Generalized Evidential Processing in Multiple Simultaneous Threat Detection in UNIX

In this paper, a hybrid identity fusion model at decision level is proposed for Simultaneous Threat Detection Systems. The hybrid model is comprised of mathematical and statistical data fusion engines; Dempster Shafer, Extended Dempster and Generalized Evidential Processing (GEP). Simultaneous Threat Detection Systems improve threat detection rate by 39%. In terms of efficiency and performance, the comparison of 3 inference engines of the Simultaneous Threat Detection Systems showed that GEP is the better data fusion model. GEP increased precision of threat detection from 56% to 95%. Furthermore, set cover packing was used as a middle tier data fusion tool to discover the reduced size groups of threat data. Set cover provided significant improvement and reduced threat population from 2272 to 295, which helped in minimizing the processing complexity of evidential processing cost and time in determining the combined probability mass of proposed Multiple Simultaneous Threat Detection System. This technique is particularly relevant to on-line and Internet dependent applications including portals.

Download Full-text

A dynamic weighted algorithm for multiple radar fusion in an active protection system

The Journal of Defense Modeling and Simulation Applications Methodology Technology ◽

10.1177/1548512919890928 ◽

2019 ◽

pp. 154851291989092

Author(s):

Jinli Wang ◽

Haiping Song ◽

Riming Chen ◽

Yaning Zhang

Keyword(s):

Detection System ◽

Radar Data ◽

Weighting Factor ◽

Protection System ◽

Threat Detection ◽

Fusion Model ◽

Time Dynamic ◽

Weighted Fusion ◽

Active Protection ◽

Weighted Algorithm

The threat detection system based on short-range radars is an essential part of the active protection system (APS) of armored vehicles. The multi-radar data fusion problem is one of the crucial issues in the APS. Firstly, a general algorithm for multi-radar coordinates transformation is given. Then, based on the weighted fusion model and the trajectory characteristics of targets in the APS, a real-time dynamic weighting factor derivation algorithm is proposed. The algorithm is simulated in a dual-radar threat tracking and ballistic prediction scenario. The results prove the correctness and effectiveness of the algorithm.

Download Full-text

DNA Encoding for Misuse Intrusion Detection System based on UNSW-NB15 Data Set

Iraqi Journal of Science ◽

10.24996/ijs.2020.61.12.29 ◽

2020 ◽

pp. 3408-3416

Author(s):

Omar Fitian Rashid

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Attack Detection ◽

High Rate ◽

Dna Encoding ◽

Data Set ◽

Detection Rates ◽

Detection Systems ◽

Threat Environment

Recent researches showed that DNA encoding and pattern matching can be used for the intrusion-detection system (IDS), with results of high rate of attack detection. The evaluation of these intrusion detection systems is based on datasets that are generated decades ago. However, numerous studies outlined that these datasets neither inclusively reflect the network traffic, nor the modern low footprint attacks, and do not cover the current network threat environment. In this paper, a new DNA encoding for misuse IDS based on UNSW-NB15 dataset is proposed. The proposed system is performed by building a DNA encoding for all values of 49 attributes. Then attack keys (based on attack signatures) are extracted and, finally, Raita algorithm is applied to classify records, either attacks or normal, based on the extracted keys. The results of the current experiment showed that the proposed system achieved good detection rates for all of attacks, which included the Analysis, Backdoor, DoS, Exploits, Fuzzers, Generic, Reconnaissance, Shellcode, and Worms, with values of 82.56%, 92.68%, 75.59%, 75.42%, 67%, 99.28%, 81.02%, 73.6%, 85%, and 90.91%, respectively. The values of false alarm rate and accuracy were equal to 24% and 89.05%, respectively. Also, the execution time for the proposed system was found to be short, where the values of the encoding time and matching time for one record were 0.45 and 0.002 second, respectively.

Download Full-text

DEEP LEARNING: NEW APPROACH FOR DETECTING SCHOLAR EXAMS FRAUD

ISPRS - International Archives of the Photogrammetry, Remote Sensing and Spatial Information Sciences ◽

10.5194/isprs-archives-xlvi-4-w3-2021-103-2022 ◽

2022 ◽

Vol XLVI-4/W3-2021 ◽

pp. 103-107

Author(s):

S. El Kohli ◽

Y. Jannaj ◽

M. Maanan ◽

H. Rhinane

Keyword(s):

Deep Learning ◽

Detection System ◽

Experimental Studies ◽

Validation Data ◽

Data Set ◽

New Approach ◽

Detection Systems ◽

Machine Learning Applications ◽

Worldwide Phenomenon ◽

3D Cnn

Abstract. Cheating in exams is a worldwide phenomenon that hinders efforts to assess the skills and growth of students. With scientific and technological progress, it has become possible to develop detection systems in particular a system to monitor the movements and gestures of the candidates during the exam. Individually or collectively. Deep learning (DL) concepts are widely used to investigate image processing and machine learning applications. Our system is based on the advances in artificial intelligence, particularly 3D Convolutional Neural Network (3D CNN), object detector methods, OpenCV and especially Google Tensor Flow, to provides a real-time optimized Computer Vision. The proposal approach, we provide a detection system able to predict fraud during exams. Using the 3D CNN to generate a model from 7,638 selected images and objects detector to identify prohibited things. These experimental studies provide a detection performance with 95% accuracy of correlation between the training and validation data set.

Download Full-text

Classification of Intrusion using Artificial Neural Network with GWO

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.d7597.049420 ◽

2020 ◽

Vol 9 (4) ◽

pp. 599-606

Keyword(s):

Neural Network ◽

Artificial Neural Network ◽

Intrusion Detection ◽

Detection System ◽

Denial Of Service ◽

Data Set ◽

Detection Systems ◽

Network Intrusion ◽

Network Intrusion Detection Systems ◽

Artificial Neural

In the present milieu of connected world, where security is the major concern, Intrusion Detection System is the prominent area of research to deal with various types of attacks in network. Intrusion detection systems (IDS) finds the dynamic and malicious traffic of network, in accordance to the aspect of network. Various form of IDS has been developed working on distinctive approaches. One popular approach is machine learning in which various algorithms like ANN, SVM etc. have been used. But the most prominent method used is ANN. The performance of the ANN can significantly be improved by combining it with different metaheuristic algorithms. In present work, GWO is used to optimize ANN. For this KDD-99 data-set is used to classify various types of attacks i.e. denial of service (DOS), normal and other form of attack. The present paper provides detailed analysis of the performance of Artificial Neural Network and optimized Artificial Neural Network with GA, PSO and GWO. The research shows that ANN with GWO outperform as compared to others (ANN, ANN with PSO and ANN with GA).

Download Full-text

An Insider Threat Detection Method Based on Business Process Mining

International Journal of Business Data Communications and Networking ◽

10.4018/ijbdcn.2017070107 ◽

2017 ◽

Vol 13 (2) ◽

pp. 83-98 ◽

Cited By ~ 1

Author(s):

Taiming Zhu ◽

Yuanbo Guo ◽

Ankang Ju ◽

Jun Ma ◽

Xuan Wang

Keyword(s):

Business Process ◽

Process Mining ◽

Detection System ◽

Detection Methods ◽

Insider Threat ◽

Threat Detection ◽

Detection Algorithms ◽

Business Cases ◽

Business Process Mining ◽

And Performance

Current intrusion detection systems are mostly for detecting external attacks, but the “Prism Door” and other similar events indicate that internal staff may bring greater harm to organizations in information security. Traditional insider threat detection methods only consider the audit records of personal behavior and failed to combine it with business activities, which may miss the insider threat happened during a business process. The authors consider operators' behavior and correctness and performance of the business activities, propose a business process mining based insider threat detection system. The system firstly establishes the normal profiles of business activities and the operators by mining the business log, and then detects specific anomalies by comparing the content of real-time log with the corresponding normal profile in order to find out the insiders and the threats they have brought. The relating anomalies are defined and the corresponding detection algorithms are presented. The authors have performed experimentation using the ProM framework and Java programming, with five synthetic business cases, and found that the system can effectively identify anomalies of both operators and business activities that may be indicative of potential insider threat.

Download Full-text

Deep Stacking Network for Intrusion Detection

Sensors ◽

10.3390/s22010025 ◽

2021 ◽

Vol 22 (1) ◽

pp. 25

Author(s):

Yifan Tang ◽

Lize Gu ◽

Leiting Wang

Keyword(s):

Intrusion Detection ◽

Decision Tree ◽

Classification Accuracy ◽

Intrusion Detection System ◽

Detection System ◽

Detection Performance ◽

Network Intrusion Detection ◽

Fusion Model ◽

Data Set ◽

Network Intrusion

Preventing network intrusion is the essential requirement of network security. In recent years, people have conducted a lot of research on network intrusion detection systems. However, with the increasing number of advanced threat attacks, traditional intrusion detection mechanisms have defects and it is still indispensable to design a powerful intrusion detection system. This paper researches the NSL-KDD data set and analyzes the latest developments and existing problems in the field of intrusion detection technology. For unbalanced distribution and feature redundancy of the data set used for training, some training samples are under-sampling and feature selection processing. To improve the detection effect, a Deep Stacking Network model is proposed, which combines the classification results of multiple basic classifiers to improve the classification accuracy. In the experiment, we screened and compared the performance of various mainstream classifiers and found that the four models of the decision tree, k-nearest neighbors, deep neural network and random forests have outstanding detection performance and meet the needs of different classification effects. Among them, the classification accuracy of the decision tree reaches 86.1%. The classification effect of the Deeping Stacking Network, a fusion model composed of four classifiers, has been further improved and the accuracy reaches 86.8%. Compared with the intrusion detection system of other research papers, the proposed model effectively improves the detection performance and has made significant improvements in network intrusion detection.

Download Full-text

Research of Automotive Controller Area Network Bus Detection System

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.662.736 ◽

2013 ◽

Vol 662 ◽

pp. 736-739

Author(s):

Hong Wei Cui

Keyword(s):

Data Fusion ◽

Detection Method ◽

Can Bus ◽

Detection System ◽

Fault Analysis ◽

Controller Area Network ◽

Failure Diagnosis ◽

Area Network ◽

Fusion Model ◽

Work Condition

The detection method of automotive controller area network bus is studied in this paper. The composition of detection system is introduced. By analyzing and processing the data of CAN bus and sensors, work condition of automotive is achieved. Multi-pattern data fusion model and algorithm for failure diagnosis is researched. The detection system designed in this paper can be applied to automotive fault analysis, troubleshooting and maintenance.

Download Full-text

Hybrid ModifiedK-Means with C4.5 for Intrusion Detection Systems in Multiagent Systems

The Scientific World JOURNAL ◽

10.1155/2015/294761 ◽

2015 ◽

Vol 2015 ◽

pp. 1-14 ◽

Cited By ~ 12

Author(s):

Wathiq Laftah Al-Yaseen ◽

Zulaiha Ali Othman ◽

Mohd Zakree Ahmad Nazri

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Processing Time ◽

Detection System ◽

Network Size ◽

Intrusion Detection Systems ◽

Data Networks ◽

Detection Accuracy ◽

Detection Systems ◽

And Performance

Presently, the processing time and performance of intrusion detection systems are of great importance due to the increased speed of traffic data networks and a growing number of attacks on networks and computers. Several approaches have been proposed to address this issue, including hybridizing with several algorithms. However, this paper aims at proposing a hybrid of modifiedK-means with C4.5 intrusion detection system in a multiagent system (MAS-IDS). The MAS-IDS consists of three agents, namely, coordinator, analysis, and communication agent. The basic concept underpinning the utilized MAS is dividing the large captured network dataset into a number of subsets and distributing these to a number of agents depending on the data network size and core CPU availability. KDD Cup 1999 dataset is used for evaluation. The proposed hybrid modifiedK-means with C4.5 classification in MAS is developed in JADE platform. The results show that compared to the current methods, the MAS-IDS reduces the IDS processing time by up to 70%, while improving the detection accuracy.

Download Full-text

Angular Resolved Electron Spectroscopy with Parallel Recording

Proceedings, annual meeting, Electron Microscopy Society of America ◽

10.1017/s0424820100135459 ◽

1990 ◽

Vol 48 (2) ◽

pp. 370-371

Author(s):

Huang Min ◽

P.S. Flora ◽

C.J. Harland ◽

J.A. Venables

Keyword(s):

Electron Spectroscopy ◽

Low Voltage ◽

Solid Angle ◽

Detection System ◽

Voltage Electron ◽

Cylindrical Mirror ◽

Inner Radius ◽

Channel Plate ◽

And Performance ◽

Type Detector

A cylindrical mirror analyser (CMA) has been built with a parallel recording detection system. It is being used for angular resolved electron spectroscopy (ARES) within a SEM. The CMA has been optimised for imaging applications; the inner cylinder contains a magnetically focused and scanned, 30kV, SEM electron-optical column. The CMA has a large inner radius (50.8mm) and a large collection solid angle (Ω > 1sterad). An energy resolution (ΔE/E) of 1-2% has been achieved. The design and performance of the combination SEM/CMA instrument has been described previously and the CMA and detector system has been used for low voltage electron spectroscopy. Here we discuss the use of the CMA for ARES and present some preliminary results.The CMA has been designed for an axis-to-ring focus and uses an annular type detector. This detector consists of a channel-plate/YAG/mirror assembly which is optically coupled to either a photomultiplier for spectroscopy or a TV camera for parallel detection.

Download Full-text