ISEL - Eng. Elect. Tel. Comp. - Artigos
Permanent URI for this collection
Browse
Recent Submissions
- Assessing machine learning techniques for intrusion detection in cyber-physical systemsPublication . Santos, Vinicius F.; Albuquerque, Célio; Passos, Diego; Ereno Quincozes, Silvio; Mossé, DanielCyber-physical systems (CPS) are vital to key infrastructures such as Smart Grids and water treatment, and are increasingly vulnerable to a broad spectrum of evolving attacks. Whereas traditional security mechanisms, such as encryption and firewalls, are often inadequate for CPS architectures, the implementation of Intrusion Detection Systems (IDS) tailored for CPS has become an essential strategy for securing them. In this context, it is worth noting the difference between traditional offline Machine Learning (ML) techniques and understanding how they perform under different IDS applications. To answer these questions, this article presents a novel comparison of five offline and three online ML algorithms for intrusion detection using seven CPS-specific datasets, revealing that offline ML is superior when attack signatures are present without time constraints, while online techniques offer a quicker response to new attacks. The findings provide a pathway for enhancing CPS security through a balanced and effective combination of ML techniques.
- LEAF: Improving handoff flexibility of IEEE 802.11 networks with an SDN-based virtual access point frameworkPublication . Vieira, Juan Lucas; Mosse, Daniel; Passos, DiegoMobile devices’ popularization has brought several new applications to communication networks. As we move into an increasingly denser scenario, problems such as collisions between transmissions and unbalanced load become more pronounced. Moreover, while station-based handoff is inefficient to reduce these issues, network-wide handover decisions might provide better network resource management. This paper proposes LEAF, an access point virtualization solution based on Software Defined Networking to enable station (STA) handover conducted by the network, based on a global scope. Unlike other solutions in the literature, our proposal fully supports multichannel migrations through the IEEE 802.11h Channel Switch Announcement without restricting the channel utilization by the access points. To demonstrate the feasibility of such an approach, we present experimental data regarding the behavior of several different devices in face of this mechanism. We also evaluate our complete virtualization solution, which reveals that the handoff of STAs did not lead to significant packet losses or delays in STAs’ connections, while providing a foundation to improve network’s self-management and flexibility, allowing association control and load balancing tasks to be executed on top of our solution.
- Towards feature engineering for intrusion detection in IEC-61850 communication networksPublication . Quincozes, Vagner; Ereno Quincozes, Silvio; Passos, Diego; Albuquerque, Célio; Mosse, DanielDigital electrical substations are fundamental in providing a reliable basis for smart grids. However, the deployment of the IEC-61850 standards for communication between intelligent electronic devices (IEDs) brings new security challenges. Intrusion detection systems (IDSs) play a vital role in ensuring the proper function of digital substations services. However, the current literature lacks efficient IDS solutions for certain classes of attacks, such as the masquerade attack. In this work, we propose the extraction and correlation of relevant multi-layer information through a feature engineering process to enable the deployment of machine learning-based IDSs in digital substations. Our results demonstrate that the proposed solution can detect attacks that are considered challenging in the literature, attaining an F1-score of up to 95.6% in the evaluated scenarios.
- Deep learning soft-decision GNSS multipath detection and mitigationPublication . Nunes, Fernando; Sousa, FernandoA technique is proposed to detect the presence of the multipath effect in Global Navigation Satellite Signal (GNSS) signals using a convolutional neural network (CNN) as the building block. The network is trained and validated, for a wide range of 𝐶/𝑁0 values, with a realistic dataset constituted by the synthetic noisy outputs of a 2D grid of correlators associated with different Doppler frequencies and code delays (time-domain dataset). Multipath-disturbed signals are generated in agreement with the various scenarios encompassed by the adopted multipath model. It was found that pre-processing the outputs of the correlators grid with the two-dimensional Discrete Fourier Transform (frequency-domain dataset) enables the CNN to improve the accuracy relative to the time-domain dataset. Depending on the kind of CNN outputs, two strategies can then be devised to solve the equation of navigation: either remove the disturbed signal from the equation (hard decision) or process the pseudoranges with a weighted least-squares algorithm, where the entries of the weighting matrix are computed using the analog outputs of the neural network (soft decision).
- Unraveling the root causes of faults in mobile communicatios: A comparative analysis of diferente model explainability techniquesPublication . Cilínio, Madalena Ramos; Pereira, Márcio; Duarte, David; Mata, Luís; Vieira, PedroThe escalating demand and complexity of monitoring services handled by Network Operations Centers (NOCs) have led Mobile Network Operators (MNOs) to prioritize automated solutions for network fault detection and diagnosis. Consequently, various Machine Learning (ML)-based Root Cause Analysis (RCA) systems have been developed, however their lack of explainability poses a challenge due to the predominantly black-box nature of ML models. This paper addresses this issue by presenting a supervised clustering methodology capable of integrating both glass-box and black-box models, the latter complemented by post-hoc explainability techniques. While black-box models excel in predictive capabilities, necessitating post-hoc techniques for explainability, glass-box models prioritize transparent decision-making, fostering a clearer understanding of the model’s behavior. This work delineates a methodology for performing RCA of faults in the User Downlink (DL) Average Throughput Key Performance Indicator (KPI), simultaneously comparing the performance of black-box models (Light Gradient-Boosting Machine (LightGBM) and Extreme Gradient Boosting (XGBoost)) with glass-box models (Logistic Regression (LR) and Explainable Boosting Machine (EBM)). Results revealed that the LightGBM black-box algorithm coupled with the SHapley Additive exPlanations (SHAP) method demonstrated superior performance in fault detection and diagnosis, without compromising the overall explainability. Consequently, it was possible to identify faults related to radio conditions, low network usage in specific user groups, low network capacity, and mobility issues. The paper concludes with practical mitigation strategies for each identified fault cluster.
- Recent progresses in plasmonic biosensors for Point-of-Care (POC) devices: A critical reviewPublication . Serafinelli, Caterina; Fantoni, Alessandro; Alegria, Elisabete; Vieira, ManuelaThe recent progresses in the research of plasmonic phenomena and materials paved the route toward the development of optical sensing platforms based on metal nanostructures with a great potential to be integrated into point-of-care (POC) devices for the next generation of sensing platforms, thus enabling real-time, highly sensitive and accurate diagnostics. In this review, firstly, the optical properties of plasmonic metal nanoparticles will be illustrated, whereafter the engineering of POC platforms, such as microfluidics and readout systems, will be considered with another critical point which is surface functionalization. Attention will also be given to their potential in multiplexed analysis. Finally, the limitations for effective implementation in real diagnostics will be illustrated with a special emphasis on the latest trend in developing cutting-edge sensing systems.
- Cognitive radio with machine learning to increase spectral efficiency in indoor application on the 2.5 GHz bandPublication . Soares, Marilson Duarte; Passos, Diego; Castellanos, Pedro Vladimir GonzalezDue to the propagation characteristics in the 2.5 GHz band, the signal is significantly degraded by building entry loss (BEL), making coverage in indoor environments in some cases non-existent. Signal degradation inside buildings is a challenge for planning engineers, but it can be seen as a spectrum usage opportunity for a cognitive radio communication system. This work presents a methodology based on statistical modeling of data collected by a spectrum analyzer and the application of machine learning (ML) to leverage the use of those opportunities by autonomous and decentralized cognitive radios (CRs), independent of any mobile operator or external database. The proposed design targets using as few narrowband spectrum sensors as possible in order to reduce the cost of the CRs and sensing time, as well as improving energy efficiency. Those characteristics make our design especially interesting for internet of things (IoT) applications or low-cost sensor networks that may use idle mobile spectrum with high reliability and good recall.
- Long-range wide area network intrusion at the edgePublication . Esteves, Gonçalo; Fidalgo, Filipe; Cruz, Nuno; Simão, JoséInternet of Things (IoT) devices are ubiquitous in various applications, such as smart homes, asset and people tracking, and city management systems. However, their deployment in adverse conditions, including unstable internet connectivity and power sources, present new cybersecurity challenges through new attack vectors. The LoRaWAN protocol, with its open and distributed network architecture, has gained prominence as a leading LPWAN solution, presenting novel security challenges. This paper proposes the implementation of machine learning algorithms, specifically the K-Nearest Neighbours (KNN) algorithm, within an Intrusion Detection System (IDS) for LoRaWAN networks. Through behavioural analysis based on previously observed packet patterns, the system can detect potential intrusions that may disrupt critical tracking services. Initial simulated packet classification attained over 90% accuracy. By integrating the Suricata IDS and extending it through a custom toolset, sophisticated rule sets are incorporated to generate confidence metrics to classify packets as either presenting an abnormal or normal behaviour. The current work uses third-party multi-vendor sensor data obtained in the city of Lisbon for training and validating the models. The results show the efficacy of the proposed technique in evaluating received packets, logging relevant parameters in the database, and accurately identifying intrusions or expected device behaviours. We considered two use cases for evaluating our work: one with a more traditional approach where the devices and network are static, and another where we assume that both the devices and the network are mobile; for example, when we need to report data back from sensors on a rail infrastructure to a mobile LoRaWAN gateway onboard a train.
- SIGAA: signaling automated analysis: a new tool for Ca2+ signaling quantification using ratiometric Ca2+ dyesPublication . Lopes, Rafael Faria; Gonçalves-Ribeiro, Joana; Sebastião, Ana M.; Meneses, Carlos; Vaz, Sandra H.Astrocytes are non-neural cells, restricted to the brain and spinal cord, whose functions and morphology depend on their location. Astrocyte–astrocyte and astrocyte–neuron interactions occur through cytoplasmic Ca2+ level changes that are assessed to determine cell function and response (i.e., drug testing). The evaluation of alterations in intracellular Ca2+ levels primarily relies on fluorescence imaging techniques, performed through video recording of cells incubated with Ca2+-sensitive dyes. By observing ion concentration shifts over time in a delimited region of interest (ROI) encompassing a single cell, it is possible to draw conclusions on cell responses to specific stimuli. Our work describes a tool named SIGAA—signaling automated analysis, for astrocyte ROI-based fluorescent imaging. This tool is specifically tailored for two wavelengths excited dyes by using two inputs of Ca2+ signaling recorded frames/videos and outputting a set of features relevant to the experiment’s conclusions and cell characterization. SIGAA performs automatic drift correction for the two recorded videos with a template matching algorithm, followed by astrocyte identification (ROI) using morphological reconstruction techniques. Subsequently, SIGAA extracts intracellular Ca2+ evolution functions for all identified ROIs detects function transients, and estimates a set of features for each signal. These features closely resemble those obtained through traditional methods and software used thus far. SIGAA is a new fully automated tool, which can speed up hour-long studies and analysis to a few minutes, showing reliable results as the validity tests indicate.
- Development and evaluation of a mobile application with augmented reality for guiding visitors on hiking trailsPublication . Silva, Rute; Jesus, Rui; Jorge, PedroTourism on the island of Santa Maria, Azores, has been increasing due to its characteristics in terms of biodiversity and geodiversity. This island has several hiking trails; the available information can be consulted in pamphlets and physical placards, whose maintenance and updating is difficult and expensive. Thus, the need to improve the visitors’ experience arises, in this case, by using the technological means currently available to everyone: a smartphone. This paper describes the development and evaluation of the user experience of a mobile application for guiding visitors on said hiking trails, as well as the design principles and main issues observed during this process. The application is based on an augmented reality interaction model providing visitors with an interactive and recreational experience through Augmented Reality in outdoor environments (without additional marks in the physical space and using georeferenced information), helping in navigation during the route and providing updated information with easy maintenance. For the design and evaluation of the application, two studies were carried out with users on-site (Santa Maria, Azores). The first had 77 participants, to analyze users and define the application’s characteristics, and the second had 10 participants to evaluate the user experience. The feedback from participants was obtained through questionnaires. In these questionnaires, an average SUS (System Usability Scale) score of 83 (excellent) and positive results in the UEQ (User Experience Questionnaire) were obtained.