Andrey Shorov

Andrey Shorov
University of Helsinki | HY · Department of Computer Science

PhD

About

64
Publications
7,344
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
244
Citations
Additional affiliations
January 2018 - October 2019
University of Helsinki
Position
  • PostDoc Position
January 2017 - December 2017
Aalto University
Position
  • PostDoc Position
January 2014 - December 2019
Petersburg State Electrotechnical University
Position
  • Senior Researcher

Publications

Publications (64)
Chapter
The results obtained from the use of Data Mining methods are not always convenient for human perception. In a set of associative or classification rules, in mathematical formulas, it is quite difficult for a person to quickly and easily find new and useful knowledge for him. In this regard, there is a need to create visual images of Data Mining mod...
Chapter
The smart heating, ventilation and air conditioning systems (HVAC) are able to reduce energy consumption by fitting it better to the users’ behavior or building and equipment needs. Monitoring the HVAC state allows detecting the anomalous deviations in the system. The paper presents the visualization-driven approach to the analysis of the HVAC syst...
Chapter
Full-text available
We aim at improving the distributed implementation of data mining algorithms in modern Internet of Things (IoT) systems. The idea of our approach is performing as much as possible computations at local IoT nodes, rather than transferring data for processing at a central compute cluster as in the current solutions based on MapReduce. We study differ...
Article
Full-text available
We describe a novel, systematic approach to efficiently parallelizing data mining algorithms: starting with the representation of an algorithm as a sequential composition of functions, we formally transform it into a parallel form using higher-order functions for specifying parallelism. We implement the approach as an extension of the industrial-st...
Chapter
Analysis of the vehicles’ movement on the territory of the organization represents an area of considerable interest for both cyber-physical security and financial applications. In the paper an approach to the analysis of the vehicles routes on the territory of the organization is presented. The vehicle route is reconstructed on the basis of the dat...
Chapter
This article describes an approach to parallelizing of data mining algorithms in logical programming framework, for distributed data processing in cluster. As an example Naive Bayes algorithm implementation in Prolog framework, its conversion into parallel type and execution on cluster with MPI system are described.
Chapter
Full-text available
We suggest an approach to optimize data mining in modern applications that work on distributed data. We formally transform a high-level functional representation of a data-mining algorithm into a parallel implementation that performs as much as possible computations locally at the data sources, rather than accumulating all data for processing at a...
Article
Full-text available
Violation detection at production facilities is a vital task, especially for critical infrastructures. Nowadays, many monitoring sensors of different types are used for the event collection. These sensors often provide a data in different format making thus complex analysis of such data more difficult. This paper suggests an approach for such data...
Article
Full-text available
The paper describes an approach to parallelization of Normal Bayes classifier training algorithm for distributed data. In the process of distributed data analysis and the algorithm performance, the results fail to join properly. Due to this, the algorithm is to be performed in a distributed manner. For this purpose, we use representation of the alg...
Article
Full-text available
The analysis of the employees’ movement within organization building is an important task of the investigation of the business processes existing in the organization, including provision its cyberphysical security. In the paper, the motif-based approach to behavior pattern description and anomalies in organization staff movement is proposed. The mo...
Article
Full-text available
This paper describes approaches to gathering measurement data about moving objects in networks with low bandwidth. The first approach uses Fog computing conception and suggests moving assessing the quality of the measurement data into measuring points. The second approach uses prediction of telemetry quality by mining models. In addition, the paper...
Conference Paper
Full-text available
The paper describes two approaches to gathering measurement data about moving objects in wireless networks. The use of Fog computing technology makes it possible to relocate a part of calculations closer to measuring devices. The first approach suggests an estimation of telemetry quality into measuring points. The second approach uses prediction of...
Conference Paper
Full-text available
The paper describes an approach to performing a distributed analysis on time series. The approach suggests to integrate Data Mining and ETL technologies and to perform primary analysis of time series based on a subset of data sources (primary data sources). Other data sources are only used if it is necessary to obtain additional information. This a...
Conference Paper
We describe a new approach to parallelizing data mining algorithms. We use the representation of an algorithm as a sequence of functions and we use higher-order functions to express parallel execution. Our approach generalizes the popular MapReduce programming model by enabling not only data-parallel, but also task-parallel implementation and a com...
Conference Paper
The article describes the representation of a mining model in a hierarchy of lists that can be processed concurrently. This representation is based at PMML standard that defines the mining model's elements and their relationships. We unify them and introduce special functions which allow us to split lists before parallel processing and merge them a...
Conference Paper
The paper presents an approach to the movement analysis of the employees of critical infrastructure based on combination of data-mining and visualizations techniques. It consists of two stages — finding groups of employees with similar behavior and detection of the anomalies. The groups of similarities are defined using Kohonen self-organizing map...
Conference Paper
Cloud Computing has many significant benefits like the provision of computing resources and virtual networks on demand. However, there is the problem to assure the security of these networks against Distributed Denial-of-Service (DDoS) attack. Over the past few decades, the development of protection method based on data mining has attracted many re...
Conference Paper
Nowadays, permanent availability is crucial for a growing number of computer services. An increasing quantity and power of DoS attacks frequently disrupts online network communication. Therefore it is important to create new effective defense methods for networks. In this paper we outline a programming library for the simulation of distributed refl...
Conference Paper
The paper presents the results of the design and implementation of detection system against DDoS attacks for OpenStack cloud computing platform. Proposed system uses data mining techniques to detect malicious traffic. Formal models of detecting components are described. To train data mining models real legitimate traffic was combined with modelled...
Conference Paper
Cloud computing platforms are developing fast nowadays. Due to their increasing complexity, hackers have more and more opportunities to attack them successfully. In this paper, we present an approach for detection internal and external DDoS attacks in cloud computing using data mining techniques. The main features of the cloud security component th...
Conference Paper
The paper is a continuation of the works [1–3] where complex information system for organization of the input data for the models of convective clouds is presented. In the present work we use the information system for obtaining statistically significant amount of meteorological data about the state of the atmosphere in the place and at the time wh...
Article
Full-text available
The present paper describes the method of creating data mining algorithms from unified functional blocks. This method splits algorithms into independently functioning blocks. These blocks must have unified interfaces and implement pure functions. The method allows us to create new data mining algorithms from existing blocks and improves the existin...
Article
Full-text available
This paper describes the construction of a Cloud for Distributed Data Analysis (CDDA) based on the actor model. The design uses an approach to map the data mining algorithms on decomposed functional blocks, which are assigned to actors. Using actors allows users to move the computation closely towards the stored data. The process does not require l...
Conference Paper
At present protection against distributed attacks of the type “denial of service” (DDoS) is one of the important tasks. The paper considers a simulation environment for DDoS attacks of different types using the combination of a simulation approach and real software-hardware testbeds. In the paper we briefly describe the system architecture and a se...
Conference Paper
The article describes the method of construction of association rules retrieval algorithms out from function blocks having a unified interface and purely functional properties. The usage of function blocks to build association rules algorithms allows modifying the existing algorithms and building new algorithms with minimum effort. Besides, the fun...
Chapter
The present paper describes the formal model of data mining algorithms. These models consider each data mining algorithm as a sequence of operations. This allows us to determine ways for parallel execution of data mining algorithms. The software implementation of the formal model is executed on the Java language. A few data mining algorithms were d...
Conference Paper
Distributed Denial of Service (DDoS) attacks have become a major threat to current networks. This article provides an overview on existing DDoS attacks generating tools and defense methods against them. The main difficulty of exploring DDoS attack features using such tools is the problem of raising huge real network and making lots of preparations...
Article
The paper considers a framework for modeling infrastructure attacks and protection mechanisms in hybrid networks. The developed framework saves time conducting tests and improves the accuracy of the experiments by connection the simulation system to real network nodes. The paper shows formal description of the modeling system components. Modeling s...
Article
Full-text available
The paper outlines a bioinspired approach named "network nervous system" and methods of simulation of infrastructure attacks and protection mechanisms based on this approach. The protection mechanisms based on this approach consist of distributed prosedures of information collection and processing, which coordinate the activities of the main device...
Conference Paper
Full-text available
The paper considers the problem of automated categorization of web sites for systems used to block web pages that contain inappropriate content. In the paper we applied the techniques of analysis of the text, html tags, URL addresses and other information using Machine Learning and Data Mining methods. Besides that, techniques of analysis of sites...
Article
The relevance of the problem of information and telecommunication systems protection is stipulated by increasing the complexity of hardware and software, high dynamics of their development, distributed and heterogeneous structure and many other factors. Analogy between evolution and natural selection in nature and information and telecommunication...
Article
Nowadays more and more different bio-inspired approaches (based on a biological metaphor) for the computer and networks security systems are mentioned and advertised. Traditional computer-based systems and their functionality are often limited by different conditions. Due to frequent minor errors, these systems are subject of failure. They lack sca...
Article
The paper considers an analysis of a protection mechanism against infrastructure attacks based on the bio-inspired approach ―nervous network system‖. We propose to use a network packet-level simulation to investigate the protection mechanism ―nervous network system‖. The paper presents the structure of the protection mechanism, the algorithms of it...
Article
The problem of counteraction to malware remains quite severe, despite the emergence of more effective mechanisms for its identification, analysis, updating the database of its descriptions and detection rules. An important aspect of this problem is to find heuristic detection methods with better accuracy. This paper considers the application of dat...
Article
This paper evaluates existing approaches to the security protocols verification and explains why it is impossible to thoroughly verify security protocols using only one of them. To solve this problem combined verification approach which is based on the assembly of strong sides specific for different existing approaches and tools is suggested.
Conference Paper
The paper is devoted to the analysis of the network protection mechanism "nervous network system" based on the bio-inspired metaphor. Packet-level simulation is proposed in order to investigate the "nervous network system" protection mechanism. We describe the architecture of the protection system based on the given mechanism, its operation algorit...
Article
To defend oneself against botnet attacks, one must have tools that make it possible to investigate the processes occurring on all stages of the lifecycle of botnets (propagation, control, attack) and possess defense mechanisms that can counteract botnets. A simulation-based approach to the investigation of botnets and the corresponding defense mech...
Chapter
Attack network model specifies a set of activities generated by attack network. In the current work we implemented this model by three relatively independent sub-models: the propagation model, the management and control model, and the attack phase model. The model of botnet’s propagation implements a scenario of expanding botnet over the computer n...
Article
The paper outlines a framework and software tool intended for simulation of cooperative defence mechanisms against botnets. These framework and software tool are based on agent-oriented approach and packet-level network simulation. They are intended to evaluate and compare different cooperative distributed attacks and defence mechanisms. Botnet and...
Article
The paper suggests a simulation approach to investigate the protection against botnets on the basis of the "nervous network" framework. This approach is an example of bio-inspired approaches to the computer networks protection. The developed simulator is described. Results of the experiments are considered. Finally, we analyze and compare the perfo...
Conference Paper
The paper considers an approach intended to investigate botnets and botnet defence using agent-based simulation. We explore various botnet attacks and counteraction against them on the example of defence against Distribute Denial of Service (DDoS) attacks. We represent botnet and defence components as agent teams. Agents are supposed to collect inf...

Network

Cited By

Projects