Investigating Generalized Performance of Data-Constrained Supervised Machine Learning Models on Novel, Related Samples in Intrusion Detection.

Recently proposed methods in intrusion detection are iterating on machine learning methods as a potential solution. These novel methods are validated on one or more datasets from a sparse collection of academic intrusion detection datasets. Their recognition as improvements to the state-of-the-art is largely dependent on whether they can demonstrate a reliable increase in classification metrics compared to similar works validated on the same datasets. Whether these increases are meaningful outside of the training/testing datasets is rarely asked and never investigated. This work aims to demonstrate that strong general performance does not typically follow from strong classification on the current intrusion detection datasets. Binary classification models from a range of algorithmic families are trained on the attack classes of CSE-CIC-IDS2018, a state-of-the-art intrusion detection dataset. After establishing baselines for each class at various points of data access, the same trained models are tasked with classifying samples from the corresponding attack classes in CIC-IDS2017, CIC-DoS2017 and CIC-DDoS2019. Contrary to what the baseline results would suggest, the models have rarely learned a generally applicable representation of their attack class. Stability and predictability of generalized model performance are central issues for all methods on all attack classes. Focusing only on the three best-in-class models in terms of interdataset generalization, reveals that for network-centric attack classes (brute force, denial of service and distributed denial of service), general representations can be learned with flat losses in classification performance (precision and recall) below 5%. Other attack classes vary in generalized performance from stark losses in recall (-35%) with intact precision (98+%) for botnets to total degradation of precision and moderate recall loss for Web attack and infiltration models. The core conclusion of this article is a warning to researchers in the field. Expecting results of proposed methods on the test sets of state-of-the-art intrusion detection datasets to translate to generalized performance is likely a serious overestimation. Four proposals to reduce this overestimation are set out as future work directions.

Real-Time Estimation and Monitoring of COVID-19 Aerosol Transmission Risk in Office Buildings.

A healthy and safe indoor environment is an important part of containing the coronavirus disease 2019 (COVID-19) pandemic. Therefore, this work presents a real-time Internet of things (IoT) software architecture to automatically calculate and visualize a COVID-19 aerosol transmission risk estimation. This risk estimation is based on indoor climate sensor data, such as carbon dioxide (CO2) and temperature, which is fed into Streaming MASSIF, a semantic stream processing platform, to perform the computations. The results are visualized on a dynamic dashboard that automatically suggests appropriate visualizations based on the semantics of the data. To evaluate the complete architecture, the indoor climate during the student examination periods of January 2020 (pre-COVID) and January 2021 (mid-COVID) was analyzed. When compared to each other, we observe that the COVID-19 measures in 2021 resulted in a safer indoor environment.

mBrain: towards the continuous follow-up and headache classification of primary headache disorder patients.

BACKGROUND: The diagnosis of headache disorders relies on the correct classification of individual headache attacks. Currently, this is mainly done by clinicians in a clinical setting, which is dependent on subjective self-reported input from patients. Existing classification apps also rely on self-reported information and lack validation. Therefore, the exploratory mBrain study investigates moving to continuous, semi-autonomous and objective follow-up and classification based on both self-reported and objective physiological and contextual data. METHODS: The data collection set-up of the observational, longitudinal mBrain study involved physiological data from the Empatica E4 wearable, data-driven machine learning (ML) algorithms detecting activity, stress and sleep events from the wearables' data modalities, and a custom-made application to interact with these events and keep a diary of contextual and headache-specific data. A knowledge-based classification system for individual headache attacks was designed, focusing on migraine, cluster headache (CH) and tension-type headache (TTH) attacks, by using the classification criteria of ICHD-3. To show how headache and physiological data can be linked, a basic knowledge-based system for headache trigger detection is presented. RESULTS: In two waves, 14 migraine and 4 CH patients participated (mean duration 22.3 days). 133 headache attacks were registered (98 by migraine, 35 by CH patients). Strictly applying ICHD-3 criteria leads to 8/98 migraine without aura and 0/35 CH classifications. Adapted versions yield 28/98 migraine without aura and 17/35 CH classifications, with 12/18 participants having mostly diagnosis classifications when episodic TTH classifications (57/98 and 32/35) are ignored. CONCLUSIONS: Strictly applying the ICHD-3 criteria on individual attacks does not yield good classification results. Adapted versions yield better results, with the mostly classified phenotype (migraine without aura vs. CH) matching the diagnosis for 12/18 patients. The absolute number of migraine without aura and CH classifications is, however, rather low. Example cases can be identified where activity and stress events explain patient-reported headache triggers. Continuous improvement of the data collection protocol, ML algorithms, and headache classification criteria (including the investigation of integrating physiological data), will further improve future headache follow-up, classification and trigger detection. Trial registration This trial was retrospectively registered with number NCT04949204 on 24 June 2021 at www. CLINICALTRIALS: gov .

Explora: Interactive Querying of Multidimensional Data in the Context of Smart Cities.

Citizen engagement is one of the key factors for smart city initiatives to remain sustainable over time. This in turn entails providing citizens and other relevant stakeholders with the latest data and tools that enable them to derive insights that add value to their day-to-day life. The massive volume of data being constantly produced in these smart city environments makes satisfying this requirement particularly challenging. This paper introduces Explora, a generic framework for serving interactive low-latency requests, typical of visual exploratory applications on spatiotemporal data, which leverages the stream processing for deriving-on ingestion time-synopsis data structures that concisely capture the spatial and temporal trends and dynamics of the sensed variables and serve as compacted data sets to provide fast (approximate) answers to visual queries on smart city data. The experimental evaluation conducted on proof-of-concept implementations of Explora, based on traditional database and distributed data processing setups, accounts for a decrease of up to 2 orders of magnitude in query latency compared to queries running on the base raw data at the expense of less than 10% query accuracy and 30% data footprint. The implementation of the framework on real smart city data along with the obtained experimental results prove the feasibility of the proposed approach.

Scalable Fleet Monitoring and Visualization for Smart Machine Maintenance and Industrial IoT Applications.

The wide adoption of smart machine maintenance in manufacturing is blocked by open challenges in the Industrial Internet of Things (IIoT) with regard to robustness, scalability and security. Solving these challenges is of uttermost importance to mission-critical industrial operations. Furthermore, effective application of predictive maintenance requires well-trained machine learning algorithms which on their turn require high volumes of reliable data. This paper addresses both challenges and presents the Smart Maintenance Living Lab, an open test and research platform that consists of a fleet of drivetrain systems for accelerated lifetime tests of rolling-element bearings, a scalable IoT middleware cloud platform for reliable data ingestion and persistence, and a dynamic dashboard application for fleet monitoring and visualization. Each individual component within the presented system is discussed and validated, demonstrating the feasibility of IIoT applications for smart machine maintenance. The resulting platform provides benchmark data for the improvement of machine learning algorithms, gives insights into the design, implementation and validation of a complete architecture for IIoT applications with specific requirements concerning robustness, scalability and security and therefore reduces the reticence in the industry to widely adopt these technologies.

Resource Provisioning in Fog Computing: From Theory to Practice †.

The Internet-of-Things (IoT) and Smart Cities continue to expand at enormous rates. Centralized Cloud architectures cannot sustain the requirements imposed by IoT services. Enormous traffic demands and low latency constraints are among the strictest requirements, making cloud solutions impractical. As an answer, Fog Computing has been introduced to tackle this trend. However, only theoretical foundations have been established and the acceptance of its concepts is still in its early stages. Intelligent allocation decisions would provide proper resource provisioning in Fog environments. In this article, a Fog architecture based on Kubernetes, an open source container orchestration platform, is proposed to solve this challenge. Additionally, a network-aware scheduling approach for container-based applications in Smart City deployments has been implemented as an extension to the default scheduling mechanism available in Kubernetes. Last but not least, an optimization formulation for the IoT service problem has been validated as a container-based application in Kubernetes showing the full applicability of theoretical approaches in practical service deployments. Evaluations have been performed to compare the proposed approaches with the Kubernetes standard scheduling feature. Results show that the proposed approaches achieve reductions of 70% in terms of network latency when compared to the default scheduling mechanism.

A Secure Multi-Tier Mobile Edge Computing Model for Data Processing Offloading Based on Degree of Trust.

Current mobile devices need to run applications with high computational demands and critical response times. The mobile edge computing (MEC) paradigm was developed to improve the performance of these devices. This new computation architecture allows for the mobile devices to execute applications on fog nodes at the network edge; this process is called data processing offloading. This article presents a security model for the externalization of application execution in multi-tier MEC environments. The principal novelty of this study is that the model is able to modify the required security level in each tier of the distributed architecture as a function of the degree of trust associated with that tier. The basic idea is that a higher degree of trust requires a lower level of security, and vice versa. A formal framework is introduced that represents the general environment of application execution in distributed MEC architectures. An architecture is proposed that allows for deployment of the model in production environments and is implemented for evaluation purposes. The results show that the security model can be applied in multi-tier MEC architectures and that the model produces a minimal overhead, especially for computationally intensive applications.

Fog Computing: Enabling the Management and Orchestration of Smart City Applications in 5G Networks.

Fog computing extends the cloud computing paradigm by placing resources close to the edges of the network to deal with the upcoming growth of connected devices. Smart city applications, such as health monitoring and predictive maintenance, will introduce a new set of stringent requirements, such as low latency, since resources can be requested on-demand simultaneously by multiple devices at different locations. It is then necessary to adapt existing network technologies to future needs and design new architectural concepts to help meet these strict requirements. This article proposes a fog computing framework enabling autonomous management and orchestration functionalities in 5G-enabled smart cities. Our approach follows the guidelines of the European Telecommunications Standards Institute (ETSI) NFV MANO architecture extending it with additional software components. The contribution of our work is its fully-integrated fog node management system alongside the foreseen application layer Peer-to-Peer (P2P) fog protocol based on the Open Shortest Path First (OSPF) routing protocol for the exchange of application service provisioning information between fog nodes. Evaluations of an anomaly detection use case based on an air monitoring application are presented. Our results show that the proposed framework achieves a substantial reduction in network bandwidth usage and in latency when compared to centralized cloud solutions.

VisCARS: Knowledge Graph-based Context-Aware Recommender System for Time-Series Data Visualization and Monitoring Dashboards.

Data visualization recommendation aims to assist the user in creating visualizations from a given dataset. The process of creating appropriate visualizations requires expert knowledge of the available data model as well as the dashboard application that is used. To relieve the user from requiring this knowledge and from the manual process of creating numerous visualizations or dashboards, we present a context-aware visualization recommender system (VisCARS) for monitoring applications that automatically recommends a personalized dashboard to the user, based on the system they are monitoring and the task they are trying to achieve. Through a knowledge graph-based approach, expert knowledge about the data and the application is included as contextual features to improve the recommendation process. A dashboard ontology is presented that describes key components in a dashboard ecosystem in order to semantically annotate all the knowledge in the graph. The recommender system leverages knowledge graph embedding and comparison techniques in combination with a context-aware collaborative filtering approach to derive recommendations based on the context, i.e., the state of the monitored system, and the end-user preferences. The proposed methodology is implemented and integrated in a dynamic dashboard solution. The resulting recommender system is evaluated on a smart healthcare use-case through a quantitative performance and scalability analysis as well as a qualitative user study. The results highlight the performance of the proposed solution compared to the state-of-the-art and its potential for time-critical monitoring applications.