Browsing by Author "Yoo, Paul D."

Now showing 1 - 8 of 8
  • Thumbnail Image
    ItemOpen Access
    Clustering the dominant defective patterns in semiconductor wafer maps
    (IEEE, 2017-10-30) Taha, Kamal; Salah, Khaled; Yoo, Paul D.
    Identifying defect patterns on wafers is crucial for understanding the root causes and for attributing such patterns to specific steps in the fabrication process. We propose in this paper a system called DDPfinder that clusters the patterns of defective chips on wafers based on their spatial dependence across wafer maps. Such clustering enables the identification of the dominant defect patterns. DDPfinder clusters chip defects based on how dominant are their spatial patterns across all wafer maps. A chip defect is considered dominant, if: (1) it has a systematic defect pattern arising from a specific assignable cause, and (2) it displays spatial dependence across a larger number of wafer maps when compared with other defects. The spatial dependence of a chip defect is determined based on the contiguity ratio of the defect pattern across wafer maps. DDPfinder uses the dominant chip defects to serve as seeds for clustering the patterns of defective chips. This clustering procedure allows process engineers to prioritize their investigation of chip defects based on the dominance status of their clusters. It allows them to pay more attention to the ongoing manufacturing processes that caused the dominant defects. We evaluated the quality and performance of DDPfinder by comparing it experimentally with eight existing clustering models. Results showed marked improvement.
  • Thumbnail Image
    ItemOpen Access
    Cumulant-based automatic modulation classification over frequency-selective channels
    (IEEE, 2018-08) Yoo, Paul D.; Adly, Fatima; Muhaidat, Sami
    Automatic modulation classification (AMC), being an integral part of multi-standard communication systems, allows for the identification of modulation schemes of detected signals. The need for this type of blind modulation classification process can be evidently seen in areas such as interference identification and spectrum management. Consequently, AMC has been widely recognized as a key driving technology for military, security, and civilian applications for decades. A major challenge in AMC is the underlying frequency selectivity of the wireless channel, causing an increase in complexity of the classification process. Motivated by this practical concern, we propose the use of k-nearest neighbor (KNN) classifier based on higher-order of statistics (HOS), which are calculated as features to distinguish between different types of modulation types. The channel is assumed to b multipath frequency-selective and the modulation schemes considered are {2, 4, 8} phase-shift keying (PSK) and {16, 64, 256} quadrature amplitude modulation (QAM). The simulation results confirmed the superiority of this approach over existing methods.
  • Thumbnail Image
    ItemOpen Access
    Deep abstraction and weighted feature selection for Wi-Fi impersonation detection
    (IEEE, 2017-09-28) Aminanto, Muhamad Erza; Choi, Rakyong; Tanuwidjaja, Harry Chandra; Yoo, Paul D.; Kim, Kwangjo
    The recent advances in mobile technologies have resulted in Internet of Things (IoT)-enabled devices becoming more pervasive and integrated into our daily lives. The security challenges that need to be overcome mainly stem from the open nature of a wireless medium, such as a Wi-Fi network. An impersonation attack is an attack in which an adversary is disguised as a legitimate party in a system or communications protocol. The connected devices are pervasive, generating high-dimensional data on a large scale, which complicates simultaneous detections. Feature learning, however, can circumvent the potential problems that could be caused by the large-volume nature of network data. This paper thus proposes a novel deep-feature extraction and selection (D-FES), which combines stacked feature extraction and weighted feature selection. The stacked autoencoding is capable of providing representations that are more meaningful by reconstructing the relevant information from its raw inputs. We then combine this with modified weighted feature selection inspired by an existing shallow-structured machine learner. We finally demonstrate the ability of the condensed set of features to reduce the bias of a machine learner model as well as the computational complexity. Our experimental results on a well-referenced Wi-Fi network benchmark data set, namely, the Aegean Wi-Fi Intrusion data set, prove the usefulness and the utility of the proposed D-FES by achieving a detection accuracy of 99.918% and a false alarm rate of 0.012%, which is the most accurate detection of impersonation attacks reported in the literature.
  • Thumbnail Image
    ItemOpen Access
    DFSGD: Machine Learning Based Intrusion Detection for Resource Constrained Devices
    (2019-12) Lee, Seo Jin; Chermak, Lounis; Richardson, Mark A.; Yoo, Paul D.; Asyhari, Taufiq
    An ever increasing number of smart and mobile devices interconnected through wireless networks such as Internet of Things (IoT) and huge sensitive network data transmitted between them has raised security and privacy issues. Intrusion detection system (IDS) is known as an effective defence system and often, machine learning (ML) and its subfield deep learning (DL) methods are used for its development. However, IoT devices have limited computational resources such as limited energy source and computational power and thus, traditional IDS that require extensive computational resource are not suitable for running on such devices. Therefore, the aim of this research is to design and develop a lightweight ML-based IDS for the resource-constrained devices. The research proposes a lightweight ML-based IDS model based on Deep Feature Learning with Linear SVM and Gradient Descent optimisation (DFSGD) to deploy and run on resource-constrained devices by reducing the number of features through feature extraction and selection using a stacked autoencoder (SAE), mutual information (MI) and C4.5 wrapper. The DFSGD is trained on Aegean Wi-Fi Intrusion Dataset (AWID) to detect impersonation attack and utilises support vector machine (SVM) and gradient descent as the classifier and optimisation algorithm respectively. As one of the key contributions of this research, the features in AWID dataset utilised for the development of the model, were also investigated for its usability for further development of IDS. Finally, the DFSGD was run on Raspberry Pi to show its possible deployment on resource-constrained devices.
  • Thumbnail Image
    ItemOpen Access
    IMPACT: Impersonation attack detection via edge computing using deep auto encoder and feature abstraction
    (IEEE, 2020-04-02) Lee, Seo Jin; Yoo, Paul D.; Asyhari, A. Taufiq; Jhi, Yoonchan; Chermak, Lounis; Yeun, Chan Yeob; Taha, Kamal
    An ever-increasing number of computing devices interconnected through wireless networks encapsulated in the cyber-physical-social systems and a significant amount of sensitive network data transmitted among them have raised security and privacy concerns. Intrusion detection system (IDS) is known as an effective defence mechanism and most recently machine learning (ML) methods are used for its development. However, Internet of Things (IoT) devices often have limited computational resources such as limited energy source, computational power and memory, thus, traditional ML-based IDS that require extensive computational resources are not suitable for running on such devices. This study thus is to design and develop a lightweight ML-based IDS tailored for the resource-constrained devices. Specifically, the study proposes a lightweight ML-based IDS model namely IMPACT (IMPersonation Attack deteCTion using deep auto-encoder and feature abstraction). This is based on deep feature learning with gradient-based linear Support Vector Machine (SVM) to deploy and run on resource-constrained devices by reducing the number of features through feature extraction and selection using a stacked autoencoder (SAE), mutual information (MI) and C4.8 wrapper. The IMPACT is trained on Aegean Wi-Fi Intrusion Dataset (AWID) to detect impersonation attack. Numerical results show that the proposed IMPACT achieved 98.22% accuracy with 97.64% detection rate and 1.20% false alarm rate and outperformed existing state-of-the-art benchmark models. Another key contribution of this study is the investigation of the features in AWID dataset for its usability for further development of IDS.
  • Thumbnail Image
    ItemOpen Access
    Multi-Layered clustering for power consumption profiling in smart grids
    (IEEE, 2017-06-13) Al-Jarrah, Omar Y.; Al-Hammadi, Yousof; Yoo, Paul D.; Muhaidat, Sami
    Smart Grids (SGs) have many advantages over traditional power grids as they enhance the way electricity is generated, distributed, and consumed by adopting advanced sensing, communication and control functionalities that depend on power consumption profiles of consumers. Clustering algorithms (e.g., centralized clustering) are used for profiling individual’s power consumption. Due to the distributed nature and ever growing size of SGs, it is predicted that massive amounts of data will be created. However, conventional clustering algorithms neither efficient enough nor scalable enough to deal with such amount of data. In addition, the cost for transferring and analyzing large amounts of data is expensive high both computationally and communicationally. This paper thus proposes a power consumption profiling model based on two levels of clustering. At the first level, local power consumption profiles are derived, which are then used by the second level in order to create a global power consumption profile. The followed approach reduces the communication and computation complexity of the proposed two level model and improves the privacy of consumers. We point out that having good knowledge of the local power profiles leads to more effective prediction model and cost-effective power pricing scheme, especially in a heterogeneous grid topology. In addition, the correlations between the local and global profiles can be used to localize/identify power consumption outliers. Simulation results illustrate that the proposed model is effective in reducing the computational complexity without much affecting its accuracy. The reduction in computational complexity is about 52% and the reduction in the communicational complexity is about 95% when compared to the centralized clustering approach.
  • Thumbnail Image
    ItemOpen Access
    Semi-supervised multi-layered clustering model for intrusion detection
    (Elsevier, 2017-09-22) Al-Jarrah, Omar Y.; Al-Hammdi, Yousof; Yoo, Paul D.; Muhaidat, Sami; Al-Qutayri, Mahmoud
    A Machine Learning (ML) -based Intrusion Detection and Prevention System (IDPS) requires a large amount of labeled up-to-date training data, to effectively detect intrusions and generalize well to novel attacks. However, labeling of data is costly and becomes infeasible when dealing with big data, such as those generated by IoT (Internet of Things) -based applications. To this effect, building a ML model that learns from non- or partially-labeled data is of critical importance. This paper proposes a novel Semi-supervised Multi-Layered Clustering Model (SMLC) for network intrusion detection and prevention tasks. The SMLC has the capability to learn from partially labeled data while achieving a comparable detection performance to supervised ML-based IDPS. The performance of the SMLC is compared with well-known supervised ensemble ML models, namely, RandomForest, Bagging, and AdaboostM1 and a semi-supervised model (i.e., tri-training) on a benchmark network intrusion dataset, the Kyoto 2006+. Experimental results show that the SMLC outperforms all other models and can achieve better detection accuracy using only 20% labeled instances of the training data.
  • Thumbnail Image
    ItemOpen Access
    Using the spanning tree of a criminal network for identifying its leaders
    (IEEE, 2016-10-26) Taha, Kamal; Yoo, Paul D.
    We introduce a forensic analysis system called ECLfinder that identifies the influential members of a criminal organization as well as the immediate leaders of a given list of lower-level criminals. Criminal investigators usually seek to identify the influential members of criminal organizations, because eliminating them is most likely to hinder and disrupt the operations of these organizations and put them out of business. First, ECLfinder constructs a network representing a criminal organization from either mobile communication data associated with the organization or crime incident reports that include information about the organization. It then constructs a minimum spanning tree (MST) of the network. It identifies the influential members of a criminal organization by determining the important vertices in the network representing the organization, using the concept of existence dependence. Each vertex v is assigned a score, which is the number of other vertices, whose existence in MST is dependent on v. Vertices are ranked based on their scores. Criminals represented by the top ranked vertices are considered the influential members of the criminal organization represented by the network. We evaluated the quality of ECLfinder by comparing it experimentally with three other systems. Results showed marked improvement.