Function similarity using family context
- Black, Paul, Gondal, Iqbal, Vamplew, Peter, Lakhotia, Arun
- Authors: Black, Paul , Gondal, Iqbal , Vamplew, Peter , Lakhotia, Arun
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics Vol. 9, no. 7 (Jul 2020), p. 20
- Full Text:
- Reviewed:
- Description: Finding changed and similar functions between a pair of binaries is an important problem in malware attribution and for the identification of new malware capabilities. This paper presents a new technique called Function Similarity using Family Context (FSFC) for this problem. FSFC trains a Support Vector Machine (SVM) model using pairs of similar functions from two program variants. This method improves upon previous research called Cross Version Contextual Function Similarity (CVCFS) e epresenting a function using features extracted not just from the function itself, but also, from other functions with which it has a caller and callee relationship. We present the results of an initial experiment that shows that the use of additional features from the context of a function significantly decreases the false positive rate, obviating the need for a separate pass for cleaning false positives. The more surprising and unexpected finding is that the SVM model produced by FSFC can abstract function similarity features from one pair of program variants to find similar functions in an unrelated pair of program variants. If validated by a larger study, this new property leads to the possibility of creating generic similar function classifiers that can be packaged and distributed in reverse engineering tools such as IDA Pro and Ghidra.
- Description: This research was performed in the Internet Commerce Security Lab (ICSL), which is a joint venture with research partners Westpac, IBM, and Federation University Australia.
- Authors: Black, Paul , Gondal, Iqbal , Vamplew, Peter , Lakhotia, Arun
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics Vol. 9, no. 7 (Jul 2020), p. 20
- Full Text:
- Reviewed:
- Description: Finding changed and similar functions between a pair of binaries is an important problem in malware attribution and for the identification of new malware capabilities. This paper presents a new technique called Function Similarity using Family Context (FSFC) for this problem. FSFC trains a Support Vector Machine (SVM) model using pairs of similar functions from two program variants. This method improves upon previous research called Cross Version Contextual Function Similarity (CVCFS) e epresenting a function using features extracted not just from the function itself, but also, from other functions with which it has a caller and callee relationship. We present the results of an initial experiment that shows that the use of additional features from the context of a function significantly decreases the false positive rate, obviating the need for a separate pass for cleaning false positives. The more surprising and unexpected finding is that the SVM model produced by FSFC can abstract function similarity features from one pair of program variants to find similar functions in an unrelated pair of program variants. If validated by a larger study, this new property leads to the possibility of creating generic similar function classifiers that can be packaged and distributed in reverse engineering tools such as IDA Pro and Ghidra.
- Description: This research was performed in the Internet Commerce Security Lab (ICSL), which is a joint venture with research partners Westpac, IBM, and Federation University Australia.
Malware variant identification using incremental clustering
- Black, Paul, Gondal, Iqbal, Bagirov, Adil, Moniruzzaman, Md
- Authors: Black, Paul , Gondal, Iqbal , Bagirov, Adil , Moniruzzaman, Md
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics Vol. 10, no. 14 (2021), p.
- Relation: http://purl.org/au-research/grants/arc/DP190100580
- Full Text:
- Reviewed:
- Authors: Black, Paul , Gondal, Iqbal , Bagirov, Adil , Moniruzzaman, Md
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics Vol. 10, no. 14 (2021), p.
- Relation: http://purl.org/au-research/grants/arc/DP190100580
- Full Text:
- Reviewed:
Cross-compiler bipartite vulnerability search
- Authors: Black, Paul , Gondal, Iqbal
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 11 (2021), p.
- Full Text:
- Reviewed:
- Description: Open-source libraries are widely used in software development, and the functions from these libraries may contain security vulnerabilities that can provide gateways for attackers. This paper provides a function similarity technique to identify vulnerable functions in compiled programs and proposes a new technique called Cross-Compiler Bipartite Vulnerability Search (CCBVS). CCBVS uses a novel training process, and bipartite matching to filter SVM model false positives to improve the quality of similar function identification. This research uses debug symbols in programs compiled from open-source software products to generate the ground truth. This automatic extraction of ground truth allows experimentation with a wide range of programs. The results presented in the paper show that an SVM model trained on a wide variety of programs compiled for Windows and Linux, x86 and Intel 64 architectures can be used to predict function similarity and that the use of bipartite matching substantially improves the function similarity matching performance. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Black, Paul , Gondal, Iqbal
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 11 (2021), p.
- Full Text:
- Reviewed:
- Description: Open-source libraries are widely used in software development, and the functions from these libraries may contain security vulnerabilities that can provide gateways for attackers. This paper provides a function similarity technique to identify vulnerable functions in compiled programs and proposes a new technique called Cross-Compiler Bipartite Vulnerability Search (CCBVS). CCBVS uses a novel training process, and bipartite matching to filter SVM model false positives to improve the quality of similar function identification. This research uses debug symbols in programs compiled from open-source software products to generate the ground truth. This automatic extraction of ground truth allows experimentation with a wide range of programs. The results presented in the paper show that an SVM model trained on a wide variety of programs compiled for Windows and Linux, x86 and Intel 64 architectures can be used to predict function similarity and that the use of bipartite matching substantially improves the function similarity matching performance. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.
An exploratory trial implementing a community-based child oral health promotion intervention for Australian families from refugee and migrant backgrounds : A protocol paper for Teeth Tales
- Gibbs, Lisa, Waters, Elizabeth, De Silva, Andrea, Riggs, Elisha, Moore, Laurence, Armit, Christine, Johnson, Britt, Morris, Michal, Calache, Hanny, Gussy, Mark, Young, Dana, Tadic, Maryanne, Christian, Bradley, Gondal, Iqbal, Watt, Richard, Pradel, Veronika, Truong, Mandy, Gold, Lisa
- Authors: Gibbs, Lisa , Waters, Elizabeth , De Silva, Andrea , Riggs, Elisha , Moore, Laurence , Armit, Christine , Johnson, Britt , Morris, Michal , Calache, Hanny , Gussy, Mark , Young, Dana , Tadic, Maryanne , Christian, Bradley , Gondal, Iqbal , Watt, Richard , Pradel, Veronika , Truong, Mandy , Gold, Lisa
- Date: 2014
- Type: Text , Journal article
- Relation: BMJ Open Vol. 4, no. 3 (2014), p. 1-14
- Full Text:
- Reviewed:
- Description: Introduction: Inequalities are evident in early childhood caries rates with the socially disadvantaged experiencing greater burden of disease. This study builds on formative qualitative research, conducted in the Moreland/Hume local government areas of Melbourne, Victoria 2006-2009, in response to community concerns for oral health of children from refugee and migrant backgrounds. Development of the community-based intervention described here extends the partnership approach to cogeneration of contemporary evidence with continued and meaningful involvement of investigators, community, cultural and government partners. This trial aims to establish a model for child oral health promotion for culturally diverse communities in Australia. Methods and analysis: This is an exploratory trial implementing a community-based child oral health promotion intervention for Australian families from refugee and migrant backgrounds. Families from an Iraqi, Lebanese or Pakistani background with children aged 1-4 years, residing in metropolitan Melbourne, were invited to participate in the trial by peer educators from their respective communities using snowball and purposive sampling techniques. Target sample size was 600. Moreland, a culturally diverse, inner-urban metropolitan area of Melbourne, was chosen as the intervention site. The intervention comprised peer educator led community oral health education sessions and reorienting of dental health and family services through cultural Competency Organisational Review (CORe). Ethics and dissemination: Ethics approval for this trial was granted by the University of Melbourne Human Research Ethics Committee and the Department of Education and Early Childhood Development Research Committee. Study progress and output will be disseminated via periodic newsletters, peer-reviewed research papers, reports, community seminars and at National and International conferences. Trial registration number: Australian New Zealand Clinical Trials Registry (ACTRN12611000532909).
- Authors: Gibbs, Lisa , Waters, Elizabeth , De Silva, Andrea , Riggs, Elisha , Moore, Laurence , Armit, Christine , Johnson, Britt , Morris, Michal , Calache, Hanny , Gussy, Mark , Young, Dana , Tadic, Maryanne , Christian, Bradley , Gondal, Iqbal , Watt, Richard , Pradel, Veronika , Truong, Mandy , Gold, Lisa
- Date: 2014
- Type: Text , Journal article
- Relation: BMJ Open Vol. 4, no. 3 (2014), p. 1-14
- Full Text:
- Reviewed:
- Description: Introduction: Inequalities are evident in early childhood caries rates with the socially disadvantaged experiencing greater burden of disease. This study builds on formative qualitative research, conducted in the Moreland/Hume local government areas of Melbourne, Victoria 2006-2009, in response to community concerns for oral health of children from refugee and migrant backgrounds. Development of the community-based intervention described here extends the partnership approach to cogeneration of contemporary evidence with continued and meaningful involvement of investigators, community, cultural and government partners. This trial aims to establish a model for child oral health promotion for culturally diverse communities in Australia. Methods and analysis: This is an exploratory trial implementing a community-based child oral health promotion intervention for Australian families from refugee and migrant backgrounds. Families from an Iraqi, Lebanese or Pakistani background with children aged 1-4 years, residing in metropolitan Melbourne, were invited to participate in the trial by peer educators from their respective communities using snowball and purposive sampling techniques. Target sample size was 600. Moreland, a culturally diverse, inner-urban metropolitan area of Melbourne, was chosen as the intervention site. The intervention comprised peer educator led community oral health education sessions and reorienting of dental health and family services through cultural Competency Organisational Review (CORe). Ethics and dissemination: Ethics approval for this trial was granted by the University of Melbourne Human Research Ethics Committee and the Department of Education and Early Childhood Development Research Committee. Study progress and output will be disseminated via periodic newsletters, peer-reviewed research papers, reports, community seminars and at National and International conferences. Trial registration number: Australian New Zealand Clinical Trials Registry (ACTRN12611000532909).
Teeth Tales : A community-based child oral health promotion trial with migrant families in Australia
- Gibbs, Lisa, Waters, Elizabeth, Christian, Bradley, Gold, Lisa, Young, Dana, De Silva, Andrea, Calache, Hanny, Gussy, Mark, Watt, Richard, Riggs, Elisha, Tadic, Maryanne, Hall, Martin, Gondal, Iqbal, Pradel, Veronika, Moore, Laurence
- Authors: Gibbs, Lisa , Waters, Elizabeth , Christian, Bradley , Gold, Lisa , Young, Dana , De Silva, Andrea , Calache, Hanny , Gussy, Mark , Watt, Richard , Riggs, Elisha , Tadic, Maryanne , Hall, Martin , Gondal, Iqbal , Pradel, Veronika , Moore, Laurence
- Date: 2015
- Type: Text , Journal article
- Relation: BMJ Open Vol. 5, no. 6 (2015), p. 1-13
- Relation: http://purl.org/au-research/grants/arc/LP100100223
- Full Text:
- Reviewed:
- Description: Objectives: The Teeth Tales trial aimed to establish a model for child oral health promotion for culturally diverse communities in Australia. Design: An exploratory trial implementing a communitybased child oral health promotion intervention for Australian families from migrant backgrounds. Mixed method, longitudinal evaluation. Setting: The intervention was based in Moreland, a culturally diverse locality in Melbourne, Australia. Participants: Families with 1-4-year-old children, self-identified as being from Iraqi, Lebanese or Pakistani backgrounds residing in Melbourne. Participants residing close to the intervention site were allocated to intervention. Intervention: The intervention was conducted over 5 months and comprised community oral health education sessions led by peer educators and follow-up health messages. Outcome measures: This paper reports on the intervention impacts, process evaluation and descriptive analysis of health, knowledge and behavioural changes 18 months after baseline data collection. Results: Significant differences in the Debris Index (OR=0.44 (0.22 to 0.88)) and the Modified Gingival Index (OR=0.34 (0.19 to 0.61)) indicated increased tooth brushing and/or improved toothbrushing technique in the intervention group. An increased proportion of intervention parents, compared to those in the comparison group reported that they had been shown how to brush their child's teeth (OR=2.65 (1.49 to 4.69)). Process evaluation results highlighted the problems with recruitment and retention of the study sample (275 complete case families). The child dental screening encouraged involvement in the study, as did linking attendance with other community/cultural activities. Conclusions: The Teeth Tales intervention was promising in terms of improving oral hygiene and parent knowledge of tooth brushing technique. Adaptations to delivery of the intervention are required to increase uptake and likely impact. A future cluster randomised controlled trial would provide strongest evidence of effectiveness if appropriate to the community, cultural and economic context.
Teeth Tales : A community-based child oral health promotion trial with migrant families in Australia
- Authors: Gibbs, Lisa , Waters, Elizabeth , Christian, Bradley , Gold, Lisa , Young, Dana , De Silva, Andrea , Calache, Hanny , Gussy, Mark , Watt, Richard , Riggs, Elisha , Tadic, Maryanne , Hall, Martin , Gondal, Iqbal , Pradel, Veronika , Moore, Laurence
- Date: 2015
- Type: Text , Journal article
- Relation: BMJ Open Vol. 5, no. 6 (2015), p. 1-13
- Relation: http://purl.org/au-research/grants/arc/LP100100223
- Full Text:
- Reviewed:
- Description: Objectives: The Teeth Tales trial aimed to establish a model for child oral health promotion for culturally diverse communities in Australia. Design: An exploratory trial implementing a communitybased child oral health promotion intervention for Australian families from migrant backgrounds. Mixed method, longitudinal evaluation. Setting: The intervention was based in Moreland, a culturally diverse locality in Melbourne, Australia. Participants: Families with 1-4-year-old children, self-identified as being from Iraqi, Lebanese or Pakistani backgrounds residing in Melbourne. Participants residing close to the intervention site were allocated to intervention. Intervention: The intervention was conducted over 5 months and comprised community oral health education sessions led by peer educators and follow-up health messages. Outcome measures: This paper reports on the intervention impacts, process evaluation and descriptive analysis of health, knowledge and behavioural changes 18 months after baseline data collection. Results: Significant differences in the Debris Index (OR=0.44 (0.22 to 0.88)) and the Modified Gingival Index (OR=0.34 (0.19 to 0.61)) indicated increased tooth brushing and/or improved toothbrushing technique in the intervention group. An increased proportion of intervention parents, compared to those in the comparison group reported that they had been shown how to brush their child's teeth (OR=2.65 (1.49 to 4.69)). Process evaluation results highlighted the problems with recruitment and retention of the study sample (275 complete case families). The child dental screening encouraged involvement in the study, as did linking attendance with other community/cultural activities. Conclusions: The Teeth Tales intervention was promising in terms of improving oral hygiene and parent knowledge of tooth brushing technique. Adaptations to delivery of the intervention are required to increase uptake and likely impact. A future cluster randomised controlled trial would provide strongest evidence of effectiveness if appropriate to the community, cultural and economic context.
Optimally parameterized wavelet packet transform for machine residual life prediction
- Gondal, Iqbal, Yaqub, Muhammad, Kamruzzaman, Joarder
- Authors: Gondal, Iqbal , Yaqub, Muhammad , Kamruzzaman, Joarder
- Date: 2011
- Type: Text , Conference paper , Journal article
- Relation: Australian Acoustical SocietyConference 2011: Breaking New Ground, Acoustics 2011; Gold Coast, Australia; 2nd-4th November 2011; p.1-8
- Full Text:
- Reviewed:
- Description: One of the prevalent issues in condition based maintenance (CBM) is to predict the residual life of the equipment. This paper propos-es a novel framework to predict the remnant life of the equipment, called Residual life prediction based on optimally parameterized Wavelet transform and Mute-step Support vector regression (RWMS). In optimally parameterized wavelet transform, a generalized criterion is proposed to select the wavelet decomposition level which works for all the applications and decomposition nodes are selected by characterizing their dominancy level based upon relative fault signature-signal energy contents. The prediction model is based on multi-step support vector regression (MSVR) and prediction accuracy is improved in comparison with the techniques based on support vector regression (SVR). Performance of RWMS is evaluated in terms of Root Means Square Error (RMSE), studies show that proposed algorithm predicts the residual life of the equipment accurately.
- Authors: Gondal, Iqbal , Yaqub, Muhammad , Kamruzzaman, Joarder
- Date: 2011
- Type: Text , Conference paper , Journal article
- Relation: Australian Acoustical SocietyConference 2011: Breaking New Ground, Acoustics 2011; Gold Coast, Australia; 2nd-4th November 2011; p.1-8
- Full Text:
- Reviewed:
- Description: One of the prevalent issues in condition based maintenance (CBM) is to predict the residual life of the equipment. This paper propos-es a novel framework to predict the remnant life of the equipment, called Residual life prediction based on optimally parameterized Wavelet transform and Mute-step Support vector regression (RWMS). In optimally parameterized wavelet transform, a generalized criterion is proposed to select the wavelet decomposition level which works for all the applications and decomposition nodes are selected by characterizing their dominancy level based upon relative fault signature-signal energy contents. The prediction model is based on multi-step support vector regression (MSVR) and prediction accuracy is improved in comparison with the techniques based on support vector regression (SVR). Performance of RWMS is evaluated in terms of Root Means Square Error (RMSE), studies show that proposed algorithm predicts the residual life of the equipment accurately.
A novel vertical handover scheme for diminution in social network traffic
- Haider, Ammar, Gondal, Iqbal, Kamruzzaman, Joarder
- Authors: Haider, Ammar , Gondal, Iqbal , Kamruzzaman, Joarder
- Date: 2012
- Type: Text , Conference paper
- Full Text:
- Reviewed:
- Authors: Haider, Ammar , Gondal, Iqbal , Kamruzzaman, Joarder
- Date: 2012
- Type: Text , Conference paper
- Full Text:
- Reviewed:
Decentralized content sharing among tourists in visiting hotspots
- Kaisar, Shahriar, Kamruzzaman, Joarder, Karmakar, Gour, Gondal, Iqbal
- Authors: Kaisar, Shahriar , Kamruzzaman, Joarder , Karmakar, Gour , Gondal, Iqbal
- Date: 2017
- Type: Text , Journal article
- Relation: Journal of Network and Computer Applications Vol. 79, no. (2017), p. 25-40
- Full Text:
- Reviewed:
- Description: Content sharing with smart mobile devices using decentralized approach enables users to share contents without the use of any fixed infrastructure, and thereby offers a free-of-cost platform that does not add to Internet traffic which, in its current state, is approaching bottleneck in its capacity. Most of the existing decentralized approaches in the literature consider spatio-temporal regularity in human movement patterns and pre-existing social relationship for the sharing scheme to work. However, such predictable movement patterns and social relationship information are not available in places like tourist spots where people visit only for a short period of time and usually meet strangers. No works exist in literature that deals with content sharing in such environment. In this work, we propose a content sharing approach for such environments. The group formation mechanism is based on users' interest score and stay probability in the individual region of interest (ROI) as well as on the availability and delivery probabilities of contents in the group. The administrator of each group is selected by taking into account its probability of stay in the ROI, connectivity with other nodes, its trustworthiness and computing and energy resources to serve the group. We have also adopted an incentive mechanism as encouragement that awards nodes for sharing and forwarding contents. We have used network simulator NS3 to perform extensive simulation on a popular tourist spot in Australia which facilitates a number of activities. The proposed approach shows promising results in sharing contents among tourists, measured in terms of content hit, delivery success rate and latency.
- Description: Content sharing with smart mobile devices using decentralized approach enables users to share contents without the use of any fixed infrastructure, and thereby offers a free-of-cost platform that does not add to Internet traffic which, in its current state, is approaching bottleneck in its capacity. Most of the existing decentralized approaches in the literature consider spatio-temporal regularity in human movement patterns and pre-existing social relationship for the sharing scheme to work. However, such predictable movement patterns and social relationship information are not available in places like tourist spots where people visit only for a short period of time and usually meet strangers. No works exist in literature that deals with content sharing in such environment. In this work, we propose a content sharing approach for such environments. The group formation mechanism is based on users' interest score and stay probability in the individual region of interest (ROI) as well as on the availability and delivery probabilities of contents in the group. The administrator of each group is selected by taking into account its probability of stay in the ROI, connectivity with other nodes, its trustworthiness and computing and energy resources to serve the group. We have also adopted an incentive mechanism as encouragement that awards nodes for sharing and forwarding contents. We have used network simulator NS3 to perform extensive simulation on a popular tourist spot in Australia which facilitates a number of activities. The proposed approach shows promising results in sharing contents among tourists, measured in terms of content hit, delivery success rate and latency. © 2016
- Authors: Kaisar, Shahriar , Kamruzzaman, Joarder , Karmakar, Gour , Gondal, Iqbal
- Date: 2017
- Type: Text , Journal article
- Relation: Journal of Network and Computer Applications Vol. 79, no. (2017), p. 25-40
- Full Text:
- Reviewed:
- Description: Content sharing with smart mobile devices using decentralized approach enables users to share contents without the use of any fixed infrastructure, and thereby offers a free-of-cost platform that does not add to Internet traffic which, in its current state, is approaching bottleneck in its capacity. Most of the existing decentralized approaches in the literature consider spatio-temporal regularity in human movement patterns and pre-existing social relationship for the sharing scheme to work. However, such predictable movement patterns and social relationship information are not available in places like tourist spots where people visit only for a short period of time and usually meet strangers. No works exist in literature that deals with content sharing in such environment. In this work, we propose a content sharing approach for such environments. The group formation mechanism is based on users' interest score and stay probability in the individual region of interest (ROI) as well as on the availability and delivery probabilities of contents in the group. The administrator of each group is selected by taking into account its probability of stay in the ROI, connectivity with other nodes, its trustworthiness and computing and energy resources to serve the group. We have also adopted an incentive mechanism as encouragement that awards nodes for sharing and forwarding contents. We have used network simulator NS3 to perform extensive simulation on a popular tourist spot in Australia which facilitates a number of activities. The proposed approach shows promising results in sharing contents among tourists, measured in terms of content hit, delivery success rate and latency.
- Description: Content sharing with smart mobile devices using decentralized approach enables users to share contents without the use of any fixed infrastructure, and thereby offers a free-of-cost platform that does not add to Internet traffic which, in its current state, is approaching bottleneck in its capacity. Most of the existing decentralized approaches in the literature consider spatio-temporal regularity in human movement patterns and pre-existing social relationship for the sharing scheme to work. However, such predictable movement patterns and social relationship information are not available in places like tourist spots where people visit only for a short period of time and usually meet strangers. No works exist in literature that deals with content sharing in such environment. In this work, we propose a content sharing approach for such environments. The group formation mechanism is based on users' interest score and stay probability in the individual region of interest (ROI) as well as on the availability and delivery probabilities of contents in the group. The administrator of each group is selected by taking into account its probability of stay in the ROI, connectivity with other nodes, its trustworthiness and computing and energy resources to serve the group. We have also adopted an incentive mechanism as encouragement that awards nodes for sharing and forwarding contents. We have used network simulator NS3 to perform extensive simulation on a popular tourist spot in Australia which facilitates a number of activities. The proposed approach shows promising results in sharing contents among tourists, measured in terms of content hit, delivery success rate and latency. © 2016
Carry me if you can : A utility based forwarding scheme for content sharing in tourist destinations
- Kaisar, Shahriar, Kamruzzaman, Joarder, Karmakar, Gour, Gondal, Iqbal
- Authors: Kaisar, Shahriar , Kamruzzaman, Joarder , Karmakar, Gour , Gondal, Iqbal
- Date: 2016
- Type: Text , Conference proceedings
- Relation: 22nd Asia-Pacific Conference on Communications, APCC 2016; Yogyakarta, Indonesia; 25th-27th August 2016 p. 261-267
- Full Text:
- Reviewed:
- Description: Message forwarding is an integral part of the decentralized content sharing process as the content delivery success highly depends on it. Existing literature employs spatio-temporal regularity of human movement pattern and pre-existing social relationship to take message forwarding decisions. However, such approaches are ineffectual in environments where those information are unavailable such as a tourist spot or camping site. In this study, we explore the message forwarding techniques in such environments considering the information that are readily available and can be gathered on the fly. We propose a utility based forwarding scheme to select the appropriate forwarder node based on co-location stay time, connectivity and available resources. A higher co-location stay time reflects that the forwarder and the destination node is likely to have more opportunistic contacts, while the connectivity and available resource ensure that the selected forwarder has sufficient neighbours and resources to carry the message forward. Simulation results suggest that the proposed approach attains high hit and success rate and low latency for successful content delivery, which is comparable to those proposed for work-place type scenarios with regular movement pattern and pre-existing relationships. © 2016 IEEE.
- Authors: Kaisar, Shahriar , Kamruzzaman, Joarder , Karmakar, Gour , Gondal, Iqbal
- Date: 2016
- Type: Text , Conference proceedings
- Relation: 22nd Asia-Pacific Conference on Communications, APCC 2016; Yogyakarta, Indonesia; 25th-27th August 2016 p. 261-267
- Full Text:
- Reviewed:
- Description: Message forwarding is an integral part of the decentralized content sharing process as the content delivery success highly depends on it. Existing literature employs spatio-temporal regularity of human movement pattern and pre-existing social relationship to take message forwarding decisions. However, such approaches are ineffectual in environments where those information are unavailable such as a tourist spot or camping site. In this study, we explore the message forwarding techniques in such environments considering the information that are readily available and can be gathered on the fly. We propose a utility based forwarding scheme to select the appropriate forwarder node based on co-location stay time, connectivity and available resources. A higher co-location stay time reflects that the forwarder and the destination node is likely to have more opportunistic contacts, while the connectivity and available resource ensure that the selected forwarder has sufficient neighbours and resources to carry the message forward. Simulation results suggest that the proposed approach attains high hit and success rate and low latency for successful content delivery, which is comparable to those proposed for work-place type scenarios with regular movement pattern and pre-existing relationships. © 2016 IEEE.
Robust malware defense in industrial IoT applications using machine learning with selective adversarial samples
- Khoda, Mahbub, Imam, Tasadduq, Kamruzzaman, Joarder, Gondal, Iqbal, Rahman, Ashfaqur
- Authors: Khoda, Mahbub , Imam, Tasadduq , Kamruzzaman, Joarder , Gondal, Iqbal , Rahman, Ashfaqur
- Date: 2019
- Type: Text , Journal article
- Relation: IEEE Transactions on Industry Applications Vol.56, no 4. (2020), p. 4415-4424
- Full Text:
- Reviewed:
- Description: Industrial Internet of Things (IIoT) deploys edge devices to act as intermediaries between sensors and actuators and application servers or cloud services. Machine learning models have been widely used to thwart malware attacks in such edge devices. However, these models are vulnerable to adversarial attacks where attackers craft adversarial samples by introducing small perturbations to malware samples to fool a classifier to misclassify them as benign applications. Literature on deep learning networks proposes adversarial retraining as a defense mechanism where adversarial samples are combined with legitimate samples to retrain the classifier. However, existing works select such adversarial samples in a random fashion which degrades the classifier's performance. This work proposes two novel approaches for selecting adversarial samples to retrain a classifier. One, based on the distance from malware cluster center, and the other, based on a probability measure derived from a kernel based learning (KBL). Our experiments show that both of our sample selection methods outperform the random selection method and the KBL selection method improves detection accuracy by 6%. Also, while existing works focus on deep neural networks with respect to adversarial retraining, we additionally assess the impact of such adversarial samples on other classifiers and our proposed selective adversarial retraining approaches show similar performance improvement for these classifiers as well. The outcomes from the study can assist in designing robust security systems for IIoT applications.
- Authors: Khoda, Mahbub , Imam, Tasadduq , Kamruzzaman, Joarder , Gondal, Iqbal , Rahman, Ashfaqur
- Date: 2019
- Type: Text , Journal article
- Relation: IEEE Transactions on Industry Applications Vol.56, no 4. (2020), p. 4415-4424
- Full Text:
- Reviewed:
- Description: Industrial Internet of Things (IIoT) deploys edge devices to act as intermediaries between sensors and actuators and application servers or cloud services. Machine learning models have been widely used to thwart malware attacks in such edge devices. However, these models are vulnerable to adversarial attacks where attackers craft adversarial samples by introducing small perturbations to malware samples to fool a classifier to misclassify them as benign applications. Literature on deep learning networks proposes adversarial retraining as a defense mechanism where adversarial samples are combined with legitimate samples to retrain the classifier. However, existing works select such adversarial samples in a random fashion which degrades the classifier's performance. This work proposes two novel approaches for selecting adversarial samples to retrain a classifier. One, based on the distance from malware cluster center, and the other, based on a probability measure derived from a kernel based learning (KBL). Our experiments show that both of our sample selection methods outperform the random selection method and the KBL selection method improves detection accuracy by 6%. Also, while existing works focus on deep neural networks with respect to adversarial retraining, we additionally assess the impact of such adversarial samples on other classifiers and our proposed selective adversarial retraining approaches show similar performance improvement for these classifiers as well. The outcomes from the study can assist in designing robust security systems for IIoT applications.
Hybrid intrusion detection system based on the stacking ensemble of C5 decision tree classifier and one class support vector machine
- Khraisat, Ansam, Gondal, Iqbal, Vamplew, Peter, Kamruzzaman, Joarder, Alazab, Ammar
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 9, no. 1 (2020), p.
- Full Text:
- Reviewed:
- Description: Cyberttacks are becoming increasingly sophisticated, necessitating the efficient intrusion detection mechanisms to monitor computer resources and generate reports on anomalous or suspicious activities. Many Intrusion Detection Systems (IDSs) use a single classifier for identifying intrusions. Single classifier IDSs are unable to achieve high accuracy and low false alarm rates due to polymorphic, metamorphic, and zero-day behaviors of malware. In this paper, a Hybrid IDS (HIDS) is proposed by combining the C5 decision tree classifier and One Class Support Vector Machine (OC-SVM). HIDS combines the strengths of SIDS) and Anomaly-based Intrusion Detection System (AIDS). The SIDS was developed based on the C5.0 Decision tree classifier and AIDS was developed based on the one-class Support Vector Machine (SVM). This framework aims to identify both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the benchmark datasets, namely, Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) and Australian Defence Force Academy (ADFA) datasets. Studies show that the performance of HIDS is enhanced, compared to SIDS and AIDS in terms of detection rate and low false-alarm rates. © 2020 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 9, no. 1 (2020), p.
- Full Text:
- Reviewed:
- Description: Cyberttacks are becoming increasingly sophisticated, necessitating the efficient intrusion detection mechanisms to monitor computer resources and generate reports on anomalous or suspicious activities. Many Intrusion Detection Systems (IDSs) use a single classifier for identifying intrusions. Single classifier IDSs are unable to achieve high accuracy and low false alarm rates due to polymorphic, metamorphic, and zero-day behaviors of malware. In this paper, a Hybrid IDS (HIDS) is proposed by combining the C5 decision tree classifier and One Class Support Vector Machine (OC-SVM). HIDS combines the strengths of SIDS) and Anomaly-based Intrusion Detection System (AIDS). The SIDS was developed based on the C5.0 Decision tree classifier and AIDS was developed based on the one-class Support Vector Machine (SVM). This framework aims to identify both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the benchmark datasets, namely, Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) and Australian Defence Force Academy (ADFA) datasets. Studies show that the performance of HIDS is enhanced, compared to SIDS and AIDS in terms of detection rate and low false-alarm rates. © 2020 by the authors. Licensee MDPI, Basel, Switzerland.
A novel ensemble of hybrid intrusion detection system for detecting internet of things attacks
- Khraisat, Ansam, Gondal, Iqbal, Vamplew, Peter, Kamruzzaman, Joarder, Alazab, Ammar
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2019
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 8, no. 11 (2019), p.
- Full Text:
- Reviewed:
- Description: The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques. © 2019 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2019
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 8, no. 11 (2019), p.
- Full Text:
- Reviewed:
- Description: The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques. © 2019 by the authors. Licensee MDPI, Basel, Switzerland.
The role of love stories in Romance Scams : A qualitative analysis of fraudulent profiles
- Kopp, Christian, Layton, Robert, Sillitoe, Jim, Gondal, Iqbal
- Authors: Kopp, Christian , Layton, Robert , Sillitoe, Jim , Gondal, Iqbal
- Date: 2016
- Type: Text , Journal article
- Relation: International Journal of Cyber Criminology Vol. 9, no. 2 (2016), p. 205-216
- Full Text:
- Reviewed:
- Description: The Online Romance Scam is a very successful scam which causes considerable financial and emotional damage to its victims. In this paper, we provide a perspective that might be helpful to explain the success of this scam. In a similar way to the "The Nigerian letter", we propose that the scam techniques appeal to strong emotions, which are clearly involved in Romantic relationships. We also assume that the same success factors found in normal relationships contribute to the success of the romance scam. In an exploratory study using a qualitative analysis of fraudulent profiles from an international dating website, we examined this assumption. The findings show that personal affinities related to personal romantic imaginations, which are described by personal love stories, play an important role in the success of a romance scam. © 2016 International Journal of Cyber Criminology (IJCC).
- Authors: Kopp, Christian , Layton, Robert , Sillitoe, Jim , Gondal, Iqbal
- Date: 2016
- Type: Text , Journal article
- Relation: International Journal of Cyber Criminology Vol. 9, no. 2 (2016), p. 205-216
- Full Text:
- Reviewed:
- Description: The Online Romance Scam is a very successful scam which causes considerable financial and emotional damage to its victims. In this paper, we provide a perspective that might be helpful to explain the success of this scam. In a similar way to the "The Nigerian letter", we propose that the scam techniques appeal to strong emotions, which are clearly involved in Romantic relationships. We also assume that the same success factors found in normal relationships contribute to the success of the romance scam. In an exploratory study using a qualitative analysis of fraudulent profiles from an international dating website, we examined this assumption. The findings show that personal affinities related to personal romantic imaginations, which are described by personal love stories, play an important role in the success of a romance scam. © 2016 International Journal of Cyber Criminology (IJCC).
“I am your perfect online partner" analysis of dating profiles used in cybercrime
- Kopp, Christian, Sillitoe, James, Gondal, Iqbal
- Authors: Kopp, Christian , Sillitoe, James , Gondal, Iqbal
- Date: 2017
- Type: Text , Journal article
- Relation: Asia Pacific Journal of Advanced Business and Social Studies Vol. 3, no. 2 (2017), p. 207-217
- Full Text:
- Reviewed:
- Description: Internet Online Dating has become an influential mainstream social practice facilitating the finding of a partner. Unscrupulous operators have identified its potential and started to use this platform for identity theft in form of so called Online Romance Scams. Quickly, this cybercrime has become very successful and thus, an increasing threat in the social networking environment. So far, very little is known about its structure and the reason for its success, and this needs to be known in order to be able to fight it efficiently. This research tries to contribute to this knowledge, and argues that scammers use so-called ‘Love Stories’, which represent personal affinities related to romantic relationships, to their benefit when tailoring common narratives as part of fraudulent online profiles to attract their victims. We look at these different types of ‘Personal Love Stories’ and discuss how they can be used in this type of scam, followed by a qualitative analysis of fraudulent profiles from three different international websites to examine this assumption
- Authors: Kopp, Christian , Sillitoe, James , Gondal, Iqbal
- Date: 2017
- Type: Text , Journal article
- Relation: Asia Pacific Journal of Advanced Business and Social Studies Vol. 3, no. 2 (2017), p. 207-217
- Full Text:
- Reviewed:
- Description: Internet Online Dating has become an influential mainstream social practice facilitating the finding of a partner. Unscrupulous operators have identified its potential and started to use this platform for identity theft in form of so called Online Romance Scams. Quickly, this cybercrime has become very successful and thus, an increasing threat in the social networking environment. So far, very little is known about its structure and the reason for its success, and this needs to be known in order to be able to fight it efficiently. This research tries to contribute to this knowledge, and argues that scammers use so-called ‘Love Stories’, which represent personal affinities related to romantic relationships, to their benefit when tailoring common narratives as part of fraudulent online profiles to attract their victims. We look at these different types of ‘Personal Love Stories’ and discuss how they can be used in this type of scam, followed by a qualitative analysis of fraudulent profiles from three different international websites to examine this assumption
Online romance scam: Expensive e-living for romantic happiness
- Kopp, Christian, Sillitoe, James, Gondal, Iqbal, Layton, Robert
- Authors: Kopp, Christian , Sillitoe, James , Gondal, Iqbal , Layton, Robert
- Date: 2016
- Type: Text , Conference proceedings
- Relation: Proceedings of the 29th Bled eConference: Digital Economy (BLED 2016), Slovenia, pp.175-189 p. 15
- Full Text:
- Description: The Online Romance Scam is a very successful scam which causes considerable financial and emotional damage to its victims. It is based on building a relationship which establishes a deep trust that causes victims to voluntarily transfer funds to the scammer. The aim of this research is to explore online dating scams as a type of e-Living which initially creates happiness for the victim in a virtual romantic relationship, but tragically then causes the victim to be separated from his or her savings. Using narrative research methodology, this research will establish a model of the romance scam structure and its variations regarding human romantic attitudes, and will develop a theory which explains how the victim is moved through the phases of the scam. Findings of this research will contribute to the knowledge of the Online Romance Scam as e-Crime and provide information about the structure and the development of the modus operandi which can be used to identify an online relationship as a scam at an early phase in order to prevent significant harm to the victim.
- Authors: Kopp, Christian , Sillitoe, James , Gondal, Iqbal , Layton, Robert
- Date: 2016
- Type: Text , Conference proceedings
- Relation: Proceedings of the 29th Bled eConference: Digital Economy (BLED 2016), Slovenia, pp.175-189 p. 15
- Full Text:
- Description: The Online Romance Scam is a very successful scam which causes considerable financial and emotional damage to its victims. It is based on building a relationship which establishes a deep trust that causes victims to voluntarily transfer funds to the scammer. The aim of this research is to explore online dating scams as a type of e-Living which initially creates happiness for the victim in a virtual romantic relationship, but tragically then causes the victim to be separated from his or her savings. Using narrative research methodology, this research will establish a model of the romance scam structure and its variations regarding human romantic attitudes, and will develop a theory which explains how the victim is moved through the phases of the scam. Findings of this research will contribute to the knowledge of the Online Romance Scam as e-Crime and provide information about the structure and the development of the modus operandi which can be used to identify an online relationship as a scam at an early phase in order to prevent significant harm to the victim.
Wake-up timer and binary exponential backoff for ZigBee-based wireless sensor network for flexible movement control system of a self-lifting scaffold
- Liang, Hua, Yang, Guangxiang, Xu, Ye, Gondal, Iqbal, Wu, Chao
- Authors: Liang, Hua , Yang, Guangxiang , Xu, Ye , Gondal, Iqbal , Wu, Chao
- Date: 2016
- Type: Text , Journal article
- Relation: International Journal of Distributed Sensor Networks Vol. 12, no. 9 (2016), p. 1-12
- Full Text:
- Reviewed:
- Description: Synchronous movement of attached self-lifting scaffolds is traditionally monitored with wired sensors in high-rise building construction, which limits their flexibility of movements. A ZigBee-based wireless sensor system has been suggested in this article to prove the effectiveness of wireless sensor networks in actual implementation. Two optoelectronic sensors are integrated into a ZigBee node for measuring the displacement of attached self-lifting scaffolds. The proposed wireless sensor network combines an end device and a coordinator to allow easy replacement of sensors as compared to a wired network. A wake-up timer algorithm is proposed to reduce the transmitting power during continuous wireless data communication in the wireless sensor network. Furthermore, a variant binary exponential backoff transmission algorithm for data loss avoidance is proposed. The variant binary exponential backoff algorithm reduces packet collisions during simultaneous access by increasing the randomizing moments at nodes attempting to access the wireless channels. The performance of three of the proposed modules - a cable sensor, a 315-MHz sensor, and a ZigBee sensor - is evaluated in terms of packet delivery ratio and the end-to-end delay of a ZigBee-based wireless sensor network. The experimental results show that the proposed variant binary exponential backoff transmission algorithm achieves a higher packet delivery ratio at the cost of higher delays. The average cost of the developed ZigBee-based wireless sensor network decreased by 24% compared with the cable sensor. The power consumption of ZigBee is approximately 53.75% of the 315-MHz sensor. The average current consumption is reduced by approximately 1.5 mA with the wake-up timer algorithm at the same sampling rate. © The Author(s) 2016.
- Authors: Liang, Hua , Yang, Guangxiang , Xu, Ye , Gondal, Iqbal , Wu, Chao
- Date: 2016
- Type: Text , Journal article
- Relation: International Journal of Distributed Sensor Networks Vol. 12, no. 9 (2016), p. 1-12
- Full Text:
- Reviewed:
- Description: Synchronous movement of attached self-lifting scaffolds is traditionally monitored with wired sensors in high-rise building construction, which limits their flexibility of movements. A ZigBee-based wireless sensor system has been suggested in this article to prove the effectiveness of wireless sensor networks in actual implementation. Two optoelectronic sensors are integrated into a ZigBee node for measuring the displacement of attached self-lifting scaffolds. The proposed wireless sensor network combines an end device and a coordinator to allow easy replacement of sensors as compared to a wired network. A wake-up timer algorithm is proposed to reduce the transmitting power during continuous wireless data communication in the wireless sensor network. Furthermore, a variant binary exponential backoff transmission algorithm for data loss avoidance is proposed. The variant binary exponential backoff algorithm reduces packet collisions during simultaneous access by increasing the randomizing moments at nodes attempting to access the wireless channels. The performance of three of the proposed modules - a cable sensor, a 315-MHz sensor, and a ZigBee sensor - is evaluated in terms of packet delivery ratio and the end-to-end delay of a ZigBee-based wireless sensor network. The experimental results show that the proposed variant binary exponential backoff transmission algorithm achieves a higher packet delivery ratio at the cost of higher delays. The average cost of the developed ZigBee-based wireless sensor network decreased by 24% compared with the cable sensor. The power consumption of ZigBee is approximately 53.75% of the 315-MHz sensor. The average current consumption is reduced by approximately 1.5 mA with the wake-up timer algorithm at the same sampling rate. © The Author(s) 2016.
Partial undersampling of imbalanced data for cyber threats detection
- Moniruzzaman, Md, Bagirov, Adil, Gondal, Iqbal
- Authors: Moniruzzaman, Md , Bagirov, Adil , Gondal, Iqbal
- Date: 2020
- Type: Text , Conference proceedings , Conference paper
- Relation: 2020 Australasian Computer Science Week Multiconference, ACSW 2020
- Full Text:
- Reviewed:
- Description: Real-time detection of cyber threats is a challenging task in cyber security. With the advancement of technology and ease of access to the internet, more and more individuals and organizations are becoming the target for various cyber attacks such as malware, ransomware, spyware. The target of these attacks is to steal money or valuable information from the victims. Signature-based detection methods fail to keep up with the constantly evolving new threats. Machine learning based detection has drawn more attention of researchers due to its capability of detecting new and modified attacks based on previous attack's behaviour. The number of malicious activities in a certain domain is significantly low compared to the number of normal activities. Therefore, cyber threats detection data sets are imbalanced. In this paper, we proposed a partial undersampling method to deal with imbalanced data for detecting cyber threats. © 2020 ACM.
- Description: E1
- Authors: Moniruzzaman, Md , Bagirov, Adil , Gondal, Iqbal
- Date: 2020
- Type: Text , Conference proceedings , Conference paper
- Relation: 2020 Australasian Computer Science Week Multiconference, ACSW 2020
- Full Text:
- Reviewed:
- Description: Real-time detection of cyber threats is a challenging task in cyber security. With the advancement of technology and ease of access to the internet, more and more individuals and organizations are becoming the target for various cyber attacks such as malware, ransomware, spyware. The target of these attacks is to steal money or valuable information from the victims. Signature-based detection methods fail to keep up with the constantly evolving new threats. Machine learning based detection has drawn more attention of researchers due to its capability of detecting new and modified attacks based on previous attack's behaviour. The number of malicious activities in a certain domain is significantly low compared to the number of normal activities. Therefore, cyber threats detection data sets are imbalanced. In this paper, we proposed a partial undersampling method to deal with imbalanced data for detecting cyber threats. © 2020 ACM.
- Description: E1
State estimation within ied based smart grid using kalman estimates
- Rashed, Muhammad, Gondal, Iqbal, Kamruzzaman, Joarder, Islam, Syed
- Authors: Rashed, Muhammad , Gondal, Iqbal , Kamruzzaman, Joarder , Islam, Syed
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 15 (2021), p.
- Full Text:
- Reviewed:
- Description: State Estimation is a traditional and reliable technique within power distribution and control systems. It is used for building a topology of the power grid network based on state measurements and current operational state of different nodes & buses. The protection of sensors and measurement units such as Intelligent Electronic Devices (IED) in Central Energy Management System (CEMS) against False Data Injection Attacks (FDIAs) is a big concern to grid operators. These are special kind of cyber-attacks that are directed towards the state & measurement data in such a way that mislead the CEMS into making incorrect decisions and create generation load imbalance. These are known to bypass the traditional bad data detection systems within central estimators. This paper presents the use of an additional novel state estimator based on Kalman filter along with traditional Distributed State Estimation (DSE) which is based on Weighted Least Square (WLS). Kalman filter is a feedback control mechanism that constantly updates itself based on state prediction and state correction technique and shows improvement in the estimates. The additional estimator output is compared with the results of DSE in order to identify anomalies and injection of false data. We evaluated our methodology by simulating proposed technique using MATPOWER over IEEE-14, IEEE-30, IEEE-118, IEEE-300 bus. The results clearly demonstrate the superiority of the proposed method over traditional state estimation. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Rashed, Muhammad , Gondal, Iqbal , Kamruzzaman, Joarder , Islam, Syed
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 15 (2021), p.
- Full Text:
- Reviewed:
- Description: State Estimation is a traditional and reliable technique within power distribution and control systems. It is used for building a topology of the power grid network based on state measurements and current operational state of different nodes & buses. The protection of sensors and measurement units such as Intelligent Electronic Devices (IED) in Central Energy Management System (CEMS) against False Data Injection Attacks (FDIAs) is a big concern to grid operators. These are special kind of cyber-attacks that are directed towards the state & measurement data in such a way that mislead the CEMS into making incorrect decisions and create generation load imbalance. These are known to bypass the traditional bad data detection systems within central estimators. This paper presents the use of an additional novel state estimator based on Kalman filter along with traditional Distributed State Estimation (DSE) which is based on Weighted Least Square (WLS). Kalman filter is a feedback control mechanism that constantly updates itself based on state prediction and state correction technique and shows improvement in the estimates. The additional estimator output is compared with the results of DSE in order to identify anomalies and injection of false data. We evaluated our methodology by simulating proposed technique using MATPOWER over IEEE-14, IEEE-30, IEEE-118, IEEE-300 bus. The results clearly demonstrate the superiority of the proposed method over traditional state estimation. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.
False data detection in a clustered smart grid using unscented Kalman filter
- Rashed, Muhammad, Kamruzzaman, Joarder, Gondal, Iqbal, Islam, Syed
- Authors: Rashed, Muhammad , Kamruzzaman, Joarder , Gondal, Iqbal , Islam, Syed
- Date: 2022
- Type: Text , Journal article
- Relation: IEEE Access Vol. 10, no. (2022), p. 78548-78556
- Full Text:
- Reviewed:
- Description: The smart grid accessibility over the Internet of Things (IoT) is becoming attractive to electrical grid operators as it brings considerable operational and cost efficiencies. However, this in return creates significant cyber security challenges, such as fortification of state estimation data such as state variables against false data injection attacks (FDIAs). In this paper, a clustered partitioning state estimation (CPSE) technique is proposed to detect FDIA by using static state estimation, namely, weighted least square (WLS) method in conjunction with dynamic state estimation using minimum variance unscented Kalman filter (MV-UKF) which improves the accuracy of state estimation. The estimates acquired from the MV-UKF do not deviate like WLS as these are purely based on the previous iteration saved in the transition matrix. The deviation between the corresponding estimations of WLS and MV-UKF are utilised to partition the smart grid into smaller sub-systems to detect FDIA and then identify its location. To validate the proposed detection technique, FIDAs are injected into IEEE 14-bus, IEEE 30-bus, IEEE 118-bus, and IEEE 300-bus distribution feeder using MATPOWER simulation platform. Our results clearly demonstrate that the proposed technique can locate the attack area efficiently compared to other techniques such as chi square. © 2013 IEEE.
- Authors: Rashed, Muhammad , Kamruzzaman, Joarder , Gondal, Iqbal , Islam, Syed
- Date: 2022
- Type: Text , Journal article
- Relation: IEEE Access Vol. 10, no. (2022), p. 78548-78556
- Full Text:
- Reviewed:
- Description: The smart grid accessibility over the Internet of Things (IoT) is becoming attractive to electrical grid operators as it brings considerable operational and cost efficiencies. However, this in return creates significant cyber security challenges, such as fortification of state estimation data such as state variables against false data injection attacks (FDIAs). In this paper, a clustered partitioning state estimation (CPSE) technique is proposed to detect FDIA by using static state estimation, namely, weighted least square (WLS) method in conjunction with dynamic state estimation using minimum variance unscented Kalman filter (MV-UKF) which improves the accuracy of state estimation. The estimates acquired from the MV-UKF do not deviate like WLS as these are purely based on the previous iteration saved in the transition matrix. The deviation between the corresponding estimations of WLS and MV-UKF are utilised to partition the smart grid into smaller sub-systems to detect FDIA and then identify its location. To validate the proposed detection technique, FIDAs are injected into IEEE 14-bus, IEEE 30-bus, IEEE 118-bus, and IEEE 300-bus distribution feeder using MATPOWER simulation platform. Our results clearly demonstrate that the proposed technique can locate the attack area efficiently compared to other techniques such as chi square. © 2013 IEEE.
An efficient data extraction framework for mining wireless sensor networks
- Rashid, Md. Mamunur, Gondal, Iqbal, Kamruzzaman, Joarder
- Authors: Rashid, Md. Mamunur , Gondal, Iqbal , Kamruzzaman, Joarder
- Date: 2016
- Type: Text , Conference paper
- Relation: 23rd International Conference, ICONIP 2016; Kyoto, Japan; 16th-21st October 2016; published in Neural Information Processing, Part III (Lecture Notes in Computer Science series) Vol. 9949, p. 491-498
- Full Text:
- Reviewed:
- Description: Behavioral patterns for sensors have received a great deal of attention recently due to their usefulness in capturing the temporal relations between sensors in wireless sensor networks. To discover these patterns, we need to collect the behavioral data that represents the sensor's activities over time from the sensor database that attached with a well-equipped central node called sink for further analysis. However, given the limited resources of sensor nodes, an effective data collection method is required for collecting the behavioral data efficiently. In this paper, we introduce a new framework for behavioral patterns called associated-correlated sensor patterns and also propose a MapReduce based new paradigm for extract data from the wireless sensor network by distributed away. Extensive performance study shows that the proposed method is capable to reduce the data size almost 50% compared to the centralized model.
- Authors: Rashid, Md. Mamunur , Gondal, Iqbal , Kamruzzaman, Joarder
- Date: 2016
- Type: Text , Conference paper
- Relation: 23rd International Conference, ICONIP 2016; Kyoto, Japan; 16th-21st October 2016; published in Neural Information Processing, Part III (Lecture Notes in Computer Science series) Vol. 9949, p. 491-498
- Full Text:
- Reviewed:
- Description: Behavioral patterns for sensors have received a great deal of attention recently due to their usefulness in capturing the temporal relations between sensors in wireless sensor networks. To discover these patterns, we need to collect the behavioral data that represents the sensor's activities over time from the sensor database that attached with a well-equipped central node called sink for further analysis. However, given the limited resources of sensor nodes, an effective data collection method is required for collecting the behavioral data efficiently. In this paper, we introduce a new framework for behavioral patterns called associated-correlated sensor patterns and also propose a MapReduce based new paradigm for extract data from the wireless sensor network by distributed away. Extensive performance study shows that the proposed method is capable to reduce the data size almost 50% compared to the centralized model.