Enhancing ML-based system detection and monitoring through model fusion and cognitive diversity

Mitigating DoS attack in online service or monitoring appliances’ energy consumption in residential buildings improves the system’s security and dependability. ML algorithms/models and ensemble methods have been used to detect and identify sophisticated DoS attacks and complicated appliance systems respectively. However, these models/methods often lack generalization, interpretation, or robustness. In this talk, Combinatorial Fusion Analysis (CFA), a paradigm for robust model fusion using both rank and score combination algorithms, is used to measure diversity (cognitive diversity) between two models and help specify model selection and combination. Two examples of experiments are included for further discussion: (a) DoS attack detection using the LYCOS-IDS datasets (E. Owusu et al; IEEE Conference on Communications and Network Security(CNS), (2023)) and (b) Appliances identification in the Non-Intrusion Load Monitoring (NILM) system (A. Mitra et al; IEEE Trans. on Smart Grid, (2023)).

Professor D. Frank Hsu is the Clavius Distinguished Professor of Science, a Professor of Computer and Information Science, and director of LIDM Lab at Fordham University, New York, NY, USA. He was visiting professor/scholar at Keio University, Taiwan University, University of Paris-Sud and CNRS, MIT, and DIMACS, an NSF-funded research consortium, at Rutgers University, New Jersey. Hsu has served on the editorial boards of several journals including as co-founding editor of Journal of Interconnection Networks (JOIN). His current research interests include CFA-based ML/AI methods and systems and their applications to information security, energy efficiency smart grid systems, and risk management. He is also interested in education and training of CISOs for a secure and trustworthy cyber/physical ecosystem. He is a member of the executive committee of IEEE New York section.

Adversarial Attacks Against Emerging Deep Encoder Networks

Adversarial attacks such as adversarial examples and data poisoning are becoming standard threats on AI systems. Many researchers have sophisticated the attacks and applied them to different AI systems for years. However, emerging AI systems have a different structure from conventional systems. Since data structure becomes complicated, up-to-date AI systems are constructed with a deep encoder network. The encoder provides the functionality of feature extraction and data reduction. It can simplify downstream tasks. Yet it is not well-known what those encoders have impact on adversarial attacks. This talk introduces adversarial attacks against two emerging deep encoder networks. The first example is a video encoder/decoder model and the second one is a graph embedding model constructed with contrastive learning. This talk delivers deep insight on a novel concept of adversarial attacks against the first model and a novel strong defense approach for the second model.

Seira Hidano is currently an Expert with the Security Division, KDDI Research, Inc. He received his M.E. and Ph.D. degrees in computer science and engineering from Waseda University, Japan, in 2009 and 2012, respectively. In 2010, he was a JSPS research fellow. In 2011 and 2012, he was a research associate at Waseda University. In 2013, he joined KDDI. He was a lecturer at Tohoku University from 2020 to 2022 and was a visiting researcher at UCSD in 2021 and 2022. He received Maejima Hisoka Award in 2021. His research interest includes trustworthy AI, information theoretic security, and privacy preservation.