Sensor selection for tracking multiple groups of targets
- Armaghani, Farzaneh, Gondal, Iqbal, Kamruzzaman, Joarder, Green, David
- Authors: Armaghani, Farzaneh , Gondal, Iqbal , Kamruzzaman, Joarder , Green, David
- Date: 2014
- Type: Text , Journal article
- Relation: Journal of Network and Computer Applications Vol. 46, no. (2014), p. 36-47
- Full Text: false
- Reviewed:
- Description: Group target tracking is a challenge for sensor networks. It occurs where large numbers of closely spaced targets move together in different groups. In these applications, the sensor selection scheme plays a vital role in extending network lifetime while providing high tracking accuracy. Existing schemes cause an extreme imbalance between energy usages and tracking accuracy. They are capable of tracking only individual groups and without using prior knowledge about the groups. These problems make them impractical for group target tracking. With the aim of balancing the trade-off between lifetime and accuracy, we present a novel Multi-Sensor Group Tracking (MSGT) scheme. MSGT comprises the following steps to accomplish concurrent tracking of multiple groups: (1) Clustering to capture changes in the behavioural properties of groups, such as formation, merging, and splitting; (2) Sensor selection to activate the contributory sensors for the estimated group regions; and (3) Group tracking using the activated sensors. We develop a probabilistic decision-making strategy that triggers the clustering step adaptively with any detected change in group behavioural patterns. The sensor selection step coordinates periodic selection of leader and tracking sensor nodes in a distributed manner. We introduce cost metrics that include sensor′s energy parameters in the selection of active sensors that fully cover the group regions. The tracking step is a Bayesian modelling of the target groups which uses particle filtering algorithm to estimate the group locations. Simulation results show that our scheme achieves substantial improvements over existing approaches in terms of network lifetime and tracking accuracy.
- Gibbs, Lisa, De Silva, Andrea, Christian, Bradley, Gold, Lisa, Gussy, Mark, Moore, Laurence, Calache, Hanny, Young, Dana, Riggs, Elisha, Tadic, Maryanne, Watt, Richard, Gondal, Iqbal, Waters, Elizabeth
- Authors: Gibbs, Lisa , De Silva, Andrea , Christian, Bradley , Gold, Lisa , Gussy, Mark , Moore, Laurence , Calache, Hanny , Young, Dana , Riggs, Elisha , Tadic, Maryanne , Watt, Richard , Gondal, Iqbal , Waters, Elizabeth
- Date: 2016
- Type: Text , Journal article
- Relation: Community Dental Health Vol. 33, no. 2 (2016), p. 100-106
- Full Text: false
- Reviewed:
- Description: Early Childhood Caries (ECC) is the most common, preventable disease of childhood. It can affect children’s health and wellbeing and children from migrant families may be at greater risk of developing ECC. Objective: To describe ECC in children from migrant families, and explore possible influences. Basic research design: Cross-sectional analysis of caries data collected as baseline data for an oral health promotion study. Participants: The analysis sample included 630 1-4 year-old children clustered within 481 Iraqi, Lebanese and Pakistani families in Melbourne, Australia. Method: Child participants received a community-based visual dental examination. Parents completed a self-administered questionnaire on demographics, ethnicity, and oral health knowledge, behaviour and attitudes. Main outcome measure: Child caries experience. Bivariate associations between oral health behaviours and ethnicity were tested for significance using chi-square. Multivariate logistic regression analyses were performed to identify associations with ECC, adjusting for demographic variables and accounting for clustering by family. Results: Overall, 34% of children in the sample experienced caries (both non-cavitated and cavitated). For all caries lesions, parent’ length of residence in Australia, consumption of sweet drinks and parental education remained as independent predictors of child caries experience. Adding sugar to drinks was an additional risk factor for cavitation. Ethnicity was associated with some individual oral health behaviours suggesting cultural influences on health, however the relationship was not independent of other predictors. Conclusion: Culturally competent oral health promotion interventions should aim to support migrant families with young children, and focus on reducing sweet drink consumption. © BASCD 2016.
Dependable large scale behavioral patterns mining from sensor data using Hadoop platform
- Rashid, Md. Mamunur, Gondal, Iqbal, Kamruzzaman, Joarder
- Authors: Rashid, Md. Mamunur , Gondal, Iqbal , Kamruzzaman, Joarder
- Date: 2017
- Type: Text , Journal article
- Relation: Information Sciences Vol. 379, no. (2017), p. 128-145
- Full Text: false
- Reviewed:
- Description: Wireless sensor networks (WSNs) will be an integral part of the future Internet of Things (loT) environment and generate large volumes of data. However, these data would only be of benefit if useful knowledge can be mined from them. A data mining framework for WSNs includes data extraction, storage and mining techniques, and must be efficient and dependable. In this paper, we propose a new type of behavioral pattern mining technique from sensor data called regularly frequent sensor patterns (RFSPs). RFSPs can identify a set of temporally correlated sensors which can reveal significant knowledge from the monitored data. A distributed data extraction model to prepare the data required for mining RFSPs is proposed, as the distributed scheme ensures higher availability through greater redundancy. The tree structure for RFSP is compact requires less memory and can be constructed using only a single scan through the dataset, and the mining technique is efficient with low runtime. Current mining techniques in the literature on sensor data employ a single memory-based sequential approach and hence are not efficient. Moreover, usage of the. MapReduce model for the distributed solution has not been explored extensively. Since MapReduce is becoming the de facto model for computation on large data, we also propose a parallel implementation of the RFSP mining algorithm, called RFSP on Hadoop (RFSP-H), which uses a MapReduce-based framework to gain further efficiency. Experiments conducted to evaluate the compactness and performance of the data extraction model, RFSP-tree and RFSP-H mining show improved results. (C) 2016 Elsevier Inc. All rights reserved.
The role of love stories in Romance Scams : A qualitative analysis of fraudulent profiles
- Kopp, Christian, Layton, Robert, Sillitoe, Jim, Gondal, Iqbal
- Authors: Kopp, Christian , Layton, Robert , Sillitoe, Jim , Gondal, Iqbal
- Date: 2016
- Type: Text , Journal article
- Relation: International Journal of Cyber Criminology Vol. 9, no. 2 (2016), p. 205-216
- Full Text:
- Reviewed:
- Description: The Online Romance Scam is a very successful scam which causes considerable financial and emotional damage to its victims. In this paper, we provide a perspective that might be helpful to explain the success of this scam. In a similar way to the "The Nigerian letter", we propose that the scam techniques appeal to strong emotions, which are clearly involved in Romantic relationships. We also assume that the same success factors found in normal relationships contribute to the success of the romance scam. In an exploratory study using a qualitative analysis of fraudulent profiles from an international dating website, we examined this assumption. The findings show that personal affinities related to personal romantic imaginations, which are described by personal love stories, play an important role in the success of a romance scam. © 2016 International Journal of Cyber Criminology (IJCC).
- Authors: Kopp, Christian , Layton, Robert , Sillitoe, Jim , Gondal, Iqbal
- Date: 2016
- Type: Text , Journal article
- Relation: International Journal of Cyber Criminology Vol. 9, no. 2 (2016), p. 205-216
- Full Text:
- Reviewed:
- Description: The Online Romance Scam is a very successful scam which causes considerable financial and emotional damage to its victims. In this paper, we provide a perspective that might be helpful to explain the success of this scam. In a similar way to the "The Nigerian letter", we propose that the scam techniques appeal to strong emotions, which are clearly involved in Romantic relationships. We also assume that the same success factors found in normal relationships contribute to the success of the romance scam. In an exploratory study using a qualitative analysis of fraudulent profiles from an international dating website, we examined this assumption. The findings show that personal affinities related to personal romantic imaginations, which are described by personal love stories, play an important role in the success of a romance scam. © 2016 International Journal of Cyber Criminology (IJCC).
Dynamic resource allocation for improved QoS in WiMAX/WiFi integration
- Rabbani, Md, Kamruzzaman, Joarder, Gondal, Iqbal, Ahmad, Iftekhar, Hassan, Md Rafiul
- Authors: Rabbani, Md , Kamruzzaman, Joarder , Gondal, Iqbal , Ahmad, Iftekhar , Hassan, Md Rafiul
- Date: 2011
- Type: Text , Journal article
- Relation: Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing 2011 (Studies in Computational Intelligence series) Vol. 368, no. 2011 (2011), p. 141-156
- Full Text: false
- Reviewed:
- Description: Wireless access technology has come a long way in its relatively short but remarkable lifetime, which has so far been led by WiFi technology. WiFi enjoys a high penetration in the market.Most of the electronic gadgets such as laptop, notepad, mobile set, etc., boast the provision ofWiFi. Currently most WiFi hotspots are connected to the Internet via wired connections (e.g., Ethernet), and the deployment cost of wired connection is high. On the other hand, since WiMAX can provide a high coverage area and transmission bandwidth, it is very suitable for the backbone networks of WiFi. WiMAX can also provide the better QoS needed for many 4G applications. WiMAX devices, however, are not as common as WiFi devices and it is also expensive to deploy aWiMAX-only infrastructure. An integrated WiMAX/WiFi architecture (using WiMAX as backhaul connection for WiFi) can support 4G applications with QoS assurance and mobility, and provide high-speed broadband services in rural, regional and urban areas while reducing the backhaul cost. WiMAX and WiFi have different MAC mechanisms to handle QoS. WiMAX MAC architecture is connection-oriented providing the platform for strong QoS control. In contrast,WiFi MAC is not connection-oriented, hence can provide only best effort services. Delivering improved QoS in an integrated WiMAX/WiFi architecture poses a serious technological challenge. The paper depicts a converged architecture of WiMAX and WiFi, and then proposes an adaptive resource distribution model for the access points. The resource distribution model ultimately allocates more time slots to those connections that need more instantaneous resources to meet QoS requirements. A dynamic splitting technique is also presented that divides the total transmission period into downlink and uplink transmission by taking the minimum data rate requirements of the connections into account. This ultimately improves the utilization of the available resources, and the QoS of the connections. Simulation results show that the proposed schemes significantly outperform the other existing resource sharing schemes, in terms of maintaining QoS of different traffic classes in an integratedWiMAX/WiFi architecture
Teeth Tales : A community-based child oral health promotion trial with migrant families in Australia
- Gibbs, Lisa, Waters, Elizabeth, Christian, Bradley, Gold, Lisa, Young, Dana, De Silva, Andrea, Calache, Hanny, Gussy, Mark, Watt, Richard, Riggs, Elisha, Tadic, Maryanne, Hall, Martin, Gondal, Iqbal, Pradel, Veronika, Moore, Laurence
- Authors: Gibbs, Lisa , Waters, Elizabeth , Christian, Bradley , Gold, Lisa , Young, Dana , De Silva, Andrea , Calache, Hanny , Gussy, Mark , Watt, Richard , Riggs, Elisha , Tadic, Maryanne , Hall, Martin , Gondal, Iqbal , Pradel, Veronika , Moore, Laurence
- Date: 2015
- Type: Text , Journal article
- Relation: BMJ Open Vol. 5, no. 6 (2015), p. 1-13
- Relation: http://purl.org/au-research/grants/arc/LP100100223
- Full Text:
- Reviewed:
- Description: Objectives: The Teeth Tales trial aimed to establish a model for child oral health promotion for culturally diverse communities in Australia. Design: An exploratory trial implementing a communitybased child oral health promotion intervention for Australian families from migrant backgrounds. Mixed method, longitudinal evaluation. Setting: The intervention was based in Moreland, a culturally diverse locality in Melbourne, Australia. Participants: Families with 1-4-year-old children, self-identified as being from Iraqi, Lebanese or Pakistani backgrounds residing in Melbourne. Participants residing close to the intervention site were allocated to intervention. Intervention: The intervention was conducted over 5 months and comprised community oral health education sessions led by peer educators and follow-up health messages. Outcome measures: This paper reports on the intervention impacts, process evaluation and descriptive analysis of health, knowledge and behavioural changes 18 months after baseline data collection. Results: Significant differences in the Debris Index (OR=0.44 (0.22 to 0.88)) and the Modified Gingival Index (OR=0.34 (0.19 to 0.61)) indicated increased tooth brushing and/or improved toothbrushing technique in the intervention group. An increased proportion of intervention parents, compared to those in the comparison group reported that they had been shown how to brush their child's teeth (OR=2.65 (1.49 to 4.69)). Process evaluation results highlighted the problems with recruitment and retention of the study sample (275 complete case families). The child dental screening encouraged involvement in the study, as did linking attendance with other community/cultural activities. Conclusions: The Teeth Tales intervention was promising in terms of improving oral hygiene and parent knowledge of tooth brushing technique. Adaptations to delivery of the intervention are required to increase uptake and likely impact. A future cluster randomised controlled trial would provide strongest evidence of effectiveness if appropriate to the community, cultural and economic context.
Teeth Tales : A community-based child oral health promotion trial with migrant families in Australia
- Authors: Gibbs, Lisa , Waters, Elizabeth , Christian, Bradley , Gold, Lisa , Young, Dana , De Silva, Andrea , Calache, Hanny , Gussy, Mark , Watt, Richard , Riggs, Elisha , Tadic, Maryanne , Hall, Martin , Gondal, Iqbal , Pradel, Veronika , Moore, Laurence
- Date: 2015
- Type: Text , Journal article
- Relation: BMJ Open Vol. 5, no. 6 (2015), p. 1-13
- Relation: http://purl.org/au-research/grants/arc/LP100100223
- Full Text:
- Reviewed:
- Description: Objectives: The Teeth Tales trial aimed to establish a model for child oral health promotion for culturally diverse communities in Australia. Design: An exploratory trial implementing a communitybased child oral health promotion intervention for Australian families from migrant backgrounds. Mixed method, longitudinal evaluation. Setting: The intervention was based in Moreland, a culturally diverse locality in Melbourne, Australia. Participants: Families with 1-4-year-old children, self-identified as being from Iraqi, Lebanese or Pakistani backgrounds residing in Melbourne. Participants residing close to the intervention site were allocated to intervention. Intervention: The intervention was conducted over 5 months and comprised community oral health education sessions led by peer educators and follow-up health messages. Outcome measures: This paper reports on the intervention impacts, process evaluation and descriptive analysis of health, knowledge and behavioural changes 18 months after baseline data collection. Results: Significant differences in the Debris Index (OR=0.44 (0.22 to 0.88)) and the Modified Gingival Index (OR=0.34 (0.19 to 0.61)) indicated increased tooth brushing and/or improved toothbrushing technique in the intervention group. An increased proportion of intervention parents, compared to those in the comparison group reported that they had been shown how to brush their child's teeth (OR=2.65 (1.49 to 4.69)). Process evaluation results highlighted the problems with recruitment and retention of the study sample (275 complete case families). The child dental screening encouraged involvement in the study, as did linking attendance with other community/cultural activities. Conclusions: The Teeth Tales intervention was promising in terms of improving oral hygiene and parent knowledge of tooth brushing technique. Adaptations to delivery of the intervention are required to increase uptake and likely impact. A future cluster randomised controlled trial would provide strongest evidence of effectiveness if appropriate to the community, cultural and economic context.
Function similarity using family context
- Black, Paul, Gondal, Iqbal, Vamplew, Peter, Lakhotia, Arun
- Authors: Black, Paul , Gondal, Iqbal , Vamplew, Peter , Lakhotia, Arun
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics Vol. 9, no. 7 (Jul 2020), p. 20
- Full Text:
- Reviewed:
- Description: Finding changed and similar functions between a pair of binaries is an important problem in malware attribution and for the identification of new malware capabilities. This paper presents a new technique called Function Similarity using Family Context (FSFC) for this problem. FSFC trains a Support Vector Machine (SVM) model using pairs of similar functions from two program variants. This method improves upon previous research called Cross Version Contextual Function Similarity (CVCFS) e epresenting a function using features extracted not just from the function itself, but also, from other functions with which it has a caller and callee relationship. We present the results of an initial experiment that shows that the use of additional features from the context of a function significantly decreases the false positive rate, obviating the need for a separate pass for cleaning false positives. The more surprising and unexpected finding is that the SVM model produced by FSFC can abstract function similarity features from one pair of program variants to find similar functions in an unrelated pair of program variants. If validated by a larger study, this new property leads to the possibility of creating generic similar function classifiers that can be packaged and distributed in reverse engineering tools such as IDA Pro and Ghidra.
- Description: This research was performed in the Internet Commerce Security Lab (ICSL), which is a joint venture with research partners Westpac, IBM, and Federation University Australia.
- Authors: Black, Paul , Gondal, Iqbal , Vamplew, Peter , Lakhotia, Arun
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics Vol. 9, no. 7 (Jul 2020), p. 20
- Full Text:
- Reviewed:
- Description: Finding changed and similar functions between a pair of binaries is an important problem in malware attribution and for the identification of new malware capabilities. This paper presents a new technique called Function Similarity using Family Context (FSFC) for this problem. FSFC trains a Support Vector Machine (SVM) model using pairs of similar functions from two program variants. This method improves upon previous research called Cross Version Contextual Function Similarity (CVCFS) e epresenting a function using features extracted not just from the function itself, but also, from other functions with which it has a caller and callee relationship. We present the results of an initial experiment that shows that the use of additional features from the context of a function significantly decreases the false positive rate, obviating the need for a separate pass for cleaning false positives. The more surprising and unexpected finding is that the SVM model produced by FSFC can abstract function similarity features from one pair of program variants to find similar functions in an unrelated pair of program variants. If validated by a larger study, this new property leads to the possibility of creating generic similar function classifiers that can be packaged and distributed in reverse engineering tools such as IDA Pro and Ghidra.
- Description: This research was performed in the Internet Commerce Security Lab (ICSL), which is a joint venture with research partners Westpac, IBM, and Federation University Australia.
Robust malware defense in industrial IoT applications using machine learning with selective adversarial samples
- Khoda, Mahbub, Imam, Tasadduq, Kamruzzaman, Joarder, Gondal, Iqbal, Rahman, Ashfaqur
- Authors: Khoda, Mahbub , Imam, Tasadduq , Kamruzzaman, Joarder , Gondal, Iqbal , Rahman, Ashfaqur
- Date: 2019
- Type: Text , Journal article
- Relation: IEEE Transactions on Industry Applications Vol.56, no 4. (2020), p. 4415-4424
- Full Text:
- Reviewed:
- Description: Industrial Internet of Things (IIoT) deploys edge devices to act as intermediaries between sensors and actuators and application servers or cloud services. Machine learning models have been widely used to thwart malware attacks in such edge devices. However, these models are vulnerable to adversarial attacks where attackers craft adversarial samples by introducing small perturbations to malware samples to fool a classifier to misclassify them as benign applications. Literature on deep learning networks proposes adversarial retraining as a defense mechanism where adversarial samples are combined with legitimate samples to retrain the classifier. However, existing works select such adversarial samples in a random fashion which degrades the classifier's performance. This work proposes two novel approaches for selecting adversarial samples to retrain a classifier. One, based on the distance from malware cluster center, and the other, based on a probability measure derived from a kernel based learning (KBL). Our experiments show that both of our sample selection methods outperform the random selection method and the KBL selection method improves detection accuracy by 6%. Also, while existing works focus on deep neural networks with respect to adversarial retraining, we additionally assess the impact of such adversarial samples on other classifiers and our proposed selective adversarial retraining approaches show similar performance improvement for these classifiers as well. The outcomes from the study can assist in designing robust security systems for IIoT applications.
- Authors: Khoda, Mahbub , Imam, Tasadduq , Kamruzzaman, Joarder , Gondal, Iqbal , Rahman, Ashfaqur
- Date: 2019
- Type: Text , Journal article
- Relation: IEEE Transactions on Industry Applications Vol.56, no 4. (2020), p. 4415-4424
- Full Text:
- Reviewed:
- Description: Industrial Internet of Things (IIoT) deploys edge devices to act as intermediaries between sensors and actuators and application servers or cloud services. Machine learning models have been widely used to thwart malware attacks in such edge devices. However, these models are vulnerable to adversarial attacks where attackers craft adversarial samples by introducing small perturbations to malware samples to fool a classifier to misclassify them as benign applications. Literature on deep learning networks proposes adversarial retraining as a defense mechanism where adversarial samples are combined with legitimate samples to retrain the classifier. However, existing works select such adversarial samples in a random fashion which degrades the classifier's performance. This work proposes two novel approaches for selecting adversarial samples to retrain a classifier. One, based on the distance from malware cluster center, and the other, based on a probability measure derived from a kernel based learning (KBL). Our experiments show that both of our sample selection methods outperform the random selection method and the KBL selection method improves detection accuracy by 6%. Also, while existing works focus on deep neural networks with respect to adversarial retraining, we additionally assess the impact of such adversarial samples on other classifiers and our proposed selective adversarial retraining approaches show similar performance improvement for these classifiers as well. The outcomes from the study can assist in designing robust security systems for IIoT applications.
A data mining approach for machine fault diagnosis based on associated frequency patterns
- Rashid, Md. Mamunur, Amar, Muhammad, Gondal, Iqbal, Kamruzzaman, Joarder
- Authors: Rashid, Md. Mamunur , Amar, Muhammad , Gondal, Iqbal , Kamruzzaman, Joarder
- Date: 2016
- Type: Text , Journal article
- Relation: Applied Intelligence Vol. 45, no. 3 (2016), p. 638-651
- Full Text: false
- Reviewed:
- Description: Bearings play a crucial role in rotational machines and their failure is one of the foremost causes of breakdowns in rotary machinery. Their functionality is directly relevant to the operational performance, service life and efficiency of these machines. Therefore, bearing fault identification is very significant. The accuracy of fault or anomaly detection by the current techniques is not adequate. We propose a data mining-based framework for fault identification and anomaly detection from machine vibration data. In this framework, to capture the useful knowledge from the vibration data stream (VDS), we first pre-process the data using Fast Fourier Transform (FFT) to extract the frequency signature and then build a compact tree called SAFP-tree (sliding window associated frequency pattern tree), and propose a mining algorithm called SAFP. Our SAFP algorithm can mine associated frequency patterns (i.e., fault frequency signatures) in the current window of VDS and use them to identify faults in the bearing data. Finally, SAFP is further enhanced to SAFP-AD for anomaly detection by determining the normal behavior measure (NBM) from the extracted frequency patterns. The results show that our technique is very efficient in identifying faults and detecting anomalies over VDS and can be used for remote machine health diagnosis. © 2016, Springer Science+Business Media New York.
Hybrid intrusion detection system based on the stacking ensemble of C5 decision tree classifier and one class support vector machine
- Khraisat, Ansam, Gondal, Iqbal, Vamplew, Peter, Kamruzzaman, Joarder, Alazab, Ammar
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 9, no. 1 (2020), p.
- Full Text:
- Reviewed:
- Description: Cyberttacks are becoming increasingly sophisticated, necessitating the efficient intrusion detection mechanisms to monitor computer resources and generate reports on anomalous or suspicious activities. Many Intrusion Detection Systems (IDSs) use a single classifier for identifying intrusions. Single classifier IDSs are unable to achieve high accuracy and low false alarm rates due to polymorphic, metamorphic, and zero-day behaviors of malware. In this paper, a Hybrid IDS (HIDS) is proposed by combining the C5 decision tree classifier and One Class Support Vector Machine (OC-SVM). HIDS combines the strengths of SIDS) and Anomaly-based Intrusion Detection System (AIDS). The SIDS was developed based on the C5.0 Decision tree classifier and AIDS was developed based on the one-class Support Vector Machine (SVM). This framework aims to identify both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the benchmark datasets, namely, Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) and Australian Defence Force Academy (ADFA) datasets. Studies show that the performance of HIDS is enhanced, compared to SIDS and AIDS in terms of detection rate and low false-alarm rates. © 2020 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 9, no. 1 (2020), p.
- Full Text:
- Reviewed:
- Description: Cyberttacks are becoming increasingly sophisticated, necessitating the efficient intrusion detection mechanisms to monitor computer resources and generate reports on anomalous or suspicious activities. Many Intrusion Detection Systems (IDSs) use a single classifier for identifying intrusions. Single classifier IDSs are unable to achieve high accuracy and low false alarm rates due to polymorphic, metamorphic, and zero-day behaviors of malware. In this paper, a Hybrid IDS (HIDS) is proposed by combining the C5 decision tree classifier and One Class Support Vector Machine (OC-SVM). HIDS combines the strengths of SIDS) and Anomaly-based Intrusion Detection System (AIDS). The SIDS was developed based on the C5.0 Decision tree classifier and AIDS was developed based on the one-class Support Vector Machine (SVM). This framework aims to identify both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the benchmark datasets, namely, Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) and Australian Defence Force Academy (ADFA) datasets. Studies show that the performance of HIDS is enhanced, compared to SIDS and AIDS in terms of detection rate and low false-alarm rates. © 2020 by the authors. Licensee MDPI, Basel, Switzerland.
Rapid health data repository allocation using predictive machine learning
- Uddin, Ashraf, Stranieri, Andrew, Gondal, Iqbal, Balasubramanian, Venki
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2020
- Type: Text , Journal article
- Relation: Health Informatics Journal Vol. 26, no. 4 (2020), p. 3009-3036
- Full Text:
- Reviewed:
- Description: Health-related data is stored in a number of repositories that are managed and controlled by different entities. For instance, Electronic Health Records are usually administered by governments. Electronic Medical Records are typically controlled by health care providers, whereas Personal Health Records are managed directly by patients. Recently, Blockchain-based health record systems largely regulated by technology have emerged as another type of repository. Repositories for storing health data differ from one another based on cost, level of security and quality of performance. Not only has the type of repositories increased in recent years, but the quantum of health data to be stored has increased. For instance, the advent of wearable sensors that capture physiological signs has resulted in an exponential growth in digital health data. The increase in the types of repository and amount of data has driven a need for intelligent processes to select appropriate repositories as data is collected. However, the storage allocation decision is complex and nuanced. The challenges are exacerbated when health data are continuously streamed, as is the case with wearable sensors. Although patients are not always solely responsible for determining which repository should be used, they typically have some input into this decision. Patients can be expected to have idiosyncratic preferences regarding storage decisions depending on their unique contexts. In this paper, we propose a predictive model for the storage of health data that can meet patient needs and make storage decisions rapidly, in real-time, even with data streaming from wearable sensors. The model is built with a machine learning classifier that learns the mapping between characteristics of health data and features of storage repositories from a training set generated synthetically from correlations evident from small samples of experts. Results from the evaluation demonstrate the viability of the machine learning technique used. © The Author(s) 2020.
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2020
- Type: Text , Journal article
- Relation: Health Informatics Journal Vol. 26, no. 4 (2020), p. 3009-3036
- Full Text:
- Reviewed:
- Description: Health-related data is stored in a number of repositories that are managed and controlled by different entities. For instance, Electronic Health Records are usually administered by governments. Electronic Medical Records are typically controlled by health care providers, whereas Personal Health Records are managed directly by patients. Recently, Blockchain-based health record systems largely regulated by technology have emerged as another type of repository. Repositories for storing health data differ from one another based on cost, level of security and quality of performance. Not only has the type of repositories increased in recent years, but the quantum of health data to be stored has increased. For instance, the advent of wearable sensors that capture physiological signs has resulted in an exponential growth in digital health data. The increase in the types of repository and amount of data has driven a need for intelligent processes to select appropriate repositories as data is collected. However, the storage allocation decision is complex and nuanced. The challenges are exacerbated when health data are continuously streamed, as is the case with wearable sensors. Although patients are not always solely responsible for determining which repository should be used, they typically have some input into this decision. Patients can be expected to have idiosyncratic preferences regarding storage decisions depending on their unique contexts. In this paper, we propose a predictive model for the storage of health data that can meet patient needs and make storage decisions rapidly, in real-time, even with data streaming from wearable sensors. The model is built with a machine learning classifier that learns the mapping between characteristics of health data and features of storage repositories from a training set generated synthetically from correlations evident from small samples of experts. Results from the evaluation demonstrate the viability of the machine learning technique used. © The Author(s) 2020.
Blockchain leveraged decentralized IoT eHealth framework
- Uddin, Ashraf, Stranieri, Andrew, Gondal, Iqbal, Balasubramanian, Venki
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2020
- Type: Text , Journal article
- Relation: Internet of Things Vol. 9, no. March 2020 p. 100159
- Full Text:
- Reviewed:
- Description: Blockchain technologies recently emerging for eHealth, can facilitate a secure, decentral- ized and patient-driven, record management system. However, Blockchain technologies cannot accommodate the storage of data generated from IoT devices in remote patient management (RPM) settings as this application requires a fast consensus mechanism, care- ful management of keys and enhanced protocols for privacy. In this paper, we propose a Blockchain leveraged decentralized eHealth architecture which comprises three layers: (1) The Sensing layer –Body Area Sensor Networks include medical sensors typically on or in a patient body transmitting data to a smartphone. (2) The NEAR processing layer –Edge Networks consist of devices at one hop from data sensing IoT devices. (3) The FAR pro- cessing layer –Core Networks comprise Cloud or other high computing servers). A Patient Agent (PA) software replicated on the three layers processes medical data to ensure reli- able, secure and private communication. The PA executes a lightweight Blockchain consen- sus mechanism and utilizes a Blockchain leveraged task-offloading algorithm to ensure pa- tient’s privacy while outsourcing tasks. Performance analysis of the decentralized eHealth architecture has been conducted to demonstrate the feasibility of the system in the pro- cessing and storage of RPM data.
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2020
- Type: Text , Journal article
- Relation: Internet of Things Vol. 9, no. March 2020 p. 100159
- Full Text:
- Reviewed:
- Description: Blockchain technologies recently emerging for eHealth, can facilitate a secure, decentral- ized and patient-driven, record management system. However, Blockchain technologies cannot accommodate the storage of data generated from IoT devices in remote patient management (RPM) settings as this application requires a fast consensus mechanism, care- ful management of keys and enhanced protocols for privacy. In this paper, we propose a Blockchain leveraged decentralized eHealth architecture which comprises three layers: (1) The Sensing layer –Body Area Sensor Networks include medical sensors typically on or in a patient body transmitting data to a smartphone. (2) The NEAR processing layer –Edge Networks consist of devices at one hop from data sensing IoT devices. (3) The FAR pro- cessing layer –Core Networks comprise Cloud or other high computing servers). A Patient Agent (PA) software replicated on the three layers processes medical data to ensure reli- able, secure and private communication. The PA executes a lightweight Blockchain consen- sus mechanism and utilizes a Blockchain leveraged task-offloading algorithm to ensure pa- tient’s privacy while outsourcing tasks. Performance analysis of the decentralized eHealth architecture has been conducted to demonstrate the feasibility of the system in the pro- cessing and storage of RPM data.
How to improve postgenomic knowledge discovery using imputation
- Sehgal, Muhammad Shoaib B, Gondal, Iqbal, Dooley, Laurence, Coppel, Ross
- Authors: Sehgal, Muhammad Shoaib B , Gondal, Iqbal , Dooley, Laurence , Coppel, Ross
- Date: 2009
- Type: Text , Journal article
- Relation: Eurasip Journal on Bioinformatics and Systems Biology Vol. 2009, no. 1 (2009), p. 1-14
- Full Text:
- Reviewed:
- Description: While microarrays make it feasible to rapidly investigate many complex biological problems, their multistep fabrication has the proclivity for error at every stage. The standard tactic has been to either ignore or regard erroneous gene readings as missing values, though this assumption can exert a major influence upon postgenomic knowledge discovery methods like gene selection and gene regulatory network (GRN) reconstruction. This has been the catalyst for a raft of new flexible imputation algorithms including local least square impute and the recent heuristic collateral missing value imputation, which exploit the biological transactional behaviour of functionally correlated genes to afford accurate missing value estimation. This paper examines the influence of missing value imputation techniques upon postgenomic knowledge inference methods with results for various algorithms consistently corroborating that instead of ignoring missing values, recycling microarray data by flexible and robust imputation can provide substantial performance benefits for subsequent downstream procedures
- Authors: Sehgal, Muhammad Shoaib B , Gondal, Iqbal , Dooley, Laurence , Coppel, Ross
- Date: 2009
- Type: Text , Journal article
- Relation: Eurasip Journal on Bioinformatics and Systems Biology Vol. 2009, no. 1 (2009), p. 1-14
- Full Text:
- Reviewed:
- Description: While microarrays make it feasible to rapidly investigate many complex biological problems, their multistep fabrication has the proclivity for error at every stage. The standard tactic has been to either ignore or regard erroneous gene readings as missing values, though this assumption can exert a major influence upon postgenomic knowledge discovery methods like gene selection and gene regulatory network (GRN) reconstruction. This has been the catalyst for a raft of new flexible imputation algorithms including local least square impute and the recent heuristic collateral missing value imputation, which exploit the biological transactional behaviour of functionally correlated genes to afford accurate missing value estimation. This paper examines the influence of missing value imputation techniques upon postgenomic knowledge inference methods with results for various algorithms consistently corroborating that instead of ignoring missing values, recycling microarray data by flexible and robust imputation can provide substantial performance benefits for subsequent downstream procedures
Malware variant identification using incremental clustering
- Black, Paul, Gondal, Iqbal, Bagirov, Adil, Moniruzzaman, Md
- Authors: Black, Paul , Gondal, Iqbal , Bagirov, Adil , Moniruzzaman, Md
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics Vol. 10, no. 14 (2021), p.
- Relation: http://purl.org/au-research/grants/arc/DP190100580
- Full Text:
- Reviewed:
- Authors: Black, Paul , Gondal, Iqbal , Bagirov, Adil , Moniruzzaman, Md
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics Vol. 10, no. 14 (2021), p.
- Relation: http://purl.org/au-research/grants/arc/DP190100580
- Full Text:
- Reviewed:
A smart priority-based traffic control system for emergency vehicles
- Karmakar, Gour, Chowdhury, Abdullahi, Kamruzzaman, Joarder, Gondal, Iqbal
- Authors: Karmakar, Gour , Chowdhury, Abdullahi , Kamruzzaman, Joarder , Gondal, Iqbal
- Date: 2021
- Type: Text , Journal article
- Relation: IEEE Sensors Journal Vol. 21, no. 14 (2021), p. 15849-15858
- Full Text: false
- Reviewed:
- Description: Unwanted events on roads, such as incidents and increased traffic jams, can cause human lives and economic loss. For efficient incident management, it is essential to send Emergency Vehicles (EVs) to the incident place as quickly as possible. To reduce incidence clearance time, several approaches exist to provide a clear pathway to EVs mainly fitted with RFID sensors in the urban areas. However, they neither assign priority to the EVs based on the type and severity of an incident nor consider the effect on other on-road traffic. To address this issue, in this paper, we introduce an Emergency Vehicle Priority System (EVPS) by determining the priority level of an EV based on the type and the severity of an incident, and estimating the number of necessary signal interventions while considering the impact of those interventions on the traffic in the roads surrounding the EV's travel path. We present how EVPS determines the priority code and a new algorithm to estimate the number of green signal interventions to attain the quickest incident response while concomitantly reducing impact on others. A simulation model is developed in Simulation of Urban Mobility (SUMO) using the real traffic data of Melbourne, Australia, captured by various sensors. Results show that our system recommends appropriate number of intervention that can reduce emergency response time significantly. © 2001-2012 IEEE.
Cross-compiler bipartite vulnerability search
- Authors: Black, Paul , Gondal, Iqbal
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 11 (2021), p.
- Full Text:
- Reviewed:
- Description: Open-source libraries are widely used in software development, and the functions from these libraries may contain security vulnerabilities that can provide gateways for attackers. This paper provides a function similarity technique to identify vulnerable functions in compiled programs and proposes a new technique called Cross-Compiler Bipartite Vulnerability Search (CCBVS). CCBVS uses a novel training process, and bipartite matching to filter SVM model false positives to improve the quality of similar function identification. This research uses debug symbols in programs compiled from open-source software products to generate the ground truth. This automatic extraction of ground truth allows experimentation with a wide range of programs. The results presented in the paper show that an SVM model trained on a wide variety of programs compiled for Windows and Linux, x86 and Intel 64 architectures can be used to predict function similarity and that the use of bipartite matching substantially improves the function similarity matching performance. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Black, Paul , Gondal, Iqbal
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 11 (2021), p.
- Full Text:
- Reviewed:
- Description: Open-source libraries are widely used in software development, and the functions from these libraries may contain security vulnerabilities that can provide gateways for attackers. This paper provides a function similarity technique to identify vulnerable functions in compiled programs and proposes a new technique called Cross-Compiler Bipartite Vulnerability Search (CCBVS). CCBVS uses a novel training process, and bipartite matching to filter SVM model false positives to improve the quality of similar function identification. This research uses debug symbols in programs compiled from open-source software products to generate the ground truth. This automatic extraction of ground truth allows experimentation with a wide range of programs. The results presented in the paper show that an SVM model trained on a wide variety of programs compiled for Windows and Linux, x86 and Intel 64 architectures can be used to predict function similarity and that the use of bipartite matching substantially improves the function similarity matching performance. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.
Cyberattack triage using incremental clustering for intrusion detection systems
- Taheri, Sona, Bagirov, Adil, Gondal, Iqbal, Brown, Simon
- Authors: Taheri, Sona , Bagirov, Adil , Gondal, Iqbal , Brown, Simon
- Date: 2020
- Type: Text , Journal article
- Relation: International Journal of Information Security Vol. 19, no. 5 (2020), p. 597-607
- Relation: http://purl.org/au-research/grants/arc/DP190100580
- Full Text:
- Reviewed:
- Description: Intrusion detection systems (IDSs) are devices or software applications that monitor networks or systems for malicious activities and signals alerts/alarms when such activity is discovered. However, an IDS may generate many false alerts which affect its accuracy. In this paper, we develop a cyberattack triage algorithm to detect these alerts (so-called outliers). The proposed algorithm is designed using the clustering, optimization and distance-based approaches. An optimization-based incremental clustering algorithm is proposed to find clusters of different types of cyberattacks. Using a special procedure, a set of clusters is divided into two subsets: normal and stable clusters. Then, outliers are found among stable clusters using an average distance between centroids of normal clusters. The proposed algorithm is evaluated using the well-known IDS data sets—Knowledge Discovery and Data mining Cup 1999 and UNSW-NB15—and compared with some other existing algorithms. Results show that the proposed algorithm has a high detection accuracy and its false negative rate is very low. © 2019, Springer-Verlag GmbH Germany, part of Springer Nature.
- Description: This research was conducted in Internet Commerce Security Laboratory (ICSL) funded by Westpac Banking Corporation Australia. In addition, the research by Dr. Sona Taheri and A/Prof. Adil Bagirov was supported by the Australian Government through the Australian Research Council’s Discovery Projects funding scheme (DP190100580).
- Authors: Taheri, Sona , Bagirov, Adil , Gondal, Iqbal , Brown, Simon
- Date: 2020
- Type: Text , Journal article
- Relation: International Journal of Information Security Vol. 19, no. 5 (2020), p. 597-607
- Relation: http://purl.org/au-research/grants/arc/DP190100580
- Full Text:
- Reviewed:
- Description: Intrusion detection systems (IDSs) are devices or software applications that monitor networks or systems for malicious activities and signals alerts/alarms when such activity is discovered. However, an IDS may generate many false alerts which affect its accuracy. In this paper, we develop a cyberattack triage algorithm to detect these alerts (so-called outliers). The proposed algorithm is designed using the clustering, optimization and distance-based approaches. An optimization-based incremental clustering algorithm is proposed to find clusters of different types of cyberattacks. Using a special procedure, a set of clusters is divided into two subsets: normal and stable clusters. Then, outliers are found among stable clusters using an average distance between centroids of normal clusters. The proposed algorithm is evaluated using the well-known IDS data sets—Knowledge Discovery and Data mining Cup 1999 and UNSW-NB15—and compared with some other existing algorithms. Results show that the proposed algorithm has a high detection accuracy and its false negative rate is very low. © 2019, Springer-Verlag GmbH Germany, part of Springer Nature.
- Description: This research was conducted in Internet Commerce Security Laboratory (ICSL) funded by Westpac Banking Corporation Australia. In addition, the research by Dr. Sona Taheri and A/Prof. Adil Bagirov was supported by the Australian Government through the Australian Research Council’s Discovery Projects funding scheme (DP190100580).
“I am your perfect online partner" analysis of dating profiles used in cybercrime
- Kopp, Christian, Sillitoe, James, Gondal, Iqbal
- Authors: Kopp, Christian , Sillitoe, James , Gondal, Iqbal
- Date: 2017
- Type: Text , Journal article
- Relation: Asia Pacific Journal of Advanced Business and Social Studies Vol. 3, no. 2 (2017), p. 207-217
- Full Text:
- Reviewed:
- Description: Internet Online Dating has become an influential mainstream social practice facilitating the finding of a partner. Unscrupulous operators have identified its potential and started to use this platform for identity theft in form of so called Online Romance Scams. Quickly, this cybercrime has become very successful and thus, an increasing threat in the social networking environment. So far, very little is known about its structure and the reason for its success, and this needs to be known in order to be able to fight it efficiently. This research tries to contribute to this knowledge, and argues that scammers use so-called ‘Love Stories’, which represent personal affinities related to romantic relationships, to their benefit when tailoring common narratives as part of fraudulent online profiles to attract their victims. We look at these different types of ‘Personal Love Stories’ and discuss how they can be used in this type of scam, followed by a qualitative analysis of fraudulent profiles from three different international websites to examine this assumption
- Authors: Kopp, Christian , Sillitoe, James , Gondal, Iqbal
- Date: 2017
- Type: Text , Journal article
- Relation: Asia Pacific Journal of Advanced Business and Social Studies Vol. 3, no. 2 (2017), p. 207-217
- Full Text:
- Reviewed:
- Description: Internet Online Dating has become an influential mainstream social practice facilitating the finding of a partner. Unscrupulous operators have identified its potential and started to use this platform for identity theft in form of so called Online Romance Scams. Quickly, this cybercrime has become very successful and thus, an increasing threat in the social networking environment. So far, very little is known about its structure and the reason for its success, and this needs to be known in order to be able to fight it efficiently. This research tries to contribute to this knowledge, and argues that scammers use so-called ‘Love Stories’, which represent personal affinities related to romantic relationships, to their benefit when tailoring common narratives as part of fraudulent online profiles to attract their victims. We look at these different types of ‘Personal Love Stories’ and discuss how they can be used in this type of scam, followed by a qualitative analysis of fraudulent profiles from three different international websites to examine this assumption
A novel ensemble of hybrid intrusion detection system for detecting internet of things attacks
- Khraisat, Ansam, Gondal, Iqbal, Vamplew, Peter, Kamruzzaman, Joarder, Alazab, Ammar
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2019
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 8, no. 11 (2019), p.
- Full Text:
- Reviewed:
- Description: The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques. © 2019 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2019
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 8, no. 11 (2019), p.
- Full Text:
- Reviewed:
- Description: The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques. © 2019 by the authors. Licensee MDPI, Basel, Switzerland.
State estimation within ied based smart grid using kalman estimates
- Rashed, Muhammad, Gondal, Iqbal, Kamruzzaman, Joarder, Islam, Syed
- Authors: Rashed, Muhammad , Gondal, Iqbal , Kamruzzaman, Joarder , Islam, Syed
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 15 (2021), p.
- Full Text:
- Reviewed:
- Description: State Estimation is a traditional and reliable technique within power distribution and control systems. It is used for building a topology of the power grid network based on state measurements and current operational state of different nodes & buses. The protection of sensors and measurement units such as Intelligent Electronic Devices (IED) in Central Energy Management System (CEMS) against False Data Injection Attacks (FDIAs) is a big concern to grid operators. These are special kind of cyber-attacks that are directed towards the state & measurement data in such a way that mislead the CEMS into making incorrect decisions and create generation load imbalance. These are known to bypass the traditional bad data detection systems within central estimators. This paper presents the use of an additional novel state estimator based on Kalman filter along with traditional Distributed State Estimation (DSE) which is based on Weighted Least Square (WLS). Kalman filter is a feedback control mechanism that constantly updates itself based on state prediction and state correction technique and shows improvement in the estimates. The additional estimator output is compared with the results of DSE in order to identify anomalies and injection of false data. We evaluated our methodology by simulating proposed technique using MATPOWER over IEEE-14, IEEE-30, IEEE-118, IEEE-300 bus. The results clearly demonstrate the superiority of the proposed method over traditional state estimation. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Rashed, Muhammad , Gondal, Iqbal , Kamruzzaman, Joarder , Islam, Syed
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 15 (2021), p.
- Full Text:
- Reviewed:
- Description: State Estimation is a traditional and reliable technique within power distribution and control systems. It is used for building a topology of the power grid network based on state measurements and current operational state of different nodes & buses. The protection of sensors and measurement units such as Intelligent Electronic Devices (IED) in Central Energy Management System (CEMS) against False Data Injection Attacks (FDIAs) is a big concern to grid operators. These are special kind of cyber-attacks that are directed towards the state & measurement data in such a way that mislead the CEMS into making incorrect decisions and create generation load imbalance. These are known to bypass the traditional bad data detection systems within central estimators. This paper presents the use of an additional novel state estimator based on Kalman filter along with traditional Distributed State Estimation (DSE) which is based on Weighted Least Square (WLS). Kalman filter is a feedback control mechanism that constantly updates itself based on state prediction and state correction technique and shows improvement in the estimates. The additional estimator output is compared with the results of DSE in order to identify anomalies and injection of false data. We evaluated our methodology by simulating proposed technique using MATPOWER over IEEE-14, IEEE-30, IEEE-118, IEEE-300 bus. The results clearly demonstrate the superiority of the proposed method over traditional state estimation. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.