scholarly journals A Multi-Stage Detection Technique for DNS-Tunneled Botnets

10.29007/c4wj ◽  
2019 ◽  
Author(s):  
Tirthankar Ghosh ◽  
Eman El-Sheikh ◽  
Wasseem Jammal
Keyword(s):  
Network Protocols ◽  
Detection Methods ◽  
Service Network ◽  
Signature Matching ◽  
Multi Stage ◽  
Detection Approach ◽  
Matching Technique ◽  
Fast Flux ◽  
Security Monitor ◽  
Domain Name Service

Botnet communications are obfuscated within legitimate network protocols to avoid detection and remediation. Domain Name Service (DNS) is a protocol of choice to hide communication with Command & Control (C&C) servers, where botmasters tunnel these communications within DNS request and response. Since botnet communications are characterized by different features, botmasters may evade detection methods by modifying some of these features. This paper proposes a multi-staged detection approach for Domain Generation Algorithm (DGA) using domain fluxing, Fast Flux Service Network (FFSN), and encrypted DNS tunneled-based botnets using BRO Network Security Monitor. This approach is able to detect DNS-tunneled botnet communications by analyzing different techniques used to find C&C servers, and also using signature matching technique to detect DNS-tunneled SSH handshake between bots and C&C servers.

scholarly journals Comparison of Novelty Detection Methods for Detection of Various Rotary Machinery Faults

Sensors ◽  
2021 ◽  
Vol 21 (10) ◽  
pp. 3536
Author(s):  
Jakub Górski ◽  
Adam Jabłoński ◽  
Mateusz Heesch ◽  
Michał Dziendzikowski ◽  
Ziemowit Dworakowski
Keyword(s):  
Novelty Detection ◽  
Feature Space ◽  
Detection Methods ◽  
Data Sets ◽  
Similar Distribution ◽  
Detection Algorithms ◽  
Rotary Machinery ◽  
Detection Approach ◽  
Input Reconstruction ◽  
Quantitative Indicators

Condition monitoring is an indispensable element related to the operation of rotating machinery. In this article, the monitoring system for the parallel gearbox was proposed. The novelty detection approach is used to develop the condition assessment support system, which requires data collection for a healthy structure. The measured signals were processed to extract quantitative indicators sensitive to the type of damage occurring in this type of structure. The indicator’s values were used for the development of four different novelty detection algorithms. Presented novelty detection models operate on three principles: feature space distance, probability distribution, and input reconstruction. One of the distance-based models is adaptive, adjusting to new data flowing in the form of a stream. The authors test the developed algorithms on experimental and simulation data with a similar distribution, using the training set consisting mainly of samples generated by the simulator. Presented in the article results demonstrate the effectiveness of the trained models on both data sets.

scholarly journals A FOD Detection Approach on Millimeter-Wave Radar Sensors Based on Optimal VMD and SVDD

Sensors ◽  
2021 ◽  
Vol 21 (3) ◽  
pp. 997
Author(s):  
Jun Zhong ◽  
Xin Gou ◽  
Qin Shu ◽  
Xing Liu ◽  
Qi Zeng
Keyword(s):  
Millimeter Wave ◽  
Detection Methods ◽  
Economic Losses ◽  
Support Vector ◽  
Support Vector Data Description ◽  
Range Resolution ◽  
Radar Sensors ◽  
Detection Approach ◽  
Wave Radar ◽  
Whale Optimization

Foreign object debris (FOD) on airport runways can cause serious accidents and huge economic losses. FOD detection systems based on millimeter-wave (MMW) radar sensors have the advantages of higher range resolution and lower power consumption. However, it is difficult for traditional FOD detection methods to detect and distinguish weak signals of targets from strong ground clutter. To solve this problem, this paper proposes a new FOD detection approach based on optimized variational mode decomposition (VMD) and support vector data description (SVDD). This approach utilizes SVDD as a classifier to distinguish FOD signals from clutter signals. More importantly, the VMD optimized by whale optimization algorithm (WOA) is used to improve the accuracy and stability of the classifier. The results from both the simulation and field case show the excellent FOD detection performance of the proposed VMD-SVDD method.

A noise reduction method for semi-supervised community detection based on harmonic function

2018 ◽  
Vol 32 (14) ◽  
pp. 1850166 ◽  
Author(s):  
Lilin Fan ◽  
Kaiyuan Song ◽  
Dong Liu
Keyword(s):  
Harmonic Function ◽  
Prior Knowledge ◽  
Community Detection ◽  
Detection Methods ◽  
Detection Process ◽  
Knowledge Based ◽  
Detection Approach ◽  
Series Of Experiments ◽  
Novel Strategy ◽  
The Impact

Semi-supervised community detection is an important research topic in the field of complex network, which incorporates prior knowledge and topology to guide the community detection process. However, most of the previous work ignores the impact of the noise from prior knowledge during the community detection process. This paper proposes a novel strategy to identify and remove the noise from prior knowledge based on harmonic function, so as to make use of prior knowledge more efficiently. Finally, this strategy is applied to three state-of-the-art semi-supervised community detection methods. A series of experiments on both real and artificial networks demonstrate that the accuracy of semi-supervised community detection approach can be further improved.

scholarly journals EVALUATION OF SEMANTIC SEGMENTATION METHODS FOR DEFORESTATION DETECTION IN THE AMAZON

2020 ◽  
Vol XLIII-B3-2020 ◽  
pp. 1497-1505
Author(s):  
R. B. Andrade ◽  
G. A. O. P. Costa ◽  
G. L. A. Mota ◽  
M. X. Ortega ◽  
R. Q. Feitosa ◽  
...  
Keyword(s):  
Global Climate ◽  
Biodiversity Loss ◽  
Semantic Segmentation ◽  
Training Sample ◽  
Training Data ◽  
Detection Methods ◽  
Amazon Forest ◽  
Convolutional Network ◽  
Detection Approach ◽  
Segmentation Methods

Abstract. Deforestation is a wide-reaching problem, responsible for serious environmental issues, such as biodiversity loss and global climate change. Containing approximately ten percent of all biomass on the planet and home to one tenth of the known species, the Amazon biome has faced important deforestation pressure in the last decades. Devising efficient deforestation detection methods is, therefore, key to combat illegal deforestation and to aid in the conception of public policies directed to promote sustainable development in the Amazon. In this work, we implement and evaluate a deforestation detection approach which is based on a Fully Convolutional, Deep Learning (DL) model: the DeepLabv3+. We compare the results obtained with the devised approach to those obtained with previously proposed DL-based methods (Early Fusion and Siamese Convolutional Network) using Landsat OLI-8 images acquired at different dates, covering a region of the Amazon forest. In order to evaluate the sensitivity of the methods to the amount of training data, we also evaluate them using varying training sample set sizes. The results show that all tested variants of the proposed method significantly outperform the other DL-based methods in terms of overall accuracy and F1-score. The gains in performance were even more substantial when limited amounts of samples were used in training the evaluated methods.

scholarly journals Fast Flux Service Network Detection via Data Mining on Passive DNS Traffic

2018 ◽  
pp. 463-480 ◽  
Author(s):  
Pierangelo Lombardo ◽  
Salvatore Saeli ◽  
Federica Bisio ◽  
Davide Bernardi ◽  
Danilo Massa
Keyword(s):  
Data Mining ◽  
Service Network ◽  
Fast Flux

scholarly journals Vegetation Detection Using Deep Learning and Conventional Methods

2020 ◽  
Vol 12 (15) ◽  
pp. 2502 ◽  
Author(s):  
Bulent Ayhan ◽  
Chiman Kwan ◽  
Bence Budavari ◽  
Liyun Kwan ◽  
Yan Lu ◽  
...  
Keyword(s):  
Deep Learning ◽  
Autonomous Navigation ◽  
Vegetation Index ◽  
Color Images ◽  
Detection Methods ◽  
Growth Monitoring ◽  
Learning Methods ◽  
Object Based ◽  
Detection Approach ◽  
Conventional Methods

Land cover classification with the focus on chlorophyll-rich vegetation detection plays an important role in urban growth monitoring and planning, autonomous navigation, drone mapping, biodiversity conservation, etc. Conventional approaches usually apply the normalized difference vegetation index (NDVI) for vegetation detection. In this paper, we investigate the performance of deep learning and conventional methods for vegetation detection. Two deep learning methods, DeepLabV3+ and our customized convolutional neural network (CNN) were evaluated with respect to their detection performance when training and testing datasets originated from different geographical sites with different image resolutions. A novel object-based vegetation detection approach, which utilizes NDVI, computer vision, and machine learning (ML) techniques, is also proposed. The vegetation detection methods were applied to high-resolution airborne color images which consist of RGB and near-infrared (NIR) bands. RGB color images alone were also used with the two deep learning methods to examine their detection performances without the NIR band. The detection performances of the deep learning methods with respect to the object-based detection approach are discussed and sample images from the datasets are used for demonstrations.

Using Local Edge Pattern Descriptors for Edge Detection

2017 ◽  
Vol 32 (03) ◽  
pp. 1850006 ◽  
Author(s):  
Yu Wang ◽  
Na Zhang ◽  
Huaixin Yan ◽  
Min Zuo ◽  
Cuiling Liu
Keyword(s):  
Edge Detection ◽  
Vital Role ◽  
Detection Methods ◽  
Weighted Fusion ◽  
Edge Strength ◽  
Detection Approach ◽  
Segmentation Pattern ◽  
Edge Detection Method ◽  
Local Edge ◽  
Edge Pattern

Edge detection is an active and critical topic in the field of image processing, and plays a vital role for some important applications such as image segmentation, pattern classification, object tracking, etc. In this paper, an edge detection approach is proposed using local edge pattern descriptor which possesses multiscale and multiresolution property, and is named varied local edge pattern (VLEP) descriptor. This method contains the following steps: firstly, Gaussian filter is used to smooth the original image. Secondly, the edge strength values, which are used to calculate the edge gradient values and can be obtained by one or more groups of VLEPs. Then, weighted fusion idea is considered when multiple groups of VLEP descriptors are used. Finally, the appropriate threshold is set to perform binarization processing on the gradient version of the image. Experimental results show that the proposed edge detection method achieved better performance than other state-of-the-art edge detection methods.

scholarly journals Humanrecognition Using ‘Pso-Ofa’ In Low Resolution Videos

2021 ◽  
Vol 12 (11) ◽  
pp. 697-703
Author(s):  
K.Ranga Narayana, Et. al.
Keyword(s):  
Optical Flow ◽  
Moving Objects ◽  
Previous Method ◽  
Video Data ◽  
Detection Methods ◽  
Support Vector ◽  
Low Resolution ◽  
Swarm Optimization ◽  
Detection Approach ◽  
Novel Method

In present scenario, tracking of target in videos with low resolution is most important task.  The problem aroused due to lack of discriminatory data that have low visual visibility of the moving objects. However, earlier detection methods often extract explanations around fascinating points of space or exclude mathematical features in moving regions, resulting in limited capabilities to detect better video functions. To overcome the above problem, in this paper a novel method which recognizes a person from low resolution videos is proposed. A Three step process is implemented in which during the first step, the video data acquired from a low-resolution video i.e. from three different datasets. The acquired video is divided into frames and converted into gray scale from RGB. Secondly, background subtraction is performed using LBP and thereafter Histogram of Optical Flow (HOF) descriptors is extracted from optical flow images for motion estimation. In the third step, the eigen features are extracted and optimized using particle swarm optimization (PSO) model to eliminate redundant information and obtain optimized features from the video which is being processed. Finally to find a person from low resolution videos, the features are classified by Support Vector Machine (SVM) and parameters are evaluated. Experimental results are performed on VIRAT, Soccer and KTH datasets and demonstrated that the proposed detection approach is superior to the previous method

Webshell detection with byte-level features based on deep learning

2021 ◽  
Vol 40 (1) ◽  
pp. 1585-1596
Author(s):  
Xiao Zhongzheng ◽  
Nurbol Luktarhan
Keyword(s):  
Deep Learning ◽  
Web Applications ◽  
Detection Efficiency ◽  
Source Code ◽  
Detection Methods ◽  
Web Page ◽  
Matching Method ◽  
Network Intrusion ◽  
Signature Matching ◽  
And Control

A webshell is a common tool for network intrusion. It has the characteristics of considerable threat and good concealment. An attacker obtains the management authority of web services through the webshell to penetrate and control web applications smoothly. Because webshell and common web page features are almost identical, it can evade detection by traditional firewalls and anti-virus software. Moreover, with the application of various anti-detection feature hiding techniques to the webshell, it is difficult to detect new patterns in time based on the traditional signature matching method. Webshell detection has been proposed based on deep learning. First, a dataset is opcoded, and the source code and opcode code features are fused. Second, the processed dataset is reduced using the SRNN and an attention mechanism, and the capsule network improves complete predictions for unknown pages. Experiments prove that the algorithm has higher detection efficiency and accuracy than traditional webshell detection methods, and it can also detect new types of webshell with a certain probability.

Sign in / Sign up

Export Citation Format

Share Document