-
Adversarial Evasion Attack Efficiency against Large Language Models
Authors:
João Vitorino,
Eva Maia,
Isabel Praça
Abstract:
Large Language Models (LLMs) are valuable for text classification, but their vulnerabilities must not be disregarded. They lack robustness against adversarial examples, so it is pertinent to understand the impacts of different types of perturbations, and assess if those attacks could be replicated by common users with a small amount of perturbations and a small number of queries to a deployed LLM.…
▽ More
Large Language Models (LLMs) are valuable for text classification, but their vulnerabilities must not be disregarded. They lack robustness against adversarial examples, so it is pertinent to understand the impacts of different types of perturbations, and assess if those attacks could be replicated by common users with a small amount of perturbations and a small number of queries to a deployed LLM. This work presents an analysis of the effectiveness, efficiency, and practicality of three different types of adversarial attacks against five different LLMs in a sentiment classification task. The obtained results demonstrated the very distinct impacts of the word-level and character-level attacks. The word attacks were more effective, but the character and more constrained attacks were more practical and required a reduced number of perturbations and queries. These differences need to be considered during the development of adversarial defense strategies to train more robust LLMs for intelligent text classification applications.
△ Less
Submitted 12 June, 2024;
originally announced June 2024.
-
Efficient Network Traffic Feature Sets for IoT Intrusion Detection
Authors:
Miguel Silva,
João Vitorino,
Eva Maia,
Isabel Praça
Abstract:
The use of Machine Learning (ML) models in cybersecurity solutions requires high-quality data that is stripped of redundant, missing, and noisy information. By selecting the most relevant features, data integrity and model efficiency can be significantly improved. This work evaluates the feature sets provided by a combination of different feature selection methods, namely Information Gain, Chi-Squ…
▽ More
The use of Machine Learning (ML) models in cybersecurity solutions requires high-quality data that is stripped of redundant, missing, and noisy information. By selecting the most relevant features, data integrity and model efficiency can be significantly improved. This work evaluates the feature sets provided by a combination of different feature selection methods, namely Information Gain, Chi-Squared Test, Recursive Feature Elimination, Mean Absolute Deviation, and Dispersion Ratio, in multiple IoT network datasets. The influence of the smaller feature sets on both the classification performance and the training time of ML models is compared, with the aim of increasing the computational efficiency of IoT intrusion detection. Overall, the most impactful features of each dataset were identified, and the ML models obtained higher computational efficiency while preserving a good generalization, showing little to no difference between the sets.
△ Less
Submitted 12 June, 2024;
originally announced June 2024.
-
S3PHER: Secure and Searchable System for Patient-driven HEalth data shaRing
Authors:
Ivan Costa,
Ivone Amorim,
Eva Maia,
Pedro Barbosa,
Isabel Praca
Abstract:
Healthcare data contains some of the most sensitive information about an individual, yet sharing this data with healthcare practitioners can significantly enhance patient care and support research efforts. However, current systems for sharing health data between patients and caregivers do not fully address the critical security requirements of privacy, confidentiality, and consent management. Furt…
▽ More
Healthcare data contains some of the most sensitive information about an individual, yet sharing this data with healthcare practitioners can significantly enhance patient care and support research efforts. However, current systems for sharing health data between patients and caregivers do not fully address the critical security requirements of privacy, confidentiality, and consent management. Furthermore, compliance with regulatory laws such as GDPR and HIPAA is often deficient, largely because patients typically are asked to provide general consent for healthcare entities to access their data. Recognizing the limitations of existing systems, we present S3PHER, a novel approach to sharing health data that provides patients with control over who accesses their data, what data is accessed, and when. Our system ensures end to end privacy by integrating a Proxy ReEncryption Scheme with a Searchable Encryption Scheme, utilizing Homomorphic Encryption to enable healthcare practitioners to privately search and access patients' documents. The practicality and benefits of S3PHER are further validated through end to end deployment and use case analyses, with tests on real datasets demonstrating promising execution times.
△ Less
Submitted 17 April, 2024;
originally announced April 2024.
-
Reliable Feature Selection for Adversarially Robust Cyber-Attack Detection
Authors:
João Vitorino,
Miguel Silva,
Eva Maia,
Isabel Praça
Abstract:
The growing cybersecurity threats make it essential to use high-quality data to train Machine Learning (ML) models for network traffic analysis, without noisy or missing data. By selecting the most relevant features for cyber-attack detection, it is possible to improve both the robustness and computational efficiency of the models used in a cybersecurity system. This work presents a feature select…
▽ More
The growing cybersecurity threats make it essential to use high-quality data to train Machine Learning (ML) models for network traffic analysis, without noisy or missing data. By selecting the most relevant features for cyber-attack detection, it is possible to improve both the robustness and computational efficiency of the models used in a cybersecurity system. This work presents a feature selection and consensus process that combines multiple methods and applies them to several network datasets. Two different feature sets were selected and were used to train multiple ML models with regular and adversarial training. Finally, an adversarial evasion robustness benchmark was performed to analyze the reliability of the different feature sets and their impact on the susceptibility of the models to adversarial examples. By using an improved dataset with more data diversity, selecting the best time-related features and a more specific feature set, and performing adversarial training, the ML models were able to achieve a better adversarially robust generalization. The robustness of the models was significantly improved without their generalization to regular traffic flows being affected, without increases of false alarms, and without requiring too many computational resources, which enables a reliable detection of suspicious activity and perturbed traffic flows in enterprise computer networks.
△ Less
Submitted 5 April, 2024;
originally announced April 2024.
-
EnergAIze: Multi Agent Deep Deterministic Policy Gradient for Vehicle to Grid Energy Management
Authors:
Tiago Fonseca,
Luis Ferreira,
Bernardo Cabral,
Ricardo Severino,
Isabel Praca
Abstract:
This paper investigates the increasing roles of Renewable Energy Sources (RES) and Electric Vehicles (EVs). While indicating a new era of sustainable energy, these also introduce complex challenges, including the need to balance supply and demand and smooth peak consumptions amidst rising EV adoption rates. Addressing these challenges requires innovative solutions such as Demand Response (DR), ene…
▽ More
This paper investigates the increasing roles of Renewable Energy Sources (RES) and Electric Vehicles (EVs). While indicating a new era of sustainable energy, these also introduce complex challenges, including the need to balance supply and demand and smooth peak consumptions amidst rising EV adoption rates. Addressing these challenges requires innovative solutions such as Demand Response (DR), energy flexibility management, Renewable Energy Communities (RECs), and more specifically for EVs, Vehicle-to-Grid (V2G). However, existing V2G approaches often fall short in real-world adaptability, global REC optimization with other flexible assets, scalability, and user engagement. To bridge this gap, this paper introduces EnergAIze, a Multi-Agent Reinforcement Learning (MARL) energy management framework, leveraging the Multi-Agent Deep Deterministic Policy Gradient (MADDPG) algorithm. EnergAIze enables user-centric and multi-objective energy management by allowing each prosumer to select from a range of personal management objectives, thus encouraging engagement. Additionally, it architects' data protection and ownership through decentralized computing, where each prosumer can situate an energy management optimization node directly at their own dwelling. The local node not only manages local energy assets but also fosters REC wide optimization. The efficacy of EnergAIze was evaluated through case studies employing the CityLearn simulation framework. These simulations were instrumental in demonstrating EnergAIze's adeptness at implementing V2G technology within a REC and other energy assets. The results show reduction in peak loads, ram**, carbon emissions, and electricity costs at the REC level while optimizing for individual prosumers objectives.
△ Less
Submitted 9 April, 2024; v1 submitted 2 April, 2024;
originally announced April 2024.
-
An Adversarial Robustness Benchmark for Enterprise Network Intrusion Detection
Authors:
João Vitorino,
Miguel Silva,
Eva Maia,
Isabel Praça
Abstract:
As cyber-attacks become more sophisticated, improving the robustness of Machine Learning (ML) models must be a priority for enterprises of all sizes. To reliably compare the robustness of different ML models for cyber-attack detection in enterprise computer networks, they must be evaluated in standardized conditions. This work presents a methodical adversarial robustness benchmark of multiple deci…
▽ More
As cyber-attacks become more sophisticated, improving the robustness of Machine Learning (ML) models must be a priority for enterprises of all sizes. To reliably compare the robustness of different ML models for cyber-attack detection in enterprise computer networks, they must be evaluated in standardized conditions. This work presents a methodical adversarial robustness benchmark of multiple decision tree ensembles with constrained adversarial examples generated from standard datasets. The robustness of regularly and adversarially trained RF, XGB, LGBM, and EBM models was evaluated on the original CICIDS2017 dataset, a corrected version of it designated as NewCICIDS, and the HIKARI dataset, which contains more recent network traffic. NewCICIDS led to models with a better performance, especially XGB and EBM, but RF and LGBM were less robust against the more recent cyber-attacks of HIKARI. Overall, the robustness of the models to adversarial cyber-attack examples was improved without their generalization to regular traffic being affected, enabling a reliable detection of suspicious activity without costly increases of false alarms.
△ Less
Submitted 25 February, 2024;
originally announced February 2024.
-
SoK: Realistic Adversarial Attacks and Defenses for Intelligent Network Intrusion Detection
Authors:
João Vitorino,
Isabel Praça,
Eva Maia
Abstract:
Machine Learning (ML) can be incredibly valuable to automate anomaly detection and cyber-attack classification, improving the way that Network Intrusion Detection (NID) is performed. However, despite the benefits of ML models, they are highly susceptible to adversarial cyber-attack examples specifically crafted to exploit them. A wide range of adversarial attacks have been created and researchers…
▽ More
Machine Learning (ML) can be incredibly valuable to automate anomaly detection and cyber-attack classification, improving the way that Network Intrusion Detection (NID) is performed. However, despite the benefits of ML models, they are highly susceptible to adversarial cyber-attack examples specifically crafted to exploit them. A wide range of adversarial attacks have been created and researchers have worked on various defense strategies to safeguard ML models, but most were not intended for the specific constraints of a communication network and its communication protocols, so they may lead to unrealistic examples in the NID domain. This Systematization of Knowledge (SoK) consolidates and summarizes the state-of-the-art adversarial learning approaches that can generate realistic examples and could be used in real ML development and deployment scenarios with real network traffic flows. This SoK also describes the open challenges regarding the use of adversarial ML in the NID domain, defines the fundamental properties that are required for an adversarial example to be realistic, and provides guidelines for researchers to ensure that their future experiments are adequate for a real communication network.
△ Less
Submitted 13 August, 2023;
originally announced August 2023.
-
Herb-Drug Interactions: A Holistic Decision Support System in Healthcare
Authors:
Andreia Martins,
Eva Maia,
Isabel Praça
Abstract:
Complementary and alternative medicine are commonly used concomitantly with conventional medications leading to adverse drug reactions and even fatality in some cases. Furthermore, the vast possibility of herb-drug interactions prevents health professionals from remembering or manually searching them in a database. Decision support systems are a powerful tool that can be used to assist clinicians…
▽ More
Complementary and alternative medicine are commonly used concomitantly with conventional medications leading to adverse drug reactions and even fatality in some cases. Furthermore, the vast possibility of herb-drug interactions prevents health professionals from remembering or manually searching them in a database. Decision support systems are a powerful tool that can be used to assist clinicians in making diagnostic and therapeutic decisions in patient care. Therefore, an original and hybrid decision support system was designed to identify herb-drug interactions, applying artificial intelligence techniques to identify new possible interactions. Different machine learning models will be used to strengthen the typical rules engine used in these cases. Thus, using the proposed system, the pharmacy community, people's first line of contact within the Healthcare System, will be able to make better and more accurate therapeutic decisions and mitigate possible adverse events.
△ Less
Submitted 27 June, 2023;
originally announced June 2023.
-
From Data to Action: Exploring AI and IoT-driven Solutions for Smarter Cities
Authors:
Tiago Dias,
Tiago Fonseca,
João Vitorino,
Andreia Martins,
Sofia Malpique,
Isabel Praça
Abstract:
The emergence of smart cities demands harnessing advanced technologies like the Internet of Things (IoT) and Artificial Intelligence (AI) and promises to unlock cities' potential to become more sustainable, efficient, and ultimately livable for their inhabitants. This work introduces an intelligent city management system that provides a data-driven approach to three use cases: (i) analyze traffic…
▽ More
The emergence of smart cities demands harnessing advanced technologies like the Internet of Things (IoT) and Artificial Intelligence (AI) and promises to unlock cities' potential to become more sustainable, efficient, and ultimately livable for their inhabitants. This work introduces an intelligent city management system that provides a data-driven approach to three use cases: (i) analyze traffic information to reduce the risk of traffic collisions and improve driver and pedestrian safety, (ii) identify when and where energy consumption can be reduced to improve cost savings, and (iii) detect maintenance issues like potholes in the city's roads and sidewalks, as well as the beginning of hazards like floods and fires. A case study in Aveiro City demonstrates the system's effectiveness in generating actionable insights that enhance security, energy efficiency, and sustainability, while highlighting the potential of AI and IoT-driven solutions for smart city development.
△ Less
Submitted 6 June, 2023;
originally announced June 2023.
-
TestLab: An Intelligent Automated Software Testing Framework
Authors:
Tiago Dias,
Arthur Batista,
Eva Maia,
Isabel Praça
Abstract:
The prevalence of software systems has become an integral part of modern-day living. Software usage has increased significantly, leading to its growth in both size and complexity. Consequently, software development is becoming a more time-consuming process. In an attempt to accelerate the development cycle, the testing phase is often neglected, leading to the deployment of flawed systems that can…
▽ More
The prevalence of software systems has become an integral part of modern-day living. Software usage has increased significantly, leading to its growth in both size and complexity. Consequently, software development is becoming a more time-consuming process. In an attempt to accelerate the development cycle, the testing phase is often neglected, leading to the deployment of flawed systems that can have significant implications on the users daily activities. This work presents TestLab, an intelligent automated software testing framework that attempts to gather a set of testing methods and automate them using Artificial Intelligence to allow continuous testing of software systems at multiple levels from different scopes, ranging from developers to end-users. The tool consists of three modules, each serving a distinct purpose. The first two modules aim to identify vulnerabilities from different perspectives, while the third module enhances traditional automated software testing by automatically generating test cases through source code analysis.
△ Less
Submitted 6 June, 2023;
originally announced June 2023.
-
Data Privacy with Homomorphic Encryption in Neural Networks Training and Inference
Authors:
Ivone Amorim,
Eva Maia,
Pedro Barbosa,
Isabel Praça
Abstract:
The use of Neural Networks (NNs) for sensitive data processing is becoming increasingly popular, raising concerns about data privacy and security. Homomorphic Encryption (HE) has the potential to be used as a solution to preserve data privacy in NN. This study provides a comprehensive analysis on the use of HE for NN training and classification, focusing on the techniques and strategies used to en…
▽ More
The use of Neural Networks (NNs) for sensitive data processing is becoming increasingly popular, raising concerns about data privacy and security. Homomorphic Encryption (HE) has the potential to be used as a solution to preserve data privacy in NN. This study provides a comprehensive analysis on the use of HE for NN training and classification, focusing on the techniques and strategies used to enhance data privacy and security. The current state-of-the-art in HE for NNs is analysed, and the challenges and limitations that need to be addressed to make it a reliable and efficient approach for privacy preservation are identified. Also, the different categories of HE schemes and their suitability for NNs are discussed, as well as the techniques used to optimize the accuracy and efficiency of encrypted models. The review reveals that HE has the potential to provide strong data privacy guarantees for NNs, but several challenges need to be addressed, such as limited support for advanced NN operations, scalability issues, and performance trade-offs.
△ Less
Submitted 3 May, 2023;
originally announced May 2023.
-
Adversarial Robustness and Feature Impact Analysis for Driver Drowsiness Detection
Authors:
João Vitorino,
Lourenço Rodrigues,
Eva Maia,
Isabel Praça,
André Lourenço
Abstract:
Drowsy driving is a major cause of road accidents, but drivers are dismissive of the impact that fatigue can have on their reaction times. To detect drowsiness before any impairment occurs, a promising strategy is using Machine Learning (ML) to monitor Heart Rate Variability (HRV) signals. This work presents multiple experiments with different HRV time windows and ML models, a feature impact analy…
▽ More
Drowsy driving is a major cause of road accidents, but drivers are dismissive of the impact that fatigue can have on their reaction times. To detect drowsiness before any impairment occurs, a promising strategy is using Machine Learning (ML) to monitor Heart Rate Variability (HRV) signals. This work presents multiple experiments with different HRV time windows and ML models, a feature impact analysis using Shapley Additive Explanations (SHAP), and an adversarial robustness analysis to assess their reliability when processing faulty input data and perturbed HRV signals. The most reliable model was Extreme Gradient Boosting (XGB) and the optimal time window had between 120 and 150 seconds. Furthermore, SHAP enabled the selection of the 18 most impactful features and the training of new smaller models that achieved a performance as good as the initial ones. Despite the susceptibility of all models to adversarial attacks, adversarial training enabled them to preserve significantly higher results, especially XGB. Therefore, ML models can significantly benefit from realistic adversarial training to provide a more robust driver drowsiness detection.
△ Less
Submitted 23 March, 2023;
originally announced March 2023.
-
Constrained Adversarial Learning and its applicability to Automated Software Testing: a systematic review
Authors:
João Vitorino,
Tiago Dias,
Tiago Fonseca,
Eva Maia,
Isabel Praça
Abstract:
Every novel technology adds hidden vulnerabilities ready to be exploited by a growing number of cyber-attacks. Automated software testing can be a promising solution to quickly analyze thousands of lines of code by generating and slightly modifying function-specific testing data to encounter a multitude of vulnerabilities and attack vectors. This process draws similarities to the constrained adver…
▽ More
Every novel technology adds hidden vulnerabilities ready to be exploited by a growing number of cyber-attacks. Automated software testing can be a promising solution to quickly analyze thousands of lines of code by generating and slightly modifying function-specific testing data to encounter a multitude of vulnerabilities and attack vectors. This process draws similarities to the constrained adversarial examples generated by adversarial learning methods, so there could be significant benefits to the integration of these methods in automated testing tools. Therefore, this systematic review is focused on the current state-of-the-art of constrained data generation methods applied for adversarial learning and software testing, aiming to guide researchers and developers to enhance testing tools with adversarial learning methods and improve the resilience and robustness of their digital systems. The found constrained data generation applications for adversarial machine learning were systematized, and the advantages and limitations of approaches specific for software testing were thoroughly analyzed, identifying research gaps and opportunities to improve testing tools with adversarial attack methods.
△ Less
Submitted 13 March, 2023;
originally announced March 2023.
-
Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification
Authors:
João Vitorino,
Isabel Praça,
Eva Maia
Abstract:
The Internet of Things (IoT) faces tremendous security challenges. Machine learning models can be used to tackle the growing number of cyber-attack variations targeting IoT systems, but the increasing threat posed by adversarial attacks restates the need for reliable defense strategies. This work describes the types of constraints required for a realistic adversarial cyber-attack example and propo…
▽ More
The Internet of Things (IoT) faces tremendous security challenges. Machine learning models can be used to tackle the growing number of cyber-attack variations targeting IoT systems, but the increasing threat posed by adversarial attacks restates the need for reliable defense strategies. This work describes the types of constraints required for a realistic adversarial cyber-attack example and proposes a methodology for a trustworthy adversarial robustness analysis with a realistic adversarial evasion attack vector. The proposed methodology was used to evaluate three supervised algorithms, Random Forest (RF), Extreme Gradient Boosting (XGB), and Light Gradient Boosting Machine (LGBM), and one unsupervised algorithm, Isolation Forest (IFOR). Constrained adversarial examples were generated with the Adaptative Perturbation Pattern Method (A2PM), and evasion attacks were performed against models created with regular and adversarial training. Even though RF was the least affected in binary classification, XGB consistently achieved the highest accuracy in multi-class classification. The obtained results evidence the inherent susceptibility of tree-based algorithms and ensembles to adversarial evasion attacks and demonstrates the benefits of adversarial training and a security by design approach for a more robust IoT network intrusion detection and cyber-attack classification.
△ Less
Submitted 3 March, 2023; v1 submitted 30 January, 2023;
originally announced January 2023.
-
A Low-Cost Multi-Agent System for Physical Security in Smart Buildings
Authors:
Tiago Fonseca,
Tiago Dias,
João Vitorino,
Luís Lino Ferreira,
Isabel Praça
Abstract:
Modern organizations face numerous physical security threats, from fire hazards to more intricate concerns regarding surveillance and unauthorized personnel. Conventional standalone fire and intrusion detection solutions must be installed and maintained independently, which leads to high capital and operational costs. Nonetheless, due to recent developments in smart sensors, computer vision techni…
▽ More
Modern organizations face numerous physical security threats, from fire hazards to more intricate concerns regarding surveillance and unauthorized personnel. Conventional standalone fire and intrusion detection solutions must be installed and maintained independently, which leads to high capital and operational costs. Nonetheless, due to recent developments in smart sensors, computer vision techniques, and wireless communication technologies, these solutions can be integrated in a modular and low-cost manner. This work introduces Integrated Physical Security System (IP2S), a multi-agent system capable of coordinating diverse Internet of Things (IoT) sensors and actuators for an efficient mitigation of multiple physical security events. The proposed system was tested in a live case study that combined fire and intrusion detection in an industrial shop floor environment with four different sectors, two surveillance cameras, and a firefighting robot. The experimental results demonstrate that the integration of several events in a single automated system can be advantageous for the security of smart buildings, reducing false alarms and delays.
△ Less
Submitted 1 September, 2022;
originally announced September 2022.
-
Deep Learning for Short-term Instant Energy Consumption Forecasting in the Manufacturing Sector
Authors:
Nuno Oliveira,
Norberto Sousa,
Isabel Praça
Abstract:
Electricity is a volatile power source that requires great planning and resource management for both short and long term. More specifically, in the short-term, accurate instant energy consumption forecasting contributes greatly to improve the efficiency of buildings, opening new avenues for the adoption of renewable energy. In that regard, data-driven approaches, namely the ones based on machine l…
▽ More
Electricity is a volatile power source that requires great planning and resource management for both short and long term. More specifically, in the short-term, accurate instant energy consumption forecasting contributes greatly to improve the efficiency of buildings, opening new avenues for the adoption of renewable energy. In that regard, data-driven approaches, namely the ones based on machine learning, are begin to be preferred over more traditional ones since they provide not only more simplified ways of deployment but also state of the art results. In that sense, this work applies and compares the performance of several deep learning algorithms, LSTM, CNN, mixed CNN-LSTM and TCN, in a real testbed within the manufacturing sector. The experimental results suggest that the TCN is the most reliable method for predicting instant energy consumption in the short-term.
△ Less
Submitted 4 July, 2022;
originally announced July 2022.
-
A Multi-Policy Framework for Deep Learning-Based Fake News Detection
Authors:
João Vitorino,
Tiago Dias,
Tiago Fonseca,
Nuno Oliveira,
Isabel Praça
Abstract:
Connectivity plays an ever-increasing role in modern society, with people all around the world having easy access to rapidly disseminated information. However, a more interconnected society enables the spread of intentionally false information. To mitigate the negative impacts of fake news, it is essential to improve detection methodologies. This work introduces Multi-Policy Statement Checker (MPS…
▽ More
Connectivity plays an ever-increasing role in modern society, with people all around the world having easy access to rapidly disseminated information. However, a more interconnected society enables the spread of intentionally false information. To mitigate the negative impacts of fake news, it is essential to improve detection methodologies. This work introduces Multi-Policy Statement Checker (MPSC), a framework that automates fake news detection by using deep learning techniques to analyze a statement itself and its related news articles, predicting whether it is seemingly credible or suspicious. The proposed framework was evaluated using four merged datasets containing real and fake news. Long-Short Term Memory (LSTM), Gated Recurrent Unit (GRU) and Bidirectional Encoder Representations from Transformers (BERT) models were trained to utilize both lexical and syntactic features, and their performance was evaluated. The obtained results demonstrate that a multi-policy analysis reliably identifies suspicious statements, which can be advantageous for fake news detection.
△ Less
Submitted 1 June, 2022;
originally announced June 2022.
-
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection
Authors:
João Vitorino,
Nuno Oliveira,
Isabel Praça
Abstract:
Adversarial attacks pose a major threat to machine learning and to the systems that rely on it. In the cybersecurity domain, adversarial cyber-attack examples capable of evading detection are especially concerning. Nonetheless, an example generated for a domain with tabular data must be realistic within that domain. This work establishes the fundamental constraint levels required to achieve realis…
▽ More
Adversarial attacks pose a major threat to machine learning and to the systems that rely on it. In the cybersecurity domain, adversarial cyber-attack examples capable of evading detection are especially concerning. Nonetheless, an example generated for a domain with tabular data must be realistic within that domain. This work establishes the fundamental constraint levels required to achieve realism and introduces the Adaptative Perturbation Pattern Method (A2PM) to fulfill these constraints in a gray-box setting. A2PM relies on pattern sequences that are independently adapted to the characteristics of each class to create valid and coherent data perturbations. The proposed method was evaluated in a cybersecurity case study with two scenarios: Enterprise and Internet of Things (IoT) networks. Multilayer Perceptron (MLP) and Random Forest (RF) classifiers were created with regular and adversarial training, using the CIC-IDS2017 and IoT-23 datasets. In each scenario, targeted and untargeted attacks were performed against the classifiers, and the generated examples were compared with the original network traffic flows to assess their realism. The obtained results demonstrate that A2PM provides a scalable generation of realistic adversarial examples, which can be advantageous for both adversarial training and attacks.
△ Less
Submitted 29 March, 2022; v1 submitted 8 March, 2022;
originally announced March 2022.
-
Anomaly Detection in Cyber-Physical Systems: Reconstruction of a Prediction Error Feature Space
Authors:
Nuno Oliveira,
Norberto Sousa,
Jorge Oliveira,
Isabel Praça
Abstract:
Cyber-physical systems are infrastructures that use digital information such as network communications and sensor readings to control entities in the physical world. Many cyber-physical systems in airports, hospitals and nuclear power plants are regarded as critical infrastructures since a disruption of its normal functionality can result in negative consequences for the society. In the last few y…
▽ More
Cyber-physical systems are infrastructures that use digital information such as network communications and sensor readings to control entities in the physical world. Many cyber-physical systems in airports, hospitals and nuclear power plants are regarded as critical infrastructures since a disruption of its normal functionality can result in negative consequences for the society. In the last few years, some security solutions for cyber-physical systems based on artificial intelligence have been proposed. Nevertheless, knowledge domain is required to properly setup and train artificial intelligence algorithms. Our work proposes a novel anomaly detection framework based on error space reconstruction, where genetic algorithms are used to perform hyperparameter optimization of machine learning methods. The proposed method achieved an F1-score of 87.89% in the SWaT dataset.
△ Less
Submitted 29 December, 2021;
originally announced December 2021.
-
A tool to support the investigation and visualization of cyber and/or physical incidents
Authors:
Inês Macedo,
Sinan Wanous,
Nuno Oliveira,
Orlando Sousa,
Isabel Praça
Abstract:
Investigating efficiently the data collected from a system's activity can help to detect malicious attempts and better understand the context behind past incident occurrences. Nowadays, several solutions can be used to monitor system activities to detect probable abnormalities and malfunctions. However, most of these systems overwhelm their users with vast amounts of information, making it harder…
▽ More
Investigating efficiently the data collected from a system's activity can help to detect malicious attempts and better understand the context behind past incident occurrences. Nowadays, several solutions can be used to monitor system activities to detect probable abnormalities and malfunctions. However, most of these systems overwhelm their users with vast amounts of information, making it harder for them to perceive incident occurrences and their context. Our approach combines a dynamic and intuitive user interface with Machine Learning forecasts to provide an intelligent investigation tool that facilitates the security operator's work. Our system can also act as an enhanced and fully automated decision support mechanism that provides suggestions about possible incident occurrences.
△ Less
Submitted 2 December, 2021;
originally announced December 2021.
-
A Comparative Analysis of Machine Learning Techniques for IoT Intrusion Detection
Authors:
João Vitorino,
Rui Andrade,
Isabel Praça,
Orlando Sousa,
Eva Maia
Abstract:
The digital transformation faces tremendous security challenges. In particular, the growing number of cyber-attacks targeting Internet of Things (IoT) systems restates the need for a reliable detection of malicious network activity. This paper presents a comparative analysis of supervised, unsupervised and reinforcement learning techniques on nine malware captures of the IoT-23 dataset, considerin…
▽ More
The digital transformation faces tremendous security challenges. In particular, the growing number of cyber-attacks targeting Internet of Things (IoT) systems restates the need for a reliable detection of malicious network activity. This paper presents a comparative analysis of supervised, unsupervised and reinforcement learning techniques on nine malware captures of the IoT-23 dataset, considering both binary and multi-class classification scenarios. The developed models consisted of Support Vector Machine (SVM), Extreme Gradient Boosting (XGBoost), Light Gradient Boosting Machine (LightGBM), Isolation Forest (iForest), Local Outlier Factor (LOF) and a Deep Reinforcement Learning (DRL) model based on a Double Deep Q-Network (DDQN), adapted to the intrusion detection context. The most reliable performance was achieved by LightGBM. Nonetheless, iForest displayed good anomaly detection results and the DRL model demonstrated the possible benefits of employing this methodology to continuously improve the detection. Overall, the obtained results indicate that the analyzed techniques are well suited for IoT intrusion detection.
△ Less
Submitted 1 June, 2022; v1 submitted 25 November, 2021;
originally announced November 2021.
-
A Hybrid Approach for an Interpretable and Explainable Intrusion Detection System
Authors:
Tiago Dias,
Nuno Oliveira,
Norberto Sousa,
Isabel Praça,
Orlando Sousa
Abstract:
Cybersecurity has been a concern for quite a while now. In the latest years, cyberattacks have been increasing in size and complexity, fueled by significant advances in technology. Nowadays, there is an unavoidable necessity of protecting systems and data crucial for business continuity. Hence, many intrusion detection systems have been created in an attempt to mitigate these threats and contribut…
▽ More
Cybersecurity has been a concern for quite a while now. In the latest years, cyberattacks have been increasing in size and complexity, fueled by significant advances in technology. Nowadays, there is an unavoidable necessity of protecting systems and data crucial for business continuity. Hence, many intrusion detection systems have been created in an attempt to mitigate these threats and contribute to a timelier detection. This work proposes an interpretable and explainable hybrid intrusion detection system, which makes use of artificial intelligence methods to achieve better and more long-lasting security. The system combines experts' written rules and dynamic knowledge continuously generated by a decision tree algorithm as new shreds of evidence emerge from network activity.
△ Less
Submitted 19 November, 2021;
originally announced November 2021.
-
A Multi-Agent System for Autonomous Mobile Robot Coordination
Authors:
Norberto Sousa,
Nuno Oliveira,
Isabel Praça
Abstract:
The automation of internal logistics and inventory-related tasks is one of the main challenges of modern-day manufacturing corporations since it allows a more effective application of their human resources. Nowadays, Autonomous Mobile Robots (AMR) are state of the art technologies for such applications due to their great adaptability in dynamic environments, replacing more traditional solutions su…
▽ More
The automation of internal logistics and inventory-related tasks is one of the main challenges of modern-day manufacturing corporations since it allows a more effective application of their human resources. Nowadays, Autonomous Mobile Robots (AMR) are state of the art technologies for such applications due to their great adaptability in dynamic environments, replacing more traditional solutions such as Automated Guided Vehicles (AGV), which are quite limited in terms of flexibility and require expensive facility updates for their installation. The application of Artificial Intelligence (AI) to increase AMRs capabilities has been contributing for the development of more sophisticated and efficient robots. Nevertheless, multi-robot coordination and cooperation for solving complex tasks is still a hot research line with increasing interest. This work proposes a Multi-Agent System for coordinating multiple TIAGo robots in tasks related to the manufacturing ecosystem such as the transportation and dispatching of raw materials, finished products and tools. Furthermore, the system is showcased in a realistic simulation using both Gazebo and Robot Operating System (ROS).
△ Less
Submitted 25 September, 2021;
originally announced September 2021.
-
Machine Learning for Network-based Intrusion Detection Systems: an Analysis of the CIDDS-001 Dataset
Authors:
José Carneiro,
Nuno Oliveira,
Norberto Sousa,
Eva Maia,
Isabel Praça
Abstract:
With the increasing amount of reliance on digital data and computer networks by corporations and the public in general, the occurrence of cyber attacks has become a great threat to the normal functioning of our society. Intrusion detection systems seek to address this threat by preemptively detecting attacks in real time while attempting to block them or minimizing their damage. These systems can…
▽ More
With the increasing amount of reliance on digital data and computer networks by corporations and the public in general, the occurrence of cyber attacks has become a great threat to the normal functioning of our society. Intrusion detection systems seek to address this threat by preemptively detecting attacks in real time while attempting to block them or minimizing their damage. These systems can function in many ways being some of them based on artificial intelligence methods. Datasets containing both normal network traffic and cyber attacks are used for training these algorithms so that they can learn the underlying patterns of network-based data. The CIDDS-001 is one of the most used datasets for network-based intrusion detection research. Regarding this dataset, in the majority of works published so far, the Class label was used for training machine learning algorithms. However, there is another label in the CIDDS-001, AttackType, that seems very promising for this purpose and remains considerably unexplored. This work seeks to make a comparison between two machine learning models, K-Nearest Neighbours and Random Forest, which were trained with both these labels in order to ascertain whether AttackType can produce reliable results in comparison with the Class label.
△ Less
Submitted 2 July, 2021;
originally announced July 2021.
-
A Search Engine for Scientific Publications: a Cybersecurity Case Study
Authors:
Nuno Oliveira,
Norberto Sousa,
Isabel Praça
Abstract:
Cybersecurity is a very challenging topic of research nowadays, as digitalization increases the interaction of people, software and services on the Internet by means of technology devices and networks connected to it. The field is broad and has a lot of unexplored ground under numerous disciplines such as management, psychology, and data science. Its large disciplinary spectrum and many significan…
▽ More
Cybersecurity is a very challenging topic of research nowadays, as digitalization increases the interaction of people, software and services on the Internet by means of technology devices and networks connected to it. The field is broad and has a lot of unexplored ground under numerous disciplines such as management, psychology, and data science. Its large disciplinary spectrum and many significant research topics generate a considerable amount of information, making it hard for us to find what we are looking for when researching a particular subject. This work proposes a new search engine for scientific publications which combines both information retrieval and reading comprehension algorithms to extract answers from a collection of domain-specific documents. The proposed solution although being applied to the context of cybersecurity exhibited great generalization capabilities and can be easily adapted to perform under other distinct knowledge domains.
△ Less
Submitted 30 June, 2021;
originally announced July 2021.