used, and for some KPIs, its best F-Score can reach about 0.9, which is quite good for solving the current problem.     

Optimal Deep Reinforcement Learning for Intrusion Detection in UAVs

In recent years, progressive developments have been observed in recent technologies and the production cost has been continuously decreasing. In such scenario, Internet of Things (IoT) network which is comprised of a set of Unmanned Aerial Vehicles (UAV), has received more attention from civilian to military applications. But network security poses a serious challenge to UAV networks whereas the intrusion detection system (IDS) is found to be an effective process to secure the UAV networks. Classical IDSs are not adequate to handle the latest computer networks that possess maximum bandwidth and data traffic. In order to improve the detection performance and reduce the false alarms generated by IDS, several researchers have employed Machine Learning (ML) and Deep Learning (DL) algorithms to address the intrusion detection problem. In this view, the current research article presents a deep reinforcement learning technique, optimized by Black Widow Optimization (DRL-BWO) algorithm, for UAV networks. In addition, DRL involves an improved reinforcement learning-based Deep Belief Network (DBN) for intrusion detection. For parameter optimization of DRL technique, BWO algorithm is applied. It helps in improving the intrusion detection performance of UAV networks. An extensive set of experimental analysis was performed to highlight the supremacy of the proposed model. From the simulation values, it is evident that the proposed method is appropriate as it attained high precision, recall, F-measure, and accuracy values such as 0.985, 0.993, 0.988, and 0.989 respectively.     

基于逻辑回归模型的流量异常检测方法研究

网络流量作为异常检测的基本数据源,其行为特征的准确描述,是网络异常行为实时检测的重要依据.本文针对流量异常检测问题,提出了一种基于逻辑回归模型的网络流量异常检测方法.通过分析源IP、目的 IP等多个网络流量基本特征,构造了网络异常行为和正常行为的训练机,并且在此基础上采用逻辑回归建立起网络异常流量挖掘模型.利用实验室所采集的真实网络流量对所构建的模型进行检测,以验证该模型的有效性.实验结果表明本文所建立的网络模型在异常流量挖掘方面准确度高、实时性好.     

Hyperparameter Tuned Deep Learning Enabled Cyberbullying Classification in Social Media

Cyberbullying (CB) is a challenging issue in social media and it becomes important to effectively identify the occurrence of CB. The recently developed deep learning (DL) models pave the way to design CB classifier models with maximum performance. At the same time, optimal hyperparameter tuning process plays a vital role to enhance overall results. This study introduces a Teacher Learning Genetic Optimization with Deep Learning Enabled Cyberbullying Classification (TLGODL-CBC) model in Social Media. The proposed TLGODL-CBC model intends to identify the existence and non-existence of CB in social media context. Initially, the input data is cleaned and pre-processed to make it compatible for further processing. Followed by, independent recurrent autoencoder (IRAE) model is utilized for the recognition and classification of CBs. Finally, the TLGO algorithm is used to optimally adjust the parameters related to the IRAE model and shows the novelty of the work. To assuring the improved outcomes of the TLGODL-CBC approach, a wide range of simulations are executed and the outcomes are investigated under several aspects. The simulation outcomes make sure the improvements of the TLGODL-CBC model over recent approaches.     

Deep Learning Based Optimal Multimodal Fusion Framework for Intrusion Detection Systems for Healthcare Data

Data fusion is a multidisciplinary research area that involves different domains. It is used to attain minimum detection error probability and maximum reliability with the help of data retrieved from multiple healthcare sources. The generation of huge quantity of data from medical devices resulted in the formation of big data during which data fusion techniques become essential. Securing medical data is a crucial issue of exponentially-pacing computing world and can be achieved by Intrusion Detection Systems (IDS). In this regard, since singular-modality is not adequate to attain high detection rate, there is a need exists to merge diverse techniques using decision-based multimodal fusion process. In this view, this research article presents a new multimodal fusion-based IDS to secure the healthcare data using Spark. The proposed model involves decision-based fusion model which has different processes such as initialization, pre-processing, Feature Selection (FS) and multimodal classification for effective detection of intrusions. In FS process, a chaotic Butterfly Optimization (BO) algorithm called CBOA is introduced. Though the classic BO algorithm offers effective exploration, it fails in achieving faster convergence. In order to overcome this, i.e., to improve the convergence rate, this research work modifies the required parameters of BO algorithm using chaos theory. Finally, to detect intrusions, multimodal classifier is applied by incorporating three Deep Learning (DL)-based classification models. Besides, the concepts like Hadoop MapReduce and Spark were also utilized in this study to achieve faster computation of big data in parallel computation platform. To validate the outcome of the presented model, a series of experimentations was performed using the benchmark NSLKDDCup99 Dataset repository. The proposed model demonstrated its effective results on the applied dataset by offering the maximum accuracy of 99.21%, precision of 98.93% and detection rate of 99.59%. The results assured the betterment of the proposed model.     

Automated Patient Discomfort Detection Using Deep Learning

The Internet of Things (IoT) has been transformed almost all fields of life, but its impact on the healthcare sector has been notable. Various IoT-based sensors are used in the healthcare sector and offer quality and safe care to patients. This work presents a deep learning-based automated patient discomfort detection system in which patients’ discomfort is non-invasively detected. To do this, the overhead view patients’ data set has been recorded. For testing and evaluation purposes, we investigate the power of deep learning by choosing a Convolution Neural Network (CNN) based model. The model uses confidence maps and detects 18 different key points at various locations of the body of the patient. Applying association rules and part affinity fields, the detected key points are later converted into six main body organs. Furthermore, the distance of subsequent key points is measured using coordinates information. Finally, distance and the time-based threshold are used for the classification of movements associated with discomfort or normal conditions. The accuracy of the proposed system is assessed on various test sequences. The experimental outcomes reveal the worth of the proposed system’ by obtaining a True Positive Rate of 98% with a 2% False Positive Rate.     

Variational Convolutional Autoencoders for Anomaly Detection in Scanning Transmission Electron Microscopy

Identifying point defects and other structural anomalies using scanning transmission electron microscopy (STEM) is important to understand a material's properties caused by the disruption of the regular pattern of crystal lattice. Due to improvements in instrumentation stability and electron optics, atomic-resolution images with a field of view of several hundred nanometers can now be routinely acquired at 1–10 Hz frame rates and such data, which often contain thousands of atomic columns, need to be analyzed. To date, image analysis is performed largely manually, but recent developments in computer vision (CV) and machine learning (ML) now enable automated analysis of atomic structures and associated defects. Here, the authors report on how a Convolutional Variational Autoencoder (CVAE) can be utilized to detect structural anomalies in atomic-resolution STEM images. Specifically, the training set is limited to perfect crystal images , and the performance of a CVAE in differentiating between single-crystal bulk data or point defects is demonstrated. It is found that the CVAE can reproduce the perfect crystal data but not the defect input data. The disagreesments between the CVAE-predicted data for defects allows for a clear and automatic distinction and differentiation of several point defect types.     

Deep Learning and Machine Learning-Based Model for Conversational Sentiment Classification

In the current era of the internet, people use online media for conversation, discussion, chatting, and other similar purposes. Analysis of such material where more than one person is involved has a spate challenge as compared to other text analysis tasks. There are several approaches to identify users’ emotions from the conversational text for the English language, however regional or low resource languages have been neglected. The Urdu language is one of them and despite being used by millions of users across the globe, with the best of our knowledge there exists no work on dialogue analysis in the Urdu language. Therefore, in this paper, we have proposed a model which utilizes deep learning and machine learning approaches for the classification of users’ emotions from the text. To accomplish this task, we have first created a dataset for the Urdu language with the help of existing English language datasets for dialogue analysis. After that, we have preprocessed the data and selected dialogues with common emotions. Once the dataset is prepared, we have used different deep learning and machine learning techniques for the classification of emotion. We have tuned the algorithms according to the Urdu language datasets. The experimental evaluation has shown encouraging results with 67% accuracy for the Urdu dialogue datasets, more than 10, 000 dialogues are classified into five emotions i.e., joy, fear, anger, sadness, and neutral. We believe that this is the first effort for emotion detection from the conversational text in the Urdu language domain.     

Deep Learning Approach for Cosmetic Product Detection and Classification

As the amount of online video content is increasing, consumers are becoming increasingly interested in various product names appearing in videos, particularly in cosmetic-product names in videos related to fashion, beauty, and style. Thus, the identification of such products by using image recognition technology may aid in the identification of current commercial trends. In this paper, we propose a two-stage deep-learning detection and classification method for cosmetic products. Specifically, variants of the YOLO network are used for detection, where the bounding box for each given input product is predicted and subsequently cropped for classification. We use four state-of-the-art classification networks, namely ResNet, InceptionResNetV2, DenseNet, and EfficientNet, and compare their performance. Furthermore, we employ dilated convolution in these networks to obtain better feature representations and improve performance. Extensive experiments demonstrate that YOLOv3 and its tiny version achieve higher speed and accuracy. Moreover, the dilated networks marginally outperform the base models, or achieve similar performance in the worst case. We conclude that the proposed method can effectively detect and classify cosmetic products.     

基于深度学习的易拉罐缺陷检测技术

目的 现有的易拉罐缺陷检测系统在高速生产线中存在错检率和漏检率高,检测精度相对较低等问题,为了提高易拉罐缺陷识别的准确性,使易拉罐生产线实现进一步自动化、智能化,基于深度学习技术和迁移学习技术,提出一种适用于易拉罐制造的在线检测的算法。方法 利用深度卷积网络提取易拉罐缺陷特征,通过优化卷积核,减短易拉罐缺陷检测的时间。针对国内外数据集缺乏食品包装制造的缺陷图像,构建易拉罐缺陷数据集,结合预训练网络,通过调整VGG16提升对易拉罐缺陷的识别准确率。结果 对易拉罐数据集在卷积神经网络、迁移学习和调整后的预训练网络进行了易拉罐缺陷检测的性能对比,验证了基于深度学习的易拉罐缺陷检测技术在学习率为0.0005,训练10个迭代后可达到较好的识别效果,最终二分类缺陷识别率为99.7%,算法耗时119 ms。结论 相较于现有的易拉罐检测算法,文中提出的基于深度学习的易拉罐检测算法的识别性能更优,智能化程度更高。同时,该研究有助于制罐企业利用深度学习等AI技术促进智能化生产,减少人力成本,符合国家制造业产业升级的策略,具有一定的实际意义。