Papers by Andrei Petrovski
CBANet: An End-to-End Cross-Band 2-D Attention Network for Hyperspectral Change Detection in Remote Sensing
IEEE Transactions on Geoscience and Remote Sensing
2021 14th International Conference on Security of Information and Networks (SIN), 2021
Industrial Control Systems are essential to managing national critical infrastructure, yet the se... more Industrial Control Systems are essential to managing national critical infrastructure, yet the security of these systems historically relies on isolation. The adoption of modern software solutions, and the unique challenges presented by legacy systems, has made securing industrial networks increasingly difficult. With malware identified as the leading cause of cyber incident in industrial systems, this work presents a comparative study of existing malware detection techniques, to compare both accuracy and suitability for use in the defence of industrial systems.
UDetect
Proceedings of the 14th International Conference on Advances in Mobile Computing and Multi Media, 2016
One of the major challenges in activity recognition task is the need to adapt a classification mo... more One of the major challenges in activity recognition task is the need to adapt a classification model during its operation. This is important because the underlying data distribution between those used for training and the new evolving stream of data may change during online recognition. The changes between the two sessions may occur because of differences in sensor placement, orientation and user characteristics such as age and gender. However, many of the existing approaches for model adaptation in activity recognition are blind methods because they continuously adapt the classification model without explicit detection of changes in the concepts being predicted. Therefore, we propose a concept change detection method for activity recognition under the assumption that a concept change in the model of an activity is followed by changes in the distribution of the input data attributes as well which is the realistic case for activity recognition. Our change detection method computes change detection statistic on stream of multi-dimensional unlabelled data that are classified into different concept windows. The values of the change indicators are then processed for detecting peak points that indicate concept change in the stream of activity data. Evaluation of the approach using real activity recognition dataset shows consistent detections that correlate with the error rate of the model.
2018 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)
An IoT botnet detection model is designed to detect anomalous attack traffic utilised by the mira... more An IoT botnet detection model is designed to detect anomalous attack traffic utilised by the mirai botnet malware. The model uses a novel application of Deep Bidirectional Long Short Term Memory based Recurrent Neural Network (BLSTM-RNN), in conjunction with Word Embedding, to convert string data found in captured packets, into a format usable by the BLSTM-RNN. In doing so, this paper presents a solution to the problem of detecting and making consumers situationally aware when their IoT devices are infected, and forms part of a botnet. The proposed model addresses the issue of detection, and returns high accuracy and low loss metrics for four attack vectors used by the mirai botnet malware, with only one attack vector shown to be difficult to detect and predict. A labelled dataset was generated and used for all experiments, to test and validate the accuracy and data loss in the detection model. This dataset is available upon request.
Clustering-Based Leaders’ Selection in Multi-Objective Particle Swarm Optimisation
Springer eBooks, 2011
Clustering-based Leaders’ Selection (CLS) is a novel approach for leaders selection in multi-obje... more Clustering-based Leaders’ Selection (CLS) is a novel approach for leaders selection in multi-objective particle swarm optimisation. Both objective and solution spaces are clustered. An indirect mapping between clusters in both spaces is defined to recognize regions with potentially better solutions. A leaders archive is built which contains representative particles of selected clusters in the objective and solution spaces. The results
Ensemble Common Features Technique for Lightweight Intrusion Detection in Industrial Control System
Advanced Persistent Threats Detection based on Deep Learning Approach
Bayesian Optimized Autoencoder for Predictive Maintenance of Smart Packaging Machines
Topology for Preserving Feature Correlation in Tabular Synthetic Data
Imbalanced classes in datasets are common problems often found in security data. Therefore, sever... more Imbalanced classes in datasets are common problems often found in security data. Therefore, several strategies like class resampling and cost-sensitive training have been proposed to address it. In this paper, we propose a data augmentation strategy to oversample the minority classes in the dataset. Using our Sort-Augment-Combine (SAC) technique, we split the dataset into subsets of the class labels and then generate synthetic data from each of the subsets. The synthetic data were then used to oversample the minority classes. Upon the completion of the oversampling, the independent classes were combined to form an augmented training data for model fitting. Using performance metrics such as accuracy, recall (sensitivity) and true positives (specificity), the models trained using the augmented datasets show an improvement in performance metrics over the original dataset. Similarly, in a binary class dataset, SAC performed optimally and the combination of SAC and ROSE model shows an improvement in overall accuracy, sensitivity and specificity when compared with the performance of the Random Forest model on the original dataset, ROSE and SMOTE augmented datasets.
Modern automobiles are equipped with a large number of electronic control units (ECUs) to provide... more Modern automobiles are equipped with a large number of electronic control units (ECUs) to provide safe, driver assistance and comfortable service. The controller area network (CAN) provides real-time data transmission between ECUs with adequate reliability for in-vehicle communication. However, the lack of security measures such as authentication and encryption makes the CAN bus vulnerable to cyberattacks, which affect the safety of passengers and the surrounding environment. Intrusion Detection Systems (IDS) based on one-class classification have been proposed to detect CAN bus intrusions. However, these IDSs require large amounts of benign data with different driving activities for training, which is challenging given the variety of such activities. This paper presents CAN-ODTL, a novel ondevice transfer learning-based technique to retrain the IDS using streaming CAN data on a resource-constrained Raspberry Pi device to improve the IDS. Optimized data pre-processing and model quantization minimize the CPU and RAM usage of the Raspberry Pi by making CAN-ODTL suitable to deploy in the CAN bus as an additional ECU to detect in-vehicle cyber attacks. Float 16 quantization improves the Tensorflow model with 78% of memory and 83% of detection latency reduction. Evaluation on a real public dataset over a range of seven attacks, including more sophisticated masquerade attacks, shows that CAN-ODTL outperforms the pre-trained and baseline models with over 99% detection rate for realistic attacks. Experiments on Raspberry Pi demonstrate that CAN-ODTL can detect a wide variety of attacks with near real-time detection latency of 125ms.
Beyond vanilla: Improved autoencoder-based ensemble in-vehicle intrusion detection system
Journal of information security and applications, Sep 1, 2023
The growth of information technologies has driven the development of the transportation sector, i... more The growth of information technologies has driven the development of the transportation sector, including connected and autonomous vehicles. Due to its communication capabilities, the controller area network (CAN) is the most widely used in-vehicle communication protocol. However, CAN lacks suitable security mechanisms such as message authentication and encryption. This makes the CAN bus vulnerable to numerous cyberattacks. Not only are these attacks a threat the information security and privacy, but they can also directly affect the safety of drivers, passengers and the surrounding environment of the moving vehicles. This paper presents CAN-CID, a context-aware intrusion detection system (IDS) to detect cyberattacks on the CAN bus, which would be suitable for deployment in automobiles including military vehicles, passenger cars, commercial vehicles and other CAN-based applications such as aerospace, industrial automation and medical equipment. CAN-CID is an ensemble model of a gated recurrent unit (GRU) network and a time-based model. A GRU algorithm works by learning to predict the centre ID of a CAN ID sequence, and ID-based probabilistic thresholds are used to identify anomalous IDs, whereas the time-based model identifies anomalous IDs using time-based thresholds. The number of anomalies compared to the total number of IDs over an observation window is used to classify the window status as anomalous or benign. The proposed model uses only benign data for training and threshold estimation, avoiding the need to collect realistic attack data to train the algorithm. The performance of the CAN-CID model was tested against three datasets over a range of 16 attacks, including fabrication and more sophisticated masquerade attacks. The CAN-CID model achieved an F1-Score of over 99% for 13 of those attacks and outperformed benchmark models from the literature for all attacks, with near real-time detection latency.
Multi-objective optimisation of cancer chemotherapy using smart PSO with decomposition
AbstractThe paper presents a novel approach to optimising cancer chemotherapy with respect to co... more AbstractThe paper presents a novel approach to optimising cancer chemotherapy with respect to conflicting treatment ob-jectives aimed at reducing the number of cancerous cells and at limiting the amounts of anti-cancer drugs used. The approach is based on the Particle Swarm ...
Framework for Detecting APTs Based on Steps Analysis and Correlation
Springer eBooks, 2022
2021 14th International Conference on Security of Information and Networks (SIN)
Imbalanced classes in datasets are common problems often found in security data. Therefore, sever... more Imbalanced classes in datasets are common problems often found in security data. Therefore, several strategies like class resampling and cost-sensitive training have been proposed to address it. In this paper, we propose a data augmentation strategy to oversample the minority classes in the dataset. Using our Sort-Augment-Combine (SAC) technique, we split the dataset into subsets of the class labels and then generate synthetic data from each of the subsets. The synthetic data were then used to oversample the minority classes. Upon the completion of the oversampling, the independent classes were combined to form an augmented training data for model fitting. Using performance metrics such as accuracy, recall (sensitivity) and true positives (specificity), the models trained using the augmented datasets show an improvement in performance metrics over the original dataset. Similarly, in a binary class dataset, SAC performed optimally and the combination of SAC and ROSE model shows an improvement in overall accuracy, sensitivity and specificity when compared with the performance of the Random Forest model on the original dataset, ROSE and SMOTE augmented datasets.
2015 International Conference on Information Society (i-Society), 2015
Evaluating degrees of tenant isolation in multitenancy patterns: a case study of cloud-hosted ver... more Evaluating degrees of tenant isolation in multitenancy patterns: a case study of cloud-hosted version control system (VCS). 2015 OCHEI, L.C., PETROVSKI, A. and BASS, J.M. 2015. Evaluating degrees of tenant isolation in multitenancy patterns: a case study of cloud-hosted version control system (VCS). In Proceedings of the 2015 international conference on information society (i-Society),
International Journal of Applied Decision Sciences, 2020
Value of information is a widely accepted methodology for evaluating the need to acquire new data... more Value of information is a widely accepted methodology for evaluating the need to acquire new data in the oil and gas industry. In the conventional approach to estimating the value of information, the outcomes of a project assessment relate to the decision reached by following Boolean logic. However, human thinking is based on a more complex logic that includes the ability to process uncertainty. In value of information assessment, it is often desirable to make decisions based on multiple economic criteria which, if independently evaluated, may suggest opposite decisions. Artificial intelligence has been used successfully in several areas of knowledge, increasing and enhancing analytical capabilities. This paper aims at enriching the value of information methodology by integrating fuzzy logic into the decision-making process; this integration makes it possible to develop a human thinking assessment and coherently combine several economic criteria. To the authors' knowledge, this is the first use of a fuzzy inference system in the specified knowledge domain. The methodology is successfully applied to a case study of an oil and gas subsurface assessment where the results of the standard and fuzzy methodologies are compared, leading to a more robust and complete evaluation. Sensitivity analysis is undertaken for several membership functions used in the case study to assess the impact that shifting, narrowing and stretching the membership relationship has on the value of information. The results of the sensitivity study show that, depending on the shifting, the membership functions lead to different decisions; additional sensitivities to the type of membership functions are investigated, including the functions' parameters.
Intelligent diagnostic complex of electromagnetic compatibility for automobile ignition systems
2017 6th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO), 2017
The paper presents the results of developing and implementing a complex system that models electr... more The paper presents the results of developing and implementing a complex system that models electromagnetic interferences from the automobile ignition system. The conceptual model of the diagnostic system containing four layers of context processing, has also been suggested. The functionality and applicability of the developed intelligent diagnostic complex have been evaluated through practical experiments both on a simulator (SPZ-16) and real cars (LADA 11176, VAZ 2170) yielding low errors when determining excess in the level of electromagnetic interference from the ignition system.
ACM Transactions on Evolutionary Learning and Optimization
Modelling and controlling heat transfer in rotating electrical machines is very important as it e... more Modelling and controlling heat transfer in rotating electrical machines is very important as it enables the design of assemblies (e.g., motors) that are efficient and durable under multiple operational scenarios. To address the challenge of deriving accurate data-driven estimators of key motor temperatures, we propose a multi-objective strategy for creating Linear Regression (LR) models that integrate optimised synthetic features. The main strength of our approach is that it provides decision makers with a clear overview of the optimal trade-offs between data collection costs, the expected modelling errors and the overall explainability of the generated thermal models. Moreover, as parsimonious models are required for both microcontroller deployment and domain expert interpretation, our modelling strategy contains a simple but effective step-wise regularisation technique that can be applied to outline domain-relevant mappings between LR variables and thermal profiling capabilities. ...
Uploads
Papers by Andrei Petrovski