• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.232-240
• /
• 2022

To fulfill user expectations, the rapid evolution of software techniques and approaches has necessitated reliable and flawless software operations. Aging prediction in the software under operation is becoming a basic and unavoidable requirement for ensuring the systems' availability, reliability, and operations. In this paper, an improved evolutionary computing-driven extreme learning scheme (ECD-ELM) has been suggested for object-oriented software aging prediction. To perform aging prediction, we employed a variety of metrics, including program size, McCube complexity metrics, Halstead metrics, runtime failure event metrics, and some unique aging-related metrics (ARM). In our suggested paradigm, extracting OOP software metrics is done after pre-processing, which includes outlier detection and normalization. This technique improved our proposed system's ability to deal with instances with unbalanced biases and metrics. Further, different dimensional reduction and feature selection algorithms such as principal component analysis (PCA), linear discriminant analysis (LDA), and T-Test analysis have been applied. We have suggested a single hidden layer multi-feed forward neural network (SL-MFNN) based ELM, where an adaptive genetic algorithm (AGA) has been applied to estimate the weight and bias parameters for ELM learning. Unlike the traditional neural networks model, the implementation of GA-based ELM with LDA feature selection has outperformed other aging prediction approaches in terms of prediction accuracy, precision, recall, and F-measure. The results affirm that the implementation of outlier detection, normalization of imbalanced metrics, LDA-based feature selection, and GA-based ELM can be the reliable solution for object-oriented software aging prediction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.8
• /
• pp.3865-3883
• /
• 2016

Infrastructure as a Service (IaaS) encapsulates computer hardware into a large amount of virtual and manageable instances mainly in the form of virtual machine (VM), and provides rental service for users. Currently, VM anomaly incidents occasionally occur, which leads to performance issues and even downtime. This paper aims at detecting anomalous VMs based on performance metrics data of VMs. Due to the dynamic nature and increasing scale of IaaS, detecting anomalous VMs from voluminous correlated and non-Gaussian monitored performance data is a challenging task. This paper designs an anomaly detection framework to solve this challenge. First, it collects 53 performance metrics to reflect the running state of each VM. The collected performance metrics are testified not to follow the Gaussian distribution. Then, it employs independent components analysis (ICA) instead of principal component analysis (PCA) to extract independent components from collected non-Gaussian performance metric data. For anomaly detection, it employs multi-class Bayesian classification to determine the current state of each VM. To evaluate the performance of the designed detection framework, four types of anomalies are separately or jointly injected into randomly selected VMs in a campus-wide testbed. The experimental results show that ICA-based detection mechanism outperforms PCA-based and LDA-based detection mechanisms in terms of sensitivity and specificity.

• ETRI Journal
• /
• v.41 no.5
• /
• pp.684-695
• /
• 2019

In a cloud environment, performance degradation, or even downtime, of virtual machines (VMs) usually appears gradually along with anomalous states of VMs. To better characterize the state of a VM, all possible performance metrics are collected. For such high-dimensional datasets, this article proposes a feature extraction algorithm based on unsupervised fuzzy linear discriminant analysis with kernel (UFKLDA). By introducing the kernel method, UFKLDA can not only effectively deal with non-Gaussian datasets but also implement nonlinear feature extraction. Two sets of experiments were undertaken. In discriminability experiments, this article introduces quantitative criteria to measure discriminability among all classes of samples. The results show that UFKLDA improves discriminability compared with other popular feature extraction algorithms. In detection accuracy experiments, this article computes accuracy measures of an anomaly detection algorithm (i.e., C-SVM) on the original performance metrics and extracted features. The results show that anomaly detection with features extracted by UFKLDA improves the accuracy of detection in terms of sensitivity and specificity.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.7
• /
• pp.101-108
• /
• 2022

We propose an intrusion detection model that detects denial-of-service(DoS) and distributed reflection denial-of-service(DRDoS) attacks, based on the empirical data of each internet of things(IoT) device by training system and network metrics that can be commonly collected from various IoT devices. First, we collect 37 system and network metrics from each IoT device considering IoT attack scenarios; further, we train them using six types of machine learning models to identify the most effective machine learning models as well as important metrics in detecting and distinguishing IoT attacks. Our experimental results show that the Random Forest model has the best performance with accuracy of over 96%, followed by the K-Nearest Neighbor model and Decision Tree model. Of the 37 metrics, we identified five types of CPU, memory, and network metrics that best imply the characteristics of the attacks in all the experimental scenarios. Furthermore, we found out that packets with higher transmission speeds than larger size packets represent the characteristics of DoS and DRDoS attacks more clearly in IoT networks.

• Journal of Communications and Networks
• /
• v.10 no.1
• /
• pp.89-97
• /
• 2008

Anomaly detection systems playa significant role in protection mechanism against attacks launched on a network. The greatest challenge in designing systems detecting anomalous exploits is defining what to measure. Effective yet simple, Shannon entropy metrics have been successfully used to detect specific types of malicious traffic in a number of commercially available IDS's. We believe that Renyi entropy measures can also adequately describe the characteristics of a network as a whole as well as detect abnormal traces in the observed traffic. In addition, Renyi entropy metrics might boost sensitivity of the methods when disambiguating certain anomalous patterns. In this paper we describe our efforts to understand how Renyi mutual information can be applied to anomaly detection as an offline computation. An initial analysis has been performed to determine how well fast spreading worms (Slammer, Code Red, and Welchia) can be detected using our technique. We use both synthetic and real data audits to illustrate the potentials of our method and provide a tentative explanation of the results.

• Proceedings of the Korea Institute of Convergence Signal Processing
• /
• 2003.06a
• /
• pp.217-221
• /
• 2003

In this paper, the Viterbi decoder containing new branch metrics of the squared Euclidean distance with multiple order phase differences is introduced in order to improve the bit error rate (BER) in the differential detection of the trellis-coded MDPSK-OFDM. The proposed Viterbi decoder is conceptually same as the multiple Phase differential detection method that uses the branch metric with multiple phase differences. Also, we describe the Viterbi algorithm in order to use this branch metrics. Our study shows that such a Viterbi decoder improves BER performance without sacrificing bandwidth and power efficiency. Also, the proposed algorithm can be used in the single carrier modulation.

• Smart Structures and Systems
• /
• v.5 no.4
• /
• pp.415-426
• /
• 2009

This study focuses on the concept of multi-scale wireless sensor networks for damage detection in civil infrastructure systems by first over viewing the general network philosophy and attributes in the areas of data acquisition, data reduction, assessment and decision making. The data acquisition aspect includes a scalable wireless sensor network acquiring acceleration and strain data, triggered using a Restricted Input Network Activation scheme (RINAS) that extends network lifetime and reduces the size of the requisite undamaged reference pool. Major emphasis is given in this study to data reduction and assessment aspects that enable a decentralized approach operating within the hardware and power constraints of wireless sensor networks to avoid issues associated with packet loss, synchronization and latency. After over viewing various models for data reduction, the concept of a data-driven Bivariate Regressive Adaptive INdex (BRAIN) for damage detection is presented. Subsequent examples using experimental and simulated data verify two major hypotheses related to the BRAIN concept: (i) data-driven damage metrics are more robust and reliable than their counterparts and (ii) the use of heterogeneous sensing enhances overall detection capability of such data-driven damage metrics.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.17 no.3 s.106
• /
• pp.272-279
• /
• 2006

In this paper, we evaluate the performance of frame synchronization words of pilot bit patterns which are used for the channel estimation and frame synchronization confirmation in W-CDMA(Wide band Code Division Multiple Access) system. W-CDMA system also uses compressed mode to make measurements from another frequency without a full dual receiver terminal. It is confirmed by using computer simulation that the proposed frame synchronization words also maintain the frame synchronization property in the compressed mode by using the complementary mapping relationship of preferred pair ROC(Receiver Operating Characteristic) curves with probability of detection and false alarm are used to analized the performance of the proposed frame synchronization words by using the various detection metrics such as LLRT(Log Likelyhood Ratio Test), GLRT(Generalied Likelyhood Ratio Test), soft and hard correlation tests in AWGN and Rayleigh fading channels. It is expected that the research results fer the performance of pilot bit patterns of this paper can be useful reference for the design and implementation of frame synchronization in 3rd generation W-CDMA system.

• Journal of the Korea Safety Management & Science
• /
• v.15 no.2
• /
• pp.243-253
• /
• 2013

This research paper introduces the application and implementation of medical decision metrics that classifies medical decision-making into four different metrics using statistical diagnostic tools, such as confusion matrix, normal distribution, Bayesian prediction and Receiver Operating Curve(ROC). In this study, the metrics are developed based on cross-section study, cohort study and case-control study done by systematic literature review and reformulated the structure of type I error, type II error, confidence level and power of detection. The study proposed implementation strategies for 10 quality improvement activities via 14 medical decision metrics which consider specificity and sensitivity in terms of ${\alpha}$ and ${\beta}$. Examples of ROC implication are depicted in this paper with a useful guidelines to implement a continuous quality improvement, not only in a variable acceptance sampling in Quality Control(QC) but also in a supplier grading score chart in Supplier Chain Management(SCM) quality. This research paper is the first to apply and implement medical decision-making tools as quality improvement activities. These proposed models will help quality practitioners to enhance the process and product quality level.

• Journal of the Institute of Convergence Signal Processing
• /
• v.3 no.2
• /
• pp.37-44
• /
• 2002

In this paper, the Viterbi decoder containing new branch metrics of the squared Euclidean distance with multiple order phase differences is introduced in order to improve the bit error rate (BER) in the differential detection of the trellis-coded MDPSK-DFDM. The proposed Viterbi decoder is conceptually same as the sliding multiple phase differential detection method that uses the branch metric with multiple phase differences. Also, we describe the Viterbi algorithm in order to use this branch metrics. Our study shows that such a Viterbi decoder improves BER peformance without sacrificing bandwidth and power efficiency. Also, the proposed algorithm can be used in the single carrier modulation.