Repository logo
 
Profile Picture
Person

de Carvalho Costa, Rogério Luís

Metadata only
7717-9573-0C0F
0000-0003-2306-7585

Filters

2020 - 20245
Reset filters

Settings

Search Results

Now showing 1 - 5 of 5
  • Engineering the application of machine learning in an IDS based on IoT traffic flow
    Publication . Prazeres, Nuno; Costa, Rogério Luís de C.; Santos, Leonel; Rabadão, Carlos
    Internet of Things (IoT) devices are now widely used, enabling intelligent services that, in association with new communication technologies like the 5G and broadband internet, boost smart-city environments. Despite their limited resources, IoT devices collect and share large amounts of data and are connected to the internet, becoming an attractive target for malicious actors. This work uses machine learning combined with an Intrusion Detection System (IDS) to detect possible attacks. Due to the limitations of IoT devices and low latency services, the IDS must have a specialized architecture. Furthermore, although machine learning-based solutions have high potential, there are still challenges related to training and generalization, which may impose constraints on the architecture. Our proposal is an IDS with a distributed architecture that relies on Fog computing to run specialized modules and use deep neural networks to identify malicious traffic inside IoT data flows. We compare our IoT-Flow IDS with three other architectures. We assess model generalization using test data from different datasets and evaluate their performance in terms of Recall, Precision, and F1-Score. Results confirm the feasibility of flowbased anomaly detection and the importance of network traffic segmentation and specialized models in the AI-based IDS for IoT.
    2023-02Journal article Open access Show more
  • GPT and Interpolation-Based Data Augmentation for Multiclass Intrusion Detection in IIoT
    Publication . Melicias, Francisco S.; Ribeiro, Tiago F. R.; Rabadão, Carlos; Santos, Leonel; Costa, Rogério Luís de C.
    The absence of essential security protocols in Industrial Internet of Things (IIoT) networks introduces cybersecurity vulnerabilities and turns them into potential targets for various attack types. Although machine learning has been used for intrusion detection in the IIoT, datasets with representative data of common attacks of IIoT network traffic are limited and often imbalanced. Data augmentation techniques address these problems by creating artificial data in classes with fewer samples. In this work, we evaluate the use of data augmentation when training intrusion detection models based on IIoT traffic data. We compare Generative Pre-trained Transformers (GPT) and variations on the Synthetic Minority Over-sampling TEchnique (SMOTE) and evaluate their capability to enhance intrusion detection performance. We examine the performance of five intrusion detection algorithms when trained with augmented datasets to models trained with the original non-augmented dataset. To ensure a fair comparison, we evaluated the algorithms’ performance in the different scenarios using the same test dataset, which does not contain synthetic data. The results show the need for a systematic evaluation before employing data augmentation, as its impact on classification performance depends on the algorithm, data, and used technique. While deep neural networks benefit from data augmentation, the eXtreme Gradient Boosting (XGBoost), which achieved superior performance in intrusion detection between all evaluated classifiers (with F1-Score over 91%), didn’t have any performance improvement when trained with augmented data. The evaluation of data generated by GPT-based methods shows such methods (especially GReaT) generate invalid data for both numerical and categorical features in a way that leads to performance degradation in multiclass classification.
    2024Journal article Open access Show more
  • Evaluation of AI-based Malware Detection in IoT Network Traffic
    Publication . Prazeres, Nuno; Costa, Rogério Luís de C.; Santos, Leonel; Rabadão, Carlos
    Internet of Things (IoT) devices have become day-to-day technologies. They collect and share a large amount of data, including private data, and are an attractive target of potential attackers. On the other hand, machine learning has been used in several contexts to analyze and classify large volumes of data. Hence, using machine learning to classify network traffic data and identify anomalous traffic and potential attacks promises. In this work, we use deep and traditional machine learning to identify anomalous traffic in the IoT-23 dataset, which contains network traffic from real-world equipment. We apply feature selection and encoding techniques and expand the types of networks evaluated to improve existing results from the literature. We compare the performance of algorithms in binary classification, which separates normal from anomalous traffic, and in multiclass classification, which aims to identify the type of attack.
    2022Conference object Restricted access Show more
  • Convolutional-LSTM networks and generalization in forecasting of household photovoltaic generation
    Publication . Costa, Rogério Luís de C.
    Solar panels can generate energy to meet almost all of the energy needs of a house. Batteries store energy generated during daylight hours for future use. Also, it may be possible to sell extra electricity back to distribution companies. However, the efficiency of photovoltaic systems varies according to several factors, such as the solar exposition at ground levels, atmospheric temperature, and relative humidity, and predicting the energy generated by such a system is not easy. This work is on the use of deep learning to predict the generation of photovoltaic energy by residential systems. We use real-world data to evaluate the performance of LSTM, Convolutional, and hybrid Convolutional-LSTM networks in predicting photovoltaic power generation at different forecasting horizons. We also assess the generalizability of the solutions, evaluating the use of models trained with data aggregated by geographic areas to predict the energy generation by individual systems. We compare the performance of deep networks with Prophet in terms of MAE, RMSE, and NRMSE, and in most cases, Convolutional and Convolutional-LSTM networks achieve the best results. Using models trained with region-based data to predict the power generation of individual systems is confirmed to be a promising approach.
    2022-11Journal article Open access Show more
  • Towards the automatic selection of moving regions representation methods
    Publication . Costa, Rogério Luís C.; Miranda, Enrico; Moreira, José
    Moving region is an abstraction used to represent the spatio-temporal behavior of real-world phenomena in database systems. The most common approach to model moving regions uses geometries to represent their position and shape at different times (observations), and interpolation functions to generate the evolution of the geometries between observations. Several region interpolation methods have been proposed in the databases literature, but as there is no suitable method for all use cases, users must select the most adequate algorithm to represent each region by visual inspection. This can be infeasible when dealing with large datasets. This paper presents the first steps towards a system that suggests which methods (and configurations) can generate representations fitting the requirements of a particular application. It includes an abstract specification of user-defined rules on the spatio-temporal evolution of moving regions to assess the suitability of region interpolation functions, a discussion on optimization strategies for efficient implementation of the rules and illustrative examples using real-world data to show how to use this approach to select the best methods to represent a spatio-temporal phenomena.
    2020-11Conference paper Open access Show more