Naruemon Wattanapongsakorn

Practical solutions for multi-objective optimization: An application to system reliability design problems

For multiple-objective optimization problems, a common solution methodology is to determine a Pareto optimal set. Unfortunately, these sets are often large and can become difficult to comprehend and consider. Two methods are presented as practical approaches to reduce the size of the Pareto optimal set for multiple-objective system reliability design problems. The first method is a pseudo-ranking scheme that helps the decision maker select solutions that reflect his/her objective function priorities. In the second approach, we used data mining clustering techniques to group the data by using the k-means algorithm to find clusters of similar solutions. This provides the decision maker with just k general solutions to choose from. With this second method, from the clustered Pareto optimal set, we attempted to find solutions which are likely to be more relevant to the decision maker. These are solutions where a small improvement in one objective would lead to a large deterioration in at least one other objective. To demonstrate how these methods work, the well-known redundancy allocation problem was solved as a multiple objective problem by using the NSGA genetic algorithm to initially find the Pareto optimal solutions, and then, the two proposed methods are applied to prune the Pareto set.

System optimization with component reliability estimation uncertainty: a multi-criteria approach

Summary & Conclusions-This paper addresses system reliability optimization when component reliability estimates are treated as random variables with estimation uncertainty. System reliability optimization algorithms generally assume that component reliability values are known exactly, i.e., they are deterministic. In practice, that is rarely the case. For risk-averse system design, the estimation uncertainty, propagated from the component estimates, may result in unacceptable estimation uncertainty at the system-level. The system design problem is thus formulated with multiple objectives: (1) to maximize the system reliability estimate, and (2) to minimize its associated variance. This formulation of the reliability optimization is new, and the resulting solutions offer a unique perspective on system design. Once formulated in this manner, standard multiple objective concepts, including Pareto optimality, were used to determine solutions. Pareto optimality is an attractive alternative for this type of problem. It provides decision-makers the flexibility to choose the best-compromise solution. Pareto optimal solutions were found by solving a series of weighted objective problems with incrementally varied weights. Several sample systems are solved to demonstrate the approach presented in this paper. The first example is a hypothetical series-parallel system, and the second example is the fault tolerant distributed system architecture for a voice recognition system. The results indicate that significantly different designs are obtained when the formulation incorporates estimation uncertainty. If decision-makers are risk averse, and wish to consider estimation uncertainty, previously available methodologies are likely to be inadequate.

Practical real-time intrusion detection using machine learning approaches

The growing prevalence of network attacks is a well-known problem which can impact the availability, confidentiality, and integrity of critical information for both individuals and enterprises. In this paper, we propose a real-time intrusion detection approach using a supervised machine learning technique. Our approach is simple and efficient, and can be used with many machine learning techniques. We applied different well-known machine learning techniques to evaluate the performance of our IDS approach. Our experimental results show that the Decision Tree technique can outperform the other techniques. Therefore, we further developed a real-time intrusion detection system (RT-IDS) using the Decision Tree technique to classify on-line network data as normal or attack data. We also identified 12 essential features of network data which are relevant to detecting network attacks using the information gain as our feature selection criterions. Our RT-IDS can distinguish normal network activities from main attack types (Probe and Denial of Service (DoS)) with a detection rate higher than 98% within 2s. We also developed a new post-processing procedure to reduce the false-alarm rate as well as increase the reliability and detection accuracy of the intrusion detection system.

Reliability optimization models for embedded systems with multiple applications

Summary and Conclusions-This paper presents four models for optimizing the reliability of embedded systems considering both software and hardware reliability under cost constraints, and one model to optimize system cost under multiple reliability constraints. Previously, most optimization models have been developed for hardware-only or software-only systems by assuming the hardware, if any, has perfect reliability. In addition, they assume that failures for each hardware or software unit are statistically independent. In other words, none of the existing optimization models were developed for embedded systems (hardware and software) with failure dependencies. For our work, each of our models is suitable for a distinct set of conditions or situations. The first four models maximize reliability while meeting cost constraints, and the fifth model minimizes system cost under multiple reliability constraints. This is the first time that optimization of these kinds of models has been performed on this type of system. We demonstrate and validate our models for an embedded system with multiple applications sharing multiple resources. We use a Simulated Annealing optimization algorithm to demonstrate our system reliability optimization techniques for distributed systems, because of its flexibility for various problem types with various constraints. It is efficient, and provides satisfactory optimization results while meeting difficult-to-satisfy constraints.

Optimal electric power distribution system reliability indices using binary programming

At present, most electric distribution utilities measure their reliability performance using reliability indices such as system average interruption frequency index (SAIFI) and system average interruption duration index (SAIDI). However, using SAIFI and SAIDI as performance indices is insufficient to measure the outage cost of utilities and customers. The outage cost reflects actual damage efficiently. Additionally, life cycle cost (LCC) and investment cost of protective devices are important factors, which the utility providers need to consider. Adding protective devices in an electrical distribution system can decrease the outage cost by protecting public customers from local faults, but it may also increase the LCC and investment cost of the protective devices. In this paper, we propose an optimization technique to identify types and positions of protective devices to minimize the outage cost, the LCC and the investment cost according to system requirement constraints. This research aims to help the decision-maker in providing appropriate protective device allocations in the electrical distribution system. We apply our optimization technique with a nonlinear binary programming tool.

Solving multi-objective routing and wavelength assignment in WDM network using hybrid evolutionary computation approach

Routing and wavelength assignment (RWA) is a well-known issue in wavelength division multiplexing (WDM) optical networks. In this paper, we present RWA design for WDM networks by considering multiple design objectives which are maximizing the number of traffic demands to be served and minimizing the number of wavelength channels to be assigned. A hybrid evolutionary computation approach consisting of genetic algorithm for routing allocation with minimum degree first for wavelength assignment (GA-MDF) and the fast non-dominated sorting genetic algorithm (NSGA-II) to search for non-dominated solutions is applied for solving the multi-objective RWA network design problem. The hybrid evolutionary algorithm is used as a meta-heuristic technique for obtaining good solutions for various problem sizes. The obtained results are provided as candidate choices or non-dominated front. We compare the simulation results obtained from the NSGA-II with those obtained from the traditional Weighted-Sum approach. Numerical results show that our hybrid evolutionary computation approach is effective in solving the multi-objective RWA problem. The GA-MDF can outperform the FAR-FF method in both design objectives. In addition, the solutions from the NSGA-II are more diverse on the multi-objective space than those of the Weighted-Sum method. We also apply a Pruned mechanism to help cutting off numerous non-dominated solutions for making decision on the final solution.

Dynamic k-out-of-n system reliability with component partnership

This paper describes a new k-out-of-n system reliability model that is appropriate for certain design problems when the minimum number of required components, k, changes dynamically in response to failures to maximize the utility of the available collection of functioning components. This new model shares some distinct similarities with weighted k-out-of-n models and for some problems they produce the same result. However, there are subtle and distinct differences, and in practice, there are some complex applications have not been properly explained or modeled by traditional or extended k-out-of-n system models. For this application, components are arranged in a k-out-of-n configuration of heterogeneous components with different performance levels. Component performance is indicated by a component-specific component partnership level; the fewer partners required to operate successfully implies higher performance. The components can work collectively with partners at the same level to maintain system reliability, or they can create a partnership group with components at higher performance levels which serve as replacements to provide the necessary number of working components. When components fail, the dynamic k-out-of-n configuration maintains reliability of the system with changing k by having components create partnerships with other components at the same level or above. To demonstrate the model, a system replacement maintenance policy based on a replacement interval variable is applied to an example system to obtain the optimal replacement time.

Network intrusion detection with Fuzzy Genetic Algorithm for unknown attacks

In this work, we consider detecting unknown or new network attack types with a Fuzzy Genetic Algorithm approach. The fuzzy rule is a supervised learning technique and genetic algorithm make fuzzy rule able to learn new attacks by itself. Moreover, this technique has high detection rate and robust. Therefore, we apply the fuzzy genetic algorithm approach to our real-time intrusion detection system implementation i.e. the data is detected right after it arrived to the detection system. In our experiments, various denial of service (DoS) attacks and Probe attacks are considered. We evaluate our IDS in terms of detection time, detection rate and false alarm rate. From the experiment, we obtain the average detection rate approximately over 97%.

A Practical Network-Based Intrusion Detection and Prevention System

While Internet and network technology have been growing rapidly, cyber attack incidents also increase accordingly. The increasing occurrence of network attacks is an important problem to network services. In this paper, we present a network based Intrusion Detection and Prevention System DPS), which can efficiently detect many well-known attack types and can immediately prevent the network system from network attacks. Our approach is simple and efficient and can be used with several machine learning algorithms. We actually implement the IDPS using different machine learning algorithms and test in an online network environment. The experimental results show that our IDPS can distinguish normal network activities from main attack types (Probe and Denial of Service) with high accuracy of detection rate in a few seconds and automatically prevent the victims computer network from the attacks. In addition, we apply a well-known machine learning technique called C4.5 Decision Tree in our approach to consider unknown or new network attack types. Surprisingly, the supervised Decision Tree technique can work very well, when experiencing with untrained or unknown network attack types.

Network intrusion detection and classification with Decision Tree and rule based approaches

Together with the extensive deployment of computer networks, the number of network attacks is greatly increasing. These attacks affect to availability and quality of services of the networks as well as confidentiality of private or important information data. In this paper, we present two network intrusion detection (IDS) techniques which are C4.5 Decision Tree and Ripper rules to assess and test an online dataset (RLD09 dataset). The dataset was collected from actual environment and then preprocessed to have only 13 features which are much simpler than existing traditional dataset such as KDD99 with 41 features. Thus, the RLD09 dataset features can provide real-time detection speed with low memory and CPU consumption. Our IDSs can classify the network data into classes which are normal data, Denial of Service (DoS) attack, and Probe (Port Scanning) attack. Our IDS techniques give the detection rates higher than 98%. Furthermore, they can detect unknown or new attacks, where the C4.5 Decision Tree detection rate is about the double of the Ripper rule detection rate. These tests can prove that our techniques are effective in detecting and classifying the new unknown attacks in the real environment.