Guo-Tan Liao

HMM machine learning and inference for Activities of Daily Living recognition

In a human-centric smart space, Activities of Daily Living (ADL) analysis can provide very useful information for elder care and long-term care services. ADL is defined as an assessment of a person’s functional status. Many recent researches concentrate on designing a good Context Aware Computing System to automate the actions necessarily triggered by ADL recognitions. Implementing a correct ADL recognition engine is a hard work, but will repay the system with lower inference errors and higher system dependability. A good ADL recognition engine is required to adjust its inference strategy based on the learning capability in order to avoid a high error rate, especially in real world inputs with a significant difference as compared to those in the training phase. In this paper, we proposed a powerful inference engine based on the Hidden Markov Model, called the Adaptive Learning Hidden Markov Model (ALHMM), which combines the Viterbi and Baum–Welch algorithms to enhance the accuracy and learning capability. The assessments of ALHMM are conducted on the Python platform and show the practical feasibility of Activity Recognition in residential homes. Such a technique can provide the key answer required for advancing the state-of-the-art in context-aware computing and applications in real life.

A Novel Probabilistic Matching Algorithm for Multi-Stage Attack Forecasts

Current intrusion detection systems (IDSs) can only discover single-step attacks but not complicated multi-stage attacks. Therefore, it is not only important, but also challenging for security managers to correlate security alerts with specific patterns to predict a multi-stage attack. In this paper, we propose Judge Evaluation of Attack intensioN (JEAN), which inspects the security alerts in the network and provides a probabilistic approach for the projection of the multi-stage attack by measuring the difference between the stored and the actual multi-stage attack session graphs (ASG). The experimental results show that JEAN is able to project possible attacks with more accuracy than Longest Common Subsequence (LCS) based approaches on DARPA 2000 and DARPA GCP (Grand Challenge Problem) specific attack scenario datasets.

Network lifetime bounds for hierarchical wireless sensor networks in the presence of energy constraints

In previous years, one popular problem that is constantly being researched into is how to prolong the lifetime of wireless sensor networks (WSNs). Many approaches to maximize network lifetime have been proposed and each approach provides different levels of energy savings and are efficient in their own aspects. However, these proposed algorithms are not suitable for use in a hard network lifetime environment where participating sensors should be working till the strict network lifetime requirement. The predictability of the network lifetime plays an important role in supporting guaranteed network lifetime services. This can be provided through the schedulability test that complements the online operations of safe and critical sensor network systems. In this paper, we focus on the study of the predictability of the network lifetime to enable the High Energy First clustering algorithm (HEF) to work in a hard lifetime environment and present a schedulability test to verify whether HEF can make the set of sensors schedulable in terms of N-of-N and K-of-N alive nodes.

Hybrid classification engine for cardiac arrhythmia cloud service in elderly healthcare management

The self-regulation ability of the elderly is largely degenerated with the age increases, and the elderly often expose to great potential hazards of heart disorders. In practice, the electrocardiography (ECG) is one of the well-known non-invasive procedures used as records of heart rhythms and diagnosis of unusual heart diseases. In this paper, we propose a healthcare management system, named CardiaGuard, which is specialized in monitoring and analysis the heart disorder events for the elderly. The CardiaGuard cloud service is an expert system designed based on the hybrid classifier implemented using support vector machine (SVM) and random tree (RT) classification algorithm. We conduct a comprehensive performance evaluation which shows the proposed hybrid classification engine are able to detect six types of cardiac disorders with higher accuracy rate than the SVM-based classifier alone. CardiaGuard poses a great solution to enhance the quality of good clinical practice on the healthcare management for the elderly in cardiology. Close relation between the 25th beat before the point and the 50th after it.Alarm service can trigger the instant response.Personal ECG records may help easily catch the features for personal body.General ECG database is an assistant of other new arrhythmias.Hybrid classifier offers feasible and flexible arrhythmia identification.

FBT: an efficient traceback scheme in hierarchical wireless sensor network

With limited resource constraints, wireless sensor networks (WSNs) pose unique technical challenges: WSNs are vulnerable to DoS/DDoS attacks that can easily exhaust rare available resources to prevent execution of their expected functions. Reconstructing the attacking path and locating the attacking source are challenging tasks in the traceback research areas. In conventional IP networks, probabilistic packet marking (PPM) schemes are among the widely used traceback algorithms. However, due to their high convergence times, conventional PPM schemes are not enough for the need for quick and accurate traceback in WSNs. Because marking probability assignment schemes have considerable influence on convergence time and performance, we place a particular emphasis on how to improve both easiness and efficiency for the marking probability assignment of the PPM. In this paper, we propose a novel traceback scheme, called fishbone traceback (FBT), which can be deployed in hierarchical WSN environments. FBT is designed based on the two-layer labelling technique and a smart marking probability distribution function (MPDF). The use of two-layer FBT labels is to derive the main branch (‘fish spine’) of the attacking path quickly, while the use of MPDF can greatly reduce the convergence time by integrating with a priori information of hierarchical WSN topology. The FBT path reconstruction procedure is able to rebuild the spine path (for inter-cluster traceback) via cluster head marking packets. It also reforms the details of the micro fishbone path (for intra-cluster traceback) on-demand within a cluster. Both numerical analysis and simulation results show that our solution has better performance in terms of shorter traceback convergence time. In particular, the proposed FBT also includes many salient features (such as the enhanced robustness of the traceback algorithm in case of multi-attack and reusable spine path), which enable FBT to be a practical solution to the traceback problem in hierarchical WSNs. Copyright

MIB-ITrace-CP: An Improvement of ICMP-Based Traceback Efficiency in Network Forensic Analysis

A denial-of-service (DoS) / distributed-denial-of-service (DDoS) attack may result in rapid resource depletion along the attack path. For stepping-stone and masquerading techniques typically used in DoS/DDoS attacks such as internet protocol (IP) or Media Access Control (MAC) address spoofing, tracing the intrusion back to the true attacker becomes a challenging task for network security engineers. Although the Internet Engineer Task Force (IETF) has proposed an Internet Control Message Protocol (ICMP) based Traceback solution, it faces severe difficulties in practice in regard to justifying the interoperability of deployed routers as well as the correctness of Traceback with multiple attack paths. This research proposes a novel approach to embed the essence of a management information base (MIB) into iTrace messages, named MIB-ITrace-CP, in order to improve the accuracy and efficiency of the original ICMP-based Traceback. Through our implementations on a Testbed@TWISC platform, we validated our approach and demonstrated the feasibility of practical network forensics.

Cheetah: a space-efficient HNB-based NFAT approach to supporting network forensics

The popularity of the Internet has increased the ease of online access to malicious software, and the amount of software designed to perform denial-of-service (DoS) attacks is incalculable. This enables hackers to use online resources to easily launch attacks, posing serious threats to network security. The ultimate solution to increasingly severe DoS attacks is to identify the sources of the attacks; this is known as an IP traceback or forensics. However, the Network Forensic Analysis Tool is limited by the storage space, which significantly reduces the effects of the traceback. We proposed a Cheetah mechanism, which was proposed to overcome the disadvantage of requiring a significant data storage requirement. This involved using mechanic learning to filter irrelevant data, thereby retaining only the evidence related to DoS attacks to perform subsequent tracebacks. The experiment results confirmed that the proposed mechanism can reduce the quantity of data that requires storage and maintain a certain level of forensic accuracy.

Design and implementation of a personal health monitoring system with an effective SVM-based PVC detection algorithm in cardiology

In this paper, we present a bio-health monitoring system prototype specialized in capturing the Premature Ventricular Contraction (PVC) event, one of the major cardiac disorder events. The proposed bio-health system comprises three parts: (1) the Electrocardiograph (ECG) sensing hardware, (2) the Android-based processing and communication device, and (3) the expert system on the cloud to detect PVC events. The expert system on the cloud is designed and implemented based on the support vector machine (SVM). The effective identification of PVC can help patients take care of the health quickly. The main purpose of recording information is to track the patients health status, and allow the medical team to keep tracking the recovery status.

E-Cube + routing protocol for wireless sensor networks in the presence of network failures

Providing reliable communication represents one of the major barriers to wireless sensor networks. In this paper, we propose a fault-tolerant tableless routing protocol called E-cube+, inspired from e-cube routing protocol, to support intelligent rerouting. A range of fault-tolerant routing properties of E-cube+ (such as loop-freeness, failure recovery guarantees, and bounded latency) have been derived and analyzed. Experiment results also show that E-cube+ is able to route data properly without complicated and energy-intensive routing table lookup processes even when node failures occur.

A Multi-level Fuzzy Comprehensive Evaluation Approach for Message Verification in VANETs

Vehicular ad-hoc networks (VANETs) are a promising new research area with the potential to revolutionize intelligent transportation systems (ITS) in the near future. Equipping vehicles with computers and wireless communication devices, VANETs have led to new applications including real-time monitoring of traffic, dynamic route scheduling and emergency information dissemination. However, the security of communicated information is of paramount importance. In this paper, we propose a novel VANET trust system that utilizes the multi-level fuzzy comprehensive evaluation (FCE) model together with an Analytic Hierarchy Process (AHP) to evaluate the trustworthiness and accuracy of information propagating in a VANET. Experimental results demonstrate that the proposed approach can detect malicious nodes efficiently without complicated key exchange processes and does not compromise on privacy.