WorldWideScience

Sample records for adaptive intrusion data systems

  1. Adaptive intrusion data system (AIDS) software routines

    International Nuclear Information System (INIS)

    An Adaptive Intrusion Data System (AIDS) was developed to collect information from intrusion alarm sensors as part of an evaluation system to improve sensor performance. AIDS is a unique digital data-compression, storage, and formatting system; it also incorporates a capability for video selection and recording for assessment of the sensors monitored by the system. The system is software reprogrammable to numerous configurations that may be used for the collection of environmental, bilevel, analog, and video data. This report describes the software routines that control the different AIDS data-collection modes, the diagnostic programs to test the operating hardware, and the data format. Sample data printouts are also included

  2. Environmental data processor of the adaptive intrusion data system

    Energy Technology Data Exchange (ETDEWEB)

    Rogers, M.S.

    1977-06-01

    A data acquisition system oriented specifically toward collection and processing of various meteorological and environmental parameters has been designed around a National Semiconductor IMP-16 microprocessor, This system, called the Environmental Data Processor (EDP), was developed specifically for use with the Adaptive Intrusion Data System (AIDS) in a perimeter intrusion alarm evaluation, although its design is sufficiently general to permit use elsewhere. This report describes in general detail the design of the EDP and its interaction with other AIDS components.

  3. Memory controlled data processor. [Data collector and formatter for adaptive Intrusion Data System

    Energy Technology Data Exchange (ETDEWEB)

    Johnson, C.S.

    1977-12-01

    The Memory Controlled Data Processor (MCDP) was designed to provide a high-speed multichannel processor and data formater for the Adaptive Intrusion Data System. It can address up to 48 analog data channels, 48 bilevel alarm data channels, and numerous miscellaneous data channels such as weather and time. A digital comparator in the MCDP can make comparisons between the data being processed and threshold limits programed for any channel. The MCDP is software oriented and has its instructions stored in a 4K core memory. 8 figures, 7 tables.

  4. An Adaptive Database Intrusion Detection System

    Science.gov (United States)

    Barrios, Rita M.

    2011-01-01

    Intrusion detection is difficult to accomplish when attempting to employ current methodologies when considering the database and the authorized entity. It is a common understanding that current methodologies focus on the network architecture rather than the database, which is not an adequate solution when considering the insider threat. Recent…

  5. Adaptive critic design for computer intrusion detection system

    Science.gov (United States)

    Novokhodko, Alexander; Wunsch, Donald C., II; Dagli, Cihan H.

    2001-03-01

    This paper summarizes ongoing research. A neural network is used to detect a computer system intrusion basing on data from the system audit trail generated by Solaris Basic Security Module. The data have been provided by Lincoln Labs, MIT. The system alerts the human operator, when it encounters suspicious activity logged in the audit trail. To reduce the false alarm rate and accommodate the temporal indefiniteness of moment of attack a reinforcement learning approach is chosen to train the network.

  6. Intrusion Preventing System using Intrusion Detection System Decision Tree Data Mining

    Directory of Open Access Journals (Sweden)

    Syurahbil

    2009-01-01

    Full Text Available Problem statement: To distinguish the activities of the network traffic that the intrusion and normal is very difficult and to need much time consuming. An analyst must review all the data that large and wide to find the sequence of intrusion on the network connection. Therefore, it needs a way that can detect network intrusion to reflect the current network traffics. Approach: In this study, a novel method to find intrusion characteristic for IDS using decision tree machine learning of data mining technique was proposed. Method used to generate of rules is classification by ID3 algorithm of decision tree. Results: These rules can determine of intrusion characteristics then to implement in the firewall policy rules as prevention. Conclusion: Combination of IDS and firewall so-called the IPS, so that besides detecting the existence of intrusion also can execute by doing deny of intrusion as prevention.

  7. An Adaptive Hybrid Multi-level Intelligent Intrusion Detection System for Network Security

    Directory of Open Access Journals (Sweden)

    P. Ananthi

    2014-04-01

    Full Text Available Intrusion Detection System (IDS plays a vital factor in providing security to the networks through detecting malicious activities. Due to the extensive advancements in the computer networking, IDS has become an active area of research to determine various types of attacks in the networks. A large number of intrusion detection approaches are available in the literature using several traditional statistical and data mining approaches. Data mining techniques in IDS observed to provide significant results. Data mining approaches for misuse and anomaly-based intrusion detection generally include supervised, unsupervised and outlier approaches. It is important that the efficiency and potential of IDS be updated based on the criteria of new attacks. This study proposes a novel Adaptive Hybrid Multi-level Intelligent IDS (AHMIIDS system which is the combined version of anomaly and misuse detection techniques. The anomaly detection is based on Bayesian Networks and then the misuse detection is performed using Adaptive Neuro Fuzzy Inference System (ANFIS. The outputs of both anomaly detection and misuse detection modules are applied to Decision Table Majority (DTM to perform the final decision making. A rule-base approach is used in this system. It is observed from the results that the proposed AHMIIDS performs better than other conventional hybrid IDS.

  8. Autonomic intrusion detection: Adaptively detecting anomalies over unlabeled audit data streams in computer networks

    KAUST Repository

    Wang, Wei

    2014-06-22

    In this work, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-managing: self-labeling, self-updating and self-adapting. Our framework employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies. Two large real HTTP traffic streams collected in our institute as well as a set of benchmark KDD’99 data are used to validate the framework and the method. The test results show that the autonomic model achieves better results in terms of effectiveness and efficiency compared to adaptive Sequential Karhunen–Loeve method and static AP as well as three other static anomaly detection methods, namely, k-NN, PCA and SVM.

  9. Using Adaptive Neuro-Fuzzy Inference System in Alert Management of Intrusion Detection Systems

    Directory of Open Access Journals (Sweden)

    Zahra Atashbar Orang

    2012-10-01

    Full Text Available By ever increase in using computer network and internet, using Intrusion Detection Systems (IDS has been more important. Main problems of IDS are the number of generated alerts, alert failure as well as identifying the attack type of alerts. In this paper a system is proposed that uses Adaptive Neuro-Fuzzy Inference System to classify IDS alerts reducing false positive alerts and also identifying attack types of true positive ones. By the experimental results on DARPA KDD cup 98, the system can classify alerts, leading a reduction of false positive alerts considerably and identifying attack types of alerts in low slice of time.

  10. Interior intrusion detection systems

    Energy Technology Data Exchange (ETDEWEB)

    Rodriguez, J.R.; Matter, J.C. (Sandia National Labs., Albuquerque, NM (United States)); Dry, B. (BE, Inc., Barnwell, SC (United States))

    1991-10-01

    The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs.

  11. Interior intrusion detection systems

    International Nuclear Information System (INIS)

    The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs

  12. MA- IDS: A Distributed Intrusion Detection System Based on Data Mining

    Institute of Scientific and Technical Information of China (English)

    SUN Jian-hua; JIN Hai; CHEN Hao; HAN Zong-fen

    2005-01-01

    Aiming at the shortcomings in intrusion detection systems (IDSs) used in commercial and research fields,we propose the MA-IDS system, a distributed intrusion detection system based on data mining. In this model, misuse intrusion detection system (MIDS) and anomaly intrusion detection system (AIDS) are combined. Data mining is applied to raise detection performance, and distributed mechanism is employed to increase the scalability and efficiency. Host- and network-based mining algorithms employ an improved Bayesian decision theorem that suits for real security environment to minimize the risks incurred by false decisions. We describe the overall architecture of the MA-IDS system, and discuss specific design and implementation issue.

  13. Combining Naive Bayes and Decision Tree for Adaptive Intrusion Detection

    CERN Document Server

    Farid, Dewan Md; Rahman, Mohammad Zahidur; 10.5121/ijnsa.2010.2202

    2010-01-01

    In this paper, a new learning algorithm for adaptive network intrusion detection using naive Bayesian classifier and decision tree is presented, which performs balance detections and keeps false positives at acceptable level for different types of network attacks, and eliminates redundant attributes as well as contradictory examples from training data that make the detection model complex. The proposed algorithm also addresses some difficulties of data mining such as handling continuous attribute, dealing with missing attribute values, and reducing noise in training data. Due to the large volumes of security audit data as well as the complex and dynamic properties of intrusion behaviours, several data miningbased intrusion detection techniques have been applied to network-based traffic data and host-based data in the last decades. However, there remain various issues needed to be examined towards current intrusion detection systems (IDS). We tested the performance of our proposed algorithm with existing learn...

  14. Intrusion Detection Systems

    CERN Document Server

    Pietro, Roberto Di

    2008-01-01

    In our world of ever-increasing Internet connectivity, there is an on-going threat of intrusion, denial of service attacks, or countless other abuses of computer and network resources. In particular, these threats continue to persist due to the flaws of current commercial intrusion detection systems (IDSs). Intrusion Detection Systems is an edited volume by world class leaders in this field. This edited volume sheds new light on defense alert systems against computer and network intrusions. It also covers integrating intrusion alerts within security policy framework for intrusion response, rel

  15. Adaptive Genetic Algorithm Model for Intrusion Detection

    Directory of Open Access Journals (Sweden)

    K. S. Anil Kumar

    2012-09-01

    Full Text Available Intrusion detection systems are intelligent systems designed to identify and prevent the misuse of computer networks and systems. Various approaches to Intrusion Detection are currently being used, but they are relatively ineffective. Thus the emerging network security systems need be part of the life system and this ispossible only by embedding knowledge into the network. The Adaptive Genetic Algorithm Model - IDS comprising of K-Means clustering Algorithm, Genetic Algorithm and Neural Network techniques. Thetechnique is tested using multitude of background knowledge sets in DARPA network traffic datasets.

  16. Combining Naive Bayes and Decision Tree for Adaptive Intrusion Detection

    Directory of Open Access Journals (Sweden)

    Dewan Md. Farid

    2010-04-01

    Full Text Available In this paper, a new learning algorithm for adaptive network intrusion detection using naive Bayesian classifier and decision tree is presented, which performs balance detections and keeps false positives at acceptable level for different types of network attacks, and eliminates redundant attributes as well as contradictory examples from training data that make the detection model complex. The proposedalgorithm also addresses some difficulties of data mining such as handling continuous attribute, dealing with missing attribute values, and reducing noise in training data. Due to the large volumes of security audit data as well as the complex and dynamic properties of intrusion behaviours, several data miningbased intrusion detection techniques have been applied to network-based traffic data and host-based data in the last decades. However, there remain various issues needed to be examined towards current intrusion detection systems (IDS. We tested the performance of our proposed algorithm with existing learning algorithms by employing on the KDD99 benchmark intrusion detection dataset. The experimental results prove that the proposed algorithm achieved high detection rates (DR andsignificant reduce false positives (FP for different types of network intrusions using limited computational resources

  17. RESEARCH PROPOSAL: AN INTRUSION DETECTION SYSTEM ALERT REDUCTION AND ASSESSMENT FRAMEWORK BASED ON DATA MINING

    Directory of Open Access Journals (Sweden)

    Karim Al-Saedi

    2013-01-01

    Full Text Available The Intrusion Detection System (IDS generates huge amounts of alerts that are mostly false positives. The abundance of false positive alerts makes it difficult for the security analyst to identify successful attacks and to take remedial actions. Such alerts to have not been classified in accordance with their degree of threats. They further need to be processed to ascertain the most serious alerts and the time of the reaction response. They may take a long time and considerable space to discuss thoroughly. Each IDS generates a huge amount of alerts where most of them are real while the others are not (i.e., false alert or are redundant alerts. The false alerts create a serious problem for intrusion detection systems. Alerts are defined based on source/destination IP and source/destination ports. However, one cannot know which of those IP/ports bring a threat to the network. The IDSs’ alerts are not classified depending on their degree of the threat. It is difficult for the security analyst to identify attacks and take remedial action for this threat. So it is necessary to assist in categorizing the degree of the threat, by using data mining techniques. The proposed framework for proposal is IDS Alert Reduction and Assessment Based on Data Mining (ARADMF. The proposed framework contains three systems: Traffic data retrieval and collection mechanism system, reduction IDS alert processes system and threat score process of IDS alert system. The traffic data retrieval and collection mechanism systems develops a mechanism to save IDS alerts, extract the standard features as intrusion detection message exchange format and save them in DB file (CSV-type. It contains the Intrusion Detection Message Exchange Format (IDMEF which works as procurement alerts and field reduction is used as data standardization to make the format of alert as standard as possible. As for Feature Extraction (FE system, it is designed to extract the features of alert by

  18. Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS)

    Energy Technology Data Exchange (ETDEWEB)

    Jared Verba; Michael Milvich

    2008-05-01

    Current Intrusion Detection System (IDS) technology is not suited to be widely deployed inside a Supervisory, Control and Data Acquisition (SCADA) environment. Anomaly- and signature-based IDS technologies have developed methods to cover information technology-based networks activity and protocols effectively. However, these IDS technologies do not include the fine protocol granularity required to ensure network security inside an environment with weak protocols lacking authentication and encryption. By implementing a more specific and more intelligent packet inspection mechanism, tailored traffic flow analysis, and unique packet tampering detection, IDS technology developed specifically for SCADA environments can be deployed with confidence in detecting malicious activity.

  19. WLAN Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Ms. Sushama Shirke

    2011-08-01

    Full Text Available This is an implementation of the Wireless LAN Intrusion Detection System (WIDS using clock-skews as a fingerprinting property as suggested by Jana-Kasera [1]. Our objective is to detect the presence of a fake access point (AP in a Wireless LAN (WLAN. Use of clock -skew enables us to effectively detect Medium Access Control (MAC Address spoofing. The principle used in this project is that clock s k e w s remain consistent over time for the same AP but vary significantly across AP’s. We have also tried to exploreprobable points of failure and implemented algorithms to overcome these problems. Advantage of this implementation is that fake AP can be detected very quickly as WLAN Intrusion Detection System needs only 100 -200 packets in most cases.

  20. Wireless Intrusion Prevention Systems

    OpenAIRE

    Jack TIMOFTE

    2008-01-01

    The wireless networks have changed the way organizations work and offered a new range of possibilities, but at the same time they introduced new security threats. While an attacker needs physical access to a wired network in order to launch an attack, a wireless network allows anyone within its range to passively monitor the traffic or even start an attack. One of the countermeasures can be the use of Wireless Intrusion Prevention Systems.

  1. Adaptable data management for systems biology investigations

    Directory of Open Access Journals (Sweden)

    Burdick David

    2009-03-01

    Full Text Available Abstract Background Within research each experiment is different, the focus changes and the data is generated from a continually evolving barrage of technologies. There is a continual introduction of new techniques whose usage ranges from in-house protocols through to high-throughput instrumentation. To support these requirements data management systems are needed that can be rapidly built and readily adapted for new usage. Results The adaptable data management system discussed is designed to support the seamless mining and analysis of biological experiment data that is commonly used in systems biology (e.g. ChIP-chip, gene expression, proteomics, imaging, flow cytometry. We use different content graphs to represent different views upon the data. These views are designed for different roles: equipment specific views are used to gather instrumentation information; data processing oriented views are provided to enable the rapid development of analysis applications; and research project specific views are used to organize information for individual research experiments. This management system allows for both the rapid introduction of new types of information and the evolution of the knowledge it represents. Conclusion Data management is an important aspect of any research enterprise. It is the foundation on which most applications are built, and must be easily extended to serve new functionality for new scientific areas. We have found that adopting a three-tier architecture for data management, built around distributed standardized content repositories, allows us to rapidly develop new applications to support a diverse user community.

  2. Data Visualization Technique Framework for Intrusion detection

    OpenAIRE

    Alaa El - Din Riad; Ibrahim Elhenawy; Ahmed Hassan; Nancy Awadallah

    2011-01-01

    Network attacks have become the fundamental threat to today's largely interconnected computer system. Intrusion detection system (IDS) is indispensable to defend the system in the face of increasing vulnerabilities. While a number of information visualization software frameworks exist, creating new visualizations, especially those that involve novel visualization metaphors, interaction techniques, data analysis strategies, and specialized rendering algorithms, is still often a difficult proce...

  3. Rapid deployment intrusion detection system

    International Nuclear Information System (INIS)

    A rapidly deployable security system is one that provides intrusion detection, assessment, communications, and annunciation capabilities; is easy to install and configure; can be rapidly deployed, and is reusable. A rapidly deployable intrusion detection system (RADIDS) has many potential applications within the DOE Complex: back-up protection for failed zones in a perimeter intrusion detection and assessment system, intrusion detection and assessment capabilities in temporary locations, protection of assets during Complex reconfiguration, and protection in hazardous locations, protection of assets during Complex reconfiguration, and protection in hazardous locations. Many DOE user-need documents have indicated an interest in a rapidly deployable intrusion detection system. The purpose of the RADIDS project is to design, develop, and implement such a system. 2 figs

  4. ADAPTIVE ASSOCIATION RULE MINING BASED CROSS LAYER INTRUSION DETECTION SYSTEM FOR MANET

    Directory of Open Access Journals (Sweden)

    V. Anjana Devi

    2011-10-01

    Full Text Available Mobile ad-hoc wireless networks (MANET are a significant area of research with many applications.MANETs are more vulnerable to malicious attack. Authentication and encryption techniques can be usedas the first line of defense for reducing the possibilities of attacks. Alternatively, these approaches haveseveral demerits and designed for a set of well known attacks. This paper proposes a cross layer intrusiondetection architecture to discover the malicious nodes and different types of DoS attacks by exploiting theinformation available across different layers of protocol stack in order to improve the accuracy ofdetection. This approach uses a fixed width clustering algorithm for efficient detection of the anomalies inthe MANET traffic and also for detecting newer attacks generated . In the association process, theAdaptive Association Rule mining algorithm is utilized. This helps to overcome the more time taken forperforming the association process.

  5. Introduction to Wireless Intrusion Detection Systems

    OpenAIRE

    Milliken, Jonny

    2014-01-01

    The IDS (Intrusion Detection System) is a common means of protecting networked systems from attack or malicious misuse. The development and rollout of an IDS can take many different forms in terms of equipment, protocols, connectivity, cost and automation. This is particularly true of WIDS (Wireless Intrusion Detection Systems) which have many more opportunities and challenges associated with data transmission through an open, shared medium. The operation of a WIDS is a multistep process from...

  6. A Comprehensive Study in Data Mining Frameworks for Intrusion Detection

    Directory of Open Access Journals (Sweden)

    R.Venkatesan, R. Ganesan, A. Arul Lawrence Selvakumar

    2012-12-01

    Full Text Available Intrusions are the activities that violate the security policy of system. Intrusion Detection is the process used to identify intrusions. Network security is to be considered as a major issue in recent years, since the computer network keeps on expanding every day. An Intrusion Detection System (IDS is a system for detecting intrusions and reporting to the authority or to the network administration. Data mining techniques have been successfully applied in many fields like Network Management, Education, Science, Business, Manufacturing, Process control, and Fraud Detection. Data Mining for IDS is the technique which can be used mainly to identify unknown attacks and to raise alarms when security violations are detected. The purpose of this survey paper is to describe the methods/ techniques which are being used for Intrusion Detection based on Data mining concepts and the designed frame works for the same. We are also going to review the related works for intrusion detection.

  7. 一个基于数据挖掘的入侵检测系统模型%A Data Mining Based Intrusion Detection System Model

    Institute of Scientific and Technical Information of China (English)

    杨莘; 刘恒; 吕述望

    2003-01-01

    Applying data mining technique to intrusion detection and building a relevant model is the hotpot of studycurrently. This paper presents a typical data mining based IDS model, including data gathering and selection, datamining algorithm compare, system elements and model structure.

  8. Network Intrusion Forensic Analysis Using Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Manish Kumar

    2011-05-01

    Full Text Available The need for computer intrusion forensics arises from the alarming increase in the number of computer crimes that are committed annually. After a computer system has been breached and an intrusion has been detected, there is a need for a computer forensics investigation to follow. Computer forensics is used to bring to justice, those responsible for conducting attacks on computer systems throughout the world. Because of this the law must be follow precisely when conducting a forensics investigation. It is not enough to simple know an attacker is responsible for the crime, the forensics investigation must be carried out in a precise manner that will produce evidence that is amicable in a court room. For computer intrusion forensics many methodologies have been designed to be used when conducting an investigation. With the birth of the Internet and networks, the computer intrusion has never been as significant as it is now. There are different preventive measures available, such as access control and authentication, to attempt to prevent intruders. Intrusion detection systems (IDS are developed to detect an intrusion as it occurs, and to execute countermeasures when detected. Intrusion detection (ID takes over where preventive security fails. In order to choose the best IDS for a given system, one should be aware of the advantages and disadvantages of the each IDS. This paper views a forensic application within the framework of Intrusion Detection and details the advantages and disadvantages of IDS.

  9. Building Intrusion Tolerant Software System

    Institute of Scientific and Technical Information of China (English)

    PENG Wen-ling; WANG Li-na; ZHANG Huan-guo; CHEN Wei

    2005-01-01

    In this paper, we describe and analyze the hypothesis about intrusion tolerance software system, so that it can provide an intended server capability and deal with the impacts caused by the intruder exploiting the inherent security vulnerabilities. We present some intrusion tolerance technology by exploiting N-version module threshold method in constructing multilevel secure software architecture, by detecting with hash value, by placing an "antigen" word next to the return address on the stack that is similar to human immune system, and by adding "Honey code" nonfunctional code to disturb intruder, so that the security and the availability of the software system are ensured.

  10. Enhanced Intrusion Detection System for Malicious Node Detection in Mobile Ad hoc Networks using Data Transmission Quality of Nodes

    Directory of Open Access Journals (Sweden)

    S. Mamatha

    2014-09-01

    Full Text Available Mobile Ad hoc NETworks (MANETs are the new generation of networks that offer unrestricted mobility without any underlying infrastructure. It relies on the cooperation of all the participating nodes. Due to their open nature and lack of infrastructure, security for MANETS has become an intricate problem than the security in other networks. The conventional security mechanisms of protecting a wired network are not sufficient for these networks. Hence a second level of defense to detect and respond to the security problem called an Intrusion detection system is required. Generally the malicious nodes demonstrate a different behavioral pattern of all the other normal nodes. So an Intrusion Detection System based on anomaly based intrusion detection that works by checking the behavior of the nodes was proposed. Here, in this paper to determine the behavior of the nodes as malicious or legitimate a Data Transmission Quality (DTQ function is used. The DTQ function is defined in such a way that it will be close to a constant or keep changing smoothly for genuine nodes and will keep on diminishing for malicious nodes.. The final decision of confirming nodes as malicious is determined by a group consensus method. The evaluation results show that the proposed method increases the detection rate as well as decreases the false positive rate.

  11. Effective analysis of cloud based intrusion detection system

    Directory of Open Access Journals (Sweden)

    Sanjay Ram

    2012-08-01

    Full Text Available The goal of IDS is to analyze events on the network and identify attacks. The increasing number of network security related incidents makes it necessary for organizations to actively protect their sensitive data with the installation of intrusion detection systems (IDS. People are paid more attention on intrusion detection which as an important computer network security technology. According to the development trend of intrusion detection, detecting all kinds of intrusions effectively requires a global view of the monitored network, Here, discuss about new intrusion detection mechanism based on cloud computing, which can make up for the deficiency of traditional intrusion detection, and proved to be great scalable.

  12. An Intrusion Detection System Framework for Ad Hoc Networks

    OpenAIRE

    Arjun Singh; Surbhi Chauhan; Kamal Kant; Reshma Doknaia

    2012-01-01

    Secure and efficient communication among a set of mobile nodes is one of the most important aspects in ad-hoc wireless networks. Wireless networks are particularly vulnerable to intrusion, as they operate in open medium, and use cooperative strategies for network communications. By efficiently merging audit data from multiple network sensors, we analyze the entire ad hoc wireless network for intrusions and try to inhibit intrusion attempts. This paper presents an intrusion detection system fo...

  13. A Microcontroller Based Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Ewunonu Toochi

    2014-11-01

    Full Text Available A Microcontroller based Intrusion Detection System is designed and implemented. Rampant, Okintrusion to restricted zones have highlighted the need for embedded systems that can effectively monitor, instantly alert personnel of any breach in security and retrieve graphic evidence of any such activity in the secured area. At the heart of the intrusion detection system is the PIC 168F77A Microcontroller that transmits pulses at 38 KHz. It is suitably interfaced to a GSM modem that can send SMS on sight of infringement and a webcam that can take snapshots. The report also presents the system software which has been developed in two parts: one in C++ Language using MPLAB KIT and the other written in AT COMMAND resident in the GSM modem. The system is very cost-effective, uses easily available components and is adaptable to control systems.

  14. WiFi Miner: An Online Apriori-Infrequent Based Wireless Intrusion System

    Science.gov (United States)

    Rahman, Ahmedur; Ezeife, C. I.; Aggarwal, A. K.

    Intrusion detection in wireless networks has become a vital part in wireless network security systems with wide spread use of Wireless Local Area Networks (WLAN). Currently, almost all devices are Wi-Fi (Wireless Fidelity) capable and can access WLAN. This paper proposes an Intrusion Detection System, WiFi Miner, which applies an infrequent pattern association rule mining Apriori technique to wireless network packets captured through hardware sensors for purposes of real time detection of intrusive or anomalous packets. Contributions of the proposed system includes effectively adapting an efficient data mining association rule technique to important problem of intrusion detection in a wireless network environment using hardware sensors, providing a solution that eliminates the need for hard-to-obtain training data in this environment, providing increased intrusion detection rate and reduction of false alarms.

  15. Novel Intrusion Detection using Probabilistic Neural Network and Adaptive Boosting

    CERN Document Server

    Tran, Tich Phuoc; Tran, Dat; Nguyen, Cuong Duc

    2009-01-01

    This article applies Machine Learning techniques to solve Intrusion Detection problems within computer networks. Due to complex and dynamic nature of computer networks and hacking techniques, detecting malicious activities remains a challenging task for security experts, that is, currently available defense systems suffer from low detection capability and high number of false alarms. To overcome such performance limitations, we propose a novel Machine Learning algorithm, namely Boosted Subspace Probabilistic Neural Network (BSPNN), which integrates an adaptive boosting technique and a semi parametric neural network to obtain good tradeoff between accuracy and generality. As the result, learning bias and generalization variance can be significantly minimized. Substantial experiments on KDD 99 intrusion benchmark indicate that our model outperforms other state of the art learning algorithms, with significantly improved detection accuracy, minimal false alarms and relatively small computational complexity.

  16. A Framework for an Adaptive Anomaly Detection System with Fuzzy Data Mining

    Institute of Scientific and Technical Information of China (English)

    GAO Xiang; WANG Min; ZHAO Rongchun

    2006-01-01

    In this paper, we present an adaptive anomaly detection framework that is applicable to network-based intrusion detection. Our framework employs fuzzy cluster algorithm to detect anomalies in an online, adaptive fashion without a priori knowledge of the underlying data. We evaluate our method by performing experiments over network records from the KDD CUP99 data set.

  17. Data Infrastructures for Asset Management Viewed as Complex Adaptive Systems

    NARCIS (Netherlands)

    Brous, P.A.; Overtoom, I.; Herder, P.M.; Versluis, A.; Janssen, M.F.W.H.A

    2014-01-01

    Data infrastructures represent information about physical reality. As reality changes, data infrastructures might also be subject to change. Researchers have increasingly approached physical infrastructures as being complex adaptive systems (CAS). Although physical infrastructures are often approach

  18. Research on IPv6 intrusion detection system Snort-based

    Science.gov (United States)

    Shen, Zihao; Wang, Hui

    2010-07-01

    This paper introduces the common intrusion detection technologies, discusses the work flow of Snort intrusion detection system, and analyzes IPv6 data packet encapsulation and protocol decoding technology. We propose the expanding Snort architecture to support IPv6 intrusion detection in accordance with CIDF standard combined with protocol analysis technology and pattern matching technology, and present its composition. The research indicates that the expanding Snort system can effectively detect various intrusion attacks; it is high in detection efficiency and detection accuracy and reduces false alarm and omission report, which effectively solves the problem of IPv6 intrusion detection.

  19. Multi-Vector Portable Intrusion Detection System

    OpenAIRE

    Moyers, Benjamin

    2009-01-01

    This research describes an intrusion detection system designed to fulfill the need for increased mobile device security. The Battery-Sensing Intrusion Protection System (B-SIPS) [1] initially took a non-conventional approach to intrusion detection by recognizing attacks based on anomalous Instantaneous Current (IC) drainage. An extension of B-SIPS, the Multi-Vector Portable Intrusion Detection System (MVP-IDS) validates the idea of recognizing attacks based on anomalous IC drain by correlat...

  20. Evaluation of Intrusion Detection Systems

    OpenAIRE

    Ulvila, Jacob W.; Gaffney, John E.

    2003-01-01

    This paper presents a comprehensive method for evaluating intrusion detection systems (IDSs). It integrates and extends ROC (receiver operating characteristic) and cost analysis methods to provide an expected cost metric. Results are given for determining the optimal operation of an IDS based on this expected cost metric. Results are given for the operation of a single IDS and for a combination of two IDSs. The method is illustrated for: 1) determining the best operating point for a single an...

  1. Force Protection Joint Experiment (FPJE) Battlefield Anti-Intrusion System (BAIS) sensors data analysis and filtering metrics

    Science.gov (United States)

    Barngrover, C. M.; Laird, R. T.; Kramer, T. A.; Cruickshanks, J. R.; Cutler, S. H.

    2009-04-01

    The FPJE was an experiment to consider the best way to develop and evaluate a system of systems approach to Force Protection. It was sponsored by Physical Security Equipment Action Group (PSEAG) and Joint Program Manager - Guardian (JPM-G), and was managed by the Product Manager - Force Protection Systems (PM-FPS). The experiment was an effort to utilize existing technical solutions from all branches of the military in order to provide more efficient and effective force protection. The FPJE consisted of four separate Integration Assessments (IA), which were intended as opportunities to assess the status of integration, automation and fusion efforts, and the effectiveness of the current configuration and "system" components. The underlying goal of the FPJE was to increase integration, automation, and fusion of the many different sensors and their data to provide enhanced situational awareness and a common operational picture. One such sensor system is the Battlefield Anti-Intrusion System (BAIS), which is a system of seismic and acoustic unmanned ground sensors. These sensors were originally designed for employment by infantry soldiers at the platoon level to provide early warning of personnel and vehicle intrusion in austere environments. However, when employed around airfields and high traffic areas, the sensitivity of these sensors can cause an excessive number of detections. During the second FPJE-IA all of the BAIS detections and the locations of all Opposing Forces were logged and analyzed to determine the accuracy rate of the sensors. This analysis revealed that with minimal filtering of detections, the number of false positives and false negatives could be reduced substantially to manageable levels while using the sensors within extreme operational acoustic and seismic noise conditions that are beyond the design requirements.

  2. Smart sensor systems for outdoor intrusion detection

    International Nuclear Information System (INIS)

    A major improvement in outdoor perimeter security system probability of detection (PD) and reduction in false alarm rate (FAR) and nuisance alarm rate (NAR) may be obtained by analyzing the indications immediately preceding an event which might be interpreted as an intrusion. Existing systems go into alarm after crossing a threshold. Very slow changes, which accumulate until the threshold is reached, may be assessed falsely as an intrusion. A hierarchial program has begun at Stellar to develop a modular, expandable Smart Sensor system which may be interfaced to most types of sensor and alarm reporting systems. A major upgrade to the SSI Test Site is in progress so that intrusions may be simulated in a controlled and repeatable manner. A test platform is being constructed which will operate in conduction with a mobile instrumentation center with CCTVB, lighting control, weather and data monitoring and remote control of the test platform and intrusion simulators. Additional testing was contracted with an independent test facility to assess the effects of severe winter weather conditions

  3. Classification and Importance of Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Rajasekaran K

    2012-08-01

    Full Text Available An intrusion detection system (IDS is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a Management Station. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Due to a growing number of intrusion events and also because the Internet and local networks have become so ubiquitous, organizations are increasingly implementing various systems that monitor IT security breaches. This includes an overview of the classification of intrusion detection systems and introduces the reader to some fundamental concepts of IDS methodology: audit trail analysis and on-the-fly processing as well as anomaly detection and signature detection approaches. This research paper discusses the primary intrusion detection techniques and the classification of intrusion Detection system.

  4. Intrusion Detection System: Security Monitoring System

    Directory of Open Access Journals (Sweden)

    ShabnamNoorani,

    2015-10-01

    Full Text Available An intrusion detection system (IDS is an ad hoc security solution to protect flawed computer systems. It works like a burglar alarm that goes off if someone tampers with or manages to get past other security mechanisms such as authentication mechanisms and firewalls. An Intrusion Detection System (IDS is a device or a software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.Intrusion Detection System (IDS has been used as a vital instrument in defending the network from this malicious or abnormal activity..In this paper we are comparing host based and network based IDS and various types of attacks possible on IDS.

  5. Performance Enhancement of Intrusion Detection using Neuro - Fuzzy Intelligent System

    Directory of Open Access Journals (Sweden)

    Dr. K. S. Anil Kumar

    2014-10-01

    Full Text Available This research work aims at developing hybrid algorithms using data mining techniques for the effective enhancement of anomaly intrusion detection performance. Many proposed algorithms have not addressed their reliability with varying amount of malicious activity or their adaptability for real time use. The study incorporates a theoretical basis for improvement in performance of IDS using K-medoids Algorithm, Fuzzy Set Algorithm, Fuzzy Rule System and Neural Network techniques. Also statistical significance of estimates has been looked into for finalizing the best one using DARPA network traffic datasets.

  6. Testing Of Network Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Jagadeep Vegunta

    2011-11-01

    Full Text Available Network based intrusion detection system use the models of attacks to identify intrusive behavior ability of systems to detect attacks by quality of models which are called signatures. Some attacks exploits in different ways. For this reason we use testing tools that able to detect goodness of signatures. This technique describes test and evaluate misuse detection models in the case of network-based intrusion detection systems. we use Mutant Exploits are working against vulnerability applications. This mutant exploit is based on mechanism to generate large no. of exploit by applying mutant operators. The results of the systems in detecting these variations pro-vide a quantitative basis for the evaluation of the quality of the corresponding detection model. but here we are going to find defects of this testing and is this test will provide 100% security for this system (or not. and also which technique gives much security among these techniques fuzzy logic, neural networks, hybrid fuzzy and neural networks, naïve bayes, genetic algorithms and data mining.

  7. Abstracting audit data for lightweight intrusion detection

    KAUST Repository

    Wang, Wei

    2010-01-01

    High speed of processing massive audit data is crucial for an anomaly Intrusion Detection System (IDS) to achieve real-time performance during the detection. Abstracting audit data is a potential solution to improve the efficiency of data processing. In this work, we propose two strategies of data abstraction in order to build a lightweight detection model. The first strategy is exemplar extraction and the second is attribute abstraction. Two clustering algorithms, Affinity Propagation (AP) as well as traditional k-means, are employed to extract the exemplars, and Principal Component Analysis (PCA) is employed to abstract important attributes (a.k.a. features) from the audit data. Real HTTP traffic data collected in our institute as well as KDD 1999 data are used to validate the two strategies of data abstraction. The extensive test results show that the process of exemplar extraction significantly improves the detection efficiency and has a better detection performance than PCA in data abstraction. © 2010 Springer-Verlag.

  8. A Survey of Intrusion Detection System in Big Data%大数据环境下入侵检测系统概述

    Institute of Scientific and Technical Information of China (English)

    葛钊成; 彭凯

    2016-01-01

    入侵检测系统(Intrusion Detection System, IDS)为网络空间安全做出重大贡献。然而随着大数据时代的到来,IDS 暴露出效率低下、理念落后等系统性不足。本文结合大数据特征及传统 IDS 技术的不足,针对性地概述了分布式入侵检测系统(Districted Intrusion Detection System, DIDS),并在基本概念、系统分类和性能特点等方面对其做出重点解释。最后从深度学习、广度融合等角度展望了入侵检测技术的未来发展。%Intrusion detection system has made a great contribution for cyberspace security. However, with the approach of the age of big data, IDS has exposed certain structural defects, such as inefficiency and conservative ideas. Combining with the characteristic of big data and traditional IDS techniques, this paper provides a survey of distributed intrusion detection system (DIDS) and makes detailed explanations on concepts, classifications and performance. The paper also prospects the development of IDS from the perspective of deep learning, extensive integration, etc.

  9. Intrusion-Tolerant Based Survivable Model of Database System

    Institute of Scientific and Technical Information of China (English)

    ZHUJianming; WANGChao; MAJianfeng

    2005-01-01

    Survivability has become increasingly important with society's increased dependence of critical infrastructures on computers. Intrusiontolerant systems extend traditional secure systems to be able to survive or operate through attacks, thus it is an approach for achieving survivability. This paper proposes survivable model of database system based on intrusion-tolerant mechanisms. The model is built on three layers security architecture, to defense intrusion at the outer layer, to detect intrusion at the middle layer, and to tolerate intrusion at the inner layer. We utilize the techniques of both redundancy and diversity and threshold secret sharing schemes to implement the survivability of database and to protect confidential data from compromised servers in the presence of intrusions. Comparing with the existing schemes, our approach has realized the security and robustness for the key functions of a database system by using the integration security strategy and multiple security measures.

  10. Sensitive Data Protection Based on Intrusion Tolerance in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Jingyu Wang

    2011-02-01

    Full Text Available Service integration and supply on-demand coming from cloud computing can significantly improve the utilization of computing resources and reduce power consumption of per service, and effectively avoid the error of computing resources. However, cloud computing is still facing the problem of intrusion tolerance of the cloud computing platform and sensitive data of new enterprise data center. In order to address the problem of intrusion tolerance of cloud computing platform and sensitive data in new enterprise data center, this paper constructs a virtualization intrusion tolerance system based on cloud computing by researching on the existing virtualization technology, and then presents a method of intrusion tolerance to protect sensitive data in cloud data center based on virtual adversary structure by utilizing secret sharing. This system adopts the method of hybrid fault model, active and passive replicas, state update and transfer, proactive recovery and diversity, and initially implements to tolerate F faulty replicas in N=2F+1 replicas and ensure that only F+1 active replicas to execute during the intrusion-free stage. The remaining replicas are all put into passive mode, which significantly reduces the resource consuming in cloud platform. At last we prove the reconstruction and confidentiality property of sensitive data by utilizing secret sharing.

  11. Distributed intrusion detection system based on fuzzy rules

    Science.gov (United States)

    Qiao, Peili; Su, Jie; Liu, Yahui

    2006-04-01

    Computational Intelligence is the theory and method solving problems by simulating the intelligence of human using computer and it is the development of Artificial Intelligence. Fuzzy Technique is one of the most important theories of computational Intelligence. Genetic Fuzzy Technique and Neuro-Fuzzy Technique are the combination of Fuzzy Technique and novel techniques. This paper gives a distributed intrusion detection system based on fuzzy rules that has the characters of distributed parallel processing, self-organization, self-learning and self-adaptation by the using of Neuro-Fuzzy Technique and Genetic Fuzzy Technique. Specially, fuzzy decision technique can be used to reduce false detection. The results of the simulation experiment show that this intrusion detection system model has the characteristics of distributed, error tolerance, dynamic learning, and adaptation. It solves the problem of low identifying rate to new attacks and hidden attacks. The false detection rate is low. This approach is efficient to the distributed intrusion detection.

  12. Intrusion Detection System Using Advanced Honeypots

    CERN Document Server

    Singh, Ram Kumar

    2009-01-01

    The exponential growth of Internet traffic has made public servers increasingly vulnerable to unauthorized accesses and intrusions. In addition to maintaining low latency for the client, filtering unauthorized accesses has become one of the major concerns of a server maintainer. This implementation of an Intrusion Detection System distinguishes between the traffic coming from clients and the traffic originated from the attackers, in an attempt to simultaneously mitigate the problems of both latency and security. We then present the results of a series of stress and scalability tests, and suggest a number of potential uses for such a system. As computer attacks are becoming more and more difficult to identify the need for better and more efficient intrusion detection systems increases. The main problem with current intrusion detection systems is high rate of false alarms. Using honeypots provides effective solution to increase the security.

  13. Intrusion Detection in Control Systems using Sequence Characteristics

    Science.gov (United States)

    Kiuchi, Mai; Onoda, Takashi

    Intrusion detection is considered effective in control systems. Sequences of the control application behavior observed in the communication, such as the order of the control device to be controlled, are important in control systems. However, most intrusion detection systems do not effectively reflect sequences in the application layer into the detection rules. In our previous work, we considered utilizing sequences for intrusion detection in control systems, and demonstrated the usefulness of sequences for intrusion detection. However, manually writing the detection rules for a large system can be difficult, so using machine learning methods becomes feasible. Also, in the case of control systems, there have been very few observed cyber attacks, so we have very little knowledge of the attack data that should be used to train the intrusion detection system. In this paper, we use an approach that combines CRF (Conditional Random Field) considering the sequence of the system, thus able to reflect the characteristics of control system sequences into the intrusion detection system, and also does not need the knowledge of attack data to construct the detection rules.

  14. Signature Based Intrusion Detection System Using SNORT

    Directory of Open Access Journals (Sweden)

    Vinod Kumar

    2012-11-01

    Full Text Available Now a day’s Intrusion Detection systems plays very important role in Network security. As the use of internet is growing rapidly the possibility of attack is also increasing in that ratio. People are using signature based IDS’s. Snort is mostly used signature based IDS because of it is open source software. World widely it is used in intrusion detection and prevention domain. Basic analysis and security engine (BASE is also used to see the alerts generated by Snort. In the paper we have implementation the signature based intrusion detection using Snort. Our work will help to novel user to understand the concept of Snort based IDS.

  15. Intrusion Detection Systems in Wireless Sensor Networks: A Review

    OpenAIRE

    Nabil Ali Alrajeh; Khan, S.; Bilal Shams

    2013-01-01

    Wireless Sensor Networks (WSNs) consist of sensor nodes deployed in a manner to collect information about surrounding environment. Their distributed nature, multihop data forwarding, and open wireless medium are the factors that make WSNs highly vulnerable to security attacks at various levels. Intrusion Detection Systems (IDSs) can play an important role in detecting and preventing security attacks. This paper presents current Intrusion Detection Systems and some open research problems relat...

  16. Simulating spatial adaption of groundwater pumping on seawater intrusion in coastal regions

    Science.gov (United States)

    Grundmann, Jens; Ladwig, Robert; Schütze, Niels; Walther, Marc

    2016-04-01

    Coastal aquifer systems are used intensively to meet the growing demands for water in those regions. They are especially at risk for the intrusion of seawater due to aquifer overpumping, limited groundwater replenishment and unsustainable groundwater management which in turn also impacts the social and economical development of coastal regions. One example is the Al-Batinah coastal plain in northern Oman where irrigated agriculture is practiced by lots of small scaled farms in different distances from the sea, each of them pumping their water from coastal aquifer. Due to continuous overpumping and progressing saltwater intrusion farms near the coast had to close since water for irrigation got too saline. For investigating appropriate management options numerical density dependent groundwater modelling is required which should also portray the adaption of groundwater abstraction schemes on the water quality. For addressing this challenge a moving inner boundary condition is implemented in the numerical density dependent groundwater model which adjusts the locations for groundwater abstraction according to the position of the seawater intrusion front controlled by thresholds of relative chloride concentration. The adaption process is repeated for each management cycle within transient model simulations and allows for considering feedbacks with the consumers e.g. the agriculture by moving agricultural farms more inland or towards the sea if more fertile soils at the coast could be recovered. For finding optimal water management strategies efficiently, the behaviour of the numerical groundwater model for different extraction and replenishment scenarios is approximated by an artificial neural network using a novel approach for state space surrogate model development. Afterwards the derived surrogate is coupled with an agriculture module within a simulation based water management optimisation framework to achieve optimal cropping pattern and water abstraction schemes

  17. NETWORK INTRUSION DETECTION SYSTEM USING FUZZY LOGIC

    Directory of Open Access Journals (Sweden)

    R. Shanmugavadivu

    2011-02-01

    Full Text Available IDS which are increasingly a key part of system defense are used to identify abnormal activities in a computer system. In general, the traditional intrusion detection relies on the extensive knowledge of security experts, in particular, on their familiarity with the computer system to be protected. To reduce this dependence, variousdata-mining and machine learning techniques have been used in the literature. In the proposed system, we have designed fuzzy logic-based system for effectively identifying the intrusion activities within a network. The proposed fuzzy logic-based system can be able to detect an intrusion behavior of the networks since the rule base contains a better set of rules. Here, we have used automated strategy for generation of fuzzy rules, which are obtained from the definite rules using frequent items. The experiments and evaluations of the proposed intrusion detection system are performed with the KDD Cup 99 intrusion detection dataset. The experimentalresults clearly show that the proposed system achieved higher precision in identifying whether the records are normal or attack one.

  18. Effectiveness of Intrusion Prevention Systems (IPS) in Fast Networks

    CERN Document Server

    Shafi, Muhammad Imran; Hayat, Sikandar; Sohail, Imran

    2010-01-01

    Computer systems are facing biggest threat in the form of malicious data which causing denial of service, information theft, financial and credibility loss etc. No defense technique has been proved successful in handling these threats. Intrusion Detection and Prevention Systems (IDPSs) being best of available solutions. These techniques are getting more and more attention. Although Intrusion Prevention Systems (IPSs) show a good level of success in detecting and preventing intrusion attempts to networks, they show a visible deficiency in their performance when they are employed on fast networks. In this paper we have presented a design including quantitative and qualitative methods to identify improvement areas in IPSs. Focus group is used for qualitative analysis and experiment is used for quantitative analysis. This paper also describes how to reduce the responding time for IPS when an intrusion occurs on network, and how can IPS be made to perform its tasks successfully without effecting network speed nega...

  19. Fast and Adaptive Lossless Onboard Hyperspectral Data Compression System

    Science.gov (United States)

    Aranki, Nazeeh I.; Keymeulen, Didier; Kimesh, Matthew A.

    2012-01-01

    Modern hyperspectral imaging systems are able to acquire far more data than can be downlinked from a spacecraft. Onboard data compression helps to alleviate this problem, but requires a system capable of power efficiency and high throughput. Software solutions have limited throughput performance and are power-hungry. Dedicated hardware solutions can provide both high throughput and power efficiency, while taking the load off of the main processor. Thus a hardware compression system was developed. The implementation uses a field-programmable gate array (FPGA). The implementation is based on the fast lossless (FL) compression algorithm reported in Fast Lossless Compression of Multispectral-Image Data (NPO-42517), NASA Tech Briefs, Vol. 30, No. 8 (August 2006), page 26, which achieves excellent compression performance and has low complexity. This algorithm performs predictive compression using an adaptive filtering method, and uses adaptive Golomb coding. The implementation also packetizes the coded data. The FL algorithm is well suited for implementation in hardware. In the FPGA implementation, one sample is compressed every clock cycle, which makes for a fast and practical realtime solution for space applications. Benefits of this implementation are: 1) The underlying algorithm achieves a combination of low complexity and compression effectiveness that exceeds that of techniques currently in use. 2) The algorithm requires no training data or other specific information about the nature of the spectral bands for a fixed instrument dynamic range. 3) Hardware acceleration provides a throughput improvement of 10 to 100 times vs. the software implementation. A prototype of the compressor is available in software, but it runs at a speed that does not meet spacecraft requirements. The hardware implementation targets the Xilinx Virtex IV FPGAs, and makes the use of this compressor practical for Earth satellites as well as beyond-Earth missions with hyperspectral instruments.

  20. Intrusion Detection Approach Using Connectionist Expert System

    Institute of Scientific and Technical Information of China (English)

    MA Rui; LIU Yu-shu; DU Yan-hui

    2005-01-01

    In order to improve the detection efficiency of rule-based expert systems, an intrusion detection approach using connectionist expert system is proposed. The approach converts the AND/OR nodes into the corresponding neurons, adopts the three-layered feed forward network with full interconnection between layers,translates the feature values into the continuous values belong to the interval [0, 1 ], shows the confidence degree about intrusion detection rules using the weight values of the neural networks and makes uncertain inference with sigmoid function. Compared with the rule-based expert system, the neural network expert system improves the inference efficiency.

  1. Design of Secure Distributed Intrusion Detection Systems

    Institute of Scientific and Technical Information of China (English)

    2002-01-01

    Intrusion Detection System (IDS) have received a great deal of attention because of their excellent ability of preventing network incidents. Recently, many efficient approaches have been proposed to improve detection ability of IDS. While the self-protection ability of IDS is relatively worse and easy to be exploited by attackers, this paper gives a scheme of Securely Distributed Intrusion Detection System (SDIDS). This system adopts special measurements to enforce the security of IDS components. A new secure mechanism combining role-based access control and attribute certificate is used to resist attack to communication.

  2. An Isolation Intrusion Detection System for Hierarchical Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Rung-Ching Chen

    2010-03-01

    Full Text Available Normal 0 0 2 false false false MicrosoftInternetExplorer4 A wireless sensor network (WSN is a wireless network consisting of spatially distributed autonomous devices using sensors to cooperatively monitor environmental conditions, such as battlefield data and personal health information, and some environment limited resources. To avoid malicious damage is important while information is transmitted in wireless network. Thus, Wireless Intrusion Detection Systems are crucial to safe operation in wireless sensor networks. Wireless networks are subject to very different types of attacks compare to wired networks. In this paper, we propose an isolation table to detect intrusion by hierarchical wireless sensor networks and to estimate the effect of intrusion detection. The primary experiment proves that isolation table intrusion detection can prevent attacks effectively.

  3. Integrating Innate and Adaptive Immunity for Intrusion Detection

    CERN Document Server

    Tedesco, Gianni; Aickelin, Uwe

    2010-01-01

    Network Intrusion Detection Systems (NDIS) monitor a network with the aim of discerning malicious from benign activity on that network. While a wide range of approaches have met varying levels of success, most IDS's rely on having access to a database of known attack signatures which are written by security experts. Nowadays, in order to solve problems with false positive alters, correlation algorithms are used to add additional structure to sequences of IDS alerts. However, such techniques are of no help in discovering novel attacks or variations of known attacks, something the human immune system (HIS) is capable of doing in its own specialised domain. This paper presents a novel immune algorithm for application to an intrusion detection problem. The goal is to discover packets containing novel variations of attacks covered by an existing signature base.

  4. Intrusion detection based on system calls and homogeneous Markov chains

    Institute of Scientific and Technical Information of China (English)

    Tian Xinguang; Duan Miyi; Sun Chunlai; Li Wenfa

    2008-01-01

    A novel method for detecting anomalous program behavior is presented, which is applicable to hostbased intrusion detection systems that monitor system call activities. The method constructs a homogeneous Markov chain model to characterize the normal behavior of a privileged program, and associates the states of the Markov chain with the unique system calls in the training data. At the detection stage, the probabilities that the Markov chain model supports the system call sequences generated by the program are computed. A low probability indicates an anomalous sequence that may result from intrusive activities. Then a decision rule based on the number of anomalous sequences in a locality frame is adopted to classify the program's behavior. The method gives attention to both computational efficiency and detection accuracy, and is especially suitable for on-line detection. It has been applied to practical host-based intrusion detection systems.

  5. Poseidon: a 2-tier anomaly-based intrusion detection system

    NARCIS (Netherlands)

    Bolzoni, Damiano; Zambon, Emmanuele; Etalle, Sandro; Hartel, Pieter

    2005-01-01

    We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection r

  6. Intelligence Intrusion Detection Prevention Systems using Object Oriented Analysis method

    Directory of Open Access Journals (Sweden)

    DR.K.KUPPUSAMY

    2010-12-01

    Full Text Available This paper is deliberate to provide a model for “Intelligence Intrusion Detection Prevention Systems using Object Oriented Analysis method ” , It describes the state’s overall requirements regarding the acquisition and implementation of intrusion prevention and detection systems with intelligence (IIPS/IIDS. This is designed to provide a deeper understanding of intrusion prevention and detection principles with intelligence may be responsible for acquiring, implementing or monitoring such systems in understanding the technology and strategies available.With the need for evolution, if not revolution, of current network architectures and the Internet, autonomous and spontaneous management will be a key feature of future networks and information systems. In this context, security is an essential property. It must be thought at the early stage of conception of these systems and designed to be also autonomous and spontaneous.Future networks and systems must be able to automatically configure themselves with respect to their security policies. The security policy specification must be dynamic and adapt itself to the changing environment. Those networks and systems should interoperate securely when their respective security policies are heterogeneous and possibly conflicting. They must be able to autonomously evaluate the impact of an intrusion in order to spontaneously select the appropriate and relevant response when a given intrusion is detected.Autonomous and spontaneous security is a major requirement of future networks and systems. Of course, it is crucial to address this issue in different wireless and mobile technologies available today such as RFID,Wifi, Wimax, 3G, etc. Other technologies such as ad hoc and sensor networks, which introduce new type of services, also share similar requirements for an autonomous and spontaneous management of security.Intelligence Intrusion Prevention Systems (IIPS are designed to aid in preventing the

  7. A Review of Intrusion Detection Technique by Soft Computing and Data Mining Approach

    Directory of Open Access Journals (Sweden)

    Aditya Shrivastava

    2013-09-01

    Full Text Available The growth of internet technology spread a large amount of data communication. The communication of data compromised network threats and security issues. The network threats and security issues raised a problem of data integrity and loss of data. For the purpose of data integrity and loss of data before 20 year Anderson developed a model of intrusion detection system. Initially intrusion detection system work on process of satirical frequency of audit system logs. Latter on this system improved by various researchers and apply some other approach such as data mining technique, neural network and expert system. Now in current research trend of intrusion detection system used soft computing approach such as fuzzy logic, genetic algorithm and machine learning. In this paper discuss some method of data mining and soft computing for the purpose of intrusion detection. Here used KDDCUP99 dataset used for performance evaluation for this technique.

  8. Hybrid Intrusion Detection and Prediction multiAgent System HIDPAS

    CERN Document Server

    Jemili, Farah; Ahmed, Mohamed Ben

    2009-01-01

    This paper proposes an intrusion detection and prediction system based on uncertain and imprecise inference networks and its implementation. Giving a historic of sessions, it is about proposing a method of supervised learning doubled of a classifier permitting to extract the necessary knowledge in order to identify the presence or not of an intrusion in a session and in the positive case to recognize its type and to predict the possible intrusions that will follow it. The proposed system takes into account the uncertainty and imprecision that can affect the statistical data of the historic. The systematic utilization of an unique probability distribution to represent this type of knowledge supposes a too rich subjective information and risk to be in part arbitrary. One of the first objectives of this work was therefore to permit the consistency between the manner of which we represent information and information which we really dispose.

  9. Neural Network Based Intrusion Detection System for Critical Infrastructures

    Energy Technology Data Exchange (ETDEWEB)

    Todd Vollmer; Ondrej Linda; Milos Manic

    2009-07-01

    Resiliency and security in control systems such as SCADA and Nuclear plant’s in today’s world of hackers and malware are a relevant concern. Computer systems used within critical infrastructures to control physical functions are not immune to the threat of cyber attacks and may be potentially vulnerable. Tailoring an intrusion detection system to the specifics of critical infrastructures can significantly improve the security of such systems. The IDS-NNM – Intrusion Detection System using Neural Network based Modeling, is presented in this paper. The main contributions of this work are: 1) the use and analyses of real network data (data recorded from an existing critical infrastructure); 2) the development of a specific window based feature extraction technique; 3) the construction of training dataset using randomly generated intrusion vectors; 4) the use of a combination of two neural network learning algorithms – the Error-Back Propagation and Levenberg-Marquardt, for normal behavior modeling. The presented algorithm was evaluated on previously unseen network data. The IDS-NNM algorithm proved to be capable of capturing all intrusion attempts presented in the network communication while not generating any false alerts.

  10. Mining Association Rules to Evade Network Intrusion in Network Audit Data

    Directory of Open Access Journals (Sweden)

    Kamini Nalavade

    2014-06-01

    Full Text Available With the growth of hacking and exploiting tools and invention of new ways of intrusion, intrusion detection and prevention is becoming the major challenge in the world of network security. The increasing network traffic and data on Internet is making this task more demanding. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. The false positive rates make it extremely hard to analyse and react to attacks. Intrusion detection systems using data mining approaches make it possible to search patterns and rules in large amount of audit data. In this paper, we represent a model to integrate association rules to intrusion detection to design and implement a network intrusion detection system. Our technique is used to generate attack rules that will detect the attacks in network audit data using anomaly detection. This shows that the modified association rules algorithm is capable of detecting network intrusions. The KDD dataset which is freely available online is used for our experimentation and results are compared. Our intrusion detection system using association rule mining is able to generate attack rules that will detect the attacks in network audit data using anomaly detection, while maintaining a low false positive rate.

  11. Data mining approach to web application intrusions detection

    Science.gov (United States)

    Kalicki, Arkadiusz

    2011-10-01

    Web applications became most popular medium in the Internet. Popularity, easiness of web application script languages and frameworks together with careless development results in high number of web application vulnerabilities and high number of attacks performed. There are several types of attacks possible because of improper input validation: SQL injection Cross-site scripting, Cross-Site Request Forgery (CSRF), web spam in blogs and others. In order to secure web applications intrusion detection (IDS) and intrusion prevention systems (IPS) are being used. Intrusion detection systems are divided in two groups: misuse detection (traditional IDS) and anomaly detection. This paper presents data mining based algorithm for anomaly detection. The principle of this method is the comparison of the incoming HTTP traffic with a previously built profile that contains a representation of the "normal" or expected web application usage sequence patterns. The frequent sequence patterns are found with GSP algorithm. Previously presented detection method was rewritten and improved. Some tests show that the software catches malicious requests, especially long attack sequences, results quite good with medium length sequences, for short length sequences must be complemented with other methods.

  12. Network Intrusion Detection System Based On Machine Learning Algorithms

    Directory of Open Access Journals (Sweden)

    Vipin Das

    2010-12-01

    Full Text Available Network and system security is of paramount importance in the present data communication environment. Hackers and intruders can create many successful attempts to cause the crash of the networks and web services by unauthorized intrusion. New threats and associated solutions to prevent these threats are emerging together with the secured system evolution. Intrusion Detection Systems (IDS are one of these solutions. The main function of Intrusion Detection System is to protect the resources from threats. It analyzes and predicts the behaviours of users, and then these behaviours will be considered an attack or a normal behaviour. We use Rough Set Theory (RST and Support Vector Machine (SVM to detect network intrusions. First, packets are captured from the network, RST is used to pre-process the data and reduce the dimensions. The features selected by RST will be sent to SVM model to learn and test respectively. The method is effective to decrease the space density of data. The experiments compare the results with Principal Component Analysis (PCA and show RST and SVM schema could reduce the false positive rate and increase the accuracy.

  13. A Survey on VANET Intrusion Detection Systems

    Directory of Open Access Journals (Sweden)

    Mohammed ERRITALI

    2013-04-01

    Full Text Available In recent years, the security issues on Vehicular ad hoc networks (VANETs have become one of the primary concerns. The VANET is inherently very vulnerable to attacks than wired network because it is characterized by high mobility, shared wireless medium and the absence of centralized security services offered by dedicated equipment such as firewalls and authentication servers. Attackcountermeasures such as digital signature and encryption, can be used as the first line of defense for reducing the possibilities of attacks. However, these techniques have limited prevention in general, and they are designed for a set of known attacks. They are unlikely to avoid most recent attacks that are designed to circumvent existing security measures. For this reason, there is a need of second technique to “detect and notify” these newer attacks, i.e. “intrusion detection”. This article aims to present and classifycurrent techniques of Intrusion Detection System (IDS aware VANETs.

  14. Data Mining in Intrusion Detection: A Comparative Study of Methods, Types and Data Sets

    Directory of Open Access Journals (Sweden)

    Chandrashekhar Azad

    2013-07-01

    Full Text Available In the era of information and communication technology, Security is an important issue. A lot of effort and finance are being invested in this sector. Intrusion detection is one of the most prominent fields in this area. Data mining in network intrusion detection can automate the network intrusion detection field with a greater efficiency. This paper presents a literature survey on intrusion detection system. The research papers taken in this literature survey are published from 2000 to 2012. We can see that almost 67 % of the research papers are focused on anomaly detection, 23 % on both anomaly and misuse detection and 10 % on misuse detection. In this literature survey statistics shows that 42 % KDD cup dataset, 20 % DARPA dataset and 38 % other datasets are used by the different researchers for testing the effectiveness of their proposed method for misuse detection, anomaly detection or both.

  15. An adaptive neural swarm approach for intrusion defense in ad hoc networks

    Science.gov (United States)

    Cannady, James

    2011-06-01

    Wireless sensor networks (WSN) and mobile ad hoc networks (MANET) are being increasingly deployed in critical applications due to the flexibility and extensibility of the technology. While these networks possess numerous advantages over traditional wireless systems in dynamic environments they are still vulnerable to many of the same types of host-based and distributed attacks common to those systems. Unfortunately, the limited power and bandwidth available in WSNs and MANETs, combined with the dynamic connectivity that is a defining characteristic of the technology, makes it extremely difficult to utilize traditional intrusion detection techniques. This paper describes an approach to accurately and efficiently detect potentially damaging activity in WSNs and MANETs. It enables the network as a whole to recognize attacks, anomalies, and potential vulnerabilities in a distributive manner that reflects the autonomic processes of biological systems. Each component of the network recognizes activity in its local environment and then contributes to the overall situational awareness of the entire system. The approach utilizes agent-based swarm intelligence to adaptively identify potential data sources on each node and on adjacent nodes throughout the network. The swarm agents then self-organize into modular neural networks that utilize a reinforcement learning algorithm to identify relevant behavior patterns in the data without supervision. Once the modular neural networks have established interconnectivity both locally and with neighboring nodes the analysis of events within the network can be conducted collectively in real-time. The approach has been shown to be extremely effective in identifying distributed network attacks.

  16. Intrusion Detection Systems in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Vijay Kumar Mallarapu

    2012-01-01

    Full Text Available Wireless Sensor Networks (WSNs are a new technology foreseen to be used increasingly in the near future due to their data acquisition and data processing abilities. Security for WSNs is an area that needs to be considered in order to protect the functionality of these networks, the data they convey and the location of their members. The security models & protocols used in wired and other networks are not suited to WSNs because of their severe resource constrictions. In this paper, we describe various threats to WSN and then examine existing approaches to identify these threats. Finally, we propose an intrusion detection mechanism based on these existing approaches to identifying threats.

  17. Less is More: Data Processing with SVM for Intrusion Detection

    Institute of Scientific and Technical Information of China (English)

    XIAO Hai-jun; HONG Fan; WANG Ling

    2009-01-01

    To improve the detection rate and lower down the false positive rate in intrusion detection system,dimensionality reduction is widely used in the intrusion detection system.For this purpose,a data processing (DP) with support vector machine (SVM) was built.Different from traditionally identifying the redundant data before purging the audit data by expert knowledge or utilizing different kinds of subsets of the available 41-connection attributes to build a classifier,the proposed strategy first removes the attributes whose correlation with another attribute exceeds a threshold,and then classifies two sequence samples as one class while removing either of the two samples whose similarity exceeds a threshold.The results of performance experiments showed that the strategy of DP and SVM is superior to the other existing data reduction strategies (e.g.,audit reduction,rule extraction,and feature selection),and that the detection model based on DP and SVM outperforms those based on data mining,soft computing,and hierarchical principal component analysis neural networks.

  18. Detection and Protection Against Intrusions on Smart Grid Systems

    Directory of Open Access Journals (Sweden)

    Ata Arvani

    2015-05-01

    Full Text Available The wide area monitoring of power systems is implemented at a central control center to coordinate the actions of local controllers. Phasor measurement units (PMUs are used for the collection of data in real time for the smart grid energy systems. Intrusion detection and cyber security of network are important requirements for maintaining the integrity of wide area monitoring systems. The intrusion detection methods analyze the measurement data to detect any possible cyber attacks on the operation of smart grid systems. In this paper, the model-based and signal-based intrusion detection methods are investigated to detect the presence of malicious data. The chi-square test and discrete wavelet transform (DWT have been used for anomaly-based detection. The false data injection attack (FDIA can be detected using measurement residual. If the measurement residual is larger than expected detection threshold, then an alarm is triggered and bad data can be identified. Avoiding such alarms in the residual test is referred to as stealth attack. There are two protection strategies for stealth attack: (1 Select a subset of meters to be protected from the attacker (2 Place secure phasor measurement units in the power grid. An IEEE 14-bus system is simulated using real time digital simulator (RTDS hardware platform for implementing attack and detection schemes.

  19. An adaptive semantic based mediation system for data interoperability among Health Information Systems.

    Science.gov (United States)

    Khan, Wajahat Ali; Khattak, Asad Masood; Hussain, Maqbool; Amin, Muhammad Bilal; Afzal, Muhammad; Nugent, Christopher; Lee, Sungyoung

    2014-08-01

    Heterogeneity in the management of the complex medical data, obstructs the attainment of data level interoperability among Health Information Systems (HIS). This diversity is dependent on the compliance of HISs with different healthcare standards. Its solution demands a mediation system for the accurate interpretation of data in different heterogeneous formats for achieving data interoperability. We propose an adaptive AdapteR Interoperability ENgine mediation system called ARIEN, that arbitrates between HISs compliant to different healthcare standards for accurate and seamless information exchange to achieve data interoperability. ARIEN stores the semantic mapping information between different standards in the Mediation Bridge Ontology (MBO) using ontology matching techniques. These mappings are provided by our System for Parallel Heterogeneity (SPHeRe) matching system and Personalized-Detailed Clinical Model (P-DCM) approach to guarantee accuracy of mappings. The realization of the effectiveness of the mappings stored in the MBO is evaluation of the accuracy in transformation process among different standard formats. We evaluated our proposed system with the transformation process of medical records between Clinical Document Architecture (CDA) and Virtual Medical Record (vMR) standards. The transformation process achieved over 90 % of accuracy level in conversion process between CDA and vMR standards using pattern oriented approach from the MBO. The proposed mediation system improves the overall communication process between HISs. It provides an accurate and seamless medical information exchange to ensure data interoperability and timely healthcare services to patients.

  20. An adaptive semantic based mediation system for data interoperability among Health Information Systems.

    Science.gov (United States)

    Khan, Wajahat Ali; Khattak, Asad Masood; Hussain, Maqbool; Amin, Muhammad Bilal; Afzal, Muhammad; Nugent, Christopher; Lee, Sungyoung

    2014-08-01

    Heterogeneity in the management of the complex medical data, obstructs the attainment of data level interoperability among Health Information Systems (HIS). This diversity is dependent on the compliance of HISs with different healthcare standards. Its solution demands a mediation system for the accurate interpretation of data in different heterogeneous formats for achieving data interoperability. We propose an adaptive AdapteR Interoperability ENgine mediation system called ARIEN, that arbitrates between HISs compliant to different healthcare standards for accurate and seamless information exchange to achieve data interoperability. ARIEN stores the semantic mapping information between different standards in the Mediation Bridge Ontology (MBO) using ontology matching techniques. These mappings are provided by our System for Parallel Heterogeneity (SPHeRe) matching system and Personalized-Detailed Clinical Model (P-DCM) approach to guarantee accuracy of mappings. The realization of the effectiveness of the mappings stored in the MBO is evaluation of the accuracy in transformation process among different standard formats. We evaluated our proposed system with the transformation process of medical records between Clinical Document Architecture (CDA) and Virtual Medical Record (vMR) standards. The transformation process achieved over 90 % of accuracy level in conversion process between CDA and vMR standards using pattern oriented approach from the MBO. The proposed mediation system improves the overall communication process between HISs. It provides an accurate and seamless medical information exchange to ensure data interoperability and timely healthcare services to patients. PMID:24964780

  1. A Bayesian Networks in Intrusion Detection Systems

    Directory of Open Access Journals (Sweden)

    M. Mehdi

    2007-01-01

    Full Text Available Intrusion detection systems (IDSs have been widely used to overcome security threats in computer networks. Anomaly-based approaches have the advantage of being able to detect previously unknown attacks, but they suffer from the difficulty of building robust models of acceptable behaviour which may result in a large number of false alarms caused by incorrect classification of events in current systems. We propose a new approach of an anomaly Intrusion detection system (IDS. It consists of building a reference behaviour model and the use of a Bayesian classification procedure associated to unsupervised learning algorithm to evaluate the deviation between current and reference behaviour. Continuous re-estimation of model parameters allows for real time operation. The use of recursive Log-likelihood and entropy estimation as a measure for monitoring model degradation related with behavior changes and the associated model update show that the accuracy of the event classification process is significantly improved using our proposed approach for reducing the missing-alarm.

  2. NADIR (Network Anomaly Detection and Intrusion Reporter): A prototype network intrusion detection system

    Energy Technology Data Exchange (ETDEWEB)

    Jackson, K.A.; DuBois, D.H.; Stallings, C.A.

    1990-01-01

    The Network Anomaly Detection and Intrusion Reporter (NADIR) is an expert system which is intended to provide real-time security auditing for intrusion and misuse detection at Los Alamos National Laboratory's Integrated Computing Network (ICN). It is based on three basic assumptions: that statistical analysis of computer system and user activities may be used to characterize normal system and user behavior, and that given the resulting statistical profiles, behavior which deviates beyond certain bounds can be detected, that expert system techniques can be applied to security auditing and intrusion detection, and that successful intrusion detection may take place while monitoring a limited set of network activities such as user authentication and access control, file movement and storage, and job scheduling. NADIR has been developed to employ these basic concepts while monitoring the audited activities of more than 8000 ICN users.

  3. Signature Analysis of UDP Streams for Intrusion Detection using Data Mining Algorithms

    OpenAIRE

    R.Sridevi; Dr.K.Lakshmi

    2010-01-01

    with the increased use of internet for a wide range of activity from simple data search to online commercial transactions, securing the network is extremely important for any organization. Intrusion detection becomes extremely important to secure the network. Conventional techniques for intrusion detection have been successfully deployed, but predictive action can help in protecting the system in the long run. Data mining techniques are being ncreasingly used to study the data streams and go...

  4. Intrusion Detection System in Wireless Sensor Networks: A Review

    OpenAIRE

    Anush Ananthakumar; Tanmay Ganediwal; Dr. Ashwini Kunte

    2015-01-01

    The security of wireless sensor networks is a topic that has been studied extensively in the literature. The intrusion detection system is used to detect various attacks occurring on sensor nodes of Wireless Sensor Networks that are placed in various hostile environments. As many innovative and efficient models have emerged in the last decade in this area, we mainly focus our work on Intrusion detection Systems. This paper reviews various intrusion detection systems which can be broadly class...

  5. RePIDS: a multi tier real-time payload-based intrusion detection system

    NARCIS (Netherlands)

    Jamdagni, Aruna; Tan, Zhiyuan; Nanda, Priyadarsi; He, Xiangjian; Liu, Ren Ping

    2013-01-01

    Intrusion Detection System (IDS) deals with huge amount of network traffic and uses large feature set to discriminate normal pattern and intrusive pattern. However, most of existing systems lack the ability to process data for real-time anomaly detection. In this paper, we propose a 3-Tier Iterative

  6. Intrusion Detection in Computer Networks using a Fuzzy-Heuristic Data Mining Technique

    Directory of Open Access Journals (Sweden)

    Hamid Saadi

    2015-12-01

    Full Text Available In this article the use of Simulated Annealing (SA algorithm for creating a consistent intrusion detection system is presented. The ability of fuzzy systems to solve different types of problems has been demonstrated in several previous studies. Simulated Annealing based Fuzzy Intrusion Detection System (SAF-IDS crosses the estimated cognitive method of fuzzy systems with the learning capability of SA. The objective of this paper is to prove the ability of SAF-IDS to deal with intrusion detection classification problem as a new real-world application area which is not previously undertook with SA-based fuzzy system. Here, the use of SA is an effort to efficiently explore and exploit the large examines space usually related with the intrusion detection problem, and finds the optimum set of fuzzy if-then rules. The proposed SAF-IDS would be capable of extracting precise fuzzy classification rules from network traffic data and relates them to detect normal and invasive actions in computer networks. Tests were performed with KDD-Cup99 intrusion detection benchmark which is widely used to calculate intrusion detection algorithms. Results indicate that SAF-IDS provides more accurate intrusion detection system than several well-known and new classification algorithms.

  7. A Simulated Multiagent-Based Architecture for Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Onashoga S. Adebukola

    2013-04-01

    Full Text Available In this work, a Multiagent-based architecture for Intrusion Detection System (MIDS is proposed to overcome the shortcoming of current Mobile Agent-based Intrusion Detection System. MIDS is divided into three major phases namely: Data gathering, Detection and the Response phases. The data gathering stage involves data collection based on the features in the distributed system and profiling. The data collection components are distributed on both host and network. Closed Pattern Mining (CPM algorithm is introduced for profiling users’ activities in network database. The CPM algorithm is built on the concept of Frequent Pattern-growth algorithm by mining a prefix-tree called CPM-tree, which contains only the closed itemsets and its associated support count. According to the administrator’s specified thresholds, CPM-tree maintains only closed patterns online and incrementally outputs the current closed frequent pattern of users’ activities in real time. MIDS makes use of mobile and static agents to carry out the functions of intrusion detection. Each of these agents is built with rule-based reasoning to autonomously detect intrusions. Java 1.1.8 is chosen as the implementation language and IBM’s Java based mobile agent framework, Aglet 1.0.3 as the platform for running the mobile and static agents. In order to test the robustness of the system, a real-time simulation is carried out on University of Agriculture, Abeokuta (UNAAB network dataset and the results showed an accuracy of 99.94%, False Positive Rate (FPR of 0.13% and False Negative Rate (FNR of 0.04%. This shows an improved performance of MIDS when compared with other known MA-IDSs.

  8. Intelligence Intrusion Detection Prevention Systems using Object Oriented Analysis method

    OpenAIRE

    DR.K.KUPPUSAMY; S. Murugan

    2010-01-01

    This paper is deliberate to provide a model for “Intelligence Intrusion Detection Prevention Systems using Object Oriented Analysis method ” , It describes the state’s overall requirements regarding the acquisition and implementation of intrusion prevention and detection systems with intelligence (IIPS/IIDS). This is designed to provide a deeper understanding of intrusion prevention and detection principles with intelligence may be responsible for acquiring, implementing or monitoring such sy...

  9. 网络入侵检测数据采样策略研究%Research on Data Sampling Strategy Based on Network Intrusion Detection System

    Institute of Scientific and Technical Information of China (English)

    穆俊

    2015-01-01

    研究网络入侵检测数据采样策略,对入侵检测的定义、分类以及基本结构进行了分析,并从数据挖掘、数据采集等方面讨论了网络入侵检测数据采样的技术基础,构建了入侵检测数据采样模型,进行风险识别判断定价,并对扩展策略进行了讨论。%This paper mainly studied data sampling strategy on network intrusion detection. It analyzed the definition, classification and basic structure of the intrusion detection, discussed technical basis of data sampling from data mining and data acquisition. It built an intrusion detection model of data sampling, recognized the risk identification pricing and involved the extension strategy.

  10. A survey on RBF Neural Network for Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Henali Sheth

    2014-12-01

    Full Text Available Network security is a hot burning issue nowadays. With the help of technology advancement intruders or hackers are adopting new methods to create different attacks in order to harm network security. Intrusion detection system (IDS is a kind of security software which inspects all incoming and outgoing network traffic and it will generate alerts if any attack or unusual behavior is found in a network. Various approaches are used for IDS such as data mining, neural network, genetic and statistical approach. Among this Neural Network is more suitable approach for IDS. This paper describes RBF neural network approach for Intrusion detection system. RBF is a feed forward and supervise technique of neural network.RBF approach has good classification ability but its performance depends on its parameters. Based on survey we find that RBF approach has some short comings. In order to overcome this we need to do proper optimization of RBF parameters.

  11. Introduction To Intrusion Detection System Review

    Directory of Open Access Journals (Sweden)

    Rajni Tewatia

    2015-05-01

    Full Text Available Abstract Security of a network is always an important issue. With the continuously growing network the basic security such as firewall virus scanner is easily deceived by modern attackers who are experts in using software vulnerabilities to achieve their goals. For preventing such attacks we need even smarter security mechanism which act proactively and intelligently. Intrusion Detection System is the solution of such requirement. Many techniques have been used to implement IDS. These technique basically used in the detector part of IDS such as Neural Network Clustering Pattern Matching Rule Based Fuzzy Logic Genetic Algorithms and many more. To improve the performance of an IDS these approaches may be used in combination to build a hybrid IDS so that benefits of two o more approaches may be combined.

  12. Intrusion Detection System Using Hierarchical GMM and Dimensionality Reduction

    Directory of Open Access Journals (Sweden)

    L. Maria Michael

    2012-07-01

    Full Text Available The focus of this chapter is to provide the effective intrusion detection technique to protect Web server. The IDS protects an server from malicious attacks from the Internet if someone tries to break in through the firewall and tries to have access on any system in the trusted side and alerts the system administrator in case there is a breach in security. Gaussian Mixture Models (GMMs are among the most statistically mature methods for clustering the data. Intrusion detection can be divided into anomaly detection and misuse detection. Misuse detection model is to collect behavioral features of non-normal operation and establish related feature library. In the existing system of anomaly based Intrusion Detection System, the work is based on the number of attacks on the network and using decision tree analysis for rule matching and grading. We are proposing an IDS approach that will use signature based and anomaly based identification scheme. And we are also proposing the rule pruning scheme with GMM(Gaussian Mixture Model. It does facilitate efficient way of handling large amount of rules. And we are planned to compare the performance of the IDS on different models. The Dimension Reduction focuses on using information obtained KDD Cup 99 data set for the selection of attributes to identify the type of attacks. The dimensionality reduction is performed on 41 attributes to 14 and 7 attributes based on Best First Search method and then apply the two classifying Algorithms ID3 and J48 Keywords-Intrusion detection, reliable networks, malicious routers, internet dependability, tolerance.

  13. A Subset Feature Elimination Mechanism for Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Herve Nkiama

    2016-04-01

    Full Text Available several studies have suggested that by selecting relevant features for intrusion detection system, it is possible to considerably improve the detection accuracy and performance of the detection engine. Nowadays with the emergence of new technologies such as Cloud Computing or Big Data, large amount of network traffic are generated and the intrusion detection system must dynamically collected and analyzed the data produce by the incoming traffic. However in a large dataset not all features contribute to represent the traffic, therefore reducing and selecting a number of adequate features may improve the speed and accuracy of the intrusion detection system. In this study, a feature selection mechanism has been proposed which aims to eliminate non-relevant features as well as identify the features which will contribute to improve the detection rate, based on the score each features have established during the selection process. To achieve that objective, a recursive feature elimination process was employed and associated with a decision tree based classifier and later on, the suitable relevant features were identified. This approach was applied on the NSL-KDD dataset which is an improved version of the previous KDD 1999 Dataset, scikit-learn that is a machine learning library written in python was used in this paper. Using this approach, relevant features were identified inside the dataset and the accuracy rate was improved. These results lend to support the idea that features selection improve significantly the classifier performance. Understanding the factors that help identify relevant features will allow the design of a better intrusion detection system.

  14. Cluster Based Cost Efficient Intrusion Detection System For Manet

    OpenAIRE

    Kumarasamy, Saravanan; B, Hemalatha; P, Hashini

    2013-01-01

    Mobile ad-hoc networks are temporary wireless networks. Network resources are abnormally consumed by intruders. Anomaly and signature based techniques are used for intrusion detection. Classification techniques are used in anomaly based techniques. Intrusion detection techniques are used for the network attack detection process. Two types of intrusion detection systems are available. They are anomaly detection and signature based detection model. The anomaly detection model uses the historica...

  15. Fuzzy Based Anomaly Intrusion Detection System for Clustered WSN

    OpenAIRE

    Sumathy Murugan; Sundara Rajan, M.

    2015-01-01

    In Wireless Sensor Networks (WSN), the intrusion detection technique may result in increased computational cost, packet loss, performance degradation and so on. In order to overcome these issues, in this study, we propose a fuzzy based anomaly intrusion detection system for clustered WSN. Initially the cluster heads are selected based on the parameters such as link quality, residual energy and coverage. Then the anomaly intrusion is detected using fuzzy logic technique. This technique conside...

  16. Intrusion Awareness Based on Data Fusion and SVM Classification

    Directory of Open Access Journals (Sweden)

    Ramnaresh Sharma

    2012-06-01

    Full Text Available Network intrusion awareness is important factor for risk analysis of network security. In the current decade various method and framework are available for intrusion detection and security awareness. Some method based on knowledge discovery process and some framework based on neural network. These entire model take rule based decision for the generation of security alerts. In this paper we proposed a novel method for intrusion awareness using data fusion and SVM classification. Data fusion work on the biases of features gathering of event. Support vector machine is super classifier of data. Here we used SVM for the detection of closed item of ruled based technique. Our proposed method simulate on KDD1999 DARPA data set and get better empirical evaluation result in comparison of rule based technique and neural network model.

  17. Design Network Intrusion Detection System using hybrid Fuzzy-Neural Network

    Directory of Open Access Journals (Sweden)

    muna mhammad taher jawhar & Monica Mehrotra

    2010-08-01

    Full Text Available As networks grow both in importance and size, there is an increasing need for effective security monitors such as Network Intrusion Detection System to prevent such illicit accesses. Intrusion Detection Systems technology is an effective approach in dealing with the problems of network security. In this paper, we present an intrusion detection model based on hybrid fuzzy logic and neural network. The key idea is to take advantage of different classification abilities of fuzzy logic and neural network for intrusion detection system. The new model has ability to recognize an attack, to differentiate one attack from another i.e. classifying attack, and the most important, to detect new attacks with high detection rate and low false negative. Training and testing data were obtained from the Defense Advanced Research Projects Agency (DARPA intrusion detection evaluation data set.

  18. An Adaptive Fuzzy Framework based on Optimized Fuzzy Contexts for Detecting Network Intrusions

    Directory of Open Access Journals (Sweden)

    Habib Ullah Baig

    2010-10-01

    Full Text Available Anomaly based Intrusion Detection System (AIDS is one of the key component of a reliable security infrastructure. Working at second line of defense, detection accuracy is the key objective that largely depends upon the precision of its normal profile. Due to existence of vague boundaries between normal and anomalous classes and dynamic network behavior, building accurate and generalize normal profile is very difficult. Based on the assumption that intruder?s behavior can be grouped into different phases active at different times, this article proposes to evolve and use ?short-term fuzzy profiles/contexts? for each such individual intrusion phase resulting in enhanced detection accuracy for low-level attacks. The result is a context-driven, adaptable implementation framework based on a double layer hierarchy of fuzzy sensors. The framework adapts to network conditions by switching between different contexts, according to network traffic patterns, anomaly conditions and organization?s security policies. These contexts are evolved in incremental fashion with genetic algorithm using real-time network traces. The framework is tested using DARPA 98/99 dataset showing accurate detection of low-level DoS attack.

  19. Intrusion Awareness Based on Data Fusion and SVM Classification

    Directory of Open Access Journals (Sweden)

    Ramnaresh Sharma

    2012-06-01

    Full Text Available Network intrusion awareness is important factor forrisk analysis of network security. In the currentdecade various method and framework are availablefor intrusion detection and security awareness.Some method based on knowledge discovery processand some framework based on neural network.These entire model take rule based decision for thegeneration of security alerts. In this paper weproposed a novel method for intrusion awarenessusing data fusion and SVM classification. Datafusion work on the biases of features gathering ofevent. Support vector machine is super classifier ofdata. Here we used SVM for the detection of closeditem of ruled based technique. Our proposedmethod simulate on KDD1999 DARPA data set andget better empirical evaluation result in comparisonof rule based technique and neural network model.

  20. 自适应型主机入侵防御系统的设计与实现%Design and Implementation of the Adaptive Host Intrusion Prevention System

    Institute of Scientific and Technical Information of China (English)

    吕滨; 关双城; 刘晓红; 张艳艳

    2013-01-01

    The system intercepts the API cal information using Hooking technology, according to the design principle of streamlined, in view of the characteristics of individual hosts with limited resources and relatively stable application , based on the principle of API monitoring. In the behavior analysis model the system simplifies the decision rules and execution logic, does not need the complex behavior analysis algorithm and process. The system has an advantage function of automotive learning, through adaptive training early, it can adapt to the user system quickly and have enough intrusion defense capability, and it is very effective for the defense of frequent ilegal access and pop-up window.%系统基于 API 监控原理,针对个人主机资源有限和系统应用相对稳定的特点,按照精简的设计原则,利用Hooking 技术截获 API 调用信息。在行为分析模式上,简化判定规则和执行逻辑,不需要复杂的行为分析算法和过程。系统的优势是具备动态的自动学习功能,通过前期的适应性训练,可以很快地适应用户系统并具备足够的入侵防御能力,对于防御频繁出现的非法访问和各种弹出窗口非常有效。

  1. HYBRID FEATURE SELECTION ALGORITHM FOR INTRUSION DETECTION SYSTEM

    Directory of Open Access Journals (Sweden)

    Seyed Reza Hasani

    2014-01-01

    Full Text Available Network security is a serious global concern. Usefulness Intrusion Detection Systems (IDS are increasing incredibly in Information Security research using Soft computing techniques. In the previous researches having irrelevant and redundant features are recognized causes of increasing the processing speed of evaluating the known intrusive patterns. In addition, an efficient feature selection method eliminates dimension of data and reduce redundancy and ambiguity caused by none important attributes. Therefore, feature selection methods are well-known methods to overcome this problem. There are various approaches being utilized in intrusion detections, they are able to perform their method and relatively they are achieved with some improvements. This work is based on the enhancement of the highest Detection Rate (DR algorithm which is Linear Genetic Programming (LGP reducing the False Alarm Rate (FAR incorporates with Bees Algorithm. Finally, Support Vector Machine (SVM is one of the best candidate solutions to settle IDSs problems. In this study four sample dataset containing 4000 random records are excluded randomly from this dataset for training and testing purposes. Experimental results show that the LGP_BA method improves the accuracy and efficiency compared with the previous related research and the feature subcategory offered by LGP_BA gives a superior representation of data.

  2. Fair and adaptive data dissemination for traffic information systems

    NARCIS (Netherlands)

    Schwartz, Ramon S.; Ohazulike, Anthony E.; Sommer, Christoph; Scholten, Hans; Dressler, Falko; Havinga, Paul

    2012-01-01

    Vehicular Ad-hoc Networks (VANETs) are expected to serve as support to the development of not only safety applications but also information-rich applications that disseminate relevant data to vehicles. Due to the continuous collection, processing, and dissemination of data, one crucial requirement i

  3. Network Security using Linux Intrusion Detection System / IJORCS

    Directory of Open Access Journals (Sweden)

    Arul Anitha

    2011-12-01

    Full Text Available Attacks on the nation’s computer infrastructures are becoming an increasingly serious problem. Firewalls provide a certain amount of security, but can be fooled at times by attacks like IP spoofing and the so called authorized users. So an intelligent system that can detect attacks and intrusions is required. The tool GRANT (Global Real-time Analysis of Network Traffic being a Linux based Intrusion Detection System(LIDs, takes the advantage of the security of a Linux box and secures the other nodes in the perimeter of the network. It is capable of detecting intrusions and probes as and when they occur and capable of responding to “already” successful attacks, thus causing minimal or no damage to the entire network. For better performance, this Linux Intrusion Detection System should be part of a defense in depth strategy such as Firewall and Intrusion Prevention.

  4. Efficient Hybrid Network (Wired and Wireless Intrusion Detection using Statistical Data Streams and Detection of Clustered Alerts

    Directory of Open Access Journals (Sweden)

    M. Thangavel

    2011-01-01

    Full Text Available Problem statement: Wireless LAN IEEE 802.11 protocols are growing rapidly and security has always been a concern with the security of wired network. Wireless networks encountered threats from unauthorized access to network resources, installation of access points and illegal sniffing (refer as classical intrusion threats. In its current hybrid wired and wireless network attacks on the generally distinguish from normal cable intrusion attacks, selective forwarding attacks, MAC spoofing attacks. This means that the simple traditional misuse detection and anomaly detection model alone not sufficient to identify these mixed attacks on the hybrid network (wired and wireless. Approach: Our proposed work presents a hybrid cluster-based intrusion detection statistical anomaly, for detecting selective forwarding in wireless networks and intrusion into traditional wired networks. The detection was identified by changes in the statistical characteristics of data traffic on the wireless network. The clustering of data traffic based on the characteristics of alert classes and normal classes improve the performance of our hybrid intrusion detection in both wired and wireless network efficiently. The simulation was performed to evaluate the performance of wired intrusion detection systems to the proposed wireless intrusion detection on the data traffic in the area of wired and wireless hybrid network environment. Results: The proposed wireless intrusion detection system sharply detect the statistical change point detection of intrusion behavior in terms of attack rate and throughput of data traffic. The probability of intrusion attack and detection delay were measured in the simulation scenario, the result is 17% better than the current part of the exiting wired intrusion detection. Conclusion: The proposed anomaly intrusion traffic detection scheme performs better in heterogametic hybrid network (i.e., wired and wireless compared to that of conventional

  5. Reconfigurable Hardware Architecture for Network Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    A. Kaleel Rahuman

    2012-01-01

    Full Text Available Intrusion rule processing in reconfigurable hardware enables intrusion detection and prevention. The use of reconfigurable hardware for network security applications has great strides as Field Programmable Gate Array (FPGA devices have provided larger and faster resources. This proposes architecture called “BV-TCAM” is presented, which is implemented for an FPGA-based Network Intrusion Detection Systems (NIDS. The BV-TCAM architecture combines the Ternary Content Addressable Memory (TCAM and Bit Vector (BV algorithm to effectively compress the data representation and throughput. A tree bitmap implementation of the BV algorithm is used for source and destination port lookup while a TCAM performs lookup for other header fields, which can be represented as a prefix or exact value. With the aid of small embedded TCAM, packet classification can be implemented in relatively small part of the available logic of an FPGA. The BV-TCAM architecture has been modelled by VHDL. Simulations were performed by MODELSIM. This architecture have to be synthesized and implement our design using Xilinx FPGA device."

  6. Fuzzy logic based Adaptive Modulation Using Non Data Aided SNR Estimation for OFDM system

    Directory of Open Access Journals (Sweden)

    K.SESHADRI SASTRY

    2010-06-01

    Full Text Available As demand for high quality transmission increases increase of spectrum efficiency and an improvement of error performance in wireless communication systems are important . One of the promising approaches to 4G is adaptive OFDM (AOFDM . Fixed modulation systems uses only one type of modulation scheme (or order, so that either performance or capacity should be compromised Adaptive modulated systems are superior to fixed modulated systems, since they change modulation order depending on present SNR. In an adaptive modulation system SNR estimation is important since performance of adaptive modulated system depends of estimated SNR. Non-data-Aided (NDA SNR estimation systems are gaining importance in recent days since they estimate SNR range and requires less data as input .In this paper we propose an adaptive modulated OFDM system which uses NDA(Non-data Aided SNR estimation using fuzzy logic interface.The proposed system is simulated in Matlab 7.4 and The results of computer simulation show the improvement in system capacity .

  7. A Retroactive-Burst Framework for Automated Intrusion Response System

    Directory of Open Access Journals (Sweden)

    Alireza Shameli-Sendi

    2013-01-01

    Full Text Available The aim of this paper is to present an adaptive and cost-sensitive model to prevent security intrusions. In most automated intrusion response systems, response selection is performed locally based on current threat without using the knowledge of attacks history. Another challenge is that a group of responses are applied without any feedback mechanism to measure the response effect. We address these problems through retroactive-burst execution of responses and a Response Coordinator (RC mechanism, the main contributions of this work. The retroactive-burst execution consists of several burst executions of responses with, at the end of each burst, a mechanism for measuring the effectiveness of the applied responses by the risk assessment component. The appropriate combination of responses must be considered for each burst execution to mitigate the progress of the attack without necessarily running the next round of responses, because of the impact on legitimate users. In the proposed model, there is a multilevel response mechanism. To indicate which level is appropriate to apply based on the retroactive-burst execution, we get help from a Response Coordinator mechanism. The applied responses can improve the health of Applications, Kernel, Local Services, Network Services, and Physical Status. Based on these indexes, the RC gives a general overview of an attacker’s goal in a distributed environment.

  8. Cross Layer Intrusion Detection System for Wireless Sensor Network

    OpenAIRE

    Djallel Eddine Boubiche; Azeddine Bilami

    2012-01-01

    The wireless sensor networks (WSN) are particularly vulnerable to various attacks at different layers of the protocol stack. Many intrusion detection system (IDS) have been proposed to secure WSNs. But all these systems operate in a single layer of the OSI model, or do not consider the interaction and collaboration between these layers. Consequently these systems are mostly inefficient and would drain out the WSN. In this paper we propose a new intrusion detection system based on cross layer...

  9. Survey on Host and Network Based Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Niva Das

    2014-09-01

    Full Text Available With invent of new technologies and devices, Intrusion has become an area of concern because of security issues, in the ever growing area of cyber-attack. An intrusion detection system (IDS is defined as a device or software application which monitors system or network activities for malicious activities or policy violations. It produces reports to a management station [1]. In this paper we are mainly focused on different IDS concepts based on Host and Network systems.

  10. 浅谈数据融合技术在入侵检测系统中的作用%A Simple Analysis of The Function of Multi-Source Data Fusion Technology in Intrusion Detection System

    Institute of Scientific and Technical Information of China (English)

    祝亚楠

    2015-01-01

    A distributed network intrusion detection system, need to collect data, integration of the terminal from every agency network, so that the global data on the network space through the situation to master, and the contrast the rule base to go on feature matching, attack detection, to prevent all kinds of attacks using network. Data fusion technology is a network intrusion detection system, which is indispensable in the basic part, and will be shown its importance with the increasing popularity of the network intrusion detection products. This paper starts with the definition and the working process of data fusion, making a simple statement of the data fusion technology in intrusion detection system.%分布式网络入侵检测系统,需要从网络终端的各个代理上采集、融合数据,以便对网络空间的全局数据流经情况做以掌握,从而对照规则库,进行特征匹配,成功检测、阻止各种利用网络进行的协同攻击.数据融合技术是网络入侵检测系统中的不可或缺的基础组成部分,而且会伴随着网络入侵检测产品的日益普及,更显其重要性.本文从数据融合的定义及工作流程入手,简单陈述了数据融合技术在入侵检测系统中的作用.

  11. Intrusive versus domiciliated triatomines and the challenge of adapting vector control practices against Chagas disease

    Science.gov (United States)

    Waleckx, Etienne; Gourbière, Sébastien; Dumonteil, Eric

    2015-01-01

    Chagas disease prevention remains mostly based on triatomine vector control to reduce or eliminate house infestation with these bugs. The level of adaptation of triatomines to human housing is a key part of vector competence and needs to be precisely evaluated to allow for the design of effective vector control strategies. In this review, we examine how the domiciliation/intrusion level of different triatomine species/populations has been defined and measured and discuss how these concepts may be improved for a better understanding of their ecology and evolution, as well as for the design of more effective control strategies against a large variety of triatomine species. We suggest that a major limitation of current criteria for classifying triatomines into sylvatic, intrusive, domiciliary and domestic species is that these are essentially qualitative and do not rely on quantitative variables measuring population sustainability and fitness in their different habitats. However, such assessments may be derived from further analysis and modelling of field data. Such approaches can shed new light on the domiciliation process of triatomines and may represent a key tool for decision-making and the design of vector control interventions. PMID:25993504

  12. Intrusion Detection System Inside Grid Computing Environment (IDS-IGCE

    Directory of Open Access Journals (Sweden)

    Basappa B. Kodada

    2012-01-01

    Full Text Available Grid Computing is a kind of important information technology which enables resource sharing globally to solve the large scale problem. It is based on networks and able to enable large scale aggregation and sharing of computational, data, sensors and other resources across institutional boundaries. Integrated Globus Tool Kit with Web services is to present OGSA (Open Grid Services Architecture as the standardservice grid architecture. In OGSA, everything is abstracted as a service, including computers, applications, data as well as instruments. The services and resources in Grid are heterogeneous and dynamic, and they also belong to different domains. Grid Services are still new to business system & asmore systems are being attached to it, any threat to it could bring collapse and huge harm. May be intruder come with a new form of attack. Grid Computing is a Global Infrastructure on the internet has led to asecurity attacks on the Computing Infrastructure. The wide varieties of IDS (Intrusion Detection System are available which are designed to handle the specific types of attacks. The technique of [27] will protect future attacks in Service Grid Computing Environment at the Grid Infrastructure but there is no technique can protect these types of attacks inside the grid at the node level. So this paper proposes the Architecture of IDS-IGCE (Intrusion Detection System – Inside Grid Computing Environment which can provide the protection against the complete threats inside the Grid Environment.

  13. Distributed reinforcement learning for adaptive and robust network intrusion response

    Science.gov (United States)

    Malialis, Kleanthis; Devlin, Sam; Kudenko, Daniel

    2015-07-01

    Distributed denial of service (DDoS) attacks constitute a rapidly evolving threat in the current Internet. Multiagent Router Throttling is a novel approach to defend against DDoS attacks where multiple reinforcement learning agents are installed on a set of routers and learn to rate-limit or throttle traffic towards a victim server. The focus of this paper is on online learning and scalability. We propose an approach that incorporates task decomposition, team rewards and a form of reward shaping called difference rewards. One of the novel characteristics of the proposed system is that it provides a decentralised coordinated response to the DDoS problem, thus being resilient to DDoS attacks themselves. The proposed system learns remarkably fast, thus being suitable for online learning. Furthermore, its scalability is successfully demonstrated in experiments involving 1000 learning agents. We compare our approach against a baseline and a popular state-of-the-art throttling technique from the network security literature and show that the proposed approach is more effective, adaptive to sophisticated attack rate dynamics and robust to agent failures.

  14. Novel Non-Intrusive Vibration Monitoring System for Turbopumps Project

    Data.gov (United States)

    National Aeronautics and Space Administration — ASRI proposes to develop an advanced and commercially viable Non-Intrusive Vibration Monitoring System (NI-VMS) which can provide effective on-line/off-line engine...

  15. An expert system application for network intrusion detection

    Energy Technology Data Exchange (ETDEWEB)

    Jackson, K.A.; Dubois, D.H.; Stallings, C.A.

    1991-01-01

    The paper describes the design of a prototype intrusion detection system for the Los Alamos National Laboratory's Integrated Computing Network (ICN). The Network Anomaly Detection and Intrusion Reporter (NADIR) differs in one respect from most intrusion detection systems. It tries to address the intrusion detection problem on a network, as opposed to a single operating system. NADIR design intent was to copy and improve the audit record review activities normally done by security auditors. We wished to replace the manual review of audit logs with a near realtime expert system. NADIR compares network activity, as summarized in user profiles, against expert rules that define network security policy, improper or suspicious network activities, and normal network and user activity. When it detects deviant (anomalous) behavior, NADIR alerts operators in near realtime, and provides tools to aid in the investigation of the anomalous event. 15 refs., 2 figs.

  16. Novel Non-Intrusive Vibration Monitoring System for Turbopumps Project

    Data.gov (United States)

    National Aeronautics and Space Administration — AI Signal Research, Inc. proposes to develop a Non-Intrusive Vibration Measurement System (NI-VMS) for turbopumps which will provide effective on-board/off-board...

  17. Novel Hybrid Intrusion Detection System For Clustered Wireless Sensor Network

    Directory of Open Access Journals (Sweden)

    Hichem Sedjelmaci

    2011-08-01

    Full Text Available Wireless sensor network (WSN is regularly deployed in unattended and hostile environments. The WSN isvulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the mostefficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. Our intrusion framework uses a combination between the Anomaly Detection based on support vector machine (SVM and the Misuse Detection. Experiments results show that most of routing attacks can be detected with low falsealarm.

  18. Novel hybrid intrusion detection system for clustered wireless sensor network

    CERN Document Server

    Sedjelmaci, Hichem

    2011-01-01

    Wireless sensor network (WSN) is regularly deployed in unattended and hostile environments. The WSN is vulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the most efficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. Our intrusion framework uses a combination between the Anomaly Detection based on support vector machine (SVM) and the Misuse Detection. Experiments results show that most of routing attacks can be detected with low false alarm.

  19. AdiosStMan: Parallelizing Casacore Table Data System using Adaptive IO System

    Science.gov (United States)

    Wang, R.; Harris, C.; Wicenec, A.

    2016-07-01

    In this paper, we investigate the Casacore Table Data System (CTDS) used in the casacore and CASA libraries, and methods to parallelize it. CTDS provides a storage manager plugin mechanism for third-party developers to design and implement their own CTDS storage managers. Having this in mind, we looked into various storage backend techniques that can possibly enable parallel I/O for CTDS by implementing new storage managers. After carrying on benchmarks showing the excellent parallel I/O throughput of the Adaptive IO System (ADIOS), we implemented an ADIOS based parallel CTDS storage manager. We then applied the CASA MSTransform frequency split task to verify the ADIOS Storage Manager. We also ran a series of performance tests to examine the I/O throughput in a massively parallel scenario.

  20. Network Intrusion Detection System – A Novel Approach

    Directory of Open Access Journals (Sweden)

    Krish Pillai

    2013-08-01

    Full Text Available Network intrusion starts off with a series of unsuccessful breakin attempts and results eventually with the permanent or transient failure of an authentication or authorization system. Due to the current complexity of authentication systems, clandestine attempts at intrusion generally take considerable time before the system gets compromised or damaging change is affected to the system giving administrators a window of opportunity to proactively detect and prevent intrusion. Therefore maintaining a high level of sensitivity to abnormal access patterns is a very effective way of preventing possible break-ins. Under normal circumstances, gross errors on the part of the user can cause authentication and authorization failures on all systems. A normal distribution of failed attempts should be tolerated while abnormal attempts should be recognized as such and flagged. But one cannot manage what one cannot measure. This paper proposes a method that can efficiently quantify the behaviour of users on a network so that transient changes in usage can be detected, categorized based on severity, and closely investigated for possible intrusion. The author proposes the identification of patterns in protocol usage within a network to categorize it for surveillance. Statistical anomaly detection, under which category this approach falls, generally uses simple statistical tests such as mean and standard deviation to detect behavioural changes. The author proposes a novel approach using spectral density as opposed to using time domain data, allowing a clear separation or access patterns based on periodicity. Once a spectral profile has been identified for network, deviations from this profile can be used as an indication of a destabilized or compromised network. Spectral analysis of access patterns is done using the Fast Fourier Transform (FFT, which can be computed in Θ(N log N operations. The paper justifies the use of this approach and presents preliminary

  1. Adaptive-array Electron Cyclotron Emission diagnostics using data streaming in a Software Defined Radio system

    International Nuclear Information System (INIS)

    Measurement of the Electron Cyclotron Emission (ECE) spectrum is one of the most popular electron temperature diagnostics in nuclear fusion plasma research. A 2-dimensional ECE imaging system was developed with an adaptive-array approach. A radio-frequency (RF) heterodyne detection system with Software Defined Radio (SDR) devices and a phased-array receiver antenna was used to measure the phase and amplitude of the ECE wave. The SDR heterodyne system could continuously measure the phase and amplitude with sufficient accuracy and time resolution while the previous digitizer system could only acquire data at specific times. Robust streaming phase measurements for adaptive-arrayed continuous ECE diagnostics were demonstrated using Fast Fourier Transform (FFT) analysis with the SDR system. The emission field pattern was reconstructed using adaptive-array analysis. The reconstructed profiles were discussed using profiles calculated from coherent single-frequency radiation from the phase array antenna

  2. Fortification of Hybrid Intrusion Detection System Using Variants of Neural Networks and Support Vector Machines

    Directory of Open Access Journals (Sweden)

    A. M. Chandrashekhar

    2013-02-01

    Full Text Available Intrusion Detection Systems (IDS form a key part of system defence, where it identifies abnormalactivities happening in a computer system. In recent years different soft computing based techniques havebeen proposed for the development of IDS. On the other hand, intrusion detection is not yet a perfecttechnology. This has provided an opportunity for data mining to make quite a lot of importantcontributions in the field of intrusion detection. In this paper we have proposed a new hybrid techniqueby utilizing data mining techniques such as fuzzy C means clustering, Fuzzy neural network / Neurofuzzyand radial basis function(RBF SVM for fortification of the intrusion detection system. Theproposed technique has five major steps in which, first step is to perform the relevance analysis, and theninput data is clustered using Fuzzy C-means clustering. After that, neuro-fuzzy is trained, such that eachof the data point is trained with the corresponding neuro-fuzzy classifier associated with the cluster.Subsequently, a vector for SVM classification is formed and in the last step, classification using RBFSVMis performed to detect intrusion has happened or not. Data set used is the KDD cup 1999 datasetand we have used precision, recall, F-measure and accuracy as the evaluation metrics parameters. Ourtechnique could achieve better accuracy for all types of intrusions. The results of proposed technique arecompared with the other existing techniques. These comparisons proved the effectiveness of ourtechnique.

  3. Adaptive top-down suppression of hippocampal activity and the purging of intrusive memories from consciousness.

    Science.gov (United States)

    Benoit, Roland G; Hulbert, Justin C; Huddleston, Ean; Anderson, Michael C

    2015-01-01

    When reminded of unwanted memories, people often attempt to suppress these experiences from awareness. Prior work indicates that control processes mediated by the dorsolateral prefrontal cortex (DLPFC) modulate hippocampal activity during such retrieval suppression. It remains unknown whether this modulation plays a role in purging an intrusive memory from consciousness. Here, we combined fMRI and effective connectivity analyses with phenomenological reports to scrutinize a role for adaptive top-down suppression of hippocampal retrieval processes in terminating mnemonic awareness of intrusive memories. Participants either suppressed or recalled memories of pictures depicting faces or places. After each trial, they reported their success at regulating awareness of the memory. DLPFC activation was greatest when unwanted memories intruded into consciousness and needed to be purged, and this increased engagement predicted superior control of intrusive memories over time. However, hippocampal activity was decreased during the suppression of place memories only. Importantly, the inhibitory influence of the DLPFC on the hippocampus was linked to the ensuing reduction in intrusions of the suppressed memories. Individuals who exhibited negative top-down coupling during early suppression attempts experienced fewer involuntary memory intrusions later on. Over repeated suppressions, the DLPFC-hippocampus connectivity grew less negative with the degree that they no longer had to purge unwanted memories from awareness. These findings support a role of DLPFC in countermanding the unfolding recollection of an unwanted memory via the suppression of hippocampal processing, a mechanism that may contribute to adaptation in the aftermath of traumatic experiences. PMID:25100219

  4. The design about the intrusion defense system for IHEP

    International Nuclear Information System (INIS)

    With the development of network technologies, limitations on traditional methods of network security protection are becoming more and more obvious. An individual network security product or the simple combination of several products can hardly complete the goal of keeping from hackers' intrusion. Therefore, on the basis of the analyses about the security problems of IHEPNET which is an open and scientific research network, the author designs an intrusion defense system especially for IHEPNET

  5. Novel hybrid intrusion detection system for clustered wireless sensor network

    OpenAIRE

    Hichem Sedjelmaci; Mohamed Feham

    2011-01-01

    Wireless sensor network (WSN) is regularly deployed in unattended and hostile environments. The WSN is vulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the most efficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. ...

  6. An adaptive structure data acquisition system using a graphical-based programming language

    Science.gov (United States)

    Baroth, Edmund C.; Clark, Douglas J.; Losey, Robert W.

    1992-01-01

    An example of the implementation of data fusion using a PC and a graphical programming language is discussed. A schematic of the data acquisition system and user interface panel for an adaptive structure test are presented. The computer programs (a series of icons 'wired' together) are also discussed. The way in which using graphical-based programming software to control a data acquisition system can simplify analysis of data, promote multidisciplinary interaction, and provide users a more visual key to understanding their data are shown.

  7. Intrusion Prevention/Intrusion Detection System (IPS/IDS) for Wifi Networks

    OpenAIRE

    Michal Korcak; Jaroslav Lamer; Frantisek Jakab

    2014-01-01

    The nature of wireless networks itself created new vulnerabilities that in the classical wired network s do not exist. This results in an evolutional requireme nt to implement new sophisticated security mechanis m in form of Intrusion Detection and Prevention Systems. This paper deals with security issues of small off ice and home office wireless networks. The goal of our work is to design and evaluate wireless IDPS with u se of packet injection method. Dec...

  8. Data reduction in the ITMS system through a data acquisition model with self-adaptive sampling rate

    Energy Technology Data Exchange (ETDEWEB)

    Ruiz, M. [Grupo de Investigacion en Instrumentacion y Acustica Aplicada, Universidad Politecnica de Madrid (UPM), Crta. Valencia Km-7, Madrid 28031 (Spain)], E-mail: mariano.ruiz@upm.es; Lopez, JM.; Arcas, G. de [Grupo de Investigacion en Instrumentacion y Acustica Aplicada, Universidad Politecnica de Madrid (UPM), Crta. Valencia Km-7, Madrid 28031 (Spain); Barrera, E. [Departamento de Sistemas Electronicos y de Control, Universidad Politecnica de Madrid (UPM), Crta. Valencia Km-7, Madrid 28031 (Spain); Melendez, R. [Grupo de Investigacion en Instrumentacion y Acustica Aplicada, Universidad Politecnica de Madrid (UPM), Crta. Valencia Km-7, Madrid 28031 (Spain); Vega, J. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain)

    2008-04-15

    Long pulse or steady state operation of fusion experiments require data acquisition and processing systems that reduce the volume of data involved. The availability of self-adaptive sampling rate systems and the use of real-time lossless data compression techniques can help solve these problems. The former is important for continuous adaptation of sampling frequency for experimental requirements. The latter allows the maintenance of continuous digitization under limited memory conditions. This can be achieved by permanent transmission of compressed data to other systems. The compacted transfer ensures the use of minimum bandwidth. This paper presents an implementation based on intelligent test and measurement system (ITMS), a data acquisition system architecture with multiprocessing capabilities that permits it to adapt the system's sampling frequency throughout the experiment. The sampling rate can be controlled depending on the experiment's specific requirements by using an external dc voltage signal or by defining user events through software. The system takes advantage of the high processing capabilities of the ITMS platform to implement a data reduction mechanism based in lossless data compression algorithms which are themselves based in periodic deltas.

  9. Intrusion problematic during water supply systems' operation

    Energy Technology Data Exchange (ETDEWEB)

    Mora-Rodriguez, Jesus; Lopez-Jimenez, P. Amparo [Departamento de Ingenieria Hidraulica y Medio Ambiente, Universidad Politecnica de Valencia, Camino de Vera, s/n, 46022, Valencia (Spain); Ramos, Helena M. [Civil Engineering Department and CEHIDRO, Instituto Superior Tecnico, Technical University of Lisbon, Av. Rovisco Pais, 1049-001, Lisbon (Portugal)

    2011-07-01

    Intrusion through leaks occurrence is a phenomenon when external fluid comes into water pipe systems. This phenomenon can cause contamination problems in drinking pipe systems. Hence, this paper focuses on the entry of external fluids across small leaks during normal operation conditions. This situation is especially important in elevated points of the pipe profile. Pressure variations can origin water volume losses and intrusion of contaminants into the drinking water pipes. This work focuses in obtaining up the physical representation on a specific case intrusion in a pipe water system. The combination of two factors is required to generate this kind of intrusion in a water supply system: on one hand the existence of at least a leak in the system; on the other hand, a pressure variation could occur during the operation of the system due to consumption variation, pump start-up or shutdown. The potential of intrusion during a dynamic or transient event is here analyzed. To obtain this objective an experimental case study of pressure transient scenario is analyzed with a small leak located nearby the transient source.

  10. Semantic intrusion detection with multisensor data fusion using complex event processing

    Indian Academy of Sciences (India)

    R Bhargavi; V Vaidehi

    2013-04-01

    Complex Event Processing (CEP) is an emerging technology for processing and identifying patterns of interest from multiple streams of events in real/near real time. Sensor network-based security and surveillance is a topic of recent research where events generated from distributed sensors at an unpredictable rate need to be analysed for possible threats and respond in a timely manner. Traditional software architectures like client/server architecture where the interactions are pull-based (DBMS) do not target the efficient processing of streams of events in real time. CEP which is a push-based system can process streaming data to identify the intrusion patterns in near real time and respond to the threats. An Intrusion Detection System (IDS) based on single sensor may fail to give accurate identification of intrusion. Hence there is a need for multisensor based IDS. A multisensor-based IDS enables identification of the intrusion patterns semantically by correlating the events and context information provided by multiple sensors. JDL multisource data fusion model is a well-known research model first established by the Joint Directorate Laboratories. This paper proposes JDL fusion framework-based CEP for semantic intrusion detection. The events generated from heterogeneous sensors are collected, aggregated using logical and spatiotemporal relations to form complex events which model the intrusion patterns. The proposed system is implemented and the results show that the proposed system out performs the pull-based solutions in terms of detection accuracy and detection time.

  11. Cross Layer Intrusion Detection System for Wireless Sensor Network

    Directory of Open Access Journals (Sweden)

    Djallel Eddine Boubiche

    2012-03-01

    Full Text Available The wireless sensor networks (WSN are particularly vulnerable to various attacks at different layers of the protocol stack. Many intrusion detection system (IDS have been proposed to secure WSNs. But all these systems operate in a single layer of the OSI model, or do not consider the interaction and collaboration between these layers. Consequently these systems are mostly inefficient and would drain out the WSN. In this paper we propose a new intrusion detection system based on cross layer interaction between the network, Mac and physical layers. Indeed we have addressed the problem of intrusion detection in a different way in which the concept of cross layer is widely used leading to the birth of a new type of IDS. We have experimentally evaluated our system using the NS simulator to demonstrate itseffectiveness in detecting different types of attacks at multiple layers of the OSI model.

  12. Application of Data Mining to Network Intrusion Detection: Classifier Selection Model

    CERN Document Server

    Nguyen, Huy

    2010-01-01

    As network attacks have increased in number and severity over the past few years, intrusion detection system (IDS) is increasingly becoming a critical component to secure the network. Due to large volumes of security audit data as well as complex and dynamic properties of intrusion behaviors, optimizing performance of IDS becomes an important open problem that is receiving more and more attention from the research community. The uncertainty to explore if certain algorithms perform better for certain attack classes constitutes the motivation for the reported herein. In this paper, we evaluate performance of a comprehensive set of classifier algorithms using KDD99 dataset. Based on evaluation results, best algorithms for each attack category is chosen and two classifier algorithm selection models are proposed. The simulation result comparison indicates that noticeable performance improvement and real-time intrusion detection can be achieved as we apply the proposed models to detect different kinds of network at...

  13. Protecting coastal abstraction boreholes from seawater intrusion using self-potential data

    Science.gov (United States)

    Graham, Malcolm; Butler, Adrian; MacAllister, Donald John; Vinogradov, Jan; Ijioma, Amadi; Jackson, Matthew

    2016-04-01

    We investigate whether the presence and transport of seawater can influence self-potentials (SPs) measured within coastal groundwater boreholes, with a view to using SP monitoring as part of an early warning system for saline intrusion. SP data were collected over a period of 18 months from a coastal groundwater borehole in the fractured Chalk of England. Spectral analysis of the results shows semi-diurnal fluctuations that are several orders of magnitude higher than those observed from monitoring of the Chalk more than 60 km inland, indicating a strong influence from oceanic tides. Hydrodynamic and geoelectric modelling of the coastal aquifer suggests that observed pressure changes (giving rise to the streaming potential) are not sufficient to explain the magnitude of the observed SP fluctuations. Simulation of the exclusion-diffusion potential, produced by changes in concentration across the saline front, is required to match the SP data from the borehole, despite the front being located some distance away. In late summer of 2013 and 2014, seawater intrusion occurred in the coastal monitoring borehole. When referenced to the shallowest borehole electrode, there was a characteristic increase in SP within the array, several days before any measurable increase in salinity. The size of this precursor increased steadily with depth, typically reaching values close to 0.3 mV in the deepest electrode. Numerical modelling suggests that the exclusion-diffusion potential can explain the magnitude of the precursor, but that the polarity of the change in SP cannot be replicated assuming a homogeneous aquifer. Small-scale models of idealised Chalk blocks were used to simulate the effects of discrete fractures on the distribution of SP. Initial results suggest that comparatively large reductions in voltage can develop in the matrix ahead of the front, in conjunction with a reduced or absent precursor in the vicinity of a fracture. Geophysical logging indicates the presence of a

  14. Intrusion Prevention/Intrusion Detection System (IPS/IDS for Wifi Networks

    Directory of Open Access Journals (Sweden)

    Michal Korcak

    2014-07-01

    Full Text Available The nature of wireless networks itself created new vulnerabilities that in the classical wired network s do not exist. This results in an evolutional requireme nt to implement new sophisticated security mechanis m in form of Intrusion Detection and Prevention Systems. This paper deals with security issues of small off ice and home office wireless networks. The goal of our work is to design and evaluate wireless IDPS with u se of packet injection method. Decrease of attacker’s traffic by 95% was observed when compared to attacker’s traffic without deployment of proposed I DPS system.

  15. A new data normalization method for unsupervised anomaly intrusion detection

    Institute of Scientific and Technical Information of China (English)

    Long-zheng CAI; Jian CHEN; Yun KE; Tao CHEN; Zhi-gang LI

    2010-01-01

    Unsupervised anomaly detection can detect attacks without the need for clean or labeled training data.This paper studies the application of clustering to unsupervised anomaly detection(ACUAD).Data records are mapped to a feature space.Anomalies are detected by determining which points lie in the sparse regions of the feature space.A critical element for this method to be effective is the definition of the distance function between data records.We propose a unified normalization distance framework for records with numeric and nominal features mixed data.A heuristic method that computes the distance for nominal features is proposed,taking advantage of an important characteristic of nominal features-their probability distribution.Then,robust methods are proposed for mapping numeric features and computing their distance,these being able to tolerate the impact of the value difference in scale and diversification among features,and outliers introduced by intrusions.Empirical experiments with the KDD 1999 dataset showed that ACUAD can detect intrusions with relatively low false alarm rates compared with other approaches.

  16. Revisiting anomaly-based network intrusion detection systems

    NARCIS (Netherlands)

    Bolzoni, Damiano

    2009-01-01

    Intrusion detection systems (IDSs) are well-known and widely-deployed security tools to detect cyber-attacks and malicious activities in computer systems and networks. A signature-based IDS works similar to anti-virus software. It employs a signature database of known attacks, and a successful match

  17. Intrusion Detection Systems Based On Packet Sniffing

    Directory of Open Access Journals (Sweden)

    Ushus Maria Joseph

    2013-01-01

    Full Text Available In the present era of networks, security of network systems is becoming increasingly important, as more and more sensitive information is being stored and manipulated online. The paper entitled ’Packet Sniffing’ is a IDS where it monitors packets on the network wire and attempts to the discovery of hacker/cracker who is attempting to break into system. Packet Sniffing also finds the contents and tracks the data packet in the network system. This sniffing is being performed by comparing the captured packet with the intruder details stored in the database .If the packet is found to be an intruder it is then forwarded to the firewall with the respective message for blocking. The Emotional Ants module contains the sender and receiver .The sender will inform all the other Ants running in other machines about the detection of intruder through his pheromone (Messages. The receiver in Ants will listen for the messages from other Ants

  18. A Fiber-Optical Intrusion Alarm System Based on Quasi-Distributed Fiber Bragg Grating Sensors

    Institute of Scientific and Technical Information of China (English)

    Qi Jiang; Yun-Jiang Rao; De-Hong Zeng

    2008-01-01

    A fiber-optical intrusion alarm system based on quasi-distributed fiber Bragg grating (FBG) sensors is demonstrated in this paper. The algorithms of empirical mode decomposition (EMD) and wavelet packet characteristic entropy are adopted to determine the intrusion location. The intrusion alarm software based on the Labview is developed, and it is also proved by the experiments. The results show that such a fiber-optical intrusion alarm system can offer the automatic intrusion alarm in real-time.

  19. Identification Method of Attack Path Based on Immune Intrusion Detection

    Directory of Open Access Journals (Sweden)

    Wenhua Huang

    2014-04-01

    Full Text Available This thesis takes researches on the immune intrusion detection and IP trace back technology. To find out the network data features of the real-time analyses, the distributed immune intrusion detection system and the packet marking theory are used; to guide the dynamically processing of path signs technology, the immune intrusion detection system is used; what’s more, to dynamically adaptive different methods of characteristics of network data, the path signs technology is adopted. After that, the attack paths can be quickly identified to provide path information for feature detector on attack path in the immune intrusion detection system. Experiment results show that this scheme can quickly reconstruct the attack path information, and the performance on the aspects of the convergence is with efficiency rate and false positive rate, which is superior to the current probabilistic packet marking algorithm and can provide characteristic path information for immune intrusion detection system

  20. HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NETWORK

    Directory of Open Access Journals (Sweden)

    Seyedeh Yasaman Rashida

    2013-06-01

    Full Text Available In order to the rapid growth of the network application, new kinds of network attacks are emerging endlessly. So it is critical to protect the networks from attackers and the Intrusion detection technology becomes popular. Therefore, it is necessary that this security concern must be articulate right from the beginning of the network design and deployment. The intrusion detection technology is the process of identifying network activity that can lead to a compromise of security policy. Lot of work has been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and manage misuse and anomaly detects.

  1. A methodical and adaptive framework for Data Warehouse of Salary Management System

    Directory of Open Access Journals (Sweden)

    Manzoor Ahmad

    2014-06-01

    Full Text Available Years of experience as an employee of University of Kashmir has always desired us to have a typical solution where most of the activities related to salary are fully automated without checking across the files whenever there is a need e.g. individual month‟s salary report , web based information submission, filing of returns , increment information etc. After thorough analysis , taking employee satisfaction , sensitivity and security of data , a long term solution was to develop a centralized University salary management system and its data warehouse . In this paper the design and implementation of an adaptive data warehouse is presented which supports large volume of data and saves the cost effectively. It also enable decision makers pose queries and question to the system. However decision support systems only support a set of queries and operations that are to be performed.

  2. A methodical and adaptive framework for Data Warehouse of Salary Management System

    Directory of Open Access Journals (Sweden)

    Manzoor Ahmad

    2015-11-01

    Full Text Available Years of experience as an employee of University of Kashmir has always desired us to have a typical solution where most of the activities related to salary are fully automated without checking across the files whenever there is a need e.g. individual month‟s salary report , web based information submission, filing of returns , increment information etc. After thorough analysis , taking employee satisfaction , sensitivity and security of data , a long term solution was to develop a centralized University salary management system and its data warehouse . In this paper the design and implementation of an adaptive data warehouse is presented which supports large volume of data and saves the cost effectively. It also enable decision makers pose queries and question to the system. However decision support systems only support a set of queries and operations that are to be performed.

  3. ATM, FDDI and Network Intrusion Simulation for Packet Data Networks

    Directory of Open Access Journals (Sweden)

    Shahiruddin

    2014-06-01

    Full Text Available In this paper we describe the use of the OPNET simulation tool for analysis of packet data networks. The motivation is to provide knowledge on packet level networks: Fiber Distributed Data Interface and Network intrusion simulation. FDDI protocol is examined by varying network parameters in two network configurations. Geographic distribution of servers and workstations in different buildings by capitalizing on the long-distance capability also saves money by eliminating the necessity for moving equipment to a single location provides high utilization on the FDDI LAN, thus lowering the cost of transporting data. We discussed about OPNET process model and its performance and effect on the traffic patterns in an ATM network. In this paper we also report studies of simulation efficiency and network performance of simulated network using firewall.

  4. Nuclear data needs for non-intrusive inspection.

    Energy Technology Data Exchange (ETDEWEB)

    Smith, D. L.; Michlich, B. J.

    2000-11-29

    Various nuclear-based techniques are being explored for use in non-intrusive inspection. Their development is motivated by the need to prevent the proliferation of nuclear weapons, to thwart trafficking in illicit narcotics, to stop the transport of explosives by terrorist organizations, to characterize nuclear waste, and to deal with various other societal concerns. Non-intrusive methods are sought in order to optimize inspection speed, to minimize damage to packages and containers, to satisfy environmental, health and safety requirements, to adhere to legal requirements, and to avoid inconveniencing the innocent. These inspection techniques can be grouped into two major categories: active and passive. They almost always require the use of highly penetrating radiation and therefore are generally limited to neutrons and gamma rays. Although x-rays are widely employed for these purposes, their use does not constitute nuclear technology and therefore is not discussed here. This paper examines briefly the basic concepts associated with nuclear inspection and investigates the related nuclear data needs. These needs are illustrated by considering four of the methods currently being developed and tested.

  5. Intelligent Intrusion Detection System%智能型入侵检测系统的研究

    Institute of Scientific and Technical Information of China (English)

    陆立峥; 陈金山

    2012-01-01

    In view of the current existing intrusion detection system to identify intrusion behavior accurately and the new attack behavior detection efficiency is high, the shortcomings of poor adaptability and flexibility, the neural network with intrusion detection system combined with neural network, selflearning, adaptive ability to solve intrusion detection system intelligent problem, and construct ANN intelligent intrusion detection system, the system has higher detection accuracy and recognition of intrusion behavior ability.%针对目前现有的入侵检测系统在识别入侵行为的准确性和对新的攻击行为的检测方面效率不高,适应性和灵活性较差的缺点,项目组将神经网络与入侵检测系统相结合,利用神经网络的自学习、自适应能力解决入侵检测系统的智能化问题,构建了智能型入侵检测系统。该系统具有较高的检测正确率和识别入侵行为的能力。

  6. Rule Generalisation in Intrusion Detection Systems using Snort

    CERN Document Server

    Aickelin, Uwe; Hesketh-Roberts, Thomas

    2008-01-01

    Intrusion Detection Systems (ids)provide an important layer of security for computer systems and networks, and are becoming more and more necessary as reliance on Internet services increases and systems with sensitive data are more commonly open to Internet access. An ids responsibility is to detect suspicious or unacceptable system and network activity and to alert a systems administrator to this activity. The majority of ids use a set of signatures that define what suspicious traffic is, and Snort is one popular and actively developing open-source ids that uses such a set of signatures known as Snort rules. Our aim is to identify a way in which Snort could be developed further by generalising rules to identify novel attacks. In particular, we attempted to relax and vary the conditions and parameters of current Snort rules, using a similar approach to classic rule learning operators such as generalisation and specialisation. We demonstrate the effectiveness of our approach through experiments with standard d...

  7. Clustering of tethered satellite system simulation data by an adaptive neuro-fuzzy algorithm

    Science.gov (United States)

    Mitra, Sunanda; Pemmaraju, Surya

    1992-01-01

    Recent developments in neuro-fuzzy systems indicate that the concepts of adaptive pattern recognition, when used to identify appropriate control actions corresponding to clusters of patterns representing system states in dynamic nonlinear control systems, may result in innovative designs. A modular, unsupervised neural network architecture, in which fuzzy learning rules have been embedded is used for on-line identification of similar states. The architecture and control rules involved in Adaptive Fuzzy Leader Clustering (AFLC) allow this system to be incorporated in control systems for identification of system states corresponding to specific control actions. We have used this algorithm to cluster the simulation data of Tethered Satellite System (TSS) to estimate the range of delta voltages necessary to maintain the desired length rate of the tether. The AFLC algorithm is capable of on-line estimation of the appropriate control voltages from the corresponding length error and length rate error without a priori knowledge of their membership functions and familarity with the behavior of the Tethered Satellite System.

  8. Poseidon: a 2-tier Anomaly-based Network Intrusion Detection System

    NARCIS (Netherlands)

    Bolzoni, Damiano; Zambon, Emmanuele; Etalle, Sandro; Hartel, Pieter

    2006-01-01

    We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection r

  9. Weaknesses, Vulnerabilities And Elusion Strategies Against Intrusion Detection Systems

    Directory of Open Access Journals (Sweden)

    Hossein Jadidoleslamy

    2012-09-01

    Full Text Available One of most important existent issues in information security application domain is Intrusion Detection System (IDS; IDS is a defensive-aggressive system to protect information, verifying and responding tooccurring attacks on computer systems and networks. This paper discusses different topics including presenting some strategies against IDSs to passing from them; this leads to improving detection level and performance of IDS; also, this paper considers some intrusion tools, new attacks patterns and trackingprevention techniques. In addition, it discusses vulnerabilities, security holes and IDSs' structural and systemic problems to eliminating defects, reducing penetrates and correcting their behavior. Finally, it leads to increasing the functionality coefficient of IDSs, promoting the security level of computer systems and networks, increasing the trust of authorized users. So, the proposed methods in this paper can apply to improving the IDSs by using inverse engineering methods.

  10. Adaptive Lockable Units to Improve Data Availability in a Distributed Database System

    Directory of Open Access Journals (Sweden)

    Khaled Maabreh

    2016-01-01

    Full Text Available Distributed database systems have become a phenomenon and have been considered a crucial source of information for numerous users. Users with different jobs are using such systems locally or via the Internet to meet their professional requirements. Distributed database systems consist of a number of sites connected over a computer network. Each site deals with its own database and interacts with other sites as needed. Data replication in these systems is considered a key factor in improving data availability. However, it may affect system performance when most of the transactions that access the data contain write or a mix of read and write operations because of exclusive locks and update propagation. This research proposes a new adaptive approach for increasing the availability of data contained in a distributed database system. The proposed approach suggests a new lockable unit by increasing the database hierarchy tree by one level to include attributes as lockable units instead of the entire row. This technique may allow several transactions to access the database row simultaneously by utilizing some attributes and keeping others available for other transactions. Data in a distributed database system can be accessed locally or remotely by a distributed transaction, with each distributed transaction decomposed into several sub-transactions called participants or agents. These agents access the data at multiple sites and must guarantee that any changes to the data must be committed in order to complete the main transaction. The experimental results show that using attribute-level locking will increase data availability, reliability, and throughput, as well as enhance overall system performance. Moreover, it will increase the overhead of managing such a large number of locks, which will be managed according to the qualification of the query.

  11. A Partially Distributed Intrusion Detection System for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Eung Jun Cho

    2013-11-01

    Full Text Available The increasing use of wireless sensor networks, which normally comprise several very small sensor nodes, makes their security an increasingly important issue. They can be practically and efficiently secured using intrusion detection systems. Conventional security mechanisms are not usually applicable due to the sensor nodes having limitations of computational power, memory capacity, and battery power. Therefore, specific security systems should be designed to function under constraints of energy or memory. A partially distributed intrusion detection system with low memory and power demands is proposed here. It employs a Bloom filter, which allows reduced signature code size. Multiple Bloom filters can be combined to reduce the signature code for each Bloom filter array. The mechanism could then cope with potential denial of service attacks, unlike many previous detection systems with Bloom filters. The mechanism was evaluated and validated through analysis and simulation.

  12. Distributed Intrusion Detection System for Ad hoc Mobile Networks

    Directory of Open Access Journals (Sweden)

    Muhammad Nawaz Khan

    2012-01-01

    Full Text Available In mobile ad hoc network resource restrictions on bandwidth, processing capabilities, battery life and memory of mobile devices lead tradeoff between security and resources consumption. Due to some unique properties of MANETs, proactive security mechanism like authentication, confidentiality, access control and non-repudiation are hard to put into practice. While some additional security requirements are also needed, like cooperation fairness, location confidentiality, data freshness and absence of traffic diversion. Traditional security mechanism i.e. authentication and encryption, provide a security beach to MANETs. But some reactive security mechanism is required who analyze the routing packets and also check the overall network behavior of MANETs. Here we propose a local-distributed intrusion detection system for ad hoc mobile networks. In the proposed distributed-ID, each mobile node works as a smart agent. Data collect by node locally and it analyze that data for malicious activity. If any abnormal activity discover, it informs the surrounding nodes as well as the base station. It works like a Client-Server model, each node works in collaboration with server, updating its database each time by server using Markov process. The proposed local distributed- IDS shows a balance between false positive and false negative rate. Re-active security mechanism is very useful in finding abnormal activities although proactive security mechanism present there. Distributed local-IDS useful for deep level inspection and is suited with the varying nature of the MANETs.

  13. Security Policy Based on Firewall and Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Hemdeep Kaur Bimbraw

    2014-11-01

    Full Text Available Firewalls are usually the first component of network security. They separate networks in different security levels by utilizing network access control policies. The major function of the firewall is to protect the private network from non-legitimate traffic. The main purpose of a firewall system is to control access to or from a protected network. It implements a network access policy by forcing connections to pass through the firewall, where they can be examined and evaluated. Intrusion detection is the process of monitoring and searching networks of computers and systems for security policy violations. Intrusion Detection Systems (IDSs are software or hardware products that automate this monitoring and analysis process. An IDS inspects all inbound and outbound network activity, system logs and events, and identifies suspicious patterns or events that may indicate a network or system attack from someone attempting to break into or compromise a system. The network security in today’s world is a major concern because of increasing threats from malicious users. Therefore, designing a correct network security policy is a challenging task. To design filtering rules to formulate a sound firewall security policy and implement intrusion detection system to capture network packets and detect attacks to fulfill this gap

  14. Intrusion Detection Systems in Wireless Sensor Networks

    OpenAIRE

    Vijay Kumar Mallarapu; K.V.D.Sagar

    2012-01-01

    Wireless Sensor Networks (WSNs) are a new technology foreseen to be used increasingly in the near future due to their data acquisition and data processing abilities. Security for WSNs is an area that needs to be considered in order to protect the functionality of these networks, the data they convey and the location of their members. The security models & protocols used in wired and other networks are not suited to WSNs because of their severe resource constrictions. In this paper, we describ...

  15. Intrusion Detection of NSM Based DoS Attacks Using Data Mining in Smart Grid

    OpenAIRE

    JungChan Na; Kijoon Chae; Mihui Kim; Shi Li; Xinyi Chen; Kyung Choi

    2012-01-01

    In this paper, we analyze the Network and System Management (NSM) requirements and NSM data objects for the intrusion detection of power systems; NSM is an IEC 62351-7 standard. We analyze a SYN flood attack and a buffer overflow attack to cause the Denial of Service (DoS) attack described in NSM. After mounting the attack in our attack testbed, we collect a data set, which is based on attributes for the attack. We then run several data mining methods with the data set using the Waikato Envir...

  16. Distributed Intrusion Detection for Computer Systems Using Communicating Agents

    OpenAIRE

    Ingram, Dennis J.; Kremer, H. Steven; Neil C. Rowe

    2000-01-01

    This paper appeared in the Proceedings of the 2000 Command and Control Research and Technology Symposium (CCRTS), Monterey, CA, June 11-13, 2000, and won the award for “Best Paper”. Intrusion detection for computer systems is a key problem of the Internet, and the Windows NT operating system has a number of vulnerabilities. The work presented here demonstrates that independent detection agents under Windows NT can be run in a distributed fashion, each operating mostly independent ...

  17. Usefulness of DARPA dataset for intrusion detection system evaluation

    OpenAIRE

    Thomas, Ciza; Sharma, Vishwas; Balakrishnan, N.

    2008-01-01

    The MIT Lincoln Laboratory IDS evaluation methodology is a practical solution in terms of evaluating the performance of Intrusion Detection Systems, which has contributed tremendously to the research progress in that field. The DARPA IDS evaluation dataset has been criticized and considered by many as a very outdated dataset, unable to accommodate the latest trend in attacks. Then naturally the question arises as to whether the detection systems have improved beyond detecting these old level ...

  18. Optimizations of Battery-Based Intrusion Protection Systems

    OpenAIRE

    Nelson, Theresa Michelle

    2008-01-01

    As time progresses, small mobile devices become more prevalent for both personal and industrial use, providing malicious network users with new and exciting venues for security exploits. Standard security applications, such as Norton Antivirus and MacAfee, require computing power, memory space, and operating system complexity that are not present in small mobile devices. Recently, the Battery-Sensing Intrusion Protection System (B-SIPS) was devised as a means to correct the inability of small...

  19. A Partially Distributed Intrusion Detection System for Wireless Sensor Networks

    OpenAIRE

    Eung Jun Cho; Choong Seon Hong; Sungwon Lee; Seokhee Jeon

    2013-01-01

    The increasing use of wireless sensor networks, which normally comprise several very small sensor nodes, makes their security an increasingly important issue. They can be practically and efficiently secured using intrusion detection systems. Conventional security mechanisms are not usually applicable due to the sensor nodes having limitations of computational power, memory capacity, and battery power. Therefore, specific security systems should be designed to function under constraints of ene...

  20. Detecting network intrusions by data mining and variable-length sequence pattern matching

    Institute of Scientific and Technical Information of China (English)

    Tian Xinguang; Duan Miyi; Sun Chunlai; Liu Xin

    2009-01-01

    Anomaly detection has been an active research topic in the field of network intrusion detection for many years. A novel method is presented for anomaly detection based on system calls into the kernels of Unix or Linux systems. The method uses the data mining technique to model the normal behavior of a privileged program and uses a variable-length pattern matching algorithm to perform the comparison of the current behavior and historic normal behavior, which is more suitable for this problem than the fixed-length pattern matching algorithm proposed by Forrest et al. At the detection stage, the particularity of the audit data is taken into account, and two alternative schemes could be used to distinguish between normalities and intrusions. The method gives attention to both computational efficiency and detection accuracy and is especially applicable for on-line detection. The performance of the method is evaluated using the typical testing data set, and the results show that it is significantly better than the anomaly detection method based on hidden Markov models proposed by Yan et al. and the method based on fixed-length patterns proposed by Forrest and Hofmeyr. The novel method has been applied to practical hosted-based intrusion detection systems and achieved high detection performance.

  1. Evaluating the Strengths and Weaknesses of Mining Audit Data for Automated Models for Intrusion Detection in Tcpdump and Basic Security Module Data

    Directory of Open Access Journals (Sweden)

    A. Arul Lawrence Selvakumar

    2012-01-01

    Full Text Available Problem statement: Intrusion Detection System (IDS have become an important component of infrastructure protection mechanism to secure the current and emerging networks, its services and applications by detecting, alerting and taking necessary actions against the malicious activities. The network size, technology diversities and security policies make networks more challenging and hence there is a requirement for IDS which should be very accurate, adaptive, extensible and more reliable. Although there exists the novel framework for this requirement namely Mining Audit Data for Automated Models for Intrusion Detection (MADAM ID, it is having some performance shortfalls in processing the audit data. Approach: Few experiments were conducted on tcpdump data of DARPA and BCM audit files by applying the algorithms and tools of MADAM ID in the processing of audit data, mine patterns, construct features and build RIPPER classifiers. By putting it all together, four main categories of attacks namely DOS, R2L, U2R and PROBING attacks were simulated. Results: This study outlines the experimentation results of MADAM ID in testing the DARPA and BSM data on a simulated network environment. Conclusion: The strengths and weakness of MADAM ID has been identified thru the experiments conducted on tcpdump data and also on Pascal based audit files of Basic Security Module (BSM. This study also gives some additional directions about the future applications of MADAM ID.

  2. System and method for the adaptive mapping of matrix data to sets of polygons

    Science.gov (United States)

    Burdon, David (Inventor)

    2003-01-01

    A system and method for converting bitmapped data, for example, weather data or thermal imaging data, to polygons is disclosed. The conversion of the data into polygons creates smaller data files. The invention is adaptive in that it allows for a variable degree of fidelity of the polygons. Matrix data is obtained. A color value is obtained. The color value is a variable used in the creation of the polygons. A list of cells to check is determined based on the color value. The list of cells to check is examined in order to determine a boundary list. The boundary list is then examined to determine vertices. The determination of the vertices is based on a prescribed maximum distance. When drawn, the ordered list of vertices create polygons which depict the cell data. The data files which include the vertices for the polygons are much smaller than the corresponding cell data files. The fidelity of the polygon representation can be adjusted by repeating the logic with varying fidelity values to achieve a given maximum file size or a maximum number of vertices per polygon.

  3. Security Policy Based on Firewall and Intrusion Detection System

    OpenAIRE

    Hemdeep Kaur Bimbraw; O P Gupta

    2014-01-01

    Firewalls are usually the first component of network security. They separate networks in different security levels by utilizing network access control policies. The major function of the firewall is to protect the private network from non-legitimate traffic. The main purpose of a firewall system is to control access to or from a protected network. It implements a network access policy by forcing connections to pass through the firewall, where they can be examined and evaluated. Intrusion dete...

  4. Hybrid Adaptive Intrusion Prevention%自适应混合入侵防御

    Institute of Scientific and Technical Information of China (English)

    乔佩利; 韩伟

    2011-01-01

    This paper proposed a model of Intrusion Prevent System, which has the adaptive ability and apply a hybrid approach to host security that prevents binary code injection attacks. It incorporates three major components: an anomaly-based classifier, a signature-based filtering scheme, and a supervision framework that employs Instruction Set Randomization ( ISR ). ISR can precisely identify the injected code, the classifier and the filter via a learning mechanism based on this feedback can be tuned. Capturing the injected code allows FLIPS to construct signatures for zero-day exploits. Experimental results show that the model can discard input that is anomalous matches or malicious input, protecting the application from attack effectively.%提出一个应用混合的方法来阻止破坏主机安全的二进制代码注入式攻击并具有自适应能力的入侵防御系统模型(Feedback Leaming IPS,FLIPS).它包括三个主要组成部分:基于异常的分类器,基于签名的过滤系统,和采用指令集随机化(Instruction Set Randomization,ISR)的监管框架.ISR可以准确识别注入的代码,以这种反馈为基础对分类器和过滤器进行调整,并允许FLIPS对捕捉到的注入代码构建零日攻击签名.经试验表明,该模型能够丢弃那些匹配异常或已知的恶意输入,从而有效地保护应用程序免受攻击.

  5. An Implementation Approach for Intrusion Detection System in Wireless sensor Network

    OpenAIRE

    Ruchi Bhatnagar; Dr. A.K. Srivastava; Anupriya Sharma

    2010-01-01

    The Intrusion Detection System (IDS) has become a critical component of wireless sensor networks security strategy. In this paper we have made an effort to document related issues and challenges of intrusion detection system for wireless sensor network and proposed a novel secure strategy for their implementation that can detect possible intrusion in the network, alerting user after intrusion had been detected and reconfigure the network if possible.

  6. An Implementation Approach for Intrusion Detection System in Wireless sensor Network

    Directory of Open Access Journals (Sweden)

    Ruchi Bhatnagar

    2010-10-01

    Full Text Available The Intrusion Detection System (IDS has become a critical component of wireless sensor networks security strategy. In this paper we have made an effort to document related issues and challenges of intrusion detection system for wireless sensor network and proposed a novel secure strategy for their implementation that can detect possible intrusion in the network, alerting user after intrusion had been detected and reconfigure the network if possible.

  7. A ROLE OF INTRUSION DETECTION SYSTEM FOR WIRELESS LAN USING VARIOUS SCHEMES AND RELATED ISSUES

    OpenAIRE

    Kamalanaban Ethala; Seshadri, R; N. G. Renganathan; M. S. Saravanan

    2013-01-01

    The advancement in network based technology and augmented dependability of our everyday life on this technology. During recent years, number of attacks on networks has intensely increased. Hence interest in network intrusion detection has increased among the researchers. This study assesses different kinds of IDS and inclines preemptive procedures. An Intrusion Detection System (IDS) is used to automate the intrusion detection process. An Intrusion Deterrence System (IPS) is software which ha...

  8. Network Threat Characterization in Multiple Intrusion Perspectives using Data Mining Technique

    Directory of Open Access Journals (Sweden)

    Oluwafemi Oriola

    2012-12-01

    Full Text Available For effective security incidence response on the network, a reputable approach must be in place at bothprotected and unprotected region of the network. This is because compromise in the demilitarized zonecould be precursor to threat inside the network. The improved complexity of attacks in present times andvulnerability of system are motivations for this work. Past and present approaches to intrusion detectionand prevention have neglected victim and attacker properties despite the fact that for intrusion to occur,an overt act by an attacker and a manifestation, observable by the intended victim, which results fromthat act are required. Therefore, this paper presents a threat characterization model for attacks from thevictim and the attacker perspective of intrusion using data mining technique. The data mining techniquecombines Frequent Temporal Sequence Association Mining and Fuzzy Logic. Apriori Association Miningalgorithm was used to mine temporal rule patterns from alert sequences while Fuzzy Control System wasused to rate exploits. The results of the experiment show that accurate threat characterization in multipleintrusion perspectives could be actualized using Fuzzy Association Mining. Also, the results proved thatsequence of exploits could be used to rate threat and are motivated by victim properties and attackerobjectives.

  9. Thermal Error Modelling of the Spindle Using Data Transformation and Adaptive Neurofuzzy Inference System

    Directory of Open Access Journals (Sweden)

    Yanlei Li

    2015-01-01

    Full Text Available This paper proposes a new method for predicting spindle deformation based on temperature data. The method introduces the adaptive neurofuzzy inference system (ANFIS, which is a neurofuzzy modeling approach that integrates the kernel and geometrical transformations. By utilizing data transformation, the number of ANFIS rules can be effectively reduced and the predictive model structure can be simplified. To build the predictive model, we first map the original temperature data to a feature space with Gaussian kernels. We then process the mapped data with the geometrical transformation and make the data gather in the square region. Finally, the transformed data are used as input to train the ANFIS. A verification experiment is conducted to evaluate the performance of the proposed method. Six Pt100 thermal resistances are used to monitor the spindle temperature, and a laser displacement sensor is used to detect the spindle deformation. Experimental results show that the proposed method can precisely predict the spindle deformation and greatly improve the thermal performance of the spindle. Compared with back propagation (BP networks, the proposed method is more suitable for complex working conditions in practical applications.

  10. A ROLE OF INTRUSION DETECTION SYSTEM FOR WIRELESS LAN USING VARIOUS SCHEMES AND RELATED ISSUES

    Directory of Open Access Journals (Sweden)

    Kamalanaban Ethala

    2013-01-01

    Full Text Available The advancement in network based technology and augmented dependability of our everyday life on this technology. During recent years, number of attacks on networks has intensely increased. Hence interest in network intrusion detection has increased among the researchers. This study assesses different kinds of IDS and inclines preemptive procedures. An Intrusion Detection System (IDS is used to automate the intrusion detection process. An Intrusion Deterrence System (IPS is software which has complete competencies of an intrusion detection system and it can endeavor to stop probable events.

  11. Clustering of noisy image data using an adaptive neuro-fuzzy system

    Science.gov (United States)

    Pemmaraju, Surya; Mitra, Sunanda

    1992-01-01

    Identification of outliers or noise in a real data set is often quite difficult. A recently developed adaptive fuzzy leader clustering (AFLC) algorithm has been modified to separate the outliers from real data sets while finding the clusters within the data sets. The capability of this modified AFLC algorithm to identify the outliers in a number of real data sets indicates the potential strength of this algorithm in correct classification of noisy real data.

  12. A Comprehensive Study on Classification of Passive Intrusion and Extrusion Detection System

    Directory of Open Access Journals (Sweden)

    A.Kalaivani

    2013-05-01

    Full Text Available Cyber criminals compromise Integrity, Availability and Confidentiality of network resources in cyber space and cause remote class intrusions such as U2R, R2L, DoS and probe/scan system attacks .To handle these intrusions, Cyber Security uses three audit and monitoring systems namely Intrusion Prevention Systems (IPS, Intrusion Detection Systems (IDS. Intrusion Detection System (IDS monitors only inbound traffic which is insufficient to prevent botnet systems. A system to monitor outbound traffic is named as Extrusion Detection System (EDS. Therefore a hybrid system should be designed to handle both inbound and outbound traffic. Due to the increased false alarms preventive systems do not suite to an organizational network. The goal of this paper is to devise a taxonomy for cyber security and study the existing methods of Intrusion and Extrusion Detection systems based on three primary characteristics. The metrics used to evaluate IDS and EDS are also presented.

  13. A Pattern Matching Algorithm for Reducing False Positive in Signature Based Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    T. Sree Kala,

    2016-04-01

    Full Text Available Nowadays the organizations are facing the number of threats every day in the form of viruses and attack etc. Since many different mechanisms were preferred by organizations in the form of intrusion detection and prevention system to protect its organizations from these kinds of attacks. Intrusion Detection System (IDS is considered as a system integrated with intelligent subsystems. In this paper the signature based intrusion detection system is discussed. There are different pattern matching algorithms available to detect intrusion. Brute force and Knuth-Morris-Pratt are the single keyword pattern matching algorithms. If one or more occurrence of pattern present in the input text, then there is an intrusion and the intrusion alarm will be sent. The occurrence of false alarm will be high in intrusion detection. In this paper the string matching algorithm to reduce the percentage of false alarm will be discussed.

  14. MIDAS, the Mobile Intrusion Detection and Assessment System

    Energy Technology Data Exchange (ETDEWEB)

    Arlowe, H.D.; Coleman, D.E.; Williams, J.D.

    1990-01-01

    MIDAS is a semiautomated passive detection and assessment security system that can be quickly deployed to provide wide-area coverage for a mobile military asset. Designed to be mounted on top of an unguyed telescoping mast, its specially packaged set of 32 infrared sensors spin 360 degrees every two seconds. The unit produces a low resolution infrared image by sampling each sensor more than 16,000 times in a single 360-degree rotation. Drawing from image processing techniques, MIDAS detects vehicular and pedestrian intruders and produces an alarm when an intrusion is detected. Multiple intruders are tracked. MIDAS automatically directs either an assessment camera or a FLIR to one of the tracks. The alerted operator assesses the intruder and initiates a response. Once the operator assesses an intruder, the system continues to track it without generating new alarms. Because the system will track multiple targets and because the assessment system is a separate pan and tilt unit, the detection and tracking system cannot be blind-sided while the operator is assessing a diversionary intrusion. 4 figs.

  15. Cross-layer design for intrusion detection and data security in wireless ad hoc sensor networks

    Science.gov (United States)

    Hortos, William S.

    2007-09-01

    and trust neighborhood, collecting parametric information and executing assigned decision tasks. The communications overhead due to security mechanisms and the latency in network response are thus minimized by reducing the need to move large amounts of audit data through resource-limited nodes and by locating detection/identification programs closer to audit data. If network partitioning occurs due to uncoordinated node exhaustion, data compromise or other effects of the attacks, the mobile agents can continue to operate, thereby increasing fault tolerance in the network response to intrusions. Since the mobile agents behave like an ant colony in securing the WSN, published ant colony optimization (ACO) routines and other evolutionary algorithms are adapted to protect network security, using data at and through nodes to create audit records to detect and respond to denial-of-service attacks. Performance evaluations of algorithms are performed by simulation of a few intrusion attacks, such as black hole, flooding, Sybil and others, to validate the ability of the cross-layer algorithms to enable WSNs to survive the attacks. Results are compared for the different algorithms.

  16. Data Randomization and Cluster-Based Partitioning for Botnet Intrusion Detection.

    Science.gov (United States)

    Al-Jarrah, Omar Y; Alhussein, Omar; Yoo, Paul D; Muhaidat, Sami; Taha, Kamal; Kim, Kwangjo

    2016-08-01

    Botnets, which consist of remotely controlled compromised machines called bots, provide a distributed platform for several threats against cyber world entities and enterprises. Intrusion detection system (IDS) provides an efficient countermeasure against botnets. It continually monitors and analyzes network traffic for potential vulnerabilities and possible existence of active attacks. A payload-inspection-based IDS (PI-IDS) identifies active intrusion attempts by inspecting transmission control protocol and user datagram protocol packet's payload and comparing it with previously seen attacks signatures. However, the PI-IDS abilities to detect intrusions might be incapacitated by packet encryption. Traffic-based IDS (T-IDS) alleviates the shortcomings of PI-IDS, as it does not inspect packet payload; however, it analyzes packet header to identify intrusions. As the network's traffic grows rapidly, not only the detection-rate is critical, but also the efficiency and the scalability of IDS become more significant. In this paper, we propose a state-of-the-art T-IDS built on a novel randomized data partitioned learning model (RDPLM), relying on a compact network feature set and feature selection techniques, simplified subspacing and a multiple randomized meta-learning technique. The proposed model has achieved 99.984% accuracy and 21.38 s training time on a well-known benchmark botnet dataset. Experiment results demonstrate that the proposed methodology outperforms other well-known machine-learning models used in the same detection task, namely, sequential minimal optimization, deep neural network, C4.5, reduced error pruning tree, and randomTree. PMID:26540724

  17. Data Randomization and Cluster-Based Partitioning for Botnet Intrusion Detection.

    Science.gov (United States)

    Al-Jarrah, Omar Y; Alhussein, Omar; Yoo, Paul D; Muhaidat, Sami; Taha, Kamal; Kim, Kwangjo

    2016-08-01

    Botnets, which consist of remotely controlled compromised machines called bots, provide a distributed platform for several threats against cyber world entities and enterprises. Intrusion detection system (IDS) provides an efficient countermeasure against botnets. It continually monitors and analyzes network traffic for potential vulnerabilities and possible existence of active attacks. A payload-inspection-based IDS (PI-IDS) identifies active intrusion attempts by inspecting transmission control protocol and user datagram protocol packet's payload and comparing it with previously seen attacks signatures. However, the PI-IDS abilities to detect intrusions might be incapacitated by packet encryption. Traffic-based IDS (T-IDS) alleviates the shortcomings of PI-IDS, as it does not inspect packet payload; however, it analyzes packet header to identify intrusions. As the network's traffic grows rapidly, not only the detection-rate is critical, but also the efficiency and the scalability of IDS become more significant. In this paper, we propose a state-of-the-art T-IDS built on a novel randomized data partitioned learning model (RDPLM), relying on a compact network feature set and feature selection techniques, simplified subspacing and a multiple randomized meta-learning technique. The proposed model has achieved 99.984% accuracy and 21.38 s training time on a well-known benchmark botnet dataset. Experiment results demonstrate that the proposed methodology outperforms other well-known machine-learning models used in the same detection task, namely, sequential minimal optimization, deep neural network, C4.5, reduced error pruning tree, and randomTree.

  18. Nuclear-power-plant perimeter-intrusion alarm systems

    Energy Technology Data Exchange (ETDEWEB)

    Halsey, D.J.

    1982-04-01

    Timely intercept of an intruder requires the examination of perimeter barriers and sensors in terms of reliable detection, immediate assessment and prompt response provisions. Perimeter security equipment and operations must at the same time meet the requirements of the Code of Federal Regulations, 10 CFR 73.55 with some attention to the performance and testing figures of Nuclear Regulatory Guide 5.44, Revision 2, May 1980. A baseline system is defined which recommends a general approach to implementing perimeter security elements: barriers, lighting, intrusion detection, alarm assessment. The baseline approach emphasizes cost/effectiveness achieved by detector layering and logic processing of alarm signals to produce reliable alarms and low nuisance alarm rates. A cost benefit of layering along with video assessment is reduction in operating expense. The concept of layering is also shown to minimize testing costs where detectability performance as suggested by Regulatory Guide 5.44 is to be performed. Synthesis of the perimeter intrusion alarm system and limited testing of CCTV and Video Motion Detectors (VMD), were performed at E-Systems, Greenville Division, Greenville, Texas during 1981.

  19. Nuclear-power-plant perimeter-intrusion alarm systems

    International Nuclear Information System (INIS)

    Timely intercept of an intruder requires the examination of perimeter barriers and sensors in terms of reliable detection, immediate assessment and prompt response provisions. Perimeter security equipment and operations must at the same time meet the requirements of the Code of Federal Regulations, 10 CFR 73.55 with some attention to the performance and testing figures of Nuclear Regulatory Guide 5.44, Revision 2, May 1980. A baseline system is defined which recommends a general approach to implementing perimeter security elements: barriers, lighting, intrusion detection, alarm assessment. The baseline approach emphasizes cost/effectiveness achieved by detector layering and logic processing of alarm signals to produce reliable alarms and low nuisance alarm rates. A cost benefit of layering along with video assessment is reduction in operating expense. The concept of layering is also shown to minimize testing costs where detectability performance as suggested by Regulatory Guide 5.44 is to be performed. Synthesis of the perimeter intrusion alarm system and limited testing of CCTV and Video Motion Detectors (VMD), were performed at E-Systems, Greenville Division, Greenville, Texas during 1981

  20. Evolution of optically nondestructive and data-non-intrusive credit card verifiers

    Science.gov (United States)

    Sumriddetchkajorn, Sarun; Intaravanne, Yuttana

    2010-04-01

    Since the deployment of the credit card, the number of credit card fraud cases has grown rapidly with a huge amount of loss in millions of US dollars. Instead of asking more information from the credit card's holder or taking risk through payment approval, a nondestructive and data-non-intrusive credit card verifier is highly desirable before transaction begins. In this paper, we review optical techniques that have been proposed and invented in order to make the genuine credit card more distinguishable than the counterfeit credit card. Several optical approaches for the implementation of credit card verifiers are also included. In particular, we highlight our invention on a hyperspectral-imaging based portable credit card verifier structure that offers a very low false error rate of 0.79%. Other key features include low cost, simplicity in design and implementation, no moving part, no need of an additional decoding key, and adaptive learning.

  1. Hydrodynamic modeling of the intrusion phenomenon in water distribution systems; Modelacion hidrodinamica del fenomeno de intrusion en tuberia de abastecimiento

    Energy Technology Data Exchange (ETDEWEB)

    Lopez-Jimenez, Petra Amparo; Mora-Rodriguez, Jose de Jesus; Perez-Garcia, Rafael; Martinez-Solano, F. Javier [Universidad Politecnica de Valencia (Spain)

    2008-10-15

    This paper describes a strategy for the hydrodynamic modeling of the pathogen intrusion phenomenon in water distribution systems by the combination of a breakage with a depression situation. This scenario will be modeled computationally and experimentally. The phenomenon to be represented by both simulations is the same: the entrance of an external volume into the circulation of a main volume, known as a pathogen intrusion, as long as the main volume is potable water. To this end, a prototype and a computational model based on Computational Fluid Dynamics (CFD) are used, which allow visualizing the fields of speeds and pressures in a simulated form. With the comparison of the results of both models, conclusions will be drawn on the detail of the studied pathogen intrusion phenomenon. [Spanish] En el presente documento se describe una estrategia de modelacion del fenomeno hidrodinamico de la intrusion patogena en redes de distribucion de agua por combinacion de una rotura con una situacion de depresion. Este escenario sera modelado computacional y experimentalmente. El fenomeno que se desea representar con ambas simulaciones es el mismo: la entrada de un caudal externo a una conduccion para la que circula un caudal principal, denominado intrusion patogena, siempre y cuando el caudal principal sea agua potable. Para ello se dispone de un prototipo y un modelo computacional basado en la Dinamica de Fluidos Computacional (DFC de aqui en adelante), que permite visualizar los campos de velocidades y presiones de forma simulada. Con la comparacion de los resultados de ambos modelos se extraeran conclusiones sobre el detalle del fenomeno de la intrusion patogena estudiado.

  2. Immune System Approaches to Intrusion Detection - A Review

    CERN Document Server

    Kim, Jungwon; Aickelin, Uwe; Greensmith, Julie; Tedesco, Gianni; Twycross, Jamie

    2008-01-01

    The use of artificial immune systems in intrusion detection is an appealing concept for two reasons. Firstly, the human immune system provides the human body with a high level of protection from invading pathogens, in a robust, self-organised and distributed manner. Secondly, current techniques used in computer security are not able to cope with the dynamic and increasingly complex nature of computer systems and their security. It is hoped that biologically inspired approaches in this area, including the use of immune-based systems will be able to meet this challenge. Here we review the algorithms used, the development of the systems and the outcome of their implementation. We provide an introduction and analysis of the key developments within this field, in addition to making suggestions for future research.

  3. Intrusion Detection System with Hierarchical Different Parallel Classification

    Directory of Open Access Journals (Sweden)

    Behrouz Safaiezadeh

    2015-12-01

    Full Text Available Todays, lives integrated to networks and internet. The needed information is transmitted through networks. So, someone may attempt to abuse the information and attack and make changes by weakness of networks. Intrusion Detection System is a system capable to detect some attacks. The system detects attacks through classifier construction and considering IP in network. The recent researches showed that a fundamental classification cannot be effective lonely and due to its errors, but mixing some classifications provide better efficiency. So, the current study attempt to design three classes of support vector machine, the neural network of multilayer perceptron and parallel fuzzy system in which there are trained dataset and capability to detect two classes. Finally, decisions made by an intermediate network due to type of attack. In the present research, suggested system tested through dataset of KDD99 and results indicated appropriate efficiency 99.71% in average.

  4. An Intrusion Detection System for Kaminsky DNS Cache poisoning

    Directory of Open Access Journals (Sweden)

    Dhrubajyoti Pathak, Kaushik Baruah

    2013-09-01

    Full Text Available Domain Name System (DNS is the largest and most actively distributed, hierarchical and scalable database system which plays an incredibly inevitable role behind the functioning of the Internet as we know it today. A DNS translates human readable and meaningful domain names such as www.iitg.ernet.in into an Internet Protocol (IP address such as 202.141.80.6. It is used for locating a resource on the World Wide Web. Without a DNS, the Internet services as we know it, would come to a halt. In our thesis, we proposed an Intrusion Detection System(IDS for Kaminsky cache poisoning attacks. Our system relies on the existing properties of the DNS protocol.

  5. HPNAIDM: The High-Performance Network Anomaly/Intrusion Detection and Mitigation System

    Energy Technology Data Exchange (ETDEWEB)

    Chen, Yan [Northwesten University

    2013-12-05

    Identifying traffic anomalies and attacks rapidly and accurately is critical for large network operators. With the rapid growth of network bandwidth, such as the next generation DOE UltraScience Network, and fast emergence of new attacks/virus/worms, existing network intrusion detection systems (IDS) are insufficient because they: • Are mostly host-based and not scalable to high-performance networks; • Are mostly signature-based and unable to adaptively recognize flow-level unknown attacks; • Cannot differentiate malicious events from the unintentional anomalies. To address these challenges, we proposed and developed a new paradigm called high-performance network anomaly/intrustion detection and mitigation (HPNAIDM) system. The new paradigm is significantly different from existing IDSes with the following features (research thrusts). • Online traffic recording and analysis on high-speed networks; • Online adaptive flow-level anomaly/intrusion detection and mitigation; • Integrated approach for false positive reduction. Our research prototype and evaluation demonstrate that the HPNAIDM system is highly effective and economically feasible. Beyond satisfying the pre-set goals, we even exceed that significantly (see more details in the next section). Overall, our project harvested 23 publications (2 book chapters, 6 journal papers and 15 peer-reviewed conference/workshop papers). Besides, we built a website for technique dissemination, which hosts two system prototype release to the research community. We also filed a patent application and developed strong international and domestic collaborations which span both academia and industry.

  6. Intrusion detection system and technology of layered wireless sensor network based on Agent

    OpenAIRE

    Genjian Yu; Kunpeng Weng

    2013-01-01

    The intrusion detection system and technology of classified layered-wireless sensor network was able to meet the high safety requirements of wireless sensor network, it is urgent for us to improve the identification and generalization of detection system about characters of intrusion. In this paper, we design an intelligent intrusion detection system which realize intelligence, the effective and direct way was to add the methods,  and it was used for identification and generalization of intru...

  7. RESEARCH ON SECURITY PROTOCOL FOR COLLABORATING MOBILE AGENTS IN NETWORK INTRUSION DETECTION SYSTEMS

    Directory of Open Access Journals (Sweden)

    Olumide Simeon Ogunnusi

    2013-01-01

    Full Text Available Despite the popularity of mobile agents in academic and commercial arena, the security issues associated with them have hindered their adoption on large scale distributed applications. However, researchers are making relentless effort to overcome the security impediments so that the interesting properties inherent in mobile agent application, especially in the field of intrusion detection, can be harnessed. Such properties include: adaptability, autonomous nature, low bandwidth utilization, latency eradication, mobility and intelligence. A number of protocols have been developed by researchers for different key distribution techniques to enhance their performance and to protect communicating entities against malicious attacks that can hinder their activities. However, they do not take into account the availability and fault tolerance of the protocols in case of any possible attack despite the authentication methods offered by encryption. This study therefore, proposes a fault-tolerant key distribution protocol for distributed mobile agents (communicating entities in network intrusion detection system to facilitate hitch-free collaboration geared towards intrusive packets detection in Wireless Local Area Network (WLAN.

  8. A Scalable Intrusion Detection System for IPv6

    Institute of Scientific and Technical Information of China (English)

    LIU Bin; LI Zhitang; LI Zhanchun

    2006-01-01

    The next generation protocol IPv6 brings the new challenges to the information security. This paper presents the design and implementation of a network-based intrusion detection system that support both IPv6 protocol and IPv4 protocol. This system's architecture is focused on performance, simplicity, and scalability. There are four primary subsystems that make it up: the packet capture, the packet decoder, the detection engine, and the logging and alerting subsystem. This paper further describes a new approach to packet capture whose goal is to improve the performance of the capture process at high speeds. The evaluation shows that the system has a good performance to detect IPv6 attacks and IPv4 attacks, and achieves 61% correct detection rate with 20% false detection rate at the speed of 100 Mb·s-1.

  9. Analysis of Fuzzy Logic Based Intrusion Detection Systems in Mobile Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    A. Chaudhary

    2014-01-01

    Full Text Available Due to the advancement in wireless technologies, many of new paradigms have opened for communications. Among these technologies, mobile ad hoc networks play a prominent role for providing communication in many areas because of its independent nature of predefined infrastructure. But in terms of security, these networks are more vulnerable than the conventional networks because firewall and gateway based security mechanisms cannot be applied on it. That’s why intrusion detection systems are used as keystone in these networks. Many number of intrusion detection systems have been discovered to handle the uncertain activity in mobile ad hoc networks. This paper emphasized on proposed fuzzy based intrusion detection systems in mobile ad hoc networks and presented their effectiveness to identify the intrusions. This paper also examines the drawbacks of fuzzy based intrusion detection systems and discussed the future directions in the field of intrusion detection for mobile ad hoc networks.

  10. A Study of Various Intrusion Detection Model Based on Data Fusion, Neural Network and D-S Theory

    Directory of Open Access Journals (Sweden)

    Ramnaresh Sharma

    2012-06-01

    Full Text Available Network security and awareness of network attack are hot pots in current research area. Now in days various model and method are available for intrusion detection and awareness of cyber-attack. Such as Application of the integrated Network Security Situation Awareness system (Net-SSA shows that the proposed framework supports for the accurate modeling and effective generation of network security situation. In this paper we have discuss various approach for intrusion detection technique such as data fusion, neural network and D-S Theory and fuzzy logic.

  11. Energy Efficient Cluster-Based Intrusion Detection System for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Manal Abdullah

    2014-09-01

    Full Text Available Wireless sensor networks (WSNs are network type where sensors are used to collect physical measurements. It has many application areas such as healthcare, weather monitoring and even military applications. Security in this kind of networks is a big concern especially in the applications that required confidentiality and privacy. Therefore, providing a WSN with an intrusion detection system is essential to protect its security from different types of intrusions, cyber-attacks and random faults. Clustering has proven its efficiency in prolong the node as well as the whole WSN lifetime. In this paper we have designed an Intrusion Detection (ID system based on Stable Election Protocol (SEP for clustered heterogeneous WSNs. The benefit of using SEP is that it is a heterogeneous-aware protocol to prolong the time interval before the death of the first node. KDD Cup’99 data set is used as the training data and test data. After normalizing our dataset, we trained the system to detect four types of attacks which are Probe, Dos, U2R and R2L, using 18 features out of the 42 features available in KDD Cup'99 dataset. The research used the K-nearest neighbour (KNN classifier for anomaly detection. The experiments determine K = 5 for best classification and this reveals recognition rate of attacks as 75%. Results are compared with KNN classifier for anomaly detection without using a clustering algorithm.

  12. Intrusion detection system and technology of layered wireless sensor network based on Agent

    Directory of Open Access Journals (Sweden)

    Genjian Yu

    2013-08-01

    Full Text Available The intrusion detection system and technology of classified layered-wireless sensor network was able to meet the high safety requirements of wireless sensor network, it is urgent for us to improve the identification and generalization of detection system about characters of intrusion. In this paper, we design an intelligent intrusion detection system which realize intelligence, the effective and direct way was to add the methods,  and it was used for identification and generalization of intrusion characters to the Agent function of intrusion detection. It could obtain credible judgment by updating and examining the database for the actions which the general misuse detection or anomaly detection were not sure if the intrusion was formed.

  13. HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENSOR NETWORK

    Directory of Open Access Journals (Sweden)

    Mohammad Saiful Islam Mamun

    2010-07-01

    Full Text Available In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs.However, security is one of the significant challenges for sensor network because of their deploymentin open and unprotected environment. As cryptographic mechanism is not enough to protect sensornetwork from external attacks, intrusion detection system needs to be introduced. Though intrusionprevention mechanism is one of the major and efficient methods against attacks, but there might besome attacks for which prevention method is not known. Besides preventing the system from someknown attacks, intrusion detection system gather necessary information related to attack technique andhelp in the development of intrusion prevention system. In addition to reviewing the present attacksavailable in wireless sensor network this paper examines the current efforts to intrusion detectionsystem against wireless sensor network. In this paper we propose a hierarchical architectural designbased intrusion detection system that fits the current demands and restrictions of wireless ad hocsensor network. In this proposed intrusion detection system architecture we followed clusteringmechanism to build a four level hierarchical network which enhances network scalability to largegeographical area and use both anomaly and misuse detection techniques for intrusion detection. Weintroduce policy based detection mechanism as well as intrusion response together with GSM cellconcept for intrusion detection architecture.

  14. Memory Efficient String Matching Algorithm for Network Intrusion Management System

    Institute of Scientific and Technical Information of China (English)

    2007-01-01

    As the core algorithm and the most time consuming part of almost every modern network intrusion management system (NIMS), string matching is essential for the inspection of network flows at the line speed. This paper presents a memory and time efficient string matching algorithm specifically designed for NIMS on commodity processors. Modifications of the Aho-Corasick (AC) algorithm based on the distribution characteristics of NIMS patterns drastically reduce the memory usage without sacrificing speed in software implementations. In tests on the Snort pattern set and traces that represent typical NIMS workloads, the Snort performance was enhanced 1.48%-20% compared to other well-known alternatives with an automaton size reduction of 4.86-6.11 compared to the standard AC implementation. The results show that special characteristics of the NIMS can be used into a very effective method to optimize the algorithm design.

  15. A Frequency-Based Approach to Intrusion Detection

    Directory of Open Access Journals (Sweden)

    Mian Zhou

    2004-06-01

    Full Text Available Research on network security and intrusion detection strategies presents many challenging issues to both theoreticians and practitioners. Hackers apply an array of intrusion and exploit techniques to cause disruption of normal system operations, but on the defense, firewalls and intrusion detection systems (IDS are typically only effective in defending known intrusion types using their signatures, and are far less than mature when faced with novel attacks. In this paper, we adapt the frequency analysis techniques such as the Discrete Fourier Transform (DFT used in signal processing to the design of intrusion detection algorithms. We demonstrate the effectiveness of the frequency-based detection strategy by running synthetic network intrusion data in simulated networks using the OPNET software. The simulation results indicate that the proposed intrusion detection strategy is effective in detecting anomalous traffic data that exhibit patterns over time, which include several types of DOS and probe attacks. The significance of this new strategy is that it does not depend on the prior knowledge of attack signatures, thus it has the potential to be a useful supplement to existing signature-based IDS and firewalls.

  16. Evaluating the Strengths and Weaknesses of Mining Audit Data for Automated Models for Intrusion Detection in Tcpdump and Basic Security Module Data

    OpenAIRE

    A. Arul Lawrence Selvakumar; G. Mohammed Nazer

    2012-01-01

    Problem statement: Intrusion Detection System (IDS) have become an important component of infrastructure protection mechanism to secure the current and emerging networks, its services and applications by detecting, alerting and taking necessary actions against the malicious activities. The network size, technology diversities and security policies make networks more challenging and hence there is a requirement for IDS which should be very accurate, adaptive, extensible and more reliable. Alth...

  17. A Neuro-genetic Based Short-term Forecasting Framework for Network Intrusion Prediction System

    Institute of Scientific and Technical Information of China (English)

    Siva S. Sivatha Sindhu; S. Geetha; M. Marikannan; A. Kannan

    2009-01-01

    Information systems are one of the most rapidly changing and vulnerable systems, where security is a major issue. The number of security-breaking attempts originating inside organizations is increasing steadily. Attacks made in this way, usually done by "authorized" users of the system, cannot be immediately traced. Because the idea of filtering the traffic at the entrance door, by using firewalls and the like, is not completely successful, the use of intrusion detection systems should be considered to increase the defense capacity of an information system. An intrusion detection system (IDS) is usually working in a dynamically changing environment, which forces continuous tuning of the intrusion detection model, in order to maintain sufficient performance. The manual tuning process required by current IDS depends on the system operators in working out the tuning solution and in integrating it into the detection model. Furthermore, an extensive effort is required to tackle the newly evolving attacks and a deep study is necessary to categorize it into the respective classes. To reduce this dependence, an automatically evolving anomaly IDS using neuro-genetic algorithm is presented. The proposed system automatically tunes the detection model on the fly according to the feedback provided by the system operator when false predictions are encountered. The system has been evaluated using the Knowledge Discovery in Databases Conference (KDD 2009) intrusion detection dataset. Genetic paradigm is employed to choose the predominant features, which reveal the occurrence of intrusions. The neuro-genetic IDS (NGIDS) involves calculation of weightage value for each of the categorical attributes so that data of uniform representation can be processed by the neuro-genetic algorithm. In this system unauthorized invasion of a user are identified and newer types of attacks are sensed and classified respectively by the neuro-genetic algorithm. The experimental results obtained in this

  18. A self-sensing magnetorheological elastomer-based adaptive bridge bearing with a wireless data monitoring system

    Science.gov (United States)

    Behrooz, Majid; Yarra, Siddaiah; Mar, David; Pinuelas, Nathan; Muzinich, Blake; Publicover, Nelson G.; Pekcan, Gokhan; Itani, Ahmad; Gordaninejad, Faramarz

    2016-04-01

    This study presents an adaptive bridge bearing that can sense structural loads and tune its properties to mitigate structural vibrations. The bearing utilizes magnetorheological elastomer (MRE) layers which allow for an increased stiffness induced with a magnetic field. The system also features a MRE-based sensing system for sensing the structural wind and traffic load. The sensing system is capable of transmitting data wirelessly to a central logging computer for monitoring bridge performance and sending alerts in the case of a major event. The capability of the MRE-based sensing system for sensing structural loads and wireless transmission of data were investigated. The adaptive bridge bearing incorporates a closed-loop magnetic circuit that results in an enhanced magnetic field in the MRE layers. Results show the sensitivity of the MRE-based sensors and the performance of the wireless system, as well as the design and analysis of the tunable bridge bearing.

  19. Design And Efficient Deployment Of Honeypot And Dynamic Rule Based Live Network Intrusion Collaborative System

    Directory of Open Access Journals (Sweden)

    Renuka Prasad.B

    2011-03-01

    Full Text Available The continuously emerging, operationally and managerially independent, geographically distributedcomputer networks deployable in an evolutionarily manner have created greater challenges in securingthem. Several research works and experiments have convinced the security expert that Network IntrusionDetection Systems (NIDS or Network Intrusion Prevention Systems (NIPS alone are not capable ofsecuring the Computer Networks from internal and external threats completely. In this paper we presentthe design of Intrusion Collaborative System which is a combination of NIDS,NIPS, Honeypots, softwaretools like nmap, iptables etc. Our Design is tested against existing attacks based on Snort Rules andseveral customized DDOS , remote and guest attacks. Dynamic rules are generated during every unusualbehavior that helps Intrusion Collaborative System to continuously learn about new attacks. Also aformal approach to deploy Live Intrusion Collaboration Systems based on System of Systems Concept isProposed.

  20. An Agent-Based Intrusion Detection System for Local Area Networks

    CERN Document Server

    Sen, Jaydip

    2010-01-01

    Since it is impossible to predict and identify all the vulnerabilities of a network beforehand, and penetration into a system by malicious intruders cannot always be prevented, intrusion detection systems (IDSs) are essential entities to ensure the security of a networked system. To be effective in carrying out their functions, the IDSs need to be accurate, adaptive, and extensible. Given these stringent requirements and the high level of vulnerabilities of the current days’ networks, the design of an IDS has become a very challenging task. Although, an extensive research has been done on intrusion detection in a distributed environment, distributed IDSs suffer from a number of drawbacks e.g., high rates of false positives, low detection efficiency etc. In this paper, the design of a distributed IDS is proposed that consists of a group of autonomous and cooperating agents. In addition to its ability to detect attacks, the system is capable of identifying and isolating compromised nodes in the network the...

  1. Novel Model for Intrusion Detection

    Institute of Scientific and Technical Information of China (English)

    Li Jia-chun; Li Zhi-tang

    2003-01-01

    It's very difficult that the traditional intrusion detection methods based on accurate match adapt to the blur and uncertainty of user information and expert knowledge, it results in failing to report the variations of attack signature. In addition security itself includes fuzziness, the judgment standard of confidentiality, integrity and availability of system resource is uncertain. In this paper fuzzy intrusion detection based on partial match is presented to detect some types of attacks availably and alleviate some of the difficulties of above approaches, the architecture of fuzzy intrusion detection system(FIDS) is introduced and its performance is analyzed.

  2. Novel Model for Intrusion Detection

    Institute of Scientific and Technical Information of China (English)

    Li; Jia-chun; Li; Zhi-tang

    2003-01-01

    It's very difficult that the traditional intrusion detection methods based on accurate match adapt to the blur and uncertainty of user information and expert knowledge, it results in failing to report the variation of attack signature.In addition security itself includes fuzziness, the judgment standard of confidentiality, integrity and availability of system resource is uncertain. In this paper fuzzy intrusion detection based on partial match is presented to detect some types of attacks availably and alleviate some of the difficulties of above approaches, the architecture of fuzzy intrusion detection system(FIDS) is introduced and its performance is analyzed.

  3. Nuisance alarm suppression techniques for fibre-optic intrusion detection systems

    Science.gov (United States)

    Mahmoud, Seedahmed S.; Visagathilagar, Yuvaraja; Katsifolis, Jim

    2012-02-01

    The suppression of nuisance alarms without degrading sensitivity in fibre-optic intrusion detection systems is important for maintaining acceptable performance. Signal processing algorithms that maintain the POD and minimize nuisance alarms are crucial for achieving this. A level crossings algorithm is presented for suppressing torrential rain-induced nuisance alarms in a fibre-optic fence-based perimeter intrusion detection system. Results show that rain-induced nuisance alarms can be suppressed for rainfall rates in excess of 100 mm/hr, and intrusion events can be detected simultaneously during rain periods. The use of a level crossing based detection and novel classification algorithm is also presented demonstrating the suppression of nuisance events and discrimination of nuisance and intrusion events in a buried pipeline fibre-optic intrusion detection system. The sensor employed for both types of systems is a distributed bidirectional fibre-optic Mach Zehnder interferometer.

  4. Dynamic Modeling of a Reformed Methanol Fuel Cell System using Empirical Data and Adaptive Neuro-Fuzzy Inference System Models

    DEFF Research Database (Denmark)

    Justesen, Kristian Kjær; Andreasen, Søren Juhl; Shaker, Hamid Reza

    2013-01-01

    hydrogen, which is difficult and energy consuming to store and transport. The models include thermal equilibrium models of the individual components of the system. Models of the heating and cooling of the gas flows between components are also modeled and Adaptive Neuro-Fuzzy Inference System models...

  5. Dynamic Modeling of a Reformed Methanol Fuel Cell System using Empirical Data and Adaptive Neuro-Fuzzy Inference System Models

    DEFF Research Database (Denmark)

    Justesen, Kristian Kjær; Andreasen, Søren Juhl; Shaker, Hamid Reza

    2014-01-01

    hydrogen, which is difficult and energy consuming to store and transport. The models include thermal equilibrium models of the individual components of the system. Models of the heating and cooling of the gas flows between components are also modeled and Adaptive Neuro-Fuzzy Inference System models...

  6. Intrusion Detection System using Self Organizing Map: A Survey

    Directory of Open Access Journals (Sweden)

    Kruti Choksi

    2014-12-01

    Full Text Available Due to usage of computer every field, Network Security is the major concerned in today’s scenario. Every year the number of users and speed of network is increasing, along with it online fraud or security threats are also increasing. Every day a new attack is generated to harm the system or network. It is necessary to protect the system or networks from various threats by using Intrusion Detection System which can detect “known” as well as “unknown” attack and generate alerts if any unusual behavior in the traffic. There are various approaches for IDS, but in this paper, survey is focused on IDS using Self Organizing Map. SOM is unsupervised, fast conversion and automatic clustering algorithm which is able to handle novelty detection. The main objective of the survey is to find and address the current challenges of SOM. Our survey shows that the existing IDS based on SOM have poor detection rate for U2R and R2L attacks. To improve it, proper normalization technique should be used. During the survey we also found that HSOM and GHSOM are advance model of SOM which have their own unique feature for better performance of IDS. GHSOM is efficient due to its low computation time. This survey is beneficial to design and develop efficient SOM based IDS having less computation time and better detection rate.

  7. HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NETWORK

    OpenAIRE

    Seyedeh Yasaman Rashida

    2013-01-01

    In order to the rapid growth of the network application, new kinds of network attacks are emerging endlessly. So it is critical to protect the networks from attackers and the Intrusion detection technology becomes popular. Therefore, it is necessary that this security concern must be articulate right from the beginning of the network design and deployment. The intrusion detection technology is the process of identifying network activity that can lead to a compromise of security po...

  8. Necessity to adapt land use and land cover classification systems to readily accept radar data

    Science.gov (United States)

    Drake, B.

    1977-01-01

    A hierarchial, four level, standardized system for classifying land use/land cover primarily from remote-sensor data (USGS system) is described. The USGS system was developed for nonmicrowave imaging sensors such as camera systems and line scanners. The USGS system is not compatible with the land use/land cover classifications at different levels that can be made from radar imagery, and particularly from synthetic-aperture radar (SAR) imagery. The use of radar imagery for classifying land use/land cover at different levels is discussed, and a possible revision of the USGS system to more readily accept land use/land cover classifications from radar imagery is proposed.

  9. Securing Wireless Sensor Network (WSN Using Embedded Intrusion Detection Systems

    Directory of Open Access Journals (Sweden)

    Qutaiba I. Ali

    2012-06-01

    Full Text Available This paper focuses on designing distributed wireless sensor network gateways armed with Intrusion Detection System (IDS. The main contribution of this work is the attempt to insert IDS functionality into the gateway node (UBICOM IP2022 network processor chip itself. This was achieved by building a light weight signature based IDS based on the famous open source SNORT IDS. Regarding gateway nodes, as they have limited processing and energy constrains, the addition of further tasks (the IDS program may affects seriously on its performance, so that, the current design takes these constrains into consideration as a priority and use a special protocol to achieve this goal. In order to optimize the performance of the gateway nodes, some of the preprocessing tasks were offloaded from the gateway nodes to a suggested classification and processing server and a new searching algorithm was suggested. Different measures were taken to validate the design procedure and a detailed simulation model was built to discover the behavior of the system in different environments.

  10. Calibrating a Salt Water Intrusion Model with Time-Domain Electromagnetic Data

    DEFF Research Database (Denmark)

    Herckenrath, Daan; Odlum, Nick; Nenna, Vanessa;

    2013-01-01

    Salt water intrusion models are commonly used to support groundwater resource management in coastal aquifers. Concentration data used for model calibration are often sparse and limited in spatial extent. With airborne and ground-based electromagnetic surveys, electrical resistivity models can...... be obtained to provide high-resolution three-dimensional models of subsurface resistivity variations that can be related to geology and salt concentrations on a regional scale. Several previous studies have calibrated salt water intrusion models with geophysical data, but are typically limited to the use......, we perform a coupled hydrogeophysical inversion (CHI) in which we use a salt water intrusion model to interpret the geophysical data and guide the geophysical inversion. We refer to this methodology as a Coupled Hydrogeophysical Inversion-State (CHI-S), in which simulated salt concentrations...

  11. A New Intrusion Detection System Based on KNN Classification Algorithm in Wireless Sensor Network

    Directory of Open Access Journals (Sweden)

    Wenchao Li

    2014-01-01

    abnormal nodes from normal nodes by observing their abnormal behaviors, and we analyse parameter selection and error rate of the intrusion detection system. The paper elaborates on the design and implementation of the detection system. This system has achieved efficient, rapid intrusion detection by improving the wireless ad hoc on-demand distance vector routing protocol (Ad hoc On-Demand Distance the Vector Routing, AODV. Finally, the test results show that: the system has high detection accuracy and speed, in accordance with the requirement of wireless sensor network intrusion detection.

  12. INTRUSION DETECTION SYSTEM IN SECURE SHELL TRAFFIC IN CLOUD ENVIRONMENT

    Directory of Open Access Journals (Sweden)

    Mehdi Barati

    2014-01-01

    Full Text Available Due to growth of Cloud computing usage, the need to apply encrypted protocols to provide confidentiality and integrity of data increases dramatically. Attacker can take advantage of these protocols to hide the intrusion and evade detection. Many traditional attack detection techniques have been proposed to provide security in the networks but none of them can be implemented properly in encrypted networks. This study investigates a popular attack in Secure Shell (SSH, known as brute force attack and provides an efficient method to detect this attack. Brute force attack is launched by implementing a client-server SSH model in a private Cloud environment and the traffics regarding attack and normal are captured on the server. Then, representative features of traffic are extracted and used by the Multi-Layer Perceptron model of Artificial Neural Network to classify the attack and normal traffic. Results gained by this method show that the proposed model is successfully capable to detect this attack with high accuracy and low false alarm.

  13. Non-intrusive parallelization of multibody system dynamic simulations

    Science.gov (United States)

    González, Francisco; Luaces, Alberto; Lugrís, Urbano; González, Manuel

    2009-09-01

    This paper evaluates two non-intrusive parallelization techniques for multibody system dynamics: parallel sparse linear equation solvers and OpenMP. Both techniques can be applied to existing simulation software with minimal changes in the code structure; this is a major advantage over Message Passing Interface, the standard parallelization method in multibody dynamics. Both techniques have been applied to parallelize a starting sequential implementation of a global index-3 augmented Lagrangian formulation combined with the trapezoidal rule as numerical integrator, in order to solve the forward dynamics of a variable-loop four-bar mechanism. Numerical experiments have been performed to measure the efficiency as a function of problem size and matrix filling. Results show that the best parallel solver (Pardiso) performs better than the best sequential solver (CHOLMOD) for multibody problems of large and medium sizes leading to matrix fillings above 10. OpenMP also proved to be advantageous even for problems of small sizes. Both techniques delivered speedups above 70% of the maximum theoretical values for a wide range of multibody problems.

  14. 基于数字属性和符号属性混合数据的网络异常入侵检测方法%Network-based anomaly intrusion detection with numeric-and-nominal mixed data

    Institute of Scientific and Technical Information of China (English)

    蔡龙征; 余胜生; 王晓峰; 周敬利

    2006-01-01

    Anomaly detection is a key element of intrusion detection systems and a necessary complement of widely used misuse intrusion detection systems. Data sources used by network intrusion detection, like network packets or connections, often contain both numeric and nominal features. Both of these features contain important information for intrusion detection. These two features, on the other hand, have different characteristics. This paper presents a new network based anomaly intrusion detection approach that works well by building profiles for numeric and nominal features in different ways. During training, for each numeric feature, a normal profile is build through statistical distribution inference and parameter estimation, while for each nominal feature, a normal profile is setup through statistical method. These profiles are used as detection models during testing to judge whether a data being tested is benign or malicious. Experiments with the data set of 1999 DARPA (defense advanced research project agency) intrusion detection evaluation show that this approach can detect attacks effectively.

  15. Design and implementation of self-protection agent for network-based intrusion detection system

    Institute of Scientific and Technical Information of China (English)

    朱树人; 李伟琴

    2003-01-01

    Static secure techniques, such as firewall, hierarchy filtering, distributed disposing,layer management, autonomy agent, secure communication, were introduced in distributed intrusion detection. The self-protection agents were designed, which have the distributed architecture,cooperate with the agents in intrusion detection in a loose-coupled manner, protect the security of intrusion detection system, and respond to the intrusion actively. A prototype self-protection agent was implemented by using the packet filter in operation system kernel. The results show that all the hosts with the part of network-based intrusion detection system and the whole intrusion detection system are invisible from the outside and network scanning, and cannot apperceive the existence of network-based intrusion detection system. The communication between every part is secure. In the low layer, the packet streams are controlled to avoid the buffer leaks exist ing in some system service process and back-door programs, so as to prevent users from misusing and vicious attack like Trojan Horse effectively.

  16. Adapted Framework for Data Mining Technique to Improve Decision Support System in an Uncertain Situation

    Directory of Open Access Journals (Sweden)

    Ahmed Bahgat El Seddawy

    2012-05-01

    Full Text Available Decision Support System (DSS is equivalent synonym as management information systems (MIS. Most of imported data are being used in solutions like data mining (DM. Decision supporting systems include also decisions made upon individual data from external sources, management feeling, and various other data sources not included in business intelligence. Successfully supporting managerial decision-making is critically dependent upon the availability of integrated, high quality information organized and presented in a timely and easily understood manner. Data mining have emerged to meet this need. They serve as anintegrated repository for internal and external data-intelligence critical to understanding and evaluating the business within its environmental context. With the addition of models, analytic tools, and user interfaces, they have the potential to provide actionable information that supports effective problem and opportunity identification, critical decision-making, and strategy formulation, implementation, and evaluation. The proposed system will support top level management to make a good decision in any time under any uncertain environment.

  17. Adapted Framework for Data Mining Technique to Improve Decision Support System in an Uncertain Situation

    Directory of Open Access Journals (Sweden)

    hmed Bahgat El Seddawy

    2012-09-01

    Full Text Available Decision Support System (DSS is equivalent synonym as management information systems (MIS. Most of imported data are being used in solutions like data mining (DM. Decision supporting systems include also decisions made upon individual data from external sources, management feeling, and various other data sources not included in business intelligence. Successfully supporting managerial decision-making is critically dependent upon the availability of integrated, high quality information organized and presented in a timely and easily understood manner. Data mining have emerged to meet this need. They serve as anintegrated repository for internal and external data-intelligence critical to understanding and evaluating the business within its environmental context. With the addition of models, analytic tools, and user interfaces, they have the potential to provide actionable information that supports effective problem and opportunity identification, critical decision-making, and strategy formulation, implementation, and evaluation. The proposed system will support top level management to make a good decision in any time under any uncertain environment.

  18. Applying an Ontology to a Patrol Intrusion Detection System for Wireless Sensor Networks

    OpenAIRE

    Chia-Fen Hsieh; Rung-Ching Chen; Yung-Fa Huang

    2014-01-01

    With the increasing application of wireless sensor networks (WSN), the security requirements for wireless sensor network communications have become critical. However, the detection mechanisms of such systems impact the effectiveness of the entire network. In this paper, we propose a lightweight ontology-based wireless intrusion detection system (OWIDS). The system applies an ontology to a patrol intrusion detection system (PIDS). A PIDS is used to detect anomalies via detection knowledge. The...

  19. Analysis of Host-Based and Network-Based Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Amrit Pal Singh

    2014-07-01

    Full Text Available Intrusion-detection systems (IDS aim at de-tecting attacks against computer systems and networks or, in general, against information systems. Its basic aim is to protect the system against malwares and unauthorized access of a network or a system. Intrusion Detection is of two types Network-IDS and Host Based- IDS. This paper covers the scope of both the types and their result analysis along with their comparison as stated. OSSEC (HIDS is a free, open source host-base intrusion detection system. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting and active response. While Snort (NIDS is a lightweight intrusion detection system that can log packets coming across your network and can alert the user regarding any attack. Both are efficient in their own distinct fields.

  20. Adaptable Embedded Systems

    CERN Document Server

    Lisbôa, Carlos; Carro, Luigi

    2013-01-01

    As embedded systems become more complex, designers face a number of challenges at different levels: they need to boost performance, while keeping energy consumption as low as possible, they need to reuse existent software code, and at the same time they need to take advantage of the extra logic available in the chip, represented by multiple processors working together.  This book describes several strategies to achieve such different and interrelated goals, by the use of adaptability. Coverage includes reconfigurable systems, dynamic optimization techniques such as binary translation and trace reuse, new memory architectures including homogeneous and heterogeneous multiprocessor systems, communication issues and NOCs, fault tolerance against fabrication defects and soft errors, and finally, how one can combine several of these techniques together to achieve higher levels of performance and adaptability.  The discussion also includes how to employ specialized software to improve this new adaptive system, and...

  1. Improving Bee Algorithm Based Feature Selection in Intrusion Detection System Using Membrane Computing

    Directory of Open Access Journals (Sweden)

    Kazeem I. Rufai

    2014-03-01

    Full Text Available Despite the great benefits accruable from the debut of computer and the internet, efforts are constantly being put up by fraudulent and mischievous individuals to compromise the integrity, confidentiality or availability of electronic information systems. In Cyber-security parlance, this is termed ‘intrusion’. Hence, this has necessitated the introduction of Intrusion Detection Systems (IDS to help detect and curb different types of attack. However, based on the high volume of data traffic involved in a network system, effects of redundant and irrelevant data should be minimized if a qualitative intrusion detection mechanism is genuinely desirous. Several attempts, especially feature subset selection approach using Bee Algorithm (BA, Linear Genetic Programming (LGP, Support Vector Decision Function Ranking (SVDF, Rough, Rough-DPSO, and Mutivariate Regression Splines (MARS have been advanced in the past to measure the dependability and quality of a typical IDS. The observed problem among these approaches has to do with their general performance. This has therefore motivated this research work. We hereby propose a new but robust algorithm called membrane algorithm to improve the Bee Algorithm based feature subset selection technique. This Membrane computing paradigm is a class of parallel computing devices. Data used were taken from KDD-Cup 99 Dataset which is the acceptable standard benchmark for intrusion detection. When the final results were compared to those of the existing approaches, using the three standard IDS measurements-Attack Detection, False Alarm and Classification Accuracy Rates, it was discovered that Bee Algorithm-Membrane Computing (BA-MC approach is a better technique. This is because our approach produced very high attack detection rate of 89.11%, classification accuracy of 95.60% and also generated a reasonable decrease in false alarm rate of 0.004. Receiver Operating Characteristic (ROC curve was used for results

  2. Intrusion detection: a novel approach that combines boosting genetic fuzzy classifier and data mining techniques

    Science.gov (United States)

    Ozyer, Tansel; Alhajj, Reda; Barker, Ken

    2005-03-01

    This paper proposes an intelligent intrusion detection system (IDS) which is an integrated approach that employs fuzziness and two of the well-known data mining techniques: namely classification and association rule mining. By using these two techniques, we adopted the idea of using an iterative rule learning that extracts out rules from the data set. Our final intention is to predict different behaviors in networked computers. To achieve this, we propose to use a fuzzy rule based genetic classifier. Our approach has two main stages. First, fuzzy association rule mining is applied and a large number of candidate rules are generated for each class. Then the rules pass through pre-screening mechanism in order to reduce the fuzzy rule search space. Candidate rules obtained after pre-screening are used in genetic fuzzy classifier to generate rules for the specified classes. Classes are defined as Normal, PRB-probe, DOS-denial of service, U2R-user to root and R2L- remote to local. Second, an iterative rule learning mechanism is employed for each class to find its fuzzy rules required to classify data each time a fuzzy rule is extracted and included in the system. A Boosting mechanism evaluates the weight of each data item in order to help the rule extraction mechanism focus more on data having relatively higher weight. Finally, extracted fuzzy rules having the corresponding weight values are aggregated on class basis to find the vote of each class label for each data item.

  3. HYBRID OF FUZZY CLUSTERING NEURAL NETWORK OVER NSL DATASET FOR INTRUSION DETECTION SYSTEM

    Directory of Open Access Journals (Sweden)

    Dahlia Asyiqin Ahmad Zainaddin

    2013-01-01

    Full Text Available Intrusion Detection System (IDS is one of the component that take part in the system defence, to identify abnormal activities happening in the computer system. Nowadays, IDS facing composite demands to defeat modern attack activities from damaging the computer systems. Anomaly-Based IDS examines ongoing traffic, activity, transactions and behavior in order to identify intrusions by detecting anomalies. These technique identifies activities which degenerates from the normal behaviours. In recent years, data mining approach for intrusion detection have been advised and used. The approach such as Genetic Algorithms , Support Vector Machines, Neural Networks as well as clustering has resulted in high accuracy and good detection rates but with moderate false alarm on novel attacks. Many researchers also have proposed hybrid data mining techniques. The previous resechers has intoduced the combination of Fuzzy Clustering and Artificial Neural Network. However, it was tested only on randomn selection of KDDCup 1999 dataset. In this study the framework experiment introduced, has been used over the NSL dataset to test the stability and reliability of the technique. The result of precision, recall and f-value rate is compared with previous experiment. Both dataset covers four types of main attacks, which are Derial of Services (DoS, User to Root (U2R, Remote to Local (R2L and Probe. Results had guarenteed that the hybrid approach performed better detection especially for low frequent over NSL datataset compared to original KDD dataset, due to the removal of redundancy and uncomplete elements in the original dataset. This electronic document is a “live” template. The various components of your paper [title, text, tables, figures and references] are already defined on the style sheet, as illustrated by the portions given in this document.

  4. Mapping faults and intrusions onshore Disko Island by use of Vibroseismic data, shallow marine seismic data and electromagnetic observations

    Science.gov (United States)

    Clausen, Ole R.; Nørmark, Egon; Gulbrandsen, Pelle; Sabra, Henrik

    2014-05-01

    The west Greenland margin is characterized by sedimentary basins containing high density of intrusions (dikes and sills) originating from the Cenozoic breakup and separation of Greenland and North American. The magmatic rocks have lately attracted interest due to observations of hydrocarbons associated to the intrusions but here due to the ore potential associated to the same intrusions. In 2000 a marine seismic campaign by GEUS in the coastal areas of West Greenland showed that it is possible to identify magmatic intrusions in the sedimentary succession as well as map normal faults, and that the intrusions are heterogeneous distributed and probably related to the normal faults. The presence of normal faults is known from the regional onshore geological mapping campaigns performed by GEUS. However, the marine seismic data indicate a much more complicated structural pattern than presented in the onshore maps, which is a well-known phenomenon (Marcussen et al., 2002). In 2012 and 2013 seismic data were acquired onshore on the northern coast of Disko as part of a research project funded by Avannaa Resources . The objective was initially to test whether it is possible to acquire data of a quality enabling the observation and mapping of intrusions in the subsurface. Later it was followed by a more extensive survey where it was attempted to map the depth to and geometry of the intrusions. The relatively dense seismic grid onshore -compared to the marine seismic data offshore west Greenland- enable the identification and more important the mapping of several intrusions. They show some of the same characteristics as intrusions observed at e.q. the Norwegian margin of the North Atlantic (Hansen et al., 2004). The preliminary results which integrate both marine and onshore seismic data revise the structural understanding of the area and indicate a close relation between the intrusions and the rift related normal faults. The results are consistent with remote sensing methods

  5. Adaptive security systems -- Combining expert systems with adaptive technologies

    Energy Technology Data Exchange (ETDEWEB)

    Argo, P.; Loveland, R.; Anderson, K. [and others

    1997-09-01

    The Adaptive Multisensor Integrated Security System (AMISS) uses a variety of computational intelligence techniques to reason from raw sensor data through an array of processing layers to arrive at an assessment for alarm/alert conditions based on human behavior within a secure facility. In this paper, the authors give an overview of the system and briefly describe some of the major components of the system. This system is currently under development and testing in a realistic facility setting.

  6. Adaptive security systems -- Combining expert systems with adaptive technologies

    International Nuclear Information System (INIS)

    The Adaptive Multisensor Integrated Security System (AMISS) uses a variety of computational intelligence techniques to reason from raw sensor data through an array of processing layers to arrive at an assessment for alarm/alert conditions based on human behavior within a secure facility. In this paper, the authors give an overview of the system and briefly describe some of the major components of the system. This system is currently under development and testing in a realistic facility setting

  7. Algorithm of Intrusion Detection Based on Data Mining and Its Implementation

    Institute of Scientific and Technical Information of China (English)

    SUN Hai-bin; XU Liang-xian; CHEN Yan-hua

    2004-01-01

    Intrusion detection is regarded as classification in data mining field. However instead of directly mining the classification rules, class association rules, which are then used to construct a classifier, are mined from audit logs. Some attributes in audit logs are important for detecting intrusion but their values are distributed skewedly. A relative support concept is proposed to deal with such situation. To mine class association rules effectively, an algorithms based on FP-tree is exploited. Experiment result proves that this method has better performance.

  8. The adaptive approach for storage assignment by mining data of warehouse management system for distribution centres

    Science.gov (United States)

    Ming-Huang Chiang, David; Lin, Chia-Ping; Chen, Mu-Chen

    2011-05-01

    Among distribution centre operations, order picking has been reported to be the most labour-intensive activity. Sophisticated storage assignment policies adopted to reduce the travel distance of order picking have been explored in the literature. Unfortunately, previous research has been devoted to locating entire products from scratch. Instead, this study intends to propose an adaptive approach, a Data Mining-based Storage Assignment approach (DMSA), to find the optimal storage assignment for newly delivered products that need to be put away when there is vacant shelf space in a distribution centre. In the DMSA, a new association index (AIX) is developed to evaluate the fitness between the put away products and the unassigned storage locations by applying association rule mining. With AIX, the storage location assignment problem (SLAP) can be formulated and solved as a binary integer programming. To evaluate the performance of DMSA, a real-world order database of a distribution centre is obtained and used to compare the results from DMSA with a random assignment approach. It turns out that DMSA outperforms random assignment as the number of put away products and the proportion of put away products with high turnover rates increase.

  9. A modeling study of saltwater intrusion in the Andarax delta area using multiple data sources

    DEFF Research Database (Denmark)

    Antonsson, Arni Valur; Engesgaard, Peter Knudegaard; Jorreto, Sara;

    the understanding of the investigated system. A density dependent saltwater intrusion model has been established for the coastal zone of the Andarax aquifer, SE Spain, with the aim of obtaining a coherent (conceptual) understanding of the area. Recently drilled deep boreholes in  the Andarax delta revealed a far...... reaching saltwater intrusion in the area. Furthermore, the geological information obtained from these boreholes laid a foundation for a new hydrogeological conceptual model of the area, which we aim to assess in this simulation study.Appraisal of the conceptual model of the Andarax delta area is conducted...

  10. Architecture for Intrusion Detection System with Fault Tolerance Using Mobile Agent

    Directory of Open Access Journals (Sweden)

    Chintan Bhatt

    2011-10-01

    Full Text Available This paper is a survey of the work, done for making an IDS fault tolerant.Architecture of IDS that usesmobile Agent provides higher scalability. Mobile Agent uses Platform for detecting Intrusions using filterAgent, co-relater agent, Interpreter agent and rule database. When server (IDS Monitor goes down,other hosts based on priority takes Ownership. This architecture uses decentralized collection andanalysis for identifying Intrusion. Rule sets are fed based on user-behaviour or applicationbehaviour.This paper suggests that intrusion detection system (IDS must be fault tolerant; otherwise, theintruder may first subvert the IDS then attack the target system at will.

  11. Volcano monitoring using GPS: Developing data analysis strategies based on the June 2007 Kīlauea Volcano intrusion and eruption

    Science.gov (United States)

    Larson, Kristine M.; Poland, Michael; Miklius, Asta

    2010-01-01

    The global positioning system (GPS) is one of the most common techniques, and the current state of the art, used to monitor volcano deformation. In addition to slow (several centimeters per year) displacement rates, GPS can be used to study eruptions and intrusions that result in much larger (tens of centimeters over hours-days) displacements. It is challenging to resolve precise positions using GPS at subdaily time intervals because of error sources such as multipath and atmospheric refraction. In this paper, the impact of errors due to multipath and atmospheric refraction at subdaily periods is examined using data from the GPS network on Kīlauea Volcano, Hawai'i. Methods for filtering position estimates to enhance precision are both simulated and tested on data collected during the June 2007 intrusion and eruption. Comparisons with tiltmeter records show that GPS instruments can precisely recover the timing of the activity.

  12. STUDYING COMPLEX ADAPTIVE SYSTEMS

    Institute of Scientific and Technical Information of China (English)

    John H. Holland

    2006-01-01

    Complex adaptive systems (cas) - systems that involve many components that adapt or learn as they interact - are at the heart of important contemporary problems. The study of cas poses unique challenges: Some of our most powerful mathematical tools, particularly methods involving fixed points, attractors, and the like, are of limited help in understanding the development of cas. This paper suggests ways to modify research methods and tools, with an emphasis on the role of computer-based models, to increase our understanding of cas.

  13. Multi-Use Non-Intrusive Flow Characterization System (FCS) Project

    Data.gov (United States)

    National Aeronautics and Space Administration — The product of the Phase II effort will be a Multi-Use Non-Intrusive Flow Characterization System (FCS) for densified, normal boiling point, and two-phase cryogenic...

  14. Multi-Use Non-Intrusive Flow Characterization System (FCS) Project

    Data.gov (United States)

    National Aeronautics and Space Administration — The innovation is a Multi-Use Non-Intrusive Flow Characterization System (FCS) for densified, normal boiling point, and two-phase cryogenic flows, capable of...

  15. Adaptive Inflow Control System

    CERN Document Server

    Volkov, Vasily Y; Zhuravlev, Oleg N; Nukhaev, Marat T; Shchelushkin, Roman V

    2014-01-01

    This article presents the idea and realization for the unique Adaptive Inflow Control System being a part of well completion, able to adjust to the changing in time production conditions. This system allows to limit the flow rate from each interval at a certain level, which solves the problem of water and gas breakthroughs. We present the results of laboratory tests and numerical calculations obtaining the characteristics of the experimental setup with dual-in-position valves as parts of adaptive inflow control system, depending on the operating conditions. The flow distribution in the system was also studied with the help of three-dimensional computer model. The control ranges dependences are determined, an influence of the individual elements on the entire system is revealed.

  16. A Recent Survey on Bloom Filters in Network Intrusion Detection Systems

    Directory of Open Access Journals (Sweden)

    K.Saravanan,

    2011-03-01

    Full Text Available Computer networks are prone to hacking, viruses and other malware; a Network Intrusion Detection System (NIDS is needed to protect the end-user machines from threats. An effective NIDS is therefore anetwork security system capable of protecting the end user machines well before a threat or intruder affects. NIDS requires a space efficient data base for detection of threats in high speed conditions. A bloom filter is a space efficient randomized data structure for representing a set in order to support membership queries. These Bloom filters allow false positive results (FPR but the space saving capability often outweigh this drawback provided the probability of FPR is controlled. Research is being done to reduce FPR by modifying the structure of bloom filters and enabling it to operate in the increasing network speeds, thus variant bloom filters are being introduced. The aim of this paper is to survey the ways in which Bloom filters have been used and modified to be used in high speed Network Intrusion Detection Systems with their merits and demerits.

  17. Complex adaptive systems ecology

    DEFF Research Database (Denmark)

    Sommerlund, Julie

    2003-01-01

    In the following, I will analyze two articles called Complex Adaptive Systems EcologyI & II (Molin & Molin, 1997 & 2000). The CASE-articles are some of the more quirkyarticles that have come out of the Molecular Microbial Ecology Group - a groupwhere I am currently making observational studies...

  18. An Intrusion Detection System Based on Multi-Level Clustering for Hierarchical Wireless Sensor Networks.

    Science.gov (United States)

    Butun, Ismail; Ra, In-Ho; Sankar, Ravi

    2015-01-01

    In this work, an intrusion detection system (IDS) framework based on multi-level clustering for hierarchical wireless sensor networks is proposed. The framework employs two types of intrusion detection approaches: (1) "downward-IDS (D-IDS)" to detect the abnormal behavior (intrusion) of the subordinate (member) nodes; and (2) "upward-IDS (U-IDS)" to detect the abnormal behavior of the cluster heads. By using analytical calculations, the optimum parameters for the D-IDS (number of maximum hops) and U-IDS (monitoring group size) of the framework are evaluated and presented. PMID:26593915

  19. An Intrusion Detection System Based on Multi-Level Clustering for Hierarchical Wireless Sensor Networks

    OpenAIRE

    Ismail Butun; In-Ho Ra; Ravi Sankar

    2015-01-01

    In this work, an intrusion detection system (IDS) framework based on multi-level clustering for hierarchical wireless sensor networks is proposed. The framework employs two types of intrusion detection approaches: (1) “downward-IDS (D-IDS)” to detect the abnormal behavior (intrusion) of the subordinate (member) nodes; and (2) “upward-IDS (U-IDS)” to detect the abnormal behavior of the cluster heads. By using analytical calculations, the optimum parameters for the D-IDS (number of maximum hops...

  20. Unsupervised Training Methods for Non-intrusive Appliance Load Monitoring from Smart Meter Data

    OpenAIRE

    Parson, Oliver

    2014-01-01

    Non-intrusive appliance load monitoring (NIALM) is the process of disaggregating a household’s total electricity consumption into its contributing appliances. Smart meters are currently being deployed on national scales, providing a platform to collect aggregate household electricity consumption data. Existing approaches to NIALM require a manual training phase in which either sub-metered appliance data is collected or appliance usage is manually labelled. This training data is used to build ...

  1. Bald Mountain gold mining district, Nevada: A Jurassic reduced intrusion-related gold system

    Science.gov (United States)

    Nutt, C.J.; Hofstra, A.H.

    2007-01-01

    The Bald Mountain mining district has produced about 2 million ounces (Moz) of An. Geologic mapping, field relationships, geochemical data, petrographic observations, fluid inclusion characteristics, and Pb, S, O, and H isotope data indicate that An mineralization was associated with a reduced Jurassic intrusion. Gold deposits are localized within and surrounding a Jurassic (159 Ma) quartz monzonite porphyry pluton and dike complex that intrudes Cambrian to Mississippian carbonate and clastic rocks. The pluton, associated dikes, and An mineralization were controlled by a crustal-scale northwest-trending structure named the Bida trend. Gold deposits are localized by fracture networks in the pluton and the contact metamorphic aureole, dike margins, high-angle faults, and certain strata or shale-limestone contacts in sedimentary rocks. Gold mineralization was accompanied by silicification and phyllic alteration, ??argillic alteration at shallow levels. Although An is typically present throughout, the system exhibits a classic concentric geochemical zonation pattern with Mo, W, Bi, and Cu near the center, Ag, Pb, and Zn at intermediate distances, and As and Sb peripheral to the intrusion. Near the center of the system, micron-sized native An occurs with base metal sulfides and sulfosalts. In peripheral deposits and in later stages of mineralization, Au is typically submicron in size and resides in pyrite or arsenopyrite. Electron microprobe and laser ablation ICP-MS analyses show that arsenopyrite, pyrite, and Bi sulfide minerals contain 10s to 1,000s of ppm Au. Ore-forming fluids were aqueous and carbonic at deep levels and episodically hypersaline at shallow levels due to boiling. The isotopic compositions of H and O in quartz and sericite and S and Pb in sulfides are indicative of magmatic ore fluids with sedimentary sulfur. Together, the evidence suggests that Au was introduced by reduced S-bearing magmatic fluids derived from a reduced intrusion. The reduced

  2. Service-oriented architecture of adaptive, intelligent data acquisition and processing systems for long-pulse fusion experiments

    International Nuclear Information System (INIS)

    The data acquisition systems used in long-pulse fusion experiments need to implement data reduction and pattern recognition algorithms in real time. In order to accomplish these operations, it is essential to employ software tools that allow for hot swap capabilities throughout the temporal evolution of the experiments. This is very important because processing needs are not equal during different phases of the experiment. The intelligent test and measurement system (ITMS) developed by UPM and CIEMAT is an example of a technology for implementing scalable data acquisition and processing systems based on PXI and CompactPCI hardware. In the ITMS platform, a set of software tools allows the user to define the processing algorithms associated with the different experimental phases using state machines driven by software events. These state machines are specified using the State Chart XML (SCXML) language. The software tools are developed using JAVA, JINI, an SCXML engine and several LabVIEW applications. Within this schema, it is possible to execute data acquisition and processing applications in an adaptive way. The power of SCXML semantics and the ability to work with XML user-defined data types allow for very easy programming of the ITMS platform. With this approach, the ITMS platform is a suitable solution for implementing scalable data acquisition and processing systems based on a service-oriented model with the ability to easily implement remote participation applications.

  3. Services oriented architecture for adaptive and intelligent data acquisition and processing systems in long pulse fusion experiments

    International Nuclear Information System (INIS)

    Data acquisition systems used in long pulse fusion experiments require to implement data reduction and pattern recognition algorithms in real time. In order to accomplish these operations is essential to dispose software tools that allow hot swap capabilities throughout the temporal evolution of the experiments. This is very important because the processing needs are not equal in the different experiment's phases. The intelligent test and measurement system (ITMS) developed by UPM and CIEMAT is an example of technology for implementing scalable data acquisition and processing systems based in PXI and compact PCI hardware. In the ITMS platform a set of software tools allows the user to define the processing associated with the different experiment's phases using state machines driven by software events. These state machines are specified using State Chart XML (SCXML) language. The software tools are developed using: JAVA, JINI, a SCXML engine and several LabVIEW applications. With this schema it is possible to execute data acquisition and processing applications in an adaptive way. The powerful of SCXML semantics and the possibility of to work with XML user defined data types allow a very easy programming of ITMS platform. With this approach ITMS platform is a suitable solution for implementing scalable data acquisition and processing systems, based in a services oriented model, with ease possibility for implement remote participation applications. (authors)

  4. Service-oriented architecture of adaptive, intelligent data acquisition and processing systems for long-pulse fusion experiments

    Energy Technology Data Exchange (ETDEWEB)

    Gonzalez, J. [Grupo de Investigacion en Instrumentacion y Acustica Aplicada. Universidad Politecnica de Madrid, Crta. Valencia Km-7 Madrid 28031 (Spain); Ruiz, M., E-mail: mariano.ruiz@upm.e [Grupo de Investigacion en Instrumentacion y Acustica Aplicada. Universidad Politecnica de Madrid, Crta. Valencia Km-7 Madrid 28031 (Spain); Barrera, E.; Lopez, J.M.; Arcas, G. de [Grupo de Investigacion en Instrumentacion y Acustica Aplicada. Universidad Politecnica de Madrid, Crta. Valencia Km-7 Madrid 28031 (Spain); Vega, J. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain)

    2010-07-15

    The data acquisition systems used in long-pulse fusion experiments need to implement data reduction and pattern recognition algorithms in real time. In order to accomplish these operations, it is essential to employ software tools that allow for hot swap capabilities throughout the temporal evolution of the experiments. This is very important because processing needs are not equal during different phases of the experiment. The intelligent test and measurement system (ITMS) developed by UPM and CIEMAT is an example of a technology for implementing scalable data acquisition and processing systems based on PXI and CompactPCI hardware. In the ITMS platform, a set of software tools allows the user to define the processing algorithms associated with the different experimental phases using state machines driven by software events. These state machines are specified using the State Chart XML (SCXML) language. The software tools are developed using JAVA, JINI, an SCXML engine and several LabVIEW applications. Within this schema, it is possible to execute data acquisition and processing applications in an adaptive way. The power of SCXML semantics and the ability to work with XML user-defined data types allow for very easy programming of the ITMS platform. With this approach, the ITMS platform is a suitable solution for implementing scalable data acquisition and processing systems based on a service-oriented model with the ability to easily implement remote participation applications.

  5. Intrusion Detection Systems for Community Wireless Mesh Networks

    OpenAIRE

    Makaroff, D.; Smith, Paul; Race, Nicholas J.P.; Hutchison, David

    2008-01-01

    Wireless mesh networks are being increasingly used to provide affordable network connectivity to communities where wired deployment strategies are either not possible or are prohibitively expensive. Unfortunately, computer networks (including mesh networks) are frequently being exploited by increasingly profit-driven and insidious attackers, which can affect their utility for legitimate use. In response to this, a number of countermeasures have been developed, including intrusion detection sy...

  6. Hierarchical Design Based Intrusion Detection System For Wireless Ad hoc Network

    OpenAIRE

    Mamun, Mohammad Saiful Islam; Kabir, A. F. M Sultanul

    2012-01-01

    In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system needs to be introduced. Though intrusion prevention mechanism is one of the major and efficient methods against attacks, but there might be some...

  7. Event-based knowledge elicitation of operating room management decision-making using scenarios adapted from information systems data

    Directory of Open Access Journals (Sweden)

    Epstein Richard H

    2011-01-01

    Full Text Available Abstract Background No systematic process has previously been described for a needs assessment that identifies the operating room (OR management decisions made by the anesthesiologists and nurse managers at a facility that do not maximize the efficiency of use of OR time. We evaluated whether event-based knowledge elicitation can be used practically for rapid assessment of OR management decision-making at facilities, whether scenarios can be adapted automatically from information systems data, and the usefulness of the approach. Methods A process of event-based knowledge elicitation was developed to assess OR management decision-making that may reduce the efficiency of use of OR time. Hypothetical scenarios addressing every OR management decision influencing OR efficiency were created from published examples. Scenarios are adapted, so that cues about conditions are accurate and appropriate for each facility (e.g., if OR 1 is used as an example in a scenario, the listed procedure is a type of procedure performed at the facility in OR 1. Adaptation is performed automatically using the facility's OR information system or anesthesia information management system (AIMS data for most scenarios (43 of 45. Performing the needs assessment takes approximately 1 hour of local managers' time while they decide if their decisions are consistent with the described scenarios. A table of contents of the indexed scenarios is created automatically, providing a simple version of problem solving using case-based reasoning. For example, a new OR manager wanting to know the best way to decide whether to move a case can look in the chapter on "Moving Cases on the Day of Surgery" to find a scenario that describes the situation being encountered. Results Scenarios have been adapted and used at 22 hospitals. Few changes in decisions were needed to increase the efficiency of use of OR time. The few changes were heterogeneous among hospitals, showing the usefulness of

  8. 澳大利亚造山型金矿和侵入岩有关金矿系统流体包裹体资料和矿化过程的比较%Comparison of fluid inclusion data and mineralization processes for Australian orogenic gold and intrusion-related gold systems

    Institute of Scientific and Technical Information of China (English)

    T.P.Memagh; E.N.Bastrakov; Khin Zaw; A.S.Wygralak; L.A.I.Wybom

    2007-01-01

    We have examined the fluid inclusion data and fluid chemistry of Australian orogenic and intrusion-related gold deposits to determine if similar mineralization processes apply to both styles of deposits. The fluid inclusion data from the Yilgarn craton, the western subprovince of the Lachlan orogen, the Tanami, Tennant Creek and Pine Creek regions, and the Telfer gold mine show that mineralization involved fluids with broadly similar major chemical components ( i. e. H2O + NsCl + CO2 ± CH4 ± N2 ). These deposits formed over a wide range of temperature-pressure conditions ( < 200 to > 500℃, < 100 ~ 400MPa ). Low salinity, CO2-bearing inclusions and low salinity aqueous inclusions occur in both systems but the main difference between these two types of deposits is that most intrusion-related gold deposits also contain at least one population of high-salinity aqueous brine. Oxygen and hydrogen isotope data for both styles of deposit usually cannot distinguish between a magmatic or metamorphic source for the ore-bearing fluids. However, sulfur and lead isotope data for the intrusion-related gold deposits generally indicate either a magmatic source or mixing between magmatic and sedimentary sources of fluid. The metamorphic geothermal gradients associated with intrusion-related gold deposits are characterized by low pressure, high temperature metamorphism and high crustal geothermal gradients of > 30/km. Where amphibole breakdown occurs in a granite source region, the spatially related deposits are more commonly associated with Cu-Au deposits rather than Au-only deposits that are associated with lower temperature granites. The dominant processes thought to cause gold precipitation in both types of deposits are fluid-rock interaction ( e. g. desulfidation) or phase separation. Consideration of the physical and chemical properties of the H2O-NaCl-CO2 system on the nature of gold precipitation mechanisms at different crustal levels infers different roles of

  9. An artificial immune system for securing mobile ad hoc networks against intrusion attacks

    Science.gov (United States)

    Hortos, William S.

    2003-08-01

    operation of the route discovery and selection process in the presence of intrusive or malicious nodes. Furthermore, this pattern detection approach is suitable for the difficult problem of passive or hidden security threats. Based on the SRP features of the state vector, an artificial immune system (AIS) is constructed as a hierarchy of rules to detect different types of intrusive activity within the MANET. The pattern detection rules in the complement (nonself) space are generated in an evolutionary manner using a genetic search algorithm. The effect of the genetic search is to discern the varying levels of abnormal behavior in the MANET protocol transactions. The efficacy of the AIS technique is compared to the positive characterization method based on nearest-neighbor classification. Initial evaluations of the detection scheme are performed to validate the AIS-based method using training and test data sets, generated from intrusion scenarios simulated from various threat models and security-aware modifications to reactive MANET routing protocols. These results are reported along with a performance analysis comparing the AIS approach with competing techniques. Conclusions about the AIS application to MANETs using the SRP are discussed.

  10. Secured UAV based on multi-agent systems and embedded Intrusion Detection and Prevention Systems

    Directory of Open Access Journals (Sweden)

    K.Boukhdir

    2015-08-01

    Full Text Available Unmanned aerial vehicles, or drones, are a relatively recent area of research and in full effervescence with more and more amateur and academic projects. Initially associated to the military, these vehicles are way to be used in many other areas. In effect, demand is growing for various applications within of this type of technology. Inspection of buildings, search and rescue of missing or in distress people are some examples. This research paper highlights a lightweight intrusion detection system with the objective to secure UAVs. Our IDP(Intrusion and Prevention System uses real-time architecture, based on the multi-agent systems so it can be autonomous and distributed between the ground control station(GCS and the UAV is more suited to be embedded in low computation resources devices in general and especially UAVs

  11. A Self-Adaptive Wireless Sensor Network Coverage Method for Intrusion Tolerance Based on Trust Value

    OpenAIRE

    Zuo Chen; Xue Li; Bing Yang; Qian Zhang

    2015-01-01

    The sensor is quite easily attacked or invaded during the process of the node coverage optimization. It is a great challenge to make sure that the wireless sensor network could still carry out a secure communication and reliable coverage under the condition of being attacked. Therefore, this paper proposes a network coverage method for intrusion tolerance based on trust value of nodes by combining the trust value model with the reliable coverage optimization. It first estimates trust value of...

  12. Composite synvolcanic intrusions associated with Precambrian VMS-related hydrothermal systems

    Science.gov (United States)

    Galley, Alan G.

    2003-06-01

    trondhjemite phases. The trondhjemite phases contain numerous internal contacts indicating emplacement as composite sills. Common structural features of the composite intrusions include early xenolith phases, abundant small comagmatic dikes, fractures and veins and, in places, columnar jointing. Internal phases may differ greatly in texture from fine- to coarse-grained, aphyric and granophyric through seriate to porphyritic. Mineralogical and isotopic evidence indicates that early phases of each composite intrusion are affected by pervasive to fracture-controlled high-temperature (350-450 °C) alteration reflecting seawater-rock interaction. Trondhjemite phases contain hydrothermal-magmatic alteration assemblages within miarolitic cavities, hydrothermal breccias and veins. This hydrothermal-magmatic alteration may, in part, be inherited from previously altered wall rocks. Two of the four intrusions are host to Cu-Mo-rich intrusive breccias and porphyry-type mineralization which formed as much as 14 Ma after the main subvolcanic magmatic activity. The recognition of these Precambrian, subvolcanic composite intrusions is important for greenfields VMS exploration, as they define the location of thermal corridors within extensional oceanic-arc regimes which have the greatest potential for significant VMS mineralization. The VMS mineralization may occur for 2,000 m above the intrusions. In some cases, VMS mineralization has been truncated or enveloped by late trondhjemite phases of the composite intrusions. Evidence that much of the trondhjemitic magmatism postdates the principal VMS activity is a critical factor when developing heat and fluid flow models for these subseafloor magmatic-hydrothermal systems.

  13. From intrusive to oscillating thoughts.

    Science.gov (United States)

    Peirce, Anne Griswold

    2007-10-01

    This paper focused on the possibility that intrusive thoughts (ITs) are a form of an evolutionary, adaptive, and complex strategy to prepare for and resolve stressful life events through schema formation. Intrusive thoughts have been studied in relation to individual conditions, such as traumatic stress disorder and obsessive-compulsive disorder. They have also been documented in the average person experiencing everyday stress. In many descriptions of thought intrusion, it is accompanied by thought suppression. Several theories have been put forth to describe ITs, although none provides a satisfactory explanation as to whether ITs are a normal process, a normal process gone astray, or a sign of pathology. There is also no consistent view of the role that thought suppression plays in the process. I propose that thought intrusion and thought suppression may be better understood by examining them together as a complex and adaptive mechanism capable of escalating in times of need. The ability of a biological mechanism to scale up in times of need is one hallmark of a complex and adaptive system. Other hallmarks of complexity, including self-similarity across scales, sensitivity to initial conditions, presence of feedback loops, and system oscillation, are also discussed in this article. Finally, I propose that thought intrusion and thought suppression are better described together as an oscillatory cycle. PMID:17904485

  14. Technical evaluation of rapid deployment and re-deployable intrusion detection systems (RDIDS/RIDS)

    International Nuclear Information System (INIS)

    This paper reports on ECSI-EAG International's Pulsed Infrared Perimeter Intrusion Detection System (IPID) which was originally designed for permanent pole mounted installations and tripod mounted Rapid Deployment applications for NATO military forces. Subsequently, IPID has been upgraded to meet present Rapid Deployment Intrusion Detection System (RDIDS) and Redeployable Intrusion Detection System (RIDS) requirements. Both the RDIDS and RIDS are available in self-contained, wireless, conduitless configurations. The active, pulsed infrared system is integrated with a Radio Frequency (RF) transmitter operating in the VHF and UHF frequencies and powered by a battery backup photovoltaic energy system. The enhancements offer extensive flexibility and cash savings since the RDIDS and RIDS systems can be operational in 1/20 the time of conventional installations

  15. Design and Implementation of a Smart LED Lighting System Using a Self Adaptive Weighted Data Fusion Algorithm

    Directory of Open Access Journals (Sweden)

    Wen-Tsai Sung

    2013-12-01

    Full Text Available This work aims to develop a smart LED lighting system, which is remotely controlled by Android apps via handheld devices, e.g., smartphones, tablets, and so forth. The status of energy use is reflected by readings displayed on a handheld device, and it is treated as a criterion in the lighting mode design of a system. A multimeter, a wireless light dimmer, an IR learning remote module, etc. are connected to a server by means of RS 232/485 and a human computer interface on a touch screen. The wireless data communication is designed to operate in compliance with the ZigBee standard, and signal processing on sensed data is made through a self adaptive weighted data fusion algorithm. A low variation in data fusion together with a high stability is experimentally demonstrated in this work. The wireless light dimmer as well as the IR learning remote module can be instructed directly by command given on the human computer interface, and the reading on a multimeter can be displayed thereon via the server. This proposed smart LED lighting system can be remotely controlled and self learning mode can be enabled by a single handheld device via WiFi transmission. Hence, this proposal is validated as an approach to power monitoring for home appliances, and is demonstrated as a digital home network in consideration of energy efficiency.

  16. Smart container UWB sensor system for situational awareness of intrusion alarms

    Science.gov (United States)

    Romero, Carlos E.; Haugen, Peter C.; Zumstein, James M.; Leach, Jr., Richard R.; Vigars, Mark L.

    2013-06-11

    An in-container monitoring sensor system is based on an UWB radar intrusion detector positioned in a container and having a range gate set to the farthest wall of the container from the detector. Multipath reflections within the container make every point on or in the container appear to be at the range gate, allowing intrusion detection anywhere in the container. The system also includes other sensors to provide false alarm discrimination, and may include other sensors to monitor other parameters, e.g. radiation. The sensor system also includes a control subsystem for controlling system operation. Communications and information extraction capability may also be included. A method of detecting intrusion into a container uses UWB radar, and may also include false alarm discrimination. A secure container has an UWB based monitoring system

  17. Research of Intrusion Detection System%入侵检测系统的研究

    Institute of Scientific and Technical Information of China (English)

    隋新; 杨喜权; 陈棉书; 侯刚

    2012-01-01

    入侵检测系统是采用主动的防御技术保护系统、信息安全的重要网络安全措施.对入侵检测系统的研究进展进行了详细的介绍、分析,并进行了全面的总结.重点介绍了入侵检测系统的模型、分类;以及入侵检测系统的新技术及比较成熟的IDS产品.最后展望了入侵检测系统的发展前景.%Intrusion detection system is an important safety measure that uses the active defense technology to protect information security. Firstly, the research progress of intrusion detection system in details is summarized, introduced the intrusion detection system model and classification. Secondly, the new technology of intrusion detection system and mature IDS products are introduced. Finally, the development of intrusion detection system is prospected.

  18. A Novel Distributed Intrusion Detection System for Vehicular Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    Leandros A. Maglaras

    2015-04-01

    Full Text Available In the new interconnected world, we need to secure vehicular cyber-physical systems (VCPS using sophisticated intrusion detection systems. In this article, we present a novel distributed intrusion detection system (DIDS designed for a vehicular ad hoc network (VANET. By combining static and dynamic detection agents, that can be mounted on central vehicles, and a control center where the alarms about possible attacks on the system are communicated, the proposed DIDS can be used in both urban and highway environments for real time anomaly detection with good accuracy and response time.

  19. On the applicability of fair and adaptive data dissemination in traffic information systems

    NARCIS (Netherlands)

    Schwartz, Ramon S.; Ohazulike, Anthony E.; Sommer, Christoph; Scholten, Hans; Dressler, Falko; Havinga, Paul

    2014-01-01

    Vehicular Ad hoc Networks (VANETs) are expected to serve as support to the development of not only safety applications but also information-rich applications that disseminate relevant data to vehicles. Due to the continuous collection, processing, and dissemination of data, one crucial requirement i

  20. An Intrusion Detection System Model Based on Immune Principle and Performance Analysis

    Institute of Scientific and Technical Information of China (English)

    CHEN Zhi-xian; WANG Ru-chuan; WANG Shao-di; SUN Zhi-xin

    2005-01-01

    The study of security in computer networks is a key issue,which is a rapidly growing area of interest because of its importance.Main network security problems are analyzed in this paper above all,which currently are confronted with network systems and existing works in intrusion detection.And then an intrusion detection system model based on Immune Principle(IPIDS)is presented.Meanwhile,it expatiates detailed implementation of the methods how to reduce the high false positive and negative alarms of the traditional Intrusion Detection System(IDS).At last a simple simulation is performed on this model just using string match algorithm as binding mechanism.The simulation results indicate that the model can detect malicious activity effectively,and consequently the security and steadiness of the whole network system are improved also.

  1. Model-Data Fusion and Adaptive Sensing for Large Scale Systems: Applications to Atmospheric Release Incidents

    Science.gov (United States)

    Madankan, Reza

    All across the world, toxic material clouds are emitted from sources, such as industrial plants, vehicular traffic, and volcanic eruptions can contain chemical, biological or radiological material. With the growing fear of natural, accidental or deliberate release of toxic agents, there is tremendous interest in precise source characterization and generating accurate hazard maps of toxic material dispersion for appropriate disaster management. In this dissertation, an end-to-end framework has been developed for probabilistic source characterization and forecasting of atmospheric release incidents. The proposed methodology consists of three major components which are combined together to perform the task of source characterization and forecasting. These components include Uncertainty Quantification, Optimal Information Collection, and Data Assimilation. Precise approximation of prior statistics is crucial to ensure performance of the source characterization process. In this work, an efficient quadrature based method has been utilized for quantification of uncertainty in plume dispersion models that are subject to uncertain source parameters. In addition, a fast and accurate approach is utilized for the approximation of probabilistic hazard maps, based on combination of polynomial chaos theory and the method of quadrature points. Besides precise quantification of uncertainty, having useful measurement data is also highly important to warranty accurate source parameter estimation. The performance of source characterization is highly affected by applied sensor orientation for data observation. Hence, a general framework has been developed for the optimal allocation of data observation sensors, to improve performance of the source characterization process. The key goal of this framework is to optimally locate a set of mobile sensors such that measurement of textit{better} data is guaranteed. This is achieved by maximizing the mutual information between model predictions

  2. A Study of Various Intrusion Detection Model Based on Data Fusion, Neural Network and D-S Theory

    Directory of Open Access Journals (Sweden)

    Ramnaresh Sharma

    2012-06-01

    Full Text Available Network security and awareness of network attackare hot pots in current research area. Now in daysvarious model and method are available forintrusion detection and awareness of cyber-attack.Such as Application of the integrated NetworkSecurity Situation Awareness system (Net-SSAshows that the proposed framework supports for theaccurate modeling and effective generation ofnetwork security situation. In this paper we havediscuss various approach for intrusion detectiontechnique such as data fusion, neural network andD-S Theory and fuzzy logic.

  3. Adaptive Data Processing Technique for Lidar-Assisted Control to Bridge the Gap between Lidar Systems and Wind Turbines: Preprint

    Energy Technology Data Exchange (ETDEWEB)

    Schlipf, David; Raach, Steffen; Haizmann, Florian; Cheng, Po Wen; Fleming, Paul; Scholbrock, Andrew, Krishnamurthy, Raghu; Boquet, Mathieu

    2015-12-14

    This paper presents first steps toward an adaptive lidar data processing technique crucial for lidar-assisted control in wind turbines. The prediction time and the quality of the wind preview from lidar measurements depend on several factors and are not constant. If the data processing is not continually adjusted, the benefit of lidar-assisted control cannot be fully exploited, or can even result in harmful control action. An online analysis of the lidar and turbine data are necessary to continually reassess the prediction time and lidar data quality. In this work, a structured process to develop an analysis tool for the prediction time and a new hardware setup for lidar-assisted control are presented. The tool consists of an online estimation of the rotor effective wind speed from lidar and turbine data and the implementation of an online cross correlation to determine the time shift between both signals. Further, initial results from an ongoing campaign in which this system was employed for providing lidar preview for feed-forward pitch control are presented.

  4. Implementing and testing a fiber-optic polarization-based intrusion detection system

    Science.gov (United States)

    Hajj, Rasha El; MacDonald, Gregory; Verma, Pramode; Huck, Robert

    2015-09-01

    We describe a layer-1-based intrusion detection system for fiber-optic-based networks. Layer-1-based intrusion detection represents a significant elevation in security as it prohibits an adversary from obtaining information in the first place (no cryptanalysis is possible). We describe the experimental setup of the intrusion detection system, which is based on monitoring the behavior of certain attributes of light both in unperturbed and perturbed optical fiber links. The system was tested with optical fiber links of various lengths and types, under different environmental conditions, and under changes in fiber geometry similar to what is experienced during tapping activity. Comparison of the results for perturbed and unperturbed links has shown that the state of polarization is more sensitive to intrusion activity than the degree of polarization or power of the received light. The testing was conducted in a simulated telecommunication network environment that included both underground and aerial links. The links were monitored for intrusion activity. Attempts to tap the link were easily detected with no apparent degradation in the visual quality of the real-time surveillance video.

  5. Real-Time Intrusion Detection System Framework Based on Conditional Random Fields%基于条件随机场的实时入侵检测系统框架实现

    Institute of Scientific and Technical Information of China (English)

    顾佼佼; 姜文志; 粟飞; 胡文萱

    2011-01-01

    入侵检测系统(IDS)如今是网络的重要组成部分,现在各种无线网络及专用网络都已配备检测系统。随着网络技术的迅猛发展,入侵检测的技术已经从简单的签名匹配发展成能充分利用上下文信息的基于异常和混合的检测方式。为了从网络环境大量记录信息中正确有效地识别出入侵,提出一种基于层叠条件随机场模型的入侵检测框架,该框架针对4类不同攻击方式利用条件随机场模型分别进行识别训练,然后逐层进行入侵识别,提高了入侵检测系统的自适应性和可移植性,降低了系统的误报率和误检率,可高精度的识别各种攻击。实验结果表明,该框架可实时有效的识别攻击,启动响应机制进行处理。%Intrusion detection systems are now an essential component in the all kinds of network even including wireless ad hoc network. With the rapid advancement in the network technologies, the focus of intrusion detection has shifted from simple signature matching approaches to detecting attacks based on analyzing contextual information that employed in based on anomaly and hybrid intrusion detection approaches In order to correctly and effectively recognizing the hidden attack intrusion from large volume of low level system logs, a layered based on anomaly intrusion detection framework was proposed using conditional random fields to detect a wide variety of attacks. For models separately, and then processes the data layer fou by r classes of attack the framework trains four different layer to detect intrusion. Attacks could be identified and intrusion response could be initiated in real time with this framework and the system adaptability and portability were improved significantly reduce the system false alarm rate and false detection rate. Experiments show that the CRF model could detect attacks effectively

  6. A methodical and adaptive framework for Data Warehouse of Salary Management System

    OpenAIRE

    Manzoor Ahmad

    2015-01-01

    Years of experience as an employee of University of Kashmir has always desired us to have a typical solution where most of the activities related to salary are fully automated without checking across the files whenever there is a need e.g. individual month‟s salary report , web based information submission, filing of returns , increment information etc. After thorough analysis , taking employee satisfaction , sensitivity and security of data , a long term solution was to develop a centralized...

  7. 关于入侵检测系统和入侵防御系统的探讨%Discussion of Intrusion Detection and Intrusion Prevention System

    Institute of Scientific and Technical Information of China (English)

    丁志芳; 徐孟春; 汪淼; 殷石昌

    2006-01-01

    本文简要介绍了入侵检测系统(Intrusion Detection System,IDS)的优势和不足,分析入侵防御系统(Intrusion Prevention System,IPS)的原理和特点.IPS与IDS各有其优点和不足,应该充分发挥各自的优势,使双方达到互补,相辅相成,共同建立现实的网络与信息安全体系.

  8. ADAPTIVE CAPACITY OF STUDENTS’ CARDIOVASCULAR SYSTEM

    OpenAIRE

    Arabadzhi Liliya Ivanivna

    2012-01-01

    Data about adaptive capacity of cardiovascular system of 106 students were analyzed. Using the method of R.M. Bayevskiy, current adaptive capacity of students’ organisms was estimated. The number of students with stress adaptation mechanisms significantly increased with their age (from 17 to 23 years). In our opinion, this could be explained by negative impact of urbanization, significant learning overload and lack of physical activity among the students. Dependence of the adaptive capacity...

  9. Adaptable Web Modules to Stimulate Active Learning in Engineering Hydrology using Data and Model Simulations of Three Regional Hydrologic Systems

    Science.gov (United States)

    Habib, E. H.; Tarboton, D. G.; Lall, U.; Bodin, M.; Rahill-Marier, B.; Chimmula, S.; Meselhe, E. A.; Ali, A.; Williams, D.; Ma, Y.

    2013-12-01

    server-based system. Open source web technologies and community-based tools are used to facilitate wide dissemination and adaptation by diverse, independent institutions. The new hydrologic learning modules are based on recent developments in hydrologic modeling, data, and resources. The modules are embedded in three regional-scale ecosystems, Coastal Louisiana, Florida Everglades, and Utah Great Salt Lake Basin. These sites provide a wealth of hydrologic concepts and scenarios that can be used in most water resource and hydrology curricula. The study develops several learning modules based on the three hydro-systems covering subjects such as: water-budget analysis, effects of human and natural changes, climate-hydrology teleconnections, and water-resource management scenarios. The new developments include an instructional interface to give critical guidance and support to the learner and an instructor's guide containing adaptation and implementation procedures to assist instructors in adopting and integrating the material into courses and provide a consistent experience. The design of the new hydrologic education developments will be transferable to independent institutions and adaptable both instructionally and technically through a server system capable of supporting additional developments by the educational community.

  10. Technologies, Methodologies and Challenges in Network Intrusion Detection and Prevention Systems

    Directory of Open Access Journals (Sweden)

    Nicoleta STANCIU

    2013-01-01

    Full Text Available This paper presents an overview of the technologies and the methodologies used in Network Intrusion Detection and Prevention Systems (NIDPS. Intrusion Detection and Prevention System (IDPS technologies are differentiated by types of events that IDPSs can recognize, by types of devices that IDPSs monitor and by activity. NIDPSs monitor and analyze the streams of network packets in order to detect security incidents. The main methodology used by NIDPSs is protocol analysis. Protocol analysis requires good knowledge of the theory of the main protocols, their definition, how each protocol works.

  11. Application of Machine Learning Approaches in Intrusion Detection System: A Survey

    Directory of Open Access Journals (Sweden)

    Nutan Farah Haq

    2015-03-01

    Full Text Available Network security is one of the major concerns of the modern era. With the rapid development and massive usage of internet over the past decade, the vulnerabilities of network security have become an important issue. Intrusion detection system is used to identify unauthorized access and unusual attacks over the secured networks. Over the past years, many studies have been conducted on the intrusion detection system. However, in order to understand the current status of implementation of machine learning techniques for solving the intrusion detection problems this survey paper enlisted the 49 related studies in the time frame between 2009 and 2014 focusing on the architecture of the single, hybrid and ensemble classifier design. This survey paper also includes a statistical comparison of classifier algorithms, datasets being used and some other experimental setups as well as consideration of feature selection step.

  12. Automated Signature Creator for a Signature Based Intrusion Detection System with Network Attack Detection Capabilities (Pancakes

    Directory of Open Access Journals (Sweden)

    Frances Bernadette C. De Ocampo

    2015-05-01

    Full Text Available Signature-based Intrusion Detection System (IDS helps in maintaining the integrity of data in a network controlled environment. Unfortunately, this type of IDS depends on predetermined intrusion patterns that are manually created. If the signature database of the Signature-based IDS is not updated, network attacks just pass through this type of IDS without being noticed. To avoid this, an Anomaly-based IDS is used in order to countercheck if a network traffic that is not detected by Signature-based IDS is a true malicious traffic or not. In doing so, the Anomaly-based IDS might come up with several numbers of logs containing numerous network attacks which could possibly be a false positive. This is the reason why the Anomaly-based IDS is not perfect, it would readily alarm the system that a network traffic is an attack just because it is not on its baseline. In order to resolve the problem between these two IDSs, the goal is to correlate data between the logs of the Anomaly-based IDS and the packet that has been captured in order to determine if a network traffic is really malicious or not. With the supervision of a security expert, the malicious network traffic would be verified as malicious. Using machine learning, the researchers can identify which algorithm is better than the other algorithms in classifying if a certain network traffic is really malicious. Upon doing so, the creation of signatures would follow by basing the automated creation of signatures from the detected malicious traffic.

  13. Functional requirements with survey results for integrated intrusion detection and access control annunciator systems

    Energy Technology Data Exchange (ETDEWEB)

    Arakaki, L.H.; Monaco, F.M.

    1995-09-01

    This report contains the guidance Functional Requirements for an Integrated Intrusion Detection and Access Control Annunciator System, and survey results of selected commercial systems. The survey questions were based upon the functional requirements; therefore, the results reflect which and sometimes how the guidance recommendations were met.

  14. Network intrusion detection

    Institute of Scientific and Technical Information of China (English)

    Oboile Tirelo; YANG Chun-hua

    2003-01-01

    Nowadays, network computer systems play an increasingly important role in society and economy. They have become the targets of a wide array of malicious attacks that invariably turn into actual intrusions. This is why the computer security has become an essential concern for network administrators. Too often, intrusions wreak havoc inside LANs and the time and cost to repair the damage can grow to extreme proportions. Instead of using passive measures to fix and patch security holes once they have been exploited, it is more effective to adopt a protective approach to intrusions. In addition to the well-established intrusion prevention techniques such as data encryption and message integrity, user authentication and user authorization, as well as the avoidance of security flaws inherent to many off-the-shelf applications, intrusion detection techniques can be viewed as an addition safeguard for network computers. The paper discusses traditional and new security designs, the approach to implementing best-practice security measures and the method to trace the malicious computer attackers.

  15. Design and adaptation of ocean observing systems at coastal scales, the role of data assimilation in the optimization of measures.

    Science.gov (United States)

    Brandini, Carlo; Taddei, Stefano; Fattorini, Maria; Doronzo, Bartolomeo; Lapucci, Chiara; Ortolani, Alberto; Poulain, Pierre Marie

    2015-04-01

    The design and the implementation of observation systems, in the current view, are not limited to the capability to observe some phenomena of particular interest in a given sea area, but must ensure maximum benefits to the analysis/prediction systems that are based on numerical models. The design of these experimental systems takes great advantage from the use of synthetic data, whose characteristics are as close as possible to the observed data (e.g. in-situ), in terms of spatial and temporal variability, particularly when the power spectrum of the observed signal is close to that reproduced by a numerical model. This method, usually referred to as OSSE (Observing System Simulation Experiment), is a preferred way to test numerical data for assimilation into models as if they were real data, with the advantage of defining different datasets for data assimilation at almost no cost. This applies both to the design of fixed networks (such as buoys or coastal radars), and to the improvement of the performance of mobile platforms, such as autonomous marine vehicles, floats or mobile radars, through the optimization of parameters for vehicle guidance, coverage, trajectories or localization of sampling points, according to the adaptive observation concept. In this work we present the results of some experimental activities recently undertaken in the coastal area between the Ligurian and Northern Tyrrhenian seas, that have shown a great vulnerability in recent years, due to a number of marine accidents and environmental issues. In this cross-border area an observation and forecasting system is being installed as part of the SICOMAR project (PO maritime Italy-France), in order to provide real time data at high spatial and time resolution, and to design interoperable, expandable and flexible observing platforms, that can be quickly adapted to the needs of local problems (e.g. accidents at sea). The starting SICOMAR network includes HF coastal radars, FerryBoxes onboard ships

  16. Detecting Danger: Applying a Novel Immunological Concept to Intrusion Detection Systems

    CERN Document Server

    Greensmith, Julie; Twycross, Jamie

    2010-01-01

    In recent years computer systems have become increasingly complex and consequently the challenge of protecting these systems has become increasingly difficult. Various techniques have been implemented to counteract the misuse of computer systems in the form of firewalls, anti-virus software and intrusion detection systems. The complexity of networks and dynamic nature of computer systems leaves current methods with significant room for improvement. Computer scientists have recently drawn inspiration from mechanisms found in biological systems and, in the context of computer security, have focused on the human immune system (HIS). The human immune system provides a high level of protection from constant attacks. By examining the precise mechanisms of the human immune system, it is hoped the paradigm will improve the performance of real intrusion detection systems. This paper presents an introduction to recent developments in the field of immunology. It discusses the incorporation of a novel immunological parad...

  17. Building Real-Time Network Intrusion Detection System Based on Parallel Time-Series Mining Techniques

    Institute of Scientific and Technical Information of China (English)

    Zhao Feng; Li Qinghua

    2005-01-01

    A new real-time model based on parallel time-series mining is proposed to improve the accuracy and efficiency of the network intrusion detection systems. In this model, multidimensional dataset is constructed to describe network events, and sliding window updating algorithm is used to maintain network stream. Moreover, parallel frequent patterns and frequent episodes mining algorithms are applied to implement parallel time-series mining engineer which can intelligently generate rules to distinguish intrusions from normal activities. Analysis and study on the basis of DAWNING 3000 indicate that this parallel time-series mining-based model provides a more accurate and efficient way to building real-time NIDS.

  18. The potential for health risks from intrusion of contaminants into the distribution system from pressure transients.

    Science.gov (United States)

    LeChevallier, Mark W; Gullick, Richard W; Karim, Mohammad R; Friedman, Melinda; Funk, James E

    2003-03-01

    The potential for public health risks associated with intrusion of contaminants into water supply distribution systems resulting from transient low or negative pressures is assessed. It is shown that transient pressure events occur in distribution systems; that during these negative pressure events pipeline leaks provide a potential portal for entry of groundwater into treated drinking water; and that faecal indicators and culturable human viruses are present in the soil and water exterior to the distribution system. To date, all observed negative pressure events have been related to power outages or other pump shutdowns. Although there are insufficient data to indicate whether pressure transients are a substantial source of risk to water quality in the distribution system, mitigation techniques can be implemented, principally the maintenance of an effective disinfectant residual throughout the distribution system, leak control, redesign of air relief venting, and more rigorous application of existing engineering standards. Use of high-speed pressure data loggers and surge modelling may have some merit, but more research is needed. PMID:15384268

  19. 基于Snort入侵检测系统的改进优化%An Improved Intrusion Detection System Based on Snort

    Institute of Scientific and Technical Information of China (English)

    杨海峰; 陈明锐

    2012-01-01

    在深入研究和分析Snort入侵检测系统的基础上,对原有系统提出了新的改进设计方案,解决了Snort系统不能及时检测未知入侵行为的问题.同时,根据Snort流出数据的特征,统计了其出现频率,将存在威胁的数据特征动态加入到Snort异常特征库中,实现了对未知入侵的拦截.改进后的系统可有效防止未知的入侵事件,降低了丢包率,提高了系统的全面检测能力.%Based on the analysis of the Snort intrusion detection system, a new improved scheme was put forward to solve the problem that Snort system can' t detect unknown intrusion events timely. According to the characteristics of data outflow from Snort, its frequency was counted, and the characteristics of threaten data were added into the Snort abnormal feature library, and the unknown intrusion interception were realized. The improved system prevents the unknown intrusion events effectively, reduces the loss rate of the data packets and improves the comprehensive detection ability of intrusion detection system.

  20. An Enhanced Intrusion Detection System for Multitier Dynamic Web Applications

    Directory of Open Access Journals (Sweden)

    S.Sasireka

    2014-05-01

    Full Text Available We present an efficient approach, a system used to detect attacks in multitiered web services and classify through Hierarchal clustering Algorithm. Our approach can create normality models of isolated user sessions that include both the web front-end (HTTP and back-end (File or SQL network transactions with respect to Data volumes and Classify them. Implements a lightweight virtualization technique to assign each user’s web session to a dedicated container, an isolated virtual computing environment. We use the cluster algorithm to accurately associate the web request with the subsequent DB queries. DoubleGuard can build a causal mapping profile by taking both the webserver and DB traffic into account. Internet services and applications have become an inextricable part of daily life, enabling communication and the management of personal information from anywhere. To accommodate this increase in application and data complexity, web services have moved to a multitiered design wherein the webserver runs the application front-end logic and data are outsourced to a database or file server. In this paper, we present DoubleGuard, an IDS system that models the network behavior of user sessions across both the front-end webserver and the back-end database. By monitoring both web and subsequent database requests, we are able to ferret out attacks that an independent IDS would not be able to identify. Furthermore, we quantify the limitations of any multitier IDS in terms of training sessions and functionality coverage. We implemented DoubleGuard using an Apache webserver with MySQL and lightweight virtualization.

  1. Salt Water Intrusion in a Three-dimensional Groundwater System in The Netherlands: a Numerical Study

    NARCIS (Netherlands)

    Oude Essink, Gualbert

    2001-01-01

    Salt water intrusion is investigated in a coastal groundwater system in the northern part of the province Noord-Holland, The Netherlands. Density dependent groundwater flow is modeled in three-dimensions withMOCDENS3D. This computer code is a version of MOC3D (Konikow et al., 1996) that has been ada

  2. Conjunctive Management of Multi-Aquifer System for Saltwater Intrusion Mitigation

    Science.gov (United States)

    Tsai, F. T. C.; Pham, H. V.

    2015-12-01

    Due to excessive groundwater withdrawals, many water wells in Baton Rouge, Louisiana experience undesirable chloride concentration because of saltwater intrusion. The study goal is to develop a conjunctive management framework that takes advantage of the Baton Rouge multi-aquifer system to mitigate saltwater intrusion. The conjunctive management framework utilizes several hydraulic control techniques to mitigate saltwater encroachment. These hydraulic control approaches include pumping well relocation, freshwater injection, saltwater scavenging, and their combinations. Specific objectives of the study are: (1) constructing scientific geologic architectures of the "800-foot" sand, the "1,000-foot" sand, the "1,200-foot" sand, the "1,500-foot" sand, the "1,700-foot" sand, and the "2,000-foot" sand, (2) developing scientific saltwater intrusion models for these sands. (3) using connector wells to draw native groundwater from one sand and inject to another sand to create hydraulic barriers to halt saltwater intrusion, (4) using scavenger wells or well couples to impede saltwater intrusion progress and reduce chloride concentration in pumping wells, and (5) reducing cones of depression by relocating and dispersing pumping wells to different sands. The study utilizes optimization techniques and newest LSU high performance computing (HPC) facilities to derive solutions. The conjunctive management framework serves as a scientific tool to assist policy makers to solve the urgent saltwater encroachment issue in the Baton Rouge area. The research results will help water companies as well as industries in East Baton Rouge Parish and neighboring parishes by reducing their saltwater intrusion threats, which in turn would sustain Capital Area economic development.

  3. Integrated Adaptive Analysis and Visualization of Satellite Network Data Project

    Data.gov (United States)

    National Aeronautics and Space Administration — We propose to develop a system that enables integrated and adaptive analysis and visualization of satellite network management data. Integrated analysis and...

  4. On Cyber Attacks and Signature Based Intrusion Detection for MODBUS Based Industrial Control Systems

    Directory of Open Access Journals (Sweden)

    Wei Gao

    2014-03-01

    Full Text Available Industrial control system communication networks are vulnerable to reconnaissance, response injection, command injection, and denial of service attacks.  Such attacks can lead to an inability to monitor and control industrial control systems and can ultimately lead to system failure. This can result in financial loss for control system operators and economic and safety issues for the citizens who use these services.  This paper describes a set of 28 cyber attacks against industrial control systems which use the MODBUS application layer network protocol. The paper also describes a set of standalone and state based intrusion detection system rules which can be used to detect cyber attacks and to store evidence of attacks for post incident analysis. All attacks described in this paper were validated in a laboratory environment. The detection rate of the intrusion detection system rules presented by attack class is also presented.

  5. Systematic adaptation of data delivery

    Science.gov (United States)

    Bakken, David Edward

    2016-02-02

    This disclosure describes, in part, a system management component for use in a power grid data network to systematically adjust the quality of service of data published by publishers and subscribed to by subscribers within the network. In one implementation, subscribers may identify a desired data rate, a minimum acceptable data rate, desired latency, minimum acceptable latency and a priority for each subscription and the system management component may adjust the data rates in real-time to ensure that the power grid data network does not become overloaded and/or fail. In one example, subscriptions with lower priorities may have their quality of service adjusted before subscriptions with higher priorities. In each instance, the quality of service may be maintained, even if reduced, to meet or exceed the minimum acceptable quality of service for the subscription.

  6. A HYBRID INTRUSION PREVENTION SYSTEM (HIPS FOR WEB DATABASE SECURITY

    Directory of Open Access Journals (Sweden)

    Eslam Mohsin Hassib

    2010-07-01

    Full Text Available Web database security is a challenging issue that should be taken into consideration when designing and building business based web applications. Those applications usually include critical processes such as electronic-commerce web applications that include money transfer via visa or master cards. Security is a critical issue in other web based application such as sites for military weapons companies and national security of countries. The main contributionof this paper is to introduce a new web database security model that includes a combination of triple system ; (i Host Identity protocol(HIP in a new authentication method called DSUC (Data Security Unique Code, (ii a strong filtering rules that detects intruders with high accuracy, and (iii a real time monitoring system that employs the Uncertainty Degree Model (UDM using fuzzy sets theory. It was shown that the combination of those three powerful security issues results in very strong security model. Accordingly, the proposed web database security model has the ability to detect and provide a real time prevention of intruder access with high precision. Experimental results have shown that the proposed model introduces satisfactory web database protection levels which reach in some cases to detect and prevent more that 93% of the intruders.

  7. Towards Adaptive Educational Assessments: Predicting Student Performance using Temporal Stability and Data Analytics in Learning Management Systems

    Energy Technology Data Exchange (ETDEWEB)

    Thakur, Gautam [ORNL; Olama, Mohammed M [ORNL; McNair, Wade [ORNL; Sukumar, Sreenivas R [ORNL

    2014-01-01

    Data-driven assessments and adaptive feedback are becoming a cornerstone research in educational data analytics and involve developing methods for exploring the unique types of data that come from the educational context. For example, predicting college student performance is crucial for both the students and educational institutions. It can support timely intervention to prevent students from failing a course, increasing efficacy of advising functions, and improving course completion rate. In this paper, we present our efforts in using data analytics that enable educationists to design novel data-driven assessment and feedback mechanisms. In order to achieve this objective, we investigate temporal stability of students grades and perform predictive analytics on academic data collected from 2009 through 2013 in one of the most commonly used learning management systems, called Moodle. First, we have identified the data features useful for assessments and predicting student outcomes such as students scores in homework assignments, quizzes, exams, in addition to their activities in discussion forums and their total Grade Point Average(GPA) at the same term they enrolled in the course. Second, time series models in both frequency and time domains are applied to characterize the progression as well as overall projections of the grades. In particular, the model analyzed the stability as well as fluctuation of grades among students during the collegiate years (from freshman to senior) and disciplines. Third, Logistic Regression and Neural Network predictive models are used to identify students as early as possible who are in danger of failing the course they are currently enrolled in. These models compute the likelihood of any given student failing (or passing) the current course. The time series analysis indicates that assessments and continuous feedback are critical for freshman and sophomores (even with easy courses) than for seniors, and those assessments may be

  8. NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE

    Directory of Open Access Journals (Sweden)

    Hemanta Kumar Kalita

    2011-07-01

    Full Text Available Non-intrusive remote monitoring of data centre services should be such that it does not require (or minimal modification of legacy code and standard practices. Also, allowing third party agent to sit on every server in a data centre is a risk from security perspective. Hence, use of standard such as SNMPv3 is advocated in this kind of environment. There are many tools (open source or commercial available which uses SNMP; but we observe that most of the tools do not have an essential feature for auto-discovery of network. In this paper we present an algorithm for remote monitoring of services in a data centre. The algorithm has two stages: 1 auto discovery of network topology and 2 data collection from remote machine. Further, we compare SNMP with WBEM and identify some other options for remote monitoring of services and their advantages and disadvantages.

  9. Non-Intrusive Magneto-Optic Detecting System for Investigations of Air Switching Arcs

    International Nuclear Information System (INIS)

    In current investigations of electric arc plasmas, experiments based on modern testing technology play an important role. To enrich the testing methods and contribute to the understanding and grasping of the inherent mechanism of air switching arcs, in this paper, a non-intrusive detecting system is described that combines the magneto-optic imaging (MOI) technique with the solution to inverse electromagnetic problems. The detecting system works in a sequence of main steps as follows: MOI of the variation of the arc flux density over a plane, magnetic field information extracted from the magneto-optic (MO) images, arc current density distribution and spatial pattern reconstruction by inverting the resulting field data. Correspondingly, in the system, an MOI set-up is designed based on the Faraday effect and the polarization properties of light, and an intelligent inversion algorithm is proposed that involves simulated annealing (SA). Experiments were carried out for high current (2 kA RMS) discharge cases in a typical low-voltage switchgear. The results show that the MO detection system possesses the advantages of visualization, high resolution and response, and electrical insulation, which provides a novel diagnostics tool for further studies of the arc. (low temperature plasma)

  10. Non-Intrusive Magneto-Optic Detecting System for Investigations of Air Switching Arcs

    Science.gov (United States)

    Zhang, Pengfei; Zhang, Guogang; Dong, Jinlong; Liu, Wanying; Geng, Yingsan

    2014-07-01

    In current investigations of electric arc plasmas, experiments based on modern testing technology play an important role. To enrich the testing methods and contribute to the understanding and grasping of the inherent mechanism of air switching arcs, in this paper, a non-intrusive detecting system is described that combines the magneto-optic imaging (MOI) technique with the solution to inverse electromagnetic problems. The detecting system works in a sequence of main steps as follows: MOI of the variation of the arc flux density over a plane, magnetic field information extracted from the magneto-optic (MO) images, arc current density distribution and spatial pattern reconstruction by inverting the resulting field data. Correspondingly, in the system, an MOI set-up is designed based on the Faraday effect and the polarization properties of light, and an intelligent inversion algorithm is proposed that involves simulated annealing (SA). Experiments were carried out for high current (2 kA RMS) discharge cases in a typical low-voltage switchgear. The results show that the MO detection system possesses the advantages of visualization, high resolution and response, and electrical insulation, which provides a novel diagnostics tool for further studies of the arc.

  11. New Genetic Algorithm Based Intrusion Detection System for SCADA

    Directory of Open Access Journals (Sweden)

    Aarcha Anoop

    2013-04-01

    Full Text Available Securing SCADA systems is a critical aspect of industrial systems. Industrial systems have installations which actively using the public network in order to provide new features and services which make the system unsecured .By introducing a filtering system ,we can analyse the critical state of the system which can be monitored and secure SCADA network protocols. But in this approach, there is no mathematical method for calculating filter parameters for DDOS, R2L, U2R attacks. In this paper, we present a new genetic algorithm based approach for calculating those parameters to make the system more secure.

  12. Adapting bioinformatics curricula for big data.

    Science.gov (United States)

    Greene, Anna C; Giffin, Kristine A; Greene, Casey S; Moore, Jason H

    2016-01-01

    Modern technologies are capable of generating enormous amounts of data that measure complex biological systems. Computational biologists and bioinformatics scientists are increasingly being asked to use these data to reveal key systems-level properties. We review the extent to which curricula are changing in the era of big data. We identify key competencies that scientists dealing with big data are expected to possess across fields, and we use this information to propose courses to meet these growing needs. While bioinformatics programs have traditionally trained students in data-intensive science, we identify areas of particular biological, computational and statistical emphasis important for this era that can be incorporated into existing curricula. For each area, we propose a course structured around these topics, which can be adapted in whole or in parts into existing curricula. In summary, specific challenges associated with big data provide an important opportunity to update existing curricula, but we do not foresee a wholesale redesign of bioinformatics training programs.

  13. Modeling message sequences for intrusion detection in industrial control systems

    NARCIS (Netherlands)

    Caselli, Marco; Zambon, Emmanuele; Petit, Jonathan; Kargl, Frank; Rice, Mason; Shenoi, Sujeet

    2015-01-01

    Compared with standard information technology systems, industrial control systems show more consistent and regular communications patterns. This characteristic contributes to the stability of controlled processes in critical infrastructures such as power plants, electric grids and water treatment fa

  14. Sequence-aware intrusion detection in industrial control systems

    NARCIS (Netherlands)

    Caselli, Marco; Zambon, Emmanuele; Kargl, Frank; Zhou, Jianying; Jones, D.

    2015-01-01

    Nowadays, several threats endanger cyber-physical systems. Among these systems, industrial control systems (ICS) operating on critical infrastructures have been proven to be an attractive target for attackers. The case of Stuxnet has not only showed that ICSs are vulnerable to cyber-attacks, but als

  15. Intrusion Detection System%IDS入侵检测系统研究

    Institute of Scientific and Technical Information of China (English)

    李镇江; 戴英侠; 陈越

    2001-01-01

    在分布式计算环境中,信息系统首先需要考虑的就是保护数据和资源免遭未授权的非法访问、操作,甚至恶意入侵和破坏,因此安全管理日益成为人们关注的焦点.在诸多的新兴技术中,IDS(入侵检测系统)以它新颖的思路和广阔的应用前景而倍受青睐.介绍IDS的历史和现状,说明现有IDS的不足以及今后ID技术的发展趋势.%Resources and data need be protected by a mechanism which prevents system from unauthorized accesses, misuses and malicious intrusious in today's distributed computing environment. SSOs (System Security Officer) demands an intelligent system to support them to care about these issues. Thus, a challenging but fascinating technology, IDS had been deeply investigated during last 20 years and is gaining more and more attention recently. IDS can identify intrusions and misuses and then trigger corresponding response and recovery processing. in this thesis, author first reviews the history and status quo of IDS, then discusses the future trends in the development of IDS Technologies.

  16. PERFORMANCE COMPARISON OF INTRUSION DETECTION SYSTEM USING VARIOUS TECHNIQUES – A REVIEW

    Directory of Open Access Journals (Sweden)

    S. Devaraju

    2013-09-01

    Full Text Available Nowadays, the security has become a critical part of any organization or industry information systems. The Intrusion Detection System is an effective method to deal with the new kind of threats such as DoS, Porbe, R2L and U2R. In this paper, we analyze the various approaches such as Hidden Semi Markov Model, Conditional Random Fields and Layered Approach, Bayesian classification, Data Mining techniques, Clustering Algorithms such as K-Means and Fuzzy c-Means, Back Propagation Neural Network, SOM Neural Network, Rough Set Neural Network Algorithm, Genetic Algorithm, Pattern Matching, Principle Component Analysis, Linear Discriminant Analysis, Independent Component Analysis, Multivariate Statistical Analysis, SOM/PSO algorithm etc. The performance is measured for two different datasets using various approaches. The datasets are trained and tested for identifying the new attacks that will affect the hosts or networks. The well known KDD Cup 1999 or DARPA 1999 dataset has been used to improve the accuracy and performance. The four groups of attacks are identified as Probe, DoS, U2R and R2L. The dataset used for training set is 494,021 and testing set is 311,028. The aim is to improve the detection rate and performance of the proposed system.

  17. RISM -- Reputation Based Intrusion Detection System for Mobile Ad hoc Networks

    OpenAIRE

    Trivedi, Animesh Kr; Kapoor, Rishi; Arora, Rajan; Sanyal, Sudip; Sanyal, Sugata

    2013-01-01

    This paper proposes a combination of an Intrusion Detection System with a routing protocol to strengthen the defense of a Mobile Ad hoc Network. Our system is Socially Inspired, since we use the new paradigm of Reputation inherited from human behavior. The proposed IDS also has a unique characteristic of being Semi-distributed, since it neither distributes its Observation results globally nor keeps them entirely locally; however, managing to communicate this vital information without accretio...

  18. Generating Representative Attack Test Cases for Evaluating and Testing Wireless Intrusion Detection Systems

    OpenAIRE

    Khalid Nasr; Anas Abou El Kalam; Christian Fraboul

    2012-01-01

    Openness of wireless communication medium and flexibility in dealing with wireless communication protocols and their vulnerabilities create a problem of poor security. Due to deficiencies in the security mechanisms of the first line of defense such as firewall and encryption, there are growing interests in detecting wireless attacks through a second line of defense in the form of Wireless Intrusion Detection System (WIDS). WIDS monitors the radio spectrum and system activities and detects att...

  19. Event-based knowledge elicitation of operating room management decision-making using scenarios adapted from information systems data

    OpenAIRE

    Epstein Richard H; Wachtel Ruth E; Dexter Franklin

    2011-01-01

    Abstract Background No systematic process has previously been described for a needs assessment that identifies the operating room (OR) management decisions made by the anesthesiologists and nurse managers at a facility that do not maximize the efficiency of use of OR time. We evaluated whether event-based knowledge elicitation can be used practically for rapid assessment of OR management decision-making at facilities, whether scenarios can be adapted automatically from information systems dat...

  20. A Distributed Signature Detection Method for Detecting Intrusions in Sensor Systems

    Directory of Open Access Journals (Sweden)

    Won Woo Ro

    2013-03-01

    Full Text Available Sensor nodes in wireless sensor networks are easily exposed to open and unprotected regions. A security solution is strongly recommended to prevent networks against malicious attacks. Although many intrusion detection systems have been developed, most systems are difficult to implement for the sensor nodes owing to limited computation resources. To address this problem, we develop a novel distributed network intrusion detection system based on theWu–Manber algorithm. In the proposed system, the algorithm is divided into two steps; the first step is dedicated to a sensor node, and the second step is assigned to a base station. In addition, the first step is modified to achieve efficient performance under limited computation resources. We conduct evaluations with random string sets and actual intrusion signatures to show the performance improvement of the proposed method. The proposed method achieves a speedup factor of 25.96 and reduces 43.94% of packet transmissions to the base station compared with the previously proposed method. The system achieves efficient utilization of the sensor nodes and provides a structural basis of cooperative systems among the sensors.

  1. A distributed signature detection method for detecting intrusions in sensor systems.

    Science.gov (United States)

    Kim, Ilkyu; Oh, Doohwan; Yoon, Myung Kuk; Yi, Kyueun; Ro, Won Woo

    2013-01-01

    Sensor nodes in wireless sensor networks are easily exposed to open and unprotected regions. A security solution is strongly recommended to prevent networks against malicious attacks. Although many intrusion detection systems have been developed, most systems are difficult to implement for the sensor nodes owing to limited computation resources. To address this problem, we develop a novel distributed network intrusion detection system based on the Wu-Manber algorithm. In the proposed system, the algorithm is divided into two steps; the first step is dedicated to a sensor node, and the second step is assigned to a base station. In addition, the first step is modified to achieve efficient performance under limited computation resources. We conduct evaluations with random string sets and actual intrusion signatures to show the performance improvement of the proposed method. The proposed method achieves a speedup factor of 25.96 and reduces 43.94% of packet transmissions to the base station compared with the previously proposed method. The system achieves efficient utilization of the sensor nodes and provides a structural basis of cooperative systems among the sensors. PMID:23529146

  2. P2PRPIPS: A P2P and Reverse Proxy Based Web Intrusion Protection System

    Directory of Open Access Journals (Sweden)

    Qian He

    2013-03-01

    Full Text Available In order to protect web sites with various program languages and high throughput efficiently, a web Intrusion Protection System (IPS based on P2P and reverse proxy architecture was designed and implemented. The P2P based web intrusion protection system has multi web firewall nodes and nodes with same program cooperate with each other under P2P architecture. Some nodes work as net flow allocator and some work as detector and they can convert to each other according to the requirements dynamically. The WAF program has the characteristics of session keeping and load balancing and it can detect messages by using expert library and many plug-in components. The technology of reverse proxy is used for response the web request. Experiments show that the system can effectively prevent attacks form application layer. It is proved more efficient and stable than single node.

  3. An intrusion prevention system as a proactive security mechanism in network infrastructure

    Directory of Open Access Journals (Sweden)

    Dulanović Nenad

    2008-01-01

    Full Text Available A properly configured firewall is a good starting point in securing a computer network. However, complex network environments that involve higher number of participants and endpoints require better security infrastructure. Intrusion Detection Systems (IDS, proposed as a solution to perimeter defense, have many open problems and it is clear that better solutions must be found. Due to many unsolved problems associated with IDS, Intrusion Prevention Systems (IPS are introduced. The main idea in IPS is to be proactive. This paper gives an insight of Cobrador Bouncer IPS implementation. System architecture is given and three different Bouncer IPS deployment modes are presented. The Bouncer IPS as a proactive honeypot is also discussed.

  4. Using Site Testing Data for Adaptive Optics Simulations

    OpenAIRE

    Herriot, Glen; Andersen, David; Conan, Rod; Ellerbroek, Brent; Gilles, Luc; Hickson, Paul; Jackson, Kate; Lardière, Olivier; Pfrommer, Thomas; Véran, Jean-Pierre; Wang, Lianqi

    2011-01-01

    Astronomical Site testing data plays a vital role in the simulation, design, evaluation and operation of adaptive optics systems for large telescope. We present the example of TMT and its first light facilitiy adaptive optics system NFIRAOS, and illustrate the many simulations done based on site testing data.

  5. MULTI SCALE TIME SERIES PREDICTION FOR INTRUSION DETECTION

    Directory of Open Access Journals (Sweden)

    G. Palanivel

    2014-01-01

    Full Text Available We propose an anomaly-based network intrusion detection system, which analyzes traffic features to detect anomalies. The proposed system can be used both in online as well as off-line mode for detecting deviations from the expected behavior. Although our approach uses network packet or flow data, it is general enough to be adaptable for use with any other network variable, which may be used as a signal for anomaly detection. It differs from most existing approaches in its use of wavelet transform for generating different time scales for a signal and using these scales as an input to a two-stage neural network predictor. The predictor predicts the expected signal value and labels considerable deviations from this value as anomalies. The primary contribution of our work would be to empirically evaluate the effectiveness of multi resolution analysis as an input to neural network prediction engine specifically for the purpose of intrusion detection. The role of Intrusion Detection Systems (IDSs, as special-purpose devices to detect anomalies and attacks in a network, is becoming more important. First, anomaly-based methods cannot achieve an outstanding performance without a comprehensive labeled and up-to-date training set with all different attack types, which is very costly and time-consuming to create if not impossible. Second, efficient and effective fusion of several detection technologies becomes a big challenge for building an operational hybrid intrusion detection system.

  6. Implementation of Karp-Rabin string matching algorithm in reconfigurable hardware for network intrusion prevention system

    Science.gov (United States)

    Botwicz, Jakub; Buciak, Piotr; Sapiecha, Piotr

    2006-03-01

    Intrusion Prevention Systems (IPSs) have become widely recognized as a powerful tool and an important element of IT security safeguards. The essential feature of network IPSs is searching through network packets and matching multiple strings, that are fingerprints of known attacks. String matching is highly resource consuming and also the most significant bottleneck of IPSs. In this article an extension of the classical Karp-Rabin algorithm and its implementation architectures were examined. The result is a software, which generates a source code of a string matching module in hardware description language, that could be easily used to create an Intrusion Prevention System implemented in reconfigurable hardware. The prepared module matches the complete set of Snort IPS signatures achieving throughput of over 2 Gbps on an Altera Stratix I1 evaluation board. The most significant advantage of the proposed architecture is that the update of the patterns database does not require reconfiguration of the circuitry.

  7. How to secure web servers by the intrusion prevention system (IPS?

    Directory of Open Access Journals (Sweden)

    Yousef Farhaoui

    2016-03-01

    Full Text Available Information technology and especially the Internet are playing an increasing role in our society. Approaches by signature show limits on intrusion detection / attacks by the fact that most web vulnerabilities are specifically for specific applications may be developed in-house by companies. Behavioral methods are therefore an interesting approach in this area. An IPS (Intrusion Prevention System is a tool that is used to enhance the security level. We present here the secure IPS architecture web server. We will also discuss measures that define the effectiveness of our IPS and very recent work of standardization and homogenization of our IPS platform. The approach relies on preventive mechanisms: it is then to develop devices capable of preventing any action that would result in a violation of the security policy. However, experienceand results shows that it is impossible to build a fully secure system for technical or practical reasons.

  8. An Analysis of Security System for Intrusion in Smartphone Environment

    Directory of Open Access Journals (Sweden)

    Maya Louk

    2014-01-01

    Full Text Available There are many malware applications in Smartphone. Smartphone’s users may become unaware if their data has been recorded and stolen by intruders via malware. Smartphone—whether for business or personal use—may not be protected from malwares. Thus, monitoring, detecting, tracking, and notification (MDTN have become the main purpose of the writing of this paper. MDTN is meant to enable Smartphone to prevent and reduce the number of cybercrimes. The methods are shown to be effective in protecting Smartphone and isolating malware and sending warning in the form of notification to the user about the danger in progress. In particular, (a MDTN process is possible and will be enabled for Smartphone environment. (b The methods are shown to be an advanced security for private sensitive data of the Smartphone user.

  9. An analysis of security system for intrusion in Smartphone environment.

    Science.gov (United States)

    Louk, Maya; Lim, Hyotaek; Lee, HoonJae

    2014-01-01

    There are many malware applications in Smartphone. Smartphone's users may become unaware if their data has been recorded and stolen by intruders via malware. Smartphone--whether for business or personal use--may not be protected from malwares. Thus, monitoring, detecting, tracking, and notification (MDTN) have become the main purpose of the writing of this paper. MDTN is meant to enable Smartphone to prevent and reduce the number of cybercrimes. The methods are shown to be effective in protecting Smartphone and isolating malware and sending warning in the form of notification to the user about the danger in progress. In particular, (a) MDTN process is possible and will be enabled for Smartphone environment. (b) The methods are shown to be an advanced security for private sensitive data of the Smartphone user. PMID:25165754

  10. Distributed Intrusion Detection Systems for Enhancing Security in Mobile Wireless Sensor Networks

    OpenAIRE

    Leonardo Mostarda; Alfredo Navarra

    2008-01-01

    We present an approach to provide Intrusion Detection Systems (IDS) facilities into Wireless Sensors Networks (WSN). WSNs are usually composed of a large number of low power sensors. They require a careful consumption of the available energy in order to prolong the lifetime of the network. From the security point of view, the overhead added to standard protocols must be as light as possible according to the required security level. Starting from the DESERT tool [14, 16, 25] which has been pro...

  11. Analysis of Fuzzy Logic Based Intrusion Detection Systems in Mobile Ad Hoc Networks

    OpenAIRE

    Chaudhary, A.; V. N. Tiwari; Kumar, A

    2014-01-01

    Due to the advancement in wireless technologies, many of new paradigms have opened for communications. Among these technologies, mobile ad hoc networks play a prominent role for providing communication in many areas because of its independent nature of predefined infrastructure. But in terms of security, these networks are more vulnerable than the conventional networks because firewall and gateway based security mechanisms cannot be applied on it. That’s why intrusion detection systems are us...

  12. Co-operative Wireless Intrusion Detection System Using MIBs From SNMP

    OpenAIRE

    Ashvini Vyavhare; Varsharani Bhosale; Mrunal Sawant; Fazila Girkar

    2012-01-01

    In emerging technology of Internet, security issues are becoming more challenging. In case of wired LAN it is somewhat in control, but in case of wireless networks due to exponential growth in attacks, it has made difficult to detect such security loopholes. Wireless network security is being addressed using firewalls, encryption techniques and wired IDS (Intrusion Detection System) methods. But the approaches which were used in wired network were not successful in producing effective results...

  13. Intrusion Detection Systems Based on Artificial Intelligence Techniques in Wireless Sensor Networks

    OpenAIRE

    Nabil Ali Alrajeh; Lloret, J

    2013-01-01

    Intrusion detection system (IDS) is regarded as the second line of defense against network anomalies and threats. IDS plays an important role in network security. There are many techniques which are used to design IDSs for specific scenario and applications. Artificial intelligence techniques are widely used for threats detection. This paper presents a critical study on genetic algorithm, artificial immune, and artificial neural network (ANN) based IDSs techniques used in wireless sensor netw...

  14. HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENSOR NETWORK

    OpenAIRE

    Mohammad Saiful Islam Mamun; A.F.M. Sultanul Kabir

    2010-01-01

    In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs.However, security is one of the significant challenges for sensor network because of their deploymentin open and unprotected environment. As cryptographic mechanism is not enough to protect sensornetwork from external attacks, intrusion detection system needs to be introduced. Though intrusionprevention mechanism is one of the major and efficient methods against attacks, but there might besome atta...

  15. Fortifying Intrusion Detection Systems in Dynamic Ad Hoc and Wireless Sensor Networks

    OpenAIRE

    Abdelouahid Derhab; Abdelghani Bouras; Mustapha Reda Senouci; Muhammad Imran

    2014-01-01

    We investigate three aspects of dynamicity in ad hoc and wireless sensor networks and their impact on the efficiency of intrusion detection systems (IDSs). The first aspect is magnitude dynamicity, in which the IDS has to efficiently determine whether the changes occurring in the network are due to malicious behaviors or or due to normal changing of user requirements. The second aspect is nature dynamicity that occurs when a malicious node is continuously switching its behavior between normal...

  16. Policy based intrusion detection and response system in hierarchical WSN architecture

    OpenAIRE

    Mamun, Mohammad Saiful Islam; Kabir, A. F. M Sultanul; Hossen, Md. Sakhawat; Khan, Md. Razib Hayat

    2012-01-01

    In recent years, wireless sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system (IDS) needs to be introduced. In this paper we propose a policy based IDS for hierarchical architecture that fits the current demands and restrictions ...

  17. A Survey of Recent Intrusion Detection Systems for Wireless Sensor Network

    OpenAIRE

    Bhattasali, Tapalina; Chaki, Rituparna

    2012-01-01

    Security of Wireless sensor network (WSN) becomes a very important issue with the rapid development of WSN that is vulnerable to a wide range of attacks due to deployment in the hostile environment and having limited resources. Intrusion detection system is one of the major and efficient defensive methods against attacks in WSN. A particularly devastating attack is the sleep deprivation attack, where a malicious node forces legitimate nodes to waste their energy by resisting the sensor nodes ...

  18. ANOMALY NETWORK INTRUSION DETECTION SYSTEM BASED ON DISTRIBUTED TIME-DELAY NEURAL NETWORK (DTDNN)

    OpenAIRE

    LAHEEB MOHAMMAD IBRAHIM

    2010-01-01

    In this research, a hierarchical off-line anomaly network intrusion detection system based on Distributed Time-Delay Artificial Neural Network is introduced. This research aims to solve a hierarchical multi class problem in which the type of attack (DoS, U2R, R2L and Probe attack) detected by dynamic neural network. The results indicate that dynamic neural nets (Distributed Time-Delay Artificial Neural Network) can achieve a high detection rate, where the overall accuracy classification rate ...

  19. Web Prior Architecture to Avoid Threats and Enhance Intrusion Response System

    OpenAIRE

    Ravichandran, K S; R. Baby Akila; T. Durga Laxmi

    2012-01-01

    Web is hierarchically composed of entities such as domains, Web sites and documents distributed over Web sites and linked together by hyperlinks. The response component of the intrusion detection system issues the response to the jarring requests. In this paper, the intension is to allow the legitimate user to access the target website and perform the selective operations on the database to avoid threats and protect the database from unauthorized users. The designed Web Prior Architecture (WP...

  20. Artificially Augmented Training for Anomaly-based Network Intrusion Detection Systems

    Directory of Open Access Journals (Sweden)

    Chockalingam Karuppanchetty

    2015-09-01

    Full Text Available Attacks on web servers are becoming increasingly prevalent; the resulting social and economic impact of successful attacks is also exacerbated by our dependency on web-based applications. There are many existing attack detection and prevention schemes, which must be carefully configured to ensure their efficacy. In this paper, we present a study challenges that arise in training network payload anomaly detection schemes that utilize collected network traffic for tuning and configuration. The advantage of anomaly-based intrusion detection is in its potential for detecting zero day attacks. These types of schemes, however, require extensive training to properly model the normal characteristics of the system being protected. Usually, training is done through the use of real data collected by monitoring the activity of the system. In practice, network operators or administrators may run into cases where they have limited availability of such data. This issue can arise due to the system being newly deployed (or heavily modified or due to the content or behavior that leads to normal characterization having been changed. We show that artificially generated packet payloads can be used to effectively augment the training and tuning. We evaluate the method using real network traffic collected at a server site; We illustrate the problem at first (use of highly variable and unsuitable training data resulting in high false positives of 3.6∼10%, then show improvements using the augmented training method (false positives as low as 0.2%. We also measure the impact on network performance, and present a lookup based optimization that can be used to improve latency and throughput.

  1. 3D modeling of a dolerite intrusion from the photogrammetric and geophysical data integration.

    Science.gov (United States)

    Duarte, João; Machadinho, Ana; Figueiredo, Fernando; Mira, Maria

    2015-04-01

    The aims of this study is create a methodology based on the integration of data obtained from various available technologies, which allow a credible and complete evaluation of rock masses. In this particular case of a dolerite intrusion, which deployed an exploration of aggregates and belongs to the Jobasaltos - Extracção e Britagem. S.A.. Dolerite intrusion is situated in the volcanic complex of Serra de Todo-o-Mundo, Casais Gaiola, intruded in Jurassic sandstones. The integration of the surface and subsurface mapping, obtained by technology UAVs (Drone) and geophysical surveys (Electromagnetic Method - TEM 48 FAST), allows the construction of 2D and 3D models of the study local. The combination of the 3D point clouds produced from two distinct processes, modeling of photogrammetric and geophysical data, will be the basis for the construction of a single model of set. The rock masses in an integral perspective being visible their development above the surface and subsurface. The presentation of 2D and 3D models will give a perspective of structures, fracturation, lithology and their spatial correlations contributing to a better local knowledge, as well as its potential for the intended purpose. From these local models it will be possible to characterize and quantify the geological structures. These models will have its importance as a tool to assist in the analysis and drafting of regional models. The qualitative improvement in geological/structural modeling, seeks to reduce the value of characterization/cost ratio, in phase of prospecting, improving the investment/benefit ratio. This methodology helps to assess more accurately the economic viability of the projects.

  2. State-Based Network Intrusion Detection Systems for SCADA Protocols: A Proof of Concept

    Science.gov (United States)

    Carcano, Andrea; Fovino, Igor Nai; Masera, Marcelo; Trombetta, Alberto

    We present a novel Intrusion Detection System able to detect complex attacks to SCADA systems. By complex attack, we mean a set of commands (carried in Modbus packets) that, while licit when considered in isolation on a single-packet basis, interfere with the correct behavior of the system. The proposed IDS detects such attacks thanks to an internal representation of the controlled SCADA system and a corresponding rule language, powerful enough to express the system's critical states. Furthermore, we detail the implementation and provide experimental comparative results.

  3. Instant OSSEC host-based intrusion detection system

    CERN Document Server

    Lhotsky, Brad

    2013-01-01

    Filled with practical, step-by-step instructions and clear explanations for the most important and useful tasks. A fast-paced, practical guide to OSSEC-HIDS that will help you solve host-based security problems.This book is great for anyone concerned about the security of their servers-whether you are a system administrator, programmer, or security analyst, this book will provide you with tips to better utilize OSSEC-HIDS. Whether you're new to OSSEC-HIDS or a seasoned veteran, you'll find something in this book you can apply today!This book assumes some knowledge of basic security concepts an

  4. Cybersecurity managing systems, conducting testing, and investigating intrusions

    CERN Document Server

    Mowbray, Thomas J

    2013-01-01

    A must-have, hands-on guide for working in the cybersecurity profession Cybersecurity involves preventative methods to protect information from attacks. It requires a thorough understanding of potential threats, such as viruses and other malicious code, as well as system vulnerability and security architecture. This essential book addresses cybersecurity strategies that include identity management, risk management, and incident management, and also serves as a detailed guide for anyone looking to enter the security profession. Doubling as the text for a cybersecurity course, it is also a usef

  5. Adaptive ant colony clustering method for intrusion detection%基于自适应蚁群聚类的入侵检测

    Institute of Scientific and Technical Information of China (English)

    杨照峰; 樊爱京; 樊爱宛

    2011-01-01

    For the problem that partial data partition is not accurate enough in clustering results of ant colony clustering algorithm, an improved adaptive chaotic ant colony clustering algorithm based on information entropy is proposed. The algorithm measures the evolutive degree by optimizing the population information entropy,and adjusts the pheromone update strategy adaptively. It uses the chaotic search operator to search better solution near current global optimal solution at the end of each iteration.With progress of the algorithm,search range of the chaotic operator is gradually reduced so that chaotic operator avoids falling into local optimum in the initial period and improves search precision in the later period of ant colony search. This leads to better clustering results.Using the KDD Cup 1999 intrusion detection data, simulation results show that the clustering effect improves significantly,and can effectively improve the detection rate of intrusion detection and reduce the false detection rate.%针对蚁群聚类算法在聚类结果中出现部分数据划分不够准确的问题,提出一种基于信息熵调整的自适应混沌蚁群聚类改进算法.该算法通过优化过程中种群的信息熵来衡量演化的程度,自适应地调整信息素更新策略.每一次迭代结束时,使用混沌搜索算子在当前全局最优解附近搜索更好的解.而随着算法的进行,混沌算子搜索范围逐渐缩小,这样混沌算子在蚁群搜索的初期起到防止陷入局部最优的作用,在蚁群搜索后期起到提高搜索精度的作用,从而得到更好的聚类结果.使用 KDDCup 1999 入侵检测数据集所作的仿真实验结果表明,聚类效果改进明显,并能有效提高入侵检测的检测率、降低误检率.

  6. Adaptive protection algorithm and system

    Science.gov (United States)

    Hedrick, Paul [Pittsburgh, PA; Toms, Helen L [Irwin, PA; Miller, Roger M [Mars, PA

    2009-04-28

    An adaptive protection algorithm and system for protecting electrical distribution systems traces the flow of power through a distribution system, assigns a value (or rank) to each circuit breaker in the system and then determines the appropriate trip set points based on the assigned rank.

  7. Development of Embedded Based System to Monitor Elephant Intrusion in Forest Border Areas Using Internet of Things

    Directory of Open Access Journals (Sweden)

    R. K. Vigneshwar

    2016-07-01

    Full Text Available The new era of computing technology is emerging as it will encompass every aspects of our lives with amazing potentials and it can be termed as Internet of Things (IOT. The IOT generally comprised of smart machines interacting and interactive with other machines, objects, environments and infrastructures. In embedded computing system each thing is uniquely identifiable but it is able to be interoperable within the existing internet infrastructure in IOT. As a result, massive volumes of data are being created, and that data is being processed into useful actions that can “command and control” things to make our living much comfortable and safer—and to ease our impact on the environment. In this paper we have proposed a elephant intrusion monitoring system using IOT. The various drawbacks in already existing system using embedded systems can be overcome as we have cloud based services, low cost and advanced miniaturization in packaging technology. Here we are developing a prototype model for real time interaction of elephant intrusion in forest border areas that allows a persistent monitoring by making use of an On board computer and cloud services.

  8. A survey on anomaly and signature based intrusion detection system (IDS

    Directory of Open Access Journals (Sweden)

    Mrs.Anshu Gangwar

    2014-04-01

    Full Text Available Security is considered as one of the most critical parameter for the acceptance of any networking technology. Information in transit must be protected from unauthorized release and modification, and the connection itself must be established and maintained securely malicious users have taken advantage of this to achieve financial gain or accomplish some corporate or personal agenda. Denial of Service (DoS and distributed DoS (DDoS attacks are evolving continuously. These attacks make network resources unavailable for legitimate users which results in massive loss of data, resources and money. Combination of Intrusion detection System and Firewall is used by Business Organizations to detect and p revent Organizations‟ network from these attacks. Signatures to detect them are not available. This paper presents a light-Weight mechanism to detect novel DoS/DDoS (Resource Consumption attacks and automatic signature generation process to represent them in real time. Experimental results are provided to support the proposed mechanism.

  9. 一种高性能入侵防御系统的设计与实现%Design and Implementation of a High Performance Intrusion Prevention System

    Institute of Scientific and Technical Information of China (English)

    谢大斌; 梁刚

    2013-01-01

      随着高速网络的普及,传统的入侵防御系统在数据包的高速捕获和实时处理方面,已经不能满足性能上的要求.设计并实现了一种高性能入侵防御系统,PF_RING DNA Intrusion Prevention System: PDIPS.PDIPS运行在通用多核平台,采用PF_RING的DNA技术,实现对数据包的线速捕获,同时采用多线程和CPU绑定技术并行地处理数据包,提高了系统的整体性能.试验结果表明,在相同的测试环境下,本系统与传统的入侵防御方案相比,在性能上有较好的提升,可以适应千兆环境的需求.%With the popularization of high-speed network, the traditional intrusion prevention system in high speed packet capture and real-time processing, has already can't meet the requirements of the performance. The paper proposed a kind of high performance intrusion prevention system, PF_RING DNA Intrusion Prevention System: PDIPS. PDIPS run on general multi-core platform, it used the PF_RING DNA technology to realize the packet capture in wire speed, at the same time, multithreading and CPU binding technology is used for parallel packets processing, to improve the overall performance. The test results show that under the same test environ- ment, PDIPS compared to traditional intrusion prevention scheme in performance has preferably improved, can adapt to the needs of the gigabit environment.

  10. The Patuki intrusive suite: closed-system fractionation beneath a slow-spreading ridge

    Science.gov (United States)

    Sivell, W. J.; Waterhouse, J. B.

    A wide range of mafic and ultramafic rock types, together with cogenetic silicic plagiogranites, form a structurally coherent intrusive sequence within the Patuki Volcanics at south D'Urville Island, New Zealand. In addition, gabbroic rocks comprise abundant tectonic inclusions in highly-sheared, concordant serpentinite bands which intrude the Patuki suite. Chemical evidence suggests many of the gabbros, including those in which recrystallization has obliterated original textures, represent magmatic cumulates and indicates extensive closed-system fractionation analogous to that known to occur beneath slow-spreading mid-oceanic ridges. Dyke intrusion occurred throughout the generation of the suite. An early stage of spreading is suggested by the anomalously low thickness of the sequence, the non-sheeted nature of the dyke suite and chemical characteristics of the lavas which comprise the extrusive component of the ophiolite.

  11. Geophysical characterization of hydrothermal systems and intrusive bodies, El Chichón volcano (Mexico)

    Science.gov (United States)

    Jutzeler, Martin; Varley, Nick; Roach, Michael

    2011-04-01

    The 1982 explosive eruptions of El Chichón volcano (Chiapas, Mexico) destroyed the inner dome and created a 1-km-wide and 180-m-deep crater within the somma crater. A shallow hydrothermal system was exposed to the surface of the new crater floor and is characterized by an acid crater lake, a geyser-like Cl-rich spring (soap pool), and numerous fumarole fields. Multiple geophysical surveys were performed to define the internal structure of the volcanic edifice and its hydrothermal system. We carried out a high-resolution ground-based geomagnetic survey in the 1982 crater and its surroundings and 38 very low frequency (VLF) transects around the crater lake. A 3-D inversion of the ground-based magnetic data set highlighted three high-susceptibility isosurfaces, interpreted as highly magnetized bodies beneath the 1982 crater floor. Inversion of a digitized regional aeromagnetic map highlighted four major deeply rooted cryptodomes, corresponding to major topographic highs and massive lava dome outcrops outside and on the somma rim. The intracrater magnetic bodies correspond closely to the active hydrothermal vents and their modeled maximum basal depth matches the elevation of the springs on the flanks of the volcano. Position, dip, and vertical extent of active and extinct hydrothermal vents identified by VLF-EM surveys match the magnetic data set. We interpret the shallow lake spring hydrothermal system to be mostly associated with buried remnants of the 550 BP dome, but the Cl-rich soap pool may be connected to a small intrusion emplaced at shallow depth during the 1982 eruption.

  12. Intrusion Detection System for Mobile Ad - Hoc Network Using Cluster-Based Approach

    Directory of Open Access Journals (Sweden)

    Nisha Dang

    2012-06-01

    Full Text Available Today Mobile Ad-hoc Networks have wide spread use in normal as well as mission critical applications. Mobile ad hoc networks are more likely to be attacked due to lack of infrastructure and no central management. To secure Manets many traditional security solutions like encryption are used but not find to be promising. Intrusion detection system is one of the technologies that provide some goodsecurity solutions. IDS provide monitoring and auditing capabilities to detect any abnormality in security of the system. IDS can be used with clustering algorithms to protect entire cluster from malicious code. Existing clustering algorithms have a drawback of consuming more power and they are associated with routes. The routeestablishment and route renewal affects the clusters and asa consequence, the processing and traffic overhead increases due to instability of clusters. The ad hoc networks are battery and power constraint, and therefore IDS cannot be run on all the nodes. A trusted monitoring node can be deployed to detect and respond against intrusions in time. The proposed simplified clustering scheme has been used to detect intrusions, resulting in high detection rates and low processing and memory overhead irrespective of the routes, connections, traffic types and mobility of nodes inthe network.

  13. Co-operative Wireless Intrusion Detection System Using MIBs From SNMP

    Directory of Open Access Journals (Sweden)

    Ashvini Vyavhare

    2012-03-01

    Full Text Available In emerging technology of Internet, security issues are becoming more challenging. In case of wired LAN it is somewhat in control, but in case of wireless networks due to exponential growth in attacks, it has made difficult to detect such security loopholes. Wireless network security is being addressed using firewalls, encryption techniques and wired IDS (Intrusion Detection System methods. But the approaches which were used in wired network were not successful in producing effective results for wireless networks. It is so because of features of wireless network such as open medium, dynamic changing topology, cooperative algorithms, lack of centralized monitoring and management point, and lack of a clear line of defense etc. So, there is need for new approach which will efficiently detect intrusion in wireless network. Efficiency can be achieved by implementing distributive, co-operative based, multi-agent IDS. The proposed system supports all these three features. It includes mobile agents for intrusion detection which uses SNMP (Simple network Management Protocol and MIB (Management Information Base variables for mobile wireless networks

  14. Confidentiality Protection of User Data and Adaptive Resource Allocation for Managing Multiple Workflow Performance in Service-Based Systems

    Science.gov (United States)

    An, Ho

    2012-01-01

    In this dissertation, two interrelated problems of service-based systems (SBS) are addressed: protecting users' data confidentiality from service providers, and managing performance of multiple workflows in SBS. Current SBSs pose serious limitations to protecting users' data confidentiality. Since users' sensitive data is sent in…

  15. A synthetic study on constaining a 2D density-dependent saltwater intrusion model using electrical imaging data

    DEFF Research Database (Denmark)

    Antonsson, Arni Valur; Nguyen, Frederic; Engesgaard, Peter Knudegaard;

    to calibrate a 2D synthetic seawater intrusion model. A vertical 2D density-dependent flow and transport model was established for a   synthetic coastal aquifer in order to simulate saltwater intrusion. All the relevant hydraulic parameters applied in the model were given realistic values. The result...... of the synthetic model, basically a salinity distribution in the coastal aquifer, was converted to resistivity distribution by assuming a certain petrophysical relation between water salinity and electrical conductivity. The obtained resistivity distribution was then used when electrical data acquisition...

  16. Sm-Nd and Rb-Sr isotopic data on the sanukitoid intrusions of the Karelia, Baltic Shield

    Science.gov (United States)

    Kovalenko, A. V.; Savatenkov, V. M.

    2003-04-01

    Sanukitoid intrusions from the Baltic Shield form post-tectonic differentiated intrusions 2.74-2.72 Ga old (Chekulaev, 1999, Lobach-Zhuchenko et al., 2000). They are represented by alkaline and calc-alkaline types which have high mg# (up to 0.6), strong LREE enrichment (Ce(N)=80-150, Yb(N)=4-7, Ce(N)/Yb(N)>20), high Sr, Ba (>1000 ppm), P2O5 (up to 1.5%) and Cr, Ni concentrations. Some intrusions contain rocks varying from ultramafite to quartz syenite. All sanukitoids are intruded by lamprophyre dykes having similar geochemical signatures. In this study we focus on the Karelian greenstone terrain within the Baltic Shield, in which sanukitoids are restricted to the younger western and central domains (2.7-2.9 Ga). Sanukitoids appear to be absent from the older Vodlozero domain (>3.0 Ga) in eastern Karelia (Lobach-Zhuchenko et al., 2000, Lobach-Zhuchenko et al., in press). About 70 Sm-Nd isotopic data on the sanukitoids of the Karelia were obtained. There is the regional distinction of the isotope composition of the rocks between the Central and West Karelian domains. The initial Epsilon Nd values and TDM range from +1.1 to +2.0 and 2.70-2.85 Ga accordingly in the youngest Central Karelian domain. The West Karelian intrusions yield an initial Epsilon Nd of -0.3- +0.7 and give the older TDM of about 2.82-2.92 Ga. It is to be noted that some intrusions of the Central Karelia domain, occurred closely to the ancient Vodlozero domain, also exhibit a similar range of initial Epsilon Nd and TDM to the intrusions of the West Karelia. There are narrow Nd isotopic compositional ranges within the individual intrusions. Rb-Sr isotopic system was studied in sanukitoids and lamprophyres of differentiated Panozero intrusion, Central Karelia. The initial 87Sr/86Sr isotope ratios range from 0.7000 to 0.7021 in these rocks indicating the derivation of these magmas from depleted mantle. Very low initial 87Sr/86Sr isotope ratios of the sanukitoids confirm the Nd isotopic characteristics

  17. Query Adaptive Image Retrieval System

    Directory of Open Access Journals (Sweden)

    Amruta Dubewar

    2014-03-01

    Full Text Available Images play a crucial role in various fields such as art gallery, medical, journalism and entertainment. Increasing use of image acquisition and data storage technologies have enabled the creation of large database. So, it is necessary to develop appropriate information management system to efficiently manage these collections and needed a system to retrieve required images from these collections. This paper proposed query adaptive image retrieval system (QAIRS to retrieve images similar to the query image specified by user from database. The goal of this system is to support image retrieval based on content properties such as colour and texture, usually encoded into feature vectors. In this system, colour feature extracted by various techniques such as colour moment, colour histogram and autocorrelogram and texture feature extracted by using gabor wavelet. Hashing technique is used to embed high dimensional image features into hamming space, where search can be performed by hamming distance of compact hash codes. Depending upon minimum hamming distance it returns the similar image to query image.

  18. Power-Aware Hybrid Intrusion Detection System (PHIDS) using Cellular Automata in Wireless AdHoc Networks

    OpenAIRE

    Sree, Pokkuluri Kiran; Babu, Inampudi Ramesh

    2013-01-01

    Adhoc wireless network with their changing topology and distributed nature are more prone to intruders. The network monitoring functionality should be in operation as long as the network exists with nil constraints. The efficiency of an Intrusion detection system in the case of an adhoc network is not only determined by its dynamicity in monitoring but also in its flexibility in utilizing the available power in each of its nodes. In this paper we propose a hybrid intrusion detection system, b...

  19. Some intrusions in dietary reports by fourth-grade children are based on specific memories: data from a validation study of the effect of interview modality

    OpenAIRE

    Smith, Albert F.; Baxter, Suzanne Domel; Hardin, James W.; Royer, Julie A.; Guinn, Caroline H

    2008-01-01

    In dietary recall for a specified target period, an intrusion denotes an item reported eaten that was not consumed during that period. Intrusions may denote items available during the specified period, items consumed during other periods, or items from general knowledge of dietary intake. To investigate a cognitive basis of intrusions, we analyzed data from a dietary-reporting validation study in which 69 fourth-grade children were observed eating two school meals (breakfast; lunch) and inter...

  20. Design of Intrusion Detection System Based on Improved K-means Algorithm%基于改进K均值算法的入侵检测系统设计

    Institute of Scientific and Technical Information of China (English)

    刘华春; 候向宁; 杨忠

    2016-01-01

    Traditional intrusion detection system is matched to the rule base and network packet one by one. When the network is the huge increase in the amount of data,detection efficiency significantly reduces,even in the face of enormous challenges not immediately detec-ted. Data mining is a technology finds a variety of valuable information from the mass of data,data mining technology into the intrusion detection system will greatly improve efficiency and intelligence of this IDS. Focus on researching the K -means clustering algorithm in data mining for application to intrusion detection system. The K -means algorithm has some shortcomings,such as to be affected by the in-itial K value and outlier,difficulty of determining K value,highly depending on the initial center point. To overcome these disadvantages, an improved K -means clustering algorithm is proposed. And an intrusion detection system based on this is designed. The results show that the improved clustering algorithm is applied to intrusion detection,it can significantly improve the abnormality detection efficiency,and a-daptively establish the abnormal pattern database of intrusion detection,and effectively prevent the unknown intrusion and greatly reduce the false detection rate.%传统的入侵检测系统是将规则库与网络数据包逐一匹配,进行检测,当网络数据量巨增时,检测效率显著降低,甚至面临不能即时检测的巨大挑战。数据挖掘是从海量的数据中挖掘发现需要的各种有价值信息的技术,入侵检测系统中植入数据挖掘技术,将极大提高入侵检测系统的检测效率和智能性。研究了数据挖掘中 K - means 聚类算法应用于入侵检测领域中的难点问题。 K - means 算法具有易受初始 K 值和孤立点影响,难以确定 K 值,对初始质心依赖程度高等不足问题。针对上述缺点,提出了改进的 K - means 聚类算法。设计了基于改进 K - means 的入侵检测系统并

  1. Application of a Hidden Bayes Naive Multiclass Classifier in Network Intrusion Detection

    Science.gov (United States)

    Koc, Levent

    2013-01-01

    With increasing Internet connectivity and traffic volume, recent intrusion incidents have reemphasized the importance of network intrusion detection systems for combating increasingly sophisticated network attacks. Techniques such as pattern recognition and the data mining of network events are often used by intrusion detection systems to classify…

  2. Adaptive ophthalmologic system

    Science.gov (United States)

    Olivier, Scot S.; Thompson, Charles A.; Bauman, Brian J.; Jones, Steve M.; Gavel, Don T.; Awwal, Abdul A.; Eisenbies, Stephen K.; Haney, Steven J.

    2007-03-27

    A system for improving vision that can diagnose monochromatic aberrations within a subject's eyes, apply the wavefront correction, and then enable the patient to view the results of the correction. The system utilizes a laser for producing a beam of light; a corrector; a wavefront sensor; a testing unit; an optic device for directing the beam of light to the corrector, to the retina, from the retina to the wavefront sensor, and to the testing unit; and a computer operatively connected to the wavefront sensor and the corrector.

  3. A Novel Immune System Model and Its Application to Network Intrusion Detection

    Institute of Scientific and Technical Information of China (English)

    Ling Jun; Cao Yang; Yin Jian-hua; Huang Tian-xi

    2003-01-01

    Based on analyzing the techniques and architec-ture of existing network Intrusion Detection System (IDS),and probing into the fundament of Immune System (IS), a novel immune model is presented and applied to network IDS,which is helpful to design an effective IDS. Besides, this pa-per suggests a scheme to represent the self profile of network.And an automated self profile extraction algorithm is provided to extract self profile from packets. The experimental results prove validity of the scheme and algorithm, which is the foundation of the immune model.

  4. A Novel Immune System Model and Its Application to Network Intrusion Detection

    Institute of Scientific and Technical Information of China (English)

    LingJun; CaoYang; YinJian-hua; HuangTian-xi

    2003-01-01

    Based on analyzing the techniques and architecture of existing network Intrusion Detection System (IDS),and probing into the fundament of Immune System (IS), a novel immune model is presented and applied to network IDS,which is helpful to design an effective IDS. Besides, this paper suggests a scheme to represent the self profile of network.And an automated self profile extraction algorithm is provided to extract self profile from packets. The experimental results prove validity of the scheme and algorithm, which is the foundation of the immune model.

  5. Grey-theory based intrusion detection model

    Institute of Scientific and Technical Information of China (English)

    Qin Boping; Zhou Xianwei; Yang Jun; Song Cunyi

    2006-01-01

    To solve the problem that current intrusion detection model needs large-scale data in formulating the model in real-time use, an intrusion detection system model based on grey theory (GTIDS) is presented. Grey theory has merits of fewer requirements on original data scale, less limitation of the distribution pattern and simpler algorithm in modeling.With these merits GTIDS constructs model according to partial time sequence for rapid detect on intrusive act in secure system. In this detection model rate of false drop and false retrieval are effectively reduced through twice modeling and repeated detect on target data. Furthermore, GTIDS framework and specific process of modeling algorithm are presented. The affectivity of GTIDS is proved through emulated experiments comparing snort and next-generation intrusion detection expert system (NIDES) in SRI international.

  6. A surrogate model for simulation-optimization of aquifer systems subjected to seawater intrusion

    Science.gov (United States)

    Hussain, Mohammed S.; Javadi, Akbar A.; Ahangar-Asr, Alireza; Farmani, Raziyeh

    2015-04-01

    This study presents the application of Evolutionary Polynomial Regression (EPR) as a pattern recognition system to predicate the behavior of nonlinear and computationally complex aquifer systems subjected to seawater intrusion (SWI). The developed EPR models are integrated with a multi objective genetic algorithm to examine the efficiency of different arrangements of hydraulic barriers in controlling SWI. The objective of the optimization is to minimize the economic and environmental costs. The developed EPR model is trained and tested for different control scenarios, on sets of data including different pumping patterns as inputs and the corresponding set of numerically calculated outputs. The results are compared with those obtained by direct linking of the numerical simulation model with the optimization tool. The results of the two above-mentioned simulation-optimization (S/O) strategies are in excellent agreement. Three management scenarios are considered involving simultaneous use of abstraction and recharge to control SWI. Minimization of cost of the management process and the salinity levels in the aquifer are the two objective functions used for evaluating the efficiency of each management scenario. By considering the effects of the unsaturated zone, a subsurface pond is used to collect the water and artificially recharge the aquifer. The distinguished feature of EPR emerges in its application as the metamodel in the S/O process where it significantly reduces the overall computational complexity and time. The results also suggest that the application of other sources of water such as treated waste water (TWW) and/or storm water, coupled with continuous abstraction of brackish water and its desalination and use is the most cost effective method to control SWI. A sensitivity analysis is conducted to investigate the effects of different external sources of recharge water and different recovery ratios of desalination plant on the optimal results.

  7. Adapting bioinformatics curricula for big data.

    Science.gov (United States)

    Greene, Anna C; Giffin, Kristine A; Greene, Casey S; Moore, Jason H

    2016-01-01

    Modern technologies are capable of generating enormous amounts of data that measure complex biological systems. Computational biologists and bioinformatics scientists are increasingly being asked to use these data to reveal key systems-level properties. We review the extent to which curricula are changing in the era of big data. We identify key competencies that scientists dealing with big data are expected to possess across fields, and we use this information to propose courses to meet these growing needs. While bioinformatics programs have traditionally trained students in data-intensive science, we identify areas of particular biological, computational and statistical emphasis important for this era that can be incorporated into existing curricula. For each area, we propose a course structured around these topics, which can be adapted in whole or in parts into existing curricula. In summary, specific challenges associated with big data provide an important opportunity to update existing curricula, but we do not foresee a wholesale redesign of bioinformatics training programs. PMID:25829469

  8. Multi-kernel intrusion detection system based on KPCA and BP neural network%一种基于KPCA和BP神经网络的多核入侵检测分类系统的研究

    Institute of Scientific and Technical Information of China (English)

    刘继清; 徐明

    2011-01-01

    In view of the weakness of current intrusion detection system, a new intrusion detection system model based on the combination of KPCA technology and BP Neural Network is put forward. Against the high dimensions problem of complicated network data, KPCA technology as a method of characteristics extraction is used to decrease the dimensions and simplifie the size of neutral network and reduces the operations work. A large a-mount of experiments with KDD99 dataset have been conducted and the results show that the new system is with higher adaptable ability and higher speed detection rate in nowadays complicated network circumstances than the intrusion detection system only uses BP neural network.%针对当前入侵检测系统的弱点,将KPCA技术和BP神经网络相结合,提出了一种多核入侵检测分类系统的设想.该系统针对一些复杂网络数据维数较高的特点,引入核主成分分析技术对其进行降维处理,从而简化了神经网络规模,降低了神经网络的运算量.通过对KDD99数据集进行仿真实验表明,与仅使用BP神经网络的入侵检测系统相比,该系统具有很强的泛化能力和较高的检测效率.

  9. Dynamic Multi Layer Signature based Intrusion Detection system Using Mobile Agents

    CERN Document Server

    Uddin, Mueen

    2010-01-01

    Intrusion detection systems have become a key component in ensuring the safety of systems and networks. As networks grow in size and speed continues to increase, it is crucial that efficient scalable techniques should be developed for IDS systems. Signature based detection is the most extensively used threat detection technique for Intrusion Detection Systems (IDS). One of the foremost challenges for signaturebased IDS systems is how to keep up with large volume of incoming traffic when each packet needs to be compared with every signature in the database. When an IDS cannot keep up with the traffic flood, all it can do is to drop packets, therefore, may miss potential attacks. This paper proposes a new model called Dynamic Multi-Layer Signature based IDS using Mobile Agents, which can detect imminent threats with very high success rate by dynamically and automatically creating and using small and efficient multiple databases, and at the same time, provide mechanism to update these small signature databases a...

  10. A harmful-intrusion detection method based on background reconstruction and two-dimensional K-S test in an optical fiber pre-warning system

    Science.gov (United States)

    Bi, Fukun; Zheng, Tong; Qu, Hongquan; Pang, Liping

    2016-06-01

    The key technology and main difficulty for optical fiber intrusion pre-warning systems (OFIPS) is the extraction of harmful-intrusion signals. After being processed by a phase-sensitive optical time-domain reflectometer (Φ-OTDR), vibration signals can be preliminarily extracted. Generally, these include noises and intrusions. Here, intrusions can be divided into harmful and harmless intrusions. With respect to the close study of signal characteristics, an effective extraction method of harmful intrusion is proposed in the paper. Firstly, in the part of the background reconstruction, all intrusion signals are first detected by a constant false alarm rate (CFAR). We then reconstruct the backgrounds by extracting two-part information of alarm points, time and amplitude. This ensures that the detection background consists of intrusion signals. Secondly, in the part of the two-dimensional Kolmogorov-Smirnov (K-S) test, in order to extract harmful ones from all extracted intrusions, we design a separation method. It is based on the signal characteristics of harmful intrusion, which are shorter time interval and higher amplitude. In the actual OFIPS, the detection method is used in some typical scenes, which includes a lot of harmless intrusions, for example construction sites and busy roads. Results show that we can effectively extract harmful intrusions.

  11. An Useful Communication Mechanism for Distributed Agents-Based Intrusion Detection System

    Institute of Scientific and Technical Information of China (English)

    DU Ye

    2006-01-01

    The communication mechanism plays an important role in an intrusion detection system, while it has not been paid enough attention. Based on analyzing the actual facts and expatiating upon the requirements a communication mechanism needs to meet, a message driven communication mechanism is proposed in this paper. The protocol presented here is divided into three layers: entity level, host level, and network level. The communication processes are also designed in detail. Experiments illustrate that cooperative entities can detect distributed sophisticated attacks accurately. Furthermore, this mechanism has the advantages like high reliability, low time delay and expenses.

  12. Classification Model with High Deviation for Intrusion Detection on System Call Traces

    Institute of Scientific and Technical Information of China (English)

    2005-01-01

    A new classification model for host intrusion detection based on the unidentified short sequences and RIPPER algorithm is proposed. The concepts of different short sequences on the system call traces are strictly defined on the basis of in-depth analysis of completeness and correctness of pattern databases. Labels of short sequences are predicted by learned RIPPER rule set and the nature of the unidentified short sequences is confirmed by statistical method. Experiment results indicate that the classification model increases clearly the deviation between the attack and the normal traces and improves detection capability against known and unknown attacks.

  13. 入侵防护系统IPS探讨%Research of the Intrusion Prevention System

    Institute of Scientific and Technical Information of China (English)

    黄金莲; 高会生

    2005-01-01

    入侵防护系统IPS(Intrusion Prevention System)作为一门新兴的安全技术,日益受到人们的关注.基于入侵检测系统的不足,本文详细介绍了入侵防护系统的分类和原理,讨论了它的技术特点、检测机制以及目前存在的问题.最后总结了IPS的发展前景.

  14. An Intrusion Alarming System Based on Self- Similarity of Network Traffic

    Institute of Scientific and Technical Information of China (English)

    YU Fei; ZHU Miao-liang; CHEN Yu-feng; LI Ren-fa; XU Cheng

    2005-01-01

    Intrusion detection system can make effective alarm for illegality of network users, which is absolutely necessarily and important to build security environment of communication base service. According to the principle that the number of network traffic can affect the degree of self-similar traffic, the paper investigates the variety of self-similarity resulted from unconventional network traffic. A network traffic model based on normal behaviors of user is proposed and the Hurst parameter of this model can be calculated. By comparing the Hurst parameter of normal traffic and the self-similar parameter, we can judge whether the network is normal or not and alarm in time.

  15. WSN-DS: A Dataset for Intrusion Detection Systems in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Iman Almomani

    2016-01-01

    Full Text Available Wireless Sensor Networks (WSN have become increasingly one of the hottest research areas in computer science due to their wide range of applications including critical military and civilian applications. Such applications have created various security threats, especially in unattended environments. To ensure the security and dependability of WSN services, an Intrusion Detection System (IDS should be in place. This IDS has to be compatible with the characteristics of WSNs and capable of detecting the largest possible number of security threats. In this paper a specialized dataset for WSN is developed to help better detect and classify four types of Denial of Service (DoS attacks: Blackhole, Grayhole, Flooding, and Scheduling attacks. This paper considers the use of LEACH protocol which is one of the most popular hierarchical routing protocols in WSNs. A scheme has been defined to collect data from Network Simulator 2 (NS-2 and then processed to produce 23 features. The collected dataset is called WSN-DS. Artificial Neural Network (ANN has been trained on the dataset to detect and classify different DoS attacks. The results show that WSN-DS improved the ability of IDS to achieve higher classification accuracy rate. WEKA toolbox was used with holdout and 10-Fold Cross Validation methods. The best results were achieved with 10-Fold Cross Validation with one hidden layer. The classification accuracies of attacks were 92.8%, 99.4%, 92.2%, 75.6%, and 99.8% for Blackhole, Flooding, Scheduling, and Grayhole attacks, in addition to the normal case (without attacks, respectively.

  16. A WSN-Based Intrusion Alarm System to Improve Safety in Road Work Zones

    Directory of Open Access Journals (Sweden)

    Jose Martin

    2016-01-01

    Full Text Available Road traffic accidents are one of the main causes of death and disability worldwide. Workers responsible for maintaining and repairing roadways are especially prone to suffer these events, given their exceptional exposure to traffic. Since these actuations usually coexist with regular traffic, an errant driver can easily intrude the work area and provoke a collision. Some authors have proposed mechanisms aimed at detecting breaches in the work zone perimeter and alerting workers, which are collectively called intrusion alarm systems. However, they have several limitations and have not yet fulfilled the necessities of these scenarios. In this paper, we propose a new intrusion alarm system based on a Wireless Sensor Network (WSN. Our system is comprised of two main elements: vehicle detectors that form a virtual barrier and detect perimeter breaches by means of an ultrasonic beam and individual warning devices that transmit alerts to the workers. All these elements have a wireless communication interface and form a network that covers the whole work area. This network is in charge of transmitting and routing the alarms and coordinates the behavior of the system. We have tested our solution under real conditions with satisfactory results.

  17. A Novel Method for Intrusion Detection System to Enhance Security in Ad hoc Network

    CERN Document Server

    Bathla, Himani

    2010-01-01

    The notion of an ad hoc network is a new paradigm that allows mobile hosts (nodes) to communicate without relying on a predefined infrastructure to keep the network connected. Most nodes are assumed to be mobile and communication is assumed to be wireless. The mobility of nodes in an ad-hoc network means that both the population and the topology of the network are highly dynamic. It is very difficult to design a once-for-all intrusion detection system. A secure protocol should atleast include mechanisms against known attack types. In addition, it should provide a scheme to easily add new security features in the future. The paper includes the detailed description of Proposed Intrusion Detection System based on Local Reputation Scheme. The proposed System also includes concept of Redemption and Fading these are mechanism that allow nodes previously considered malicious to become a part of the network again. The simulation of the proposed system is to be done using NS-2 simulator.

  18. Response-Adaptive Allocation for Circular Data.

    Science.gov (United States)

    Biswas, Atanu; Dutta, Somak; Laha, Arnab Kumar; Bakshi, Partho K

    2015-01-01

    Response-adaptive designs are used in phase III clinical trials to allocate a larger proportion of patients to the better treatment. Circular data is a natural outcome in many clinical trial setup, e.g., some measurements in opthalmologic studies, degrees of rotation of hand or waist, etc. There is no available work on response-adaptive designs for circular data. With reference to a dataset on cataract surgery we provide some response-adaptive designs where the responses are of circular nature and propose some test statistics for treatment comparison under adaptive data allocation procedure. Detailed simulation study and the analysis of the dataset, including redesigning the cataract surgery data, are carried out.

  19. Services-oriented architecture for adaptive and intelligent data acquisition and processing systems in long pulse fusion experiments

    International Nuclear Information System (INIS)

    Advanced software tools for implementing nodes in distributed data acquisition systems (DDAQ) are essential for implementing long duration experiments. Nodes need local processing capabilities for implementing 'on line' and 'real time' analysis. Data reduction techniques and pattern recognitions solutions can be implemented in ITMS (Intelligent Test and Measurement System). User's processing algorithms are implemented in a high level graphical language (LabVIEW). DAQ must be integrated in complex network using SOA solutions. JINI provides this mechanism and simplifies use, setup, supervision and software update. Advanced timing and synchronization are essential tools in the next generation of advanced DAQs and SCXML is a 'powerful' tool for implementing Intelligent DAQ systems for long pulse fusion experiments

  20. An intrusion detection system for the protection of railway assets using Fiber Bragg Grating sensors.

    Science.gov (United States)

    Catalano, Angelo; Bruno, Francesco Antonio; Pisco, Marco; Cutolo, Antonello; Cusano, Andrea

    2014-01-01

    We demonstrate the ability of Fiber Bragg Gratings (FBGs) sensors to protect large areas from unauthorized activities in railway scenarios such as stations or tunnels. We report on the technological strategy adopted to protect a specific depot, representative of a common scenario for security applications in the railway environment. One of the concerns in the protection of a railway area centers on the presence of rail-tracks, which cannot be obstructed with physical barriers. We propose an integrated optical fiber system composed of FBG strain sensors that can detect human intrusion for protection of the perimeter combined with FBG accelerometer sensors for protection of rail-track access. Several trials were carried out in indoor and outdoor environments. The results demonstrate that FBG strain sensors bonded under a ribbed rubber mat enable the detection of intruder break-in via the pressure induced on the mat, whereas the FBG accelerometers installed under the rails enable the detection of intruders walking close to the railroad tracks via the acoustic surface waves generated by footsteps. Based on a single enabling technology, this integrated system represents a valuable intrusion detection system for railway security and could be integrated with other sensing functionalities in the railway field using fiber optic technology. PMID:25268920

  1. An Intrusion Detection System for the Protection of Railway Assets Using Fiber Bragg Grating Sensors

    Directory of Open Access Journals (Sweden)

    Angelo Catalano

    2014-09-01

    Full Text Available We demonstrate the ability of Fiber Bragg Gratings (FBGs sensors to protect large areas from unauthorized activities in railway scenarios such as stations or tunnels. We report on the technological strategy adopted to protect a specific depot, representative of a common scenario for security applications in the railway environment. One of the concerns in the protection of a railway area centers on the presence of rail-tracks, which cannot be obstructed with physical barriers. We propose an integrated optical fiber system composed of FBG strain sensors that can detect human intrusion for protection of the perimeter combined with FBG accelerometer sensors for protection of rail-track access. Several trials were carried out in indoor and outdoor environments. The results demonstrate that FBG strain sensors bonded under a ribbed rubber mat enable the detection of intruder break-in via the pressure induced on the mat, whereas the FBG accelerometers installed under the rails enable the detection of intruders walking close to the railroad tracks via the acoustic surface waves generated by footsteps. Based on a single enabling technology, this integrated system represents a valuable intrusion detection system for railway security and could be integrated with other sensing functionalities in the railway field using fiber optic technology.

  2. Design of no blind area perimeter intrusion recognition system based on fisheye lens

    Science.gov (United States)

    Dai, Jun-jian; Han, Wen-bo

    2013-08-01

    The Perimeter intrusion recognition technology has slowly become an indispensable function in the intelligent video surveillance system. The existed always use the multiple video acquisition nodes to respectively control a monitoring area and each node alarm independently. However, the existed solutions are difficult to avoid the existence of monitoring blind area, and can't suitable for the perimeter environment with irregular outline, and at the same time, because of the too many nodes, it inevitably decreased the overall accuracy of intrusion recognition system and increased the cost of system. To avoid the above defects, this paper mainly talks about the following three aspects. Firstly, we used the fisheye lens as the optical system of video acquisition node, and it evidently enhances each node's information acquisition ability. And in this way, we just need to decorate a small amount of video acquisition node to get no blind area environmental information of the perimeter when against a larger monitoring situation. Secondly, due to the inexistence of blind area, the system will have enough video image information to generate the 360 degree panoramic image for monitoring environment, and finally the system server collected the wide-angle image information to splice into the panoramic video image. Finally, the system will use the panoramic image to complete the intrusion behavior recognition, thus we can effectively avoid the parallel computation in many nodes independently invasion of recognition, and this can greatly reduces the dependence for the multiple CPU operation platform and enhances the reliability of the system. The field test results show that, with the help of this paper's solution, the perimeter of the invasion of recognition system can effectively avoids the recognition of blind area. In the same recognition algorithm and same level delay premise, it greatly reduces the monitoring system server configuration requirements, especially for the

  3. Non-intrusive appliance load monitoring system based on a modern kWh-meter

    Energy Technology Data Exchange (ETDEWEB)

    Pihala, H. [VTT Energy, Espoo (Finland). Energy Systems

    1998-12-01

    Non-intrusive appliance load monitoring (NIALM) is a fairly new method to estimate load profiles of individual electric appliances in a small building, like a household, by monitoring the whole load at a single point with one recording device without sub-meters. Appliances have special electrical characteristics, the positive and negative active and reactive power changes during the time they are switched on or off. These changes are called events and are detected with a monitoring device called an event recorder. Different NIALM-concepts developed in Europe and in the United States are generally discussed. The NIALM-concept developed in this study is based on a 3-phase, power quality monitoring kWh-meter and unique load identification algorithms. This modern kWh-meter with a serial data bus to a laptop personal computer is used as die event recorder. The NIALM-concept of this presentation shows for the first time how a kWh-meter can be used at the same time for billing, power quality and appliance end-use monitoring. An essential part of the developed NIALM-system prototype is the software of load identification algorithms which runs in an off-line personal computer. These algorithms are able to identify, with a certain accuracy, both two-state and multi-state appliances. This prototype requires manual-setup in which the naming of appliances is performed. The results of the prototype NIALMS were verified in a large, single family detached house and they were compared to the results of other prototypes in France and the United States, although this comparison is difficult because of different supply systems, appliance stock and number of tested sites. Different applications of NIALM are discussed. Gathering of load research data, verification of DSM-programs, home automation, failure analysis of appliances and security surveillance of buildings are interesting areas of NIALM. Both utilities and customers can benefit from these applications. It is possible to

  4. COMPUTER INTRUSION DETECTION BY TWOOBJECTIVE FUZZY GENETIC ALGORITHM

    OpenAIRE

    Madhuri Agravat; Udai Pratap Rao

    2011-01-01

    The purpose of this paper is to describe two objective fuzzy genetics-based learning algorithms and discusses its usage to detect intrusion in a computer network. Experiments were performed with KDD-cup data set, which have information on computer networks, during normal behavior and intrusive behavior. The performance of final fuzzy classification system has been investigated using intrusion detection problem as a high dimensional classification problem. This task is formulate...

  5. Calibration of seawater intrusion models: Inverse parameter estimation using surface electrical resistivity tomography and borehole data

    Science.gov (United States)

    Beaujean, J.; Nguyen, F.; Kemna, A.; Antonsson, A.; Engesgaard, P.

    2014-08-01

    Electrical resistivity tomography (ERT) can be used to constrain seawater intrusion models because of its high sensitivity to total dissolved solid contents (TDS) in groundwater and its relatively high lateral coverage. However, the spatial variability of resolution in electrical imaging may prevent the correct recovery of the desired hydrochemical properties such as salt mass fraction. This paper presents a sequential approach to evaluate the feasibility of identifying hydraulic conductivity and dispersivity in density-dependent flow and transport models from surface ERT-derived mass fraction. In the course of this study, geophysical inversion was performed by using a smoothness constraint Tikhonov approach, whereas the hydrological inversion was performed using a gradient-based Levenberg-Marquardt algorithm. Two synthetic benchmarks were tested. They represent a pumping experiment in a homogeneous and heterogeneous coastal aquifer, respectively. These simulations demonstrated that only the lower salt mass fraction of the seawater-freshwater transition zone can be recovered for different times. This ability has here been quantified in terms of cumulative sensitivity and our study has further demonstrated that the mismatch between the targeted and the recovered salt mass fraction occurs from a certain threshold. We were additionally able to explore the capability of sensitivity-filtered ERT images using ground surface data only to recover (in both synthetic cases) the hydraulic conductivity while the dispersivity is more difficult to estimate. We attribute the latter mainly to the lack of ERT-derived data at depth (where resolution is poorer) as well as to the smoothing effect of the ERT inversion.

  6. A Survey of Recent Intrusion Detection Systems for Wireless Sensor Network

    CERN Document Server

    Bhattasali, Tapalina

    2012-01-01

    Security of Wireless sensor network (WSN) becomes a very important issue with the rapid development of WSN that is vulnerable to a wide range of attacks due to deployment in the hostile environment and having limited resources. Intrusion detection system is one of the major and efficient defensive methods against attacks in WSN. A particularly devastating attack is the sleep deprivation attack, where a malicious node forces legitimate nodes to waste their energy by resisting the sensor nodes from going into low power sleep mode. The goal of this attack is to maximize the power consumption of the target node, thereby decreasing its battery life. Existing works on sleep deprivation attack have mainly focused on mitigation using MAC based protocols, such as S-MAC, T-MAC, B-MAC, etc. In this article, a brief review of some of the recent intrusion detection systems in wireless sensor network environment is presented. Finally, we propose a framework of cluster based layered countermeasure that can efficiently mitig...

  7. Web Prior Architecture to Avoid Threats and Enhance Intrusion Response System

    Directory of Open Access Journals (Sweden)

    K.S. Ravichandran

    2012-09-01

    Full Text Available Web is hierarchically composed of entities such as domains, Web sites and documents distributed over Web sites and linked together by hyperlinks. The response component of the intrusion detection system issues the response to the jarring requests. In this paper, the intension is to allow the legitimate user to access the target website and perform the selective operations on the database to avoid threats and protect the database from unauthorized users. The designed Web Prior Architecture (WPA permits the legal client to obtain the privilege license by clicking on an authority link provided by the referrer. Using this license, the client can get the liberty to perform the operations on the target website. In that website, database can be accessed by the client with the selective permissions. These can be performed by the two methods, namely strategy toning and strategy management. By this way, the database is accessed in a highly securable manner. The massive scale of this study specifies the method to avoid the threats from the unauthorized users and augment the intrusion response system. This will protect the target website and its database from the unconstitutional users. Our pragmatic study demonstrates that Web Prior Architecture enables the legitimate user to connect to the target website and perform selective database operations.

  8. A Semi-distributed Reputation Based Intrusion Detection System for Mobile Adhoc Networks

    CERN Document Server

    Trivedi, Animesh Kr; Kapoor, Rishi; Sanyal, Sudip; Sanyal, Sugata

    2010-01-01

    A Mobile Adhoc Network (MANET) is a cooperative engagement of a collection of mobile nodes without any centralized access point or infrastructure to coordinate among the peers. The underlying concept of coordination among nodes in a cooperative MANET has induced in them a vulnerability to attacks due to issues like lack of fixed infrastructure, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point, and lack of a clear line of defense. We propose a semi-distributed approach towards Reputation Based Intrusion Detection System (IDS) that combines with the DSR routing protocol for strengthening the defense of a MANET. Our system inherits the features of reputation from human behavior, hence making the IDS socially inspired. It has a semi-distributed architecture as the critical observation results of the system are neither spread globally nor restricted locally. The system assigns maximum weightage to self observation by nodes for updating any reputatio...

  9. Sensitivity analysis on chaotic dynamical system by Non-Intrusive Least Square Shadowing (NILSS)

    CERN Document Server

    Ni, Angxiu

    2016-01-01

    This paper develops the tangent Non-Intrusive Least Square Shadowing (NILSS) method, which computes sensitivity for chaotic dynamical systems. In NILSS, a tangent solution is represented as a linear combination of a inhomogeneous tangent solution and some homogeneous tangent solutions. Then we solve a least square problem under this new representation. As a result, this new variant is easier to implement with existing solvers. For chaotic systems with large degrees of freedom but low dimensional attractors, NILSS has low computation cost. NILSS is applied to two chaotic PDE systems: the Lorenz 63 system, and a CFD simulation of a backward-facing step. The results show that NILSS computes the correct derivative with a lower cost than the conventional Least Square Shadowing method and the conventional finite difference method.

  10. Adaptive, dynamic, and resilient systems

    CERN Document Server

    Suri, Niranjan

    2015-01-01

    As the complexity of today's networked computer systems grows, they become increasingly difficult to understand, predict, and control. Addressing these challenges requires new approaches to building these systems. Adaptive, Dynamic, and Resilient Systems supplies readers with various perspectives of the critical infrastructure that systems of networked computers rely on. It introduces the key issues, describes their interrelationships, and presents new research in support of these areas.The book presents the insights of a different group of international experts in each chapter. Reporting on r

  11. 基于轻负载代理的协同分布式入侵检测系统%Lightweight Agent for Collaborative Distribution Intrusion Detection System

    Institute of Scientific and Technical Information of China (English)

    张琨; 刘凤玉

    2003-01-01

    The LAFCDIDS (Lightweight Agent for Collaborative Distnbution Intrusion Detection System) presented in this paper is a distributed intrusion detection system with the ability of collaborative detection in real time. The hierarchy architecture of agents and the ability of collaborative detection in real time are evident characteristics of the LAFCDIDS. Lightweight agent and agent sensitivity are LAFCDIDS's new concepts, which can reduce the overload of protected system, shorten the period of intrusion detection, and are suitable for monitoring the distributed collaborating attacks.

  12. An Ontology for Identifying Cyber Intrusion Induced Faults in Process Control Systems

    Science.gov (United States)

    Hieb, Jeffrey; Graham, James; Guan, Jian

    This paper presents an ontological framework that permits formal representations of process control systems, including elements of the process being controlled and the control system itself. A fault diagnosis algorithm based on the ontological model is also presented. The algorithm can identify traditional process elements as well as control system elements (e.g., IP network and SCADA protocol) as fault sources. When these elements are identified as a likely fault source, the possibility exists that the process fault is induced by a cyber intrusion. A laboratory-scale distillation column is used to illustrate the model and the algorithm. Coupled with a well-defined statistical process model, this fault diagnosis approach provides cyber security enhanced fault diagnosis information to plant operators and can help identify that a cyber attack is underway before a major process failure is experienced.

  13. Cyber-intrusion Auto-response and Policy Management System (CAPMS)

    Energy Technology Data Exchange (ETDEWEB)

    Energy, Duke; Sat, Via; Edison, Southern California

    2015-09-30

    The Cyber-intrusion Auto-response and Policy Management System (CAPMS) project was funded by a grant from the US Department of Energy (DOE) Cybersecurity for Energy Delivery Systems (CEDS) program with contributions from two partner electric utilities: Southern California Edison (SCE) and Duke Energy. The goal of the project was to demonstrate protecting smart grid assets from a cyber attack in a way that “does not impede critical energy delivery functions.” This report summarizes project goals and activities for the CAPMS project and explores what did and did not work as expected. It concludes with an assessment of possible benefits and value of the system for the future.

  14. Cyber-intrusion Auto-response and Policy Management System (CAPMS)

    Energy Technology Data Exchange (ETDEWEB)

    Lusk, Steve [ViaSat Inc., Boston, MA (United States); Lawrence, David [Duke Energy, Charlotte, NC (United States); Suvana, Prakash [Southern California Edison, Rosemead, CA (United States)

    2015-11-11

    The Cyber-intrusion Auto-response and Policy Management System (CAPMS) project was funded by a grant from the US Department of Energy (DOE) Cybersecurity for Energy Delivery Systems (CEDS) program with contributions from two partner electric utilities: Southern California Edison (SCE) and Duke Energy. The goal of the project was to demonstrate protecting smart grid assets from a cyber attack in a way that “does not impede critical energy delivery functions.” This report summarizes project goals and activities for the CAPMS project and explores what did and did not work as expected. It concludes with an assessment of possible benefits and value of the system for the future.

  15. Mobile Agent Based Hierarchical Intrusion Detection System in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Surraya Khanum

    2012-01-01

    Full Text Available Security mechanism is a fundamental requirement of wireless networks in general and Wireless Sensor Networks (WSN in particular. Therefore, it is necessary that this security concern must be articulate right from the beginning of the network design and deployment. WSN needs strong security mechanism as it is usually deployed in a critical, hostile and sensitive environment where human labour is usually not involved. However, due to inbuilt resource and computing restriction, security in WSN needs a special consideration. Traditional security techniques such as encryption, VPN, authentication and firewalls cannot be directly applied to WSN as it provides defence only against external threats. The existing literature shows that there seems an inverse relationship between strong security mechanism and efficient network resource utilization. In this research article, we have proposed a Mobile Agent Based Hierarchical Intrusion Detection System (MABHIDS for WSN. The Proposed scheme performs two levels of intrusion detection by utilizing minimum possible network resources. Our proposed idea enhance network lifetime by reducing the work load on Cluster Head (CH and it also provide enhanced level of security in WSN.

  16. Monitoring and Assessment of Saltwater Intrusion using Geographic Information Systems (GIS), Remote Sensing and Geophysical measurements of Guimaras Island, Philippines

    Science.gov (United States)

    Hernandez, B. C. B.

    2015-12-01

    Degrading groundwater quality due to saltwater intrusion is one of the key challenges affecting many island aquifers. These islands hold limited capacity for groundwater storage and highly dependent on recharge due to precipitation. But its ease of use, natural storage and accessibility make it more vulnerable to exploitation and more susceptible to encroachment from its surrounding oceanic waters. Estimating the extent of saltwater intrusion and the state of groundwater resources are important in predicting and managing water supply options for the community. In Guimaras island, central Philippines, increasing settlements, agriculture and tourism are causing stresses on its groundwater resource. Indications of saltwater intrusion have already been found at various coastal areas in the island. A Geographic Information Systems (GIS)-based approach using the GALDIT index was carried out. This includes six parameters assessing the seawater intrusion vulnerability of each hydrogeologic setting: Groundwater occurrence, Aquifer hydraulic conductivity, Groundwater Level above sea, Distance to shore, Impact of existing intrusion and Thickness of Aquifer. To further determine the extent of intrusion, Landsat images of various thematic layers were stacked and processed for unsupervised classification and electrical resistivity tomography using a 28-electrode system with array lengths of 150 and 300 meters was conducted. The GIS index showed where the vulnerable areas are located, while the geophysical measurements and images revealed extent of seawater encroachment along the monitoring wells. These results are further confirmed by the measurements collected from the monitoring wells. This study presents baseline information on the state of groundwater resources and increase understanding of saltwater intrusion dynamics in island ecosystems by providing a guideline for better water resource management in the Philippines.

  17. A Survey to Scalable Distributed Intrusion Detection Methods%规模分布式网络入侵检测方法研究

    Institute of Scientific and Technical Information of China (English)

    闫映松; 王志坚; 周晓峰

    2003-01-01

    With the rapid development of Internet,network security becomes more serious problem. Traditional technology can not meet the demand of scalable distributed network security ,and distributed intrusion detection architecture can solve the problems. However ,present intrusion detection systems still have many problems such as accuracy,reliability and adaptability. This paper discusses the present situation of intrusion detection and analyzes the problems that distributed intrusion detection exists and propose some technology and researches in point.

  18. Fractal analysis of SEM images and mercury intrusion porosimetry data for the microstructural characterization of microcrystalline cellulose-based pellets

    Energy Technology Data Exchange (ETDEWEB)

    Gomez-Carracedo, A.; Alvarez-Lorenzo, C.; Coca, R.; Martinez-Pacheco, R.; Concheiro, A. [Departamento de Farmacia y Tecnologia Farmaceutica, Universidad de Santiago de Compostela, Santiago de Compostela 15782 (Spain); Gomez-Amoza, J.L. [Departamento de Farmacia y Tecnologia Farmaceutica, Universidad de Santiago de Compostela, Santiago de Compostela 15782 (Spain)], E-mail: joseluis.gomez.amoza@usc.es

    2009-01-15

    The microstructure of theophylline pellets prepared from microcrystalline cellulose, carbopol and dicalcium phosphate dihydrate, according to a mixture design, was characterized using textural analysis of gray-level scanning electron microscopy (SEM) images and thermodynamic analysis of the cumulative pore volume distribution obtained by mercury intrusion porosimetry. Surface roughness evaluated in terms of gray-level non-uniformity and fractal dimension of pellet surface depended on agglomeration phenomena during extrusion/spheronization. Pores at the surface, mainly 1-15 {mu}m in diameter, determined both the mechanism and the rate of theophylline release, and a strong negative correlation between the fractal geometry and the b parameter of the Weibull function was found for pellets containing >60% carbopol. Theophylline mean dissolution time from these pellets was about two to four times greater. Textural analysis of SEM micrographs and fractal analysis of mercury intrusion data are complementary techniques that enable complete characterization of multiparticulate drug dosage forms.

  19. Non-intrusive gesture recognition system combining with face detection based on Hidden Markov Model

    Science.gov (United States)

    Jin, Jing; Wang, Yuanqing; Xu, Liujing; Cao, Liqun; Han, Lei; Zhou, Biye; Li, Minggao

    2014-11-01

    A non-intrusive gesture recognition human-machine interaction system is proposed in this paper. In order to solve the hand positioning problem which is a difficulty in current algorithms, face detection is used for the pre-processing to narrow the search area and find user's hand quickly and accurately. Hidden Markov Model (HMM) is used for gesture recognition. A certain number of basic gesture units are trained as HMM models. At the same time, an improved 8-direction feature vector is proposed and used to quantify characteristics in order to improve the detection accuracy. The proposed system can be applied in interaction equipments without special training for users, such as household interactive television

  20. Web interactive non intrusive load disaggregation system for active demand in smart grids

    Directory of Open Access Journals (Sweden)

    G.M. Tina

    2014-12-01

    Full Text Available A Smart Grid combines the use of traditional technology with innovative digital solutions, making the management of the electricity grid more flexible. It allows for monitoring, analysis, control and communication within the supply chain to improve efficiency, reduce the energy consumption and cost, and maximize the transparency and reliability of the energy supply chain. The optimization of energy consumption in Smart Grids is possible by using an innovative system based on Non Intrusive Appliance Load Monitoring (NIALM algorithms, in which individual appliance power consumption information is disaggregated from single-point measurements, that provide a feedback in such a way to make energy more visible and more amenable to understanding and control. We contribute with an approach for monitoring consumption of electric power in households based on both a NILM algorithm, that uses a simple load signatures, and a web interactive systems that allows an active role played by users.

  1. Enhanced Intrusion Detection System for Input Validation Attacks in Web Application

    Directory of Open Access Journals (Sweden)

    Puspendra Kumar

    2013-01-01

    Full Text Available Internet continues to expand exponentially and access to the Internet become more prevalent in our daily life but at the same time web application are becoming most attractive targets for hacker and cyber criminals. This paper presents an enhanced intrusion detection system approach for detecting input validation attacks in the web application. The existing IDS for Input validation attacks are language dependent. The proposed IDS is language independent i.e. it works for any web application developed with the aid of java, php, dot net etc. In addition the proposed system detects directory traversal attacks, command injection attacks, cross site scripting attacks and SQL injection attacks, those were not detected in the existing IDS. This is an automatic technique for detection vulnerabilities over the internet. Our technique is based on the web application parameter which is in form of POST and GET which has generalized structure and values. This technique reduces analysis time of input validation attacks.

  2. A New System for Clustering and Classification of Intrusion Detection System Alerts Using Self-Organizing Maps

    Directory of Open Access Journals (Sweden)

    Amir Azimi Alasti Ahrabi, Ahmad Habibizad Navin, Hadi Bahrbegi, Mir Kamal Mirnia, Mehdi Bahrbegi, Elnaz Safarzadeh & Ali Ebrahimi

    2011-08-01

    Full Text Available Intrusion Detection Systems (IDS allow to protect systems used byorganizations against threats that emerges network connectivity by increasing.The main drawbacks of IDS are the number of alerts generated and failing. Byusing Self-Organizing Map (SOM, a system is proposed to be able to classifyIDS alerts and to reduce false positives alerts. Also some alert filtering andcluster merging algorithm are introduce to improve the accuracy of the proposedsystem. By the experimental results on DARPA KDD cup 98 the system is able tocluster and classify alerts and causes reducing false positive alerts considerably.

  3. 基于网络的入侵防御系统%Network-based intrusion prevention system

    Institute of Scientific and Technical Information of China (English)

    张立秋; 常会友; 刘翔

    2005-01-01

    基于网络的入侵检测系统(Network-Based Intrusion Detection System,IDS)存在着策略维护困难、防止攻击能力差、攻击响应不及时等局限性.网络入侵防御系统(Intrusion Prevention System,IPS)采用串联工作方式,能有效地防御网络攻击,抑制网络蠕虫病毒的传播,最终对关键网段的保护起重要作用.

  4. Towards a Cellular Automata Based Network Intrusion Detection System with Power Level Metric in Wireless Adhoc Networks (IDFADNWCA)

    OpenAIRE

    Sree, Pokkuluri Kiran; Babu, Inampudi Ramesh

    2014-01-01

    Adhoc wireless network with their changing topology and distributed nature are more prone to intruders. The efficiency of an Intrusion detection system in the case of an adhoc network is not only determined by its dynamicity in monitoring but also in its flexibility in utilizing the available power in each of its nodes. In this paper we propose a hybrid intrusion detection system, based on a power level metric for potential adhoc hosts, which is used to determine the duration for which a part...

  5. A Real Time Intrusion Aggregation And Prevention Technique

    Directory of Open Access Journals (Sweden)

    Fouzia Sultana

    2013-03-01

    Full Text Available Alert aggregation is an important subtask of intrusion detection. The goal is to identify and to cluster different alerts produced by low-level intrusion detection systems, firewalls, etc. belonging to a specific attack instance which has been initiated by an attacker at a certain point in time. Thus, meta-alerts can be generated for the clusters that contain all the relevant information whereas the amount of data (i.e., alerts can be reduced substantially. Meta-alerts may then be the basis for reporting to security experts or for communication within a distributed intrusion detection system. We propose a novel technique for online alert aggregation which is based on a dynamic, probabilistic model of the current attack situation. Basically, it can be regarded as a data stream version of a maximum likelihood approach for the estimation of the model parameters. With three benchmark data sets, we demonstrate that it is possible to achieve reduction rates of up to 99.96 percent while the number of missing meta-alerts is extremely low. In addition, meta-alerts are generated with a delay of typically only a few seconds after observing the first alert belonging to a new attack instance. Two types of intrusions are detected in this work: Firstly a spam attack is detected based on the blacklisted IP addresses from Stop Forum Spam and secondly packet level intrusion is detected based on KDDcup data. A packet sniffer is designed which keeps sniffing and extracting all the packets that are exchanged over internet interface. The packets are filtered and the headers are extracted. The headers are further subdivided into TCP, IP and UDP headers. ICMP packets are then separated. The data is matched with the database intrusion entries using fast string matching techniques and possible attack entries are marked with different color codes. An attack signature may be visible in any header of the same packet. In such cases, the alerts are aggregated and a single

  6. Secured UAV based on multi-agent systems and embedded Intrusion Detection and Prevention Systems

    OpenAIRE

    K.Boukhdir; F.Marzouk; H.MEDROMI; S.Tallal; S.Benhadou

    2015-01-01

    Unmanned aerial vehicles, or drones, are a relatively recent area of research and in full effervescence with more and more amateur and academic projects. Initially associated to the military, these vehicles are way to be used in many other areas. In effect, demand is growing for various applications within of this type of technology. Inspection of buildings, search and rescue of missing or in distress people are some examples. This research paper highlights a lightweight intrusion detectio...

  7. Cascading of C4.5 Decision Tree and Support Vector Machine for Rule Based Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Jashan Koshal

    2012-08-01

    Full Text Available Main reason for the attack being introduced to the system is because of popularity of the internet. Information security has now become a vital subject. Hence, there is an immediate need to recognize and detect the attacks. Intrusion Detection is defined as a method of diagnosing the attack and the sign of malicious activity in a computer network by evaluating the system continuously. The software that performs such task can be defined as Intrusion Detection Systems (IDS. System developed with the individual algorithms like classification, neural networks, clustering etc. gives good detection rate and less false alarm rate. Recent studies show that the cascading of multiple algorithm yields much better performance than the system developed with the single algorithm. Intrusion detection systems that uses single algorithm, the accuracy and detection rate were not up to mark. Rise in the false alarm rate was also encountered. Cascading of algorithm is performed to solve this problem. This paper represents two hybrid algorithms for developing the intrusion detection system. C4.5 decision tree and Support Vector Machine (SVM are combined to maximize the accuracy, which is the advantage of C4.5 and diminish the wrong alarm rate which is the advantage of SVM. Results show the increase in the accuracy and detection rate and less false alarm rate.

  8. Geophysical detection of marine intrusions in Black Sea coastal areas (Romania) using VES and ERT data

    OpenAIRE

    CHITEA, Florina; Georgescu, Paul; IOANE, Dumitru

    2011-01-01

    Abstract. Communities living in coastal areas depend in a great extent on the fresh water resources exploited from aquifers which are usually in a natural hydrodynamic equilibrium with the sea water. The contamination of fresh water with marine saltwater determines a significant increase in the aquifers electric conductivity, allowing an efficient application of resistivity methods in detecting and monitoring the marine intrusions. We present case studies from Romania (Costinesti and Vama Vec...

  9. Processing and Linguistics Properties of Adaptable Systems

    Directory of Open Access Journals (Sweden)

    Dumitru TODOROI

    2006-01-01

    Full Text Available Continuation and development of the research in Adaptable Programming Initialization [Tod-05.1,2,3] is presented. As continuation of [Tod-05.2,3] in this paper metalinguistic tools used in the process of introduction of new constructions (data, operations, instructions and controls are developed. The generalization schemes of evaluation of adaptable languages and systems are discussed. These results analogically with [Tod-05.2,3] are obtained by the team, composed from the researchers D. Todoroi [Tod-05.4], Z. Todoroi [ZTod-05], and D. Micusa [Mic-03]. Presented results will be included in the book [Tod-06].

  10. BLACK HOLE ATTACK IN AODV & FRIEND FEATURES UNIQUE EXTRACTION TO DESIGN DETECTION ENGINE FOR INTRUSION DETECTION SYSTEM IN MOBILE ADHOC NETWORK

    Directory of Open Access Journals (Sweden)

    HUSAIN SHAHNAWAZ

    2012-10-01

    Full Text Available Ad-hoc network is a collection of nodes that are capable to form dynamically a temporary network without the support of any centralized fixed infrastructure. Since there is no central controller to determine the reliable & secure communication paths in Mobile Adhoc Network, each node in the ad hoc network has to rely on each other in order to forward packets, thus highly cooperative nodes are required to ensure that the initiated data transmission process does not fail. In a mobile ad hoc network (MANET where security is a crucial issue and they are forced to rely on the neighbor node, trust plays an important role that could improve the number of successful data transmission. Larger the number of trusted nodes, higher successful data communication process rates could be expected. In this paper, Black Hole attack is applied in the network, statistics are collected to design intrusion detection engine for MANET Intrusion Detection System (IDS. Feature extraction and rule inductions are applied to find out the accuracy of detection engine by using support vector machine. In this paper True Positive generated by the detection engine is very high and this is a novel approach in the area of Mobile Adhoc Intrusion detection system.

  11. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

    Directory of Open Access Journals (Sweden)

    Min-Joo Kang

    Full Text Available A novel intrusion detection system (IDS using a deep neural network (DNN is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN, therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN bus.

  12. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

    Science.gov (United States)

    Kang, Min-Joo; Kang, Je-Won

    2016-01-01

    A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus. PMID:27271802

  13. 入侵防御系统研究%Research on Intrusion Prevention System

    Institute of Scientific and Technical Information of China (English)

    黎利辉

    2008-01-01

    为了澄清人们对入侵防御系统(Intrusion Prevention System,IPS)的认识,该文在分析了传统防火墙和入侵检测系统(JDS)不足的基础上,介绍了入侵防御系统的产生原因,比较了入侵检测系统和入侵防御系统,详细分析了入侵防御系统的工作原理.根据当前安全行业及相关行业的现状和发展趋势,重点预测了入侵防御系统未来的发展趋势.

  14. An Active Host-Based Intrusion Detection System for ARP-Related Attacks and its Verification

    Directory of Open Access Journals (Sweden)

    Ferdous A Barbhuiya

    2011-05-01

    Full Text Available Most of the LAN based-attacks involve the spoofing of the victim host with falsified IP-MAC pairs. MAC Spoofing is possible because of the state-less nature of the Address Resolution Protocol (ARP, which is responsible for resolving IP Addresses to MAC Addresses. Several mechanisms have been pro-posed to detect and mitigate ARP spoofing attempts both at the network level and at the host level, but each ofthem have their own drawback. In this paper we propose a Host-based Intrusion Detection system for LAN attacks which work without any extra constraint like static IP-MAC, modifying ARP etc. The scheme is successfully validated in a test bed with various attack scenarios and the results show the effectiveness of the proposed technique.

  15. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

    Science.gov (United States)

    Kang, Min-Joo; Kang, Je-Won

    2016-01-01

    A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus.

  16. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security

    Science.gov (United States)

    Kang, Min-Joo

    2016-01-01

    A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus. PMID:27271802

  17. System design for distributed adaptive observation systems

    NARCIS (Netherlands)

    Ditzel, M.; Kester, L.J.H.M.; Broek, S.P. van den

    2011-01-01

    Currently, there is no clear-cut approach or design methodology available for designing distributed adaptive observation systems, partly due to the necessity to combine elements and approaches from several technological and scientific communities. Recently, an effort was made addressing this issue i

  18. The ERIS adaptive optics system

    Science.gov (United States)

    Marchetti, Enrico; Fedrigo, Enrico; Le Louarn, Miska; Madec, Pierre-Yves; Soenke, Christian; Brast, Roland; Conzelmann, Ralf; Delabre, Bernard; Duchateau, Michel; Frank, Christoph; Klein, Barbara; Amico, Paola; Hubin, Norbert; Esposito, Simone; Antichi, Jacopo; Carbonaro, Luca; Puglisi, Alfio; Quirós-Pacheco, Fernando; Riccardi, Armando; Xompero, Marco

    2014-07-01

    The Enhanced Resolution Imager and Spectrograph (ERIS) is the new Adaptive Optics based instrument for ESO's VLT aiming at replacing NACO and SINFONI to form a single compact facility with AO fed imaging and integral field unit spectroscopic scientific channels. ERIS completes the instrument suite at the VLT adaptive telescope. In particular it is equipped with a versatile AO system that delivers up to 95% Strehl correction in K band for science observations up to 5 micron It comprises high order NGS and LGS correction enabling the observation from exoplanets to distant galaxies with a large sky coverage thanks to the coupling of the LGS WFS with the high sensitivity of its visible WFS and the capability to observe in dust embedded environment thanks to its IR low order WFS. ERIS will be installed at the Cassegrain focus of the VLT unit hosting the Adaptive Optics Facility (AOF). The wavefront correction is provided by the AOF deformable secondary mirror while the Laser Guide Star is provided by one of the four launch units of the 4 Laser Guide Star Facility for the AOF. The overall layout of the ERIS AO system is extremely compact and highly optimized: the SPIFFI spectrograph is fed directly by the Cassegrain focus and both the NIX's (IR imager) and SPIFFI's entrance windows work as visible/infrared dichroics. In this paper we describe the concept of the ERIS AO system in detail, starting from the requirements and going through the estimated performance, the opto-mechanical design and the Real-Time Computer design.

  19. Adaptive Behaviour Assessment System: Indigenous Australian Adaptation Model (ABAS: IAAM)

    Science.gov (United States)

    du Plessis, Santie

    2015-01-01

    The study objectives were to develop, trial and evaluate a cross-cultural adaptation of the Adaptive Behavior Assessment System-Second Edition Teacher Form (ABAS-II TF) ages 5-21 for use with Indigenous Australian students ages 5-14. This study introduced a multiphase mixed-method design with semi-structured and informal interviews, school…

  20. Self-adaptive change detection in streaming data with non-stationary distribution

    KAUST Repository

    Zhang, Xiangliang

    2010-01-01

    Non-stationary distribution, in which the data distribution evolves over time, is a common issue in many application fields, e.g., intrusion detection and grid computing. Detecting the changes in massive streaming data with a non-stationary distribution helps to alarm the anomalies, to clean the noises, and to report the new patterns. In this paper, we employ a novel approach for detecting changes in streaming data with the purpose of improving the quality of modeling the data streams. Through observing the outliers, this approach of change detection uses a weighted standard deviation to monitor the evolution of the distribution of data streams. A cumulative statistical test, Page-Hinkley, is employed to collect the evidence of changes in distribution. The parameter used for reporting the changes is self-adaptively adjusted according to the distribution of data streams, rather than set by a fixed empirical value. The self-adaptability of the novel approach enhances the effectiveness of modeling data streams by timely catching the changes of distributions. We validated the approach on an online clustering framework with a benchmark KDDcup 1999 intrusion detection data set as well as with a real-world grid data set. The validation results demonstrate its better performance on achieving higher accuracy and lower percentage of outliers comparing to the other change detection approaches. © 2010 Springer-Verlag.

  1. Towards Adaptive Spoken Dialog Systems

    CERN Document Server

    Schmitt, Alexander

    2013-01-01

    In Monitoring Adaptive Spoken Dialog Systems, authors Alexander Schmitt and Wolfgang Minker investigate statistical approaches that allow for recognition of negative dialog patterns in Spoken Dialog Systems (SDS). The presented stochastic methods allow a flexible, portable and  accurate use.  Beginning with the foundations of machine learning and pattern recognition, this monograph examines how frequently users show negative emotions in spoken dialog systems and develop novel approaches to speech-based emotion recognition using hybrid approach to model emotions. The authors make use of statistical methods based on acoustic, linguistic and contextual features to examine the relationship between the interaction flow and the occurrence of emotions using non-acted  recordings several thousand real users from commercial and non-commercial SDS. Additionally, the authors present novel statistical methods that spot problems within a dialog based on interaction patterns. The approaches enable future SDS to offer m...

  2. Deep Adaptive Networks for Visual Data Classification

    Directory of Open Access Journals (Sweden)

    Shusen Zhou

    2014-10-01

    Full Text Available This paper proposes a classifier called deep adaptive networks (DAN based on deep belief networks (DBN for visual data classification. First, we construct a directed deep belief nets by using a set of Restricted Boltzmann Machines (RBM and a Gaussian RBM via greedy and layerwise unsupervised learning. Then, we refine the parameter space of the deep architecture to adapt the classification requirement by using global gradient-descent based supervised learning. An exponential loss function is utilized to maximize the separability of different classes. Moreover, we apply DAN to visual data classification task and observe an important fact that the learning ability of deep architecture is seriously underrated in real-world applications, especially when there are not enough labeled data. Experiments conducted on standard datasets of different types and different scales demonstrate that the proposed classifier outperforms the representative classification techniques and deep learning methods.

  3. Data Requirements for Developing Adaptations to Climate Variability and Change

    International Nuclear Information System (INIS)

    An extensive foundation of high quality data and information on the climate and on the biological, environmental and social systems affected by climate is required in order to understand the climate impact processes involved, to develop new adaptation practices, and to subsequently implement these practices. Experience of the impacts of current and past variability of climate and sea level is a prime source of information. Many practices are in use to reduce climate impacts, for example in engineering design, agricultural risk management and climate prediction services, though their roles as adaptations to climate change are not widely appreciated. While there are good data sets on some factors and in some regions, in many cases the databases are inadequate and there are few data sets on adaptation-specific quantities such as vulnerability, resilience and adaptation effectiveness. Current international action under the United Nations Framework Convention on Climate Change (UNFCCC) pays little attention to adaptation and its information requirements. Furthermore there are trends toward reduced data gathering and to restrictions on access to data sets, especially arising from cost and commercialisation pressures. To effectively respond to the changes in climate that are now inevitable, governments will need to more clearly identify adaptation as a central feature of climate change policy and make a renewed shared commitment to collecting and freely exchanging the necessary data. 12 refs

  4. Adapt

    Science.gov (United States)

    Bargatze, L. F.

    2015-12-01

    Active Data Archive Product Tracking (ADAPT) is a collection of software routines that permits one to generate XML metadata files to describe and register data products in support of the NASA Heliophysics Virtual Observatory VxO effort. ADAPT is also a philosophy. The ADAPT concept is to use any and all available metadata associated with scientific data to produce XML metadata descriptions in a consistent, uniform, and organized fashion to provide blanket access to the full complement of data stored on a targeted data server. In this poster, we present an application of ADAPT to describe all of the data products that are stored by using the Common Data File (CDF) format served out by the CDAWEB and SPDF data servers hosted at the NASA Goddard Space Flight Center. These data servers are the primary repositories for NASA Heliophysics data. For this purpose, the ADAPT routines have been used to generate data resource descriptions by using an XML schema named Space Physics Archive, Search, and Extract (SPASE). SPASE is the designated standard for documenting Heliophysics data products, as adopted by the Heliophysics Data and Model Consortium. The set of SPASE XML resource descriptions produced by ADAPT includes high-level descriptions of numerical data products, display data products, or catalogs and also includes low-level "Granule" descriptions. A SPASE Granule is effectively a universal access metadata resource; a Granule associates an individual data file (e.g. a CDF file) with a "parent" high-level data resource description, assigns a resource identifier to the file, and lists the corresponding assess URL(s). The CDAWEB and SPDF file systems were queried to provide the input required by the ADAPT software to create an initial set of SPASE metadata resource descriptions. Then, the CDAWEB and SPDF data repositories were queried subsequently on a nightly basis and the CDF file lists were checked for any changes such as the occurrence of new, modified, or deleted

  5. Novel Link Adaptation Schemes for OFDM System

    Institute of Scientific and Technical Information of China (English)

    LEI Ming; CAI Peng; XU Yue-shan; ZHANG Ping

    2003-01-01

    Orthogonal Frequency Division Multiplexing (OFDM) is the most promising technique supporting the high data rate transmission. The combination of the link adaptation and OFDM can further increase the spectral efficiency. In this paper, we put forward two link adaptation schemes for OFDM system which have the advantages of both flexibility and practicability. Both of the two novel link adaptation schemes are based on the iterative mechanism to allocate the bit and power to subcarriers according to their channel gains and noisy levels which are assumed to be already known at the transmitter. The candidate modulation modes are determined freely before the link adaptation schemes are performed. The distinction between the two novel link adaptation schemes is that in the novel scheme A, the modulation mode is upgraded to the neighboring higher-order mode, while in the novel scheme B the modulation is upgraded to the genuine optimal mode. Therefore, the novel scheme A has the advantage of lower complexity and the novel scheme B has the advantage of higher spectral efficiency.

  6. Semantic models for adaptive interactive systems

    CERN Document Server

    Hussein, Tim; Lukosch, Stephan; Ziegler, Jürgen; Calvary, Gaëlle

    2013-01-01

    Providing insights into methodologies for designing adaptive systems based on semantic data, and introducing semantic models that can be used for building interactive systems, this book showcases many of the applications made possible by the use of semantic models.Ontologies may enhance the functional coverage of an interactive system as well as its visualization and interaction capabilities in various ways. Semantic models can also contribute to bridging gaps; for example, between user models, context-aware interfaces, and model-driven UI generation. There is considerable potential for using

  7. Generating Representative Attack Test Cases for Evaluating and Testing Wireless Intrusion Detection Systems

    Directory of Open Access Journals (Sweden)

    Khalid Nasr

    2012-06-01

    Full Text Available Openness of wireless communication medium and flexibility in dealing with wireless communication protocols and their vulnerabilities create a problem of poor security. Due to deficiencies in the security mechanisms of the first line of defense such as firewall and encryption, there are growing interests in detecting wireless attacks through a second line of defense in the form of Wireless Intrusion Detection System (WIDS. WIDS monitors the radio spectrum and system activities and detects attacks leaked from the first line of defense. Selecting a reliable WIDS system depends significantly on its functionality and performance evaluation. Comprehensive and credible evaluation of WIDSs necessitates taking into account all possible attacks. While this is operationally impossible, it is necessary to select representative attack test cases that are extracted mainly from a comprehensive classification of wireless attacks. Dealing with this challenge, this paper proposes a holistic taxonomy of wireless security attacks from the perspective of the WIDS evaluator. This proposed taxonomy includes all relevant necessary and sufficient dimensions for wireless attacks classification and it helps in generating and extracting the representative attack test cases.

  8. EFFECT OF CLUSTERING IN DESIGNING A FUZZY BASED HYBRID INTRUSION DETECTION SYSTEM FOR MOBILE AD HOC NETWORKS

    Directory of Open Access Journals (Sweden)

    D. Vydeki

    2013-01-01

    Full Text Available Intrusion Detection System (IDS provides additional security for the most vulnerable Mobile Adhoc Networks (MANET. Use of Fuzzy Inference System (FIS in the design of IDS is proven to be efficient in detecting routing attacks in MANETs. Clustering is a vital means in the detection process of FIS based hybrid IDS. This study describes the design of such a system to detect black hole attack in MANET that uses Adhoc On-Demand Distance Vector (AODV routing protocol. It analyses the effect of two clustering algorithms and also prescribes the suitable clustering algorithm for the above-mentioned IDS. MANETs with various traffic scenarios were simulated and the data set required for the IDS is extracted. A hybrid IDS is designed using Sugeno type-2 FIS to detect black hole attack. From the experimental results, it is derived that the subtractive clustering algorithm produces 97% efficient detection while FCM offers 91%. It has been found that the subtractive clustering algorithm is more fit and efficient than the Fuzzy C-Means clustering (FCM for the FIS based detection system.

  9. AdaBoost-based algorithm for network intrusion detection.

    Science.gov (United States)

    Hu, Weiming; Hu, Wei; Maybank, Steve

    2008-04-01

    Network intrusion detection aims at distinguishing the attacks on the Internet from normal use of the Internet. It is an indispensable part of the information security system. Due to the variety of network behaviors and the rapid development of attack fashions, it is necessary to develop fast machine-learning-based intrusion detection algorithms with high detection rates and low false-alarm rates. In this correspondence, we propose an intrusion detection algorithm based on the AdaBoost algorithm. In the algorithm, decision stumps are used as weak classifiers. The decision rules are provided for both categorical and continuous features. By combining the weak classifiers for continuous features and the weak classifiers for categorical features into a strong classifier, the relations between these two different types of features are handled naturally, without any forced conversions between continuous and categorical features. Adaptable initial weights and a simple strategy for avoiding overfitting are adopted to improve the performance of the algorithm. Experimental results show that our algorithm has low computational complexity and error rates, as compared with algorithms of higher computational complexity, as tested on the benchmark sample data. PMID:18348941

  10. Adaptive model training system and method

    Science.gov (United States)

    Bickford, Randall L; Palnitkar, Rahul M; Lee, Vo

    2014-04-15

    An adaptive model training system and method for filtering asset operating data values acquired from a monitored asset for selectively choosing asset operating data values that meet at least one predefined criterion of good data quality while rejecting asset operating data values that fail to meet at least the one predefined criterion of good data quality; and recalibrating a previously trained or calibrated model having a learned scope of normal operation of the asset by utilizing the asset operating data values that meet at least the one predefined criterion of good data quality for adjusting the learned scope of normal operation of the asset for defining a recalibrated model having the adjusted learned scope of normal operation of the asset.

  11. Adaptive model training system and method

    Energy Technology Data Exchange (ETDEWEB)

    Bickford, Randall L; Palnitkar, Rahul M

    2014-11-18

    An adaptive model training system and method for filtering asset operating data values acquired from a monitored asset for selectively choosing asset operating data values that meet at least one predefined criterion of good data quality while rejecting asset operating data values that fail to meet at least the one predefined criterion of good data quality; and recalibrating a previously trained or calibrated model having a learned scope of normal operation of the asset by utilizing the asset operating data values that meet at least the one predefined criterion of good data quality for adjusting the learned scope of normal operation of the asset for defining a recalibrated model having the adjusted learned scope of normal operation of the asset.

  12. Framework of Combined Adaptive and Non-adaptive Attitude Control System for a Helicopter Experimental System

    Institute of Scientific and Technical Information of China (English)

    Akira Inoue; Ming-Cong Deng

    2006-01-01

    This paper presents a framework of a combined adaptive and non-adaptive attitude control system for a helicopter experimental system. The design method is based on a combination of adaptive nonlinear control and non-adaptive nonlinear control. With regard to detailed attitude control system design, two schemes are shown for different application cases.

  13. Non-Intrusive Electric Appliances Load Monitoring System-Experiment for Real Household-

    Science.gov (United States)

    Murata, Hiroshi; Onoda, Takashi; Yoshimoto, Katsuhisa; Nakano, Yukio; Kondo, Syuhei

    This paper presents applying results of four estimation algorithms of non-intrusive monitoring system for real household. We conclude that all algorithms have practicable ability. 1) support vector machine(SVM): SVM was used to estimate ON/OFF states for fluorescent and refrigerator. SVM has the performance equivalent to best performance of sigmoid function networks(SFN). However, SVM has high estimating ability constantly. 2) RBF networks(RBFN): RBFN was used to estimate power consumption for air conditioner. RBFN has the performance equivalent to best performance of SFN. However, RBFN has high estimating ability constantly. 3) step change detection method(SCD): SCD was used to estimate ON/OFF states and power consumption for IH cooking range. SCD does not need the necessary learning process for SFN and has higher estimating ability than SFN. 4) spectrum reference method(SRM): SRM was used to estimate working conditions for rice cocker and washing machine. SRM is able to estimate these working conditions that cannot be estimated by earlier methods.

  14. Adapting bioinformatics curricula for big data

    OpenAIRE

    Greene, Anna C.; Giffin, Kristine A.; Greene, Casey S; Jason H Moore

    2015-01-01

    Modern technologies are capable of generating enormous amounts of data that measure complex biological systems. Computational biologists and bioinformatics scientists are increasingly being asked to use these data to reveal key systems-level properties. We review the extent to which curricula are changing in the era of big data. We identify key competencies that scientists dealing with big data are expected to possess across fields, and we use this information to propose courses to meet these...

  15. A kind of intrusion detection system of wireless Ad Hoc ethernet based on domain%一种基于域的无线Ad HOC网络入侵检测系统

    Institute of Scientific and Technical Information of China (English)

    龚媛媛

    2012-01-01

    无线Ad Hoc网络因其高度动态的拓扑、无线链路、无固定基础设施的支持等一些特性使得它与其他网络相比是非常脆弱的.现有针对有线网络开发的IDS很难适用于这种网络.提出一种称为ZBIDS(Zone-Based Intrusion Detection System)的入侵检测系统,该系统采用两级层次化结构,属于分布式IDS.ZBIDS系统通过基于马尔可夫链的分类器来检测具有序列化特征的入侵.仿真结果表明,基于马尔可夫链的分类器具有较好的入侵检测性能.%Wireless Ad Hoc ethernet is comparatively vulnerable its characteristics such as dynamic topology, wireless connection and non-fixed foundation. The current IDS which are developed to suit network connection can' t adapt to the wireless one. This essay suggests the Zone-Based Intrusion Detection System (ZBIDS) which adopts two-stage hierarchical structure, belonging to distributive IDS. The ZBIDS can detect the ordered intrusion by the Markov chain classifier. The simulation results show that the Markov chain classifier can better detect the intrusion.

  16. A Novel Intrusion Detection System for Wireless Body Area Network in Health Care Monitoring

    Directory of Open Access Journals (Sweden)

    T. V.P. Sundararajan

    2010-01-01

    Full Text Available Problem statement: Health monitoring, telemedicine, military, interactive entertainment and portable audio/video systems were most promising applications where WBANs can be used. However, designers of such systems face a number of challenging tasks, as they need to address often quite conflicting requirements for size, operating time, precision and reliability. Network security is very important in Wireless Body Area Network (WBAN since the vital human life might be jeopardized, unless managed properly. Approach: This article presented security architecture of a wireless body area network for ambulatory health status monitoring. A novel Intrusion Detection System (IDS inspired by the biological immune system that use Negative Selection Algorithm (NSA was proposed to enhance the performance of Wireless Body Area Networks (WBAN to operate despite the presence of compromised (misbehaving nodes. Results: The proposed IDS scheme had been implemented using network simulator Qualnet v5.2. The performances of IDS scheme had been analyzed using AODV, DSR and DSDV routing protocols for parameters such as average detection rate and false alarm rate. These negative selection detectors are capable of distinguishing well behaving nodes from compromised nodes with good degree of accuracy. The high false positives rate is also minimized. Conclusion/Recommendations: Wireless Body Area Networks are an enabling technology for mobile health care. The IDS can be implemented on today’s devices as it only requires minimal and low-cost hardware changes. The authors strongly believe that adding sufficient security mechanisms to WBAN will study as a trigger in the acceptance of this technology for health care purposes. Simulation results indicate the non-degradability of network performance when these IDS is incorporated in the routing algorithm for security enhancements.

  17. FEATURES OF LOGISTIC SYSTEM ADAPTIVE MANAGEMENT

    OpenAIRE

    Natalya VOZNENKO; Teodora ROMAN

    2015-01-01

    The study presents literature survey on enterprise logistic system adaptive management place and structure in the general enterprise management system. The theoretical basics of logistic system functioning, levels of its management and its effectiveness had been investigated. The role of adaptive management and its types had been scrutinized. The necessity of creating company’s adaptive regulator such as its economic mechanism had been proved.

  18. Meteorological Data Assimilation by Adaptive Bayesian Optimization.

    Science.gov (United States)

    Purser, Robert James

    1992-01-01

    The principal aim of this research is the elucidation of the Bayesian statistical principles that underlie the theory of objective meteorological analysis. In particular, emphasis is given to aspects of data assimilation that can benefit from an iterative numerical strategy. Two such aspects that are given special consideration are statistical validation of the covariance profiles and nonlinear initialization. A new economic algorithm is presented, based on the imposition of a sparse matrix structure for all covariances and precisions held during the computations. It is shown that very large datasets may be accommodated using this structure and a good linear approximation to the analysis equations established without the need to unnaturally fragment the problem. Since the integrity of the system of analysis equations is preserved, it is a relatively straight-forward matter to extend the basic analysis algorithm to one that incorporates a check on the plausibility of the statistical model assumed for background errors--the so-called "validation" problem. Two methods of validation are described within the sparse matrix framework: the first is essentially a direct extension of the Bayesian principles to embrace, not only the regular analysis variables, but also the parameters that determine the precise form of the covariance functions; the second technique is the non-Bayesian method of generalized cross validation adapted for use within the sparse matrix framework. The later part of this study is concerned with the establishment of a consistent dynamical balance within a forecast model--the initialization problem. The formal principles of the modern theory of initialization are reviewed and a critical examination is made of the concept of the "slow manifold". It is demonstrated, in accordance with more complete nonlinear models, that even within a simple three-mode linearized system, the notion that a universal slow manifold exists is untenable. It is therefore argued

  19. A novel interacting multiple model based network intrusion detection scheme

    Science.gov (United States)

    Xin, Ruichi; Venkatasubramanian, Vijay; Leung, Henry

    2006-04-01

    In today's information age, information and network security are of primary importance to any organization. Network intrusion is a serious threat to security of computers and data networks. In internet protocol (IP) based network, intrusions originate in different kinds of packets/messages contained in the open system interconnection (OSI) layer 3 or higher layers. Network intrusion detection and prevention systems observe the layer 3 packets (or layer 4 to 7 messages) to screen for intrusions and security threats. Signature based methods use a pre-existing database that document intrusion patterns as perceived in the layer 3 to 7 protocol traffics and match the incoming traffic for potential intrusion attacks. Alternately, network traffic data can be modeled and any huge anomaly from the established traffic pattern can be detected as network intrusion. The latter method, also known as anomaly based detection is gaining popularity for its versatility in learning new patterns and discovering new attacks. It is apparent that for a reliable performance, an accurate model of the network data needs to be established. In this paper, we illustrate using collected data that network traffic is seldom stationary. We propose the use of multiple models to accurately represent the traffic data. The improvement in reliability of the proposed model is verified by measuring the detection and false alarm rates on several datasets.

  20. Model-Free Adaptive Control Algorithm with Data Dropout Compensation

    Directory of Open Access Journals (Sweden)

    Xuhui Bu

    2012-01-01

    Full Text Available The convergence of model-free adaptive control (MFAC algorithm can be guaranteed when the system is subject to measurement data dropout. The system output convergent speed gets slower as dropout rate increases. This paper proposes a MFAC algorithm with data compensation. The missing data is first estimated using the dynamical linearization method, and then the estimated value is introduced to update control input. The convergence analysis of the proposed MFAC algorithm is given, and the effectiveness is also validated by simulations. It is shown that the proposed algorithm can compensate the effect of the data dropout, and the better output performance can be obtained.

  1. A Novel Broadband MIMO/OFDM System Using Adaptive Modulation and Adaptive Diversity

    Institute of Scientific and Technical Information of China (English)

    PANYahan; KhaledBenLetaief; CAOZhigang; QIUYonghong

    2005-01-01

    OFDM (Orthogonal frequency division multiplexing) has been widely regarded as an effective modulation technique for mitigating the effects of ISI in a frequency selective fading channel and for providing reliable high-data transmission over wireless links. Adaptive modulation combined with adaptive transmit and receive diversity can achieve further increases in system's capacity and bandwidth efficiency, as well as in QoS improvement in conventional OFDM systems. In this paper, we propose a novel broadband MIMO/OFDM system using adaptive modulation and adaptive transmit and receive diversity. By applying an EVD on each sub-carrier channel matrix, joint optimal transmit and receive antenna weights as well as maximal SNR on each sub-carrier are obtained. Then, by employing adaptive modulation on each sub-carrier, the maximal SNR on each sub-carrier obtained by adaptive transmit and receive diversity is further maximized through adaptive bit assignment and power assignment on each sub-carrier under the constraint of power and overall bit rate. Simulation results show that the proposed system can achieve better performance than an adaptive antenna array based OFDM system without adaptive modulation over multipath fading channels.

  2. A MOBILE AGENT BASED INTRUSION DETECTION SYSTEM ARCHITECTURE FOR MOBILE AD HOC NETWORKS

    Directory of Open Access Journals (Sweden)

    Binod Kumar Pattanayak

    2014-01-01

    Full Text Available Applications of Mobile Ad Hoc Networks (MANETs have become extensively popular over the years among the researchers. However, the dynamic nature of MANETs imposes a set of challenges to its efficient implementation in practice. One of such challenges represents intrusion detection and prevention procedures that are intended to provide secured performance of ad hoc applications. In this study, we introduce a mobile agent based intrusion detection and prevention architecture for a clustered MANET. Here, a mobile agent resides in each cluster of the ad hoc network and each cluster runs a specific application at any point of time. This application specific approach makes the network more robust to external intrusions directed at the nodes in an ad hoc network.

  3. Data Warehouse Schema Evolution and Adaptation Framework Using Ontology

    Directory of Open Access Journals (Sweden)

    M.Thenmozhi

    2014-07-01

    Full Text Available Data Warehouse systems aim at integrating data from multiple heterogeneous, distributed, autonomous data sources. Due to changing business needs the data warehouse systems are never meant to be static. Changes in the data source structure or business requirements would result in the evolution of data warehouse schema structure. When data warehouse schema evolves the dependent modules such as its mappings, queries and views gets affected. The existing works on data warehouse evolution focus only on schema evolution at the physical level. As ontology seems to be a promising solution in data warehouse research, the proposed framework handles data warehouse schema evolution at ontological level. Moreover, it analyses the impact of the dependent modules and proposes methods to automatically adapt to changes.

  4. First steps in using machine learning on fMRI data to predict intrusive memories of traumatic film footage

    OpenAIRE

    Clark, Ian A; Niehaus, Katherine E; Duff, Eugene P.; Di Simplicio, Martina C.; Clifford, Gari D.; Smith, Stephen M.; Mackay, Clare E.; Woolrich, Mark W.; Holmes, Emily A.

    2014-01-01

    After psychological trauma, why do some only some parts of the traumatic event return as intrusive memories while others do not? Intrusive memories are key to cognitive behavioural treatment for post-traumatic stress disorder, and an aetiological understanding is warranted. We present here analyses using multivariate pattern analysis (MVPA) and a machine learning classifier to investigate whether peri-traumatic brain activation was able to predict later intrusive memories (i.e. before they ha...

  5. Modeling Power Systems as Complex Adaptive Systems

    Energy Technology Data Exchange (ETDEWEB)

    Chassin, David P.; Malard, Joel M.; Posse, Christian; Gangopadhyaya, Asim; Lu, Ning; Katipamula, Srinivas; Mallow, J V.

    2004-12-30

    Physical analogs have shown considerable promise for understanding the behavior of complex adaptive systems, including macroeconomics, biological systems, social networks, and electric power markets. Many of today's most challenging technical and policy questions can be reduced to a distributed economic control problem. Indeed, economically based control of large-scale systems is founded on the conjecture that the price-based regulation (e.g., auctions, markets) results in an optimal allocation of resources and emergent optimal system control. This report explores the state-of-the-art physical analogs for understanding the behavior of some econophysical systems and deriving stable and robust control strategies for using them. We review and discuss applications of some analytic methods based on a thermodynamic metaphor, according to which the interplay between system entropy and conservation laws gives rise to intuitive and governing global properties of complex systems that cannot be otherwise understood. We apply these methods to the question of how power markets can be expected to behave under a variety of conditions.

  6. A fast ionised wind in a Star Forming-Quasar system at z~1.5 resolved through Adaptive Optics assisted near-infrared data

    CERN Document Server

    Brusa, M; Cresci, G; Schramm, M; Delvecchio, I; Lanzuisi, G; Mainieri, V; Mignoli, M; Zamorani, G; Berta, S; Bongiorno, A; Comastri, A; Fiore, F; Kakkad, D; Marconi, A; Rosario, D; Contini, T; Lamareille, F

    2016-01-01

    Outflows are invoked in co-evolutionary models to link the growth of SMBH and galaxies through feedback phenomena, and from the analysis of both galaxies and Active Galactic Nuclei (AGN) samples at z$\\sim1-3$, it is becoming clear that powerful winds are quite common in AGN hosts. High-resolution and high S/N observations are needed in order to uncover the physical properties of the wind through kinematics analysis. We exploited VIMOS, SINFONI and Subaru/IRCS Adaptive Optics data to study the kinematics properties on the scale the host galaxy of XID5395, a luminous, X-ray obscured Starburst/Quasar merging system at z$\\sim1.5$ detected in the XMM-COSMOS field, and associated with an extreme [O II] emitter (EW$\\sim200$ \\AA). We mapped, for the first time, at high resolution the kinematics of the [O III] and H$\\alpha$ line complexes and linked them with the [O II] emission. The high spatial resolution achieved allowed us to resolve all the components of the SB-QSO system. Our analysis with a resolution of few kp...

  7. From Automatic to Adaptive Data Acquisition

    DEFF Research Database (Denmark)

    Chang, Marcus

    2009-01-01

    Sensornets have been used for ecological monitoring the past decade, yet the main driving force behind these deployments are still computer scien- tists. The denser sampling and added modalities oered by sensornets could drive these elds in new directions, but not until the domain scientists be......- come familiar with sensornets and use them as any other instrument in their toolbox. We explore three dierent directions in which sensornets can become easier to deploy, collect data of higher quality, and oer more exibility, and we postulate that sensornets should be instruments for domain scientists...... the exibility of sensornets and reduce the complexity for the domain scientist, we developed an AI-based controller to act as a proxy between the scientist and sensornet. This controller is driven by the scientist's requirements to the collected data, and uses adaptive sampling in order to reach these goals....

  8. Adaptive passive equivalence of uncertain Lü system

    Institute of Scientific and Technical Information of China (English)

    Qi Dong-Lian

    2006-01-01

    An adaptive passive strategy for controlling uncertain Lü system is proposed. Since the uncertain Lü system is minimum phase and the uncertain parameters are from a bounded compact set, the essential conditions are studied by which uncertain Lü system could be equivalent to a passive system, and the adaptive control law is given. Using passive theory, the uncertain Lü system could be globally asymptotically stabilized at different equilibria by the smooth state feedback.

  9. Design of a new type of integrated classifier for network intrusion detection systems

    Institute of Scientific and Technical Information of China (English)

    ZHU You-chan; WANG Jian; SHANG Li-biao

    2006-01-01

    Based on the analysis of the network intrusion detection model,a new design scheme for the integrated classifier is proposed.The attribute reduction algorithm of the discernibility matrix is used for the optimization design of reducing nodes of input and hidden layers.The experimental test result shows that this design is valid.

  10. Dynamic and adaptive data-management in ATLAS

    Energy Technology Data Exchange (ETDEWEB)

    Lassnig, Mario; Garonne, Vincent; Branco, Miguel; Molfetas, Angelos, E-mail: mario.lassnig@cern.c, E-mail: vincent.garonne@cern.c, E-mail: miguel.branco@cern.c, E-mail: angelos.molfetas@cern.c [CERN PH-ADP/DDM, 1211 Geneva (Switzerland); Faculty of Mathematics, Computer Science and Physics, University of Innsbruck (Austria)

    2010-04-01

    Distributed data-management on the grid is subject to huge uncertainties yet static policies govern its usage. Due to the unpredictability of user behaviour, the high-latency and the heterogeneous nature of the environment, distributed data-management on the grid is challenging. In this paper we present the first steps towards a future dynamic data-management system that adapts to the changing conditions and environment. Such a system would eliminate the number of manual interventions and remove unnecessary software layers, thereby providing a higher quality of service to the collaboration.

  11. Dynamic and adaptive data-management in ATLAS

    CERN Document Server

    Lassnig, M; Branco, M; Molfetas, A

    2010-01-01

    Distributed data-management on the grid is subject to huge uncertainties yet static policies govern its usage. Due to the unpredictability of user behaviour, the high-latency and the heterogeneous nature of the environment, distributed data-management on the grid is challenging. In this paper we present the first steps towards a future dynamic data-management system that adapts to the changing conditions and environment. Such a system would eliminate the number of manual interventions and remove unnecessary software layers, thereby providing a higher quality of service to the collaboration.

  12. Intelligent Multimodal Signal Adaptation System Project

    Data.gov (United States)

    National Aeronautics and Space Administration — Micro Analysis and Design (MA&D) is pleased to submit this proposal to design an Intelligent Multimodal Signal Adaptation System. This system will dynamically...

  13. Adaptive information filtering for dynamic recommender systems

    CERN Document Server

    Jin, Ci-Hang; Zhang, Yi-Cheng; Zhou, Tao

    2009-01-01

    The dynamic environment in the real world calls for the adaptive techniques for information filtering, namely to provide real-time responses to the changes of system data. Where many incremental algorithms are designed for this purpose, they are usually challenged by the worse and worse performance resulted from the cumulative errors over time. In this Letter, we propose two incremental diffusion-based algorithms for the personalized recommendations, which integrate some pieces of local and fast updatings to achieve the approximate results. In addition to the fast responses, the errors of the proposed algorithms do not cumulate over time, that is to say, the global recomputing is unnecessary. This remarkable advantage is demonstrated by several metrics on algorithmic accuracy for two movie recommender systems and a social bookmarking system.

  14. Web-Based Adaptive Testing System

    Institute of Scientific and Technical Information of China (English)

    2006-01-01

    Due to the maturing of Internet technology, the adaptive testing can be utilized in the web-based environment and the examinee can take the test anywhere and any time. The purpose of the research is to apply item response theory (IRT), adaptive testing theory and web-service technique to construct an XML format itembank and a system of web-based adaptive testing (WAT) by the framework of three-tiered client server distance testing.

  15. Self-Adaptive Systems for Machine Intelligence

    CERN Document Server

    He, Haibo

    2011-01-01

    This book will advance the understanding and application of self-adaptive intelligent systems; therefore it will potentially benefit the long-term goal of replicating certain levels of brain-like intelligence in complex and networked engineering systems. It will provide new approaches for adaptive systems within uncertain environments. This will provide an opportunity to evaluate the strengths and weaknesses of the current state-of-the-art of knowledge, give rise to new research directions, and educate future professionals in this domain. Self-adaptive intelligent systems have wide application

  16. Geochemical and isotopic data for restricting seawater intrusion and groundwater circulation in a series of typical volcanic islands in the South China Sea

    International Nuclear Information System (INIS)

    Highlights: • Seawater intrusion was reported in northeastern coast of South China Sea for the first time. • Seawater intrusion have resulted in significant groundwater salinization. • Unique intrusion pattern in volcanic islands have been observed. • Existence of isolated palaeowater was demonstrated. - Abstract: The decline of groundwater table and deterioration of water quality related to seawater have long been regarded as a crucial problem in coastal regions. In this work, a hydrogeologic investigation using combined hydrochemical and isotopic approaches was conducted in the coastal region of the South China Sea near the Leizhou peninsular to provide primary insight into seawater intrusion and groundwater circulation. Hydrochemical and isotopic data show that local groundwater is subjected to anthropogenic activities and geochemical processes, such as evaporation, water–rock interaction, and ion exchange. However, seawater intrusion driven by the over-exploitation of groundwater and insufficient recharge is the predominant factor controlling groundwater salinization. Systematic and homologic isotopic characteristics of most samples suggest that groundwater in volcanic area is locally recharged and likely caused by modern precipitation. However, very depleted stable isotopes and extremely low tritium of groundwater in some isolated aquifers imply a dominant role of palaeowater

  17. An immune based dynamic intrusion detection model

    Institute of Scientific and Technical Information of China (English)

    LI Tao

    2005-01-01

    With the dynamic description method for self and antigen, and the concept of dynamic immune tolerance for lymphocytes in network-security domain presented in this paper, a new immune based dynamic intrusion detection model (Idid) is proposed. In Idid, the dynamic models and the corresponding recursive equations of the lifecycle of mature lymphocytes, and the immune memory are built. Therefore, the problem of the dynamic description of self and nonself in computer immune systems is solved, and the defect of the low efficiency of mature lymphocyte generating in traditional computer immune systems is overcome. Simulations of this model are performed, and the comparison experiment results show that the proposed dynamic intrusion detection model has a better adaptability than the traditional methods.

  18. MODELING THE ADAPTION RULE IN CONTEXTAWARE SYSTEMS

    Directory of Open Access Journals (Sweden)

    Mao Zheng

    2016-08-01

    Full Text Available Context awareness is increasingly gaining applicability in interactive ubiquitous mobile computing systems. Each context-aware application has its own set of behaviors to react to context modifications. This paper is concerned with the context modeling and the development methodology for context-aware systems. We proposed a rule-based approach and use the adaption tree to model the adaption rule of context-aware systems. We illustrate this idea in an arithmetic game application.

  19. ADAPTIVE REGULATION OF HIGH ORDER NONHOLONOMIC SYSTEMS

    Institute of Scientific and Technical Information of China (English)

    2006-01-01

    The problem of adaptive regulation of a class of high-order parametric nonholonomic systems in chained-form was discussed. Using adding a power integrator technique and state scaling with discontinuous projection technique, a discontinuous adaptive dynamic controller was constructed. The controller guarantees the estimated value of unknown parameter is in the prescribed extent.

  20. SECURITY IN VEHICULAR AD HOC NETWORK BASED ON INTRUSION DETECTION SYSTEM

    Directory of Open Access Journals (Sweden)

    Omkar Pattnaik

    2014-01-01

    Full Text Available Implementation of mobile ad hoc networks has eventually captured practically most of the parts of day-to-day life. One variation of such networks represents the Vehicular Ad Hoc Networks (VANETs, widely implemented in order to control day-to-day road traffic. The major concern of VANETs is oriented around providing security to moving vehicles that makes it possible to reduce accidents and traffic jam and moreover to establish communication among different vehicles. In this study, we analyze a number of possible attacks that may pertain to VANETs. Intrusion detection imposes various challenges to efficient implementation of VANETs. To overcome it, several intrusion detection measures have been proposed. The Watchdog technique is one of them. We detail this technique so as to make it convenient to implement it in our future investigations.

  1. Minimally Intrusive and Nonintrusive Supersonic Injectors for LANTR and RBCC/Scramjet Propulsion Systems

    Science.gov (United States)

    Buggele, Alvin E.; Gallagher, John R.

    2002-10-01

    A family of supersonic injectors for use on spaceplanes, rockets and missiles and the like is disclosed and claimed. Each injector maintains a specific constant (uniform) Mach number along its length when used while being minimally intrusive at significantly higher injectant pressure than combuster freestream total pressure. Each injector is substantially non-intrusive when it is not being used. The injectors may be used individually or in a group. Different orientations of the injectors in a group promotes greater penetration and mixing of fuel or oxidizer into a supersonic combustor. The injectors can be made from single piece of Aluminum, investment cast metal, or ceramic or they can be made from starboard and port blocks strapped together to accurately control the throat area. Each injector includes an elongated body having an opening which in cross section is an hour glass (venturi shaped) and the opening diverges in width and depth from the bow section to the stem section of the opening.

  2. A FEATURE SELECTION ALGORITHM DESIGN AND ITS IMPLEMENTATION IN INTRUSION DETECTION SYSTEM

    Institute of Scientific and Technical Information of China (English)

    杨向荣; 沈钧毅

    2003-01-01

    Objective Present a new features selection algorithm. Methods based on rule induction and field knowledge. Results This algorithm can be applied in catching dataflow when detecting network intrusions, only the sub-dataset including discriminating features is catched. Then the time spend in following behavior patterns mining is reduced and the patterns mined are more precise. Conclusion The experiment results show that the feature subset catched by this algorithm is more informative and the dataset's quantity is reduced significantly.

  3. 新一代入侵防御系统应用%The New Generation of Intrusion Prevention System

    Institute of Scientific and Technical Information of China (English)

    王晓东

    2013-01-01

      IPS入侵防御系统目前已经得到大规模的应用,本文对迪普IPS2000型入侵防御系统的性能特性进行了详细研究,并在实际网络中部署了该系统。%IPS has been widely applied. The performance of Depp IPS2000 Intrusion Prevention System characteristics were studied in detail in this paper, and this system was deployed in actual network.

  4. Dynamic data-driven sensor network adaptation for border control

    Science.gov (United States)

    Bein, Doina; Madan, Bharat B.; Phoha, Shashi; Rajtmajer, Sarah; Rish, Anna

    2013-06-01

    Given a specific scenario for the border control problem, we propose a dynamic data-driven adaptation of the associated sensor network via embedded software agents which make sensor network control, adaptation and collaboration decisions based on the contextual information value of competing data provided by different multi-modal sensors. We further propose the use of influence diagrams to guide data-driven decision making in selecting the appropriate action or course of actions which maximize a given utility function by designing a sensor embedded software agent that uses an influence diagram to make decisions about whether to engage or not engage higher level sensors for accurately detecting human presence in the region. The overarching goal of the sensor system is to increase the probability of target detection and classification and reduce the rate of false alarms. The proposed decision support software agent is validated experimentally on a laboratory testbed for multiple border control scenarios.

  5. Adjoint-state inversion of electric resistivity tomography data of seawater intrusion at the Argentona coastal aquifer (Spain)

    Science.gov (United States)

    Fernández-López, Sheila; Carrera, Jesús; Ledo, Juanjo; Queralt, Pilar; Luquot, Linda; Martínez, Laura; Bellmunt, Fabián

    2016-04-01

    Seawater intrusion in aquifers is a complex phenomenon that can be characterized with the help of electric resistivity tomography (ERT) because of the low resistivity of seawater, which underlies the freshwater floating on top. The problem is complex because of the need for joint inversion of electrical and hydraulic (density dependent flow) data. Here we present an adjoint-state algorithm to treat electrical data. This method is a common technique to obtain derivatives of an objective function, depending on potentials with respect to model parameters. The main advantages of it are its simplicity in stationary problems and the reduction of computational cost respect others methodologies. The relationship between the concentration of chlorides and the resistivity values of the field is well known. Also, these resistivities are related to the values of potentials measured using ERT. Taking this into account, it will be possible to define the different resistivities zones from the field data of potential distribution using the basis of inverse problem. In this case, the studied zone is situated in Argentona (Baix Maresme, Catalonia), where the values of chlorides obtained in some wells of the zone are too high. The adjoint-state method will be used to invert the measured data using a new finite element code in C ++ language developed in an open-source framework called Kratos. Finally, the information obtained numerically with our code will be checked with the information obtained with other codes.

  6. 基于神经网络集成的入侵检测系统%An Intrusion Detection System Based on Neural Network Ensembles

    Institute of Scientific and Technical Information of China (English)

    徐敏; 沈晓红; 顾颀

    2011-01-01

    With the problems of the low detection rate and the insufficient sensitivity to the new intrusion, the current intrusion detection systems affect the functions of the entre system. Based on the very deep research, this paper proposes a new neural network ensembles method for intrusion detection. The method is used to train the individual networks on the basis of data reduction. Neural network techniques are used to combine the different classification results. Theory and experiment show that the model is effective.%目前,较为成熟的入侵检测系统普遍存在检测率偏低、对新的入侵不够敏感等问题,影响了系统的整体性能.在深入研究的基础上,本文提出了一种基于神经网络集成的入侵检测方法.该方法采用神经网络集成分类技术,在去除冗余数据的基础上对成员网络进行训练,并通过动态的方法确定成员网络的个数,最终通过神经网络对成员网络结果进行融合,以提高系统的整体性能.理论和实验表明,该方法能在保证成员网络差异性的同时提高入侵的检测率,具有较好的应用前景.

  7. Implementation and Analysis of EFRS Technique for Intrusion Tolerance in Distributed Systems

    Directory of Open Access Journals (Sweden)

    A B Chougule

    2011-07-01

    Full Text Available This paper includes designing and implementing a system that uses encryption-fragmentationreplication- scattering for the purpose of developing secure and dependable data storage within a distributed system. The system will consist of one central node which is assumed to be trusted and multiple storage nodes. Data is collected at the central node, which is then encrypted followed by fragmentation. Data fragments then undergo a hash function to give unique hash value of each fragment. These fragments are then replicated and scattered over the network. Thus, the system continues to provide service even in case of failure of some storage nodes.

  8. Zircon Recycling in Arc Intrusions

    Science.gov (United States)

    Miller, J.; Barth, A.; Matzel, J.; Wooden, J.; Burgess, S.

    2008-12-01

    Recycling of zircon has been well established in arc intrusions and arc volcanoes, but a better understanding of where and how zircons are recycled can help illuminate how arc magma systems are constructed. To that end, we are conducting age, trace element (including Ti-in-zircon temperatures; TzrnTi) and isotopic studies of zircons from the Late Cretaceous (95-85 Ma) Tuolumne Intrusive Suite (TIS) in the Sierra Nevada Batholith (CA). Within the TIS zircons inherited from ancient basement sources and/or distinctly older host rocks are uncommon, but recycled zircon antecrysts from earlier periods of TIS-related magmatism are common and conspicuous in the inner and two most voluminous units of the TIS, the Half Dome and Cathedral Peak Granodiorites. All TIS units have low bulk Zr ([Zr]825°C), [Zr] in the TIS is a factor of 2 to 3 lower than saturation values. Low [Zr] in TIS rocks might be attributed to a very limited supply of zircon in the source, by disequilibrium melting and rapid melt extraction [1], by melting reactions involving formation of other phases that can incorporate appreciable Zr [2], or by removal of zircon at an earlier stage of magma evolution. Based on a preliminary compilation of literature data, low [Zr] is common to Late Cretaceous N.A. Cordilleran granodioritic/tonalitic intrusions (typically Tzrnsat [3]. A corollary is that slightly older zircon antecrysts that are common in the inner units of the TIS could be considered inherited if they are derived from remelting of slightly older intrusions. Remelting at such low temperatures in the arc would require a source of external water. Refs: [1] Sawyer, J.Pet 32:701-738; [2] Fraser et al, Geology 25:607-610; [3] Harrison et al, Geology 35:635- 638

  9. Adaptation in CRISPR-Cas Systems.

    Science.gov (United States)

    Sternberg, Samuel H; Richter, Hagen; Charpentier, Emmanuelle; Qimron, Udi

    2016-03-17

    Clustered regularly interspaced short palindromic repeats (CRISPR) and CRISPR-associated (Cas) proteins constitute an adaptive immune system in prokaryotes. The system preserves memories of prior infections by integrating short segments of foreign DNA, termed spacers, into the CRISPR array in a process termed adaptation. During the past 3 years, significant progress has been made on the genetic requirements and molecular mechanisms of adaptation. Here we review these recent advances, with a focus on the experimental approaches that have been developed, the insights they generated, and a proposed mechanism for self- versus non-self-discrimination during the process of spacer selection. We further describe the regulation of adaptation and the protein players involved in this fascinating process that allows bacteria and archaea to harbor adaptive immunity.

  10. Managing software complexity of adaptive systems

    NARCIS (Netherlands)

    Roo, de Auke Jan

    2012-01-01

    To survive under competitive pressure, embedded system companies build systems that can deal with changing customer needs and operating conditions, and deterioration of the hardware over the lifetime of the embedded system. Engineers face the challenge to design such adaptive systems, while keeping

  11. Sharing Knowledge in Adaptive Learning Systems

    NARCIS (Netherlands)

    Kravcik, Milos; Gasevic, Dragan

    2006-01-01

    Please, cite this publication as: Kravcik, M. & Gasevic, D. (2006). Sharing Knowledge in Adaptive Learning Systems. Proceedings of ICALT2006. July, Kerkrade, The Netherlands: IEEE. Retrieved July 30th, 2006, from http://dspace.learningnetworks.org

  12. Meeting Ecologists Requirements with Adaptive Data Acquisition

    DEFF Research Database (Denmark)

    Chang, Marcus; Bonnet, Philippe

    present the design of a controller that continuously maintains its state based on the data obtained from the sensor network (as well as external systems), and congures motes with parameters that satisfy a constraint optimization problem derived from the current state. We describe our implementation......Ecologists instrument ecosystems with in-situ sensing to collect mea- surements. Sensor networks promise to improve on existing data acqui- sition systems by interconnecting stand-alone measurement systems into virtual instruments. Such ecological sensor networks, however, will only fulll...... their potential if they meet the scientists requirements. In an ideal world, an ecologist expresses requirements in terms of a target dataset, which the sensor network then actually collects and stores. In fact, failures occur and interesting events happen making uniform, systematic ecosys- tem sampling neither...

  13. A fast ionised wind in a star-forming quasar system at z ~ 1.5 resolved through adaptive optics assisted near-infrared data

    Science.gov (United States)

    Brusa, M.; Perna, M.; Cresci, G.; Schramm, M.; Delvecchio, I.; Lanzuisi, G.; Mainieri, V.; Mignoli, M.; Zamorani, G.; Berta, S.; Bongiorno, A.; Comastri, A.; Fiore, F.; Kakkad, D.; Marconi, A.; Rosario, D.; Contini, T.; Lamareille, F.

    2016-04-01

    Aims: Outflow winds are invoked in co-evolutionary models to link the growth of SMBH and galaxies through feedback phenomena, and from the analysis of both galaxies and active galactic nuclei (AGN) samples at z ~ 1-3, it is becoming clear that powerful outflows may be very common in AGN hosts. High-resolution and high S/N observations are needed to uncover the physical properties of the wind through kinematics analysis. Methods: We exploited VLT/VIMOS, VLT/SINFONI, and Subaru/IRCS adaptive optics (AO) data to study the kinematics properties on the scale of the host galaxy of XID5395; this galaxy is a luminous, X-ray obscured starburst/quasar (SB-QSO) merging system at z ~ 1.5, detected in the XMM-COSMOS field, associated with an extreme [O II] emitter (with equivalent width, EW, ~200 Å). For the first time, we mapped the kinematics of the [O III] and Hα line complexes and linked them with the [O II] emission at high resolution. The high spatial resolution achieved allowed us to resolve all the components of the SB-QSO system. Results: Our analysis, with a resolution of few kpc, reveals complexities and asymmetries in and around the nucleus of XID5395. The velocity field measured via non-parametric analysis reveals different kinematic components with maximum blueshifted and redshifted velocities up to ≳ 1300 km s-1 that are not spatially coincident with the nuclear core. These extreme values of the observed velocities and spatial location can be explained by the presence of fast moving material. We also spectroscopically confirm the presence of a merging system at the same redshift as the AGN host. Conclusions: We propose that EW as large as >150 Å in X-ray selected AGN may be an efficient criterion to isolate objects associated with the short, transition phase of "feedback" in the AGN-galaxy co-evolutionary path. This co-evolutionary path subsequently evolves into an unobscured QSO, as suggested from the different observational evidence (e.g. merger, compact

  14. ADAPTIVE GENERALIZED PREDICTIVE CONTROL OF SWITCHED SYSTEMS

    Institute of Scientific and Technical Information of China (English)

    WANG Yi-jing; WANG Long

    2005-01-01

    The problem of adaptive generalized predictive control which consists of output prediction errors for a class of switched systems is studied. The switching law is determined by the output predictive errors of a finite number of subsystems. For the single subsystem and multiple subsystems cases, it is proved that the given direct algorithm of generalized predictive control guarantees the global convergence of the system. This algorithm overcomes the inherent drawbacks of the slow convergence and large transient errors for the conventional adaptive control.

  15. First steps in using machine learning on fMRI data to predict intrusive memories of traumatic film footage.

    Science.gov (United States)

    Clark, Ian A; Niehaus, Katherine E; Duff, Eugene P; Di Simplicio, Martina C; Clifford, Gari D; Smith, Stephen M; Mackay, Clare E; Woolrich, Mark W; Holmes, Emily A

    2014-11-01

    After psychological trauma, why do some only some parts of the traumatic event return as intrusive memories while others do not? Intrusive memories are key to cognitive behavioural treatment for post-traumatic stress disorder, and an aetiological understanding is warranted. We present here analyses using multivariate pattern analysis (MVPA) and a machine learning classifier to investigate whether peri-traumatic brain activation was able to predict later intrusive memories (i.e. before they had happened). To provide a methodological basis for understanding the context of the current results, we first show how functional magnetic resonance imaging (fMRI) during an experimental analogue of trauma (a trauma film) via a prospective event-related design was able to capture an individual's later intrusive memories. Results showed widespread increases in brain activation at encoding when viewing a scene in the scanner that would later return as an intrusive memory in the real world. These fMRI results were replicated in a second study. While traditional mass univariate regression analysis highlighted an association between brain processing and symptomatology, this is not the same as prediction. Using MVPA and a machine learning classifier, it was possible to predict later intrusive memories across participants with 68% accuracy, and within a participant with 97% accuracy; i.e. the classifier could identify out of multiple scenes those that would later return as an intrusive memory. We also report here brain networks key in intrusive memory prediction. MVPA opens the possibility of decoding brain activity to reconstruct idiosyncratic cognitive events with relevance to understanding and predicting mental health symptoms. PMID:25151915

  16. Efficient Hybrid Network (Wired and Wireless) Intrusion Detection using Statistical Data Streams and Detection of Clustered Alerts

    OpenAIRE

    Thangavel, M.; Thangaraj, P.

    2011-01-01

    Problem statement: Wireless LAN IEEE 802.11 protocols are growing rapidly and security has always been a concern with the security of wired network. Wireless networks encountered threats from unauthorized access to network resources, installation of access points and illegal sniffing (refer as classical intrusion threats). In its current hybrid wired and wireless network attacks on the generally distinguish from normal cable intrusion attacks, selective forwarding attacks, MAC spoofing attack...

  17. Integrated artificial immune system for intrusion detection%面向入侵检测的集成人工免疫系统

    Institute of Scientific and Technical Information of China (English)

    陈岳兵; 冯超; 张权; 唐朝京

    2012-01-01

    According to the practical requirements of intrusion detection, an integrated artificial immune system (IAIS) was proposed. The system combined dendritic cell algorithm (DCA) and negative selection algorithm (NSA). DCA was used to detect behavioral features. NSA was used to detect structural features. IAIS was validated on KDD 99 dataset. Comparisons to other approaches were made. The experimental results show that the detection performance of IAIS is comparable to classic classification algorithm. IAIS does not rely on labeled data to train detectors. It combines behavioral features and structural features to detect intrusions in real-time mode.%结合入侵检测的实际需求,提出了一种集成人工免疫系统(LAIS).该系统结合了树突状细胞算法(DCA)和否定选择算法(NSA),DCA用于检测行为特征,NSA用于检测结构特征.通过KDD99数据集实验对该系统进行验证,并与其他方法进行了比较.实验结果表明,IAIS检测性能与经典分类算法相当.IAIS具有不依赖明确标识的数据来训练检测器,可结合行为特征和结构特征进行实时入侵检测的特点.

  18. Optimisation of Block-Adaptive Quantization for SAR Raw Data

    Science.gov (United States)

    Parraga Niebla, C.; Krieger, G.

    In SAR systems using a satellite platform, the amount of raw data to be transmitted to ground for processing is huge. Effort has to be spent to reduce the raw data. One technique that can be applied here is block adaptive quantization. For SAR systems, the raw data set is organised as a two-dimensional complex array (in-phase and quadrature) whose axes correspond to range and azimuth of the SAR image, normally using 8 bit coding per pixel, which generates a big amount of data to be transmitted and processed. In the case of satellites with store and forward function, data storage becomes a problem since the buffer capacity downlink bandwidth are limited. Therefore, there is a need to reduce the raw data set to be transmitted. One approach to solve this problem is to reduce the number of levels for amplitude coding. The Block-Adaptive Quantization algorithm consists of (i) dividing the data set in blocks and (ii) the adaptation of the quantization threshold levels and reconstruction values to the statistics of the signal within each block in order to better fit the dynamic margin, reducing this way the required number of bits of each block. Asuming a non-uniform quantization, the knowledge of SAR raw data statistical properties (which can be asumed as complex Gaussian distributed) can be applied to optimise the threshold values and reconstruction leves to the probability density function (pdf) of the signal. As every compression technique, the Block-Adaptive Quantization algorithm is loosing information as long as the number of bits is reduced. The effect of this information loss will be investigated in detail in this paper to find the right balance between compression rate and information loss in order to keep the processing quality for different remote sensing applications (SAR processing, interferometry, polarimetry) at an sufficient level. Furthermore, the selection of an optimum block size to be treated as statistically stationary is an issue for systematic

  19. Saltwater intrusion in the surficial aquifer system of the Big Cypress Basin, southwest Florida, and a proposed plan for improved salinity monitoring

    Science.gov (United States)

    Prinos, Scott T.

    2013-01-01

    The installation of drainage canals, poorly cased wells, and water-supply withdrawals have led to saltwater intrusion in the primary water-use aquifers in southwest Florida. Increasing population and water use have exacerbated this problem. Installation of water-control structures, well-plugging projects, and regulation of water use have slowed saltwater intrusion, but the chloride concentration of samples from some of the monitoring wells in this area indicates that saltwater intrusion continues to occur. In addition, rising sea level could increase the rate and extent of saltwater intrusion. The existing saltwater intrusion monitoring network was examined and found to lack the necessary organization, spatial distribution, and design to properly evaluate saltwater intrusion. The most recent hydrogeologic framework of southwest Florida indicates that some wells may be open to multiple aquifers or have an incorrect aquifer designation. Some of the sampling methods being used could result in poor-quality data. Some older wells are badly corroded, obstructed, or damaged and may not yield useable samples. Saltwater in some of the canals is in close proximity to coastal well fields. In some instances, saltwater occasionally occurs upstream from coastal salinity control structures. These factors lead to an incomplete understanding of the extent and threat of saltwater intrusion in southwest Florida. A proposed plan to improve the saltwater intrusion monitoring network in the South Florida Water Management District’s Big Cypress Basin describes improvements in (1) network management, (2) quality assurance, (3) documentation, (4) training, and (5) data accessibility. The plan describes improvements to hydrostratigraphic and geospatial network coverage that can be accomplished using additional monitoring, surface geophysical surveys, and borehole geophysical logging. Sampling methods and improvements to monitoring well design are described in detail. Geochemical analyses

  20. Resonant blade response in turbine rotor spin tests using a laser-light probe non-intrusive measurement system

    OpenAIRE

    Mansisidor, Michael R.

    2002-01-01

    Procedures to qualify turbo-machinery components for a designed lifetime free of high cycle fatigue (HCF) failures have not yet evolved. As part of an initiative to address this issue, in the present study, laser-light probes were used in a Non- Intrusive Measurement System (NSMS) to measure the unsteady deflections created in the blades of a second-stage turbine rotor in an evacuated spin pit. Air-jet and eddy-current excitation (ECE) methods were used to stimulate blade resonance. The NSMS ...

  1. High temperature metamorphism in the conductive boundary layer adjacent to a rhyolite intrusion in the Krafla geothermal system, Iceland

    OpenAIRE

    P. Schiffman; Zierenberg, RA; Mortensen, AK; Frioleifsson, GO; Elders, WA

    2014-01-01

    A rhyolite magma body within the Krafla geothermal system that was encountered at a depth of 2.1km during drilling of the IDDP-1 borehole is producing high temperature metamorphism within a conductive boundary layer (CBL) in adjacent host rocks. Cuttings recovered during drilling within a few meters of the intrusive contact in IDDP-1 are mainly comprised of granoblastic hornfelses, the rock type which confirms the presence of the CBL at the base of the IDDP-1 bore hole. The two pyroxenes in t...

  2. Geochemical and petrographic data for intrusions peripheral to the Big Timber Stock, Crazy Mountains, Montana

    Science.gov (United States)

    du Bray, Edward A.; Van Gosen, Bradley S.

    2015-01-01

    The Paleocene Fort Union Formation hosts a compositionally diverse array of Eocene plugs, dikes, and sills arrayed around the Eocene Big Timber stock in the Crazy Mountains of south-central Montana. The geochemistry and petrography of the sills have not previously been characterized or interpreted. The purpose of this report is (1) to present available geochemical and petrographic data for several dozen samples of these rocks and (2) to provide a basic interpretive synthesis of these data.

  3. Development and Simulation of Early-Warning and Predicting System for Saltwater Intrusion%咸潮入侵预警预报信息系统的设计与仿真

    Institute of Scientific and Technical Information of China (English)

    沈萍萍; 方立刚

    2011-01-01

    The online warning and forecasting of saltwater intrusion are studied. Currently, saltwater intrusion model can only display the measured data, and the timely warning and forecast can not be achieved. To solve the above problem, this paper presents a variable estuarine salinity simulation model, and gives the iterative algorithm of early warning. As long as accessing parameters, such as estuarine salinity and runoff etc. , accurate early warning of the salinity of local saltwater intrusion and the largest local saltwater intrusion distance can be rapidly realized, which solves the technical problems of local saltwater intrusion forecasting. Experimental results show that the propesed simulation iteration variable salinity estuary warning algorithm has relatively low error, and can accurately monitor saltwater intrusion. The saltwater intrusion forecasting information system developed basedon the algorithm has visual online early warning pattern. Using this system, the early-warning of saltwater intrusion can be electronized.%研究咸潮入侵实时、准确预警预报问题.目前咸潮入侵多为实测数据,没有相应的预警预报系统,无法实时、准确地预警咸情.为解决上述问题,提出可变河口盐度仿真迭代预警模型并给出实现算法.只要获取河口盐度和径流量等几个参数就能快速准确预警当地咸潮入侵盐度和入侵距离,解决了当地咸潮入侵预警预报实时性和准确性的技术难题.经过仿真证明.可变河口盐度模拟迭代预警算法误差较小,能快速、准确地监测预警咸潮入侵情况;基于算法开发设计的咸潮入侵预警预报信息系统在线预警形式直观,实现了珠三角地区成情的实时、准确预警,证明了预报系统的有效性.

  4. Adaptive Dialogue Systems for Assistive Living Environments

    Science.gov (United States)

    Papangelis, Alexandros

    2013-01-01

    Adaptive Dialogue Systems (ADS) are intelligent systems, able to interact with users via multiple modalities, such as speech, gestures, facial expressions and others. Such systems are able to make conversation with their users, usually on a specific, narrow topic. Assistive Living Environments are environments where the users are by definition not…

  5. Adaptive data management in the ARC Grid middleware

    Science.gov (United States)

    Cameron, D.; Gholami, A.; Karpenko, D.; Konstantinov, A.

    2011-12-01

    The Advanced Resource Connector (ARC) Grid middleware was designed almost 10 years ago, and has proven to be an attractive distributed computing solution and successful in adapting to new data management and storage technologies. However, with an ever-increasing user base and scale of resources to manage, along with the introduction of more advanced data transfer protocols, some limitations in the current architecture have become apparent. The simple first-in first-out approach to data transfer leads to bottlenecks in the system, as does the built-in assumption that all data is immediately available from remote data storage. We present an entirely new data management architecture for ARC which aims to alleviate these problems, by introducing a three-layer structure. The top layer accepts incoming requests for data transfer and directs them to the middle layer, which schedules individual transfers and negotiates with various intermediate catalog and storage systems until the physical file is ready to be transferred. The lower layer performs all operations which use large amounts of bandwidth, i.e. the physical data transfer. Using such a layered structure allows more efficient use of the available bandwidth as well as enabling late-binding of jobs to data transfer slots based on a priority system. Here we describe in full detail the design and implementation of the new system.

  6. Adaptive data management in the ARC Grid middleware

    International Nuclear Information System (INIS)

    The Advanced Resource Connector (ARC) Grid middleware was designed almost 10 years ago, and has proven to be an attractive distributed computing solution and successful in adapting to new data management and storage technologies. However, with an ever-increasing user base and scale of resources to manage, along with the introduction of more advanced data transfer protocols, some limitations in the current architecture have become apparent. The simple first-in first-out approach to data transfer leads to bottlenecks in the system, as does the built-in assumption that all data is immediately available from remote data storage. We present an entirely new data management architecture for ARC which aims to alleviate these problems, by introducing a three-layer structure. The top layer accepts incoming requests for data transfer and directs them to the middle layer, which schedules individual transfers and negotiates with various intermediate catalog and storage systems until the physical file is ready to be transferred. The lower layer performs all operations which use large amounts of bandwidth, i.e. the physical data transfer. Using such a layered structure allows more efficient use of the available bandwidth as well as enabling late-binding of jobs to data transfer slots based on a priority system. Here we describe in full detail the design and implementation of the new system.

  7. Complex and Adaptive Dynamical Systems A Primer

    CERN Document Server

    Gros, Claudius

    2011-01-01

    We are living in an ever more complex world, an epoch where human actions can accordingly acquire far-reaching potentialities. Complex and adaptive dynamical systems are ubiquitous in the world surrounding us and require us to adapt to new realities and the way of dealing with them. This primer has been developed with the aim of conveying a wide range of "commons-sense" knowledge in the field of quantitative complex system science at an introductory level, providing an entry point to this both fascinating and vitally important subject. The approach is modular and phenomenology driven. Examples of emerging phenomena of generic importance treated in this book are: -- The small world phenomenon in social and scale-free networks. -- Phase transitions and self-organized criticality in adaptive systems. -- Life at the edge of chaos and coevolutionary avalanches resulting from the unfolding of all living. -- The concept of living dynamical systems and emotional diffusive control within cognitive system theory. Techn...

  8. SHRIMP U-Pb zircon geochronology and thermal modeling of multilayer granitoid intrusions. Implications for the building and thermal evolution of the Central System batholith, Iberian Massif, Spain

    Science.gov (United States)

    Díaz Alvarado, Juan; Fernández, Carlos; Castro, Antonio; Moreno-Ventas, Ignacio

    2013-08-01

    This work shows the results of a U-Pb SHRIMP zircon geochronological study of the central part of the Gredos massif (Spanish Central System batholith). The studied batholith is composed of several granodiorite and monzogranite tabular bodies, around 1 km thick each, intruded into partially molten pelitic metasediments. Granodiorites and monzogranites, belonging to three distinct intrusive bodies, and samples of anatectic leucogranites have been selected for SHRIMP U-Pb zircon geochronology. Distinct age groups, separated by up to 20 Ma, have been distinguished in each sample. Important age differences have also been determined among the most representative age groups of the three analyzed granitoid bodies: 312.6 ± 2.8 Ma for the Circo de Gredos Bt-granodiorites (floor intrusive layer), 306.9 ± 1.5 Ma for the Barbellido-Plataforma granitoids (top intrusive layer) and 303.5 ± 2.8 Ma for Las Pozas Crd-monzogranites (middle intrusive layer). These age differences are interpreted in terms of sequential emplacement of the three intrusive bodies, contemporary with the Late Paleozoic D3 deformation phase. The anatectic leucogranites are coeval to slightly younger than the adjacent intrusive granodiorites and monzogranites (305.4 ± 1.6 Ma for Refugio del Rey leucogranites and 303 ± 2 Ma for migmatitic hornfelses). It is suggested that these anatectic magmas were generated in response to the thermal effects of granodiorite intrusions. Thermal modeling with COMSOL Multiphysics® reveals that sequential emplacement was able to keep the thermal conditions of the batholith around the temperature of zircon crystallization in granitic melts (around 750 °C) for several million of years, favoring the partial melting of host rocks and the existence of large magma chambers composed of crystal mush prone to be rejuvenated after new intrusions.

  9. Quantitative Adaptation Analytics for Assessing Dynamic Systems of Systems.

    Energy Technology Data Exchange (ETDEWEB)

    Gauthier, John H.; Miner, Nadine E.; Wilson, Michael L.; Le, Hai D.; Kao, Gio K; Melander, Darryl J.; Longsine, Dennis Earl [Sandia National Laboratories, Unknown, Unknown; Vander Meer, Robert Charles,

    2015-01-01

    Our society is increasingly reliant on systems and interoperating collections of systems, known as systems of systems (SoS). These SoS are often subject to changing missions (e.g., nation- building, arms-control treaties), threats (e.g., asymmetric warfare, terrorism), natural environments (e.g., climate, weather, natural disasters) and budgets. How well can SoS adapt to these types of dynamic conditions? This report details the results of a three year Laboratory Directed Research and Development (LDRD) project aimed at developing metrics and methodologies for quantifying the adaptability of systems and SoS. Work products include: derivation of a set of adaptability metrics, a method for combining the metrics into a system of systems adaptability index (SoSAI) used to compare adaptability of SoS designs, development of a prototype dynamic SoS (proto-dSoS) simulation environment which provides the ability to investigate the validity of the adaptability metric set, and two test cases that evaluate the usefulness of a subset of the adaptability metrics and SoSAI for distinguishing good from poor adaptability in a SoS. Intellectual property results include three patents pending: A Method For Quantifying Relative System Adaptability, Method for Evaluating System Performance, and A Method for Determining Systems Re-Tasking.

  10. Preliminary images from an adaptive imaging system.

    Science.gov (United States)

    Griffiths, J A; Metaxas, M G; Pani, S; Schulerud, H; Esbrand, C; Royle, G J; Price, B; Rokvic, T; Longo, R; Asimidis, A; Bletsas, E; Cavouras, D; Fant, A; Gasiorek, P; Georgiou, H; Hall, G; Jones, J; Leaver, J; Li, G; Machin, D; Manthos, N; Matheson, J; Noy, M; Ostby, J M; Psomadellis, F; van der Stelt, P F; Theodoridis, S; Triantis, F; Turchetta, R; Venanzi, C; Speller, R D

    2008-06-01

    I-ImaS (Intelligent Imaging Sensors) is a European project aiming to produce real-time adaptive X-ray imaging systems using Monolithic Active Pixel Sensors (MAPS) to create images with maximum diagnostic information within given dose constraints. Initial systems concentrate on mammography and cephalography. In our system, the exposure in each image region is optimised and the beam intensity is a function of tissue thickness and attenuation, and also of local physical and statistical parameters in the image. Using a linear array of detectors, the system will perform on-line analysis of the image during the scan, followed by optimisation of the X-ray intensity to obtain the maximum diagnostic information from the region of interest while minimising exposure of diagnostically less important regions. This paper presents preliminary images obtained with a small area CMOS detector developed for this application. Wedge systems were used to modulate the beam intensity during breast and dental imaging using suitable X-ray spectra. The sensitive imaging area of the sensor is 512 x 32 pixels 32 x 32 microm(2) in size. The sensors' X-ray sensitivity was increased by coupling to a structured CsI(Tl) scintillator. In order to develop the I-ImaS prototype, the on-line data analysis and data acquisition control are based on custom-developed electronics using multiple FPGAs. Images of both breast tissues and jaw samples were acquired and different exposure optimisation algorithms applied. Results are very promising since the average dose has been reduced to around 60% of the dose delivered by conventional imaging systems without decrease in the visibility of details. PMID:18291697

  11. Adaptation in the auditory system: an overview

    OpenAIRE

    David ePérez-González; Malmierca, Manuel S.

    2014-01-01

    The early stages of the auditory system need to preserve the timing information of sounds in order to extract the basic features of acoustic stimuli. At the same time, different processes of neuronal adaptation occur at several levels to further process the auditory information. For instance, auditory nerve fiber responses already experience adaptation of their firing rates, a type of response that can be found in many other auditory nuclei and may be useful for emphasizing the onset of the s...

  12. An Intrusive Analyzer for Hadoop Systems Based on Wireless Sensor Networks

    OpenAIRE

    Byoung-Jin Bae; Young-Joo Kim; Young-Kuk Kim; Ok-Kyoon Ha; Yong-Kee Jun

    2014-01-01

    Owing to the acceleration of IoT- (Internet of Things-) based wireless sensor networks, cloud-computing services using Big Data are rapidly growing. In order to manage and analyze Big Data efficiently, Hadoop frameworks have been used in a variety of fields. Hadoop processes Big Data as record values by using MapReduce programming in a distributed environment. Through MapReduce, data are stored in a Hadoop file system, and that form is not structured but unstructured. For this, it is not easy...

  13. Data Systems vs. Information Systems

    OpenAIRE

    Amatayakul, Margret K.

    1982-01-01

    This paper examines the current status of “hospital information systems” with respect to the distinction between data systems and information systems. It is proposed that the systems currently existing are incomplete data dystems resulting in ineffective information systems.

  14. Adaptive multiscale entropy analysis of multivariate neural data.

    Science.gov (United States)

    Hu, Meng; Liang, Hualou

    2012-01-01

    Multiscale entropy (MSE) has been widely used to quantify a system's complexity by taking into account the multiple time scales inherent in physiologic time series. The method, however, is biased toward the coarse scale, i.e., low-frequency components due to the progressive smoothing operations. In addition, the algorithm for extracting the different scales is not well adapted to nonlinear/nonstationary signals. In this letter, we introduce adaptive multiscale entropy (AME) measures in which the scales are adaptively derived directly from the data by virtue of recently developed multivariate empirical mode decomposition. Depending on the consecutive removal of low-frequency or high-frequency components, our AME can be estimated at either coarse-to-fine or fine-to-coarse scales over which the sample entropy is performed. Computer simulations are performed to verify the effectiveness of AME for analysis of the highly nonstationary data. Local field potentials collected from the visual cortex of macaque monkey while performing a generalized flash suppression task are used as an example to demonstrate the usefulness of our AME approach to reveal the underlying dynamics in complex neural data. PMID:21788182

  15. Privilege Flow Oriented Intrusion Detection Based on Hidden Semi- Markov Model

    Institute of Scientific and Technical Information of China (English)

    ZHONG An-ming; JIA Chun-fu

    2005-01-01

    A privilege flow oriented intrusion detection method based on HSMM (Hidden semi-Markov Model) is discussed. The privilege flow model and HSMM are incorporated in the implementation of an anomaly detection IDS (Intrusion Detection System). Using the data set of DARPA 1998, our experiment results reveal good detection performance and acceptable computation cost.

  16. Slow Adaptive OFDMA Systems ThroughChance Constrained Programming

    Directory of Open Access Journals (Sweden)

    N. Revathy

    2012-03-01

    Full Text Available Abstract—Adaptive orthogonal frequency division multiple Access (OFDMA has recently been recognized as a promising Technique for providing high spectral efficiency in future broadband Wireless systems. The research over the last decade on Adaptive OFDMA systems has focused on adapting the allocation Of radio resources, such as sub carriers and power, to the instantaneous Channel conditions of all users. However, such “fast” adaptation requires high computational complexity and excessive signalling overhead. This hinders the deployment of adaptive OFDMA systems worldwide. This paper proposes a slow adaptive OFDMA scheme, in which the sub carrier allocation is updated on a much slower timescale than that of the fluctuation of instantaneous channel conditions. Meanwhile, the data rate requirements of individual users are accommodated on the fast timescale with high probability, thereby meeting the requirements except occasional outage. Such an objective has a natural chance constrained programming formulation, which is known to be intractable. To circumvent this difficulty, we formulate safe tractable constraints or the problem based on recent advances in chance constrained programming. We then develop a polynomial-time algorithm for computing an optimal solution to the reformulated problem. Our results show that the proposed slow adaptation scheme drastically reduces both computational cost and control signalling overhead when compared with the conventional fast adaptive OFDMA.

  17. Preliminary images from an adaptive imaging system

    NARCIS (Netherlands)

    J.A. Griffiths; M.G. Metaxas; S. Pani; H. Schulerud; C. Esbrand; G.J. Royle; B. Price; T. Rokvic; R. Longo; A. Asimidis; E. Bletsas; D. Cavouras; A. Fant; P. Gasiorek; H. Georgiou; G. Hall; J. Jones; J. Leaver; G. Li; D. Machin; N. Manthos; J. Matheson; M. Noy; J.M. Østby; F. Psomadellis; P.F. van der Stelt; S. Theodoridis; F. Triantis; R. Turchetta; C. Venanzi; R.D. Speller

    2008-01-01

    I-ImaS (Intelligent Imaging Sensors) is a European project aiming to produce real-time adaptive X-ray imaging systems using Monolithic Active Pixel Sensors (MAPS) to create images with maximum diagnostic information within given dose constraints. Initial systems concentrate on mammography and cephal

  18. The ERIS Adaptive Optics System

    CERN Document Server

    Riccardi, A; Agapito, G; Antichi, J; Biliotti, V; Blain, C; Briguglio, R; Busoni, L; Carbonaro, L; Di Rico, G; Giordano, C; Pinna, E; Puglisi, A; Spanò, P; Xompero, M; Baruffolo, A; Kasper, M; Egner, S; Valles, M Suàrez; Soenke, C; Downing, M; Reyes, J

    2016-01-01

    ERIS is the new AO instrument for VLT-UT4 led by a Consortium of Max-Planck Institut fuer Extraterrestrische Physik, UK-ATC, ETH-Zurich, ESO and INAF. The ERIS AO system provides NGS mode to deliver high contrast correction and LGS mode to extend high Strehl performance to large sky coverage. The AO module includes NGS and LGS wavefront sensors and, with VLT-AOF Deformable Secondary Mirror and Laser Facility, will provide AO correction to the high resolution imager NIX (1-5um) and the IFU spectrograph SPIFFIER (1-2.5um). In this paper we present the preliminary design of the ERIS AO system and the estimated correction performance.

  19. Online Adaboost-Based Parameterized Methods for Dynamic Distributed Network Intrusion Detection.

    Science.gov (United States)

    Hu, Weiming; Gao, Jun; Wang, Yanguo; Wu, Ou; Maybank, Stephen

    2014-01-01

    Current network intrusion detection systems lack adaptability to the frequently changing network environments. Furthermore, intrusion detection in the new distributed architectures is now a major requirement. In this paper, we propose two online Adaboost-based intrusion detection algorithms. In the first algorithm, a traditional online Adaboost process is used where decision stumps are used as weak classifiers. In the second algorithm, an improved online Adaboost process is proposed, and online Gaussian mixture models (GMMs) are used as weak classifiers. We further propose a distributed intrusion detection framework, in which a local parameterized detection model is constructed in each node using the online Adaboost algorithm. A global detection model is constructed in each node by combining the local parametric models using a small number of samples in the node. This combination is achieved using an algorithm based on particle swarm optimization (PSO) and support vector machines. The global model in each node is used to detect intrusions. Experimental results show that the improved online Adaboost process with GMMs obtains a higher detection rate and a lower false alarm rate than the traditional online Adaboost process that uses decision stumps. Both the algorithms outperform existing intrusion detection algorithms. It is also shown that our PSO, and SVM-based algorithm effectively combines the local detection models into the global model in each node; the global model in a node can handle the intrusion types that are found in other nodes, without sharing the samples of these intrusion types. PMID:23757534

  20. An Agent Based Intrusion Detection Model for Mobile Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    B. M. Reshmi

    2006-01-01

    Full Text Available Intrusion detection has over the last few years, assumed paramount importance within the broad realm of network security, more so in case of wireless mobile ad hoc networks. The inherently vulnerable characteristics of wireless mobile ad hoc networks make them susceptible to attacks in-spite of some security measures, and it may be too late before any counter action can take effect. As such, there is a need to complement traditional security mechanisms with efficient intrusion detection and response systems. This paper proposes an agent-based model to address the aspect of intrusion detection in cluster based mobile wireless ad hoc network environment. The model comprises of a set of static and mobile agents, which are used to detect intrusions, respond to intrusions, and distribute selected and aggregated intrusion information to all other nodes in the network in an intelligent manner. The model is simulated to test its operation effectiveness by considering the performance parameters such as, detection rate, false positives, agent overheads, and intrusion information distribution time. Agent based approach facilitates flexible and adaptable security services. Also, it supports component based software engineering components such as maintainability, reachability, reusability, adaptability, flexibility, and customization.

  1. Important ingredients for health adaptive information systems.

    Science.gov (United States)

    Senathirajah, Yalini; Bakken, Suzanne

    2011-01-01

    Healthcare information systems frequently do not truly meet clinician needs, due to the complexity, variability, and rapid change in medical contexts. Recently the internet world has been transformed by approaches commonly termed 'Web 2.0'. This paper proposes a Web 2.0 model for a healthcare adaptive architecture. The vision includes creating modular, user-composable systems which aim to make all necessary information from multiple internal and external sources available via a platform, for the user to use, arrange, recombine, author, and share at will, using rich interfaces where advisable. Clinicians can create a set of 'widgets' and 'views' which can transform data, reflect their domain knowledge and cater to their needs, using simple drag and drop interfaces without the intervention of programmers. We have built an example system, MedWISE, embodying the user-facing parts of the model. This approach to HIS is expected to have several advantages, including greater suitability to user needs (reflecting clinician rather than programmer concepts and priorities), incorporation of multiple information sources, agile reconfiguration to meet emerging situations and new treatment deployment, capture of user domain expertise and tacit knowledge, efficiencies due to workflow and human-computer interaction improvements, and greater user acceptance.

  2. The New Trends in Adaptive Educational Hypermedia Systems

    Directory of Open Access Journals (Sweden)

    Sibel Somyürek

    2015-02-01

    Full Text Available This paper aims to give a general review of existing literature on adaptive educational hypermedia systems and to reveal technological trends and approaches within these studies. Fifty-six studies conducted between 2002 and 2012 were examined, to identify prominent themes and approaches. According to the content analysis, the new technological trends and approaches were grouped into seven categories: standardization, semantic web, modular frameworks, data mining, machine learning techniques, social web, and device adaptation. Furthermore, four challenges are suggested as explanation why adaptive systems are still not used on a large scale: inter-operability, open corpus knowledge, usage across a variety of delivery devices, and the design of meta-adaptive systems.

  3. 网络入侵检测系统研究%Network Intrusion Detection System Study

    Institute of Scientific and Technical Information of China (English)

    张博宇

    2011-01-01

    Intrusion detection technology is the emergence of a pro-active the past two decades to protect your computer from intruders new network security technology.It can provide internal attacks and external attacks and misuse in real-time detection,network security technology is extremely important part.%入侵检测技术是近二十年来出现的一种主动保护计算机免受入侵者攻击的新型网络安全技术。它能够提供对内部攻击,外部攻击和误操作的实时检测,是网络安全技术极其重要的组成部分。

  4. Adaptive control of solar energy collector systems

    CERN Document Server

    Lemos, João M; Igreja, José M

    2014-01-01

    This book describes methods for adaptive control of distributed-collector solar fields: plants that collect solar energy and deliver it in thermal form. Controller design methods are presented that can overcome difficulties found in these type of plants:they are distributed-parameter systems, i.e., systems with dynamics that depend on space as well as time;their dynamics is nonlinear, with a bilinear structure;there is a significant level of uncertainty in plant knowledge.Adaptive methods form the focus of the text because of the degree of uncertainty in the knowledge of plant dynamics. Parts

  5. Self-Adaptation in Evolving Systems

    CERN Document Server

    Stephens, C R; Mora, J; Waelbroeck, H

    1997-01-01

    A theoretical and experimental analysis is made of the effects of self-adaptation in a simple evolving system. Specifically, we consider the effects of coding the mutation and crossover probabilities of a genetic algorithm evolving in certain model fitness landscapes. The resultant genotype-phenotype mapping is degenerate, there being no direct selective advantage for one probability versus another. We show that the action of mutation and crossover breaks this degeneracy leading to an induced symmetry breaking among the genotypic synonyms. We demonstrate that this induced symmetry breaking allows the system to self-adapt in a time dependent environment.

  6. Research on Network Security Based on Intrusion Prevention System%基于入侵防护系统的网络安全研究

    Institute of Scientific and Technical Information of China (English)

    郑丽生; 陈金聪

    2011-01-01

    Intrusion Prevention System is a network security system which is different from the firewall and intrusion detection system.It can defense the intrusion activities and aggression actively and implement real-time blocking.It has changed the traditional pa%入侵防护系统(IPS)是一种不同于防火墙和入侵检测系统IDS的网络安全防范系统,它能对入侵活动和攻击行为实施主动防御和实时阻断,改变了传统网络安全防护体系被动防守的局面,使网络安全防护变得更积极、主动。介绍了有关IPS的防护原理、技术特征及存在的问题和解决方案。

  7. The Research of Intrusion Detection System Based on Improved Apriori Algorithm of Data Mining Association Rules%基于数据挖掘关联规则Apriori改进算法的入侵检测系统的研究

    Institute of Scientific and Technical Information of China (English)

    张浩; 景凤宣; 谢晓尧

    2011-01-01

    在众多的关联规则挖掘算法中,Apriori算法是最为经典的一个,但Apriori算法有以下缺陷:需要扫描多次数据库、生成大量候选集以及迭代求解频繁项集。因而提出了一种新方法,使Apriori算法产生的候选项集再通过数据库查找是否为频繁项集,从而提高算法的效率。最后针对入侵检测系统形成关联规则。实验结果表明,改进后的算法能有效地提高关联规则挖掘的效率。%Among a large number of association rule mining algorithms, Apriori algorithm is the most classic one ,but it has three deficiencies,including scanning databases many times, senerating a large number of candidate anthology, and mining frequent itemsets iteratively. This paper presented a method, Apriori algorithm to generate the candidate itemsets and then finds whether it is the frequent item- sets through the database, thereby enhancing the efficiency of the algorithm. Finally, intrusion detection system for the formation of association rules (IDS). The experimental results show that the optimized algorithm can effectively improve the efficiency of mining association rules.

  8. Environmentally-adapted local energy systems

    Energy Technology Data Exchange (ETDEWEB)

    Moe, N.; Oefverholm, E. [NUTEK, Stockholm (Sweden); Andersson, Owe [EKAN Gruppen (Sweden); Froste, H. [Swedish Environmental Protection Agency, Stockholm (Sweden)

    1997-10-01

    Energy companies, municipalities, property companies, firms of consultants, environmental groups and individuals are examples of players working locally to shape environmentally adapted energy systems. These players have needed information making them better able to make decisions on cost-efficient, environmentally-adapted energy systems. This book answers many of the questions they have put. The volume is mainly based on Swedish handbooks produced by the Swedish National Board for Industrial and Technical Development, NUTEK, together with the Swedish Environmental Protection Agency. These handbooks have been used in conjunction with municipal energy planning, local Agenda 21 work, to provide a basis for deciding on concrete local energy systems. The contents in brief: -The book throws new light on the concept of energy efficiency; -A section on the environment compares how air-polluting emissions vary with different methods of energy production; -A section contains more than 40 ideas for measures which can be profitable, reduce energy consumption and the impact on the environment all at the same time; -The book gives concrete examples of new, alternative and environmentally-adapted local energy systems. More efficient use of energy is included as a possible change of energy system; -The greatest emphasis is laid upon alternative energy systems for heating. It may be heating in a house, block of flats, office building or school; -Finally, there are examples of environmentally-adapted local energy planning.

  9. On Capability-Related Adaptation in Networked Service Systems

    OpenAIRE

    Finn Arve Aagesen; Patcharee Thongtra

    2012-01-01

    Adaptability is a property related to engineering as well as to the execution of networked service systems. This publication considers issues of adaptability both within a general and a scoped view. The generalview considers issues of adaptation at two levels: 1) System of entities, functions and adaptability types, and 2) Architectures supporting adaptability. Adaptability types defined are capability-related, functionality-related and context-related adaptation. The scoped view of the publi...

  10. Adaptive Data Rates for Flexible Transceivers in Optical Networks

    Directory of Open Access Journals (Sweden)

    Brian Thomas Teipen

    2012-05-01

    Full Text Available Efforts towards commercializing higher-speed optical transmission have demonstrated the need for advanced modulation formats, several of which require similar transceiver hardware architecture. Adaptive transceivers can be built to have a number of possible operational configurations selected by software. Such software-defined transceiver configurations can create specific modulation formats to support sets of data rates, corresponding tolerances to system impairments, and sets of electronic digital signal processing schemes chosen to best function in a given network environment. In this paper, we discuss possibilities and advantages of reconfigurable, bit-rate flexible transceivers, and their potential applications in future optical networks.

  11. Data adaptive estimation of transversal blood flow velocities

    DEFF Research Database (Denmark)

    Pirnia, E.; Jakobsson, A.; Gudmundson, E.;

    2014-01-01

    The examination of blood flow inside the body may yield important information about vascular anomalies, such as possible indications of, for example, stenosis. Current Medical ultrasound systems suffer from only allowing for measuring the blood flow velocity along the direction of irradiation...... the transversal blood flow. In this paper, we propose a novel data-adaptive blood flow estimator exploiting this modulation scheme. Using realistic Field II simulations, the proposed estimator is shown to achieve a notable performance improvement as compared to current state-of-the-art techniques....

  12. An Adaptive Multimodal Biometrics System using PSO

    Directory of Open Access Journals (Sweden)

    Ola M. Aly

    2013-08-01

    Full Text Available Multimodal biometric systems which fuse information from a number of biometrics, are gaining more attentions lately because they are able to overcome limitations in unimodal biometric systems. These systems are suited for high security applications. Most of the proposed multibiometric systems offer one level of security. In this paper a new approach for adaptive combination of multiple biometrics has been proposed to ensure multiple levels of security. The score level fusion rule is adapted using (PSO Particle Swarm Optimization to ensure the desired system performance corresponding to the desired level of security. The experimental results prove that the proposed multimodal biometric system is appropriate for applications that require different levels of security.

  13. A Distributed Network Intrusion Prevention System%一种分布式网络入侵防御系统

    Institute of Scientific and Technical Information of China (English)

    薛辉; 邓军; 叶柏龙; 陆兰

    2011-01-01

    为了改进当前IPS面临性能瓶颈、误报、漏报和攻击速度等问题,提出了一种分布式"分析与检测十集中控制十升级服务"架构的网络入侵防御系统.分析与检测主要采用协议识别和分析、协议异常检测、流量异常检测及响应方式等,集中控制主要用于监测控制入侵检测与防御系统的运行及其系统配置,升级服务负责定期提供攻击特征库的升级更新,使系统提供最前沿的安全保障.同时兼容其他安全产品,形成深度防御体系,最大限度地保护企业和组织的网络安全.%In order to improve the current performance bottlenecks facing IPS, false positive, false negative and attack speed issue etc, this paper presents a distributed "analysis and testing+centralized control+upgrade services"Architecture for Network Intrusion Detection and Prevention System. Analysis and testing can be achieved mainly through protocol identification and analysis, protocol anomaly detection, traffic anomaly detection and response methods. Centralized control is primarily used for intrusion detection and prevention monitoring and control system operation and system configuration. Upgrade Service is responsible for regular upgrades attack signature updates to make sure that the system provides the most cutting-edge security. Compatible with other security products, this system forms the depth of defense, to protect businesses and organizations to maximize network security.

  14. SATZ An Adaptive Sentence Segmentation System

    CERN Document Server

    Palmer, D D

    1995-01-01

    This paper provides a detailed description of the sentence segmentation system first introduced in cmp-lg/9411022. It provides results of systematic experiments involving sentence boundary determination, including context size, lexicon size, and single-case texts. Also included are the results of successfully adapting the system to German and French. The source code for the system is available as a compressed tar file at ftp://cs-tr.CS.Berkeley.EDU/pub/cstr/satz.tar.Z .

  15. Surface Operations Data Analysis and Adaptation Tool Project

    Data.gov (United States)

    National Aeronautics and Space Administration — This effort undertook the creation of a Surface Operations Data Analysis and Adaptation (SODAA) tool to store data relevant to airport surface research and...

  16. DESIGN PATTERNS FOR SELF ADAPTIVE SYSTEMS ENGINEERING

    Directory of Open Access Journals (Sweden)

    Yousef Abuseta

    2015-07-01

    Full Text Available Self adaptation has been proposed to overcome the complexity of today's software systems which results from the uncertainty issue. Aspects of uncertainty include changing systems goals, changing resource availability and dynamic operating conditions. Feedback control loops have been recognized as vital elements for engineering self-adaptive systems. However, despite their importance, there is still a lack of systematic way of the design of the interactions between the different components comprising one particular feedback control loop as well as the interactions between components from different control loops . Most existing approaches are either domain specific or too abstract to be useful. In addition, the issue of multiple control loops is often neglected and consequently self adaptive systems are often designed around a single loop. In this paper we propose a set of design patterns for modeling and designing self adaptive software systems based on MAPE-K. Control loop of IBM architecture blueprint which takes into account the multiple control loops issue. A case study is presented to illustrate the applicability of the proposed design patterns.

  17. Intrusive images and intrusive thoughts as different phenomena: Two experimental studies

    NARCIS (Netherlands)

    Hagenaars, M.A.; Brewin, C.R.; Minnen, A. van; Holmes, E.A.; Hoogduin, C.A.L.

    2010-01-01

    According to the dual representation theory of PTSD, intrusive trauma images and intrusive verbal thoughts are produced by separate memory systems. In a previous article it was shown that after watching an aversive film, participants in non-movement conditions reported more intrusive images than par

  18. An Instance-Learning-Based Intrusion-Detection System for Wireless Sensor Networks

    Institute of Scientific and Technical Information of China (English)

    Shuai Fu; Xiaoyan Wang; Jie Li

    2015-01-01

    This paper proposes an instance⁃learning⁃based intrusion⁃detection system (IL⁃IDS) for wireless sensor networks (WSNs). The goal of the proposed system is to detect routing attacks on a WSN. Taking an existing instance⁃learning algorithm for wired networks as our basis, we propose IL⁃IDS for handling routing security problems in a WSN. Attacks on a routing protocol for a WSN include black hole attack and sinkhole attack. The basic idea of our system is to differentiate the changes between secure instances and attack instances. Considering the limited resources of sensor nodes, the existing algorithm cannot be used directly in a WSN. Our system mainly comprises four parts: feature vector selection, threshold selection, instance data processing, and instance determina⁃tion. We create a feature vector form composed of the attributes that changes obviously when an attack occurs within the network. For the data processing in resource⁃constrained sensor nodes, we propose a data⁃reduction scheme based on the clustering algo⁃rithm. For instance determination, we provide a threshold⁃selection scheme and describe the concrete⁃instance⁃determination mechanism of the system. Finally, we simulate and evaluate the proposed IL⁃IDS for different types of attacks.

  19. 入侵检测系统发展的研究综述%A Survey on the Development of Intrusion Detection System

    Institute of Scientific and Technical Information of China (English)

    张相锋; 孙玉芳

    2003-01-01

    With the fast development of Internet ,more and more computer security affairs appear. Researchers havedeveloped many security mechanisms to improve computer security,including intrusion detection (ID). This paper re-views the history of intrusion detection systems (IDS)and mainstream techniques used in IDS,showing that IDS couldimprove security only provided that it is devised based on the architecture of the target system. From this ,we couldsee the trend of integration of host-oriented,network-oriented and application-oriented IDSs.

  20. Adaptive scheduling for shared window joins over data streams

    Institute of Scientific and Technical Information of China (English)

    JIN Cheqing; ZHOU Aoying; Jeffrey Xu Yu; Joshua Zhexue Huang; CAO Feng

    2007-01-01

    Recently a few Continuous Query systems have been developed to cope with applications involving continuous data streams.At the same time,numerous algorithms are proposed for better performance.A recent work on this subject was to define scheduling strategies on shared window joins over data streams from multiple query expressions.In these strategies,a tuple with the highest priority is selected to process from multiple candidates.However,the performance of these static strategies is deeply influenced when data are bursting,because the priority is determined only by static information,such as the query windows,arriving order,etc.In this paper,we propose a novel adaptive strategy where the priority of a tuple is integrated with realtime information.A thorough experimental evaluation has demonstrated that this new strategy can outperform the existing strategies.