Fernando Almaguer-Angeles

Bio: Fernando Almaguer-Angeles is an academic researcher from University College Dublin. The author has contributed to research in topics: Statistical classification & Anomaly detection. The author has an hindex of 1, co-authored 1 publications receiving 5 citations.

Choosing Machine Learning Algorithms for Anomaly Detection in Smart Building IoT Scenarios

Abstract: Internet of Things (IoT) systems produce large amounts of raw data in the form of log files. This raw data must then be processed to extract useful information. Machine Learning (ML) has proved to be an efficient technique for such tasks, but there are many different ML algorithms available, each suited to different types of scenarios. In this work, we compare the performance of 22 state-of-the-art supervised ML classification algorithms on different IoT datasets, when applied to the problem of anomaly detection. Our results show that there is no dominant solution, and that for each scenario, several candidate techniques perform similarly. Based on our results and a characterization of our datasets, we propose a recommendation framework which guides practitioners towards the subset of the 22 ML algorithms which is likely to perform best on their data.

Anomaly Detection in Univariate Time-series: A Survey on the State-of-the-Art

Abstract: Anomaly detection for time-series data has been an important research field for a long time. Seminal work on anomaly detection methods has been focussing on statistical approaches. In recent years an increasing number of machine learning algorithms have been developed to detect anomalies on time-series. Subsequently, researchers tried to improve these techniques using (deep) neural networks. In the light of the increasing number of anomaly detection methods, the body of research lacks a broad comparative evaluation of statistical, machine learning and deep learning methods. This paper studies 20 univariate anomaly detection methods from the all three categories. The evaluation is conducted on publicly available datasets, which serve as benchmarks for time-series anomaly detection. By analyzing the accuracy of each method as well as the computation time of the algorithms, we provide a thorough insight about the performance of these anomaly detection approaches, alongside some general notion of which method is suited for a certain type of data.

Performance Analysis and Comparison of Machine and Deep Learning Algorithms for IoT Data Classification.

Abstract: In recent years, the growth of Internet of Things (IoT) as an emerging technology has been unbelievable. The number of networkenabled devices in IoT domains is increasing dramatically, leading to the massive production of electronic data. These data contain valuable information which can be used in various areas, such as science, industry, business and even social life. To extract and analyze this information and make IoT systems smart, the only choice is entering artificial intelligence (AI) world and leveraging the power of machine learning and deep learning techniques. This paper evaluates the performance of 11 popular machine and deep learning algorithms for classification task using six IoT-related datasets. These algorithms are compared according to several performance evaluation metrics including precision, recall, f1-score, accuracy, execution time, ROC-AUC score and confusion matrix. A specific experiment is also conducted to assess the convergence speed of developed models. The comprehensive experiments indicated that, considering all performance metrics, Random Forests performed better than other machine learning models, while among deep learning models, ANN and CNN achieved more interesting results.

An Adaptive Deep-Ensemble Anomaly-Based Intrusion Detection System for the Internet of Things

Abstract: Nowadays, IoT technology has become an essential part of many aspects of life and business. Nevertheless, such widespread application has come at the cost of many security concerns that threaten data privacy and diminish IoT utilization momentum in critical applications such as the smart grid and intelligent transportation systems. To address this challenge, several approaches have been proposed to detect and prevent IoT cyberthreats from materializing. Anomaly detection is one of these approaches that defines the boundaries of legitimate (normal) behavior. Any behavior that falls outside these boundaries is considered anomalous. However, these solutions should have the capability to adapt and adjust to environmental changes that prompt IoT nodal behavioral aberrations, except they only assume that these nodes show the same behavior. This assumption does not hold due to the heterogeneity of IoT nodes and the dynamic nature of an IoT network topology. Furthermore, existing adaptive solutions rely on static (pre-defined) thresholds to control the moment for retraining updates. The cost is heavy for highly dynamic environments like IoT as it leads to an unnecessary higher frequency of retraining. Consequently, the model becomes unstable and adversely affects its accuracy and robustness. This paper addresses these problems by offering an improved Adaptive Anomaly Detection (AAD) methodology that resolves the heterogeneity issues by building local profiles that define normal behavior at each IoT node. The One Class Support Vector Machines (OC-SVM) was used to build these profiles. Then, K-Means clustering was used to build a global profile that represents all network nodes. A Local-Global Ratio-Based (LGR) Anomaly Detection scheme is advanced and was enlisted to control the adaptation process by adjusting the threshold of adaptive functionality dynamically based on the “current” situation to prevent unnecessary retraining. An Ensemble of Deep Belief Networks (EDBN) is developed and used to train the anomaly detection model. Additionally, this study's proposes a new Minimized Redundancy Discriminative Feature Selection (MRD-FS) technique to resolve the issue of redundant features. The MRD-FS experimental evaluation shows detection accuracy higher than those of the related solutions including lower false alarm rates. This validates the efficacy of the proposed model for various IoT applications such as smart grids, smart homes, smart cities and intelligent transportation systems.

Towards an Efficient Log Data Protection in Software Systems through Data Minimization and Anonymization

Abstract: IT infrastructures of companies generate large amounts of log data every day. These logs are typically analyzed by software engineers to gain insights about activities occurring within a company (e.g., to debug issues exhibited by the production systems). To facilitate this process, log data management is often outsourced to cloud providers. However, logs may contain information that is sensitive by nature and considered personal identifiable under most of the new privacy protection laws, such as the European General Data Protection Regulation (GDPR). To ensure that companies do not violate regulatory compliance, they must adopt, in their software systems, appropriate data protection measures. Such privacy protection laws also promote the use of anonymization techniques as possible mechanisms to operationalize data protection. However, companies struggle to put anonymization in practice due to the lack of integrated, intuitive, and easy-to-use tools that accommodate effectively with their log management systems. In this paper, we propose an automatic approach (SafeLog) to filter out information and anonymize log streams to safeguard the confidentiality of sensitive data and prevent its exposure and misuse from third parties. Our results show that atomic anonymization operations can be effectively applied to log streams to preserve the confidentiality of information, while still allowing to conduct different types of analysis tasks such as users behavior, and anomaly detection. Our approach also reduces the amount of data sent to cloud vendors, hence decreasing the financial costs and the risk of overexposing information.

Investigation of RBFN Application for Anomaly-Based Intrusion Detection on IoT Networks

Abstract: The wide selection of current Internet of Things (IoT) worldview has prompted the innovation of savvy urban areas. That incorporates an unprecedented number of objects of every kind from smart microwaves to self-driving vehicles to wearable wellness devices. Sensitive information produced by these devices represents a critical test for manufacturers who are looking to completely shield their devices from various cyber-attacks. The IoT systems are developing exponentially and presenting new cybersecurity demonstrations since these IoT devices are related to sensors and these sensors are straightforwardly connected with large data servers. This research introduces an intelligent system to detect anomalies in IoT datasets to guard the security penetrations, created with Neural Network Technique, i.e., Radial Basis Function Network. This canny technique examines the anomalies and attacks in the IoT enabled systems. The proposed method attained a 99.3% test accuracy with 0.2% of the false-positive rate.