Adaptive DDoS Attack Detection Method Based on …downloads.hindawi.com/journals/scn/2018/5198685.pdfthe eld of security []. e method of constructing an attack detection model using

Research ArticleAdaptive DDoS Attack Detection Method Based onMultiple-Kernel Learning

Jieren Cheng 123 Chen Zhang 1 Xiangyan Tang1 Victor S Sheng 4

Zhe Dong1 and Junqi Li1

1College of Information Science amp Technology Hainan University Haikou 570228 China2State Key Laboratory of Marine Resource Utilization in South China Sea Haikou 570228 China3Key Laboratory of Internet Information Retrieval of Hainan Province Hainan University Haikou 570228 China4Department of Computer Science University of Central Arkansas Conway AR 72035 USA

Correspondence should be addressed to Chen Zhang 314848554qqcom

Received 11 July 2018 Accepted 19 September 2018 Published 16 October 2018

Guest Editor Lianyong Qi

Copyright copy 2018 Jieren Cheng et al This is an open access article distributed under the Creative Commons Attribution Licensewhich permits unrestricted use distribution and reproduction in any medium provided the original work is properly cited

Distributed denial of service (DDoS) attacks has caused huge economic losses to societyThey have become one of the main threatsto Internet security Most of the current detection methods based on a single feature and fixed model parameters cannot effectivelydetect early DDoS attacks in cloud and big data environment In this paper an adaptive DDoS attack detection method (ADADM)based on multiple-kernel learning (MKL) is proposed Based on the burstiness of DDoS attack flow the distribution of addressesand the interactivity of communication we define five features to describe the network flow characteristic Based on the ensemblelearning framework the weight of each dimension is adaptively adjusted by increasing the interclass mean with a gradient ascentand reducing the intraclass variance with a gradient descent and the classifier is established to identify an early DDoS attack bytraining simple multiple-kernel learning (SMKL) models with two characteristics including interclass mean squared differencegrowth (M-SMKL) and intraclass variance descent (S-SMKL) The sliding window mechanism is used to coordinate the S-SMKLand M-SMKL to detect the early DDoS attack The experimental results indicate that this method can detect DDoS attacks earlyand accurately

1 Introduction

In recent years the security of computer networks chipsvirtual networks and mobile devices has been of wideconcern [1ndash3] As an important platform for informationexchange computer network security has attracted muchattention In the security of computer network distributeddenial of service (DDoS) attack is yet to be settled in along time DDoS is a traditional network attack methodIt controls a large number of zombie machines sending alarge number of invalid network request packets to a targethost It consumes and meaninglessly occupies the resourcesof the server causing normal users to be unable to use thenormal services provided by the target host [4] Although theDDoS attack mode is simpler its destruction power to thenetwork is far more than other network attacks Moreoverthis traditional attack method in recent years can still cause

great damage to the Internet and the frequency of launchloss caused complexity of DDoS diversity of DDoS anddifficulty of defense have increased more than before [5]In June 2016 an ordinary US jewelry online sales websitewas flooded with 35000 HTTP requests (spam requests) persecond making the site unable to provide normal servicesIn October DynDNS which provides dynamic DNS servicesin the United States was subject to large-scale DDoS attacksresulting in access problems for multiple websites usingDynDNS services including GitHub Twitter Airbnb Red-dit Freshbooks Heroku SoundCloud Spotify and ShopifyTwitter has even appeared in nearly 24 hours with a zero-visit situation The reason why DDoS attacks have such agreat destructive power is that DDoS uses a large numberof zombie machines to launch attacks on a certain targetEach zombie machine has powerful computing capabilityThrough the massive distributed processing capabilities of

HindawiSecurity and Communication NetworksVolume 2018 Article ID 5198685 19 pageshttpsdoiorg10115520185198685

2 Security and Communication Networks

zombie machines it is easy for a server to no longer havethe ability to provide services to normal users [6] On theother hand DDoS attacks are easy to implement Unlikeother network attacks DDoS attacks require only a largenumber of zombie machines and a small amount of networksecurity knowledge to launch an effective attackThis easy-to-grasp network attack method makes the DDoS attack morepowerful

At present under the traditional network environmentmethods for defense against DDoS attacks mainly includeattack detection and attack response [7] DDoS attack detec-tion is based on attack signatures congestion patternsprotocols and source addresses as an important basis fordetecting attacks thereby establishing an effective detectionmechanism The detection model can be roughly dividedinto two categories misuse-based detection and anomaly-based detection Misuse-based detection is a technique basedon feature-matching algorithms It matches the collectedand extracted user behavior features with the known featuredatabase of DDoS attacks to identify whether an attack hasoccurred Anomaly-based detection is adopted by moni-toring systems By establishing the target system and theuserrsquos normal behavior model the monitoring systems candetermine whether the states of the system and the userrsquosactivities deviate from the normal profile and can judgewhether there is an attack The attack response is to properlyfilter or limit the network traffic after the DDoS attack isinitiated The attack traffic to the attack target host is reducedas much as possible to mitigate the influence of the denial ofa service attack

With the rise of cloud computing technologies andsoftware-defined networking (SDN) concepts DDoS attackdetection based on cloud computing environments andsoftware-defined networks has received widespread attention[8 9] As a new computing model cloud computing haspowerful distributed computing capabilities massive storagecapabilities and diverse service capabilities [10 11] It hasbecome an important means of solving big data problems[12] Therefore establishing a cloud platform system is anecessary measure to effectively ensure cloud computingrsquosreliability stability and security [13ndash15]

In recent years machine learning has been applied tothe field of security [17] The method of constructing anattack detection model using machine learning has beenwidely used [18 19] The machine-learning method playsan important role in the traditional network environmentthe cloud environment and software-defined network archi-tecture The reason is that the machine-learning methodcan deeply mine the important information hidden behindthe data and combine prior knowledge to discriminate andpredict new data [20] Therefore compared with traditionaldetection methods machine-learning methods can exhibitbetter detection accuracy [21ndash25] In the above analysisof defense measures it is known that the traditional net-work environment cloud environment and software-definednetwork architecture all involve attack detection for thedefense mechanism of DDoS Therefore studying the useof machine-learning methods to identify DDoS attacks is ofgreat significance However the data generated by the DDoS

attack is often burst and diverse and the background trafficsize also has a greater impact on the detection model therebyreducing the modelrsquos detection accuracy

To solve the above problems we propose a multiple-kernel learning DDoS attack detection method The methoduses the algorithm to extract five features and combines twomultiple-kernel learning models with the adaptive featureweights to recognize attack flows and normal flows Forfurther improving the accuracy of DDoS attack detectiona sliding window mechanism is employed to coordinatetwo multiple-kernel learning models treating the detectionresults Experiments show that our method can better dis-tinguish DDoS attack flow from normal flow and can detectDDoS attacks earlier

2 Related Work

DDoS attacks can cause tremendous damage to a network andoften subject the attacked party to great economic lossesThisis one of the main ways that hackers initiate cyberattacks

To reduce the damage of DDoS attacks researchershave proposed a large number of attack detection meth-ods in recent years According to the application scenariothese methods can be divided into three categories thedetection method in the conventional network environmentthe detection method in the cloud environment and thedetection method in the software-defined network (SDN)environment(1) The conventional network environment refers to theInternet environment generally established on the Internetbased on an open system interconnect referencemodel (OSI)In this regard Saied et al proposed a method for detectingknown and unknown DDoS attacks using artificial neuralnetworks [26] Bhuyan et al proposed an empirical evalua-tion method for the measurement of low-rate and high-rateDDoS attack detection information [27] Tan et al proposeda DDoS attack detection method based on multivariatecorrelation analysis [28] Yu et al proposed a DDoS attackdetection method based on the traffic correlation coefficient[29] Wang et al conducted an in-depth analysis of thecharacteristics of DDoS botnets [30] Kumar and others usedthe Jpcap API to monitor and analyze DDoS attacks [31]Khundrakpam et al proposed an application-layer DDoSattack detection method combining entropy and an artificialneural network [32](2) The cloud environment refers to the network serviceplatform with cloud computing as the core technology Inthis regard Karnwal et al proposed a defense method forXMLDDoS andHTTPDDoS attacks under cloud computingplatforms [33] Sahi et al proposed the check and defensemethod for TCP-flood DDoS attacks in the cloud environ-ment [34] Rukavitsyn et al proposed a self-learning DDoSattack detection method in the cloud environment [35](3) Software-defined network refers to a new networkarchitecture that adopts OpenFlow as the communicationprotocol and specifies the router as well as switch dataexchange rules through the controller [36] In this regardAshraf used machine-learning detection software to define

Security and Communication Networks 3

DDoS attacks under the network [37] MihaindashGabriel pro-posed an intelligent elastic risk assessment method based onthe neural network and risk theory in the SDN environment[38] Yan et al proposed an effective controller schedulingmethod to reduceDDoS attacks in software-defined networks[39] Chin et al proposed a DDoS flood attack methodfor selective detection of packets under SDN [40] Dayal etal analyzed the behavioral characteristics of DDoS attacksunder SDN [41] Ye et al proposed a method of using SVMto detect DDoS attacks under the SDN environment [42]Except the above detection methods used to ensure the secu-rity of the system some efficient cryptography techniques canbe applied to achieve privacy of the system [43ndash46]

In summary the core issue of DDoS attack detectionresearch is the construction of feature extraction and classi-fication models The attack detection methods in the abovethree environments can effectively detect DDoS attacks cor-responding to the environment However in the detection ofearly DDoS attack these defense methods do not have a gooddetection effect In addition most of these methods use asingle feature and do not consider the impact of multidimen-sional features on the classifier Therefore an adaptive DDoSattack detection method is proposed in this paper Firstlywe design the algorithms to extract five features Secondlythrough an ensemble learning framework the five featuresare used to train two multikernel learning models and obtainthe adaptive feature weights with gradient method Finallythe sliding window mechanism is used to coordinate the twomodels to improve the detection accuracy

3 DDoS Attack Feature Extraction

31 Analysis of DDoS Attack Behavior In the cloud envi-ronment the botnets of DDoS attacks have distributedcharacteristics Each zombie machine has the ability toindependently calculate send and process data packets andthe source IP address of the packets can also be forgedThe advantage of these DDoS attacks makes defense moredifficult However under the background of time series thecharacteristics of data packets generated by DDoS attacks arestill quite different from those of normal usersThe differenceis reflected in the following three aspects

(1) Asymmetry DDoS attack is often caused by multiplezombie hosts sending a large number of packets to a hostwithout the hostrsquos response These useless packets quicklyconsume the hostrsquos service resources so that the host can nolonger provide services to other users With this feature theDDoS attack behavior is such that there are a large amountof packets sent to the host from the zombie hosts and thereare no or a small amount of packets sent to the zombie hostsfrom the host The IP data packet often presents a situationin which multiple-source IP addresses point to the same orseveral destination IP addresses which is expressed as theasymmetry of the source IP as well as the destination IP insending and receiving

(2) Interactivity It is assumed that there are A (zombie host)and B (attacked host) When an attack occurs there are two

main communication ways as follows (1) A sends packetsto B (denoted as A997888rarrB) and (2) A and B send packets toeach other (denoted as A999448999471B) And the packet amount sentwith the way (A997888rarrB) is much more than those sent with theway (A999448999471B) Therefore the interactivity of DDoS attack flowhas different states in communication direction and amountcompared with normal flow

(3) Distribution According to the characteristics of DDoSattack when an attack occurs the number of the hosts thatlaunch the attack is much larger than that of the attackedhosts And the number of the source IP address is muchlarger than that of the destination IP address so that thesource address and the destination address have different dis-tribution characteristics In addition because DDoS attacksgenerate useless requests so compared to normal flows thehost ports accessed by the attack requests are more dispersedTherefore the distribution of the ports is different in normalflows and attack flows

Due to the limited ability of a single feature to expressdata it cannot fully reflect the characteristics of the DDoSattack Therefore to effectively express the characteristics ofthe DDoS attack this paper selects five feature extractionmethods based on the above characteristics as follows Theaddress correlation degree (ACD) combines the traffic bursti-ness flow asymmetry and source IP address distribution ofDDoS attack the IP flow features value (FFV) exploits theasymmetry of attack flows and the distribution of source IPaddresses the IP flowrsquos interaction behavior feature (IBF)uses the different interactivity between normal flows andattack flows on the network the IP flow multifeature fusion(MFF) exploits the different behavioral characteristics ofnormal flows as well as DDoS attack flows and integratesthe multiple characteristics of DDoS attack flows the IP flowaddress half interaction anomaly degree (HIAD) focuses onthe characteristics of the aggregated attack flows that aremixture of a large number of normal background flows Inorder to make the feature richer in representation we referto several articles and combine the five feature extractionalgorithms besides removing the less impactful parametersto formamultidimensional feature for DDoS attack detection[45ndash51]

32 DDoS Attack Feature Extraction In the cloud envi-ronment assume that network flow 119865 is as follows⟨(11990511199041 1198891 1199011) (11990521199042 1198892 1199012) (119905119899119904119899 119889119899 119901119899)⟩ in a certainunit of time where 119905119894119904119894 119889119894 and 119901119894 denote the time sourceIP address destination IP address and the port of the119894(119894 = 1 2 119899)-th data packet respectively All data packetswhich contain source IP address 119860 119894 and destination IPaddress 119860119895 are denoted as class 119878119863(119860 119894 119860119895) All data packetswith source IP address 119860 119894 are denoted as class 119868119875119878(119860 119894) Alldata packets with destination IP address 119860119895 are denoted asclass 119868119875D(119860119895) The packets with source IP address 119860 119894 whichexist in the class 119868119875119878(119860 119894) and class 119868119875119863(119860 119894) are denoted as119868119865(119860 119894) The packets with source IP address 119860 119894 which existin class 119868119875119878(119860 119894) and do not exist class 119868119875119863(119860 119894) are denotedas 119878119867(119860 119894) The number of the different ports in 119878119867(119860 119894) isdenoted as 119875119900119903119905(119878119867(119860 119894)) The packets with the destination


IP address 119860 119894 which do not exist in class 119868119875119878(119860 119894) and existin class 119868119875119863(119860 119894) are denoted as 119863119867(119860 119894) The number of thedifferent ports in119863119867(119860 119894) is denoted as 119875119900119903119905(119863119867(119860 119894))Definition 1 If there are different destination IP addresses119860119895 and 119860119896 making classes 119878119863(119860 119894 119860119895) and 119878119863(119860 119894 119860119896) bothnon-null then delete the class where all source IP address 119860 119894

packets resideAssume that the last remaining classes are denoted as1198601198621198781 1198601198621198782 119860119862119878119898 and are statistically calculated to gain

the ACD The detailed formulation is as follows

119860119862119863119865 = 119898sum119894=1

119882(119860119862119878119894) (1)

In this part 119882(119860119862119878119894) = 1205791119875119900119903119905(119860119862119878119894) + (1 minus1205791)119875119886119888119896119890119905(119860119862119878119894)(0 lt 1205791 lt 1) where 119875119900119903119905(119860119862119878119894) is thenumber of different ports in class 119860119862119878119894 119875119886119888119896119890119905(119860119862119878119894) is thenumber of data packets in class 119860119862119878119894 and 1205791 is the weightedvalue

Definition 2 If all the packets whose destination IP addressis119860119895 form the unique class 119878119863(119860 119894 119860119895) delete the class wherethe packet with the destination IP address is 119860119895

Assume that the last remaining classes are denoted as1198781198631198781 1198781198631198782 119878119863119878119897 all packets in these remaining classeswith the destination IP address 119860119895 are denoted as 119878119863119863(119860119895)and all the classes are denoted as 1198781198631198631 1198781198631198632 119878119863119863119898The FFV is defined as follows

119865119865119881119865 = ( 119898sum119894=1

119862119868119875 (119878119863119863119894) minus 119898) (2)

119862119868119875(119878119863119863119894) in formula (2) is presented as follows

119862119868119875 (119878119863119863119894) = 119873119906119898(119878119863119863119894)+ 1205792

119873119906119898(119878119863119863119894)sum119895=1

119874119860(119875119886119888119896 (119860119895))+ (1 minus 1205792) (119874119861 (119875119900119903119905 (119878119863119863119894)) minus 1)

(3)

In this equation 0 le 1205792 le 1 119873119906119898(119878119863119863119894) is the numberof different source IP addresses in 119878119863119863119894

119874119860(119875119886119888119896 (119860119895)) = 119875119886119888119896 (119860119895) 119875119886119888119896 (119860119895)Δ119905gt 1205793 0 119875119886119888119896 (119860119895)Δ119905 le 1205793

(4)

119875119886119888119896(119860119895) is the number of source IP addresses 119860119895 in 119878119863119863119894and 1205793 is the threshold of the number of packets

119874119861 (119875119900119903119905 (119878119863119863119894)) = 119875119900119903119905 (119878119863119863119894) 119875119900119903119905 (119878119863119863119894)Δ119905gt 1205794 0 119875119900119903119905 (119878119863119863119894)Δ119905 le 1205794

(5)

119875119900119903119905(119878119863119863119894) is the number of different destination ports in119878119863119863119894 1205794 is the threshold of the number of ports and Δ119905 isthe sampling time

Definition 3 Assume that the IF flow is 1198681198651 1198681198652 119868119865119872 theSH class is denoted as 1198781198671 1198781198672 119878119867119878 and the DH class isdenoted as1198631198671 1198631198672 119863119867119872Then define IBF as follows

119868119861119865 = 1119872 + 1 (|119878 minus 119863| + 119878sum119894=1

119900V119890119903 (119875119900119903119905 (119878119867119894))

+ 119863sum119894=1

119900V119890119903 (119875119900119903119905 (119863119867119894)))(6)

119900V119890119903(119909) = 119909 119909Δ119905 gt 1205795 0 119909Δ119905 le 1205795 where 1205795 is thethreshold of the amount of port 119872 in formula (6) is thenumber of IF flows within Δ119905 and |119878 minus 119863| is the absolutevalue of the difference value between the number of sourceIP addresses and the number of destination IP addresses forall SH and DH flows in Δ119905Definition 4 Assume that the resulting SD classes are1198781198631 1198781198632 sdot sdot sdot 119878119863119897 and IF classes are 1198681198651 1198681198652 sdot sdot sdot 119868119865119872 Thenumber of packets of source IP address 119860 119894 in class 119868119865119894is denoted as 119878119899119894 where 119894 = 1 2 119872 the number ofpackets of all interworking flow classes is denoted as SNand the source semi-interactive flow class is denoted as1198781198671 1198781198672 sdot sdot sdot 119878119867119878 The number of different ports in class 119878119867119894

is denoted as 119875119900119903119905(119878119867119894) where 119894 = 1 2 119878 the destinationsemi-interactive class is denoted as D1198671 1198631198672 sdot sdot sdot 119863119867119863 andthe number of different ports in class 119863119867119894 is denoted as119875119900119903119905(119863119867119894) where 119894 = 1 2 119863

The weighted value of all packets in SH class is defined asfollows

119882119890119894119892ℎ119905119878119867 = 119904sum119894=1

119900V119890119903119904ℎ (119875119886119888119896119890119905 (119878119867119894)) (7)

The weighted value of all packets in SD classes is definedas follows

119882119890119894119892ℎ119905119878119863 = 119871sum119894=1

119900V119890119903119904119889 (119875119886119888119896119890119905 (119878119863119894)) (8)

The weighted value of the number of packets of networkflow F in unit time T is as follows

119882119890119894119892ℎ119905119901119886119888119896119890119905 = 119891119897119886119892 (119882119890119894119892ℎ119905119878119863)119882119890119894119892ℎ119905119878119863+ 119882119890119894119892ℎ119905119878119863 (9)

In these equations

119900V119890119903119904ℎ (119909) = 119909 119909119905 gt 1205796 0 119909119905 le 1205796 119900V119890119903119904119889 (119909) = 119909 119909119905 gt 1205797 0 119909119905 le 1205797 119891119897119886119892 (119909) = 0 119909 gt 0 1 119909 = 0

(10)


998779119905 is sampling time and 1205796 and 1205797 are SH-type packet numberabnormality thresholds119875119886119888119896119890119905(119878119863119894) is the number of packetsin 119878119863119894 119868 = 1 2 119899 The weighted value of the number ofdifferent ports in the SH and DH classes is as follows

119882119890119894119892ℎ119905119901119900119903119905 = 119878sum119894=1

119900V119890119903119901 (119875119900119903119905 (119878119867119894))

+ 119863sum119895=1

119900V119890119903119901 (119875119900119903119905 (119863119867119895))(11)

where 119900V119890119903119901(119909) = 119909 119909 119905 gt 1205798 0 119909 119905 le 1205798998779119905 is sampling time and 1205798 is the SH-type port numberabnormality threshold

In this part we define the MFF as follows

119872119865119865119865 = S + 119882119890119894119892ℎ119905119901119900119903119905 + 119882119890119894119892ℎ119905119901119886119888119896119890119905119872 + 1 (12)

where 119891(119909) = 119909 119909 ge 1 1 119909 le 1Definition 5 Thenumber of SH flowswith different source IPaddresses and the same destination IP address 119860 119894 is denotedas ℎ119899119894 The SH class with the same destination IP address 119860 119894

flow is denoted as119867119878119863(ℎ119899119894 119860 119894) where 119894 = 1 2 119899Assume that all HSD classes are 11986711987811986311198671198781198632 sdot sdot sdot 119867119878119863119896

and the number of different destination ports in the class119867119878119863119894 is expressed as 119875119900119903119905(119867119878119863119894) where 119894 = 1 2 119896The HIAD is defined as follows

119867119868119860119863119865 = ( 119896sum119894=1

(ℎ119899119894 + 119908119890119894119892ℎ119905 (119875119900119903119905 (119867119878119863119868)))) (13)

In (13) 119908119890119894119892ℎ119905(119909) = 119909 119909 119905 gt 1205799 0 119909 119905 le 1205799998779t is sampling time and 1205799 is the threshold for differentdestination ports

4 The DDoS Attack Detection Model

The establishment of an attack detection model is an impor-tant part of the whole detection process Based on thebehavior of DDoS attack we extract ACD IBFMFF HIADand FFV features to express the inherent rules of attack flowsThe disadvantages of the current DDoS attack detectionmodels are summarized as follows (1) some models highlydepend on the selection of kernel function (2) some modelsrequire data with highly stable value (3) some models canonly fit linear rules but DDoS attack can generate linearlyinseparable data due to abrupt unstable and stochasticcharacteristics Considering that themultiple-kernel learningmodel has a low requirement for data stability and can beused for nonlinear fitting and it can treat flexibly linearand nonlinear data this paper proposes an adaptive DDoSattack detection method based on the ensemble learningframework

41TheMultiple-Kernel LearningModel Themultiple-kernellearning (MKL) model is developed from the original single-kernel SVM In single-kernel SVM a SVM only uses one

kernel function to map the sample to high-dimensionalspaces By comparison the multiple-kernel learning modelusesmultiple-kernel functionswith weight tomap the sampleto high-dimensional spaceTherefore it has higher flexibilityand adaptability on heterogeneous data

The multiple-kernel learning is defined as follows giventraining set T = (1199091 1199101) (1199092 1199102) sdot sdot sdot (119909119899 119910119899)

testing set 119862 = 11990910158401 11990910158402 sdot sdot sdot 1199091015840119904 119909i isin 119877119889 1199091015840k isin 119877119889119910119894 isin (minus1 +1) R is real-number set d is data dimension 119894 =1 2 sdot sdot sdot 119899 119896 = 1 2 sdot sdot sdot 119904 1198701(119909 1199091015840) 1198702(119909 1199091015840) sdot sdot sdot 119870119872(119909 1199091015840)are kernel functions in 119877119889 times 119877119889 and 1206011 1206012 sdot sdot sdot 120601119872 is akernel mapping for each function In the classic multiple-kernel learning SimpleMKL [52] the objective function of thehyperplane is as follows

119891 (119909) = 119872sum119898=1

(120596119898 120601119898 (119909)) + 119887 (14)

where 120596119898 is the weight for each kernel function and 119887 isbias The relaxation factor is 120585 According to the principle ofminimum structure the objective function can be optimizedas follows

min 120595 (120596m 119887 120585 119889) = 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumiminus1

120585i (15)

st yi119872summ=1

120596119898 sdot 120593 (119909119894) + yi119887 ge 1 minus 120585119894119872sum119898=1

119889119898 = 1 119889119898 ge 0120585119894 ge 0

(16)

By the two-order alternation optimization the formula(15) can be converted to the optimization problem with 119889119898as the variable

min119889ge0

119869 (119889) 119872sum119898=1

119889119898 = 1 (17)

st min120596119898119887120585

= 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

119899sumiminus1

120585iyi

119872summ=1

120596119898 sdot 120593 (119909119894) + yi119887 ge 1 minus 120585119894120585119894 ge 0

(18)

The Lagrange function of 119869(119889) is as followsL = 12

119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumi=1

120585i+ msum

i=1120572i (1 minus 120585119894 minus yi

119872summ=1

120596119898 sdot 120593m (119909119894) + yi119887)

+ nsumi=1]119894120585119894

(19)


where 120572i ]119894 are Lagrange operators First 120596119898 119887 120585119894 arecalculated for partial derivatives Then the extremumsare gained when the partial derivatives are ldquo0rdquo Finallyextremums are brought into the Lagrange function whichcan be further changed to

max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119909119894 119909119895) + 119899sum

119894=1

120572119894 (20)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119909119894 119909119895) = 119872sum

119898=1

119889119898119896119898 (119909119894 119909119895) (21)

The gradient descent method is used to adjust 119869(119889) on 119889update 119889 and optimize the 119889 as well as 119886 alternately Then anoptimal solution is obtained120572lowast = (1205721 1205722 sdotsdotsdot 120572119899) that is the original objective functioneventually turns into (22) The detailed formulation is asfollows

119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119909119894 119909119895) + 119887 (22)

119909119895 isin 119862 When the test set data as 119909119895 is inputted to 119891(119909)the object function candetermine the category of test set data

42 The Attack Detection Model Based on Multiple-KernelLearning The SimpleMKL model can be suitable for all thedimension weight values with ldquo1rdquo But it cannot fully exertthe different features This paper uses the feature weightsto control the effect of different features on the modelTo gain the appropriate feature weights in the SimpleMKLmodel we combine the gradient method to optimize theweight parameters so that the detection accuracy is furtherimproved

We marked ACD as 1199091 IBF as 1199092 MFF as 1199093 HIADas 1199094 and FFV as 1199095 then the feature value vector is 119865 =(1199091 1199092 1199093 1199094 1199095) and the marked weight vector is 119882 =(1199081 1199082 1199083 1199084 1199085) Combinatorial features are 119862119865 = 119865 lowast119882119879 and the mean value of each dimension of normal flowis 11990611 11990612 11990613 11990614 or 11990615 Note the mean value of eachdimension of the attack flow is 11990621 11990622 11990623 11990624 or 11990625

The interclass mean squared difference is expressed asfollows

119872 = [1199081 lowast (11990611 minus 11990621)]2 + [1199082 lowast (11990612 minus 11990622)]2+ [1199083 lowast (11990613 minus 11990623)]2 + [1199084 lowast (11990614 minus 11990624)]2+ [1199085 lowast (11990615 minus 11990625)]2

(23)

The normal intraclass variance is denoted

1198781 = 119899sumi=1

[1199081 lowast (1199091198941 minus 11990611)]2 + [1199082 lowast (1199091198942 minus 11990612)]2

+ [1199083 lowast (1199091198943 minus 11990613)]2 + [1199084 lowast (1199091198944 minus 11990614)]2+ [1199085 lowast (1199091198945 minus 11990615)]2

(24)

The attack intraclass variance is denoted

1198782 = 119899sum119894=1



(25)

The intraclass variance is 119878 = 1198781 + 1198782 To improveclassification accuracy and ensure a rapid convergence offunctions on the one hand we should try to improve themean difference between positive and negative samples sothat the two kinds of samples are far away from each otherthat is we should increase the M value On the other handwe should minimize the differences between samples Thevariance corresponding to each dimension should be assmall as possible thus reducing the S value Therefore theclassification model needs to train two different classifiersto classify the samples One classifier is interclass meansquared difference growth (M-SMKL) and the other classifieris intraclass variance descent (S-SMKL) In combination withthe SimpleMKL framework formula (15) the above problemscan be transformed into (26) The detailed formulation is asfollows

max119909119894119895isin119865

120572119872 +min119909119894119895isin119865

120573119878

min 120595 (120596m 119887 120585 119889 119908) = 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumiminus1

120585i(26)

st yi119872sum119898=1

120596119898 sdot 120593 (119908119909119894) + 119910i119887 ge 1 minus 120585119894119872sum119898=1

119889119898 = 1 119889119898 ge 0120585119894 ge 0119872 lt 1205901119878 gt 1205901

(27)

If 120572 ≫ 120573 the objective function is M-SMKL If 120573 ≫ 120572the objective function is S-SMKL 120572 and 120573 are converted tothe learning rate of formula (35)

To solve the above problems we use the way of updatingiterative weights to get the objective function The details areas follows Firstly the weights of each feature are assigned


initial values Secondly they are combined with (26) and (27)to gain optimal function of this timeThemathematical formis expressed as follows

max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119908119909119894 119908119909119895) + 119899sum

119894=1

120572119894 (28)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119908119909119894 119908119909119895) = 119872sum

119898=1

119889119898119896119898 (119908119909119894 119908119909119895)(29)

The optimal equation obtained using (28) and (29) is asfollows

119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119908119909119894 119908119909119895) + 119887 (30)

To further determine whether the optimal equation hasachieved good results this paper sets two constraint condi-tions forM-SMKL and S-SMKL respectively without conflictwith formula (27) constraint conditions These constraintconditions are expressed as follows

The constraint conditions of M-SMKL are as follows

1199051 lt 1003816100381610038161003816119872119894+1 minus 1198721198941003816100381610038161003816 lt 1199052

lt 1003816100381610038161003816119872i minus 119872119894minus11003816100381610038161003816 lt 1199053

119891 (119872119894)119891 (119878119894) minus 119891 (119872119894minus1)119891 (119878119894minus1) gt 1199011119891 (119872119894)119891 (119878119894) minus 119891 (119872119894+1)119891 (119878119894+1) gt 1199012

(31)

The constraint conditions of S-SMKL are as follows

1199054 lt 1003816100381610038161003816119878i minus 119878119894minus11003816100381610038161003816 lt 1199055 lt 1003816100381610038161003816119878119894+1 minus 1198781198941003816100381610038161003816lt 1199056


(32)

where the values of 1199011 1199012 1199013 and 1199014 are close to ldquo0rdquo thevalues of 1199051 1199052 and 1199053 are close to ldquo1rdquo the values of 1199054 1199055 and1199056 are close to ldquo75rdquo If the constraint condition is satisfied the

algorithm will be stopped and formula (30) will become theoptimal function otherwise each dimension weight will beupdated iteratively The gradient of M and S correspondingto each dimension weight is as follows

1205971198721205971199081 = 21199081 (11990611 minus 11990621)21205971198721205971199082 = 21199082 (11990612 minus 11990622)21205971198721205971199083 = 21199083 (11990613 minus 11990623)21205971198721205971199084 = 21199084 (11990614 minus 11990624)21205971198721205971199085 = 21199085 (11990615 minus 11990625)2

(33)

1205971198781205971199081= 2[1199081(

1198991sum119894=1

119909211 minus 1198991119906211) + 1199081 (1198992sum119894=1

119909221 minus 1198992119906221)]1205971198781205971199082= 2[1199082(

1198991sum119894=1

119909212 minus 1198991119906212) + 1199082 (1198992sum119894=1

119909222 minus 1198992119906222)]1205971198781205971199083= 2[1199083(

1198991sum119894=1

119909213 minus 1198991119906213) + 1199083 (1198992sum119894=1

119909223 minus 1198992119906223)]1205971198781205971199084= 2[1199084(

1198991sum119894=1

119909214 minus 1198991119906214) + 1199084 (1198992sum119894=1

119909224 minus 1198992119906224)]1205971198781205971199085= 2[1199085(

1198991sum119894=1

119909215 minus 1198991119906215) + 1199085 (1198992sum119894=1

119909225 minus 1198992119906225)]

(34)

where 1198991 is the number of the normal flow feature of thetraining sample 1198992 is the number of the attack flow feature of


MultiDimension Data of Initial Weight

Increase M to update weights of different dimensions with gradient

ascent

Decrease S to update weights of different dimensions with gradient

descent

Multiply updated weight and training dataset update and improve the core

parameters of M-SMKL

Multiply updated weight and training dataset update and decrease the core

parameters of S-SMKL

Meet the constraint conditions of M-SMKL Meet constraint conditions of S-SMKL

End M-SMKL Training



ascent


descent





MMeet the constraint conditions of M-SMKL Meet constraint conditions of S-SMKL

End M-SMKL Training End S-SMKL Training

No No

Yes Yes

Figure 1 Flow chart of multiple-kernel learning training process based on ensemble learning

the training sample According to gradients in (33) and (34)the weight of each dimension is updated as follows (35)

1199081 = 1199081 + 2 lowast 1198971199031 lowast 1205971198721205971199081 minus 2 lowast 1198971199032 lowast 12059711987812059711990811199082 = 1199082 + 2 lowast 1198971199031 lowast 1205971198721205971199082 minus 2 lowast 1198971199032 lowast 12059711987812059711990821199083 = 1199083 + 2 lowast 1198971199031 lowast 1205971198721205971199083 minus 2 lowast 1198971199032 lowast 12059711987812059711990831199084 = 1199084 + 2 lowast 1198971199034 lowast 1205971198721205971199084 minus 2 lowast 1198971199032 lowast 12059711987812059711990841199085 = 1199085 + 2 lowast 1198971199031 lowast 1205971198721205971199085 minus 2 lowast 1198971199032 lowast 1205971198781205971199085

(35)

where 1198971199031 is the learning rate of gradient ascent 1198971199032 is thelearning rate of gradient descent 1198971199031 has the same functionas 120572 and 1198971199032 has the same function as 120573 Each updated weightismultiplied by each original feature accordingly and the nextround of iteration is carried out

43 Framework of Multiple-Kernel Learning Detection Basedon Ensemble Learning We input the multidimensional datawith weight and set the learning rate Then two differentclassifiers are trained M-SMKL is trained by increasing theM value mainly with reducing the S value secondarily andthe S-SMKL is trained by reducing the S value mainly withincreasing the M value secondarily During the trainingprocess the M value and the S value are constantly updatedwith the method of gradient rising and descending until theconstraint conditions are met The flowchart is provided inFigure 1

The detection process is as follows firstly the test datais multiplied with two different weight vectors which aretrained earlier secondly the calculated data are inputted tothe corresponding M-SMKL and S-SMKL model finally weuse the sliding window mechanism to coordinate two kindsof models The sliding window mechanism is described asfollows Firstly a sliding window with a size of 119899 is createdSecondly the trained M-SMKL classifies the test data andobtains the first classification results the trained S-SMKLclassifies the test data and obtains the second classificationresults Finally four ways are used to cooperatively treat thefirst classification results and the second classification resultsthe details are as follows (1) ifM-SMKL and S-SMKL identifythat the current data category is both normal the currentdata category is judged to be normal (2) if M-SMKL and S-SMKL identify that the current data category is both attackthe current data category is judged to be attack (3) if M-SMKL identifies that the current data category is normal butS-SMKL identifies that the current data category is attackthe current data category is judged to be attack (4) if M-SMKL identifies that the current data category is attack but S-SMKL identifies that the current data category is normal thenconsider the following Step 1Move the starting point of thesliding window to the current position of the test data in thefirst classification result and map the end point of the slidingwindow to the n-1 position of the first classification resultsStep 2 If the results in the sliding window are all attack thecurrent data category is judged to be attack otherwise thecurrent data category is judged to be normal The flow chartis provided in Figure 2

The reason for the training of two kinds of SMKL isthat S-SMKL focuses on reducing the difference betweenthe data of each dimension and can assemble the two typesof samples in their respective central positions However


Multiply initial data with new weightof S-SMKL

Multiply initial data with new weightof M-SMKL

Classify test set with S-SMKL Classify test set with M-SMKL

Classify Result 1 Classify Result 2

Slide Window Process

Final Predict Result

Figure 2 Flow chart of multiple-kernel learning detection process based on ensemble learning

S-SMKL does not consider the location of the two sample-center points Although a better classification feature can bemaintained on the whole it is impossible to identify DDoSattacks earlier because the center distance of the normal flowand attack flow is small M-SMKL focuses on the differencebetween the two types of data centers and maximizes thesample centers distance between the two types of samplecenters making the two samples as separate as possible M-SMKL can expand the distance of different class so that theattack flow can be identified earlier but it makes intraclassdata dispersed causing default results Therefore the slidingwindowmechanism is adopted to coordinate the two modelsto detect early DDoS accurately

5 Experimental Analysis

51 Experimental Data Sets and Evaluation Standards Thedata set used for this experiment is the CAIDA ldquoDDoS Attack2007rdquo data set [53]This data set contains an [L1]DistributedDenial of Service (DDoS) anonymous traffic attack forapproximately one hour on August 4 2007 The total size ofthe data set is 21 GB which accounts for approximately onehour (205008 UTCndash215616 UTC) Attacks began around2113 causing the network load to grow rapidly (in minutes)from approximately 200 kbitss to 80 megabitss One hourof attack traffic is divided into 5 minutes of files and stored inPCAP format The contents of this data set are TCP networktraffic packets Each TCP packet contains the source addressdestination address source port destination port packet sizeand protocol type The duration of normal flow data used inthis paper is 2minutes in total and the duration of attack datais 5 minutes in total

The hardware equipment adopted is 8 GB memory IntelCore i7 processor and a computer with a Windows 10 64-bit

system the development environment isMATLAB 2014a andCodeblocks 1005 The evaluation criteria used in this paperconsist of the detection rate (DR) the false alarm rate (FR)and total error rate (ER)

Assume that TP indicates that the number of normaltest samples is properly marked FP indicates the number ofnormal test samples that have been incorrectly marked TNindicates the number of attack test samples that are correctlymarked and FN indicates the number of attack test samplesthat have been incorrectly marked

119863119877 = 119879119873119879119873 + 119865119873119865119877 = 119865119875119879119875 + 119865119875119864119877 = 119865119873 + 119865119875119879119875 + 119865119875 + 119879119873 + 119865119873

(36)

We used the above five feature extraction algorithmsto extract features from the data set The extracted featurevalues are normalized and used as a training set The datain the training set can be regarded as the regularity ofthe change in network traffic The network traffic has anabrupt and volatile nature Therefore although the collectednetwork data have similarities with the conventional onesthey still have a certain degree of difference To simulate thisphenomenon for verifying the effectiveness of the presentedmethod three types of data are generated as follows (1)Normal flow feature values and attack flow feature valuesare multiplied by random number (2) only the attack flowfeature values are multiplied by random number and (3)only the normal flow feature values are multiplied by randomnumber


0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The A

CD fe

atur

e val

ue

The DDoS attack feature valueThe normal feature value

Figure 3 The ACD feature graph of DDoS attack flow and normalflow

0 50 100 150 200 250 300time (s)

0

5000

10000

15000

The I

BF fe

atur

e val

ue


Figure 4 The IBF feature graph of DDoS attack flow and normalflow

52 Experimental Results and Analysis Five features are usedto extract feature data from attack data and normal dataand positive as well as negative sample sets are obtained Thesampling time is set to 1 s and the remaining parameters ofthe five feature extraction methods are set as follows 1205791 = 051205792 = 05 1205793 = 3 1205794 = 3 1205795 = 3 1205796 = 3 1205797 = 3 1205798 = 3 and 1205799 = 3The total of normal feature values is 211 and the total of attackfeature values is 280 Figures 3ndash9 illustrate the feature valuesextracted by the five algorithms

As illustrated in Figure 3 the early attack feature valuesof DDoS attack are close to the normal feature values This isbecause there are a large number of bidirectional flows in theearly stage of the DDoS attack and these bidirectional flowsgradually decrease with the increase of the attack degree

0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The F

FV fe

atur

e val

ue


Figure 5 The FFV feature graph of DDoS attack flow and normalflow

time (s)0 987654321 10

0

10

20

30

40

50

60

The A

CD fe

atur

e val

ue


Figure 6 The ACD feature graph of DDoS attack flow and normalflow in the first 10 seconds

Therefore using the ACD as a feature after 70 seconds cansignificantly reflect the difference between the attack flowand the normal flow ACD can reflect the difference betweennormal flow and attack flow the earliest

As illustrated in Figure 4 compared with ACD althoughIBF does not recognize the attack flow earlier the distributionrange of its feature values is more uniform and presentsa certain degree of volatility This makes the feature lesssusceptible to individual outliers

As illustrated in Figure 5 the FFV feature is very similarto the ACD but as illustrated in Figures 6 and 7 in the initialstage the FFV is more capable of reflecting the differencebetween the attack flow and the normal flow than the ACDis


time (s)0 987654321 10

0

10

20

30

40

50

60

The F

FV fe

atur

e val

ue


Figure 7 The FFV feature graph of DDoS attack flow and normalflow in the first 10 seconds

0

2000

4000

6000

8000

10000

12000

14000

16000

The M

FF fe

atur

e val

ue


0 50 100 150 200 250 300time (s)

Figure 8 The MFF feature graph of DDoS attack flow and normalflow

As illustrated in Figure 8 although the MFF featurecannot determine the attack flow and the normal flow as earlyas possible it can make the feature values of the attack stagemore stable so that it can avoid the outliers of attack flows

As illustrated in Figure 9 it can be seen from the valueof the ordinate that the HIAD best reflects the differencebetween the normal flow and the attack flow while havingbetter stability in the latter half of the attack flow After theearly data this feature can greatly distinguish betweennormalflow and abnormal flow influence the classifier more andmake better decisions

In summary all five features have their own uniquecharacteristics To make full use of the characteristics of eachfeature the feature values extracted by these five algorithms

0

05

1

15

2

25

The H

IAD

feat

ure v

alue


0 50 100 150 200 250 300time (s)

times104

Figure 9The HIAD feature graph of DDoS attack flow and normalflow

are each used as a five-dimensional-feature data set Usingthese five feature values as training sets two multiple-kernellearning models dominated by gradient ascent and gradientdescent are trained into the algorithm and correspondingfive-dimensional feature weight vectors are obtained Finallyaccording to the framework of Figure 2 the classificationresults of test set are obtained and are used to verify theeffectiveness of method The parameters of M-SMKL are setas follows l1199031 = 2 lowast 10minus5 l1199032 = 2 lowast 10minus3 1199051 = 10021199052 = 10065 1199053 = 1007 1199011 = 0000084 and 1199012 = 0000001The parameters of S-SMKL are set as follows l1199031 = 2 lowast 10minus5l1199032 = 2 lowast 10minus2 1199054 = 73425 1199055 = 78340 1199056 = 783501199013 = 0000775 and 1199014 = 0000680 The size of the slidingwindow is 8 The parameters for multiple-kernel learningare all default values and the kernel function includes twoGaussian functions and two polynomial functions The SVMparameters are all default values and the kernel function islinear function The experimental results are illustrated inFigures 10ndash18

As shown in Figures 10ndash18 under the three types ofexperiments according to the three evaluation criteria theoverall performance of the algorithms from the highest to thelowest is the ADADM the SVMmethod the SMKLmethodand Nezhad et alrsquos method [16]

This is because although themethod described byNezhadet al [16] is visibly superior to other methods in terms of DRindicators it is far worse than other methods with respectto other indicators The reason is that the Nezhad et al [16]method relies excessively on the first reference point Whenthe first reference point fluctuates this method recognizeseasily some normal samples as attack samples

Although the classification accuracy of the attack samplesis high a large number of normal samples are misjudgedso this method is superior in terms of DR and its otherindicators are inferior to those of other methods This is


06-07 40-5030-4020-3015-2010-1509-1108-0907-08

The value of multiplier

075

08

085

09

095

1

The v

alue

of D

R

The DR value of ADADMThe DR value of SimpleMKLThe DR value of SVMThe DR value of Nezhad et al [16]

Figure 10 The DR contrast diagram of four algorithms for scalingattack flow and normal flow

06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R

The ER value of ADADMThe ER value of SimpleMKLThe ER value of SVMThe ER value of Nezhad et al [16]

Figure 11 The ER contrast diagram of four algorithms for scalingattack flow and normal flow

why in this case the Nezhad et al [16] method performsthe worst The effect of SVM is generally better than thatof the SMKL method because although the SMKL methodcoordinates multiple-kernel functions to map the sample toa high-dimensional Hilbert space the linear kernel functionis obviously more suitable for the sample Using the linearkernel SVM can establish a better hyperplane than the SMKLmethod to identify the data containing early DDoS attacksHowever although themultiple-kernel learning method doesnot use a linear kernel function that is more suitable for the

06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R

The FR value of ADADMThe FR value of SimpleMKLThe FR value of SVMThe FR value of Nezhad et al [16]

Figure 12 The FR contrast diagram of four algorithms for scalingattack flow and normal flow

075

08

085

09

095

1

The v

alue

of D

R


The value of multiplier01-02 09-1008-0907-0806-0705-0604-0503-0402-03

Figure 13 The DR contrast diagram of four algorithms for narrow-ing the attack flow

sample space it can still maintain high accuracy indicatingthat multiple-kernel learning has a lower dependence onthe selection of kernel functions than the single-kernelSVM

We compared the ADADM to the SVM method TheADADM method uses the same kernel function as SMKLmethod Because the multikernel learning method is flexibleand adaptable it is possible to continuously optimize thehyperplane by adjusting the weights of the feature of eachdimension to recognize the DDoS as early as possible Attack



01

015

02

025

03

035

The v

alue

of E

R


Figure 14 The ER contrast diagram of four algorithms for narrow-ing the attack flow

0

01

02

03

04

05

06

07

08

The v

alue

of F

R



Figure 15 The FR contrast diagram of four algorithms for narrow-ing the attack flow

flow data and normal flow data are located on both sides ofthe hyperplane

In addition using the idea of ensemble learning to traintwo different classifiers and using the sliding window mech-anism to further synthesize the advantage of each classifierimproves the algorithmrsquos performance in the three types ofexperiments This method we propose outperforms not onlythe SVM method but also other methods of DDoS attack

075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20


Figure 16TheDR contrast diagram of four algorithms for amplify-ing the normal flow

012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20

Figure 17 The ER contrast diagram of four algorithms for amplify-ing the normal flow

detection The experimental data are presented in Tables 12 and 3

6 Conclusion

In this paper five-dimensional features are defined fordescribing the burstiness of DDoS attack flows thedistribution of IP source addresses and the interactivityof DDoS attack flows Based on the five-dimensional


Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263

Nezhadetalrsquos[16]

metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R



Figure 18 The FR contrast diagram of four algorithms for amplify-ing the normal flow

features and the ensemble learning framework adaptivefeature weights are obtained and the M-SMKL and S-SMKLmultiple-kernel learning models are trained to detect DDoSattack For identifying early attacks effectively the slidingwindow mechanism is used to coordinate the S-SMKL andtheM-SMKL to deal with the detection results Experimentalresults show that compared with similar methods ourmethod can produce more accurate results for detectingearly DDoS attack

In the follow-up work we will further study how totransform the multidimensional weight adaptive problembased onmultiple-kernel learning into a convex optimizationproblem and improve the detection rate and convergencespeed of the method

Data Availability

The data used to support the findings of this study areavailable from the corresponding author upon request

Conflicts of Interest

There are no conflicts of interest in this paper

Acknowledgments

This work was supported by the Hainan Provincial NaturalScience Foundation of China [2018CXTD333 617048] theNational Natural Science Foundation of China [6176203361702539] Hainan University Doctor Start Fund Project[kyqd1328] and Hainan University Youth Fund Project[qnjj1444]

References

[1] Z Cai Z Wang K Zheng and J Cao ldquoA Distributed TCAMcoprocessor architecture for integrated longest prefixmatchingpolicy filtering and content filteringrdquo IEEE Transactions onComputers vol 62 no 3 pp 417ndash427 2013

[2] J H Cui Y Y Zhang Z P Cai et al ldquoSecuring display path forsecurity-sensitive applications on mobile devicesrdquo ComputerMaterials amp Continua vol 55 no 1 pp 17ndash35 2018

[3] S Liu ZCaiHXu andMXu ldquoTowards security-aware virtualnetwork embeddingrdquo Computer Networks vol 91 pp 151ndash1632015

[4] A S Pimpalkar and A R Bhagat Patil ldquoDetection and defensemechanisms against DDoS attacksrdquo in Proceedings of the Inter-national Conference on Innovations in Information Embeddedand Communication Systems pp 1ndash6 IEEE 2015

[5] J R Cheng R M Xu and X Y Tang ldquoAn Abnormal NetworkFlow Feature Sequence Prediction Approach for DDoS AttacksDetection in Big Data Environmentrdquo Computers Materials ampContinua vol 55 no 1 pp 95ndash119 2018

[6] N Hoque D K Bhattacharyya and J K Kalita ldquoBotnet inDDoS attacks trends and challengesrdquo IEEE CommunicationsSurveys amp Tutorials vol 17 no 4 pp 2242ndash2270 2015

[7] K Zeb O Baig and M K Asif ldquoDDoS attacks and counter-measures in cyberspacerdquo in Proceedings of the 2015 2nd WorldSymposium on Web Applications and Networking WSWAN rsquo15pp 1ndash6 IEEE 2015

[8] J Shen Z Gui S Ji J Shen H Tan and Y Tang ldquoCloud-aided lightweight certificateless authentication protocol withanonymity for wireless body area networksrdquo Journal of Networkand Computer Applications vol 106 pp 117ndash123 2018

[9] D Kreutz F M V Ramos P E Verissimo C E RothenbergS Azodolmolky and S Uhlig ldquoSoftware-defined networking acomprehensive surveyrdquo Proceedings of the IEEE vol 103 no 1pp 14ndash76 2015

[10] Z Zhou M Dong K Ota G Wang and L T Yang ldquoEnergy-efficient resource allocation for d2d communications under-laying cloud-ran-based lte-a networksrdquo IEEE Internet of ThingsJournal vol 3 no 3 pp 428ndash438 2016

[11] W Lin S Xu L He and J Li ldquoMulti-resource scheduling andpower simulation for cloud computingrdquo Information Sciencesvol 397-398 pp 168ndash186 2017

[12] W Jiang G Wang M Z A Bhuiyan and J Wu ldquoUnderstand-ing graph-based trust evaluation in online social networksMethodologies and challengesrdquo ACM Computing Surveys vol49 no 1 2016

[13] E Luo Q Liu and G Wang ldquoHierarchical Multi-Authorityand Attribute-Based Encryption Friend Discovery Scheme inMobile Social Networksrdquo IEEE Communications Letters vol 20no 9 pp 1772ndash1775 2016

[14] S Peng A Yang L Cao S Yu and D Xie ldquoSocial influencemodeling using information theory in mobile social networksrdquoInformation Sciences vol 379 pp 146ndash159 2017

[15] T Peng Q Liu D Meng and G Wang ldquoCollaborative tra-jectory privacy preserving scheme in location-based servicesrdquoInformation Sciences vol 387 pp 165ndash179 2017

[16] S M T Nezhad M Nazari and E A Gharavol ldquoA Novel DoSand DDoS Attacks Detection Algorithm Using ARIMA TimeSeriesModel andChaotic System inComputerNetworksrdquo IEEECommunications Letters vol 20 no 4 pp 700ndash703 2016


[17] R H Meng S G Rice and J Wang ldquoA Fusion SteganographicAlgorithm Based on Faster R-CNNrdquo Computers Materials ampContinua vol 55 no 1 pp 1ndash16 2018

[18] L Sun Z LiQYanW Srisa-an andY Pan ldquoSigPID significantpermission identification for android malware detectionrdquo inProceedings of the 2016 11th International Conference on Mali-cious and Unwanted Software (MALWARE rsquo16) pp 1ndash8 FajardoPuerto Rico USA October 2016

[19] C Yuan X Li Q M J Wu et al ldquoFingerprint Liveness Detec-tion from Different Fingerprint Materials Using ConvolutionalNeural Network and Principal Component Analysisrdquo CMCComputers Materials amp Continua vol 53 no 3 pp 357ndash3712017

[20] M I Jordan and T M Mitchell ldquoMachine learning trendsperspectives and prospectsrdquo Science vol 349 no 6245 pp 255ndash260 2015

[21] Y Li G Wang L Nie Q Wang and W Tan ldquoDistancemetric optimization driven convolutional neural network forage invariant face recognitionrdquo Pattern Recognition vol 75 pp51ndash62 2018

[22] P Li J Li Z Huang et al ldquoMulti-key privacy-preserving deeplearning in cloud computingrdquo Future Generation ComputerSystems vol 74 pp 76ndash85 2017

[23] T Li J Li Z Liu P Li and C Jia ldquoDifferentially private NaiveBayes learning overmultiple data sourcesrdquo Information Sciencesvol 444 pp 89ndash104 2018

[24] Z Huang S Liu X Mao K Chen and J Li ldquoInsight of theprotection for data security under selective opening attacksrdquoInformation Sciences vol 412-413 pp 223ndash241 2017

[25] CGaoQ Cheng PHeW Susilo and J Li ldquoPrivacy-preservingNaive Bayes classifiers secure against the substitution-then-comparison attackrdquo Information Sciences vol 444 pp 72ndash882018

[26] A Saied R E Overill andT Radzik ldquoArtificial neural networksin the detection of known and unknown DDoS attacks proof-of-conceptrdquo in Proceedings of PAAMS 2014 International Work-shops (PAAMS rsquo14) Salamanca Spain 2014

[27] M H Bhuyan D K Bhattacharyya and J K Kalita ldquoAnempirical evaluation of information metrics for low-rate andhigh-rate DDoS attack detectionrdquo Pattern Recognition Lettersvol 51 pp 1ndash7 2015

[28] Z Y Tan A Jamdagni X He P Nanda and R P Liu ldquoA systemfor denial-of-service attackdetection based onmultivariate cor-relation analysisrdquo IEEE Transactions on Parallel and DistributedSystems vol 25 no 2 pp 447ndash456 2014

[29] S Yu W Zhou W Jia S Guo Y Xiang and F TangldquoDiscriminating DDoS attacks from flash crowds using flowcorrelation coefficientrdquo IEEE Transactions on Parallel and Dis-tributed Systems vol 23 no 6 pp 1073ndash1080 2012

[30] A Wang A Mohaisen W Chang and S Chen ldquoDelving intoInternet DDoS Attacks by Botnets Characterization and Anal-ysisrdquo in Proceedings of the 45th Annual IEEEIFIP InternationalConference on Dependable Systems and Networks DSN rsquo15 pp379ndash390 2015

[31] G D Kumar C V G Rao M K Singh and F Ahmad ldquoUsingJpcap API to monitor analyze and report network traffic forDDoS attacksrdquo in Proceedings of the 14th International Confer-ence on Computational Science and Its Applications ICCSA rsquo14vol 39 p 35 2014

[32] K J Singh KThongam and T De ldquoEntropy-based applicationlayer DDoS attack detection using artificial neural networksrdquoEntropy vol 18 no 10 2016

[33] A Rukavitsyn K Borisenko and A Shorov ldquoSelf-learningmethod for DDoS detection model in cloud computingrdquo inProceedings of the 2017 IEEE Russia Section Young Researchers inElectrical and Electronic Engineering Conference ElConRus rsquo17pp 544ndash547 2017

[34] H Zhang Z Cai Q Liu et al ldquoA Survey on Security-AwareMeasurement in SDNrdquo Security and Communication Networksvol 2018 Article ID 2459154 14 pages 2018

[35] J Ashraf and S Latif ldquoHandling intrusion and DDoS attacksin Software Defined Networks using machine learning tech-niquesrdquo inProceedings of the 2014National Software EngineeringConference NSEC rsquo14 pp 55ndash60 Karachi Pakistan 2014

[36] I Mihai-Gabriel and P Victor-Valeriu ldquoAchieving DDoSresiliency in a software defined network by intelligent riskassessment based on neural networks and danger theoryrdquoin Proceedings of the 15th IEEE International Symposium onComputational Intelligence and Informatics CINTI rsquo14 pp 319ndash324 Hungary 2014

[37] Q Yan Q Gong and F R Yu ldquoEffective software-definednetworking controller scheduling method to mitigate DDoSattacksrdquo IEEE Electronics Letters vol 53 no 7 pp 469ndash471 2017

[38] T Chin X Mountrouidou X Li and K Xiong ldquoSelectivepacket inspection to detectDoS flooding using software definednetworking (SDN)rdquo in Proceedings of the 2015 35th IEEEInternational Conference on Distributed Computing SystemsWorkshops ICDCSW rsquo15 pp 95ndash99 2015

[39] NDayal and S Srivastava ldquoAnalyzing behavior ofDDoS attacksto identify DDoS detection features in SDNrdquo in Proceedings ofthe 9th International Conference onCommunication Systems andNetworks COMSNETS rsquo17 pp 274ndash281 2017

[40] J Ye X Cheng J Zhu L Feng and L Song ldquoA DDoSAttack Detection Method Based on SVM in Software DefinedNetworkrdquo Security and Communication Networks vol 2018Article ID 9804061 8 pages 2018

[41] J Xu L Wei Y Zhang A Wang F Zhou and C GaoldquoDynamic Fully Homomorphic encryption-based Merkle Treefor lightweight streaming authenticated data structuresrdquo Jour-nal of Network and Computer Applications vol 107 pp 113ndash1242018

[42] X Zhang Y Tan C Liang Y Li and J Li ldquoA Covert ChannelOver VoLTE via Adjusting Silence Periodsrdquo IEEE Access vol 6pp 9292ndash9302 2018

[43] Q Lin H Yan Z Huang W Chen J Shen and Y TangldquoAn ID-based linearly homomorphic signature scheme and itsapplication in blockchainrdquo IEEE Access vol 6 no 1 pp 20632ndash20640 2018

[44] Q Lin J Li Z Huang W Chen and J Shen ldquoA short linearlyhomomorphic proxy signature schemerdquo IEEE Access vol 6 pp12966ndash12972 2018

[45] J Cheng X Tang and J Yin ldquoA change-point DDoS attackdetection method based on half interaction anomaly degreerdquoInternational Journal of Autonomous and Adaptive Communi-cations Systems vol 10 no 1 pp 38ndash54 2017

[46] J R Cheng J Yin Y Liu Z Cai and C Wu ldquoDDoS AttackDetectionUsing IP Address Feature Interactionrdquo in Proceedingsof the 2009 International Conference on Intelligent Networkingand Collaborative Systems (INCOS rsquo09) pp 113ndash118 2009

[47] J Cheng B Zhang J Yin et al ldquoDDoS Attack Detection UsingThree-State Partition Based on Flow Interactionrdquo Communica-tions in Computer amp Information Science vol 29 no 4 pp 176ndash184 2009


[48] J Cheng J Yin Y Liu Z Cai and C Wu ldquoDetectingDistributed Denial of Service Attack Based on Multi-featureFusionrdquo in Security Technology vol 58 pp 132ndash139 2009

[49] J R Cheng X Tang X Zhu and J Yin ldquoDistributed denialof service attack detection based on IP Flow Interactionrdquo inProceedings of the 2011 International Conference on E-Businessand E-Government (ICEE rsquo11) pp 1ndash4 2011

[50] J Cheng J Yin and L Yun ldquoDetecting Distributed Denial ofService Attack Based on Address Correlation Valuerdquo Journal ofComputer ResearchampDevelopment vol 46 no 8 pp 1334ndash13402009

[51] J Cheng J Zhou X Tang and J Shi ldquoA distributed denial ofservice attack detectionmethod based on time series predictionmodelrdquo Network Security Technology and Application vol 10pp 71ndash89 2016

[52] A Rakotomamonjy F R Bach S Canu and Y GrandvaletldquoSimple MKLrdquo Journal of Machine Learning Research vol 9 no3 pp 2491ndash2521 2008

[53] The Cooperative Association for Internet Data Analysis TheCaida Ucsd DDoS Attack 2007 httpwwwcaidaorgdatapassiveddos-20070804 datasetxml

International Journal of

AerospaceEngineeringHindawiwwwhindawicom Volume 2018

RoboticsJournal of

Hindawiwwwhindawicom Volume 2018


Active and Passive Electronic Components

VLSI Design



Shock and Vibration


Civil EngineeringAdvances in

Acoustics and VibrationAdvances in



Electrical and Computer Engineering

Journal of

Advances inOptoElectronics

Hindawiwwwhindawicom

Volume 2018

Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom

The Scientific World Journal

Volume 2018

Control Scienceand Engineering

Journal of



Journal ofEngineeringVolume 2018

SensorsJournal of



RotatingMachinery


Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018


Chemical EngineeringInternational Journal of Antennas and

Propagation




Navigation and Observation


Hindawi

wwwhindawicom Volume 2018

Advances in

Multimedia

Submit your manuscripts atwwwhindawicom


zombie machines it is easy for a server to no longer havethe ability to provide services to normal users [6] On theother hand DDoS attacks are easy to implement Unlikeother network attacks DDoS attacks require only a largenumber of zombie machines and a small amount of networksecurity knowledge to launch an effective attackThis easy-to-grasp network attack method makes the DDoS attack morepowerful

At present under the traditional network environmentmethods for defense against DDoS attacks mainly includeattack detection and attack response [7] DDoS attack detec-tion is based on attack signatures congestion patternsprotocols and source addresses as an important basis fordetecting attacks thereby establishing an effective detectionmechanism The detection model can be roughly dividedinto two categories misuse-based detection and anomaly-based detection Misuse-based detection is a technique basedon feature-matching algorithms It matches the collectedand extracted user behavior features with the known featuredatabase of DDoS attacks to identify whether an attack hasoccurred Anomaly-based detection is adopted by moni-toring systems By establishing the target system and theuserrsquos normal behavior model the monitoring systems candetermine whether the states of the system and the userrsquosactivities deviate from the normal profile and can judgewhether there is an attack The attack response is to properlyfilter or limit the network traffic after the DDoS attack isinitiated The attack traffic to the attack target host is reducedas much as possible to mitigate the influence of the denial ofa service attack

With the rise of cloud computing technologies andsoftware-defined networking (SDN) concepts DDoS attackdetection based on cloud computing environments andsoftware-defined networks has received widespread attention[8 9] As a new computing model cloud computing haspowerful distributed computing capabilities massive storagecapabilities and diverse service capabilities [10 11] It hasbecome an important means of solving big data problems[12] Therefore establishing a cloud platform system is anecessary measure to effectively ensure cloud computingrsquosreliability stability and security [13ndash15]

In recent years machine learning has been applied tothe field of security [17] The method of constructing anattack detection model using machine learning has beenwidely used [18 19] The machine-learning method playsan important role in the traditional network environmentthe cloud environment and software-defined network archi-tecture The reason is that the machine-learning methodcan deeply mine the important information hidden behindthe data and combine prior knowledge to discriminate andpredict new data [20] Therefore compared with traditionaldetection methods machine-learning methods can exhibitbetter detection accuracy [21ndash25] In the above analysisof defense measures it is known that the traditional net-work environment cloud environment and software-definednetwork architecture all involve attack detection for thedefense mechanism of DDoS Therefore studying the useof machine-learning methods to identify DDoS attacks is ofgreat significance However the data generated by the DDoS

attack is often burst and diverse and the background trafficsize also has a greater impact on the detection model therebyreducing the modelrsquos detection accuracy

To solve the above problems we propose a multiple-kernel learning DDoS attack detection method The methoduses the algorithm to extract five features and combines twomultiple-kernel learning models with the adaptive featureweights to recognize attack flows and normal flows Forfurther improving the accuracy of DDoS attack detectiona sliding window mechanism is employed to coordinatetwo multiple-kernel learning models treating the detectionresults Experiments show that our method can better dis-tinguish DDoS attack flow from normal flow and can detectDDoS attacks earlier

2 Related Work

DDoS attacks can cause tremendous damage to a network andoften subject the attacked party to great economic lossesThisis one of the main ways that hackers initiate cyberattacks

To reduce the damage of DDoS attacks researchershave proposed a large number of attack detection meth-ods in recent years According to the application scenariothese methods can be divided into three categories thedetection method in the conventional network environmentthe detection method in the cloud environment and thedetection method in the software-defined network (SDN)environment(1) The conventional network environment refers to theInternet environment generally established on the Internetbased on an open system interconnect referencemodel (OSI)In this regard Saied et al proposed a method for detectingknown and unknown DDoS attacks using artificial neuralnetworks [26] Bhuyan et al proposed an empirical evalua-tion method for the measurement of low-rate and high-rateDDoS attack detection information [27] Tan et al proposeda DDoS attack detection method based on multivariatecorrelation analysis [28] Yu et al proposed a DDoS attackdetection method based on the traffic correlation coefficient[29] Wang et al conducted an in-depth analysis of thecharacteristics of DDoS botnets [30] Kumar and others usedthe Jpcap API to monitor and analyze DDoS attacks [31]Khundrakpam et al proposed an application-layer DDoSattack detection method combining entropy and an artificialneural network [32](2) The cloud environment refers to the network serviceplatform with cloud computing as the core technology Inthis regard Karnwal et al proposed a defense method forXMLDDoS andHTTPDDoS attacks under cloud computingplatforms [33] Sahi et al proposed the check and defensemethod for TCP-flood DDoS attacks in the cloud environ-ment [34] Rukavitsyn et al proposed a self-learning DDoSattack detection method in the cloud environment [35](3) Software-defined network refers to a new networkarchitecture that adopts OpenFlow as the communicationprotocol and specifies the router as well as switch dataexchange rules through the controller [36] In this regardAshraf used machine-learning detection software to define
















119860119862119863119865 = 119898sum119894=1

119882(119860119862119878119894) (1)




119865119865119881119865 = ( 119898sum119894=1

119862119868119875 (119878119863119863119894) minus 119898) (2)


119862119868119875 (119878119863119863119894) = 119873119906119898(119878119863119863119894)+ 1205792

119873119906119898(119878119863119863119894)sum119895=1

119874119860(119875119886119888119896 (119860119895))+ (1 minus 1205792) (119874119861 (119875119900119903119905 (119878119863119863119894)) minus 1)

(3)


119874119860(119875119886119888119896 (119860119895)) = 119875119886119888119896 (119860119895) 119875119886119888119896 (119860119895)Δ119905gt 1205793 0 119875119886119888119896 (119860119895)Δ119905 le 1205793

(4)


119874119861 (119875119900119903119905 (119878119863119863119894)) = 119875119900119903119905 (119878119863119863119894) 119875119900119903119905 (119878119863119863119894)Δ119905gt 1205794 0 119875119900119903119905 (119878119863119863119894)Δ119905 le 1205794

(5)



119868119861119865 = 1119872 + 1 (|119878 minus 119863| + 119878sum119894=1

119900V119890119903 (119875119900119903119905 (119878119867119894))

+ 119863sum119894=1

119900V119890119903 (119875119900119903119905 (119863119867119894)))(6)




119882119890119894119892ℎ119905119878119867 = 119904sum119894=1

119900V119890119903119904ℎ (119875119886119888119896119890119905 (119878119867119894)) (7)


119882119890119894119892ℎ119905119878119863 = 119871sum119894=1

119900V119890119903119904119889 (119875119886119888119896119890119905 (119878119863119894)) (8)


119882119890119894119892ℎ119905119901119886119888119896119890119905 = 119891119897119886119892 (119882119890119894119892ℎ119905119878119863)119882119890119894119892ℎ119905119878119863+ 119882119890119894119892ℎ119905119878119863 (9)

In these equations

119900V119890119903119904ℎ (119909) = 119909 119909119905 gt 1205796 0 119909119905 le 1205796 119900V119890119903119904119889 (119909) = 119909 119909119905 gt 1205797 0 119909119905 le 1205797 119891119897119886119892 (119909) = 0 119909 gt 0 1 119909 = 0

(10)



119882119890119894119892ℎ119905119901119900119903119905 = 119878sum119894=1

119900V119890119903119901 (119875119900119903119905 (119878119867119894))

+ 119863sum119895=1

119900V119890119903119901 (119875119900119903119905 (119863119867119895))(11)



119872119865119865119865 = S + 119882119890119894119892ℎ119905119901119900119903119905 + 119882119890119894119892ℎ119905119901119886119888119896119890119905119872 + 1 (12)




119867119868119860119863119865 = ( 119896sum119894=1

(ℎ119899119894 + 119908119890119894119892ℎ119905 (119875119900119903119905 (119867119878119863119868)))) (13)








119891 (119909) = 119872sum119898=1

(120596119898 120601119898 (119909)) + 119887 (14)


min 120595 (120596m 119887 120585 119889) = 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumiminus1

120585i (15)

st yi119872summ=1


119889119898 = 1 119889119898 ge 0120585119894 ge 0

(16)


min119889ge0

119869 (119889) 119872sum119898=1

119889119898 = 1 (17)

st min120596119898119887120585

= 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

119899sumiminus1

120585iyi

119872summ=1


(18)


119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumi=1

120585i+ msum

i=1120572i (1 minus 120585119894 minus yi

119872summ=1

120596119898 sdot 120593m (119909119894) + yi119887)

+ nsumi=1]119894120585119894

(19)



max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119909119894 119909119895) + 119899sum

119894=1

120572119894 (20)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119909119894 119909119895) = 119872sum

119898=1

119889119898119896119898 (119909119894 119909119895) (21)


119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119909119894 119909119895) + 119887 (22)






(23)


1198781 = 119899sumi=1



(24)


1198782 = 119899sum119894=1



(25)


max119909119894119895isin119865

120572119872 +min119909119894119895isin119865

120573119878

min 120595 (120596m 119887 120585 119889 119908) = 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumiminus1

120585i(26)

st yi119872sum119898=1


119889119898 = 1 119889119898 ge 0120585119894 ge 0119872 lt 1205901119878 gt 1205901

(27)





max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119908119909119894 119908119909119895) + 119899sum

119894=1

120572119894 (28)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119908119909119894 119908119909119895) = 119872sum

119898=1

119889119898119896119898 (119908119909119894 119908119909119895)(29)


119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119908119909119894 119908119909119895) + 119887 (30)



1199051 lt 1003816100381610038161003816119872119894+1 minus 1198721198941003816100381610038161003816 lt 1199052



(31)




(32)




(33)

1205971198781205971199081= 2[1199081(

1198991sum119894=1

119909211 minus 1198991119906211) + 1199081 (1198992sum119894=1

119909221 minus 1198992119906221)]1205971198781205971199082= 2[1199082(

1198991sum119894=1

119909212 minus 1198991119906212) + 1199082 (1198992sum119894=1

119909222 minus 1198992119906222)]1205971198781205971199083= 2[1199083(

1198991sum119894=1

119909213 minus 1198991119906213) + 1199083 (1198992sum119894=1

119909223 minus 1198992119906223)]1205971198781205971199084= 2[1199084(

1198991sum119894=1

119909214 minus 1198991119906214) + 1199084 (1198992sum119894=1

119909224 minus 1198992119906224)]1205971198781205971199085= 2[1199085(

1198991sum119894=1

119909215 minus 1198991119906215) + 1199085 (1198992sum119894=1

119909225 minus 1198992119906225)]

(34)





ascent


descent






End M-SMKL Training



ascent


descent







No No

Yes Yes




(35)



















119863119877 = 119879119873119879119873 + 119865119873119865119877 = 119865119875119879119875 + 119865119875119864119877 = 119865119873 + 119865119875119879119875 + 119865119875 + 119879119873 + 119865119873

(36)



0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The A

CD fe

atur

e val

ue



0 50 100 150 200 250 300time (s)

0

5000

10000

15000

The I

BF fe

atur

e val

ue





0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The F

FV fe

atur

e val

ue



time (s)0 987654321 10

0

10

20

30

40

50

60

The A

CD fe

atur

e val

ue







time (s)0 987654321 10

0

10

20

30

40

50

60

The F

FV fe

atur

e val

ue



0

2000

4000

6000

8000

10000

12000

14000

16000

The M

FF fe

atur

e val

ue


0 50 100 150 200 250 300time (s)





0

05

1

15

2

25

The H

IAD

feat

ure v

alue


0 50 100 150 200 250 300time (s)

times104







06-07 40-5030-4020-3015-2010-1509-1108-0907-08


075

08

085

09

095

1

The v

alue

of D

R



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R




06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R



075

08

085

09

095

1

The v

alue

of D

R








01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia

















119860119862119863119865 = 119898sum119894=1

119882(119860119862119878119894) (1)




119865119865119881119865 = ( 119898sum119894=1

119862119868119875 (119878119863119863119894) minus 119898) (2)


119862119868119875 (119878119863119863119894) = 119873119906119898(119878119863119863119894)+ 1205792

119873119906119898(119878119863119863119894)sum119895=1

119874119860(119875119886119888119896 (119860119895))+ (1 minus 1205792) (119874119861 (119875119900119903119905 (119878119863119863119894)) minus 1)

(3)


119874119860(119875119886119888119896 (119860119895)) = 119875119886119888119896 (119860119895) 119875119886119888119896 (119860119895)Δ119905gt 1205793 0 119875119886119888119896 (119860119895)Δ119905 le 1205793

(4)


119874119861 (119875119900119903119905 (119878119863119863119894)) = 119875119900119903119905 (119878119863119863119894) 119875119900119903119905 (119878119863119863119894)Δ119905gt 1205794 0 119875119900119903119905 (119878119863119863119894)Δ119905 le 1205794

(5)



119868119861119865 = 1119872 + 1 (|119878 minus 119863| + 119878sum119894=1

119900V119890119903 (119875119900119903119905 (119878119867119894))

+ 119863sum119894=1

119900V119890119903 (119875119900119903119905 (119863119867119894)))(6)




119882119890119894119892ℎ119905119878119867 = 119904sum119894=1

119900V119890119903119904ℎ (119875119886119888119896119890119905 (119878119867119894)) (7)


119882119890119894119892ℎ119905119878119863 = 119871sum119894=1

119900V119890119903119904119889 (119875119886119888119896119890119905 (119878119863119894)) (8)


119882119890119894119892ℎ119905119901119886119888119896119890119905 = 119891119897119886119892 (119882119890119894119892ℎ119905119878119863)119882119890119894119892ℎ119905119878119863+ 119882119890119894119892ℎ119905119878119863 (9)

In these equations

119900V119890119903119904ℎ (119909) = 119909 119909119905 gt 1205796 0 119909119905 le 1205796 119900V119890119903119904119889 (119909) = 119909 119909119905 gt 1205797 0 119909119905 le 1205797 119891119897119886119892 (119909) = 0 119909 gt 0 1 119909 = 0

(10)



119882119890119894119892ℎ119905119901119900119903119905 = 119878sum119894=1

119900V119890119903119901 (119875119900119903119905 (119878119867119894))

+ 119863sum119895=1

119900V119890119903119901 (119875119900119903119905 (119863119867119895))(11)



119872119865119865119865 = S + 119882119890119894119892ℎ119905119901119900119903119905 + 119882119890119894119892ℎ119905119901119886119888119896119890119905119872 + 1 (12)




119867119868119860119863119865 = ( 119896sum119894=1

(ℎ119899119894 + 119908119890119894119892ℎ119905 (119875119900119903119905 (119867119878119863119868)))) (13)








119891 (119909) = 119872sum119898=1

(120596119898 120601119898 (119909)) + 119887 (14)


min 120595 (120596m 119887 120585 119889) = 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumiminus1

120585i (15)

st yi119872summ=1


119889119898 = 1 119889119898 ge 0120585119894 ge 0

(16)


min119889ge0

119869 (119889) 119872sum119898=1

119889119898 = 1 (17)

st min120596119898119887120585

= 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

119899sumiminus1

120585iyi

119872summ=1


(18)


119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumi=1

120585i+ msum

i=1120572i (1 minus 120585119894 minus yi

119872summ=1

120596119898 sdot 120593m (119909119894) + yi119887)

+ nsumi=1]119894120585119894

(19)



max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119909119894 119909119895) + 119899sum

119894=1

120572119894 (20)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119909119894 119909119895) = 119872sum

119898=1

119889119898119896119898 (119909119894 119909119895) (21)


119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119909119894 119909119895) + 119887 (22)






(23)


1198781 = 119899sumi=1



(24)


1198782 = 119899sum119894=1



(25)


max119909119894119895isin119865

120572119872 +min119909119894119895isin119865

120573119878

min 120595 (120596m 119887 120585 119889 119908) = 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumiminus1

120585i(26)

st yi119872sum119898=1


119889119898 = 1 119889119898 ge 0120585119894 ge 0119872 lt 1205901119878 gt 1205901

(27)





max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119908119909119894 119908119909119895) + 119899sum

119894=1

120572119894 (28)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119908119909119894 119908119909119895) = 119872sum

119898=1

119889119898119896119898 (119908119909119894 119908119909119895)(29)


119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119908119909119894 119908119909119895) + 119887 (30)



1199051 lt 1003816100381610038161003816119872119894+1 minus 1198721198941003816100381610038161003816 lt 1199052



(31)




(32)




(33)

1205971198781205971199081= 2[1199081(

1198991sum119894=1

119909211 minus 1198991119906211) + 1199081 (1198992sum119894=1

119909221 minus 1198992119906221)]1205971198781205971199082= 2[1199082(

1198991sum119894=1

119909212 minus 1198991119906212) + 1199082 (1198992sum119894=1

119909222 minus 1198992119906222)]1205971198781205971199083= 2[1199083(

1198991sum119894=1

119909213 minus 1198991119906213) + 1199083 (1198992sum119894=1

119909223 minus 1198992119906223)]1205971198781205971199084= 2[1199084(

1198991sum119894=1

119909214 minus 1198991119906214) + 1199084 (1198992sum119894=1

119909224 minus 1198992119906224)]1205971198781205971199085= 2[1199085(

1198991sum119894=1

119909215 minus 1198991119906215) + 1199085 (1198992sum119894=1

119909225 minus 1198992119906225)]

(34)





ascent


descent






End M-SMKL Training



ascent


descent







No No

Yes Yes




(35)



















119863119877 = 119879119873119879119873 + 119865119873119865119877 = 119865119875119879119875 + 119865119875119864119877 = 119865119873 + 119865119875119879119875 + 119865119875 + 119879119873 + 119865119873

(36)



0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The A

CD fe

atur

e val

ue



0 50 100 150 200 250 300time (s)

0

5000

10000

15000

The I

BF fe

atur

e val

ue





0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The F

FV fe

atur

e val

ue



time (s)0 987654321 10

0

10

20

30

40

50

60

The A

CD fe

atur

e val

ue







time (s)0 987654321 10

0

10

20

30

40

50

60

The F

FV fe

atur

e val

ue



0

2000

4000

6000

8000

10000

12000

14000

16000

The M

FF fe

atur

e val

ue


0 50 100 150 200 250 300time (s)





0

05

1

15

2

25

The H

IAD

feat

ure v

alue


0 50 100 150 200 250 300time (s)

times104







06-07 40-5030-4020-3015-2010-1509-1108-0907-08


075

08

085

09

095

1

The v

alue

of D

R



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R




06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R



075

08

085

09

095

1

The v

alue

of D

R








01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia






119860119862119863119865 = 119898sum119894=1

119882(119860119862119878119894) (1)




119865119865119881119865 = ( 119898sum119894=1

119862119868119875 (119878119863119863119894) minus 119898) (2)


119862119868119875 (119878119863119863119894) = 119873119906119898(119878119863119863119894)+ 1205792

119873119906119898(119878119863119863119894)sum119895=1

119874119860(119875119886119888119896 (119860119895))+ (1 minus 1205792) (119874119861 (119875119900119903119905 (119878119863119863119894)) minus 1)

(3)


119874119860(119875119886119888119896 (119860119895)) = 119875119886119888119896 (119860119895) 119875119886119888119896 (119860119895)Δ119905gt 1205793 0 119875119886119888119896 (119860119895)Δ119905 le 1205793

(4)


119874119861 (119875119900119903119905 (119878119863119863119894)) = 119875119900119903119905 (119878119863119863119894) 119875119900119903119905 (119878119863119863119894)Δ119905gt 1205794 0 119875119900119903119905 (119878119863119863119894)Δ119905 le 1205794

(5)



119868119861119865 = 1119872 + 1 (|119878 minus 119863| + 119878sum119894=1

119900V119890119903 (119875119900119903119905 (119878119867119894))

+ 119863sum119894=1

119900V119890119903 (119875119900119903119905 (119863119867119894)))(6)




119882119890119894119892ℎ119905119878119867 = 119904sum119894=1

119900V119890119903119904ℎ (119875119886119888119896119890119905 (119878119867119894)) (7)


119882119890119894119892ℎ119905119878119863 = 119871sum119894=1

119900V119890119903119904119889 (119875119886119888119896119890119905 (119878119863119894)) (8)


119882119890119894119892ℎ119905119901119886119888119896119890119905 = 119891119897119886119892 (119882119890119894119892ℎ119905119878119863)119882119890119894119892ℎ119905119878119863+ 119882119890119894119892ℎ119905119878119863 (9)

In these equations

119900V119890119903119904ℎ (119909) = 119909 119909119905 gt 1205796 0 119909119905 le 1205796 119900V119890119903119904119889 (119909) = 119909 119909119905 gt 1205797 0 119909119905 le 1205797 119891119897119886119892 (119909) = 0 119909 gt 0 1 119909 = 0

(10)



119882119890119894119892ℎ119905119901119900119903119905 = 119878sum119894=1

119900V119890119903119901 (119875119900119903119905 (119878119867119894))

+ 119863sum119895=1

119900V119890119903119901 (119875119900119903119905 (119863119867119895))(11)



119872119865119865119865 = S + 119882119890119894119892ℎ119905119901119900119903119905 + 119882119890119894119892ℎ119905119901119886119888119896119890119905119872 + 1 (12)




119867119868119860119863119865 = ( 119896sum119894=1

(ℎ119899119894 + 119908119890119894119892ℎ119905 (119875119900119903119905 (119867119878119863119868)))) (13)








119891 (119909) = 119872sum119898=1

(120596119898 120601119898 (119909)) + 119887 (14)


min 120595 (120596m 119887 120585 119889) = 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumiminus1

120585i (15)

st yi119872summ=1


119889119898 = 1 119889119898 ge 0120585119894 ge 0

(16)


min119889ge0

119869 (119889) 119872sum119898=1

119889119898 = 1 (17)

st min120596119898119887120585

= 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

119899sumiminus1

120585iyi

119872summ=1


(18)


119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumi=1

120585i+ msum

i=1120572i (1 minus 120585119894 minus yi

119872summ=1

120596119898 sdot 120593m (119909119894) + yi119887)

+ nsumi=1]119894120585119894

(19)



max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119909119894 119909119895) + 119899sum

119894=1

120572119894 (20)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119909119894 119909119895) = 119872sum

119898=1

119889119898119896119898 (119909119894 119909119895) (21)


119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119909119894 119909119895) + 119887 (22)






(23)


1198781 = 119899sumi=1



(24)


1198782 = 119899sum119894=1



(25)


max119909119894119895isin119865

120572119872 +min119909119894119895isin119865

120573119878

min 120595 (120596m 119887 120585 119889 119908) = 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumiminus1

120585i(26)

st yi119872sum119898=1


119889119898 = 1 119889119898 ge 0120585119894 ge 0119872 lt 1205901119878 gt 1205901

(27)





max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119908119909119894 119908119909119895) + 119899sum

119894=1

120572119894 (28)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119908119909119894 119908119909119895) = 119872sum

119898=1

119889119898119896119898 (119908119909119894 119908119909119895)(29)


119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119908119909119894 119908119909119895) + 119887 (30)



1199051 lt 1003816100381610038161003816119872119894+1 minus 1198721198941003816100381610038161003816 lt 1199052



(31)




(32)




(33)

1205971198781205971199081= 2[1199081(

1198991sum119894=1

119909211 minus 1198991119906211) + 1199081 (1198992sum119894=1

119909221 minus 1198992119906221)]1205971198781205971199082= 2[1199082(

1198991sum119894=1

119909212 minus 1198991119906212) + 1199082 (1198992sum119894=1

119909222 minus 1198992119906222)]1205971198781205971199083= 2[1199083(

1198991sum119894=1

119909213 minus 1198991119906213) + 1199083 (1198992sum119894=1

119909223 minus 1198992119906223)]1205971198781205971199084= 2[1199084(

1198991sum119894=1

119909214 minus 1198991119906214) + 1199084 (1198992sum119894=1

119909224 minus 1198992119906224)]1205971198781205971199085= 2[1199085(

1198991sum119894=1

119909215 minus 1198991119906215) + 1199085 (1198992sum119894=1

119909225 minus 1198992119906225)]

(34)





ascent


descent






End M-SMKL Training



ascent


descent







No No

Yes Yes




(35)



















119863119877 = 119879119873119879119873 + 119865119873119865119877 = 119865119875119879119875 + 119865119875119864119877 = 119865119873 + 119865119875119879119875 + 119865119875 + 119879119873 + 119865119873

(36)



0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The A

CD fe

atur

e val

ue



0 50 100 150 200 250 300time (s)

0

5000

10000

15000

The I

BF fe

atur

e val

ue





0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The F

FV fe

atur

e val

ue



time (s)0 987654321 10

0

10

20

30

40

50

60

The A

CD fe

atur

e val

ue







time (s)0 987654321 10

0

10

20

30

40

50

60

The F

FV fe

atur

e val

ue



0

2000

4000

6000

8000

10000

12000

14000

16000

The M

FF fe

atur

e val

ue


0 50 100 150 200 250 300time (s)





0

05

1

15

2

25

The H

IAD

feat

ure v

alue


0 50 100 150 200 250 300time (s)

times104







06-07 40-5030-4020-3015-2010-1509-1108-0907-08


075

08

085

09

095

1

The v

alue

of D

R



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R




06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R



075

08

085

09

095

1

The v

alue

of D

R








01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia




119882119890119894119892ℎ119905119901119900119903119905 = 119878sum119894=1

119900V119890119903119901 (119875119900119903119905 (119878119867119894))

+ 119863sum119895=1

119900V119890119903119901 (119875119900119903119905 (119863119867119895))(11)



119872119865119865119865 = S + 119882119890119894119892ℎ119905119901119900119903119905 + 119882119890119894119892ℎ119905119901119886119888119896119890119905119872 + 1 (12)




119867119868119860119863119865 = ( 119896sum119894=1

(ℎ119899119894 + 119908119890119894119892ℎ119905 (119875119900119903119905 (119867119878119863119868)))) (13)








119891 (119909) = 119872sum119898=1

(120596119898 120601119898 (119909)) + 119887 (14)


min 120595 (120596m 119887 120585 119889) = 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumiminus1

120585i (15)

st yi119872summ=1


119889119898 = 1 119889119898 ge 0120585119894 ge 0

(16)


min119889ge0

119869 (119889) 119872sum119898=1

119889119898 = 1 (17)

st min120596119898119887120585

= 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

119899sumiminus1

120585iyi

119872summ=1


(18)


119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumi=1

120585i+ msum

i=1120572i (1 minus 120585119894 minus yi

119872summ=1

120596119898 sdot 120593m (119909119894) + yi119887)

+ nsumi=1]119894120585119894

(19)



max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119909119894 119909119895) + 119899sum

119894=1

120572119894 (20)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119909119894 119909119895) = 119872sum

119898=1

119889119898119896119898 (119909119894 119909119895) (21)


119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119909119894 119909119895) + 119887 (22)






(23)


1198781 = 119899sumi=1



(24)


1198782 = 119899sum119894=1



(25)


max119909119894119895isin119865

120572119872 +min119909119894119895isin119865

120573119878

min 120595 (120596m 119887 120585 119889 119908) = 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumiminus1

120585i(26)

st yi119872sum119898=1


119889119898 = 1 119889119898 ge 0120585119894 ge 0119872 lt 1205901119878 gt 1205901

(27)





max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119908119909119894 119908119909119895) + 119899sum

119894=1

120572119894 (28)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119908119909119894 119908119909119895) = 119872sum

119898=1

119889119898119896119898 (119908119909119894 119908119909119895)(29)


119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119908119909119894 119908119909119895) + 119887 (30)



1199051 lt 1003816100381610038161003816119872119894+1 minus 1198721198941003816100381610038161003816 lt 1199052



(31)




(32)




(33)

1205971198781205971199081= 2[1199081(

1198991sum119894=1

119909211 minus 1198991119906211) + 1199081 (1198992sum119894=1

119909221 minus 1198992119906221)]1205971198781205971199082= 2[1199082(

1198991sum119894=1

119909212 minus 1198991119906212) + 1199082 (1198992sum119894=1

119909222 minus 1198992119906222)]1205971198781205971199083= 2[1199083(

1198991sum119894=1

119909213 minus 1198991119906213) + 1199083 (1198992sum119894=1

119909223 minus 1198992119906223)]1205971198781205971199084= 2[1199084(

1198991sum119894=1

119909214 minus 1198991119906214) + 1199084 (1198992sum119894=1

119909224 minus 1198992119906224)]1205971198781205971199085= 2[1199085(

1198991sum119894=1

119909215 minus 1198991119906215) + 1199085 (1198992sum119894=1

119909225 minus 1198992119906225)]

(34)





ascent


descent






End M-SMKL Training



ascent


descent







No No

Yes Yes




(35)



















119863119877 = 119879119873119879119873 + 119865119873119865119877 = 119865119875119879119875 + 119865119875119864119877 = 119865119873 + 119865119875119879119875 + 119865119875 + 119879119873 + 119865119873

(36)



0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The A

CD fe

atur

e val

ue



0 50 100 150 200 250 300time (s)

0

5000

10000

15000

The I

BF fe

atur

e val

ue





0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The F

FV fe

atur

e val

ue



time (s)0 987654321 10

0

10

20

30

40

50

60

The A

CD fe

atur

e val

ue







time (s)0 987654321 10

0

10

20

30

40

50

60

The F

FV fe

atur

e val

ue



0

2000

4000

6000

8000

10000

12000

14000

16000

The M

FF fe

atur

e val

ue


0 50 100 150 200 250 300time (s)





0

05

1

15

2

25

The H

IAD

feat

ure v

alue


0 50 100 150 200 250 300time (s)

times104







06-07 40-5030-4020-3015-2010-1509-1108-0907-08


075

08

085

09

095

1

The v

alue

of D

R



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R




06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R



075

08

085

09

095

1

The v

alue

of D

R








01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia




max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119909119894 119909119895) + 119899sum

119894=1

120572119894 (20)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119909119894 119909119895) = 119872sum

119898=1

119889119898119896119898 (119909119894 119909119895) (21)


119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119909119894 119909119895) + 119887 (22)






(23)


1198781 = 119899sumi=1



(24)


1198782 = 119899sum119894=1



(25)


max119909119894119895isin119865

120572119872 +min119909119894119895isin119865

120573119878

min 120595 (120596m 119887 120585 119889 119908) = 12119872sum119898minus1

11198891198981003817100381710038171003817120596m

10038171003817100381710038172Hm+ C

nsumiminus1

120585i(26)

st yi119872sum119898=1


119889119898 = 1 119889119898 ge 0120585119894 ge 0119872 lt 1205901119878 gt 1205901

(27)





max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119908119909119894 119908119909119895) + 119899sum

119894=1

120572119894 (28)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119908119909119894 119908119909119895) = 119872sum

119898=1

119889119898119896119898 (119908119909119894 119908119909119895)(29)


119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119908119909119894 119908119909119895) + 119887 (30)



1199051 lt 1003816100381610038161003816119872119894+1 minus 1198721198941003816100381610038161003816 lt 1199052



(31)




(32)




(33)

1205971198781205971199081= 2[1199081(

1198991sum119894=1

119909211 minus 1198991119906211) + 1199081 (1198992sum119894=1

119909221 minus 1198992119906221)]1205971198781205971199082= 2[1199082(

1198991sum119894=1

119909212 minus 1198991119906212) + 1199082 (1198992sum119894=1

119909222 minus 1198992119906222)]1205971198781205971199083= 2[1199083(

1198991sum119894=1

119909213 minus 1198991119906213) + 1199083 (1198992sum119894=1

119909223 minus 1198992119906223)]1205971198781205971199084= 2[1199084(

1198991sum119894=1

119909214 minus 1198991119906214) + 1199084 (1198992sum119894=1

119909224 minus 1198992119906224)]1205971198781205971199085= 2[1199085(

1198991sum119894=1

119909215 minus 1198991119906215) + 1199085 (1198992sum119894=1

119909225 minus 1198992119906225)]

(34)





ascent


descent






End M-SMKL Training



ascent


descent







No No

Yes Yes




(35)



















119863119877 = 119879119873119879119873 + 119865119873119865119877 = 119865119875119879119875 + 119865119875119864119877 = 119865119873 + 119865119875119879119875 + 119865119875 + 119879119873 + 119865119873

(36)



0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The A

CD fe

atur

e val

ue



0 50 100 150 200 250 300time (s)

0

5000

10000

15000

The I

BF fe

atur

e val

ue





0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The F

FV fe

atur

e val

ue



time (s)0 987654321 10

0

10

20

30

40

50

60

The A

CD fe

atur

e val

ue







time (s)0 987654321 10

0

10

20

30

40

50

60

The F

FV fe

atur

e val

ue



0

2000

4000

6000

8000

10000

12000

14000

16000

The M

FF fe

atur

e val

ue


0 50 100 150 200 250 300time (s)





0

05

1

15

2

25

The H

IAD

feat

ure v

alue


0 50 100 150 200 250 300time (s)

times104







06-07 40-5030-4020-3015-2010-1509-1108-0907-08


075

08

085

09

095

1

The v

alue

of D

R



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R




06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R



075

08

085

09

095

1

The v

alue

of D

R








01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia




max 119876 (120572) = minus12119898sum

ij=1120572119894120572119895119910119894119910119895119870119889 (119908119909119894 119908119909119895) + 119899sum

119894=1

120572119894 (28)

st 119899sumi120572119894119910119894 = 0

119862 ge 120572119894 ge 0119870119889 (119908119909119894 119908119909119895) = 119872sum

119898=1

119889119898119896119898 (119908119909119894 119908119909119895)(29)


119891 (119909) = 119899sum119894=1

120572lowast119894 119910119894119872sum119898=1

119889119898119870119889 (119908119909119894 119908119909119895) + 119887 (30)



1199051 lt 1003816100381610038161003816119872119894+1 minus 1198721198941003816100381610038161003816 lt 1199052



(31)




(32)




(33)

1205971198781205971199081= 2[1199081(

1198991sum119894=1

119909211 minus 1198991119906211) + 1199081 (1198992sum119894=1

119909221 minus 1198992119906221)]1205971198781205971199082= 2[1199082(

1198991sum119894=1

119909212 minus 1198991119906212) + 1199082 (1198992sum119894=1

119909222 minus 1198992119906222)]1205971198781205971199083= 2[1199083(

1198991sum119894=1

119909213 minus 1198991119906213) + 1199083 (1198992sum119894=1

119909223 minus 1198992119906223)]1205971198781205971199084= 2[1199084(

1198991sum119894=1

119909214 minus 1198991119906214) + 1199084 (1198992sum119894=1

119909224 minus 1198992119906224)]1205971198781205971199085= 2[1199085(

1198991sum119894=1

119909215 minus 1198991119906215) + 1199085 (1198992sum119894=1

119909225 minus 1198992119906225)]

(34)





ascent


descent






End M-SMKL Training



ascent


descent







No No

Yes Yes




(35)



















119863119877 = 119879119873119879119873 + 119865119873119865119877 = 119865119875119879119875 + 119865119875119864119877 = 119865119873 + 119865119875119879119875 + 119865119875 + 119879119873 + 119865119873

(36)



0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The A

CD fe

atur

e val

ue



0 50 100 150 200 250 300time (s)

0

5000

10000

15000

The I

BF fe

atur

e val

ue





0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The F

FV fe

atur

e val

ue



time (s)0 987654321 10

0

10

20

30

40

50

60

The A

CD fe

atur

e val

ue







time (s)0 987654321 10

0

10

20

30

40

50

60

The F

FV fe

atur

e val

ue



0

2000

4000

6000

8000

10000

12000

14000

16000

The M

FF fe

atur

e val

ue


0 50 100 150 200 250 300time (s)





0

05

1

15

2

25

The H

IAD

feat

ure v

alue


0 50 100 150 200 250 300time (s)

times104







06-07 40-5030-4020-3015-2010-1509-1108-0907-08


075

08

085

09

095

1

The v

alue

of D

R



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R




06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R



075

08

085

09

095

1

The v

alue

of D

R








01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia





ascent


descent






End M-SMKL Training



ascent


descent







No No

Yes Yes




(35)



















119863119877 = 119879119873119879119873 + 119865119873119865119877 = 119865119875119879119875 + 119865119875119864119877 = 119865119873 + 119865119875119879119875 + 119865119875 + 119879119873 + 119865119873

(36)



0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The A

CD fe

atur

e val

ue



0 50 100 150 200 250 300time (s)

0

5000

10000

15000

The I

BF fe

atur

e val

ue





0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The F

FV fe

atur

e val

ue



time (s)0 987654321 10

0

10

20

30

40

50

60

The A

CD fe

atur

e val

ue







time (s)0 987654321 10

0

10

20

30

40

50

60

The F

FV fe

atur

e val

ue



0

2000

4000

6000

8000

10000

12000

14000

16000

The M

FF fe

atur

e val

ue


0 50 100 150 200 250 300time (s)





0

05

1

15

2

25

The H

IAD

feat

ure v

alue


0 50 100 150 200 250 300time (s)

times104







06-07 40-5030-4020-3015-2010-1509-1108-0907-08


075

08

085

09

095

1

The v

alue

of D

R



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R




06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R



075

08

085

09

095

1

The v

alue

of D

R








01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia
















119863119877 = 119879119873119879119873 + 119865119873119865119877 = 119865119875119879119875 + 119865119875119864119877 = 119865119873 + 119865119875119879119875 + 119865119875 + 119879119873 + 119865119873

(36)



0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The A

CD fe

atur

e val

ue



0 50 100 150 200 250 300time (s)

0

5000

10000

15000

The I

BF fe

atur

e val

ue





0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The F

FV fe

atur

e val

ue



time (s)0 987654321 10

0

10

20

30

40

50

60

The A

CD fe

atur

e val

ue







time (s)0 987654321 10

0

10

20

30

40

50

60

The F

FV fe

atur

e val

ue



0

2000

4000

6000

8000

10000

12000

14000

16000

The M

FF fe

atur

e val

ue


0 50 100 150 200 250 300time (s)





0

05

1

15

2

25

The H

IAD

feat

ure v

alue


0 50 100 150 200 250 300time (s)

times104







06-07 40-5030-4020-3015-2010-1509-1108-0907-08


075

08

085

09

095

1

The v

alue

of D

R



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R




06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R



075

08

085

09

095

1

The v

alue

of D

R








01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia



0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The A

CD fe

atur

e val

ue



0 50 100 150 200 250 300time (s)

0

5000

10000

15000

The I

BF fe

atur

e val

ue





0 50 100 150 200 250 300time (s)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

The F

FV fe

atur

e val

ue



time (s)0 987654321 10

0

10

20

30

40

50

60

The A

CD fe

atur

e val

ue







time (s)0 987654321 10

0

10

20

30

40

50

60

The F

FV fe

atur

e val

ue



0

2000

4000

6000

8000

10000

12000

14000

16000

The M

FF fe

atur

e val

ue


0 50 100 150 200 250 300time (s)





0

05

1

15

2

25

The H

IAD

feat

ure v

alue


0 50 100 150 200 250 300time (s)

times104







06-07 40-5030-4020-3015-2010-1509-1108-0907-08


075

08

085

09

095

1

The v

alue

of D

R



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R




06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R



075

08

085

09

095

1

The v

alue

of D

R








01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia



time (s)0 987654321 10

0

10

20

30

40

50

60

The F

FV fe

atur

e val

ue



0

2000

4000

6000

8000

10000

12000

14000

16000

The M

FF fe

atur

e val

ue


0 50 100 150 200 250 300time (s)





0

05

1

15

2

25

The H

IAD

feat

ure v

alue


0 50 100 150 200 250 300time (s)

times104







06-07 40-5030-4020-3015-2010-1509-1108-0907-08


075

08

085

09

095

1

The v

alue

of D

R



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R




06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R



075

08

085

09

095

1

The v

alue

of D

R








01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


075

08

085

09

095

1

The v

alue

of D

R



06-07 40-5030-4020-3015-2010-1509-1108-0907-08


01

015

02

025

03

035

The v

alue

of E

R




06-07 40-5030-4020-3015-2010-1509-1108-0907-08


0

01

02

03

04

05

06

07

08

The v

alue

of F

R



075

08

085

09

095

1

The v

alue

of D

R








01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia




01

015

02

025

03

035

The v

alue

of E

R



0

01

02

03

04

05

06

07

08

The v

alue

of F

R






075

08

085

09

095

1

The v

alue

of D

R


10-15 50-5545-5040-4535-4030-3525-3020-2515-20



012

014

016

018

02

022

024

026

028

03

032

The v

alue

of E

R



10-15 50-5545-5040-4535-4030-3525-3020-2515-20



6 Conclusion



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia



Table1Com

paris

onresults

offour

algorithm

sfor

scalingattack

flowandno

rmalflo

w

Thev

alue

ofther

ando

mmultip

lier

06ndash

07

07ndash08

08ndash09

09ndash

1110

ndash15

15ndash20

20ndash

30

30ndash

40

40ndash

50

ADADM

metho

dDR(

)7857

7857

7857

7857

7821

7821

7821

7821

7857

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1222

1222

1222

1222

1242

1242

1242

1242

1222

SimpleM

KLmetho

dDR(

)7643

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1344

1344

1344

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7750

7750

7786

7786

7679

7750

7786

7679

7786

FR(

)001

001

001

001

001

001

001

001

001

ER(

)1283

1283

1263

1263

1324

1283

1263

1324

1263


metho

dDR(

)9821

9785

9821

9785

9821

9821

9821

9785

9821

FR(

)7429

7476

7429

7476

7571

7429

7429

7429

7238

ER(

)3292

3333

3292

3333

3354

3292

3292

3313

3211


Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia



Table2Com

paris

onresults

offour

algorithm

sfor

narrow

ingthea

ttack

flow

Thev

alue

ofther

ando

mmultip

lier

01ndash02

02ndash03

03ndash04

04ndash

05

05ndash06

06ndash

07

07ndash08

08ndash

09

09ndash

10

ADADM

metho

dDR(

)7821

7821

7821

7857

7857

7857

7857

7857

7857

FR(

)1099

142

001

001

001

001

001

001

001

ER(

)1715

1304

1242

1222

1222

1222

1222

1222

1222

SimpleM

KLmetho

dDR(

)7571

7643

7643

7643

7643

7643

7643

7643

7643

FR(

)2275

474

142

001

001

001

001

001

001

ER(

)2363

1548

1405

1344

1344

1344

1344

1344

1344

SVM

metho

dDR(

)7607

7714

7750

7786

7750

7786

7786

7750

7786

FR(

)2275

474

142

047

001

001

001

001

001

ER(

)2342

1507

1344

1283

1283

1263

1263

1283

1263


metho

dDR()

9713

9785

9857

9821

9857

9857

9821

9821

9785

FR(

)7429

7429

7429

7429

7429

7429

7429

7429

7429

ER(

)3354

3313

3272

3292

3272

3272

3292

3292

3313


Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia



Table3Com

paris

onresults

offour

algorithm

sfor

amplify

ingthen

ormalflo

w

Thev

alue

ofrand

ommultip

lier

10ndash15

15ndash20

20ndash

25

25ndash30

30ndash

35

35ndash40

40ndash

45

45ndash50

50ndash

55

ADADM

metho

dDR(

)7893

7893

7893

7893

7893

7893

7893

7893

7893

FR(

)001

001

001

047

142

190

474

664

1043

ER(

)1202

1202

1202

1222

1263

1283

1405

1487

1650

SimpleM

KLmetho

dDR(

)7714

7714

7714

7714

7714

7714

7714

7714

7714

FR(

)001

001

047

142

427

664

1090

1706

2180

ER(

)1304

1304

1324

1365

1487

1589

1772

2037

2240

SVM

metho

dDR(

)7786

7786

7786

7786

7786

7786

7786

7786

7786

FR(

)001

001

095

142

379

806

1185

1801

2275

ER(

)1263

1263

1304

1324

1426

1609

1772

2037

2240


metho

dDR(

)9749

9713

9713

9713

9677

9677

9677

9677

9677

FR(

)6524

6524

6619

6667

6667

6667

6714

6714

6762

ER(

)2947

2967

3008

3028

3049

3049

3069

3069

3090


0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia



0

01

02

03

04

05

06

07

The v

alue

of F

R






Data Availability




Acknowledgments


References


























































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia











































RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia











RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia




RoboticsJournal of




VLSI Design



Shock and Vibration







Journal of



Volume 2018



Volume 2018


Journal of




SensorsJournal of



RotatingMachinery





Propagation






Hindawi


Advances in

Multimedia


Documents

Adaptive DDoS Attack Detection Method Based on …downloads.hindawi.com/journals/scn/2018/5198685.pdfthe eld of security []. e method of constructing an attack detection model using