Dissertationen zum Thema „Cyber Algorithm“

This dissertation investigates and introduces novel algorithms, theories, and supporting frameworks to significantly improve the growing problem of Internet security. A distributed firewall and active response architecture is introduced that enables any device within a cyber environment to participate in the active discovery and response of cyber attacks. A theory of semantic association systems is developed for the general problem of knowledge discovery in data. The theory of semantic association systems forms the basis of a novel semantic path merger packet classification algorithm. The theoretical aspects of the semantic path merger packet classification algorithm are investigated, and the algorithm's hardware-based implementation is evaluated along with comparative analysis versus content addressable memory. Experimental results show that the hardware implementation of the semantic path merger algorithm significantly outperforms content addressable memory in terms of energy consumption and operational timing.

The research presented in this thesis covers two specific problems within the larger domain of cyber-physical algorithms for enhancing collaboration between one or more people. The two specific problems are 1) determining when people are going to arrive late to a meeting and 2) creating ad-hoc secure pairing protocols for short-range communication. The domain was broken down at opposite extremes in order to derive these problems to work on: 1) collaborations that are planned long in advance and deviations from the plan need to be detected and 2) collaborations that are not planned and need to be dynamically created and secured. Empirical results show the functionality and performance of user late arrival detection for planned collaborations and end-user authentication protocols for unplanned collaborations.
Master of Science

Doctor of Philosophy
Department of Computing and Information Sciences
Gurdip Singh
In this dissertation, we propose a cyber-physical system model, and based on this model, present algorithms for a set of distributed computing problems. Our model specifies a cyber-physical system as a combination of cyber-infrastructure, physical-infrastructure, and user behavior specification. The cyber-infrastructure is superimposed on the physical-infrastructure and continuously monitors its (physical-infrastructure's) changing state. Users operate in the physical-infrastructure and interact with the cyber-infrastructure using hand-held devices and sensors; and their behavior is specified in terms of actions they can perform (e.g., move, observe). While in traditional distributed systems, users interact solely via the underlying cyber-infrastructure, users in a cyber-physical system may interact directly with one another, access sensor data directly, and perform actions asynchronously with respect to the underlying cyber-infrastructure. These additional types of interactions have an impact on how distributed algorithms for cyber-physical systems are designed. We augment distributed mutual exclusion and predicate detection algorithms so that they can accommodate user behavior, interactions among them and the physical-infrastructure. The new algorithms have two components - one describing the behavior of the users in the physical-infrastructure and the other describing the algorithms in the cyber-infrastructure. Each combination of users' behavior and an algorithm in the cyber-infrastructure yields a different cyber-physical system algorithm. We have performed extensive simulation study of our algorithms using OMNeT++ simulation engine and Uppaal model checker. We also propose Cyber-Physical System Modeling Language (CPSML) to specify cyber-physical systems, and a centralized global state recording algorithm.

In algorithmic computing, the program follows a predefined set of rules – the algorithm. The analyst/designer of the program analyzes the intended tasks of the program, defines the rules for its expected behaviour and programs the implementation. The creators of algorithmic software must therefore foresee, identify and implement all possible cases for its behaviour in the future application! However, what if the problem is not fully defined? Or the environment is uncertain? What if situations are too complex to be predicted? Or the environment is changing dynamically? In many such cases algorithmic computing fails. In such situations, the software needs an additional degree of freedom: Autonomy! Autonomy allows software to adapt to partially defined problems, to uncertain or dynamically changing environments and to situations that are too complex to be predicted. As more and more applications – such as autonomous cars and planes, adaptive power grid management, survivable networks, and many more – fall into this category, a gradual switch from algorithmic computing to autonomic computing takes place. Autonomic computing has become an important software engineering discipline with a rich literature, an active research community, and a growing number of applications.:Introduction 5 1 A Process Data Based Autonomic Optimization of Energy Efficiency in Manufacturing Processes, Daniel Höschele 9 2 Eine autonome Optimierung der Stabilität von Produktionsprozessen auf Basis von Prozessdaten, Richard Horn 25 3 Assuring Safety in Autonomous Systems, Christian Rose 41 4 MAPE-K in der Praxis - Grundlage für eine mögliche automatische Ressourcenzuweisung, in der Cloud Michael Schneider 59

L'utilisation des téléphones intelligents, le recours aux assistants personnels intelligents ou encore le développement des maisons intelligentes sont autant d'exemples illustrant le développement toujours plus rapide de l'informatique ubiquitaire, de l'Internet des objets et de l'intelligence artificielle. Le croisement des résultats issus de ces domaines de recherche contribue à changer notre quotidien et constitue un environnement fertile pour de nouveaux travaux. Ainsi, l’intégration des entités cyber-physiques dans des environnements sociaux de différentes échelles allant des maisons aux villes intelligentes amène de très nombreuses perspectives. Ce changement de paradigme met à notre disposition une énorme quantité d'informations et de services utiles, offrant ainsi la possibilité de traiter les problèmes classiques de manière nouvelle, différente et potentiellement plus efficace. Si les solutions à construire bénéficient de ces possibilités, elles doivent également répondre à de nouvelles contraintes et nouveaux défis. La recherche d’itinéraires multi-objectifs est un sous-cas du problème classique de recherche d'un chemin entre un lieu de départ et une destination auquel s'ajoute la contrainte de passage par un ensemble de lieux permettant de satisfaire un ensemble de buts. L'objectif de cette thèse est de proposer une solution pour la résolution de la recherche d'itinéraires multi-objectifs appliqués aux environnements cyber-physiques tels que les Smart Transits. Dans notre solution, nous avons proposé une méthode fondée sur les technologies du web sémantique pour modéliser de manière intégrée un environnement cyber-physique dans toutes ses dimensions, i.e., cybernétiques, physiques et sociales. Pour la recherche de chemin, nous avons proposé une approche multi-agents, exécutant un algorithme de recherche collaborative et incrémentale, qui utilise les connaissances de l'environnement pour trouver le chemin optimal. Cet algorithme adapte aussi le chemin en prenant en compte la dynamique de l'environnement
From intelligent artificial personal assistants to smart cities, we are experiencing the shifting towards Internet of Things (IoT), ubiquitous computing, and artificial intelligence. Cyber-physical entities are embedded in social environments of various scales from smart homes, to smart airports, to smart cities, and the list continues.This paradigm shift coupled with ceaseless expansion of the Web supplies us with tremendous amount of useful information and services, which creates opportunities for classical problems to be addressed in new, different, and potentially more efficient manners. Along with the new possibilities, we are, at the same time, presented with new constraints, problems, and challenges. Multi-goal pathfinding, a variant of the classical pathfinding, is a problem of finding a path between a start and a destination which also allows a set of goals to be satisfied along the path. The aim of this dissertation is to propose a solution to solve multi-goal pathfinding in ubiquitous environments such as smart transits. In our solution, to provide an abstraction of the environment, we proposed a knowledge model based on the semantic web technologies to describe a ubiquitous environment integrating its cybernetic, physical, and social dimensions. To perform the search, we developed a multi-agent algorithm based on a collaborative and incremental search algorithm that exploits the knowledge of the environment to find the optimal path. The proposed algorithm continuously adapts the path to take into account the dynamics of the environment

Les dernières années ont vu le développement de recherches portant sur l'interaction physique entre les robots aériens et leur environnement, accompagné de l'apparition de nombreux nouveaux systèmes mécaniques et approches de régulation. La communauté centrée autour de la robotique aérienne observe actuellement un déplacement de paradigmes des approches classiques de guidage, de navigation et de régulation vers des tâches moins triviales, telle le développement de l'interaction physique entre robots aériens et leur environnement. Ceci correspond à une extension des tâches dites de manipulation, du sol vers les airs. Cette thèse contribue au domaine de la manipulation aérienne en proposant un nouveau concept appelé MAGMaS, pour " Multiple Aerial Ground Manipulator System ". Les motivations qui ont conduites à l'association de manipulateurs terrestres et aériens pour effectuer des tâches de manipulation coopérative, résident dans une volonté d'exploiter leurs particularités respectives. Les manipulateurs terrestres apportant leur importante force et les manipulateurs aériens apportant leur vaste espace de travail. La première contribution de cette thèse présente une modélisation rigoureuse des MAGMaS. Les propriétés du système ainsi que ses possibles extensions sont discutées. Les méthodes de planning, d'estimation et de régulation nécessaire à l'exploitation des MAGMaS pour des tâches de manipulation collaborative sont dérivées. Ce travail propose d'exploiter les redondances des MAGMaS grâce à un algorithme optimal d'allocation de forces entre les manipulateurs. De plus, une méthode générale d'estimation de forces pour robots aériens est introduite. Toutes les techniques et les algorithmes présentés dans cette thèse sont intégrés dans une architecture globale, utilisée à la fois pour la simulation et la validation expérimentale. Cette architecture est en outre augmentée par l'addition d'une structure de télé-présence, afin de permettre l'opération à distances des MAGMaS. L'architecture générale est validée par une démonstration de levage de barre, qui est une application représentative des potentiels usages des MAGMaS. Une autre contribution relative au développement des MAGMaS consiste en une étude exploratoire de la flexibilité dans les objets manipulés par un MAGMaS. Un modèle du phénomène vibratoire est dérivé afin de mettre en exergue ses propriétés en termes de contrôle. La dernière contribution de cette thèse consiste en une étude exploratoire sur l'usage des actionneurs à raideur variable dans les robots aériens, dotant ces systèmes d'une compliance mécanique intrinsèque et de capacité de stockage d'énergie. Les fondements théoriques sont associés à la synthèse d'un contrôleur non-linéaire. L'approche proposée est validée par le biais d'expériences reposant sur l'intégration d'un actionneur à raideur variable léger sur un robot aérien
In recent years, the subject of physical interaction for aerial robots has been a popular research area with many new mechanical designs and control approaches being proposed. The aerial robotics community is currently observing a paradigm shift from classic guidance, navigation, and control tasks towards more unusual tasks, for example requesting aerial robots to physically interact with the environment, thus extending the manipulation task from the ground into the air. This thesis contributes to the field of aerial manipulation by proposing a novel concept known has Multiple Aerial-Ground Manipulator System or MAGMaS, including what appears to be the first experimental demonstration of a MAGMaS and opening a new route of research. The motivation behind associating ground and aerial robots for cooperative manipulation is to leverage their respective particularities, ground robots bring strength while aerial robots widen the workspace of the system. The first contribution of this work introduces a meticulous system model for MAGMaS. The system model's properties and potential extensions are discussed in this work. The planning, estimation and control methods which are necessary to exploit MAGMaS in a cooperative manipulation tasks are derived. This works proposes an optimal control allocation scheme to exploit the MAGMaS redundancies and a general model-based force estimation method is presented. All of the proposed techniques reported in this thesis are integrated in a global architecture used for simulations and experimental validation. This architecture is extended by the addition of a tele-presence framework to allow remote operations of MAGMaS. The global architecture is validated by robust demonstrations of bar lifting, an application that gives an outlook of the prospective use of the proposed concept of MAGMaS. Another contribution in the development of MAGMaS consists of an exploratory study on the flexibility of manipulated loads. A vibration model is derived and exploited to showcase vibration properties in terms of control. The last contribution of this thesis consists of an exploratory study on the use of elastic joints in aerial robots, endowing these systems with mechanical compliance and energy storage capabilities. Theoretical groundings are associated with a nonlinear controller synthesis. The proposed approach is validated by experimental work which relies on the integration of a lightweight variable stiffness actuator on an aerial robot

This dissertation treats a variety of topics in the computer security domain which have direct impact on everyday life. The first extends false data injection attacks against state estimation in electric power grids and then provides a novel power flow model camouflage method to hamper these attacks. The second deals with automotive theft response, detailing a method for a car to intelligently identify when it has been stolen, based on collected behavioral traits of its driver. The third demonstrates a new attack against the content integrity of the PDF file format, caus- ing humans and computers to see different information within the same PDF documents. This dissertation lastly describes some future work efforts, identifying some potential vulnerabilities in the automated enforcement of copyright protection for audio (particularly music) in online systems such as YouTube.

Dans le cadre de cette thèse, une approche de calcul de couplage multi-échelle et multi-physique en 2D et en 3D est présentée. La modélisation multi-échelle d’une structure consiste de l’échelle macro qui représente la réponse homogénéisée de la structure entière, tandis que l’échelle micro peut capturer les détails du comportement à la petite échelle du matériau, où des mécanismes inélastiques, tels que la plasticité ou l’endommagement, peuvent être pris en compte. L’intérieur de chaque macro-élément est rempli par le maillage à l’échelle micro qui s’y adapte entièrement. Les deux échelles sont couplées à travers le champ de déplacements imposé à l’interface. Le calcul par éléments finis est effectué, en utilisant une procédure de solution operator-split sur les deux échelles. En 2D, une discontinuité dans le champ de déplacements est introduite à l’échelle macro dans un élément fini Q4, pour pouvoir capturer l’adoucissement comportement d’un matériau piézoélectrique. Un degré de liberté supplémentaire qui représente le voltage est ajouté aux noeuds des macro-éléments de tétraèdre et d’hexaèdre en 3D. La poutre de Timoshenko comportant un modèle de commutation de polarisation est utilisée à l’échelle micro. Également, une formulation multi-échelle de Hellinger-Reissner a été développée et implémentée pour un simple patch test en électrostatique. La procédure proposée est mise en œuvre dans le logiciel de calcul par éléments finis FEAP - Finite Element Analysis Program. Pour simuler le comportement aux deux échelles, FEAP est modifié, et deux versions différentes du code sont obtenues - macroFEAP et microFEAP. Le couplage de ces codes est réalisé avec Component Template Library - CTL qui rend possible l’échange d’informations entre les deux échelles. Les capacités de cette approche multi-échelle en 2D et en 3D sont démontrées dans un environnement purement mécanique, mais aussi multi-physique. La formulation théorique et l’application algorithmique sont présentées, et les avantages de la méthode multi-échelle pour la modélisation des matériaux hétérogènes sont illustrés avec plusieurs exemples numériques
In this thesis, a multi-scale and multi-physics coupling computation procedure for a 2D and 3D setting is presented. When modeling the behavior of a structure by a multi-scale method, the macro-scale is used to describe the homogenized response of the structure, and the micro-scale to describe the details of the behavior on the smaller scale of the material where some inelastic mechanisms, like damage or plasticity, can be taken into account. The micro-scale mesh is defined for each macro-scale element in a way to fit entirely inside it. The two scales are coupled by imposing a constraint on the displacement field over their interface. The computation is performed using the operator split solution procedure on both scales, using the standard finite element method. In a 2D setting, an embedded discontinuity is implemented in the Q4 macroscale element to capture the softening behavior happening on the micro-scale. For the micro-scale element, a constant strain triangle (CST) is used. In a 3D setting, a macro-scale tetrahedral and hexahedral elements are developed, while on the micro-scale Timoshenko beam finite elements are used. This multi-scale methodology is extended with a multi-physics functionality, to simulate the behavior of a piezoelectric material. An additional degree of freedom (voltage) is added on the nodes of the 3D macro-scale tetrahedral and hexahedral elements. For the micro-scale element, a Timoshenko beam element with added polarization switching model is used. Also, a multi-scale Hellinger- Reissner formulation for electrostatics has been developed and implemented for a simple electrostatic patch test. For implementing the proposed procedure, Finite Element Analysis Program (FEAP) is used. To simulate the behavior on both macro and micro-scale, FEAP is modified and two different version of FEAP code are implemented – macroFEAP and microFEAP. For coupling, the two codes are exchanging information between them, and Component Template Library (CTL) is used. The capabilities of the proposed multi-scale approach in a 2D and 3D pure mechanics settings, but also multi-physics environment have been shown. The theoretical formulation and algorithmic implementation are described, and the advantages of the multi-scale approach for modeling heterogeneous materials are shown on several numerical examples

Power systems play a crucial role in the national economy and public safety of the countries. After the technological revolution in modern power systems, a large volume of data is incorporated into the processes of generation companies and customers. Consistent with this issue, we have the integration of Information and Communication Technologies (ICT) into the power system, making it a form of Cyber-Physical System (CPS). With the introduction of the ICT components, we have a new concept in the power system known as Big Data. Big data refers to a large volume of received data from gateways with distinct protocols. This interaction between information and power systems in different environments and specific protocols may lead to some loopholes between these two sections. In this case, various sectors such as information transmission, data collection, and control centers will be vulnerable and at risk of being attacks. These vulnerabilities originated from the cyber layer, resulting in security and stability issues in the power system. This dissertation addresses this challenging problem in modern power systems by employing Deep Neural Networks, Machine Learning Algorithms, and Information Theory concepts.

Les systèmes industriels recouvrent de nombreuses formes. Aujourd'hui, ils sont le plus souvent organisés en réseaux. Les nouvelles technologies de l'information et de la communication apportent un ensemble de moyens supplémentaires pour réaliser des applications ayant un intérêt majeur pour renforcer l'exploitation sûre de ces systèmes et la sécurité des personnes.Parmi ces systèmes industriels, on peut citer les systèmes cyber-physiques (CPS) caractérisés par un grand nombre de variables, des non linéarités et des incertitudes. Leur décomposition en sous-systèmes, permet de les rendre plus facilement gérables et organisés de façon hiérarchique, est fondamentale. Chacun des sous-systèmes est constitué de différents composants remplaçables interconnectés qui réalisent différentes fonctions.Dans cette optique, nous proposons une approche de diagnostic basée sur quatre types de connaissances : fonctionnelle, structurelle, topologique et comportementale.Cette approche qui inclut la détection et la localisation, exploite la représentation des différentes connaissances pour détecter et isoler la source de défaillance. Afin de lever toute ambigüité de localisation, l’adjonction d’un automate temporisé permet, grâce à une analyse temporelle, d’identifier efficacement le ou les composants défectueux. L’approche multimodèle proposée est agencée autour de trois algorithmes.La modélisation et d’analyse des défaillances est illustrée sur un système cyber-physique : le robot de téléprésence "RobAIR". Les différents modèles de connaissances ont été établis avec une démarche d’analyse ainsi que la construction du diagnostiqueur basée sur des signatures préalablement définies.L‘implémentation des algorithmes de détection, d’isolation sous Simulink/ Stateflow de Matlab a permis de construire le diagnostiqueur selon la méthodologie proposée et valider ainsi notre approche par simulation du fonctionnement avec injection de façon aléatoire de différentes défaillances.La méthode d’analyse proposée a été appliquée aux tests de démarrage du robot RobAIR avec une attention particulière sur la partie déplacement. Le test de l’ensemble des fonctionnalités du robot est réalisé par la programmation de la carte Arduino. Pour cette application, les algorithmes de détection et d’isolation ont été complétés par la détection d’obstacle et l’identification du mode défaillance
Industrial systems cover many forms. Today, they are most often organized in networks. The new information and communication technologies provide a set of additional means to realize applications of major interest to strengthen the safe operation of these systems and the safety of people.Among these industrial systems, we can cite cyber-physical systems (CPS) characterized by a large number of variables, nonlinearities and uncertainties. Their decomposition into subsystems, making them more manageable and hierarchically organized, is fundamental. Each of the subsystems consists of different interconnected replaceable components that perform different functions.With this in mind, we propose a diagnostic approach based on four types of knowledge: functional, structural, topological and behavioral.This approach, which includes detection and localization, exploits the representation of different knowledge to detect and isolate the source of failure. In order to eliminate any ambiguity of location, the addition of a timed automat allows, thanks to a temporal analysis, to efficiently identify the defective component(s). The proposed multimodel approach is organized around three algorithms.Modeling and failure analysis is illustrated on a cyber-physical system: the "RobAIR" telepresence robot. The different knowledge models were established with an analysis approach as well as the construction of the diagnostician based on previously defined signaturesThe implementation of Matlab's Simulink / Stateflow isolation and detection algorithms made it possible to build the diagnoser according to the proposed methodology and thus validate our approach by simulating the operation with random injection of various failures.The proposed analysis method was applied to the RobaIR robot's start-up tests with particular attention to the displacement part. The testing of all the robot's functionalities is done by programming the Arduino board. For this application, the detection and isolation algorithms have been supplemented by obstacle detection and failure mode identification

Il s'agit d'une étude menée sur les systèmes cyber-physiques sur trois aspects principaux: la vérification de la stabilité, l'ordonnancement et la synthèse des paramètres. Les systèmes de contrôle embarqués (ECS) agissant dans le cadre de contrats temporels sont la classe considérée de systèmes cyber-physiques dans la thèse. ECS fait référence à des intégrations d'un dispositif informatique avec le système physique. En ce qui concerne les contrats temporels, ils sont des contraintes de temps sur les instants où se produisent certains événements tels que l'échantillonnage, l'actionnement et le calcul. Ces contrats sont utilisés pour modéliser les problèmes qui se posent dans les systèmes de contrôle modernes: incertitudes sur les retards d'actionnement, les périodes d'échantillonnage incertaines et l'interaction de plusieurs systèmes physiques avec des ressources informatiques partagées (CPUs). Maintenant, compte tenu d'un ECS et d'un contrat temporel, nous reformulons le système de manière impulsionnelle et vérifions la stabilité du système, sous toutes les incertitudes bornées et données par le contrat, en utilisant des techniques d'approximation convexe et de nouveaux résultats généralisés pour le problème sur une classe de systèmes modélisés dans le cadre des inclusions différentielles. Deuxièmement, compte tenu d'un ensemble de contrôleurs implémentés sur une plate-forme de calcul commune (CPUs), dont chacun est soumis à un contrat de synchronisation, et à son meilleur et son plus mauvais cas d'exécution dans chaque CPU, nous synthétisons une politique d’ordonnancement dynamique qui garantit que chaque contrat temporel est satisfait et que chacun des CPU partagés est attribué à au plus un contrôleur à tout moment. L'approche est basée sur une reformulation qui nous permet d'écrire le problème d’ordonnancement comme un jeu temporelle avec spécification de sureté. Ensuite, en utilisant l'outil UPPAAL-TIGA, une solution au jeu fournit une politique d’ordonnancement appropriée. En outre, nous fournissons une nouvelle condition nécessaire et suffisante pour l’ordonnancement des tâches de contrôle en fonction d’un jeu temporisé simplifiés. Enfin, nous résolvons un problème de synthèse de paramètres qui consiste à synthétiser une sous-approximation de l'ensemble des contrats de synchronisation qui garantissent en même temps l’ordonnancement et la stabilité des contrôleurs intégrés. La synthèse est basée sur un nouveau paramétrage du contrat temporel pour les rendre monotones, puis sur un échantillonnage à plusieurs reprises de l'espace des paramètres jusqu'à atteindre une précision d'approximation prédéfinie
This is a study conducted on cyber-physical systems on three main aspects: stability verification, scheduling, and parameter synthesis. Embedded control systems (ECS) acting under timing contracts are the considered class of cyber-physical systems in the thesis. ECS refers to integrations of a computing device with the physical system. As for timing contracts they are time constraints on the instants where some events happen such as sampling, actuation, and computation. These contracts are used to model issues that arise in modern embedded control systems: uncertain sampling to actuation delays, uncertain sampling periods, and interaction of several physical systems with shared computational resources (CPUs). Now given an ECS and a timing contract we reformulate the system into an impulsive one and verifies stability of the system, under all possible bounded uncertainties given by the contract, using safe convex approximation techniques and new generalized results for the problem on a class of systems modeled in the framework of difference inclusions. Second given a set of controllers implemented on a common computational platform (CPUs), each of which is subject to a timing contract, and best and worst case execution times on each CPU, we synthesize a dynamic scheduling policy, which guarantees that each timing contract is satisfied and that each of the shared CPUs are allocated to at most one embedded controller at any time. The approach is based on a timed game formulation that allows us to write the scheduling problem as a timed safety game. Then using the tool UPPAAL-TIGA, a solution to the safety game provides a suitable scheduling policy. In addition, we provide a novel necessary and sufficient condition for schedulability of the control tasks based on a simplified timed game automaton. Last, we solve a parameter synthesis problem which consists of synthesizing an under-approximation of the set of timing contracts that guarantee at the same time the schedulability and stability of the embedded controllers. The synthesis is based on a re-parameterization of the timing contract to make them monotonic, and then on a repeatedly sampling of the parameter space until reaching a predefined precision of approximation

The smart grid is the next-generation electrical infrastructure utilizing Information and Communication Technologies (ICTs), whose architecture is evolving from a utility-centric structure to a distributed Cyber-Physical System (CPS) integrated with a large-scale of renewable energy resources. However, meeting reliability objectives in the smart grid becomes increasingly challenging owing to the high penetration of renewable resources and changing weather conditions. Moreover, the cyber-physical attack targeted at the smart grid has become a major threat because millions of electronic devices interconnected via communication networks expose unprecedented vulnerabilities, thereby increasing the potential attack surface. This dissertation is aimed at developing novel game-theoretic and machine-learning techniques for addressing the reliability and security issues residing at multiple layers of the smart grid, including power distribution system reliability forecasting, risk assessment of cyber-physical attacks targeted at the grid, and cyber attack detection in the Advanced Metering Infrastructure (AMI) and renewable resources. This dissertation first comprehensively investigates the combined effect of various weather parameters on the reliability performance of the smart grid, and proposes a multilayer perceptron (MLP)-based framework to forecast the daily number of power interruptions in the distribution system using time series of common weather data. Regarding evaluating the risk of cyber-physical attacks faced by the smart grid, a stochastic budget allocation game is proposed to analyze the strategic interactions between a malicious attacker and the grid defender. A reinforcement learning algorithm is developed to enable the two players to reach a game equilibrium, where the optimal budget allocation strategies of the two players, in terms of attacking/protecting the critical elements of the grid, can be obtained. In addition, the risk of the cyber-physical attack can be derived based on the successful attack probability to various grid elements. Furthermore, this dissertation develops a multimodal data-driven framework for the cyber attack detection in the power distribution system integrated with renewable resources. This approach introduces the spare feature learning into an ensemble classifier for improving the detection efficiency, and implements the spatiotemporal correlation analysis for differentiating the attacked renewable energy measurements from fault scenarios. Numerical results based on the IEEE 34-bus system show that the proposed framework achieves the most accurate detection of cyber attacks reported in the literature. To address the electricity theft in the AMI, a Distributed Intelligent Framework for Electricity Theft Detection (DIFETD) is proposed, which is equipped with Benford’s analysis for initial diagnostics on large smart meter data. A Stackelberg game between utility and multiple electricity thieves is then formulated to model the electricity theft actions. Finally, a Likelihood Ratio Test (LRT) is utilized to detect potentially fraudulent meters.

Data mining can be defined as the extraction of implicit, previously un-known, and potentially useful information from data. Numerous re-searchers have been developing security technology and exploring new methods to detect cyber-attacks with the DARPA 1998 dataset for Intrusion Detection and the modified versions of this dataset KDDCup99 and NSL-KDD, but until now no one have examined the performance of the Top 10 data mining algorithms selected by experts in data mining. The compared classification learning algorithms in this thesis are: C4.5, CART, k-NN and Naïve Bayes. The performance of these algorithms are compared with accuracy, error rate and average cost on modified versions of NSL-KDD train and test dataset where the instances are classified into normal and four cyber-attack categories: DoS, Probing, R2L and U2R. Additionally the most important features to detect cyber-attacks in all categories and in each category are evaluated with Weka’s Attribute Evaluator and ranked according to Information Gain. The results show that the classification algorithm with best performance on the dataset is the k-NN algorithm. The most important features to detect cyber-attacks are basic features such as the number of seconds of a network connection, the protocol used for the connection, the network service used, normal or error status of the connection and the number of data bytes sent. The most important features to detect DoS, Probing and R2L attacks are basic features and the least important features are content features. Unlike U2R attacks, where the content features are the most important features to detect attacks.

Cette thèse traite de la notion d’observabilité états-entrées (ISO) dans les systèmes de réseaux linéaires. On cherche des caractérisations graphiques en utilisant la notion de structure (resp. s-structural) ISO. Tout d’abord nous nous concentrons sur les systèmes de réseaux linéaires invariant en temps, représentés par des graphes fixes et fournissons des caractérisations pour structure ISO fortes. Par la suite, nous nous intéressons aux systèmes de réseaux linéaires variant en temps, dans lesquels nous nous concentrons d’abord sur le cas particulier des graphes fixes (la structure du graphe reste fixe mais les poids sur les arêtes peuvent varier à la dynamique qui varie dans le temps). Nous montrons que, sous des hypothèses appropriées sur la structure des matrices de commande, d’observation et d’action, l’ISO d’un système équivaut à l’observabilité d’un sous-système défini de manière appropriée. Par la suite, nous exploitons cette équivalence pour obtenir des caractérisations graphiques de l’ISO structurelle (resp. S-structurelles).Ensuite, pour la configuration du LTV, nous considérons le cas plus général des graphes variant en temps tout en ne faisant aucune hypothèse sur la structure des matrices du système. Nous introduisons deux descriptions appropriées de la collection complète de graphes, nommés graphes dynamiques et graphes dynamiques bipartites. Deux caractérisations équivalentes de l’ISO structurelle sont ensuite présentées en termes d’existence d’une liaison et d’une correspondance de taille appropriée, respectivement, dans le graphe dynamique et dans le graphe dynamique bipartite. Pour les ISO fortement structurelles, nous fournissons une condition suffisante et une condition nécessaire, concernant à la fois à l’existence d’une correspondance restreinte de taille appropriée dans le graphe dynamique bipartite et dans un sous-graphe de celle-ci. Lorsqu’il n’y a pas d’action directe de la commande sur les mesures, les deux conditions peuvent être fusionnées pour donner lieu à une condition nécessaire et suffisante.Enfin, nous présentons un algorithme récursif sans biais qui estime simultanément les états et les commandes. Nous nous concentrons sur les systèmes à retard-l inversibles avec retard intrinsèque l > 1, où la reconstruction de la commande est possible uniquement en utilisant des sorties allant jusqu’à un nombre "l" de temps plus tard. En montrant une équivalence avec un système de descripteurs, nous présentons des conditions dans lesquelles le filtre variant en temps converge vers un filtre stationnaire stable, impliquant la solution d’une équation algébrique à temps discret de Riccati
This thesis deals with the notion of Input and State Observability (ISO) in linear network systems. One seeks graphical characterizations using the notion of structural (resp. s-structural) ISO. We first focus on linear time-invariant network systems ,represented by fixed graphs, and provide characterizations for strong structural ISO. Thereafter, we turn our attention to linear time-varying network systems wherein we first narrow our attention to the particular case of fixed graphs (i.e., the structure of the graph remains fixed; the weights along the edges are allowed to vary, thereby giving rise to time-varying dynamics). We show that, under suitable assumptions on the structure of input, output and feedthrough matrices, ISO of a system is equivalent to observability of a suitably defined subsystem. Subsequently, we exploit this equivalence to obtain graphical characterizations of structural (resp. s-structural) ISO.Thereafter, for the LTV setting, we consider the more general case of time-varying graphs and furthermore make no assumptions on the structure of system matrices. We introduce two suitable descriptions of the whole collection of graphs, which are named as dynamic graph and dynamic bipartite graph. Two equivalent characterizations of structural ISO are then stated in terms of existence of a linking and a matching of suitable size in the dynamic graph and in the dynamic bipartite graph, respectively. For strongly structural ISO, we provide a sufficient condition and a necessary condition, both concerning the existence of a uniquely restricted matching of suitable size in the dynamic bipartite graph and in a subgraph of it. When there is no direct feedthrough of the input on the measurements, the two conditions can be merged to give rise to a necessary and sufficient condition.Finally, we present an unbiased recursive algorithm that simultaneously estimates states and inputs. We focus on delay-$ell$ left invertible systems with intrinsic delay $ellgeq 1$, where the input reconstruction is possible only by using outputs up to $ell$ time steps later in the future. By showing an equivalence with a descriptor system, we state conditions under which the time-varying filter converges to a stationary stable filter, involving the solution of a discrete-time algebraic Riccati equation

碩士
國立暨南國際大學
資訊管理學系
101
Metaheuristic technique is one of the important methods for solving optimization problems. Many related researches were proposed. Among them, hybrid algorithms combining advantageous features of multiple algorithms appear to be more significant for solving complex problems. Cyber Swarm Algorithm (CSA) is a hybrid algorithm and has been shown to be more effective than several state-of-the-art algorithms for the continuous optimization problem, such as PSO, SS, and GRASP. This paper proposes a discrete version of CSA (to be referred to as DCSA) by considering the distance definition, multistart, intensification and diversity strategies. The experimental results show that DCSA has good performance in solving the well-known quadratic assignment problem. The experimental results also showed that DCSA outperforms several existing methods for important benchmark single row facility layout problem instances.

碩士
國立暨南國際大學
資訊管理學系
104
Stable electricity supply is the basis of economic development for many countries. In order to satisfy the electric power demand of Taiwan's future economic development and environmental protection, new power plants using green energy must be developed, especial the potential solar and wind energy sources in off-island areas. Accurate electricity demand forecasting plays an important role in the economic dispatch of electricity system. This study develops three demand forecasting models based on the Cyber Swarm Algorithm (CSA) which inherits the main features from the particle swarm optimization algorithm. Because of its prevailing capability such as large searching range, few parameters, and fast convergence speed, the particle swarm optimization algorithm usually can quickly find a near optimal solution in the solution space. Moreover, CSA employs the search strategies introduced in reference set and path relinking in order to escape from the barrier of local optima. This study applies parametric and non-parametric regression models to process electricity demand data. Parametric models use important indicators for predicting electricity demand, while non-parametric models use Gauss functions to approximate historical data and shift the learned functions to predict future electricity demand. Finally, we propose a reinforcement learning model to integrate parametric and non-parametric models and obtain a better prediction result.

Food security is a major concern of human civilization. A way to ensure food security is to grow plants in a greenhouse under controlled conditions. Even under careful greenhouse production, stress in plants can emerge, and can cause damaging disease. To prevent yield loss farmers, apply resources, e.g., water, fertilizers, pesticides, higher/lower humidity, lighting, and temperature, uniformly in the infected areas. Research, however, shows that the practice leads to non-optimal profit and environmental protection.

Precision agriculture (PA) is an approach to address such challenges. It aims to apply the right amount or recourses at the right time and place. PA has been able to maximize crop yield while minimizing operation cost and environmental damage. The problem is how to obtain timely, precise information at each location to optimally treat the plants. There is scant research addressing strategies, algorithms, and protocols for analytics in PA. A monitoring and treating systems are the foci of this dissertation.

The designed systems comprise of agent- and system-level protocols and algorithms. There are four parts: (1) Collaborative Control Protocol for Cyber-Physical System (CCP-CPS); (2) Collaborative Control Protocol for Early Detection of Stress in Plants (CCP-ED); (3) Optimal Inspection Profit for Precision Agriculture; and (4) Multi-Agent System Optimization in Greenhouse for Treating Plants. CCP-CPS, a backbone of the system, establishes communication line among agents. CCP-ED optimizes the local workflow and interactions of agents. Next, the Adaptive Search algorithm, a key algorithm in CCP-ED, has analyzed to obtain the optimal procedure. Lastly, when stressed plants are detected, specific agents are dispatched to treat plants in a particular location with specific treatment.

Experimental results show that collaboration among agents statistically and significantly improves performance in terms of cost, efficiency, and robustness. CCP-CPS stabilizes system operations and significantly improves both robustness and responsiveness. CCP-ED enabling collaboration among local agents, significantly improves the number of infected plants found, and system efficiency. Also, the optimal Adaptive Search algorithm, which considers system errors and plant characteristics, significantly reduces the operation cost while improving performance. Finally, with collaboration among agents, the system can effectively perform a complex task that requires multiple agents, such as treating stressed plants with a significantly lower operation cost compared to the current practice.

碩士
國立暨南國際大學
資訊管理學系
99
Cyber Swarm Algorithm (CSA) combining Particle Swarm Optimization (PSO) and Scatter Search/Path relinking (SS/PR) concepts has been empirically shown to effectively solve continuous optimization problems. However, the extension to discrete optimization problems is still uncharted. This motivates the thesis for proposing a Discrete Cyber Swarm Algorithm (DCSA). In addition to the applications of PSO and SS/PR, DCSA also marries with techniques such as aging, solution guide selection, and uncertainty principle in the machine learning domain. Further, DCSA applies the Apriori algorithm in data mining domain to find the association between attributes. Experimental results manifest that the proposed algorithm outperforms PSO, hybrid PSO, and novel global harmony search.

In algorithmic computing, the program follows a predefined set of rules – the algorithm. The analyst/designer of the program analyzes the intended tasks of the program, defines the rules for its expected behaviour and programs the implementation. The creators of algorithmic software must therefore foresee, identify and implement all possible cases for its behaviour in the future application! However, what if the problem is not fully defined? Or the environment is uncertain? What if situations are too complex to be predicted? Or the environment is changing dynamically? In many such cases algorithmic computing fails. In such situations, the software needs an additional degree of freedom: Autonomy! Autonomy allows software to adapt to partially defined problems, to uncertain or dynamically changing environments and to situations that are too complex to be predicted. As more and more applications – such as autonomous cars and planes, adaptive power grid management, survivable networks, and many more – fall into this category, a gradual switch from algorithmic computing to autonomic computing takes place. Autonomic computing has become an important software engineering discipline with a rich literature, an active research community, and a growing number of applications.

In the last decade, a lot of machine learning and data mining based approaches have been used in the areas of intrusion detection, malware detection and classification and also traffic analysis. In the area of malware analysis, static binary analysis techniques have become increasingly difficult with the code obfuscation methods and code packing employed when writing the malware. The behavior-based analysis techniques are being used in large malware analysis systems because of this reason. In prior art, a number of clustering and classification techniques have been used to classify the malwares into families and to also identify new malware families, from the behavior reports. In this thesis, we have analysed in detail about the use of Profile Hidden Markov models for the problem of malware classification and clustering. The advantage of building accurate models with limited examples is very helpful in early detection and modeling of malware families. The thesis also revisits the learning setting of an Intrusion Detection System that employs machine learning for identifying attacks and normal traffic. It substantiates the suitability of incremental learning setting(or stream based learning setting) for the problem of learning attack patterns in IDS, when large volume of data arrive in a stream. Related to the above problem, an elaborate survey of the IDS that use data mining and machine learning was done. Experimental evaluation and comparison show that in terms of speed and accuracy, the stream based algorithms perform very well as large volumes of data are presented for classification as attack or non-attack patterns. The possibilities for using stream algorithms in different problems in security is elucidated in conclusion.

The rampant growth of the Internet has been coupled with an equivalent growth in cyber crime over the Internet. With our increased reliance on the Internet for commerce, social networking, information acquisition, and information exchange, intruders have found financial, political, and military motives for their actions. Network Intrusion Detection Systems (NIDSs) intercept the traffic at an organization’s periphery and try to detect intrusion attempts. Signature-based NIDSs compare the packet to a signature database consisting of known attacks and malicious packet fingerprints. The signatures use regular expressions to model these intrusion activities. This thesis presents a memory efficient pattern matching system for the class of regular expressions appearing frequently in the NIDS signatures. Proposed Cascaded Automata Architecture is based on two stage automata. The first stage recognizes the sub-strings and character classes present in the regular expression. The second stage consumes symbol generated by the first stage upon receiving input traffic symbols. The basic idea is to utilize the research done on string matching problem for regular expression pattern matching. We formally model the class of regular expressions mostly found in NIDS signatures. The challenges involved in using string matching algorithms for regular expression matching has been presented. We introduce length-bound transitions, counter-based states, and associated counter arrays in the second stage automata to address these challenges. The system uses length information along with counter arrays to keep track of overlapped sub-strings and character class based transition. We present efficient implementation techniques for counter arrays. The evaluation of the architecture on practical expressions from Snort rule set showed compression in number of states between 50% to 85%. Because of its smaller memory footprint, our solution is suitable for both software based implementations on network chips as well as FPGA based designs.