References of "State, Radu 50003137"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailDeep Learning on Big Data Sets in the Cloud with Apache Spark and Google TensorFlow
Glauner, Patrick UL; State, Radu UL

Scientific Conference (2016, December 09)

Machine learning is the branch of artificial intelligence giving computers the ability to learn patterns from data without being explicitly programmed. Deep Learning is a set of cutting-edge machine ... [more ▼]

Machine learning is the branch of artificial intelligence giving computers the ability to learn patterns from data without being explicitly programmed. Deep Learning is a set of cutting-edge machine learning algorithms that are inspired by how the human brain works. It allows to selflearn feature hierarchies from the data rather than modeling hand-crafted features. It has proven to significantly improve performance in challenging data analytics problems. In this tutorial, we will first provide an introduction to the theoretical foundations of neural networks and Deep Learning. Second, we will demonstrate how to use Deep Learning in a cloud using a distributed environment for Big Data analytics. This combines Apache Spark and TensorFlow, Google’s in-house Deep Learning platform made for Big Data machine learning applications. Practical demonstrations will include character recognition and time series forecasting in Big Data sets. Attendees will be provided with code snippets that they can easily amend in order to analyze their own data. A related, but shorter tutorial focusing on Deep Learning on a single computer was given at the Data Science Luxembourg Meetup in April 2016. It was attended by 70 people making it the most attended event of this Meetup series in Luxembourg ever since its beginning. [less ▲]

Detailed reference viewed: 373 (6 UL)
Full Text
Peer Reviewed
See detailInterpreting Finite Automata for Sequential Data
Hammerschmidt, Christian UL; Verwer, S.; Lin, Q. et al

in Interpretable Machine Learning for Complex Systems: NIPS 2016 workshop proceedings (2016)

Detailed reference viewed: 93 (26 UL)
Full Text
Peer Reviewed
See detailBehavior Profiling for Mobile Advertising
Du, Manxing UL; State, Radu UL; Brorsson, Mats et al

in Proceedings of the 3rd IEEE/ACM International Conference on Big Data Computing, Applications and Technologies (2016, December)

Detailed reference viewed: 109 (17 UL)
Full Text
Peer Reviewed
See detailEfficient Learning of Communication Profiles from IP Flow Records
Hammerschmidt, Christian UL; Marchal, Samuel; Pellegrino, Gaetano et al

Poster (2016, November)

The task of network traffic monitoring has evolved drastically with the ever-increasing amount of data flowing in large scale networks. The automated analysis of this tremendous source of information ... [more ▼]

The task of network traffic monitoring has evolved drastically with the ever-increasing amount of data flowing in large scale networks. The automated analysis of this tremendous source of information often comes with using simpler models on aggregated data (e.g. IP flow records) due to time and space constraints. A step towards utilizing IP flow records more effectively are stream learning techniques. We propose a method to collect a limited yet relevant amount of data in order to learn a class of complex models, finite state machines, in real-time. These machines are used as communication profiles to fingerprint, identify or classify hosts and services and offer high detection rates while requiring less training data and thus being faster to compute than simple models. [less ▲]

Detailed reference viewed: 184 (7 UL)
Full Text
Peer Reviewed
See detailLoad Forecasting with Artificial Intelligence on Big Data
Glauner, Patrick UL; State, Radu UL

Scientific Conference (2016, October 09)

In the domain of electrical power grids, there is a particular interest in time series analysis using artificial intelligence. Machine learning is the branch of artificial intelligence giving computers ... [more ▼]

In the domain of electrical power grids, there is a particular interest in time series analysis using artificial intelligence. Machine learning is the branch of artificial intelligence giving computers the ability to learn patterns from data without being explicitly programmed. Deep Learning is a set of cutting-edge machine learning algorithms that are inspired by how the human brain works. It allows to self-learn feature hierarchies from the data rather than modeling hand-crafted features. It has proven to significantly improve performance in challenging signal processing problems. In this tutorial, we will first provide an introduction to the theoretical foundations of neural networks and Deep Learning. Second, we will demonstrate how to use Deep Learning for load forecasting with TensorFlow, Google’s in-house Deep Learning platform made for Big Data machine learning applications. The advantage of Deep Learning is that the results can easily be applied to other problems, such as detection of nontechnical losses. Attendees will be provided with code snippets that they can easily amend in order to perform analyses on their own time series. [less ▲]

Detailed reference viewed: 186 (6 UL)
Full Text
Peer Reviewed
See detailBehavioral Clustering of Non-Stationary IP Flow Record Data
Hammerschmidt, Christian UL; Marchal, Samuel; State, Radu UL et al

Poster (2016, October)

Detailed reference viewed: 108 (5 UL)
Full Text
Peer Reviewed
See detailFlexible State-Merging for learning (P)DFAs in Python
Hammerschmidt, Christian UL; Loos, Benjamin Laurent UL; Verwer, Sicco et al

Scientific Conference (2016, October)

We present a Python package for learning (non-)probabilistic deterministic finite state automata and provide heuristics in the red-blue framework. As our package is built along the API of the popular ... [more ▼]

We present a Python package for learning (non-)probabilistic deterministic finite state automata and provide heuristics in the red-blue framework. As our package is built along the API of the popular \texttt{scikit-learn} package, it is easy to use and new learning methods are easy to add. It provides PDFA learning as an additional tool for sequence prediction or classification to data scientists, without the need to understand the algorithm itself but rather the limitations of PDFA as a model. With applications of automata learning in diverse fields such as network traffic analysis, software engineering and biology, a stratified package opens opportunities for practitioners. [less ▲]

Detailed reference viewed: 114 (10 UL)
Full Text
Peer Reviewed
See detailCompiling packet forwarding rules for switch pipelined architecture
Hamadi, Salaheddine; Blaiech, Khalil; Valtchev, Petko UL et al

in IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications (2016, July 26)

Detailed reference viewed: 128 (3 UL)
Full Text
Peer Reviewed
See detailNDN.p4: Programming Information-Centric data-planes
Signorello, Salvatore UL; State, Radu UL; François, Jérôme et al

in Proceedings of the IEEE International Workshop on Open-Source Software Networking at NetSoft2016 (2016)

Detailed reference viewed: 165 (9 UL)
Full Text
See detailDeep Learning Concepts from Theory to Practice
Glauner, Patrick UL; State, Radu UL

Scientific Conference (2016, January 19)

Detailed reference viewed: 136 (10 UL)
Full Text
Peer Reviewed
See detailLarge-Scale Detection of Non-Technical Losses in Imbalanced Data Sets
Glauner, Patrick UL; Boechat, Andre; Dolberg, Lautaro et al

in Proceedings of the Seventh IEEE Conference on Innovative Smart Grid Technologies (ISGT 2016) (2016)

Non-technical losses (NTL) such as electricity theft cause significant harm to our economies, as in some countries they may range up to 40% of the total electricity distributed. Detecting NTLs requires ... [more ▼]

Non-technical losses (NTL) such as electricity theft cause significant harm to our economies, as in some countries they may range up to 40% of the total electricity distributed. Detecting NTLs requires costly on-site inspections. Accurate prediction of NTLs for customers using machine learning is therefore crucial. To date, related research largely ignore that the two classes of regular and non-regular customers are highly imbalanced, that NTL proportions may change and mostly consider small data sets, often not allowing to deploy the results in production. In this paper, we present a comprehensive approach to assess three NTL detection models for different NTL proportions in large real world data sets of 100Ks of customers: Boolean rules, fuzzy logic and Support Vector Machine. This work has resulted in appreciable results that are about to be deployed in a leading industry solution. We believe that the considerations and observations made in this contribution are necessary for future smart meter research in order to report their effectiveness on imbalanced and large real world data sets. [less ▲]

Detailed reference viewed: 95 (9 UL)
Full Text
Peer Reviewed
See detailNeighborhood Features Help Detecting Non-Technical Losses in Big Data Sets
Glauner, Patrick UL; Meira, Jorge Augusto UL; Dolberg, Lautaro et al

in Proceedings of the 3rd IEEE/ACM International Conference on Big Data Computing Applications and Technologies (BDCAT 2016) (2016)

Electricity theft occurs around the world in both developed and developing countries and may range up to 40% of the total electricity distributed. More generally, electricity theft belongs to non ... [more ▼]

Electricity theft occurs around the world in both developed and developing countries and may range up to 40% of the total electricity distributed. More generally, electricity theft belongs to non-technical losses (NTL), which occur during the distribution of electricity in power grids. In this paper, we build features from the neighborhood of customers. We first split the area in which the customers are located into grids of different sizes. For each grid cell we then compute the proportion of inspected customers and the proportion of NTL found among the inspected customers. We then analyze the distributions of features generated and show why they are useful to predict NTL. In addition, we compute features from the consumption time series of customers. We also use master data features of customers, such as their customer class and voltage of their connection. We compute these features for a Big Data base of 31M meter readings, 700K customers and 400K inspection results. We then use these features to train four machine learning algorithms that are particularly suitable for Big Data sets because of their parallelizable structure: logistic regression, k-nearest neighbors, linear support vector machine and random forest. Using the neighborhood features instead of only analyzing the time series has resulted in appreciable results for Big Data sets for varying NTL proportions of 1%-90%. This work can therefore be deployed to a wide range of different regions. [less ▲]

Detailed reference viewed: 102 (11 UL)
Full Text
Peer Reviewed
See detailExploring IoT Protocols Through the Information-Centric Networking's Lens
Signorello, Salvatore UL; State, Radu UL; Festor, Olivier

in Intelligent Mechanisms for Network Configuration and Security (2015, June)

Detailed reference viewed: 78 (2 UL)
Full Text
Peer Reviewed
See detailEmpirical assessment of machine learning-based malware detectors for Android: Measuring the Gap between In-the-Lab and In-the-Wild Validation Scenarios
Allix, Kevin UL; Bissyande, Tegawendé François D Assise UL; Jerome, Quentin UL et al

in Empirical Software Engineering (2014)

To address the issue of malware detection through large sets of applications, researchers have recently started to investigate the capabilities of machine-learning techniques for proposing effective ... [more ▼]

To address the issue of malware detection through large sets of applications, researchers have recently started to investigate the capabilities of machine-learning techniques for proposing effective approaches. So far, several promising results were recorded in the literature, many approaches being assessed with what we call in the lab validation scenarios. This paper revisits the purpose of malware detection to discuss whether such in the lab validation scenarios provide reliable indications on the performance of malware detectors in real-world settings, aka in the wild. To this end, we have devised several Machine Learning classifiers that rely on a set of features built from applications’ CFGs. We use a sizeable dataset of over 50 000 Android applications collected from sources where state-of-the art approaches have selected their data. We show that, in the lab, our approach outperforms existing machine learning-based approaches. However, this high performance does not translate in high performance in the wild. The performance gap we observed—F-measures dropping from over 0.9 in the lab to below 0.1 in the wild —raises one important question: How do state-of-the-art approaches perform in the wild ? [less ▲]

Detailed reference viewed: 394 (39 UL)
Full Text
Peer Reviewed
See detailPhishStorm: Detecting Phishing With Streaming Analytics
Marchal, Samuel UL; François, Jérôme UL; State, Radu UL et al

in IEEE Transactions on Network and Service Management (2014), 11(December), 458-471

Despite the growth of prevention techniques, phishing remains an important threat since the principal countermeasures in use are still based on reactive URL blacklisting. This technique is inefficient due ... [more ▼]

Despite the growth of prevention techniques, phishing remains an important threat since the principal countermeasures in use are still based on reactive URL blacklisting. This technique is inefficient due to the short lifetime of phishing Web sites, making recent approaches relying on real-time or proactive phishing URL detection techniques more appropriate. In this paper, we introduce PhishStorm, an automated phishing detection system that can analyze in real time any URL in order to identify potential phishing sites. PhishStorm can interface with any email server or HTTP proxy. We argue that phishing URLs usually have few relationships between the part of the URL that must be registered (low-level domain) and the remaining part of the URL (upper-level domain, path, query). We show in this paper that experimental evidence supports this observation and can be used to detect phishing sites. For this purpose, we define the new concept of intra-URL relatedness and evaluate it using features extracted from words that compose a URL based on query data from Google and Yahoo search engines. These features are then used in machine-learning-based classification to detect phishing URLs from a real dataset. Our technique is assessed on 96 018 phishing and legitimate URLs that result in a correct classification rate of 94.91% with only 1.44% false positives. An extension for a URL phishingness rating system exhibiting high confidence rate ( $>$ 99%) is proposed. We discuss in this paper efficient implementation patterns that allow real-time analytics using Big Data architectures such as STORM and advanced data structures based on the Bloom filter. [less ▲]

Detailed reference viewed: 494 (5 UL)
Full Text
Peer Reviewed
See detailPhishScore: Hacking Phishers' Minds
Marchal, Samuel UL; François, Jérôme UL; State, Radu UL et al

in Proceedings of the 10th International Conference on Network and Service Management (2014, November)

Despite the growth of prevention techniques, phishing remains an important threat since the principal countermeasures in use are still based on reactive URL blacklisting. This technique is inefficient due ... [more ▼]

Despite the growth of prevention techniques, phishing remains an important threat since the principal countermeasures in use are still based on reactive URL blacklisting. This technique is inefficient due to the short lifetime of phishing Web sites, making recent approaches relying on real-time or proactive phishing URLs detection techniques more appropriate. In this paper we introduce PhishScore, an automated real-time phishing detection system. We observed that phishing URLs usually have few relationships between the part of the URL that must be registered (upper level domain) and the remaining part of the URL (low level domain, path, query). Hence, we define this concept as intra-URL relatedness and evaluate it using features extracted from words that compose a URL based on query data from Google and Yahoo search engines. These features are then used in machine learning based classification to detect phishing URLs from a real dataset. [less ▲]

Detailed reference viewed: 196 (5 UL)
Full Text
Peer Reviewed
See detailA Forensic Analysis of Android Malware -- How is Malware Written and How It Could Be Detected?
Allix, Kevin UL; Jerome, Quentin UL; Bissyande, Tegawendé François D Assise UL et al

in Proceedings of the 2014 IEEE 38th Annual Computer Software and Applications Conference (2014, July)

We consider in this paper the analysis of a large set of malware and benign applications from the Android ecosystem. Although a large body of research work has dealt with Android malware over the last ... [more ▼]

We consider in this paper the analysis of a large set of malware and benign applications from the Android ecosystem. Although a large body of research work has dealt with Android malware over the last years, none has addressed it from a forensic point of view. After collecting over 500,000 applications from user markets and research repositories, we perform an analysis that yields precious insights on the writing process of Android malware. This study also explores some strange artifacts in the datasets, and the divergent capabilities of state-of-the-art antivirus to recognize/define malware. We further highlight some major weak usage and misunderstanding of Android security by the criminal community and show some patterns in their operational flow. Finally, using insights from this analysis, we build a naive malware detection scheme that could complement existing anti virus software. [less ▲]

Detailed reference viewed: 254 (15 UL)
Full Text
Peer Reviewed
See detailA Big Data Architecture for Large Scale Security Monitoring
Marchal, Samuel UL; Jiang, Xiuyan; State, Radu UL et al

in Proceedings of the 3rd IEEE Congress on Big Data (2014, July)

Network traffic is a rich source of information for security monitoring. However the increasing volume of data to treat raises issues, rendering holistic analysis of network traffic difficult. In this ... [more ▼]

Network traffic is a rich source of information for security monitoring. However the increasing volume of data to treat raises issues, rendering holistic analysis of network traffic difficult. In this paper we propose a solution to cope with the tremendous amount of data to analyse for security monitoring perspectives. We introduce an architecture dedicated to security monitoring of local enterprise networks. The application domain of such a system is mainly network intrusion detection and prevention, but can be used as well for forensic analysis. This architecture integrates two systems, one dedicated to scalable distributed data storage and management and the other dedicated to data exploitation. DNS data, NetFlow records, HTTP traffic and honeypot data are mined and correlated in a distributed system that leverages state of the art big data solution. Data correlation schemes are proposed and their performance are evaluated against several well-known big data framework including Hadoop and Spark. [less ▲]

Detailed reference viewed: 497 (14 UL)
Full Text
Peer Reviewed
See detailUsing opcode-sequences to detect malicious Android applications
Jerome, Quentin UL; Allix, Kevin UL; State, Radu UL et al

in IEEE International Conference on Communications, ICC 2014, Sydney Australia, June 10-14, 2014 (2014, June)

Recently, the Android platform has seen its number of malicious applications increased sharply. Motivated by the easy application submission process and the number of alternative market places for ... [more ▼]

Recently, the Android platform has seen its number of malicious applications increased sharply. Motivated by the easy application submission process and the number of alternative market places for distributing Android applications, rogue authors are developing constantly new malicious programs. While current anti-virus software mainly relies on signature detection, the issue of alternative malware detection has to be addressed. In this paper, we present a feature based detection mechanism relying on opcode-sequences combined with machine learning techniques. We assess our tool on both a reference dataset known as Genome Project as well as on a wider sample of 40,000 applications retrieved from the Google Play Store. [less ▲]

Detailed reference viewed: 161 (12 UL)
Full Text
Peer Reviewed
See detailLarge-scale Machine Learning-based Malware Detection: Confronting the "10-fold Cross Validation" Scheme with Reality
Allix, Kevin UL; Bissyande, Tegawendé François D Assise UL; Jerome, Quentin UL et al

in Proceedings of the 4th ACM Conference on Data and Application Security and Privacy (2014, March)

To address the issue of malware detection, researchers have recently started to investigate the capabilities of machine- learning techniques for proposing effective approaches. Sev- eral promising results ... [more ▼]

To address the issue of malware detection, researchers have recently started to investigate the capabilities of machine- learning techniques for proposing effective approaches. Sev- eral promising results were recorded in the literature, many approaches being assessed with the common “10-Fold cross validation” scheme. This paper revisits the purpose of mal- ware detection to discuss the adequacy of the “10-Fold” scheme for validating techniques that may not perform well in real- ity. To this end, we have devised several Machine Learning classifiers that rely on a novel set of features built from ap- plications’ CFGs. We use a sizeable dataset of over 50,000 Android applications collected from sources where state-of- the art approaches have selected their data. We show that our approach outperforms existing machine learning-based approaches. However, this high performance on usual-size datasets does not translate in high performance in the wild. [less ▲]

Detailed reference viewed: 282 (21 UL)