Global ETD Search

471	Anomaly Detection in Hard Real-Time Embedded Systems Boakye Dankwa (19752255) 30 September 2024 (has links) <p dir="ltr">Lessons learned in protecting desktop computers, servers, and cloud systems from cyberattacks have not translated to embedded systems easily. Yet, embedded systems impact our lives in many ways and are subject to similar risks. In particular, real-time embedded systems are computer systems controlling critical physical processes in industrial controllers, avionics, engine control systems, etc. Attacks have been reported on real-time embedded systems, some with devastating outcomes on the physical processes. Detecting intrusions in real-time is a prerequisite to an effective response to ensure resilience to damaging attacks. In anomaly detection methods, researchers typically model expected program behavior and detect deviations. This approach has the advantage of detecting zero-day attacks compared to signature-based intrusion detection methods; however, existing anomaly detection approaches suffer high false-positive rates and incur significant performance overhead caused by code instrumentation, making them impractical for hard real-time embedded systems, which must meet strict temporal constraints.</p><p dir="ltr">This thesis presents a hardware-assisted anomaly detection approach that uses an automaton to model valid control-flow transfers in hard real-time systems without code instrumentation. The approach relies on existing hardware mechanisms to capture and export runtime control-flow data for runtime verification without the need for code instrumentation, thereby preserving the temporal properties of the target program. We implement a prototype of the mechanism on the Xilinx Zynq Ultrascale+ platform and empirically demonstrate precise detection of control-flow hijacking attacks with negligible (0.18%) performance overhead without false alarms using a real-time variant of the well-known RIPE benchmark we developed for this work. We further empirically demonstrate via schedulability analysis that protecting a real-time program with the proposed anomaly detection mechanism preserves the program’s temporal constraints.</p> Software and application security System and network security Anomaly Detection Intrusion Detection Control-Flow Integrity Embedded Systems Hard Real-Time Systems Hard Real-Time Schedulability Security Evaluation Tool Baremetal Embedded Systems Hardware Assisted ARM CoreSight
472	<b>Explaining Generative Adversarial Network Time Series Anomaly Detection using Shapley Additive Explanations</b> Cher Simon (18324174) 10 July 2024 (has links) <p dir="ltr">Anomaly detection is an active research field that widely applies to commercial applications to detect unusual patterns or outliers. Time series anomaly detection provides valuable insights into mission and safety-critical applications using ever-growing temporal data, including continuous streaming time series data from the Internet of Things (IoT), sensor networks, healthcare, stock prices, computer metrics, and application monitoring. While Generative Adversarial Networks (GANs) demonstrate promising results in time series anomaly detection, the opaque nature of generative deep learning models lacks explainability and hinders broader adoption. Understanding the rationale behind model predictions and providing human-interpretable explanations are vital for increasing confidence and trust in machine learning (ML) frameworks such as GANs. This study conducted a structured and comprehensive assessment of post-hoc local explainability in GAN-based time series anomaly detection using SHapley Additive exPlanations (SHAP). Using publicly available benchmarking datasets approved by Purdue’s Institutional Review Board (IRB), this study evaluated state-of-the-art GAN frameworks identifying their advantages and limitations for time series anomaly detection. This study demonstrated a systematic approach in quantifying the extent of GAN-based time series anomaly explainability, providing insights for businesses when considering adopting generative deep learning models. The presented results show that GANs capture complex time series temporal distribution and are applicable for anomaly detection. The analysis from this study shows SHAP can identify the significance of contributing features within time series data and derive post-hoc explanations to quantify GAN-detected time series anomalies.</p> Time-series analysis Data engineering and data science Adversarial machine learning Deep learning Generative Adversarial Networks (GANs) SHapley Additive exPlanations (SHAP) Time Series Anomaly Detection Explainability
473	Improving the search for new physics and the identification of electrons using machine learning at the ATLAS experiment Pascual Dias, Bruna 08 1900 (has links) L’étude des collisions à haute énergie par l’expérience ATLAS au Grand Collisioneur d’Hadrons (LHC, de l’anglais Large Hadron Collider) est essentielle pour tester la validité du modèle standard de la physique des particules (SM, de l’anglais Standard Model of particle physics), le cadre théorique actuel qui décrit les particules fondamentales et leurs interactions, ainsi que pour établir des limites dans ses possibles extensions. Compte tenu du début de sa troisième période de prise de données et de la prochaine génération d’accélérateurs, l’expérience ATLAS est confrontée à des défis liés à la haute dimensionnalité des signaux enregistrés et à la grande quantité de données encore inexplorées. Dans ce contexte, l’utilisation de techniques d’apprentissage profond a un grand potentiel pour améliorer la performance de la classification des objets physiques à l’origine de ces signaux, ainsi que pour fournir de nouveaux outils pour effectuer une inférence statistique rapide à partir des données. Cette thèse présente des applications des techniques d’apprentissage profond dans l’algorithme d’identification des électrons, ainsi qu’une nouvelle stratégie de recherche de résonances dans les distributions de masse invariantes avec l’expérience ATLAS. Tout d’abord, de nouvelles mesures de l’efficacité de l’algorithme actuel d’identification des électrons sont présentés, en utilisant les données enregistrées au début du Run 3, ainsi que le retraitement des données du Run 2 avec la nouvelle version du logiciel utilisé par ATLAS. Une légère réduction des écarts entre les valeurs obtenues à partir des événements simulés et les données expérimentales est observée, une conséquence des améliorations apportées au logiciel utilisé par ATLAS avant le début du Run 3. Ensuite, le développement d’un nouvel algorithme d’identification des électrons est présenté, où les informations brutes du détecteur sont traitées sous forme d’images via un réseau neuronal convolutif. Une étude de l’importance de ses variables d’entrée montre la pertinence de toutes les variables considérées actuellement. En outre, le rejet de la classe de bruit de fond la plus importante diminue lorsqu’un modèle entrainé avec des exemples provenant des simulations est utilisé pour rejeter des examples obtenus à partir de données expérimentales. Nous montrons que ce pouvoir de rejet est récupéré si ces exemples de données sont incorporés dans la formation. Enfin, nous présentons une nouvelle stratégie de recherche de résonances dans des histogrammes de masse invariante. Elle utilise un réseau neuronal pour prédire de la signification statistique locale des résonances à partir des entrées dans l’histogramme. La mise en œuvre de cette méthode à l’aide de données de simulation réalistes donne de bons résultats, avec la prédiction de l’importance maximale au sein d’un histogramme ne présentant aucun biais et peu de variance. Les travaux visant à mettre en œuvre cette méthode dans le cadre de l’expérience ATLAS sont également présentés, y compris la production d’histogrammes de masse invariants à l’aide de données de simulation ATLAS. / The study of high-energy collisions by the ATLAS experiment at the Large Hadron Collider (LHC) is essential to test the validity of the Standard Model of particle physics (SM), the current theoretical framework that describes the fundamental particles and how they interact, as well as to constrain its possible extensions. In light of its third data-taking period and the next generation of accelerators, the ATLAS experiment faces challenges associated with the high-dimensionality of the recorded signals and the large amount of data still left unexplored. In this context, the use of deep learning techniques has great potential to enhance the performance of the classification of the physics objects that originate from these signals, as well as to provide new tools to perform fast statistical inference from the data. This thesis presents applications of these deep learning techniques to improve the electron identification algorithm performance, as well as a new strategy to search for resonances in invariant mass distributions with the ATLAS experiment. Firstly, new measurements of the efficiency of the current electron identification algorithm are presented, using data recorded at the beginning of Run 3, as well as the reprocessing of the Run 2 data with the new version of the ATLAS software. A small reduction on the discrepancies between the values obtained from MC simulated events and the data is observed, a consequence of the improvements made to the ATLAS software at the start of Run 3. Next, the development of a new electron identification algorithm is presented, where low-level detector information is processed in the form of images via a convolutional neural network. A study of the importance of its input features shows the relevance of all the current inputs considered. Furthermore, the rejection of the larger background class is decreased when a model trained with examples from simulated events is used to reject those obtained from experimental data. We show this rejection power is recovered if these data examples are incorporated into the training. Lastly, a novel strategy to search for resonances in invariant mass histograms is presented. It uses a neural network to predict the local statistical significance of resonances from its bin entries. The implementation of this method using realistic simulation data shows good results, with the prediction of the maximum significance within a histogram having no bias and a small variance. Work towards an implementation of this method within the ATLAS experiment is also presented, including the production of invariant mass histograms using ATLAS simulation data. Particle physics LHC ATLAS Deep learning Neural networks Electron identification Anomaly detection Physique des particules Apprentissage profond Réseaux neuronaux Identification des électrons Détection des anomalies
474	Millimetre-wave FMCW radar for remote sensing and security applications Cassidy, Scott L. January 2015 (has links) This thesis presents a body of work on the theme of millimetre-wave FMCW radar, for the purposes of security screening and remote sensing. First, the development of an optimised software radar signal processor will be outlined. Through use of threading and GPU acceleration, high data processing rates were achieved using standard PC hardware. The flexibility of this approach, compared to specialised hardware (e.g. DSP, FPGA etc…), allowed the processor to be rapidly adapted and has produced a significant performance increase in a number of advanced real-time radar systems. An efficient tracker was developed and was successfully deployed in live trials for the purpose of real-time wave detection in an autonomous boat control system. Automated radar operation and remote data telemetry functions were implemented in a terrain mapping radar to allow continuous monitoring of the Soufrière Hills volcano on the Caribbean island of Montserrat. This work concluded with the installation of the system 3 km from the volcano. Hardware modifications were made to enable coherent measurement in a number of existing radar systems, allowing phase sensitive measurements, including range-Doppler, to be performed. Sensitivity to displacements of less than 200 nm was demonstrated, which is limited by the phase noise of the system. Efficient compensation techniques are presented which correct for quadrature mixer imbalance, FMCW chirp non-linearity, and scanner drive distortions. In collaboration with the Home Office, two radar systems were evaluated for the stand-off detection of concealed objects. Automatic detection capability, based on polarimetric signatures, was developed using data gathered under controlled conditions. Algorithm performance was assessed through blind testing across a statistically significant number of subjects. A detailed analysis is presented, which evaluates the effect of clothing and object type on detection efficiency. 621.384
475	Trustworthiness, diversity and inference in recommendation systems Chen, Cheng 28 September 2016 (has links) Recommendation systems are information filtering systems that help users effectively and efficiently explore large amount of information and identify items of interest. Accurate predictions of users' interests improve user satisfaction and are beneficial to business or service providers. Researchers have been making tremendous efforts to improve the accuracy of recommendations. Emerging trends of technologies and application scenarios, however, lead to challenges other than accuracy for recommendation systems. Three new challenges include: (1) opinion spam results in untrustworthy content and makes recommendations deceptive; (2) users prefer diversified content; (3) in some applications user behavior data may not be available to infer users' preference. This thesis tackles the above challenges. We identify features of untrustworthy commercial campaigns on a question and answer website, and adopt machine learning-based techniques to implement an adaptive detection system which automatically detects commercial campaigns. We incorporate diversity requirements into a classic theoretical model and develop efficient algorithms with performance guarantees. We propose a novel and robust approach to infer user preference profile from recommendations using copula models. The proposed approach can offer in-depth business intelligence for physical stores that depend on Wi-Fi hotspots for mobile advertisement. / Graduate / 0984 / cchenv@uvic.ca Bipartite Graphs Matchings NP-hardness Linear Programming Submodular Systems Recommendation Systems Anomaly Detection Community Question and Answer Websites Paid Posters Adaptive Detection Systems Weighted Bipartite b-Matching Conflict Constraints Optimization Approximation Reverse Engineering of Recommendations Wi-Fi Data Mining Profile Inference Copula Modelling
476	Advancing cyber security with a semantic path merger packet classification algorithm Thames, John Lane 30 October 2012 (has links) This dissertation investigates and introduces novel algorithms, theories, and supporting frameworks to significantly improve the growing problem of Internet security. A distributed firewall and active response architecture is introduced that enables any device within a cyber environment to participate in the active discovery and response of cyber attacks. A theory of semantic association systems is developed for the general problem of knowledge discovery in data. The theory of semantic association systems forms the basis of a novel semantic path merger packet classification algorithm. The theoretical aspects of the semantic path merger packet classification algorithm are investigated, and the algorithm's hardware-based implementation is evaluated along with comparative analysis versus content addressable memory. Experimental results show that the hardware implementation of the semantic path merger algorithm significantly outperforms content addressable memory in terms of energy consumption and operational timing. Computational semantics Graph theory Hardware algorithms Attack detection Distributed internet security Packet classification Intrusion detection Semantic association Semantic networks Content addressable memory SRAM-based trie pipelines Hardware-based trie pipelines Computational intelligence Neural networks Parametric optimization Genetic algorithms Self-organizing maps Ensemble intelligence Firewalls Routing Packet filters Cyber intelligence (Computer security) Algorithms Cyberterrorism Denial of service attacks Anomaly detection (Computer security)
477	Détection d'anomalies à la volée dans des signaux vibratoires / Anomaly detection in high-dimensional datastreams Bellas, Anastasios 28 January 2014 (has links) Le thème principal de cette thèse est d’étudier la détection d’anomalies dans des flux de données de grande dimension avec une application spécifique au Health Monitoring des moteurs d’avion. Dans ce travail, on considère que le problème de la détection d’anomalies est un problème d’apprentissage non supervisée. Les données modernes, notamment celles issues de la surveillance des systèmes industriels sont souvent des flux d’observations de grande dimension, puisque plusieurs mesures sont prises à de hautes fréquences et à un horizon de temps qui peut être infini. De plus, les données peuvent contenir des anomalies (pannes) du système surveillé. La plupart des algorithmes existants ne peuvent pas traiter des données qui ont ces caractéristiques. Nous introduisons d’abord un algorithme de clustering probabiliste offline dans des sous-espaces pour des données de grande dimension qui repose sur l’algorithme d’espérance-maximisation (EM) et qui est, en plus, robuste aux anomalies grâce à la technique du trimming. Ensuite, nous nous intéressons à la question du clustering probabiliste online de flux de données de grande dimension en développant l’inférence online du modèle de mélange d’analyse en composantes principales probabiliste. Pour les deux méthodes proposées, nous montrons leur efficacité sur des données simulées et réelles, issues par exemple des moteurs d’avion. Enfin, nous développons une application intégrée pour le Health Monitoring des moteurs d’avion dans le but de détecter des anomalies de façon dynamique. Le système proposé introduit des techniques originales de détection et de visualisation d’anomalies reposant sur les cartes auto-organisatrices. Des résultats de détection sont présentés et la question de l’identification des anomalies est aussi discutée. / The subject of this Thesis is to study anomaly detection in high-dimensional data streams with a specific application to aircraft engine Health Monitoring. In this work, we consider the problem of anomaly detection as an unsupervised learning problem. Modern data, especially those is-sued from industrial systems, are often streams of high-dimensional data samples, since multiple measurements can be taken at a high frequency and at a possibly infinite time horizon. More-over, data can contain anomalies (malfunctions, failures) of the system being monitored. Most existing unsupervised learning methods cannot handle data which possess these features. We first introduce an offline subspace clustering algorithm for high-dimensional data based on the expectation-maximization (EM) algorithm, which is also robust to anomalies through the use of the trimming technique. We then address the problem of online clustering of high-dimensional data streams by developing an online inference algorithm for the popular mixture of probabilistic principal component analyzers (MPPCA) model. We show the efficiency of both methods on synthetic and real datasets, including aircraft engine data with anomalies. Finally, we develop a comprehensive application for the aircraft engine Health Monitoring domain, which aims at detecting anomalies in aircraft engine data in a dynamic manner and introduces novel anomaly detection visualization techniques based on Self-Organizing Maps. Detection results are presented and anomaly identification is also discussed. Classification Détection d’anomalies Données de grande dimension Flux de données Trimming Clustering online Mélange de PPCA online Cartes auto-organisatrices Moteurs d’avion Health Monitoring. Classification, anomaly detection High-dimensional data Data streams Trimming Online clustering Online mixture of PPCA Self-Organizing Maps Aircraft engine Health Monitoring 510
478	Détection de changement en imagerie satellitaire multimodale Touati, Redha 04 1900 (has links) The purpose of this research is to study the detection of temporal changes between two (or more) multimodal images satellites, i.e., between two different imaging modalities acquired by two heterogeneous sensors, giving for the same scene two images encoded differently and depending on the nature of the sensor used for each acquisition. The two (or multiple) multimodal satellite images are acquired and coregistered at two different dates, usually before and after an event. In this study, we propose new models belonging to different categories of multimodal change detection in remote sensing imagery. As a first contribution, we present a new constraint scenario expressed on every pair of pixels existing in the before and after image change. A second contribution of our work is to propose a spatio-temporal textural gradient operator expressed with complementary norms and also a new filtering strategy of the difference map resulting from this operator. Another contribution consists in constructing an observation field from a pair of pixels and to infer a solution maximum a posteriori sense. A fourth contribution is proposed which consists to build a common feature space for the two heterogeneous images. Our fifth contribution lies in the modeling of patterns of change by anomalies and on the analysis of reconstruction errors which we propose to learn a non-supervised model from a training base consisting only of patterns of no-change in order that the built model reconstruct the normal patterns (non-changes) with a small reconstruction error. In the sixth contribution, we propose a pairwise learning architecture based on a pseudosiamese CNN network that takes as input a pair of data instead of a single data and constitutes two partly uncoupled CNN parallel network streams (descriptors) followed by a decision network that includes fusion layers and a loss layer in the sense of the entropy criterion. The proposed models are enough flexible to be used effectively in the monomodal change detection case. / Cette recherche a pour objet l’étude de la détection de changements temporels entre deux (ou plusieurs) images satellitaires multimodales, i.e., avec deux modalités d’imagerie différentes acquises par deux capteurs hétérogènes donnant pour la même scène deux images encodées différemment suivant la nature du capteur utilisé pour chacune des prises de vues. Les deux (ou multiples) images satellitaires multimodales sont prises et co-enregistrées à deux dates différentes, avant et après un événement. Dans le cadre de cette étude, nous proposons des nouveaux modèles de détection de changement en imagerie satellitaire multimodale semi ou non supervisés. Comme première contribution, nous présentons un nouveau scénario de contraintes exprimé sur chaque paire de pixels existant dans l’image avant et après changement. Une deuxième contribution de notre travail consiste à proposer un opérateur de gradient textural spatio-temporel exprimé avec des normes complémentaires ainsi qu’une nouvelle stratégie de dé-bruitage de la carte de différence issue de cet opérateur. Une autre contribution consiste à construire un champ d’observation à partir d’une modélisation par paires de pixels et proposer une solution au sens du maximum a posteriori. Une quatrième contribution est proposée et consiste à construire un espace commun de caractéristiques pour les deux images hétérogènes. Notre cinquième contribution réside dans la modélisation des zones de changement comme étant des anomalies et sur l’analyse des erreurs de reconstruction dont nous proposons d’apprendre un modèle non-supervisé à partir d’une base d’apprentissage constituée seulement de zones de non-changement aﬁn que le modèle reconstruit les motifs de non-changement avec une faible erreur. Dans la dernière contribution, nous proposons une architecture d’apprentissage par paires de pixels basée sur un réseau CNN pseudo-siamois qui prend en entrée une paire de données au lieu d’une seule donnée et est constituée de deux flux de réseau (descripteur) CNN parallèles et partiellement non-couplés suivis d’un réseau de décision qui comprend de couche de fusion et une couche de classification au sens du critère d’entropie. Les modèles proposés s’avèrent assez flexibles pour être utilisés efficacement dans le cas des données-images mono-modales. Fastmap Auto-encodeur Deep learning Détection de changement Détection d’anomalies Optique Radar Paires de pixels Sparse Réseau de neurones convolutionnel Multimodal satellite images Heterogeneous images Optical Autoencoder Change detection Pairwise pixels Convolutional neural networks Invariant operator Anomaly detection
479	An Intelligent UAV Platform For Multi-Agent Systems Taashi Kapoor (12437445) 21 April 2022 (has links) <p> This thesis presents work and simulations containing the use of Artificial Intelligence for real-time perception and real-time anomaly detection using the computer and sensors onboard an Unmanned Aerial Vehicle. One goal of this research is to develop a highly accurate, high-performance computer vision system that can then be used as a framework for object detection, obstacle avoidance, motion estimation, 3D reconstruction, and vision-based GPS denied path planning. The method developed and presented in this paper integrates software and hardware techniques to reach optimal performance for real-time operations. </p> <p>This thesis also presents a solution to real-time anomaly detection using neural networks to further the safety and reliability of operations for the UAV. Real-time telemetry data from different sensors are used to predict failures before they occur. Both these systems together form the framework behind the Intelligent UAV platform, which can be rapidly adopted for different varieties of use cases because of its modular nature and on-board suite of sensors. </p> Aerospace Engineering Autonomous Vehicles Computer Vision Intelligent UAV Computer Vision Object Detection Anomaly Detection Pixhawk Raspberry Pi Neural Networks Machine Learning Intel RealSense Edge AI UAV AI YOLOv5 MobileNetSSD-v2 LSTM Autoencoder
480	Détection et classification de cibles multispectrales dans l'infrarouge / Detection and classiﬁcation of multispectral infrared targets Maire, Florian 14 February 2014 (has links) Les dispositifs de protection de sites sensibles doivent permettre de détecter des menaces potentielles suffisamment à l’avance pour pouvoir mettre en place une stratégie de défense. Dans cette optique, les méthodes de détection et de reconnaissance d’aéronefs se basant sur des images infrarouge multispectrales doivent être adaptées à des images faiblement résolues et être robustes à la variabilité spectrale et spatiale des cibles. Nous mettons au point dans cette thèse, des méthodes statistiques de détection et de reconnaissance d’aéronefs satisfaisant ces contraintes. Tout d’abord, nous spéciﬁons une méthode de détection d’anomalies pour des images multispectrales, combinant un calcul de vraisemblance spectrale avec une étude sur les ensembles de niveaux de la transformée de Mahalanobis de l’image. Cette méthode ne nécessite aucune information a priori sur les aéronefs et nous permet d’identiﬁer les images contenant des cibles. Ces images sont ensuite considérées comme des réalisations d’un modèle statistique d’observations ﬂuctuant spectralement et spatialement autour de formes caractéristiques inconnues. L’estimation des paramètres de ce modèle est réalisée par une nouvelle méthodologie d’apprentissage séquentiel non supervisé pour des modèles à données manquantes que nous avons développée. La mise au point de ce modèle nous permet in ﬁne de proposer une méthode de reconnaissance de cibles basée sur l’estimateur du maximum de vraisemblance a posteriori. Les résultats encourageants, tant en détection qu’en classiﬁcation, justiﬁent l’intérêt du développement de dispositifs permettant l’acquisition d’images multispectrales. Ces méthodes nous ont également permis d’identiﬁer les regroupements de bandes spectrales optimales pour la détection et la reconnaissance d’aéronefs faiblement résolus en infrarouge / Surveillance systems should be able to detect potential threats far ahead in order to put forward a defence strategy. In this context, detection and recognition methods making use of multispectral infrared images should cope with low resolution signals and handle both spectral and spatial variability of the targets. We introduce in this PhD thesis a novel statistical methodology to perform aircraft detection and classiﬁcation which take into account these constraints. We ﬁrst propose an anomaly detection method designed for multispectral images, which combines a spectral likelihood measure and a level set study of the image Mahalanobis transform. This technique allows to identify images which feature an anomaly without any prior knowledge on the target. In a second time, these images are used as realizations of a statistical model in which the observations are described as random spectral and spatial deformation of prototype shapes. The model inference, and in particular the prototype shape estimation, is achieved through a novel unsupervised sequential learning algorithm designed for missing data models. This model allows to propose a classiﬁcation algorithm based on maximum a posteriori probability Promising results in detection as well as in classiﬁcation, justify the growing interest surrounding the development of multispectral imaging devices. These methods have also allowed us to identify the optimal infrared spectral band regroupments regarding the low resolution aircraft IRS detection and classiﬁcation Reconnaissance de forme Modèles à prototype déformable Apprentissage séquentiel Algorithmes expectation-maximization Détection d'anomalies Signature infrarouge Imagerie multispectrale Shape recognition Deformable template models Sequential inference Markov chain Monte Carlo methods Expectation-maximization algorithm Anomaly detection Infrared signature Multispectral imagery

Search results