References of "State, Radu 50003137"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailProcess mining-based approach for investigating malicious login events
Lagraa, Sofiane UL; State, Radu UL

in IEEE/IFIP Network Operations and Management Symposium, Budapest, Hungary, April 20-24, 2020 (2020)

A large body of research has been accomplished on prevention and detection of malicious events, attacks, threats, or botnets. However, there is a lack of automatic and sophisticated methods for ... [more ▼]

A large body of research has been accomplished on prevention and detection of malicious events, attacks, threats, or botnets. However, there is a lack of automatic and sophisticated methods for investigating malicious events/users, understanding the root cause of attacks, and discovering what is really hap- pening before an attack. In this paper, we propose an attack model discovery approach for investigating and mining malicious authentication events across user accounts. The approach is based on process mining techniques on event logs reaching attacks in order to extract the behavior of malicious users. The evaluation is performed on a publicly large dataset, where we extract models of the behavior of malicious users via authentication events. The results are useful for security experts in order to improve defense tools by making them robust and develop attack simulations. [less ▲]

Detailed reference viewed: 118 (0 UL)
Full Text
Peer Reviewed
See detailIntrusion detection on robot cameras using spatio-temporal autoencoders: A self-driving car application
Amrouche, Faouzi UL; Lagraa, Sofiane UL; Frank, Raphaël UL et al

in 91st IEEE Vehicular Technology Conference, VTC Spring 2020, Antwerp, Belgium, May 25-28, 2020 (2020)

Robot Operating System (ROS) is becoming more and more important and is used widely by developers and researchers in various domains. One of the most important fields where it is being used is the self ... [more ▼]

Robot Operating System (ROS) is becoming more and more important and is used widely by developers and researchers in various domains. One of the most important fields where it is being used is the self-driving cars industry. However, this framework is far from being totally secure, and the existing security breaches do not have robust solutions. In this paper we focus on the camera vulnerabilities, as it is often the most important source for the environment discovery and the decision-making process. We propose an unsupervised anomaly detection tool for detecting suspicious frames incoming from camera flows. Our solution is based on spatio-temporal autoencoders used to truthfully reconstruct the camera frames and detect abnormal ones by measuring the difference with the input. We test our approach on a real-word dataset, i.e. flows coming from embedded cameras of self-driving cars. Our solution outperforms the existing works on different scenarios. [less ▲]

Detailed reference viewed: 176 (18 UL)
Full Text
Peer Reviewed
See detailFederated Learning For Cyber Security: SOC Collaboration For Malicious URL Detection
Khramtsova, Ekaterina; Hammerschmidt, Christian; Lagraa, Sofiane UL et al

in IEEE International Conference on Distributed Computing Systems (ICDCS) (2020)

Managed security service providers increasingly rely on machine-learning methods to exceed traditional, signature- based threat detection and classification methods. As machine- learning often improves ... [more ▼]

Managed security service providers increasingly rely on machine-learning methods to exceed traditional, signature- based threat detection and classification methods. As machine- learning often improves with more data available, smaller orga- nizations and clients find themselves at a disadvantage: Without the ability to share their data and others willing to collaborate, their machine-learned threat detection will perform worse than the same model in a larger organization. We show that Feder- ated Learning, i.e. collaborative learning without data sharing, successfully helps to overcome this problem. Our experiments focus on a common task in cyber security, the detection of unwanted URLs in network traffic seen by security-as-a-service providers. Our experiments show that i) Smaller participants benefit from larger participants ii) Participants seeing different types of malicious traffic can generalize better to unseen types of attacks, increasing performance by 8% to 15% on average, and up to 27% in the extreme case. iii) Participating in Federated training never harms the performance of the locally trained model. In our experiment modeling a security-as-a service setting, Federated Learning increased detection up to 30% for some participants in the scheme. This clearly shows that Federated Learning is a viable approach to address issues of data sharing in common cyber security settings. [less ▲]

Detailed reference viewed: 107 (8 UL)
Full Text
Peer Reviewed
See detailFeasibility of Stellar as a Blockchain-based Micropayment System
Khan, Nida UL; Ahmad, Tabrez; State, Radu UL

in Springer SmartBlock 2019 - 2nd International Conference on Smart Blockchain (2019, November)

The advent of Bitcoin was heralded as an innovation in the global monetary system, that could bring down transaction fees by circumventing the need for third parties and conduct transactions in real time ... [more ▼]

The advent of Bitcoin was heralded as an innovation in the global monetary system, that could bring down transaction fees by circumventing the need for third parties and conduct transactions in real time. The divisibility of a blockchain cryptocurrency to even fractions of a cent, caused microtransactions to become feasible to formerly non-existent denominations. These microtransactions have spurred the development of novel ways of monetizing online resources and hold the potential to aid in alleviation of poverty. The paper conducts a feasibility study on Stellar as a blockchain-based micropayment system. It highlights the computational and other issues that impedes its progress and utilizes a characterization model for micropayment systems to evaluate the efficacy of the Stellar platform. The paper conducts a comparison with the micropayment solutions from Bitcoin, Ethereum and PayPal. The paper analyzes a subset of transactions from the Stellar blockchain to aid in drawing a conclusion on the undertaken study and elaborates on the mitigation tools to enable fraud prevention in online monetary transactions. [less ▲]

Detailed reference viewed: 223 (23 UL)
Full Text
Peer Reviewed
See detailAuto-encoding Robot State against Sensor Spoofing Attacks
Rivera, Sean UL; Lagraa, Sofiane UL; Iannillo, Antonio Ken UL et al

in International Symposium on Software Reliability Engineering (2019, October)

In robotic systems, the physical world is highly coupled with cyberspace. New threats affect cyber-physical systems as they rely on several sensors to perform critical operations. The most sensitive ... [more ▼]

In robotic systems, the physical world is highly coupled with cyberspace. New threats affect cyber-physical systems as they rely on several sensors to perform critical operations. The most sensitive targets are their location systems, where spoofing attacks can force robots to behave incorrectly. In this paper, we propose a novel anomaly detection approach for sensor spoofing attacks, based on an auto-encoder architecture. After initial training, the detection algorithm works directly on the compressed data by computing the reconstruction errors. We focus on spoofing attacks on Light Detection and Ranging (LiDAR) systems. We tested our anomaly detection approach against several types of spoofing attacks comparing four different compression rates for the auto-encoder. Our approach has a 99% True Positive rate and a 10% False Negative rate for the 83% compression rate. However, a compression rate of 41% could handle almost all of the same attacks while using half the data. [less ▲]

Detailed reference viewed: 103 (23 UL)
Full Text
Peer Reviewed
See detailMQLV: Optimal Policy of Money Management in Retail Banking with Q-Learning
Charlier, Jérémy Henri J. UL; Ormazabal, Gaston; State, Radu UL et al

in Proceedings of the Fourth Workshop on MIning DAta for financial applicationS (MIDAS 2019) co-located with the 2019 European Conference on Machine Learning and Principles and Practice of Knowledge Discovery in Databases (ECML-PKDD 2019) (2019, September)

Reinforcement learning has become one of the best approach to train a computer game emulator capable of human level performance. In a reinforcement learning approach, an optimal value function is learned ... [more ▼]

Reinforcement learning has become one of the best approach to train a computer game emulator capable of human level performance. In a reinforcement learning approach, an optimal value function is learned across a set of actions, or decisions, that leads to a set of states giving different rewards, with the objective to maximize the overall reward. A policy assigns to each state-action pairs an expected return. We call an optimal policy a policy for which the value function is optimal. QLBS, Q-Learner in the Black-Scholes(-Merton) Worlds, applies the reinforcement learning concepts, and noticeably, the popular Q-learning algorithm, to the financial stochastic model of Black, Scholes and Merton. It is, however, specifically optimized for the geometric Brownian motion and the vanilla options. Its range of application is, therefore, limited to vanilla option pricing within the financial markets. We propose MQLV, Modified Q-Learner for the Vasicek model, a new reinforcement learning approach that determines the optimal policy of money management based on the aggregated financial transactions of the clients. It unlocks new frontiers to establish personalized credit card limits or bank loan applications, targeting the retail banking industry. MQLV extends the simulation to mean reverting stochastic diffusion processes and it uses a digital function, a Heaviside step function expressed in its discrete form, to estimate the probability of a future event such as a payment default. In our experiments, we first show the similarities between a set of historical financial transactions and Vasicek generated transactions and, then, we underline the potential of MQLV on generated Monte Carlo simulations. Finally, MQLV is the first Q-learning Vasicek-based methodology addressing transparent decision making processes in retail banking. [less ▲]

Detailed reference viewed: 135 (3 UL)
Full Text
Peer Reviewed
See detailVisualization of AE's Training on Credit Card Transactions with Persistent Homology
Charlier, Jérémy Henri J. UL; Petit, François UL; Ormazabal, Gaston et al

in Proceedings of the International Workshop on Applications of Topological Data Analysis In conjunction with ECML PKDD 2019 (2019, September)

Auto-encoders are among the most popular neural network architecture for dimension reduction. They are composed of two parts: the encoder which maps the model distribution to a latent manifold and the ... [more ▼]

Auto-encoders are among the most popular neural network architecture for dimension reduction. They are composed of two parts: the encoder which maps the model distribution to a latent manifold and the decoder which maps the latent manifold to a reconstructed distribution. However, auto-encoders are known to provoke chaotically scattered data distribution in the latent manifold resulting in an incomplete reconstructed distribution. Current distance measures fail to detect this problem because they are not able to acknowledge the shape of the data manifolds, i.e. their topological features, and the scale at which the manifolds should be analyzed. We propose Persistent Homology for Wasserstein Auto-Encoders, called PHom-WAE, a new methodology to assess and measure the data distribution of a generative model. PHom-WAE minimizes the Wasserstein distance between the true distribution and the reconstructed distribution and uses persistent homology, the study of the topological features of a space at different spatial resolutions, to compare the nature of the latent manifold and the reconstructed distribution. Our experiments underline the potential of persistent homology for Wasserstein Auto-Encoders in comparison to Variational Auto-Encoders, another type of generative model. The experiments are conducted on a real-world data set particularly challenging for traditional distance measures and auto-encoders. PHom-WAE is the first methodology to propose a topological distance measure, the bottleneck distance, for Wasserstein Auto-Encoders used to compare decoded samples of high quality in the context of credit card transactions. [less ▲]

Detailed reference viewed: 70 (4 UL)
Full Text
See detailDeep dive into Interledger: Understanding the Interledger ecosystem - Part 3
Trestioreanu, Lucian Andrei UL; Cassagnes, Cyril UL; State, Radu UL

Learning material (2019)

At the technical level, the goal of Interledger is to provide an architecture and a minimal set of protocols to enable interoperability for any value transfer system. The Interledger protocol is literally ... [more ▼]

At the technical level, the goal of Interledger is to provide an architecture and a minimal set of protocols to enable interoperability for any value transfer system. The Interledger protocol is literally a protocol for interledger payments. To understand how is it possible to achieve this goal, several aspects of the technology require a deeper analysis. For this reason, in our journey to become knowledgeable and active contributor we decided to create our own test-bed on our premises. By doing so, we noticed that some aspects are well documented but we found that others might need more attention and clarification. Despite a large community effort, the task to keep information on a fast evolving software ecosystem is tedious and not always the priority for such a project. Therefore, the purpose of this document is to guide, through several hands-on activities, community members who want to engage at different levels. The document consolidates all the relevant information from generating a simple payment to ultimately create a test-bed with the Interledger protocol suite between Ripple and other distributed ledger technology. [less ▲]

Detailed reference viewed: 88 (11 UL)
Full Text
See detailDeep dive into Interledger: Understanding the Interledger ecosystem - Part 2
Trestioreanu, Lucian Andrei UL; Cassagnes, Cyril UL; State, Radu UL

Learning material (2019)

At the technical level, the goal of Interledger is to provide an architecture and a minimal set of protocols to enable interoperability for any value transfer system. The Interledger protocol is literally ... [more ▼]

At the technical level, the goal of Interledger is to provide an architecture and a minimal set of protocols to enable interoperability for any value transfer system. The Interledger protocol is literally a protocol for interledger payments. To understand how is it possible to achieve this goal, several aspects of the technology require a deeper analysis. For this reason, in our journey to become knowledgeable and active contributor we decided to create our own test-bed on our premises. By doing so, we noticed that some aspects are well documented but we found that others might need more attention and clarification. Despite a large community effort, the task to keep information on a fast evolving software ecosystem is tedious and not always the priority for such a project. Therefore, the purpose of this document is to guide, through several hands-on activities, community members who want to engage at different levels. The document consolidates all the relevant information from generating a simple payment to ultimately create a test-bed with the Interledger protocol suite between Ripple and other distributed ledger technology. [less ▲]

Detailed reference viewed: 94 (12 UL)
Full Text
See detailDeep dive into Interledger: Understanding the Interledger ecosystem - Part 1
Trestioreanu, Lucian Andrei UL; Cassagnes, Cyril UL; State, Radu UL

Learning material (2019)

At the technical level, the goal of Interledger is to provide an architecture and a minimal set of protocols to enable interoperability for any value transfer system. The Interledger protocol is literally ... [more ▼]

At the technical level, the goal of Interledger is to provide an architecture and a minimal set of protocols to enable interoperability for any value transfer system. The Interledger protocol is literally a protocol for interledger payments. To understand how is it possible to achieve this goal, several aspects of the technology require a deeper analysis. For this reason, in our journey to become knowledgeable and active contributor we decided to create our own test-bed on our premises. By doing so, we noticed that some aspects are well documented but we found that others might need more attention and clarification. Despite a large community effort, the task to keep information on a fast evolving software ecosystem is tedious and not always the priority for such a project. Therefore, the purpose of this document is to guide, through several hands-on activities, community members who want to engage at different levels. The document consolidates all the relevant information from generating a simple payment to ultimately create a test-bed with the Interledger protocol suite between Ripple and other distributed ledger technology. [less ▲]

Detailed reference viewed: 122 (10 UL)
Full Text
Peer Reviewed
See detailStandardising smart contracts: Automatically inferring ERC standards
Norvill, Robert UL; Fiz Pontiveros, Beltran UL; State, Radu UL et al

in Proceedings of 2019 IEEE International Conference on Blockchain and Cryptocurrency (2019)

Ethereum smart contracts have become common enough to warrant the need for standards to ensure ease of use. The most well known standard was created for the emerging token ecosystem and the exchanges ... [more ▼]

Ethereum smart contracts have become common enough to warrant the need for standards to ensure ease of use. The most well known standard was created for the emerging token ecosystem and the exchanges serving it: the ERC20 standard. In this work we use the function selectors present in Ethereum smart contract bytecode to define contract purpose. Contracts are clustered according to the selectors they have. A Reverse look-up from selectors to function names is used to label clusters. We use the function names in clusters to suggest candidates for ERC standardisation. [less ▲]

Detailed reference viewed: 103 (2 UL)
Full Text
Peer Reviewed
See detailWhispering Botnet Command and Control Instructions
Steichen, Mathis UL; Ferreira Torres, Christof UL; Fiz Pontiveros, Beltran UL et al

in 2nd Crypto Valley Conference on Blockchain Technology, Zug 24-26 June 2019 (2019, June 25)

Detailed reference viewed: 148 (1 UL)
Full Text
See detailDeep dive into Interledger: Understanding the Interledger ecosystem
Trestioreanu, Lucian Andrei UL; Cassagnes, Cyril UL; State, Radu UL

Learning material (2019)

At the technical level, the goal of Interledger is to provide an architecture and a minimal set of protocols to enable interoperability for any value transfer system. The Interledger protocol is literally ... [more ▼]

At the technical level, the goal of Interledger is to provide an architecture and a minimal set of protocols to enable interoperability for any value transfer system. The Interledger protocol is literally a protocol for interledger payments. To understand how is it possible to achieve this goal, several aspects of the technology require a deeper analysis. For this reason, in our journey to become knowledgeable and active contributor we decided to create our own test-bed on our premises. By doing so, we noticed that some aspects are well documented but we found that others might need more attention and clarification. Despite a large community effort, the task to keep information on a fast evolving software ecosystem is tedious and not always the priority for such a project. Therefore, the purpose of this document is to guide, through several hands-on activities, community members who want to engage at different levels. The document consolidates all the relevant information from generating a simple payment to ultimately create a test-bed with the Interledger protocol suite between Ripple and other distributed ledger technology. [less ▲]

Detailed reference viewed: 409 (87 UL)
Full Text
Peer Reviewed
See detailPHom-GeM: Persistent Homology for Generative Models
Charlier, Jérémy Henri J. UL; State, Radu UL; Hilger, Jean UL

in The 6th Swiss Conference on Data Science (2019)

Generative neural network models, including Generative Adversarial Network (GAN) and Auto-Encoders (AE), are among the most popular neural network models to generate adversarial data. The GAN model is ... [more ▼]

Generative neural network models, including Generative Adversarial Network (GAN) and Auto-Encoders (AE), are among the most popular neural network models to generate adversarial data. The GAN model is composed of a generator that produces synthetic data and of a discriminator that discriminates between the generator’s output and the true data. AE consist of an encoder which maps the model distribution to a latent manifold and of a decoder which maps the latent manifold to a reconstructed distribution. However, generative models are known to provoke chaotically scattered reconstructed distribution during their training, and consequently, incomplete generated adversarial distributions. Current distance measures fail to address this problem because they are not able to acknowledge the shape of the data manifold, i.e. its topological features, and the scale at which the manifold should be analyzed. We propose Persistent Homology for Generative Models, PHom-GeM, a new methodology to assess and measure the distribution of a generative model. PHom-GeM minimizes an objective function between the true and the reconstructed distributions and uses persistent homology, the study of the topological features of a space at different spatial resolutions, to compare the nature of the true and the generated distributions. Our experiments underline the potential of persistent homology for Wasserstein GAN in comparison to Wasserstein AE and Variational AE. The experiments are conducted on a real-world data set particularly challenging for traditional distance measures and generative neural network models. PHom-GeM is the first methodology to propose a topological distance measure, the bottleneck distance, for generative models used to compare adversarial samples in the context of credit card transactions. [less ▲]

Detailed reference viewed: 106 (5 UL)
Full Text
Peer Reviewed
See detailMint Centrality: A Centrality Measure for the Bitcoin Transaction Graph
Fiz Pontiveros, Beltran UL; Steichen, Mathis UL; State, Radu UL

Poster (2019, May 17)

In this work, we consider the graph of confirmed transactions in Bitcoin. Understanding this graph is essential to discern the different economic activities conducted by the pseudonymous actors. In ... [more ▼]

In this work, we consider the graph of confirmed transactions in Bitcoin. Understanding this graph is essential to discern the different economic activities conducted by the pseudonymous actors. In addition to traditional graph analysis methods, new metrics need to be engineered specifically for the bitcoin transaction graph. Hence, we propose a new centrality measure named mint centrality. The measure uses the inherent tree structure of transactions in bitcoin and their relation to the corresponding set of coinbase transactions, and can be evaluated with linear complexity. We evaluate the mint centrality on the first 200,000 blocks of the public bitcoin blockchain. [less ▲]

Detailed reference viewed: 218 (2 UL)
Full Text
Peer Reviewed
See detailDemo: Blockchain for the Simplification and Automation of KYC Result Sharing
Norvill, Robert UL; Steichen, Mathis UL; Shbair, Wazen UL et al

in IEEE International Conference on Blockchain and Cryptocurrency (ICBC 2019) (2019, May 14)

Know Your Customer (KYC) processes performed by banks on their customers are redundant, cumbersome and costly. Therefore, a system is proposed to automate menial tasks and allow sharing of data related to ... [more ▼]

Know Your Customer (KYC) processes performed by banks on their customers are redundant, cumbersome and costly. Therefore, a system is proposed to automate menial tasks and allow sharing of data related to KYC. A blockchain dictates the collaboration between different participants and several services are built around it to support the functionality of the system as a whole. An access control system is used to share data legitimately. [less ▲]

Detailed reference viewed: 204 (21 UL)
Full Text
Peer Reviewed
See detailBlockZoom: Large-Scale Blockchain Testbed
Shbair, Wazen UL; Steichen, Mathis UL; Francois, Jerome et al

in IEEE International Conference on Blockchain and Cryptocurrency (ICBC 2019) (2019, May 14)

Future blockchain applications are anticipated to serve millions of users. Thus the evaluation of new blockchain applications have to consider large-scale assessment of the technologies behind the scene ... [more ▼]

Future blockchain applications are anticipated to serve millions of users. Thus the evaluation of new blockchain applications have to consider large-scale assessment of the technologies behind the scene. Most of current testing approaches have been done either on simulators or via local small blockchain networks. Hence, the performance in real world conditions is unpredictable. This demonstration introduces BlockZoom, a large-scale blockchain testbed that runs on top of a highly reconfigurable and controllable HPC platform. BlockZoom presents a reproducible environment for experimenting distributed ledgers technologies and smart contract applications. Through different configuration scenarios developers can evaluate the applications performance and the blockchain behavior at a scale comparable to the production environment. The target audience of this demonstration includes researchers and developers in blockchain technology. [less ▲]

Detailed reference viewed: 156 (9 UL)
Full Text
Peer Reviewed
See detailPredicting Sparse Clients' Actions with CPOPT-Net in the Banking Environment
Charlier, Jérémy Henri J. UL; State, Radu UL; Hilger, Jean UL

in 32nd Canadian Conference on Artificial Intelligence Proceedings (2019, May)

The digital revolution of the banking system with evolving European regulations have pushed the major banking actors to innovate by a newly use of their clients' digital information. Given highly sparse ... [more ▼]

The digital revolution of the banking system with evolving European regulations have pushed the major banking actors to innovate by a newly use of their clients' digital information. Given highly sparse client activities, we propose CPOPT-Net, an algorithm that combines the CP canonical tensor decomposition, a multidimensional matrix decomposition that factorizes a tensor as the sum of rank-one tensors, and neural networks. CPOPT-Net removes efficiently sparse information with a gradient-based resolution while relying on neural networks for time series predictions. Our experiments show that CPOPT-Net is capable to perform accurate predictions of the clients' actions in the context of personalized recommendation. CPOPT-Net is the first algorithm to use non-linear conjugate gradient tensor resolution with neural networks to propose predictions of financial activities on a public data set. [less ▲]

Detailed reference viewed: 105 (1 UL)
Full Text
Peer Reviewed
See detailROS-Defender: SDN-based Security Policy Enforcement for Robotic Applications
Rivera, Sean UL; Lagraa, Sofiane UL; State, Radu UL et al

in IEEE Workshop on the Internet of Safe Things, Co-located with IEEE Security and Privacy 2019 (2019, May)

Abstract—In this paper we propose ROS-Defender, a holistic approach to secure robotics systems, which integrates a Security Event Management System (SIEM), an intrusion prevention system (IPS) and a ... [more ▼]

Abstract—In this paper we propose ROS-Defender, a holistic approach to secure robotics systems, which integrates a Security Event Management System (SIEM), an intrusion prevention system (IPS) and a firewall for a robotic system. ROS-Defender combines anomaly detection systems at application (ROS) level and network level, with dynamic policy enforcement points using software defined networking (SDN) to provide protection against a large class of attacks. Although SIEMs, IPS, and firewall have been previously used to secure computer networks, ROSDefender is applying them for the specific use case of robotic systems, where security is in many cases an afterthought. [less ▲]

Detailed reference viewed: 117 (7 UL)
Full Text
Peer Reviewed
See detailTime Series Modeling of Market Price in Real-Time Bidding
Du, Manxing UL; Hammerschmidt, Christian UL; Varisteas, Georgios UL et al

in 27th European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning (2019, April)

Real-Time-Bidding (RTB) is one of the most popular online advertisement selling mechanisms. Modeling the highly dynamic bidding environment is crucial for making good bids. Market prices of auctions ... [more ▼]

Real-Time-Bidding (RTB) is one of the most popular online advertisement selling mechanisms. Modeling the highly dynamic bidding environment is crucial for making good bids. Market prices of auctions fluctuate heavily within short time spans. State-of-the-art methods neglect the temporal dependencies of bidders’ behaviors. In this paper, the bid requests are aggregated by time and the mean market price per aggregated segment is modeled as a time series. We show that the Long Short Term Memory (LSTM) neural network outperforms the state-of-the-art univariate time series models by capturing the nonlinear temporal dependencies in the market price. We further improve the predicting performance by adding a summary of exogenous features from bid requests. [less ▲]

Detailed reference viewed: 164 (16 UL)