A prototype real-time intrusion-detection expert system

Well field management in urban areas faces challenges such as pollution from old waste deposits and former industrial sites, pollution from chemical accidents along transport lines or in industry, or diffuse pollution from leaking sewers. One possibility to protect the drinking water of a well field is the maintenance of a hydraulic barrier between the potentially polluted and the clean water. An example is the Hardhof well field in Zurich, Switzerland. This paper presents the methodology for a simple and fast expert system (ES), applies it to the Hardhof well field, and compares its performance to the historical management method of the Hardhof well field. Although the ES is quite simplistic it considerably improves the water quality in the drinking water wells. The ES knowledge base is crucial for successful management application. Therefore, a periodic update of the knowledge base is suggested for the real-time application of the ES.

Download Full-text

Expert system for real-time aircraft monitoring

Journal of Aircraft ◽

10.2514/3.46128 ◽

1992 ◽

Vol 29 (1) ◽

pp. 79-84

Author(s):

Joey B. Flanders ◽

Charles H. Jones ◽

Robin M. Madison

Keyword(s):

Expert System ◽

Real Time

Download Full-text

Deep Transfer Learning Based Intrusion Detection System for Electric Vehicular Networks

Sensors ◽

10.3390/s21144736 ◽

2021 ◽

Vol 21 (14) ◽

pp. 4736

Author(s):

Sk. Tanzir Mehedi ◽

Adnan Anwar ◽

Ziaur Rahman ◽

Kawsar Ahmed

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Intrusion Detection ◽

Real Time ◽

Transfer Learning ◽

Security Requirements ◽

Detection Accuracy ◽

Area Network ◽

Complex Data ◽

Network Intrusion

The Controller Area Network (CAN) bus works as an important protocol in the real-time In-Vehicle Network (IVN) systems for its simple, suitable, and robust architecture. The risk of IVN devices has still been insecure and vulnerable due to the complex data-intensive architectures which greatly increase the accessibility to unauthorized networks and the possibility of various types of cyberattacks. Therefore, the detection of cyberattacks in IVN devices has become a growing interest. With the rapid development of IVNs and evolving threat types, the traditional machine learning-based IDS has to update to cope with the security requirements of the current environment. Nowadays, the progression of deep learning, deep transfer learning, and its impactful outcome in several areas has guided as an effective solution for network intrusion detection. This manuscript proposes a deep transfer learning-based IDS model for IVN along with improved performance in comparison to several other existing models. The unique contributions include effective attribute selection which is best suited to identify malicious CAN messages and accurately detect the normal and abnormal activities, designing a deep transfer learning-based LeNet model, and evaluating considering real-world data. To this end, an extensive experimental performance evaluation has been conducted. The architecture along with empirical analyses shows that the proposed IDS greatly improves the detection accuracy over the mainstream machine learning, deep learning, and benchmark deep transfer learning models and has demonstrated better performance for real-time IVN security.

Download Full-text

OFCOD: On the Fly Clustering Based Outlier Detection Framework

Data ◽

10.3390/data6010001 ◽

2020 ◽

Vol 6 (1) ◽

pp. 1

Author(s):

Ahmed Elmogy ◽

Hamada Rizk ◽

Amany M. Sarhan

Keyword(s):

Data Mining ◽

Image Processing ◽

Intrusion Detection ◽

Real Time ◽

Outlier Detection ◽

Real World ◽

Medical Data ◽

Experimental Results ◽

Real Time Applications ◽

Real World Datasets

In data mining, outlier detection is a major challenge as it has an important role in many applications such as medical data, image processing, fraud detection, intrusion detection, and so forth. An extensive variety of clustering based approaches have been developed to detect outliers. However they are by nature time consuming which restrict their utilization with real-time applications. Furthermore, outlier detection requests are handled one at a time, which means that each request is initiated individually with a particular set of parameters. In this paper, the first clustering based outlier detection framework, (On the Fly Clustering Based Outlier Detection (OFCOD)) is presented. OFCOD enables analysts to effectively find out outliers on time with request even within huge datasets. The proposed framework has been tested and evaluated using two real world datasets with different features and applications; one with 699 records, and another with five millions records. The experimental results show that the performance of the proposed framework outperforms other existing approaches while considering several evaluation metrics.

Download Full-text

A Real-time CSI-based Passive Intrusion Detection Method

2020 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom) ◽

10.1109/ispa-bdcloud-socialcom-sustaincom51426.2020.00163 ◽

2020 ◽

Author(s):

Xingang Wang ◽

Yufei Wang ◽

Dong Wang

Keyword(s):

Intrusion Detection ◽

Real Time ◽

Detection Method

Download Full-text

Diagnostics and Prognostics of Energy Conversion Processes via Knowledge-Based Systems

Proceedings ◽

10.3390/wef-06937 ◽

2020 ◽

Vol 58 (1) ◽

pp. 1

Author(s):

Roberto Melli ◽

Enrico Sciubba

Keyword(s):

Expert System ◽

Knowledge Base ◽

Real Time ◽

System Analysis ◽

Intelligent System ◽

Time Derivative ◽

Time History ◽

Control Procedure ◽

Time Data ◽

Ongoing Research

This paper presents a critical and analytical description of an ongoing research program aimed at the implementation of an expert system capable of monitoring, through an Intelligent Health Control procedure, the instantaneous performance of a cogeneration plant. The expert system is implemented in the CLIPS environment and is denominated PROMISA as the acronym for Prognostic Module for Intelligent System Analysis. It generates, in real time and in a form directly useful to the plant manager, information on the existence and severity of faults, forecasts on the future time history of both detected and likely faults, and suggestions on how to control the problem. The expert procedure, working where and if necessary with the support of a process simulator, derives from the available real-time data a list of selected performance indicators for each plant component. For a set of faults, pre-defined with the help of the plant operator (Domain Expert), proper rules are defined in order to establish whether the component is working correctly; in several instances, since one single failure (symptom) can originate from more than one fault (cause), complex sets of rules expressing the combination of multiple indices have been introduced in the knowledge base as well. Creeping faults are detected by analyzing the trend of the variation of an indicator over a pre-assigned interval of time. Whenever the value of this ‘‘discrete time derivative’’ becomes ‘‘high’’ with respect to a specified limit value, a ‘‘latent creeping fault’’ condition is prognosticated. The expert system architecture is based on an object-oriented paradigm. The knowledge base (facts and rules) is clustered—the chunks of knowledge pertain to individual components. A graphic user interface (GUI) allows the user to interrogate PROMISA about its rules, procedures, classes and objects, and about its inference path. The paper also presents the results of some simulation tests.

Download Full-text