Hybrid Artificial Intelligence System for Cyber Security
1. Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
Konstantinos Demertzis – Lazaros Iliadis
ESADM
ECISMD
Hybrid Artificial Intelligence System for Cyber Security
2. 2
Hybrid Artificial Intelligence System for Cyber Security
Agenda
– Introduction
– Hybrid Artificial Intelligence System for Cyber Security (HAISCS)
– Evolving Spiking Anomaly Detection Model (ESADM)
– Evolving Computational Intelligence System for Malware Detection (ECISMD)
– ESADM
– Spiking Neural Network Classification
– Spiking Neural Network Pattern Recognition
– ECISMD
– Spiking Neural Network Classification
– Evolving Classification Function (ECF)
– Genetic Algorithm for Offline ECF Optimization
– Results
– Future Directions
– Conclusions
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
3. 3
Introduction
– Artificial Intelligence (AI)
– is the intelligence exhibited by machines or software, and the branch of computer
science that develops machines and software with intelligence.
– Machine Learning
– a branch of artificial intelligence, concerns the construction and study of systems
that can learn from data.
Hybrid Artificial Intelligence System for Cyber Security
– Pattern Recognition
– in machine learning aims to classify data
(patterns) based on either priori knowledge
extracted from the patterns.
– Classification
– is the problem of identifying to which of a set of
categories (sub-populations) a new observation
belongs, on the basis of a training set of data
containing observations (or instances) whose
category membership is known (Supervised
Learning).
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
4. 4
Hybrid Artificial Intelligence System for Cyber Security (HAISCS)
Hybrid
Evolving
Spiking
Anomaly
Detection
Model
(HESADM)
Hybrid Artificial Intelligence System for Cyber Security
ESADM
ECISMD
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
5. 5
Evolving Spiking Anomaly Detection Model (ESADM)
Hybrid Artificial Intelligence System for Cyber Security
ESADM
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
6. 6
Evolving Spiking Anomaly Detection Model (ESADM)
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
7. 7
Evolving Spiking Anomaly Detection Model (ESADM)
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
8. 8
Evolving Spiking Anomaly Detection Model (ESADM)
– Evolving Spiking Neural Network (eSNN) Classification
– Gaussian Receptive Fields
– Rank Order Population Encoding
– One-Pass Learning
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
9. 9
Evolving Spiking Anomaly Detection Model (ESADM)
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
10. 10
Evolving Spiking Anomaly Detection Model (ESADM)
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
11. 11
Evolving Spiking Anomaly Detection Model (ESADM)
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
12. 12
Evolving Spiking Anomaly Detection Model (ESADM)
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
14. 14
Evolving Computational Intelligence System for Malware Detection (ECISMD)
Hybrid Artificial Intelligence System for Cyber Security
ESADM
ECISMD
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
15. 15
Evolving Computational Intelligence System for Malware Detection (ECISMD)
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
16. 16
Evolving Computational Intelligence System for Malware Detection (ECISMD)
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
17. 17
Evolving Computational Intelligence System for Malware Detection (ECISMD)
– Evolving Classification Function (ECF)
– used for pattern classification, generates rule nodes in an N dimensional input
space and associate them with classes. Each rule node is defined with its centre,
radius (influence field) and the class it belongs to. A learning mechanism is
designed in such a way that the nodes can be generated.
Hybrid Artificial Intelligence System for Cyber Security
Rule 1:if
X1 is ( 2: 0.50 )
X2 is ( 1: 0.69 )
X3 is ( 1: 0.95 )
X4 is ( 1: 0.95 )
X5 is ( 1: 0.94 )
X6 is ( 1: 0.52 )
X7 is ( 1: 0.95 )
X8 is ( 2: 0.87 )
X9 is ( 2: 0.82 )
then Class is [1]
Radius = 0.022719 , 20 in node
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
18. 18
Evolving Computational Intelligence System for Malware Detection (ECISMD)
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
19. 19
Evolving Computational Intelligence System for Malware Detection (ECISMD).
Hybrid Artificial Intelligence System for Cyber Security
– Genetic Algorithm for Offline ECF Optimization
– A Genetic Algorithm is an evolutionary
algorithm in which the principles of the
Darwin's theory of evolution are applied to
a population of solutions to a problem in
order to "breed" better solutions.
– Solutions, in this case the parameters of the
ECF network, are encoded in a binary string
and each solution is given a score depending
on how well it performs.
– Good solutions are selected more frequently
for breeding, and are subjected to crossover
and mutation (loosely analogous to those
operations found in biological systems).
– After several generations, the population of
solutions should converge on a "good"
solution.
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
20. 20
Evolving Computational Intelligence System for Malware Detection (ECISMD)
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
21. 21
Evolving Computational Intelligence System for Malware Detection (ECISMD)
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
22. 22
Evolving Computational Intelligence System for Malware Detection (ECISMD)
Hybrid Artificial Intelligence System for Cyber Security
Packed Dataset
Classifier
Train
Accuracy
Test
Accuracy
RBFNetwork 98.3085% 98.0859%
NaiveBayes 98.3975% 97.1144%
MLP 99.5326% 96.2189%
LibSVM 99.4436% 89.8507%
k-NN 99.4436% 96.6169%
eSNN 99.8% 99.2%
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
23. 23
Evolving Computational Intelligence System for Malware Detection (ECISMD)
Hybrid Artificial Intelligence System for Cyber Security
Malware Dataset
Classifier
Train
Accuracy
Test
Accuracy
RBFNetwork 94.4031% 93.0612%
NaiveBayes 94.0533% 92.3469%
MLP 97.7551% 97.289%
LibSVM 94.6218% 94.2857%
k-NN 98.1198% 96.8367%
ECF 99.05% 95.561%
Optimized
ECF
99.87% 97.992%
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
24. 24
Evolving Computational Intelligence System for Malware Detection (ECISMD)
– Future Directions
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
25. 25
Demertzis K., Iliadis L. (2014). A Hybrid Network Anomaly and Intrusion Detection Approach Based on
Evolving Spiking Neural Network Classification. In: Sideridis A., Kardasiadou Z., Yialouris C., Zorkadis V.
(eds) E-Democracy, Security, Privacy and Trust in a Digital World. e-Democracy 2013. Communications in
Computer and Information Science, vol 441. Springer, Cham
Demertzis K., Iliadis L. (2014). Evolving Computational Intelligence System for Malware Detection, In:
Advanced Information Systems Engineering Workshops, Lecture Notes in Business Information
Processing, 178, 322-334. doi: 10.1007/978-3-319-07869-4_30
Demertzis K., Iliadis L. (2014, April). Bio-Inspired Hybrid Artificial Intelligence Framework for Cyber
Security. In: Daras N., Rassias M. (eds) Computation, Cryptography, and Network Security. Springer,
Cham
Demertzis K., Iliadis L. (2014, November). Bio-Inspired Hybrid Intelligent Method for Detecting Android
Malware, In: Iliadis L., Papazoglou M., Pohl K. (eds) Advanced Information Systems Engineering
Workshops. CAiSE 2014. Lecture Notes in Business Information Processing, vol 178. Springer, Cham
[Demertzis K., Iliadis L. (2015, April). Evolving Smart URL Filter in a Zone-based Policy Firewall for
Detecting Algorithmically Generated Malicious Domains. In: Gammerman A., Vovk V., Papadopoulos H.
(eds) Statistical Learning and Data Sciences. SLDS 2015. Lecture Notes in Computer Science, vol 9047.
Springer, Cham.
Demertzis K., Iliadis L. (2015, September). SAME: An Intelligent Anti-Malware Extension for Android ART
Virtual Machine. In: Núñez M., Nguyen N., Camacho D., Trawiński B. (eds) Computational Collective
Intelligence. Lecture Notes in Computer Science, vol 9330. Springer.
Demertzis K., Iliadis L. (2016), Computational Intelligence Anti-Malware Framework for Android OS,
Vietnam J Comput Sci (2017) 4: 245. https://doi.org/10.1007/s40595-017-0095-3.
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
26. 26
Demertzis K., Iliadis L. (2016), Ladon: A Cyber-Threat Bio-Inspired Intelligence Management System,
Journal of Applied Mathematics & Bioinformatics, vol.6, no.3, 2016, 45-64, ISSN: 1792-6602 (print), 1792-
6939 (online), Scienpress Ltd, 2016.
Demertzis K., L. S. Iliadis, V.-D. Anezakis, An innovative soft computing system for smart energy grids
cybersecurity, Advances in Building Energy Research, pp. 1-22, Taylor & Francis.
K. Demertzis and L. Iliadis, “The Impact of Climate Change on Biodiversity: The Ecological Consequences
of Invasive Species in Greece”. In: Leal Filho W., Manolas E., Azul A., Azeiteiro U., McGhie H. (eds),
Handbook of Climate Change Communication: vol. 1, Climate Change Management, pp.15-38. Springer,
Cham, 2018. https://doi.org/10.1007/978-3-319-69838-0_2
K. Demertzis, L. Iliadis and V.D. Anezakis, “A deep spiking machine-hearing system for the case of
invasive fish species”, Proceedings of 2017 IEEE International Conference on Innovations in Intelligent
Systems and Applications, Gdynia, Poland, pp. 23-28, 2017. doi:10.1109/INISTA.2017.8001126
K. Demertzis, L.S. Iliadis and V.D. Anezakis, “Commentary: Aedes albopictus and Aedes japonicus—two
invasive mosquito species with different temperature niches in Europe”, Frontiers in Environmental
Science, vol.5, no. 85, pp. 1-3, 2017. doi: 10.3389/fenvs.2017.00085
K. Demertzis and L. Iliadis, “Detecting invasive species with a bio-inspired semisupervised
neurocomputing approach: the case of Lagocephalus sceleratus”, Neural Computing & Applications,
vol.28, no.6, pp. 1225-1234, 2017. Springer, London. https://doi.org/10.1007/s00521-016-2591-2
Hybrid Artificial Intelligence System for Cyber Security
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
27. 27
Hybrid Artificial Intelligence System for Cyber Security
Forest Informatics Laboratory
Director of the Lab Professor Lazaros S. Iliadis
Research Areas
– Fuzzy Logic
– Computational Intelligence
– Soft Computing
– Machine Learning
– Pattern Recognition
– Neural Networks
– Support Vector Machines
– Genetic Algorithms
– Adaptive Fuzzy Clustering
– Heuristic Models
– Intelligent Agents – multiAgent Systems
– Expert Systems - Knowledge Systems - Fuzzy Inference Systems
– Intelligent Information Systems and Applications in Risk Management
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory
28. 28
kdemertz@fmenr.duth.gr | liliadis@fmenr.duth.gr
Hybrid Artificial Intelligence System for Cyber Security
Conclusion
Democritus University of Thrace
Dep. of Forestry & Management of the Environment & Natural Resources
Forest Informatics Laboratory