The 0-day attack is a cyber-attack based on vulnerabilities that have not yet been published. The detection of anomalous traffic generated by such attacks is vital, as it can represent a critical problem, both in a technical and economic sense, for a smart enterprise as for any system largely dependent on technology. To predict this kind of attack, one solution can be to use unsupervised machine learning approaches, as they guarantee the detection of anomalies regardless of their prior knowledge. It is also essential to identify the anomalous and unknown behaviors that occur within a network in near real-time. Three different approaches have been proposed and benchmarked in exactly the same condition: Deep Autoencoding with GMM and Isolation Forest, Deep Autoencoder with Isolation Forest, and Memory Augmented Deep Autoencoder with Isolation Forest. These approaches are thus the result of combining different unsupervised algorithms. The results show that the addition of the Isolation Forest improves the accuracy values and increases the inference time, although this increase does not represent a relevant problematic factor. This paper also explains the features that the various models consider most important for classifying an event as an attack using the explainable artificial intelligence methodology called Shapley Additive Explanations (SHAP). Experiments were conducted on KDD99, NSL-KDD, and CIC-IDS2017 datasets.
This paper presents a portable condition monitoring system named MAPREX, which was developed as a result of the cooperation between the University of Oviedo and Aceralia inside of a research project funded by the ECSC Steel RTD program. The system integrates powerful monitoring and data visualization techniques based on the Self Organizing Map (SOM) algorithm. This paper describes in details the system architecture and performances, visualization techniques implemented and an example displaying real data from a 6,000 kW DC motor of a hot strip mill rolling stand. s INTRODUCTIONThis paper presents a portable condition monitoring system named MAPREX, which was developed as a result of the cooperation between the University of Oviedo and Aceralia inside of a research project funded by the ECSC Steel RTD program. The system integrates powerful monitoring and data visualization techniques based on the Self Organizing Map (SOM) algorithm. The architecture of the system is described in details as well as the visualization methods implemented. s THE VISUALIZATION APPROACHIn complex industrial processes and particularly in steel processes, there is usually a lack of models that provide a comprehensive description of the process behaviour. All the information available is often present in quite heterogeneous ways, much the same as sparse pieces of knowledge, which had to be put together and related. In a typical steel rolling process, there are several sources of knowledge :• Sensor data : Data from multiple sensors are often systematically recorded in huge databases, being available for subsequent processing in the mill computer. Data from sensors clearly convey a lot of information about the underlying process behaviour, which is implicitly embedded in the geometry of the data.• Partial models : When looking for a model to represent a new process, it usually happens that there are models that describe well parts of that process, while there is a lack of models that accurately describe the full process behaviour.• Rule based knowledge : Often, most of the knowledge is in hands of the staff that deals everyday with the process and in many cases that staff does not have a deep mathematical background to materialize that wealth of knowledge about the process in mathematical models. The knowledge is often present in terms of a bunch of rules (often fuzzy), which have proved to be useful along years.• Cases : Finally, another source of knowledge comes from cases. These are sets of data from key situations, such as breakdowns or others, aroused formerly, which underwent an investigation process. These datasets, in consequence, may convey a lot of associated knowledge that can be used for better understanding of the process.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.