Presentation is loading. Please wait.

Presentation is loading. Please wait.

Multiwavelets for Quantitative Pattern Matching Bruce Kessler Western Kentucky University Hawaiian International Conference on System Sciences Decision.

Published byἈγαυή Ανδρεάδης Modified over 6 years ago

Similar presentations

Presentation on theme: "Multiwavelets for Quantitative Pattern Matching Bruce Kessler Western Kentucky University Hawaiian International Conference on System Sciences Decision."— Presentation transcript:

1 Multiwavelets for Quantitative Pattern Matching Bruce Kessler Western Kentucky University Hawaiian International Conference on System Sciences Decision Technologies and Service Sciences Track Cyber Security and Information Sciences Research Mini-track January 6, 2009

2 Wavelet Basics Wavelets are signal processing and analysis tools, analogous to trigonometric polynomials in the Fourier transform. • Wavelet bases are local, with coefficients representing different translates of the basis. Thus, coefficients reflect not just if a feature occurs, but give some idea of where a feature occurs. • Wavelet transforms ignore polynomial components of the signal up to the approximation order of the basis. • There are a wide selection of wavelet bases that can be used, depending on the needs or application of the user. • Wavelet spaces are nested by dilation, so we get a multi-resolution analysis of our signal. • Multiwavelets can be simultaneously orthogonal (quick decompositions) and have symmetry properties.

3 Example with r = 1 (Haar)

4 Example with r = 1

5 orthogonal to integer translates
What is approximation order? If a scaling vector  has approximation order k, then all of the spaces Vj generated by  will contain polynomials of degree k – 1. Approximation order 1 basis – just showed it to you. Approximation order 2 bases (Hardin, Geronimo, Massopust) orthogonal to integer translates

6 Another approximation order 2 basis (Daubechies)
Also orthogonal to its integer translates, but not when restricted to a shorter interval with integer endpoints. Approximation order 3 bases (Donovan, Hardin, Massopust)

7 Approximation order 4 bases (DHM)

8 Approximation order 4 bases (with one derivative, K.)

9 When to use (multi)wavelets – Quantitative data.
• Usage noise. Wavelet decompositions ignore signal components up to the polynomial approximation order of the basis, so a wavelet analysis to look for patterns over the top of background noise. • Random noise. Gaussian noise appears as wavelet coefficients that are very close to 0, so they have little effect (and can be threshholded out if we desire). • Non-sparse data. Multiwavelets allow us to build boundary basis functions, allowing us to ignore data outside our analysis window.

10 When not to use (multi)wavelets
• Text searches. There is no advantage to using wavelets to look for character strings. b 2f 9a a /.2... !..1..E. af f5 b f6 c0 a e (.....H. 0020 cf a bc e3 a1 1b 83 eb 15 b by.Cyb erSchmUck 0030 ff ff ce b f f GE T /video c f 64 6f d 2d play?doc id=-1293 f 31 2e 31 0d 0a HTTP/1.1 ..Accept a 20 2a 2f 2a 0d 0a d 4c 61 : */*..A ccept-La e a e 2d d 0a 55 nguage: en-us..U d a d 0a A-CPU: x 86..Acce 00a d 45 6e 63 6f e 67 3a a 69 pt-Encod ing: gzi 00b c c d 0a p, defla te..User 00c0 2d e 74 3a 20 4d 6f 7a 69 6c 6c 61 2f -Agent: Mozilla/ 00d e f 6d c 65 3b (com patible; 00e d e 30 3b e 64 6f MSIE 7. 0; Windo 00f e e 31 3b 20 2e 4e ws NT 5. 1; .NET c e 31 2e b 20 2e 4e CLR ; .N c e 30 2e ET CLR b 20 2e 4e c e 30 2e 30 ; .NET C LR 3.0.0 e b 20 2e 4e c ; .NET CL • Discrete state changes. Again, no advantage when the data is not changed by volume of traffic – only when quantifying amounts.

11 How do we find patterns using multiwavelets?
1) Generate a wavelet decomposition of your pattern using a particular scaling vector and the associated multiwavelet. 2) Generate a wavelet decomposition of the first block of data in your signal, and compare to the target decomp-osition, using the root mean-square error

12 Wavelet decomposition is found for this signature.
Example • Attack packets have been identified by an analyst, and plotted (time stamp rounded to some level of accuracy vs. accumulated number or number of bytes of packets). bytes Wavelet decomposition is found for this signature. time

13 Attack started at 49.381 sec. RMSE ≈ 0.0947
Example • Wavelet decompositions of data blocks occurring over the same length of time are done from a suspect IP, sliding over the data, and a RMSE of the current data and the target decomposition. Attack started at sec. RMSE ≈ Attack started at sec. RMSE ≈

14 E-mail: bruce.kessler@wku.edu
Acknowledgements This work supported in part by the NACMAST consortium under contract EWAGSI-07-SC-0003. Contact Information Web: “That’s all I’ve got say about that.” – Forrest Gump Questions?

Download ppt "Multiwavelets for Quantitative Pattern Matching Bruce Kessler Western Kentucky University Hawaiian International Conference on System Sciences Decision."

Similar presentations

Window Fourier and wavelet transforms. Properties and applications of the wavelets. A.S. Yakovlev.

Window Fourier and wavelet transforms. Properties and applications of the wavelets. A.S. Yakovlev.
A Theory For Multiresolution Signal Decomposition: The Wavelet Representation Stephane Mallat, IEEE Transactions on Pattern Analysis and Machine Intelligence,

A Theory For Multiresolution Signal Decomposition: The Wavelet Representation Stephane Mallat, IEEE Transactions on Pattern Analysis and Machine Intelligence,
Chapter 11 Signal Processing with Wavelets. Objectives Define and illustrate the difference between a stationary and non-stationary signal. Describe the.

Chapter 11 Signal Processing with Wavelets. Objectives Define and illustrate the difference between a stationary and non-stationary signal. Describe the.
A first look Ref: Walker (Ch.2) Jyun-Ming Chen, Spring 2001

A first look Ref: Walker (Ch.2) Jyun-Ming Chen, Spring 2001
Wavelets Fast Multiresolution Image Querying Jacobs et.al. SIGGRAPH95.

Wavelets Fast Multiresolution Image Querying Jacobs et.al. SIGGRAPH95.
Color Imaging 2004 1 Analysis of Spatio-chromatic Decorrelation for Colour Image Reconstruction Mark S. Drew and Steven Bergner

Color Imaging Analysis of Spatio-chromatic Decorrelation for Colour Image Reconstruction Mark S. Drew and Steven Bergner
Transform Techniques Mark Stamp Transform Techniques.

Transform Techniques Mark Stamp Transform Techniques.
Applications in Signal and Image Processing

Applications in Signal and Image Processing
Extensions of wavelets

Extensions of wavelets
Forward-Backward Correlation for Template-Based Tracking Xiao Wang ECE Dept. Clemson University.

Forward-Backward Correlation for Template-Based Tracking Xiao Wang ECE Dept. Clemson University.
0 - 1 © 2007 Texas Instruments Inc, Content developed in partnership with Tel-Aviv University From MATLAB ® and Simulink ® to Real Time with TI DSPs Wavelet.

0 - 1 © 2007 Texas Instruments Inc, Content developed in partnership with Tel-Aviv University From MATLAB ® and Simulink ® to Real Time with TI DSPs Wavelet.
Wavelets and Multi-resolution Processing

Wavelets and Multi-resolution Processing
Chapter 7 Wavelets and Multi-resolution Processing.

Chapter 7 Wavelets and Multi-resolution Processing.
Paul Heckbert Computer Science Department Carnegie Mellon University

Paul Heckbert Computer Science Department Carnegie Mellon University
Wavelet Transform. What Are Wavelets? In general, a family of representations using: hierarchical (nested) basis functions finite (“compact”) support.

Wavelet Transform. What Are Wavelets? In general, a family of representations using: hierarchical (nested) basis functions finite (“compact”) support.
Basic Concepts and Definitions Vector and Function Space. A finite or an infinite dimensional linear vector/function space described with set of non-unique.

Basic Concepts and Definitions Vector and Function Space. A finite or an infinite dimensional linear vector/function space described with set of non-unique.
Multi-Resolution Analysis (MRA)

Multi-Resolution Analysis (MRA)
Introduction to Wavelets

Introduction to Wavelets
1 Wavelets Examples 王隆仁. 2 Contents o Introduction o Haar Wavelets o General Order B-Spline Wavelets o Linear B-Spline Wavelets o Quadratic B-Spline Wavelets.

1 Wavelets Examples 王隆仁. 2 Contents o Introduction o Haar Wavelets o General Order B-Spline Wavelets o Linear B-Spline Wavelets o Quadratic B-Spline Wavelets.
Introduction to Wavelets -part 2

Introduction to Wavelets -part 2

Similar presentations

Ads by Google