diff --git a/DSD/journal/additions.md b/DSD/journal/additions.md index d6a7798..f931246 100644 --- a/DSD/journal/additions.md +++ b/DSD/journal/additions.md @@ -1,11 +1,37 @@ -vim:ft=markdown +# Miscelaneous -= Changes +For ACM, the title should not be the same as for the conference paper. -== Multi-shot Classification + + +# Explanation Additions + +These are futher explanations of concepts that were only superficially presentedin the original paper. + +## Multi-shot Classification The system is designed to get the most out of one-shot training data. We explain in the discussion that there is a natural extension to multi-shot training data. However we don't provide much more explanation nor an evaluation of the performances. --> Explain in details how the algorithm work with multiple training samples per class. Explain that this is a competitive system where samples of the same class compete against each other but play for the same team. There may be a change to make on the computation of the threshold that should only consider distances between different classes (min of distance between two samples of different classes, this has a specific name in hierarchical clustering design). -Provide an evaluation in the case where a pattern can have multiple modes. +* Explain in details how the algorithm work with multiple training samples per class. Explain that this is a competitive system where samples of the same class compete against each other but play for the same team. There may be a change to make on the computation of the threshold that should only consider distances between different classes (min of distance between two samples of different classes, this has a specific name in hierarchical clustering design). +* Provide an evaluation in the case where a pattern can have multiple modes. +## Time Efficiency & Parallelisation +In the discussion we say that the time efficiency of MAD, while not being properly evaluated, is good enougth to not be prohibitive. However this is a very hand-waving argument and a proper evaluation would be more convincing. We also say that the algorithm can be naturally paralelized. This is true but we do not provide more explanation. +* Do a proper time efficiency evaluation of the algorithm. This might be tricky but you took courses about that so figure it out. +* Provide a better explanation of the parallelisation of the algorithm. Provide a pseudo code on the same format as the main pseudo code in the paper, where the // sections are highlighted and explain. If // changes the time efficiency, provide a new evaluation for the // version. + +# Novel Additions + +These are additions that introduces completely new information that was no in the original paper. + +## New Experiment and AC current +The main experiment of the QRS paper (Case Study 2) presented the detection of states for enforcing security rules. +This was great but limited to only one machine with one set of states/rules. +It would be interesting to add a new case study that illustrate the potential with other machines/scenarios. + +* Perform an experiment similar to Case Study 2 but focusing on AC current and non-intrusive measurement of power. + * Equip a tower PC with a power clamp on the AC line and perform the same kind of security policy enforcement. + * This might be tricky because all 8 clamps are in use for the LV experiment. Figure it out... +* Perform a case study on a different device than a computer. It needs to be a machine with possible attacks and enougth different states to be interesting. Possible machines could be: + * WAP if there are more states than ON and OFF. + * Smart TV. Could identify getting into menues, playing of specific ports/peripherals, connection status etc. The policies would be related to usage state and not to attacks.