WorldWideScience

Sample records for computer intrusion detection

  1. Securing Cloud Computing from Different Attacks Using Intrusion Detection Systems

    Omar Achbarou

    2017-03-01

    Full Text Available Cloud computing is a new way of integrating a set of old technologies to implement a new paradigm that creates an avenue for users to have access to shared and configurable resources through internet on-demand. This system has many common characteristics with distributed systems, hence, the cloud computing also uses the features of networking. Thus the security is the biggest issue of this system, because the services of cloud computing is based on the sharing. Thus, a cloud computing environment requires some intrusion detection systems (IDSs for protecting each machine against attacks. The aim of this work is to present a classification of attacks threatening the availability, confidentiality and integrity of cloud resources and services. Furthermore, we provide literature review of attacks related to the identified categories. Additionally, this paper also introduces related intrusion detection models to identify and prevent these types of attacks.

  2. Abstracting massive data for lightweight intrusion detection in computer networks

    Wang, Wei

    2016-10-15

    Anomaly intrusion detection in big data environments calls for lightweight models that are able to achieve real-time performance during detection. Abstracting audit data provides a solution to improve the efficiency of data processing in intrusion detection. Data abstraction refers to abstract or extract the most relevant information from the massive dataset. In this work, we propose three strategies of data abstraction, namely, exemplar extraction, attribute selection and attribute abstraction. We first propose an effective method called exemplar extraction to extract representative subsets from the original massive data prior to building the detection models. Two clustering algorithms, Affinity Propagation (AP) and traditional . k-means, are employed to find the exemplars from the audit data. . k-Nearest Neighbor (k-NN), Principal Component Analysis (PCA) and one-class Support Vector Machine (SVM) are used for the detection. We then employ another two strategies, attribute selection and attribute extraction, to abstract audit data for anomaly intrusion detection. Two http streams collected from a real computing environment as well as the KDD\\'99 benchmark data set are used to validate these three strategies of data abstraction. The comprehensive experimental results show that while all the three strategies improve the detection efficiency, the AP-based exemplar extraction achieves the best performance of data abstraction.

  3. Intrusion Prevention and Detection in Grid Computing - The ALICE Case

    INSPIRE-00416173; Kebschull, Udo

    2015-01-01

    Grids allow users flexible on-demand usage of computing resources through remote communication networks. A remarkable example of a Grid in High Energy Physics (HEP) research is used in the ALICE experiment at European Organization for Nuclear Research CERN. Physicists can submit jobs used to process the huge amount of particle collision data produced by the Large Hadron Collider (LHC). Grids face complex security challenges. They are interesting targets for attackers seeking for huge computational resources. Since users can execute arbitrary code in the worker nodes on the Grid sites, special care should be put in this environment. Automatic tools to harden and monitor this scenario are required. Currently, there is no integrated solution for such requirement. This paper describes a new security framework to allow execution of job payloads in a sandboxed context. It also allows process behavior monitoring to detect intrusions, even when new attack methods or zero day vulnerabilities are exploited, by a Machin...

  4. Intrusion Prevention and Detection in Grid Computing - The ALICE Case

    Gomez, Andres; Lara, Camilo; Kebschull, Udo

    2015-12-01

    Grids allow users flexible on-demand usage of computing resources through remote communication networks. A remarkable example of a Grid in High Energy Physics (HEP) research is used in the ALICE experiment at European Organization for Nuclear Research CERN. Physicists can submit jobs used to process the huge amount of particle collision data produced by the Large Hadron Collider (LHC). Grids face complex security challenges. They are interesting targets for attackers seeking for huge computational resources. Since users can execute arbitrary code in the worker nodes on the Grid sites, special care should be put in this environment. Automatic tools to harden and monitor this scenario are required. Currently, there is no integrated solution for such requirement. This paper describes a new security framework to allow execution of job payloads in a sandboxed context. It also allows process behavior monitoring to detect intrusions, even when new attack methods or zero day vulnerabilities are exploited, by a Machine Learning approach. We plan to implement the proposed framework as a software prototype that will be tested as a component of the ALICE Grid middleware.

  5. Intrusion Prevention and Detection in Grid Computing - The ALICE Case

    Gomez, Andres; Lara, Camilo; Kebschull, Udo

    2015-01-01

    Grids allow users flexible on-demand usage of computing resources through remote communication networks. A remarkable example of a Grid in High Energy Physics (HEP) research is used in the ALICE experiment at European Organization for Nuclear Research CERN. Physicists can submit jobs used to process the huge amount of particle collision data produced by the Large Hadron Collider (LHC). Grids face complex security challenges. They are interesting targets for attackers seeking for huge computational resources. Since users can execute arbitrary code in the worker nodes on the Grid sites, special care should be put in this environment. Automatic tools to harden and monitor this scenario are required. Currently, there is no integrated solution for such requirement. This paper describes a new security framework to allow execution of job payloads in a sandboxed context. It also allows process behavior monitoring to detect intrusions, even when new attack methods or zero day vulnerabilities are exploited, by a Machine Learning approach. We plan to implement the proposed framework as a software prototype that will be tested as a component of the ALICE Grid middleware. (paper)

  6. A Privacy-Preserving Framework for Collaborative Intrusion Detection Networks Through Fog Computing

    Wang, Yu; Xie, Lin; Li, Wenjuan

    2017-01-01

    Nowadays, cyber threats (e.g., intrusions) are distributed across various networks with the dispersed networking resources. Intrusion detection systems (IDSs) have already become an essential solution to defend against a large amount of attacks. With the development of cloud computing, a modern IDS...

  7. Computational neural network regression model for Host based Intrusion Detection System

    Sunil Kumar Gautam

    2016-09-01

    Full Text Available The current scenario of information gathering and storing in secure system is a challenging task due to increasing cyber-attacks. There exists computational neural network techniques designed for intrusion detection system, which provide security to single machine and entire network's machine. In this paper, we have used two types of computational neural network models, namely, Generalized Regression Neural Network (GRNN model and Multilayer Perceptron Neural Network (MPNN model for Host based Intrusion Detection System using log files that are generated by a single personal computer. The simulation results show correctly classified percentage of normal and abnormal (intrusion class using confusion matrix. On the basis of results and discussion, we found that the Host based Intrusion Systems Model (HISM significantly improved the detection accuracy while retaining minimum false alarm rate.

  8. Autonomic intrusion detection: Adaptively detecting anomalies over unlabeled audit data streams in computer networks

    Wang, Wei; Guyet, Thomas; Quiniou, René ; Cordier, Marie-Odile; Masseglia, Florent; Zhang, Xiangliang

    2014-01-01

    In this work, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-managing: self-labeling, self-updating and self-adapting. Our framework employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies. Two large real HTTP traffic streams collected in our institute as well as a set of benchmark KDD’99 data are used to validate the framework and the method. The test results show that the autonomic model achieves better results in terms of effectiveness and efficiency compared to adaptive Sequential Karhunen–Loeve method and static AP as well as three other static anomaly detection methods, namely, k-NN, PCA and SVM.

  9. Autonomic intrusion detection: Adaptively detecting anomalies over unlabeled audit data streams in computer networks

    Wang, Wei

    2014-06-22

    In this work, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-managing: self-labeling, self-updating and self-adapting. Our framework employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies. Two large real HTTP traffic streams collected in our institute as well as a set of benchmark KDD’99 data are used to validate the framework and the method. The test results show that the autonomic model achieves better results in terms of effectiveness and efficiency compared to adaptive Sequential Karhunen–Loeve method and static AP as well as three other static anomaly detection methods, namely, k-NN, PCA and SVM.

  10. Attacks and Intrusion Detection in Cloud Computing Using Neural Networks and Particle Swarm Optimization Algorithms

    Ahmad Shokuh Saljoughi

    2018-01-01

    Full Text Available Today, cloud computing has become popular among users in organizations and companies. Security and efficiency are the two major issues facing cloud service providers and their customers. Since cloud computing is a virtual pool of resources provided in an open environment (Internet, cloud-based services entail security risks. Detection of intrusions and attacks through unauthorized users is one of the biggest challenges for both cloud service providers and cloud users. In the present study, artificial intelligence techniques, e.g. MLP Neural Network sand particle swarm optimization algorithm, were used to detect intrusion and attacks. The methods were tested for NSL-KDD, KDD-CUP datasets. The results showed improved accuracy in detecting attacks and intrusions by unauthorized users.

  11. Interior intrusion detection systems

    Rodriguez, J.R.; Matter, J.C. (Sandia National Labs., Albuquerque, NM (United States)); Dry, B. (BE, Inc., Barnwell, SC (United States))

    1991-10-01

    The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs.

  12. Interior intrusion detection systems

    Rodriguez, J.R.; Matter, J.C.; Dry, B.

    1991-10-01

    The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs

  13. Abstracting massive data for lightweight intrusion detection in computer networks

    Wang, Wei; Liu, Jiqiang; Pitsilis, Georgios; Zhang, Xiangliang

    2016-01-01

    detection. Data abstraction refers to abstract or extract the most relevant information from the massive dataset. In this work, we propose three strategies of data abstraction, namely, exemplar extraction, attribute selection and attribute abstraction. We

  14. Intrusion detection sensors

    Williams, J.D.

    1978-07-01

    Intrusion detection sensors are an integral part of most physical security systems. Under the sponsorship of the U.S. Department of Energy, Office of Safeguards and Security, Sandia Laboratories has conducted a survey of available intrusion detection sensors and has tested a number of different sensors. An overview of these sensors is provided. This overview includes (1) the operating principles of each type of sensor, (2) unique sensor characteristics, (3) desired sensor improvements which must be considered in planning an intrusion detection system, and (4) the site characteristics which affect the performance of both exterior and interior sensors. Techniques which have been developed to evaluate various intrusion detection sensors are also discussed

  15. Creating a two-layered augmented artificial immune system for application to computer network intrusion detection

    Judge, Matthew G.; Lamont, Gary B.

    2009-05-01

    Computer network security has become a very serious concern of commercial, industrial, and military organizations due to the increasing number of network threats such as outsider intrusions and insider covert activities. An important security element of course is network intrusion detection which is a difficult real world problem that has been addressed through many different solution attempts. Using an artificial immune system has been shown to be one of the most promising results. By enhancing jREMISA, a multi-objective evolutionary algorithm inspired artificial immune system, with a secondary defense layer; we produce improved accuracy of intrusion classification and a flexibility in responsiveness. This responsiveness can be leveraged to provide a much more powerful and accurate system, through the use of increased processing time and dedicated hardware which has the flexibility of being located out of band.

  16. Intrusion detection in cloud computing based attack patterns and risk assessment

    Ben Charhi Youssef

    2017-05-01

    Full Text Available This paper is an extension of work originally presented in SYSCO CONF.We extend our previous work by presenting the initial results of the implementation of intrusion detection based on risk assessment on cloud computing. The idea focuses on a novel approach for detecting cyber-attacks on the cloud environment by analyzing attacks pattern using risk assessment methodologies. The aim of our solution is to combine evidences obtained from Intrusion Detection Systems (IDS deployed in a cloud with risk assessment related to each attack pattern. Our approach presents a new qualitative solution for analyzing each symptom, indicator and vulnerability analyzing impact and likelihood of distributed and multi-steps attacks directed to cloud environments. The implementation of this approach will reduce the number of false alerts and will improve the performance of the IDS.

  17. Network Intrusion Forensic Analysis Using Intrusion Detection System

    Manish Kumar; Dr. M. Hanumanthappa; Dr. T.V. Suresh Kumar

    2011-01-01

    The need for computer intrusion forensics arises from the alarming increase in the number of computer crimes that are committed annually. After a computer system has been breached and an intrusion has been detected, there is a need for a computer forensics investigation to follow. Computer forensics is used to bring to justice, those responsible for conducting attacks on computer systems throughout the world. Because of this the law must be follow precisely when conducting a forensics investi...

  18. Data Mining for Intrusion Detection

    Singhal, Anoop; Jajodia, Sushil

    Data Mining Techniques have been successfully applied in many different fields including marketing, manufacturing, fraud detection and network management. Over the past years there is a lot of interest in security technologies such as intrusion detection, cryptography, authentication and firewalls. This chapter discusses the application of Data Mining techniques to computer security. Conclusions are drawn and directions for future research are suggested.

  19. Intrusion detection system elements

    Eaton, M.J.; Mangan, D.L.

    1980-09-01

    This report highlights elements required for an intrusion detection system and discusses problems which can be encountered in attempting to make the elements effective. Topics discussed include: sensors, both for exterior detection and interior detection; alarm assessment systems, with the discussion focused on video assessment; and alarm reporting systems, including alarm communication systems and dislay/console considerations. Guidance on careful planning and design of a new or to-be-improved system is presented

  20. Proposed Network Intrusion Detection System ‎Based on Fuzzy c Mean Algorithm in Cloud ‎Computing Environment

    Shawq Malik Mehibs

    2017-12-01

    Full Text Available Nowadays cloud computing had become is an integral part of IT industry, cloud computing provides Working environment allow a user of environmental to share data and resources over the internet. Where cloud computing its virtual grouping of resources offered over the internet, this lead to different matters related to the security and privacy in cloud computing. And therefore, create intrusion detection very important to detect outsider and insider intruders of cloud computing with high detection rate and low false positive alarm in the cloud environment. This work proposed network intrusion detection module using fuzzy c mean algorithm. The kdd99 dataset used for experiments .the proposed system characterized by a high detection rate with low false positive alarm

  1. A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems

    1999-06-01

    administrator whenever a system binary file (such as the ps, login , or ls program) is modified. Normal users have no legitimate reason to alter these files...development of EMERALD [46], which combines statistical anomaly detection from NIDES with signature verification. Specification-based intrusion detection...the creation of a single host that can act as many hosts. Daemons that provide network services—including telnetd, ftpd, and login — display banners

  2. NIST Special Publication on Intrusion Detection Systems

    Bace, Rebecca Gurley

    2001-01-01

    Intrusion detection systems (IDSs) are software or hardware systems that automate the process of monitoring the events occurring in a computer system or network, analyzing them for signs of security problems...

  3. Rapid deployment intrusion detection system

    Graham, R.H.

    1997-01-01

    A rapidly deployable security system is one that provides intrusion detection, assessment, communications, and annunciation capabilities; is easy to install and configure; can be rapidly deployed, and is reusable. A rapidly deployable intrusion detection system (RADIDS) has many potential applications within the DOE Complex: back-up protection for failed zones in a perimeter intrusion detection and assessment system, intrusion detection and assessment capabilities in temporary locations, protection of assets during Complex reconfiguration, and protection in hazardous locations, protection of assets during Complex reconfiguration, and protection in hazardous locations. Many DOE user-need documents have indicated an interest in a rapidly deployable intrusion detection system. The purpose of the RADIDS project is to design, develop, and implement such a system. 2 figs

  4. Autonomous Rule Creation for Intrusion Detection

    Todd Vollmer; Jim Alves-Foss; Milos Manic

    2011-04-01

    Many computational intelligence techniques for anomaly based network intrusion detection can be found in literature. Translating a newly discovered intrusion recognition criteria into a distributable rule can be a human intensive effort. This paper explores a multi-modal genetic algorithm solution for autonomous rule creation. This algorithm focuses on the process of creating rules once an intrusion has been identified, rather than the evolution of rules to provide a solution for intrusion detection. The algorithm was demonstrated on anomalous ICMP network packets (input) and Snort rules (output of the algorithm). Output rules were sorted according to a fitness value and any duplicates were removed. The experimental results on ten test cases demonstrated a 100 percent rule alert rate. Out of 33,804 test packets 3 produced false positives. Each test case produced a minimum of three rule variations that could be used as candidates for a production system.

  5. The state of the art in intrusion prevention and detection

    Pathan, Al-Sakib Khan

    2013-01-01

    The State of the Art in Intrusion Prevention and Detection analyzes the latest trends and issues surrounding intrusion detection systems in computer networks, especially in communications networks. Its broad scope of coverage includes wired, wireless, and mobile networks; next-generation converged networks; and intrusion in social networks.Presenting cutting-edge research, the book presents novel schemes for intrusion detection and prevention. It discusses tracing back mobile attackers, secure routing with intrusion prevention, anomaly detection, and AI-based techniques. It also includes infor

  6. Evidential reasoning research on intrusion detection

    Wang, Xianpei; Xu, Hua; Zheng, Sheng; Cheng, Anyu

    2003-09-01

    In this paper, we mainly aim at D-S theory of evidence and the network intrusion detection these two fields. It discusses the method how to apply this probable reasoning as an AI technology to the Intrusion Detection System (IDS). This paper establishes the application model, describes the new mechanism of reasoning and decision-making and analyses how to implement the model based on the synscan activities detection on the network. The results suggest that if only rational probability values were assigned at the beginning, the engine can, according to the rules of evidence combination and hierarchical reasoning, compute the values of belief and finally inform the administrators of the qualities of the traced activities -- intrusions, normal activities or abnormal activities.

  7. In-situ trainable intrusion detection system

    Symons, Christopher T.; Beaver, Justin M.; Gillen, Rob; Potok, Thomas E.

    2016-11-15

    A computer implemented method detects intrusions using a computer by analyzing network traffic. The method includes a semi-supervised learning module connected to a network node. The learning module uses labeled and unlabeled data to train a semi-supervised machine learning sensor. The method records events that include a feature set made up of unauthorized intrusions and benign computer requests. The method identifies at least some of the benign computer requests that occur during the recording of the events while treating the remainder of the data as unlabeled. The method trains the semi-supervised learning module at the network node in-situ, such that the semi-supervised learning modules may identify malicious traffic without relying on specific rules, signatures, or anomaly detection.

  8. Efficient Mining and Detection of Sequential Intrusion Patterns for Network Intrusion Detection Systems

    Shyu, Mei-Ling; Huang, Zifang; Luo, Hongli

    In recent years, pervasive computing infrastructures have greatly improved the interaction between human and system. As we put more reliance on these computing infrastructures, we also face threats of network intrusion and/or any new forms of undesirable IT-based activities. Hence, network security has become an extremely important issue, which is closely connected with homeland security, business transactions, and people's daily life. Accurate and efficient intrusion detection technologies are required to safeguard the network systems and the critical information transmitted in the network systems. In this chapter, a novel network intrusion detection framework for mining and detecting sequential intrusion patterns is proposed. The proposed framework consists of a Collateral Representative Subspace Projection Modeling (C-RSPM) component for supervised classification, and an inter-transactional association rule mining method based on Layer Divided Modeling (LDM) for temporal pattern analysis. Experiments on the KDD99 data set and the traffic data set generated by a private LAN testbed show promising results with high detection rates, low processing time, and low false alarm rates in mining and detecting sequential intrusion detections.

  9. When Intrusion Detection Meets Blockchain Technology: A Review

    Meng, Weizhi; Tischhauser, Elmar Wolfgang; Wang, Qingju; Wang, Yu; Han, Jinguang

    2018-01-01

    With the purpose of identifying cyber threats and possible incidents, intrusion detection systems (IDSs) are widely deployed in various computer networks. In order to enhance the detection capability of a single IDS, collaborative intrusion detection networks (or collaborative IDSs) have been developed, which allow IDS nodes to exchange data with each other. However, data and trust management still remain two challenges for current detection architectures, which may degrade the effectiveness ...

  10. How Intrusion Detection Can Improve Software Decoy Applications

    Monteiro, Valter

    2003-01-01

    This research concerns information security and computer-network defense. It addresses how to handle the information of log files and intrusion-detection systems to recognize when a system is under attack...

  11. Network Intrusion Detection through Stacking Dilated Convolutional Autoencoders

    Yang Yu

    2017-01-01

    Full Text Available Network intrusion detection is one of the most important parts for cyber security to protect computer systems against malicious attacks. With the emergence of numerous sophisticated and new attacks, however, network intrusion detection techniques are facing several significant challenges. The overall objective of this study is to learn useful feature representations automatically and efficiently from large amounts of unlabeled raw network traffic data by using deep learning approaches. We propose a novel network intrusion model by stacking dilated convolutional autoencoders and evaluate our method on two new intrusion detection datasets. Several experiments were carried out to check the effectiveness of our approach. The comparative experimental results demonstrate that the proposed model can achieve considerably high performance which meets the demand of high accuracy and adaptability of network intrusion detection systems (NIDSs. It is quite potential and promising to apply our model in the large-scale and real-world network environments.

  12. Quality-of-service sensitivity to bio-inspired/evolutionary computational methods for intrusion detection in wireless ad hoc multimedia sensor networks

    Hortos, William S.

    2012-06-01

    In the author's previous work, a cross-layer protocol approach to wireless sensor network (WSN) intrusion detection an identification is created with multiple bio-inspired/evolutionary computational methods applied to the functions of the protocol layers, a single method to each layer, to improve the intrusion-detection performance of the protocol over that of one method applied to only a single layer's functions. The WSN cross-layer protocol design embeds GAs, anti-phase synchronization, ACO, and a trust model based on quantized data reputation at the physical, MAC, network, and application layer, respectively. The construct neglects to assess the net effect of the combined bioinspired methods on the quality-of-service (QoS) performance for "normal" data streams, that is, streams without intrusions. Analytic expressions of throughput, delay, and jitter, coupled with simulation results for WSNs free of intrusion attacks, are the basis for sensitivity analyses of QoS metrics for normal traffic to the bio-inspired methods.

  13. Resilient Control and Intrusion Detection for SCADA Systems

    2014-05-01

    Lowe. The myths and facts behind cyber security risks for industrial control systems . VDE Congress, 2004. [45] I. S. C37.1-1994. Ieee standard...Resilient Control and Intrusion Detection for SCADA Systems Bonnie Xia Zhu Electrical Engineering and Computer Sciences University of California at...3. DATES COVERED 00-00-2014 to 00-00-2014 4. TITLE AND SUBTITLE Resilient Control and Intrusion Detection for SCADA Systems 5a. CONTRACT

  14. A Survey on Anomaly Based Host Intrusion Detection System

    Jose, Shijoe; Malathi, D.; Reddy, Bharath; Jayaseeli, Dorathi

    2018-04-01

    An intrusion detection system (IDS) is hardware, software or a combination of two, for monitoring network or system activities to detect malicious signs. In computer security, designing a robust intrusion detection system is one of the most fundamental and important problems. The primary function of system is detecting intrusion and gives alerts when user tries to intrusion on timely manner. In these techniques when IDS find out intrusion it will send alert massage to the system administrator. Anomaly detection is an important problem that has been researched within diverse research areas and application domains. This survey tries to provide a structured and comprehensive overview of the research on anomaly detection. From the existing anomaly detection techniques, each technique has relative strengths and weaknesses. The current state of the experiment practice in the field of anomaly-based intrusion detection is reviewed and survey recent studies in this. This survey provides a study of existing anomaly detection techniques, and how the techniques used in one area can be applied in another application domain.

  15. Revisiting Anomaly-based Network Intrusion Detection Systems

    Bolzoni, D.

    2009-01-01

    Intrusion detection systems (IDSs) are well-known and widely-deployed security tools to detect cyber-attacks and malicious activities in computer systems and networks. A signature-based IDS works similar to anti-virus software. It employs a signature database of known attacks, and a successful match

  16. Computationally Efficient Neural Network Intrusion Security Awareness

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  17. Network Intrusion Detection System using Apache Storm

    Muhammad Asif Manzoor

    2017-06-01

    Full Text Available Network security implements various strategies for the identification and prevention of security breaches. Network intrusion detection is a critical component of network management for security, quality of service and other purposes. These systems allow early detection of network intrusion and malicious activities; so that the Network Security infrastructure can react to mitigate these threats. Various systems are proposed to enhance the network security. We are proposing to use anomaly based network intrusion detection system in this work. Anomaly based intrusion detection system can identify the new network threats. We also propose to use Real-time Big Data Stream Processing Framework, Apache Storm, for the implementation of network intrusion detection system. Apache Storm can help to manage the network traffic which is generated at enormous speed and size and the network traffic speed and size is constantly increasing. We have used Support Vector Machine in this work. We use Knowledge Discovery and Data Mining 1999 (KDD’99 dataset to test and evaluate our proposed solution.

  18. Intrusion Detection amp Prevention Systems - Sourcefire Snort

    Rajesh Vuppala

    2015-08-01

    Full Text Available Information security is a challenging issue for all business organizations today amidst increasing cyber threats. While there are many alternative intrusion detection amp prevention systems available to choose from selecting the best solution to implement to detect amp prevent cyber-attacks is a difficult task. The best solution is of the one that gets the best reviews and suits the organizations needs amp budget. In this review paper we summarize various classes of intrusion detection and prevention systems compare features of alternative solutions and make recommendation for implementation of one as the best solution for business organization in Fiji.

  19. Intrusion Detection System In IoT

    Nygaard, Frederik

    2017-01-01

    Intrusion detection detects misbehaving nodes in a network. In Internet of Things(IoT), IPv6 Routing for Low-Power and Lossy Networks (RPL) is the standard routing protocol. In IoT, devices commonly have low energy, storage and memory, which is why the implemented intrusion algorithm in this thesis will try to minimize the usage of these resources. IDS for RPL-networks have been implemented before, but the use of resources or the number of packets sent was too high to be successful when findi...

  20. An Artificial Immune System-Inspired Multiobjective Evolutionary Algorithm with Application to the Detection of Distributed Computer Network Intrusions

    2007-03-01

    Optimization Coello, Van Veldhuizen , and Lamont define global optimization as, “the process of finding the global minimum4 within some search space S [CVL02...Technology, Shapes Markets, and Manages People, Simon & Schuster, New York, 1995. [CVL02] Coello, C., Van Veldhuizen , D., Lamont, G.B., Evolutionary...Anomaly Detection, Technical Report CS- 2003-02, Computer Science Department, Florida Institute of Technology, 2003. [Marmelstein99] Marmelstein, R., Van

  1. Extremely Lightweight Intrusion Detection (ELIDe)

    2013-12-01

    conventional computing platform (Dell Inspiron 15N laptop running Mint Maya as the operating system, dual-core Core i5 CPU, 8 GB RAM), Snort exhibited a peak...distribute network monitoring duties amongst the participants in the network with the goal of conserving the network’s overall computational demand

  2. AANtID: an alternative approach to network intrusion detection ...

    Journal of Computer Science and Its Application ... Security has become not just a feature of an information system, but the core and a necessity especially the systems that communicate and transmit data over the Internet for they are more ... Keywords: Intrusion, Genetic Algorithm, detection, Security, DARPA dataset ...

  3. Access Control from an Intrusion Detection Perspective

    Nunes Leal Franqueira, V.

    Access control and intrusion detection are essential components for securing an organization's information assets. In practice, these components are used in isolation, while their fusion would contribute to increase the range and accuracy of both. One approach to accomplish this fusion is the

  4. An Adaptive Database Intrusion Detection System

    Barrios, Rita M.

    2011-01-01

    Intrusion detection is difficult to accomplish when attempting to employ current methodologies when considering the database and the authorized entity. It is a common understanding that current methodologies focus on the network architecture rather than the database, which is not an adequate solution when considering the insider threat. Recent…

  5. Unconventional applications of conventional intrusion detection sensors

    Williams, J.D.; Matter, J.C.

    1983-01-01

    A number of conventional intrusion detection sensors exists for the detection of persons entering buildings, moving within a given volume, and crossing a perimeter isolation zone. Unconventional applications of some of these sensors have recently been investigated. Some of the applications which are discussed include detection on the edges and tops of buildings, detection in storm sewers, detection on steam and other types of large pipes, and detection of unauthorized movement within secure enclosures. The enclosures can be used around complicated control valves, electrical control panels, emergency generators, etc

  6. Railway clearance intrusion detection method with binocular stereo vision

    Zhou, Xingfang; Guo, Baoqing; Wei, Wei

    2018-03-01

    In the stage of railway construction and operation, objects intruding railway clearance greatly threaten the safety of railway operation. Real-time intrusion detection is of great importance. For the shortcomings of depth insensitive and shadow interference of single image method, an intrusion detection method with binocular stereo vision is proposed to reconstruct the 3D scene for locating the objects and judging clearance intrusion. The binocular cameras are calibrated with Zhang Zhengyou's method. In order to improve the 3D reconstruction speed, a suspicious region is firstly determined by background difference method of a single camera's image sequences. The image rectification, stereo matching and 3D reconstruction process are only executed when there is a suspicious region. A transformation matrix from Camera Coordinate System(CCS) to Track Coordinate System(TCS) is computed with gauge constant and used to transfer the 3D point clouds into the TCS, then the 3D point clouds are used to calculate the object position and intrusion in TCS. The experiments in railway scene show that the position precision is better than 10mm. It is an effective way for clearance intrusion detection and can satisfy the requirement of railway application.

  7. Multilayer Statistical Intrusion Detection in Wireless Networks

    Hamdi, Mohamed; Meddeb-Makhlouf, Amel; Boudriga, Noureddine

    2008-12-01

    The rapid proliferation of mobile applications and services has introduced new vulnerabilities that do not exist in fixed wired networks. Traditional security mechanisms, such as access control and encryption, turn out to be inefficient in modern wireless networks. Given the shortcomings of the protection mechanisms, an important research focuses in intrusion detection systems (IDSs). This paper proposes a multilayer statistical intrusion detection framework for wireless networks. The architecture is adequate to wireless networks because the underlying detection models rely on radio parameters and traffic models. Accurate correlation between radio and traffic anomalies allows enhancing the efficiency of the IDS. A radio signal fingerprinting technique based on the maximal overlap discrete wavelet transform (MODWT) is developed. Moreover, a geometric clustering algorithm is presented. Depending on the characteristics of the fingerprinting technique, the clustering algorithm permits to control the false positive and false negative rates. Finally, simulation experiments have been carried out to validate the proposed IDS.

  8. Apriori-based network intrusion detection system

    Wang Wenjin; Liu Junrong; Liu Baoxu

    2012-01-01

    With the development of network communication technology, more and more social activities run by Internet. In the meantime, the network information security is getting increasingly serious. Intrusion Detection System (IDS) has greatly improved the general security level of whole network. But there are still many problem exists in current IDS, e.g. high leak rate detection/false alarm rates and feature library need frequently upgrade. This paper presents an association-rule based IDS. This system can detect unknown attack by generate rules from training data. Experiment in last chapter proved the system has great accuracy on unknown attack detection. (authors)

  9. Research on IPv6 intrusion detection system Snort-based

    Shen, Zihao; Wang, Hui

    2010-07-01

    This paper introduces the common intrusion detection technologies, discusses the work flow of Snort intrusion detection system, and analyzes IPv6 data packet encapsulation and protocol decoding technology. We propose the expanding Snort architecture to support IPv6 intrusion detection in accordance with CIDF standard combined with protocol analysis technology and pattern matching technology, and present its composition. The research indicates that the expanding Snort system can effectively detect various intrusion attacks; it is high in detection efficiency and detection accuracy and reduces false alarm and omission report, which effectively solves the problem of IPv6 intrusion detection.

  10. Smart sensor systems for outdoor intrusion detection

    Lynn, J.K.

    1988-01-01

    A major improvement in outdoor perimeter security system probability of detection (PD) and reduction in false alarm rate (FAR) and nuisance alarm rate (NAR) may be obtained by analyzing the indications immediately preceding an event which might be interpreted as an intrusion. Existing systems go into alarm after crossing a threshold. Very slow changes, which accumulate until the threshold is reached, may be assessed falsely as an intrusion. A hierarchial program has begun at Stellar to develop a modular, expandable Smart Sensor system which may be interfaced to most types of sensor and alarm reporting systems. A major upgrade to the SSI Test Site is in progress so that intrusions may be simulated in a controlled and repeatable manner. A test platform is being constructed which will operate in conduction with a mobile instrumentation center with CCTVB, lighting control, weather and data monitoring and remote control of the test platform and intrusion simulators. Additional testing was contracted with an independent test facility to assess the effects of severe winter weather conditions

  11. Intrusion-Aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks

    Young-Jae Song

    2009-07-01

    Full Text Available Existing anomaly and intrusion detection schemes of wireless sensor networks have mainly focused on the detection of intrusions. Once the intrusion is detected, an alerts or claims will be generated. However, any unidentified malicious nodes in the network could send faulty anomaly and intrusion claims about the legitimate nodes to the other nodes. Verifying the validity of such claims is a critical and challenging issue that is not considered in the existing cooperative-based distributed anomaly and intrusion detection schemes of wireless sensor networks. In this paper, we propose a validation algorithm that addresses this problem. This algorithm utilizes the concept of intrusion-aware reliability that helps to provide adequate reliability at a modest communication cost. In this paper, we also provide a security resiliency analysis of the proposed intrusion-aware alert validation algorithm.

  12. Perimeter intrusion detection and assessment system

    Eaton, M.J.; Jacobs, J.; McGovern, D.E.

    1977-11-01

    To obtain an effective perimeter intrusion detection system requires careful sensor selection, procurement, and installation. The selection process involves a thorough understanding of the unique site features and how these features affect the performance of each type of sensor. It is necessary to develop procurement specifications to establish acceptable sensor performance limits. Careful explanation and inspection of critical installation dimensions is required during on-site construction. The implementation of these activities at a particular site is discussed

  13. Anomaly-based intrusion detection for SCADA systems

    Yang, D.; Usynin, A.; Hines, J. W.

    2006-01-01

    Most critical infrastructure such as chemical processing plants, electrical generation and distribution networks, and gas distribution is monitored and controlled by Supervisory Control and Data Acquisition Systems (SCADA. These systems have been the focus of increased security and there are concerns that they could be the target of international terrorists. With the constantly growing number of internet related computer attacks, there is evidence that our critical infrastructure may also be vulnerable. Researchers estimate that malicious online actions may cause $75 billion at 2007. One of the interesting countermeasures for enhancing information system security is called intrusion detection. This paper will briefly discuss the history of research in intrusion detection techniques and introduce the two basic detection approaches: signature detection and anomaly detection. Finally, it presents the application of techniques developed for monitoring critical process systems, such as nuclear power plants, to anomaly intrusion detection. The method uses an auto-associative kernel regression (AAKR) model coupled with the statistical probability ratio test (SPRT) and applied to a simulated SCADA system. The results show that these methods can be generally used to detect a variety of common attacks. (authors)

  14. A Partially Distributed Intrusion Detection System for Wireless Sensor Networks

    Eung Jun Cho

    2013-11-01

    Full Text Available The increasing use of wireless sensor networks, which normally comprise several very small sensor nodes, makes their security an increasingly important issue. They can be practically and efficiently secured using intrusion detection systems. Conventional security mechanisms are not usually applicable due to the sensor nodes having limitations of computational power, memory capacity, and battery power. Therefore, specific security systems should be designed to function under constraints of energy or memory. A partially distributed intrusion detection system with low memory and power demands is proposed here. It employs a Bloom filter, which allows reduced signature code size. Multiple Bloom filters can be combined to reduce the signature code for each Bloom filter array. The mechanism could then cope with potential denial of service attacks, unlike many previous detection systems with Bloom filters. The mechanism was evaluated and validated through analysis and simulation.

  15. Misuse and intrusion detection at Los Alamos National Laboratory

    Jackson, K.A.; Neuman, M.C.; Simmonds, D.D.; Stallings, C.A.; Thompson, J.L.; Christoph, G.G.

    1995-04-01

    An effective method for detecting computer misuse is the automatic auditing and analysis of on-line user activity. This activity is reflected in system audit records, in system vulnerability postures, and in other evidence found through active system testing. Since 1989 we have implemented a misuse and intrusion detection system at Los Alamos. This is the Network Anomaly Detection and Intrusion Reporter, or NADIR. NADIR currently audits a Kerberos distributed authentication system, file activity on a mass, storage system, and four Cray supercomputers that run the UNICOS operating system. NADIR summarizes user activity and system configuration in statistical profiles. It compares these profiles to expert rules that define security policy and improper or suspicious behavior. It reports suspicious behavior to security auditors and provides tools to aid in follow-up investigations, As NADIR is constantly evolving, this paper reports its development to date.

  16. AdaBoost-based algorithm for network intrusion detection.

    Hu, Weiming; Hu, Wei; Maybank, Steve

    2008-04-01

    Network intrusion detection aims at distinguishing the attacks on the Internet from normal use of the Internet. It is an indispensable part of the information security system. Due to the variety of network behaviors and the rapid development of attack fashions, it is necessary to develop fast machine-learning-based intrusion detection algorithms with high detection rates and low false-alarm rates. In this correspondence, we propose an intrusion detection algorithm based on the AdaBoost algorithm. In the algorithm, decision stumps are used as weak classifiers. The decision rules are provided for both categorical and continuous features. By combining the weak classifiers for continuous features and the weak classifiers for categorical features into a strong classifier, the relations between these two different types of features are handled naturally, without any forced conversions between continuous and categorical features. Adaptable initial weights and a simple strategy for avoiding overfitting are adopted to improve the performance of the algorithm. Experimental results show that our algorithm has low computational complexity and error rates, as compared with algorithms of higher computational complexity, as tested on the benchmark sample data.

  17. Neural Network Based Intrusion Detection System for Critical Infrastructures

    Todd Vollmer; Ondrej Linda; Milos Manic

    2009-07-01

    Resiliency and security in control systems such as SCADA and Nuclear plant’s in today’s world of hackers and malware are a relevant concern. Computer systems used within critical infrastructures to control physical functions are not immune to the threat of cyber attacks and may be potentially vulnerable. Tailoring an intrusion detection system to the specifics of critical infrastructures can significantly improve the security of such systems. The IDS-NNM – Intrusion Detection System using Neural Network based Modeling, is presented in this paper. The main contributions of this work are: 1) the use and analyses of real network data (data recorded from an existing critical infrastructure); 2) the development of a specific window based feature extraction technique; 3) the construction of training dataset using randomly generated intrusion vectors; 4) the use of a combination of two neural network learning algorithms – the Error-Back Propagation and Levenberg-Marquardt, for normal behavior modeling. The presented algorithm was evaluated on previously unseen network data. The IDS-NNM algorithm proved to be capable of capturing all intrusion attempts presented in the network communication while not generating any false alerts.

  18. Sensitive Data Protection Based on Intrusion Tolerance in Cloud Computing

    Jingyu Wang; xuefeng Zheng; Dengliang Luo

    2011-01-01

    Service integration and supply on-demand coming from cloud computing can significantly improve the utilization of computing resources and reduce power consumption of per service, and effectively avoid the error of computing resources. However, cloud computing is still facing the problem of intrusion tolerance of the cloud computing platform and sensitive data of new enterprise data center. In order to address the problem of intrusion tolerance of cloud computing platform and sensitive data in...

  19. Multi-User Low Intrusive Occupancy Detection.

    Pratama, Azkario Rizky; Widyawan, Widyawan; Lazovik, Alexander; Aiello, Marco

    2018-03-06

    Smart spaces are those that are aware of their state and can act accordingly. Among the central elements of such a state is the presence of humans and their number. For a smart office building, such information can be used for saving energy and safety purposes. While acquiring presence information is crucial, using sensing techniques that are highly intrusive, such as cameras, is often not acceptable for the building occupants. In this paper, we illustrate a proposal for occupancy detection which is low intrusive; it is based on equipment typically available in modern offices such as room-level power-metering and an app running on workers' mobile phones. For power metering, we collect the aggregated power consumption and disaggregate the load of each device. For the mobile phone, we use the Received Signal Strength (RSS) of BLE (Bluetooth Low Energy) nodes deployed around workspaces to localize the phone in a room. We test the system in our offices. The experiments show that sensor fusion of the two sensing modalities gives 87-90% accuracy, demonstrating the effectiveness of the proposed approach.

  20. Multi-User Low Intrusive Occupancy Detection

    Widyawan, Widyawan; Lazovik, Alexander

    2018-01-01

    Smart spaces are those that are aware of their state and can act accordingly. Among the central elements of such a state is the presence of humans and their number. For a smart office building, such information can be used for saving energy and safety purposes. While acquiring presence information is crucial, using sensing techniques that are highly intrusive, such as cameras, is often not acceptable for the building occupants. In this paper, we illustrate a proposal for occupancy detection which is low intrusive; it is based on equipment typically available in modern offices such as room-level power-metering and an app running on workers’ mobile phones. For power metering, we collect the aggregated power consumption and disaggregate the load of each device. For the mobile phone, we use the Received Signal Strength (RSS) of BLE (Bluetooth Low Energy) nodes deployed around workspaces to localize the phone in a room. We test the system in our offices. The experiments show that sensor fusion of the two sensing modalities gives 87–90% accuracy, demonstrating the effectiveness of the proposed approach. PMID:29509693

  1. Multi-User Low Intrusive Occupancy Detection

    Azkario Rizky Pratama

    2018-03-01

    Full Text Available Smart spaces are those that are aware of their state and can act accordingly. Among the central elements of such a state is the presence of humans and their number. For a smart office building, such information can be used for saving energy and safety purposes. While acquiring presence information is crucial, using sensing techniques that are highly intrusive, such as cameras, is often not acceptable for the building occupants. In this paper, we illustrate a proposal for occupancy detection which is low intrusive; it is based on equipment typically available in modern offices such as room-level power-metering and an app running on workers’ mobile phones. For power metering, we collect the aggregated power consumption and disaggregate the load of each device. For the mobile phone, we use the Received Signal Strength (RSS of BLE (Bluetooth Low Energy nodes deployed around workspaces to localize the phone in a room. We test the system in our offices. The experiments show that sensor fusion of the two sensing modalities gives 87–90% accuracy, demonstrating the effectiveness of the proposed approach.

  2. Abstracting audit data for lightweight intrusion detection

    Wang, Wei

    2010-01-01

    High speed of processing massive audit data is crucial for an anomaly Intrusion Detection System (IDS) to achieve real-time performance during the detection. Abstracting audit data is a potential solution to improve the efficiency of data processing. In this work, we propose two strategies of data abstraction in order to build a lightweight detection model. The first strategy is exemplar extraction and the second is attribute abstraction. Two clustering algorithms, Affinity Propagation (AP) as well as traditional k-means, are employed to extract the exemplars, and Principal Component Analysis (PCA) is employed to abstract important attributes (a.k.a. features) from the audit data. Real HTTP traffic data collected in our institute as well as KDD 1999 data are used to validate the two strategies of data abstraction. The extensive test results show that the process of exemplar extraction significantly improves the detection efficiency and has a better detection performance than PCA in data abstraction. © 2010 Springer-Verlag.

  3. An intrusion detection system based on fiber hydrophone

    Liu, Junrong; Qiu, Xiufen; Shen, Heping

    2017-10-01

    This paper provides a new intrusion detection system based on fiber hydrophone, focusing beam forming figure positioning according to the near field and high precision sound source location algorithm which can accurately position the intrusion; obtaining its behavior path , obtaining the intrusion events related information such as speed form tracking intrusion trace; And analyze identification the detected intrusion behavior. If the monitor area is larger, the algorithm will take too much time once, and influence the system response time, for reduce the calculating time. This paper provides way that coarse location first, and then scanned for accuracy, so as to realize the intrusion events (such as car, etc.) the remote monitoring of positioning. The system makes up the blank in process capture of the fiber optic intrusion detection technology, and improves the understanding of the invasion. Through the capture of the process of intrusion behavior, and the fusion detection of intrusion behavior itself, thus analysis, judgment, identification of the intrusion information can greatly reduce the rate of false positives, greatly improved the reliability and practicability of the perimeter security system.

  4. Effective approach toward Intrusion Detection System using data mining techniques

    G.V. Nadiammai

    2014-03-01

    Full Text Available With the tremendous growth of the usage of computers over network and development in application running on various platform captures the attention toward network security. This paradigm exploits security vulnerabilities on all computer systems that are technically difficult and expensive to solve. Hence intrusion is used as a key to compromise the integrity, availability and confidentiality of a computer resource. The Intrusion Detection System (IDS plays a vital role in detecting anomalies and attacks in the network. In this work, data mining concept is integrated with an IDS to identify the relevant, hidden data of interest for the user effectively and with less execution time. Four issues such as Classification of Data, High Level of Human Interaction, Lack of Labeled Data, and Effectiveness of Distributed Denial of Service Attack are being solved using the proposed algorithms like EDADT algorithm, Hybrid IDS model, Semi-Supervised Approach and Varying HOPERAA Algorithm respectively. Our proposed algorithm has been tested using KDD Cup dataset. All the proposed algorithm shows better accuracy and reduced false alarm rate when compared with existing algorithms.

  5. Intrusion detection system using Online Sequence Extreme Learning Machine (OS-ELM) in advanced metering infrastructure of smart grid.

    Li, Yuancheng; Qiu, Rixuan; Jing, Sitong

    2018-01-01

    Advanced Metering Infrastructure (AMI) realizes a two-way communication of electricity data through by interconnecting with a computer network as the core component of the smart grid. Meanwhile, it brings many new security threats and the traditional intrusion detection method can't satisfy the security requirements of AMI. In this paper, an intrusion detection system based on Online Sequence Extreme Learning Machine (OS-ELM) is established, which is used to detecting the attack in AMI and carrying out the comparative analysis with other algorithms. Simulation results show that, compared with other intrusion detection methods, intrusion detection method based on OS-ELM is more superior in detection speed and accuracy.

  6. Security Enrichment in Intrusion Detection System Using Classifier Ensemble

    Uma R. Salunkhe

    2017-01-01

    Full Text Available In the era of Internet and with increasing number of people as its end users, a large number of attack categories are introduced daily. Hence, effective detection of various attacks with the help of Intrusion Detection Systems is an emerging trend in research these days. Existing studies show effectiveness of machine learning approaches in handling Intrusion Detection Systems. In this work, we aim to enhance detection rate of Intrusion Detection System by using machine learning technique. We propose a novel classifier ensemble based IDS that is constructed using hybrid approach which combines data level and feature level approach. Classifier ensembles combine the opinions of different experts and improve the intrusion detection rate. Experimental results show the improved detection rates of our system compared to reference technique.

  7. An evaluation of classification algorithms for intrusion detection ...

    An evaluation of classification algorithms for intrusion detection. ... Log in or Register to get access to full text downloads. ... Most of the available IDSs use all the 41 features in the network to evaluate and search for intrusive pattern in which ...

  8. A Frequency-Based Approach to Intrusion Detection

    Mian Zhou

    2004-06-01

    Full Text Available Research on network security and intrusion detection strategies presents many challenging issues to both theoreticians and practitioners. Hackers apply an array of intrusion and exploit techniques to cause disruption of normal system operations, but on the defense, firewalls and intrusion detection systems (IDS are typically only effective in defending known intrusion types using their signatures, and are far less than mature when faced with novel attacks. In this paper, we adapt the frequency analysis techniques such as the Discrete Fourier Transform (DFT used in signal processing to the design of intrusion detection algorithms. We demonstrate the effectiveness of the frequency-based detection strategy by running synthetic network intrusion data in simulated networks using the OPNET software. The simulation results indicate that the proposed intrusion detection strategy is effective in detecting anomalous traffic data that exhibit patterns over time, which include several types of DOS and probe attacks. The significance of this new strategy is that it does not depend on the prior knowledge of attack signatures, thus it has the potential to be a useful supplement to existing signature-based IDS and firewalls.

  9. Intrusion detection in wireless ad-hoc networks

    Chaki, Nabendu

    2014-01-01

    Presenting cutting-edge research, Intrusion Detection in Wireless Ad-Hoc Networks explores the security aspects of the basic categories of wireless ad-hoc networks and related application areas. Focusing on intrusion detection systems (IDSs), it explains how to establish security solutions for the range of wireless networks, including mobile ad-hoc networks, hybrid wireless networks, and sensor networks.This edited volume reviews and analyzes state-of-the-art IDSs for various wireless ad-hoc networks. It includes case studies on honesty-based intrusion detection systems, cluster oriented-based

  10. Typed Linear Chain Conditional Random Fields and Their Application to Intrusion Detection

    Elfers, Carsten; Horstmann, Mirko; Sohr, Karsten; Herzog, Otthein

    Intrusion detection in computer networks faces the problem of a large number of both false alarms and unrecognized attacks. To improve the precision of detection, various machine learning techniques have been proposed. However, one critical issue is that the amount of reference data that contains serious intrusions is very sparse. In this paper we present an inference process with linear chain conditional random fields that aims to solve this problem by using domain knowledge about the alerts of different intrusion sensors represented in an ontology.

  11. Unique Challenges in WiFi Intrusion Detection

    Milliken, Jonny

    2014-01-01

    The Intrusion Detection System (IDS) is a common means of protecting networked systems from attack or malicious misuse. The deployment of an IDS can take many different forms dependent on protocols, usage and cost. This is particularly true of Wireless Intrusion Detection Systems (WIDS) which have many detection challenges associated with data transmission through an open, shared medium, facilitated by fundamental changes at the Physical and MAC layers. WIDS need to be considered in more deta...

  12. Fusion of Heterogeneous Intrusion Detection Systems for Network Attack Detection

    Jayakumar Kaliappan

    2015-01-01

    Full Text Available An intrusion detection system (IDS helps to identify different types of attacks in general, and the detection rate will be higher for some specific category of attacks. This paper is designed on the idea that each IDS is efficient in detecting a specific type of attack. In proposed Multiple IDS Unit (MIU, there are five IDS units, and each IDS follows a unique algorithm to detect attacks. The feature selection is done with the help of genetic algorithm. The selected features of the input traffic are passed on to the MIU for processing. The decision from each IDS is termed as local decision. The fusion unit inside the MIU processes all the local decisions with the help of majority voting rule and makes the final decision. The proposed system shows a very good improvement in detection rate and reduces the false alarm rate.

  13. Ensemble of classifiers based network intrusion detection system performance bound

    Mkuzangwe, Nenekazi NP

    2017-11-01

    Full Text Available This paper provides a performance bound of a network intrusion detection system (NIDS) that uses an ensemble of classifiers. Currently researchers rely on implementing the ensemble of classifiers based NIDS before they can determine the performance...

  14. Implementing an Intrusion Detection System in the Mysea Architecture

    Tenhunen, Thomas

    2008-01-01

    .... The objective of this thesis is to design an intrusion detection system (IDS) architecture that permits administrators operating on MYSEA client machines to conveniently view and analyze IDS alerts from the single level networks...

  15. Ant colony induced decision trees for intrusion detection

    Botes, FH

    2017-06-01

    Full Text Available platform. Intrusion Detection Systems (IDS) analyse network traffic to identify suspicious patterns with the intention to compromise the system. Practitioners train classifiers to classify the data within different categories e.g. malicious or normal...

  16. Multisensor Fusion for Intrusion Detection and Situational Awareness

    Hallstensen, Christoffer V

    2017-01-01

    Cybercrime damage costs the world several trillion dollars annually. And al-though technical solutions to protect organizations from hackers are being con-tinuously developed, criminals learn fast to circumvent them. The question is,therefore, how to create leverage to protect an organization by improving in-trusion detection and situational awareness? This thesis seeks to contribute tothe prior art in intrusion detection and situational awareness by using a multi-sensor data fusion...

  17. Stochastic Tools for Network Intrusion Detection

    Yu, Lu; Brooks, Richard R.

    2017-01-01

    With the rapid development of Internet and the sharp increase of network crime, network security has become very important and received a lot of attention. We model security issues as stochastic systems. This allows us to find weaknesses in existing security systems and propose new solutions. Exploring the vulnerabilities of existing security tools can prevent cyber-attacks from taking advantages of the system weaknesses. We propose a hybrid network security scheme including intrusion detecti...

  18. A survey of intrusion detection techniques in Cloud

    Modi, C.; Patel, D.; Patel, H.; Borisaniya, B.; Patel, A.; Rajarajan, M.

    2013-01-01

    Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and...

  19. Correlating intrusion detection alerts on bot malware infections using neural network

    Kidmose, Egon; Stevanovic, Matija; Pedersen, Jens Myrup

    2016-01-01

    Millions of computers are infected with bot malware, form botnets and enable botmaster to perform malicious and criminal activities. Intrusion Detection Systems are deployed to detect infections, but they raise many correlated alerts for each infection, requiring a large manual investigation effort...

  20. When Intrusion Detection Meets Blockchain Technology: A Review

    Meng, Weizhi; Tischhauser, Elmar Wolfgang; Wang, Qingju

    2018-01-01

    developed, which allow IDS nodes to exchange data with each other. However, data and trust management still remain two challenges for current detection architectures, which may degrade the effectiveness of such detection systems. In recent years, blockchain technology has shown its adaptability in many...... fields such as supply chain management, international payment, interbanking and so on. As blockchain can protect the integrity of data storage and ensure process transparency, it has a potential to be applied to intrusion detection domain. Motivated by this, this work provides a review regarding...... the intersection of IDSs and blockchains. In particular, we introduce the background of intrusion detection and blockchain, discuss the applicability of blockchain to intrusion detection, and identify open challenges in this direction....

  1. Provide a model to improve the performance of intrusion detection systems in the cloud

    Foroogh Sedighi

    2016-01-01

    High availability of tools and service providers in cloud computing and the fact that cloud computing services are provided by internet and deal with public, have caused important challenges for new computing model. Cloud computing faces problems and challenges such as user privacy, data security, data ownership, availability of services, and recovery after breaking down, performance, scalability, programmability. So far, many different methods are presented for detection of intrusion in clou...

  2. Approaches in anomaly-based network intrusion detection systems

    Bolzoni, D.; Etalle, S.; Di Pietro, R.; Mancini, L.V.

    2008-01-01

    Anomaly-based network intrusion detection systems (NIDSs) can take into consideration packet headers, the payload, or a combination of both. We argue that payload-based approaches are becoming the most effective methods to detect attacks. Nowadays, attacks aim mainly to exploit vulnerabilities at

  3. On Emulation-Based Network Intrusion Detection Systems

    Abbasi, Ali; Wetzel, Jos; Bokslag, Wouter; Zambon, Emmanuele; Etalle, Sandro

    2014-01-01

    Emulation-based network intrusion detection systems have been devised to detect the presence of shellcode in network traffic by trying to execute (portions of) the network packet payloads in an in- strumented environment and checking the execution traces for signs of shellcode activity.

  4. On emulation-based network intrusion detection systems

    Abbasi, A.; Wetzels, J.; Bokslag, W.; Zambon, E.; Etalle, S.; Stavrou, A.; Bos, H.; Portokalidis, G.

    2014-01-01

    Emulation-based network intrusion detection systems have been devised to detect the presence of shellcode in network traffic by trying to execute (portions of) the network packet payloads in an instrumented environment and checking the execution traces for signs of shellcode activity.

  5. Boosting Web Intrusion Detection Systems by Inferring Positive Signatures

    Bolzoni, D.; Etalle, Sandro

    2008-01-01

    We present a new approach to anomaly-based network intrusion detection for web applications. This approach is based on dividing the input parameters of the monitored web application in two groups: the "regular" and the "irregular" ones, and applying a new method for anomaly detection on the

  6. Approaches in Anomaly-based Network Intrusion Detection Systems

    Bolzoni, D.; Etalle, Sandro

    Anomaly-based network intrusion detection systems (NIDSs) can take into consideration packet headers, the payload, or a combination of both. We argue that payload-based approaches are becoming the most effective methods to detect attacks. Nowadays, attacks aim mainly to exploit vulnerabilities at

  7. Data Fusion for Network Intrusion Detection: A Review

    Guoquan Li

    2018-01-01

    Full Text Available Rapid progress of networking technologies leads to an exponential growth in the number of unauthorized or malicious network actions. As a component of defense-in-depth, Network Intrusion Detection System (NIDS has been expected to detect malicious behaviors. Currently, NIDSs are implemented by various classification techniques, but these techniques are not advanced enough to accurately detect complex or synthetic attacks, especially in the situation of facing massive high-dimensional data. Besides, the inherent defects of NIDSs, namely, high false alarm rate and low detection rate, have not been effectively solved. In order to solve these problems, data fusion (DF has been applied into network intrusion detection and has achieved good results. However, the literature still lacks thorough analysis and evaluation on data fusion techniques in the field of intrusion detection. Therefore, it is necessary to conduct a comprehensive review on them. In this article, we focus on DF techniques for network intrusion detection and propose a specific definition to describe it. We review the recent advances of DF techniques and propose a series of criteria to compare their performance. Finally, based on the results of the literature review, a number of open issues and future research directions are proposed at the end of this work.

  8. A subtractive approach to interior intrusion detection system design

    Sons, R.J.; Graham, R.H. Jr.

    1986-01-01

    This paper discusses the subtractive approach to interior intrusion detection system design which assumes that all sensors are viable candidates until they are subjected to the constraints imposed by a particular facility. The constraints are determined by a sequence of questions concerning parameters such as threat definition, facility description and operation, environment, assets to be protected, security system capabilities, and cost. As a result of the questioning, some sensors will be eliminated from the candidate list, and the ''best'' set of sensors for the facility will remain. This form of questioning could be incorporated into an expert system aiding future intrusion detection system designs

  9. Power-Aware Intrusion Detection in Mobile Ad Hoc Networks

    Şen, Sevil; Clark, John A.; Tapiador, Juan E.

    Mobile ad hoc networks (MANETs) are a highly promising new form of networking. However they are more vulnerable to attacks than wired networks. In addition, conventional intrusion detection systems (IDS) are ineffective and inefficient for highly dynamic and resource-constrained environments. Achieving an effective operational MANET requires tradeoffs to be made between functional and non-functional criteria. In this paper we show how Genetic Programming (GP) together with a Multi-Objective Evolutionary Algorithm (MOEA) can be used to synthesise intrusion detection programs that make optimal tradeoffs between security criteria and the power they consume.

  10. Wireless sensing without sensors—an experimental study of motion/intrusion detection using RF irregularity

    Lee, Pius W Q; Tan, Hwee-Pink; Seah, Winston K G; Yao, Zexi

    2010-01-01

    Motion and intrusion detection are often cited as wireless sensor network (WSN) applications with typical configurations comprising clusters of wireless nodes equipped with motion sensors to detect human motion. Currently, WSN performance is subjected to several constraints, namely radio irregularity and finite on-board computation/energy resources. Radio irregularity in radio frequency (RF) propagation rises to a higher level in the presence of human activity due to the absorption effect of the human body. In this paper, we investigate the feasibility of monitoring RF transmission for the purpose of intrusion detection through experimentation. With empirical data obtained from the Crossbow TelosB platform in several different environments, the impact of human activity on the signal strength of RF signals in a WSN is evaluated. We then propose a novel approach to intrusion detection by turning a constraint in WSN, namely radio irregularity, into an advantage for the purpose of intrusion detection, using signal fluctuations to detect the presence of human activity within the WSN. Unlike RF fingerprinting, the 'intruders' here neither transmit nor receive any RF signals. By enabling existing wireless infrastructures to serve as intrusion detectors instead of deploying numerous costly sensors, this approach shows great promise for providing novel solutions

  11. Alerts Visualization and Clustering in Network-based Intrusion Detection

    Yang, Dr. Li [University of Tennessee; Gasior, Wade C [ORNL; Dasireddy, Swetha [University of Tennessee

    2010-04-01

    Today's Intrusion detection systems when deployed on a busy network overload the network with huge number of alerts. This behavior of producing too much raw information makes it less effective. We propose a system which takes both raw data and Snort alerts to visualize and analyze possible intrusions in a network. Then we present with two models for the visualization of clustered alerts. Our first model gives the network administrator with the logical topology of the network and detailed information of each node that involves its associated alerts and connections. In the second model, flocking model, presents the network administrator with the visual representation of IDS data in which each alert is represented in different color and the alerts with maximum similarity move together. This gives network administrator with the idea of detecting various of intrusions through visualizing the alert patterns.

  12. Abstracting audit data for lightweight intrusion detection

    Wang, Wei; Zhang, Xiangliang; Pitsilis, Georgios

    2010-01-01

    are used to validate the two strategies of data abstraction. The extensive test results show that the process of exemplar extraction significantly improves the detection efficiency and has a better detection performance than PCA in data abstraction. © 2010

  13. A Comparative Study of Data Mining Algorithms for High Detection Rate in Intrusion Detection System

    Nabeela Ashraf

    2018-01-01

    Full Text Available Due to the fast growth and tradition of the internet over the last decades, the network security problems are increasing vigorously. Humans can not handle the speed of processes and the huge amount of data required to handle network anomalies. Therefore, it needs substantial automation in both speed and accuracy. Intrusion Detection System is one of the approaches to recognize illegal access and rare attacks to secure networks. In this proposed paper, Naive Bayes, J48 and Random Forest classifiers are compared to compute the detection rate and accuracy of IDS. For experiments, the KDD_NSL dataset is used.

  14. Capability for intrusion detection at nuclear fuel sites

    1978-03-01

    A safeguards vulnerability assessment was conducted at three separate licensed nuclear processing facilities. Emphasis was placed on: (1) performance of the total intrusion detection system, and (2) vulnerability of the system to compromise by insiders. The security guards were interviewed to evaluate their effectiveness in executing their duties in accordance with the plant's security plan and to assess their knowledge regarding the operation of the security equipment. A review of the training schedule showed that the guards, along with the other plant employees, are required to periodically attend in-plant training sessions. The vulnerability assessments continued with interviews of the personnel responsible for maintaining the security equipment, with discussions of detector false alarm and maintenance problems. The second part of the vulnerability assessments was to evaluate the effectiveness of the intrusion detection systems including the interior and the perimeter sensors, CCTV surveillance devices and the exterior lighting. Two types of perimeter detectors are used at the sites, a fence disturbance sensor and an infrared barrier type detector. Infrared barrier type detectors have a higher probability of detection, especially in conjunction with dedicated CCTV cameras. The exterior lights satisfy the 0.2 footcandle illumination requirement. The interior intrusion detection systems included ultrasonic motion detectors, microwave motion detectors,balanced magnetic switches, and CCTV cameras. Entrance doors to the materials access areas and vital areas are protected with balanced magnetic switches. The interior intrusion detection systems at the three nuclear processing sites are considered satisfactory with the exception of the areas protected with ultrasonic motion detectors

  15. A Fusion of Multiagent Functionalities for Effective Intrusion Detection System

    Dhanalakshmi Krishnan Sadhasivan; Kannapiran Balasubramanian

    2017-01-01

    Provision of high security is one of the active research areas in the network applications. The failure in the centralized system based on the attacks provides less protection. Besides, the lack of update of new attacks arrival leads to the minimum accuracy of detection. The major focus of this paper is to improve the detection performance through the adaptive update of attacking information to the database. We propose an Adaptive Rule-Based Multiagent Intrusion Detection System (ARMA-IDS) to...

  16. A Labeled Data Set For Flow-based Intrusion Detection

    Sperotto, Anna; Sadre, R.; van Vliet, Frank; Pras, Aiko; Nunzi, Giorgio; Scoglio, Caterina; Li, Xing

    2009-01-01

    Flow-based intrusion detection has recently become a promising security mechanism in high speed networks (1-10 Gbps). Despite the richness in contributions in this field, benchmarking of flow-based IDS is still an open issue. In this paper, we propose the first publicly available, labeled data set

  17. State of the Practice of Intrusion Detection Technologies

    2000-01-01

    functions, procedures, and scripts, an Oracle database structure, Borne shell scripts, and configuration files which together communicate with ASIM Sensor...34Plugging the Holes in eCommerce Leads to 135% Growth in the Intrusion Detection and Vulnerability Assessment Software Market," PRNewswire. August

  18. Data mining approach to web application intrusions detection

    Kalicki, Arkadiusz

    2011-10-01

    Web applications became most popular medium in the Internet. Popularity, easiness of web application script languages and frameworks together with careless development results in high number of web application vulnerabilities and high number of attacks performed. There are several types of attacks possible because of improper input validation: SQL injection Cross-site scripting, Cross-Site Request Forgery (CSRF), web spam in blogs and others. In order to secure web applications intrusion detection (IDS) and intrusion prevention systems (IPS) are being used. Intrusion detection systems are divided in two groups: misuse detection (traditional IDS) and anomaly detection. This paper presents data mining based algorithm for anomaly detection. The principle of this method is the comparison of the incoming HTTP traffic with a previously built profile that contains a representation of the "normal" or expected web application usage sequence patterns. The frequent sequence patterns are found with GSP algorithm. Previously presented detection method was rewritten and improved. Some tests show that the software catches malicious requests, especially long attack sequences, results quite good with medium length sequences, for short length sequences must be complemented with other methods.

  19. Anomaly-based Network Intrusion Detection Methods

    Pavel Nevlud

    2013-01-01

    Full Text Available The article deals with detection of network anomalies. Network anomalies include everything that is quite different from the normal operation. For detection of anomalies were used machine learning systems. Machine learning can be considered as a support or a limited type of artificial intelligence. A machine learning system usually starts with some knowledge and a corresponding knowledge organization so that it can interpret, analyse, and test the knowledge acquired. There are several machine learning techniques available. We tested Decision tree learning and Bayesian networks. The open source data-mining framework WEKA was the tool we used for testing the classify, cluster, association algorithms and for visualization of our results. The WEKA is a collection of machine learning algorithms for data mining tasks.

  20. Intrusion Detection Systems with Live Knowledge System

    2016-05-31

    people try to reveal sensitive information of Internet users, also called as phishing. Phishing detection has received great attention but there has...node. Figure 3 describes the result of modified nodes from the original RDR rule tree. Red- coloured ‘X’ sign represents the stopping rule, and the...green- coloured boxes describe the refined rule. However, when human knowledge is applied to those incorrectly classified data, not all of the

  1. Intrusion detection and monitoring for wireless networks.

    Thomas, Eric D.; Van Randwyk, Jamie A.; Lee, Erik J.; Stephano, Amanda (Indiana University); Tabriz, Parisa (University of Illinois at Urbana-Champaign); Pelon, Kristen (Cedarville University); McCoy, Damon (University of Colorado, Boulder); Lodato, Mark (Lafayette College); Hemingway, Franklin (University of New Mexico); Custer, Ryan P.; Averin, Dimitry (Polytechnic University); Franklin, Jason (Carnegie Mellon University); Kilman, Dominique Marie

    2005-11-01

    Wireless computer networks are increasing exponentially around the world. They are being implemented in both the unlicensed radio frequency (RF) spectrum (IEEE 802.11a/b/g) and the licensed spectrum (e.g., Firetide [1] and Motorola Canopy [2]). Wireless networks operating in the unlicensed spectrum are by far the most popular wireless computer networks in existence. The open (i.e., proprietary) nature of the IEEE 802.11 protocols and the availability of ''free'' RF spectrum have encouraged many producers of enterprise and common off-the-shelf (COTS) computer networking equipment to jump into the wireless arena. Competition between these companies has driven down the price of 802.11 wireless networking equipment and has improved user experiences with such equipment. The end result has been an increased adoption of the equipment by businesses and consumers, the establishment of the Wi-Fi Alliance [3], and widespread use of the Alliance's ''Wi-Fi'' moniker to describe these networks. Consumers use 802.11 equipment at home to reduce the burden of running wires in existing construction, facilitate the sharing of broadband Internet services with roommates or neighbors, and increase their range of ''connectedness''. Private businesses and government entities (at all levels) are deploying wireless networks to reduce wiring costs, increase employee mobility, enable non-employees to access the Internet, and create an added revenue stream to their existing business models (coffee houses, airports, hotels, etc.). Municipalities (Philadelphia; San Francisco; Grand Haven, MI) are deploying wireless networks so they can bring broadband Internet access to places lacking such access; offer limited-speed broadband access to impoverished communities; offer broadband in places, such as marinas and state parks, that are passed over by traditional broadband providers; and provide themselves with higher quality, more

  2. Intrusion detection system using Online Sequence Extreme Learning Machine (OS-ELM in advanced metering infrastructure of smart grid.

    Yuancheng Li

    Full Text Available Advanced Metering Infrastructure (AMI realizes a two-way communication of electricity data through by interconnecting with a computer network as the core component of the smart grid. Meanwhile, it brings many new security threats and the traditional intrusion detection method can't satisfy the security requirements of AMI. In this paper, an intrusion detection system based on Online Sequence Extreme Learning Machine (OS-ELM is established, which is used to detecting the attack in AMI and carrying out the comparative analysis with other algorithms. Simulation results show that, compared with other intrusion detection methods, intrusion detection method based on OS-ELM is more superior in detection speed and accuracy.

  3. An Automata Based Intrusion Detection Method for Internet of Things

    Yulong Fu

    2017-01-01

    Full Text Available Internet of Things (IoT transforms network communication to Machine-to-Machine (M2M basis and provides open access and new services to citizens and companies. It extends the border of Internet and will be developed as one part of the future 5G networks. However, as the resources of IoT’s front devices are constrained, many security mechanisms are hard to be implemented to protect the IoT networks. Intrusion detection system (IDS is an efficient technique that can be used to detect the attackers when cryptography is broken, and it can be used to enforce the security of IoT networks. In this article, we analyzed the intrusion detection requirements of IoT networks and then proposed a uniform intrusion detection method for the vast heterogeneous IoT networks based on an automata model. The proposed method can detect and report the possible IoT attacks with three types: jam-attack, false-attack, and reply-attack automatically. We also design an experiment to verify the proposed IDS method and examine the attack of RADIUS application.

  4. Attack Pattern Analysis Framework for a Multiagent Intrusion Detection System

    Krzysztof Juszczyszyn

    2008-08-01

    Full Text Available The paper proposes the use of attack pattern ontology and formal framework for network traffic anomalies detection within a distributed multi-agent Intrusion Detection System architecture. Our framework assumes ontology-based attack definition and distributed processing scheme with exchange of communicates between agents. The role of traffic anomalies detection was presented then it has been discussed how some specific values characterizing network communication can be used to detect network anomalies caused by security incidents (worm attack, virus spreading. Finally, it has been defined how to use the proposed techniques in distributed IDS using attack pattern ontology.

  5. Use of behavioral biometrics in intrusion detection and online gaming

    Yampolskiy, Roman V.; Govindaraju, Venu

    2006-04-01

    Behavior based intrusion detection is a frequently used approach for insuring network security. We expend behavior based intrusion detection approach to a new domain of game networks. Specifically, our research shows that a unique behavioral biometric can be generated based on the strategy used by an individual to play a game. We wrote software capable of automatically extracting behavioral profiles for each player in a game of Poker. Once a behavioral signature is generated for a player, it is continuously compared against player's current actions. Any significant deviations in behavior are reported to the game server administrator as potential security breaches. Our algorithm addresses a well-known problem of user verification and can be re-applied to the fields beyond game networks, such as operating systems and non-game networks security.

  6. Hybrid Intrusion Detection System for DDoS Attacks

    Özge Cepheli

    2016-01-01

    Full Text Available Distributed denial-of-service (DDoS attacks are one of the major threats and possibly the hardest security problem for today’s Internet. In this paper we propose a hybrid detection system, referred to as hybrid intrusion detection system (H-IDS, for detection of DDoS attacks. Our proposed detection system makes use of both anomaly-based and signature-based detection methods separately but in an integrated fashion and combines the outcomes of both detectors to enhance the overall detection accuracy. We apply two distinct datasets to our proposed system in order to test the detection performance of H-IDS and conclude that the proposed hybrid system gives better results than the systems based on nonhybrid detection.

  7. Coplanar capacitance sensors for detecting water intrusion in composite structures

    Nassr, Amr A; El-Dakhakhni, Wael W; Ahmed, Wael H

    2008-01-01

    Composite materials are becoming more affordable and widely used for retrofitting, rehabilitating and repairing reinforced concrete structures designed and constructed under older specifications. However, the mechanical properties and long-term durability of composite materials may degrade severely in the presence of water intrusion. This study presents a new non-destructive evaluation (NDE) technique for detecting the water intrusion in composite structures by evaluating the dielectric properties of different composite system constituent materials. The variation in the dielectric signatures was employed to design a coplanar capacitance sensor with high sensitivity to detect such defects. An analytical model was used to study the effect of the sensor geometry on the output signal and to optimize sensor design. A finite element model was developed to validate analytical results and to evaluate other sensor design-related parameters. Experimental testing of a concrete specimen wrapped with composite laminate and containing a series of pre-induced water intrusion defects was conducted in order to validate the concept of the new technique. Experimental data showed excellent agreement with the finite element model predictions and confirmed sensor performance

  8. Towards Effective Network Intrusion Detection: A Hybrid Model Integrating Gini Index and GBDT with PSO

    Longjie Li

    2018-01-01

    Full Text Available In order to protect computing systems from malicious attacks, network intrusion detection systems have become an important part in the security infrastructure. Recently, hybrid models that integrating several machine learning techniques have captured more attention of researchers. In this paper, a novel hybrid model was proposed with the purpose of detecting network intrusion effectively. In the proposed model, Gini index is used to select the optimal subset of features, the gradient boosted decision tree (GBDT algorithm is adopted to detect network attacks, and the particle swarm optimization (PSO algorithm is utilized to optimize the parameters of GBDT. The performance of the proposed model is experimentally evaluated in terms of accuracy, detection rate, precision, F1-score, and false alarm rate using the NSL-KDD dataset. Experimental results show that the proposed model is superior to the compared methods.

  9. The effect of destination linked feature selection in real-time network intrusion detection

    Mzila, P

    2013-07-01

    Full Text Available techniques in the network intrusion detection system (NIDS) is the feature selection technique. The ability of NIDS to accurately identify intrusion from the network traffic relies heavily on feature selection, which describes the pattern of the network...

  10. A Novel Architecture for Intrusion Detection in Mobile Ad hoc Network

    Atul Patel; Ruchi Kansara; Dr. Paresh Virparia

    2011-01-01

    Today’s wireless networks are vulnerable in many ways including illegal use, unauthorized access, denial of service attacks, eavesdropping so called war chalking. These problems are one of the main issues for wider uses of wireless network. On wired network intruder can access by wire but in wireless it has possibilities to access the computer anywhere in neighborhood. However, securing MANETs is highly challenging issue due to their inherent characteristics. Intrusion detection is an importa...

  11. A framework for implementing a Distributed Intrusion Detection System (DIDS) with interoperabilty and information analysis

    Davicino, Pablo; Echaiz, Javier; Ardenghi, Jorge Raúl

    2011-01-01

    Computer Intrusion Detection Systems (IDS) are primarily designed to protect availability, condentiality and integrity of critical information infrastructures. A Distributed IDS (DIDS) consists of several IDS over a large network(s), all of which communicate with each other, with a central server or with a cluster of servers that facilitates advanced network monitoring. In a distributed environment, DIDS are implemented using cooperative intelligent sensors distributed across the network(s). ...

  12. Anomaly-based online intrusion detection system as a sensor for cyber security situational awareness system

    Kokkonen, Tero

    2016-01-01

    Almost all the organisations and even individuals rely on complex structures of data networks and networked computer systems. That complex data ensemble, the cyber domain, provides great opportunities, but at the same time it offers many possible attack vectors that can be abused for cyber vandalism, cyber crime, cyber espionage or cyber terrorism. Those threats produce requirements for cyber security situational awareness and intrusion detection capability. This dissertation conc...

  13. Hybrid feature selection for supporting lightweight intrusion detection systems

    Song, Jianglong; Zhao, Wentao; Liu, Qiang; Wang, Xin

    2017-08-01

    Redundant and irrelevant features not only cause high resource consumption but also degrade the performance of Intrusion Detection Systems (IDS), especially when coping with big data. These features slow down the process of training and testing in network traffic classification. Therefore, a hybrid feature selection approach in combination with wrapper and filter selection is designed in this paper to build a lightweight intrusion detection system. Two main phases are involved in this method. The first phase conducts a preliminary search for an optimal subset of features, in which the chi-square feature selection is utilized. The selected set of features from the previous phase is further refined in the second phase in a wrapper manner, in which the Random Forest(RF) is used to guide the selection process and retain an optimized set of features. After that, we build an RF-based detection model and make a fair comparison with other approaches. The experimental results on NSL-KDD datasets show that our approach results are in higher detection accuracy as well as faster training and testing processes.

  14. A Distributed Intrusion Detection Scheme about Communication Optimization in Smart Grid

    Yunfa Li

    2013-01-01

    Full Text Available We first propose an efficient communication optimization algorithm in smart grid. Based on the optimization algorithm, we propose an intrusion detection algorithm to detect malicious data and possible cyberattacks. In this scheme, each node acts independently when it processes communication flows or cybersecurity threats. And neither special hardware nor nodes cooperation is needed. In order to justify the feasibility and the availability of this scheme, a series of experiments have been done. The results show that it is feasible and efficient to detect malicious data and possible cyberattacks with less computation and communication cost.

  15. Comparative study of adaptive-noise-cancellation algorithms for intrusion detection systems

    Claassen, J.P.; Patterson, M.M.

    1981-01-01

    Some intrusion detection systems are susceptible to nonstationary noise resulting in frequent nuisance alarms and poor detection when the noise is present. Adaptive inverse filtering for single channel systems and adaptive noise cancellation for two channel systems have both demonstrated good potential in removing correlated noise components prior detection. For such noise susceptible systems the suitability of a noise reduction algorithm must be established in a trade-off study weighing algorithm complexity against performance. The performance characteristics of several distinct classes of algorithms are established through comparative computer studies using real signals. The relative merits of the different algorithms are discussed in the light of the nature of intruder and noise signals

  16. Enhancing Trust Management for Wireless Intrusion Detection via Traffic Sampling in the Era of Big Data

    Meng, Weizhi; Li, Wenjuan; Su, Chunhua

    2017-01-01

    many kinds of information among sensors, whereas such network is vulnerable to a wide range of attacks, especially insider attacks, due to its natural environment and inherent unreliable transmission. To safeguard its security, intrusion detection systems (IDSs) are widely adopted in a WSN to defend...... against insider attacks through implementing proper trustbased mechanisms. However, in the era of big data, sensors may generate excessive information and data, which could degrade the effectiveness of trust computation. In this paper, we focus on this challenge and propose a way of combining Bayesian......-based trust management with traffic sampling for wireless intrusion detection under a hierarchical structure. In the evaluation, we investigate the performance of our approach in both a simulated and a real network environment. Experimental results demonstrate that packet-based trust management would become...

  17. SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks

    Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For

    2017-01-01

    The development of collaborative intrusion detection networks (CIDNs) aims to enhance the performance of a single intrusion detection system (IDS), through communicating and collecting information from other IDS nodes. To defend CIDNs against insider attacks, trust-based mechanisms are crucial...... and render CIDNs still vulnerable to advanced insider attacks in a practical deployment. In this paper, our motivation is to investigate the effect of On-Off attacks on challenge-based CIDNs. In particular, as a study, we explore a special On-Off attack (called SOOA), which can keep responding normally...... to one node while acting abnormally to another node. In the evaluation, we explore the attack performance under simulated CIDN environments. Experimental results indicate that our attack can interfere the effectiveness of trust computation for CIDN nodes....

  18. Messaging Attacks on Android: Vulnerabilities and Intrusion Detection

    Khodor Hamandi

    2015-01-01

    Full Text Available Currently, Android is the leading mobile operating system in number of users worldwide. On the security side, Android has had significant challenges despite the efforts of the Android designers to provide a secure environment for apps. In this paper, we present numerous attacks targeting the messaging framework of the Android system. Our focus is on SMS, USSD, and the evolution of their associated security in Android and accordingly the development of related attacks. Also, we shed light on the Android elements that are responsible for these attacks. Furthermore, we present the architecture of an intrusion detection system (IDS that promises to thwart SMS messaging attacks. Our IDS shows a detection rate of 87.50% with zero false positives.

  19. A Fusion of Multiagent Functionalities for Effective Intrusion Detection System

    Dhanalakshmi Krishnan Sadhasivan

    2017-01-01

    Full Text Available Provision of high security is one of the active research areas in the network applications. The failure in the centralized system based on the attacks provides less protection. Besides, the lack of update of new attacks arrival leads to the minimum accuracy of detection. The major focus of this paper is to improve the detection performance through the adaptive update of attacking information to the database. We propose an Adaptive Rule-Based Multiagent Intrusion Detection System (ARMA-IDS to detect the anomalies in the real-time datasets such as KDD and SCADA. Besides, the feedback loop provides the necessary update of attacks in the database that leads to the improvement in the detection accuracy. The combination of the rules and responsibilities for multiagents effectively detects the anomaly behavior, misuse of response, or relay reports of gas/water pipeline data in KDD and SCADA, respectively. The comparative analysis of the proposed ARMA-IDS with the various existing path mining methods, namely, random forest, JRip, a combination of AdaBoost/JRip, and common path mining on the SCADA dataset conveys that the effectiveness of the proposed ARMA-IDS in the real-time fault monitoring. Moreover, the proposed ARMA-IDS offers the higher detection rate in the SCADA and KDD cup 1999 datasets.

  20. Proposed Network Intrusion Detection System ‎In Cloud Environment Based on Back ‎Propagation Neural Network

    Shawq Malik Mehibs

    2017-12-01

    Full Text Available Cloud computing is distributed architecture, providing computing facilities and storage resource as a service over the internet. This low-cost service fulfills the basic requirements of users. Because of the open nature and services introduced by cloud computing intruders impersonate legitimate users and misuse cloud resource and services. To detect intruders and suspicious activities in and around the cloud computing environment, intrusion detection system used to discover the illegitimate users and suspicious action by monitors different user activities on the network .this work proposed based back propagation artificial neural network to construct t network intrusion detection in the cloud environment. The proposed module evaluated with kdd99 dataset the experimental results shows promising approach to detect attack with high detection rate and low false alarm rate

  1. A Real-Time Intrusion Detection System using Data Mining Technique

    Fang-Yie Leu

    2008-04-01

    Full Text Available Presently, most computers authenticate user ID and password before users can login these systems. However, danger soon comes if the two items are known to hackers. In this paper, we propose a system, named Intrusion Detection and Identification System (IDIS, which builds a profile for each user in an intranet to keep track his/her usage habits as forensic features with which IDIS can identify who the underlying user in the intranet is. Our experimental results show that the recognition accuracy of students of computer science department is up to 98.99%.

  2. Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model

    Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For

    2017-01-01

    To defend against complex attacks, collaborative intrusion detection networks (CIDNs) have been developed to enhance the detection accuracy, which enable an IDS to collect information and learn experience from others. However, this kind of networks is vulnerable to malicious nodes which are utili......To defend against complex attacks, collaborative intrusion detection networks (CIDNs) have been developed to enhance the detection accuracy, which enable an IDS to collect information and learn experience from others. However, this kind of networks is vulnerable to malicious nodes which...... are utilized by insider attacks (e.g., betrayal attacks). In our previous research, we developed a notion of intrusion sensitivity and identified that it can help improve the detection of insider attacks, whereas it is still a challenge for these nodes to automatically assign the values. In this article, we...... of intrusion sensitivity based on expert knowledge. In the evaluation, we compare the performance of three different supervised classifiers in assigning sensitivity values and investigate our trust model under different attack scenarios and in a real wireless sensor network. Experimental results indicate...

  3. A Hybrid Swarm Intelligence Algorithm for Intrusion Detection Using Significant Features

    P. Amudha

    2015-01-01

    Full Text Available Intrusion detection has become a main part of network security due to the huge number of attacks which affects the computers. This is due to the extensive growth of internet connectivity and accessibility to information systems worldwide. To deal with this problem, in this paper a hybrid algorithm is proposed to integrate Modified Artificial Bee Colony (MABC with Enhanced Particle Swarm Optimization (EPSO to predict the intrusion detection problem. The algorithms are combined together to find out better optimization results and the classification accuracies are obtained by 10-fold cross-validation method. The purpose of this paper is to select the most relevant features that can represent the pattern of the network traffic and test its effect on the success of the proposed hybrid classification algorithm. To investigate the performance of the proposed method, intrusion detection KDDCup’99 benchmark dataset from the UCI Machine Learning repository is used. The performance of the proposed method is compared with the other machine learning algorithms and found to be significantly different.

  4. CRITICAL INFORMATION INFRASTRUCTURE SECURITY - NETWORK INTRUSION DETECTION SYSTEMS

    Cristea DUMITRU

    2011-12-01

    Full Text Available Critical Information Infrastructure security will always be difficult to ensure, just because of the features that make it irreplaceable tor other critical infrastructures normal operation. It is decentralized, interconnected interdependent, controlled by multiple actors (mainly private and incorporating diverse types of technologies. It is almost axiomatic that the disruption of the Critical Information Infrastructure affects systems located much farther away, and the cyber problems have direct consequences on the real world. Indeed the Internet can be used as a multiplier in order to amplify the effects of an attack on some critical infrastructures. Security challenges increase with the technological progress. One of the last lines of defense which comes to complete the overall security scheme of the Critical Information Infrastructure is represented by the Network Intrusion Detection Systems.

  5. INTRUSION DETECTION PREVENTION SYSTEM (IDPS PADA LOCAL AREA NETWORK (LAN

    Didit Suhartono

    2015-02-01

    Full Text Available Penelitian ini berjudul “Intrusion Detection Prevention System Local Area Network (LAN” yang bertujuan untuk memproteksi jaringan dari usaha- usaha penyusupan yang dilakukan oleh seorang intruder. Metode yang digunakan pada penelitian ini adalah menggunakan metode kerangka pikir sebagai acuan dari tahap- tahap penelitian yang penulis lakukan. IDS difungsikan sebagai pendeteksi adanya serangan sesuai rule yang ada kemudian pesan peringatan disimpan dalam database dan dikirim via sms kepada seorang network administrator, sedangkan Firewall digunakan sebagai packet filtering dengan cara menentukan security policy yang dinilai penting. Hasilnya adalah ketika IDS memberikanpesan peringatan ketika ada serangan, seorang network administrator dapat memblok adanya serangan tersebut dengan cara manual dengan firewall, ataupun firewall akan memblok sendiri serangan tersebut sesuai dengan security policy yang diterapkan oleh network adminisrator sebelumnya

  6. Exploring machine-learning-based control plane intrusion detection techniques in software defined optical networks

    Zhang, Huibin; Wang, Yuqiao; Chen, Haoran; Zhao, Yongli; Zhang, Jie

    2017-12-01

    In software defined optical networks (SDON), the centralized control plane may encounter numerous intrusion threatens which compromise the security level of provisioned services. In this paper, the issue of control plane security is studied and two machine-learning-based control plane intrusion detection techniques are proposed for SDON with properly selected features such as bandwidth, route length, etc. We validate the feasibility and efficiency of the proposed techniques by simulations. Results show an accuracy of 83% for intrusion detection can be achieved with the proposed machine-learning-based control plane intrusion detection techniques.

  7. Online Adaboost-Based Parameterized Methods for Dynamic Distributed Network Intrusion Detection.

    Hu, Weiming; Gao, Jun; Wang, Yanguo; Wu, Ou; Maybank, Stephen

    2014-01-01

    Current network intrusion detection systems lack adaptability to the frequently changing network environments. Furthermore, intrusion detection in the new distributed architectures is now a major requirement. In this paper, we propose two online Adaboost-based intrusion detection algorithms. In the first algorithm, a traditional online Adaboost process is used where decision stumps are used as weak classifiers. In the second algorithm, an improved online Adaboost process is proposed, and online Gaussian mixture models (GMMs) are used as weak classifiers. We further propose a distributed intrusion detection framework, in which a local parameterized detection model is constructed in each node using the online Adaboost algorithm. A global detection model is constructed in each node by combining the local parametric models using a small number of samples in the node. This combination is achieved using an algorithm based on particle swarm optimization (PSO) and support vector machines. The global model in each node is used to detect intrusions. Experimental results show that the improved online Adaboost process with GMMs obtains a higher detection rate and a lower false alarm rate than the traditional online Adaboost process that uses decision stumps. Both the algorithms outperform existing intrusion detection algorithms. It is also shown that our PSO, and SVM-based algorithm effectively combines the local detection models into the global model in each node; the global model in a node can handle the intrusion types that are found in other nodes, without sharing the samples of these intrusion types.

  8. Intrusion Detection Algorithm for Mitigating Sinkhole Attack on LEACH Protocol in Wireless Sensor Networks

    Ranjeeth Kumar Sundararajan

    2015-01-01

    Full Text Available In wireless sensor network (WSN, the sensors are deployed and placed uniformly to transmit the sensed data to a centralized station periodically. So, the major threat of the WSN network layer is sinkhole attack and it is still being a challenging issue on the sensor networks, where the malicious node attracts the packets from the other normal sensor nodes and drops the packets. Thus, this paper proposes an Intrusion Detection System (IDS mechanism to detect the intruder in the network which uses Low Energy Adaptive Clustering Hierarchy (LEACH protocol for its routing operation. In the proposed algorithm, the detection metrics, such as number of packets transmitted and received, are used to compute the intrusion ratio (IR by the IDS agent. The computed numeric or nonnumeric value represents the normal or malicious activity. As and when the sinkhole attack is captured, the IDS agent alerts the network to stop the data transmission. Thus, it can be a resilient to the vulnerable attack of sinkhole. Above all, the simulation result is shown for the proposed algorithm which is proven to be efficient compared with the existing work, namely, MS-LEACH, in terms of minimum computational complexity and low energy consumption. Moreover, the algorithm was numerically analyzed using TETCOS NETSIM.

  9. DFCL: DYNAMIC FUZZY LOGIC CONTROLLER FOR INTRUSION DETECTION

    Abdulrahim Haroun Ali

    2014-08-01

    Full Text Available Intrusions are a problem with the deployment of Networks which give misuse and abnormal behavior in running reliable network operations and services. In this work, a Dynamic Fuzzy Logic Controller (DFLC is proposed for an anomaly detection problem, with the aim of solving the problem of attack detection rate and faster response process. Data is collected by PingER project. PingER project actively measures the worldwide Internet’s end-to-end performance. It covers over 168 countries around the world. PingER uses simple ubiquitous Internet Ping facility to calculate number of useful performance parameters. From each set of 10 pings between a monitoring host and a remote host, the features being calculated include Minimum Round Trip Time (RTT, Jitter, Packet loss, Mean Opinion Score (MOS, Directness of Connection (Alpha, Throughput, ping unpredictability and ping reachability. A set of 10 pings is being sent from the monitoring node to the remote node every 30 minutes. The received data shows the current characteristic and behavior of the networks. Any changes in the received data signify the existence of potential threat or abnormal behavior. D-FLC uses the combination of parameters as an input to detect the existence of any abnormal behavior of the network. The proposed system is simulated in Matlab Simulink environment. Simulations results show that the system managed to catch 95% of the anomalies with the ability to distinguish normal and abnormal behavior of the network.

  10. Towards Reliable Evaluation of Anomaly-Based Intrusion Detection Performance

    Viswanathan, Arun

    2012-01-01

    This report describes the results of research into the effects of environment-induced noise on the evaluation process for anomaly detectors in the cyber security domain. This research was conducted during a 10-week summer internship program from the 19th of August, 2012 to the 23rd of August, 2012 at the Jet Propulsion Laboratory in Pasadena, California. The research performed lies within the larger context of the Los Angeles Department of Water and Power (LADWP) Smart Grid cyber security project, a Department of Energy (DoE) funded effort involving the Jet Propulsion Laboratory, California Institute of Technology and the University of Southern California/ Information Sciences Institute. The results of the present effort constitute an important contribution towards building more rigorous evaluation paradigms for anomaly-based intrusion detectors in complex cyber physical systems such as the Smart Grid. Anomaly detection is a key strategy for cyber intrusion detection and operates by identifying deviations from profiles of nominal behavior and are thus conceptually appealing for detecting "novel" attacks. Evaluating the performance of such a detector requires assessing: (a) how well it captures the model of nominal behavior, and (b) how well it detects attacks (deviations from normality). Current evaluation methods produce results that give insufficient insight into the operation of a detector, inevitably resulting in a significantly poor characterization of a detectors performance. In this work, we first describe a preliminary taxonomy of key evaluation constructs that are necessary for establishing rigor in the evaluation regime of an anomaly detector. We then focus on clarifying the impact of the operational environment on the manifestation of attacks in monitored data. We show how dynamic and evolving environments can introduce high variability into the data stream perturbing detector performance. Prior research has focused on understanding the impact of this

  11. Context-aware local Intrusion Detection in SCADA systems : a testbed and two showcases

    Chromik, Justyna Joanna; Haverkort, Boudewijn R.H.M.; Remke, Anne Katharina Ingrid; Pilch, Carina; Brackmann, Pascal; Duhme, Christof; Everinghoff, Franziska; Giberlein, Artur; Teodorowicz, Thomas; Wieland, Julian

    2017-01-01

    This paper illustrates the use of a testbed that we have developed for context-aware local intrusion detection. This testbed is based on the co-simulation framework Mosaik and allows for the validation of local intrusion detection mechanisms at field stations in power distribution networks. For two

  12. Nuisance alarm suppression techniques for fibre-optic intrusion detection systems

    Mahmoud, Seedahmed S.; Visagathilagar, Yuvaraja; Katsifolis, Jim

    2012-02-01

    The suppression of nuisance alarms without degrading sensitivity in fibre-optic intrusion detection systems is important for maintaining acceptable performance. Signal processing algorithms that maintain the POD and minimize nuisance alarms are crucial for achieving this. A level crossings algorithm is presented for suppressing torrential rain-induced nuisance alarms in a fibre-optic fence-based perimeter intrusion detection system. Results show that rain-induced nuisance alarms can be suppressed for rainfall rates in excess of 100 mm/hr, and intrusion events can be detected simultaneously during rain periods. The use of a level crossing based detection and novel classification algorithm is also presented demonstrating the suppression of nuisance events and discrimination of nuisance and intrusion events in a buried pipeline fibre-optic intrusion detection system. The sensor employed for both types of systems is a distributed bidirectional fibre-optic Mach Zehnder interferometer.

  13. Case-Based Multi-Sensor Intrusion Detection

    Schwartz, Daniel G.; Long, Jidong

    2009-08-01

    Multi-sensor intrusion detection systems (IDSs) combine the alerts raised by individual IDSs and possibly other kinds of devices such as firewalls and antivirus software. A critical issue in building a multi-sensor IDS is alert-correlation, i.e., determining which alerts are caused by the same attack. This paper explores a novel approach to alert correlation using case-based reasoning (CBR). Each case in the CBR system's library contains a pattern of alerts raised by some known attack type, together with the identity of the attack. Then during run time, the alert streams gleaned from the sensors are compared with the patterns in the cases, and a match indicates that the attack described by that case has occurred. For this purpose the design of a fast and accurate matching algorithm is imperative. Two such algorithms were explored: (i) the well-known Hungarian algorithm, and (ii) an order-preserving matching of our own device. Tests were conducted using the DARPA Grand Challenge Problem attack simulator. These showed that the both matching algorithms are effective in detecting attacks; but the Hungarian algorithm is inefficient; whereas the order-preserving one is very efficient, in fact runs in linear time.

  14. A New Intrusion Detection System Based on KNN Classification Algorithm in Wireless Sensor Network

    Wenchao Li

    2014-01-01

    abnormal nodes from normal nodes by observing their abnormal behaviors, and we analyse parameter selection and error rate of the intrusion detection system. The paper elaborates on the design and implementation of the detection system. This system has achieved efficient, rapid intrusion detection by improving the wireless ad hoc on-demand distance vector routing protocol (Ad hoc On-Demand Distance the Vector Routing, AODV. Finally, the test results show that: the system has high detection accuracy and speed, in accordance with the requirement of wireless sensor network intrusion detection.

  15. Intrusion detection model using fusion of chi-square feature selection and multi class SVM

    Ikram Sumaiya Thaseen

    2017-10-01

    Full Text Available Intrusion detection is a promising area of research in the domain of security with the rapid development of internet in everyday life. Many intrusion detection systems (IDS employ a sole classifier algorithm for classifying network traffic as normal or abnormal. Due to the large amount of data, these sole classifier models fail to achieve a high attack detection rate with reduced false alarm rate. However by applying dimensionality reduction, data can be efficiently reduced to an optimal set of attributes without loss of information and then classified accurately using a multi class modeling technique for identifying the different network attacks. In this paper, we propose an intrusion detection model using chi-square feature selection and multi class support vector machine (SVM. A parameter tuning technique is adopted for optimization of Radial Basis Function kernel parameter namely gamma represented by ‘ϒ’ and over fitting constant ‘C’. These are the two important parameters required for the SVM model. The main idea behind this model is to construct a multi class SVM which has not been adopted for IDS so far to decrease the training and testing time and increase the individual classification accuracy of the network attacks. The investigational results on NSL-KDD dataset which is an enhanced version of KDDCup 1999 dataset shows that our proposed approach results in a better detection rate and reduced false alarm rate. An experimentation on the computational time required for training and testing is also carried out for usage in time critical applications.

  16. An ethernet/IP security review with intrusion detection applications

    Laughter, S. A.; Williams, R. D.

    2006-01-01

    Supervisory Control and Data Acquisition (SCADA) and automation networks, used throughout utility and manufacturing applications, have their own specific set of operational and security requirements when compared to corporate networks. The modern climate of heightened national security and awareness of terrorist threats has made the security of these systems of prime concern. There is a need to understand the vulnerabilities of these systems and how to monitor and protect them. Ethernet/IP is a member of a family of protocols based on the Control and Information Protocol (CIP). Ethernet/IP allows automation systems to be utilized on and integrated with traditional TCP/IP networks, facilitating integration of these networks with corporate systems and even the Internet. A review of the CIP protocol and the additions Ethernet/IP makes to it has been done to reveal the kind of attacks made possible through the protocol. A set of rules for the SNORT Intrusion Detection software is developed based on the results of the security review. These can be used to monitor, and possibly actively protect, a SCADA or automation network that utilizes Ethernet/IP in its infrastructure. (authors)

  17. Semantic intrusion detection with multisensor data fusion using ...

    spatiotemporal relations to form complex events which model the intrusion patterns. ... Wireless sensor networks; complex event processing; event stream; ...... of the 2006 ACM SIGMOD International Conference on Management of Data, 407– ...

  18. Applying long short-term memory recurrent neural networks to intrusion detection

    Ralf C. Staudemeyer

    2015-07-01

    Full Text Available We claim that modelling network traffic as a time series with a supervised learning approach, using known genuine and malicious behaviour, improves intrusion detection. To substantiate this, we trained long short-term memory (LSTM recurrent neural networks with the training data provided by the DARPA / KDD Cup ’99 challenge. To identify suitable LSTM-RNN network parameters and structure we experimented with various network topologies. We found networks with four memory blocks containing two cells each offer a good compromise between computational cost and detection performance. We applied forget gates and shortcut connections respectively. A learning rate of 0.1 and up to 1,000 epochs showed good results. We tested the performance on all features and on extracted minimal feature sets respectively. We evaluated different feature sets for the detection of all attacks within one network and also to train networks specialised on individual attack classes. Our results show that the LSTM classifier provides superior performance in comparison to results previously published results of strong static classifiers. With 93.82% accuracy and 22.13 cost, LSTM outperforms the winning entries of the KDD Cup ’99 challenge by far. This is due to the fact that LSTM learns to look back in time and correlate consecutive connection records. For the first time ever, we have demonstrated the usefulness of LSTM networks to intrusion detection.

  19. An armored-cable-based fiber Bragg grating sensor array for perimeter fence intrusion detection

    Hao, Jianzhong; Dong, Bo; Varghese, Paulose; Phua, Jiliang; Foo, Siang Fook

    2012-01-01

    In this paper, an armored-cable-based optical fiber Bragg grating (FBG) sensor array, for perimeter fence intrusion detection, is demonstrated and some of the field trial results are reported. The field trial was conducted at a critical local installation in Singapore in December 2010. The sensor array was put through a series of both simulated and live intrusion scenarios to test the stability and suitability of operation in the local environmental conditions and to determine its capabilities in detecting and reporting these intrusions accurately to the control station. Such a sensor array can provide perimeter intrusion detection with fine granularity and preset pin-pointing accuracy. The various types of intrusions included aided or unaided climbs, tampering and cutting of the fence, etc. The unique sensor packaging structure provides high sensitivity, crush resistance and protection against rodents. It is also capable of resolving nuisance events such as rain, birds sitting on the fence or seismic vibrations. These sensors are extremely sensitive with a response time of a few seconds. They can be customized for a desired spatial resolution and pre-determined sensitivity. Furthermore, it is easy to cascade a series of such sensors to monitor and detect intrusion events over a long stretch of fence line. Such sensors can be applied to real-time intrusion detection for perimeter security, pipeline security and communications link security.

  20. A Comprehensive Review and meta-analysis on Applications of Machine Learning Techniques in Intrusion Detection

    Manojit Chattopadhyay

    2018-05-01

    Full Text Available Securing a machine from various cyber-attacks has been of serious concern for researchers, statutory bodies such as governments, business organizations and users in both wired and wireless media. However, during the last decade, the amount of data handling by any device, particularly servers, has increased exponentially and hence the security of these devices has become a matter of utmost concern. This paper attempts to examine the challenges in the application of machine learning techniques to intrusion detection. We review different inherent issues in defining and applying the machine learning techniques to intrusion detection. We also attempt to identify the best technological solution for changing usage pattern by comparing different machine learning techniques on different datasets and summarizing their performance using various performance metrics. This paper highlights the research challenges and future trends of intrusion detection in dynamic scenarios of intrusion detection problems in diverse network technologies.

  1. Anomaly-Based Intrusion Detection Systems Utilizing System Call Data

    2012-03-01

    52 Table 7. Place Reachability Statistics for Low Level CPN...54 Table 8. Place Reachability Statistics for High Level CPN................................................. 55 Table 9. Password Stealing...the efficiency of traditional anti-virus software tools that are dependent on gigantic , continuously updated databases. Fortunately, Intrusion

  2. Scalable High-Performance Parallel Design for Network Intrusion Detection Systems on Many-Core Processors

    Jiang, Hayang; Xie, Gaogang; Salamatian, Kavé; Mathy, Laurent

    2013-01-01

    Network Intrusion Detection Systems (NIDSes) face significant challenges coming from the relentless network link speed growth and increasing complexity of threats. Both hardware accelerated and parallel software-based NIDS solutions, based on commodity multi-core and GPU processors, have been proposed to overcome these challenges. Network Intrusion Detection Systems (NIDSes) face significant challenges coming from the relentless network link speed growth and increasing complexity of threats. ...

  3. Dynamic Modeling of Internet Traffic for Intrusion Detection

    Stephan Bohacek

    2007-01-01

    Full Text Available Computer network traffic is analyzed via mutual information techniques, implemented using linear and nonlinear canonical correlation analyses, with the specific objective of detecting UDP flooding attacks. NS simulation of HTTP, FTP, and CBR traffic shows that flooding attacks are accompanied by a change of mutual information, either at the link being flooded or at another upstream or downstream link. This observation appears to be topology independent, as the technique is demonstrated on the so-called parking-lot topology, random 50-node topology, and 100-node transit-stub topology. This technique is also employed to detect UDP flooding with low false alarm rate on a backbone link. These results indicate that a change in mutual information provides a useful detection criterion when no other signature of the attack is available.

  4. The evolution of interior intrusion detection technology at Sandia National Laboratories

    Graham, R.H.; Workhoven, R.M.

    1987-07-01

    Interior Intrusion Detection Technology began at Sandia National Laboratories (SNL) in 1975 as part of the Fixed Facilities Physical Protection Research and Development program sponsored by the US Department of Energy in connection with their nuclear safeguards effort. This paper describes the evolution of Interior Intrusion Detection Technology at Sandia National Laboratories from the beginning of the Interior Sensor Laboratory to the present. This Laboratory was established in 1976 to evaluate commercial interior intrusion sensors and to assist in site-specific intrusion detection system designs. Examples of special test techniques and new test equipment that were developed at the Lab are presented, including the Sandia Intruder Motion Simulator (SIMS), the Sensor and Environment Monitor (SEM), and the Sandia Interior Robot (SIR). We also discuss new sensors and unique sensor combination developed when commercial sensors were unavailable and the future application of expert systems. 5 refs

  5. The evolution of Interior Intrusion Detection Technology at Sandia National Laboratories

    Graham, R.H.; Workhoven, R.M.

    1987-07-01

    Interior Intrusion Detection Technology began at Sandia National Laboratories (SNL) in 1975 as part of the Fixed Facilities Physical Protection Research and Development program sponsored by the US Department of Energy in connection with their nuclear safeguards effort. This paper describes the evolution of Interior Intrusion Detection Technology at Sandia National Laboratories from the beginning of the Interior Sensor Laboratory to the present. This Laboratory was established in 1976 to evaluate commercial interior intrusion sensors and to assist in site-specific intrusion detection system designs. Examples of special test techniques and new test equipment that were developed at the Lab are presented, including the Sandia Intruder Motion Simulator (SIMS), the Sensor and Environment Monitor (SEM), and the Sandia Interior Robot (SIR). We also discuss new sensors and unique sensor combinations developed when commercial sensors were unavailable and the future application of expert systems

  6. Intrusion detection techniques for plant-wide network in a nuclear power plant

    Rajasekhar, P.; Shrikhande, S.V.; Biswas, B.B.; Patil, R.K.

    2012-01-01

    Nuclear power plants have a lot of critical data to be sent to the operator workstations. A plant wide integrated communication network, with high throughput, determinism and redundancy, is required between the workstations and the field. Switched Ethernet network is a promising prospect for such an integrated communication network. But for such an integrated system, intrusion is a major issue. Hence the network should have an intrusion detection system to make the network data secure and enhance the network availability. Intrusion detection is the process of monitoring the events occurring in a network and analyzing them for signs of possible incidents, which are violations or imminent threats of violation of network security policies, acceptable user policies, or standard security practices. This paper states the various intrusion detection techniques and approaches which are applicable for analysis of a plant wide network. (author)

  7. The evolution of interior intrusion detection technology at Sandia National Laboratories

    Graham, R.H.; Workhoven, R.M.

    1987-01-01

    Interior Intrusion Detection Technology began at Sandia National Laboratories (SNL) in 1975 as part of the Fixed Facilities Physical Protection Research and Development program sponsored by the U.S. Department of Energy in connection with their nuclear safeguards effort. This paper describes the evolution of Interior Intrusion Detection Technology at Sandia National Laboratories from the beginning of the Interior Sensor Laboratory to the present. This Laboratory was established in 1976 to evaluate commercial interior intrusion sensors and to assist in site-specific intrusion detection system designs. Examples of special test techniques and new test equipment that were developed at the Lab are presented, including the Sandia Intruder Motion Simulator (SIMS), the Sensor and Environment Monitor (SEM), and the Sandia Interior Robot (SIR). The authors also discuss new sensors and unique sensor combinations developed when commercial sensors were unavailable and the future application of expert systems

  8. Ensemble regression model-based anomaly detection for cyber-physical intrusion detection in smart grids

    Kosek, Anna Magdalena; Gehrke, Oliver

    2016-01-01

    The shift from centralised large production to distributed energy production has several consequences for current power system operation. The replacement of large power plants by growing numbers of distributed energy resources (DERs) increases the dependency of the power system on small scale......, distributed production. Many of these DERs can be accessed and controlled remotely, posing a cybersecurity risk. This paper investigates an intrusion detection system which evaluates the DER operation in order to discover unauthorized control actions. The proposed anomaly detection method is based...

  9. Full distributed fiber optical sensor for intrusion detection in application to buried pipelines

    Gao, Jianzhong; Jiang, Zhuangde; Zhao, Yulong; Zhu, Li; Zhao, Guoxian

    2005-11-01

    Based on the microbend effect of optical fiber, a distributed sensor for real-time continuous monitoring of intrusion in application to buried pipelines is proposed. The sensing element is a long cable with a special structure made up of an elastic polymer wire, an optical fiber, and a metal wire. The damage point is located with an embedded optical time domain reflectometry (OTDR) instrument. The intrusion types can be indicated by the amplitude of output voltage. Experimental results show that the detection system can alarm adequately under abnormal load and can locate the intrusion point within 22.4 m for distance of 3.023 km.

  10. Fuzzy Based Advanced Hybrid Intrusion Detection System to Detect Malicious Nodes in Wireless Sensor Networks

    Rupinder Singh

    2017-01-01

    Full Text Available In this paper, an Advanced Hybrid Intrusion Detection System (AHIDS that automatically detects the WSNs attacks is proposed. AHIDS makes use of cluster-based architecture with enhanced LEACH protocol that intends to reduce the level of energy consumption by the sensor nodes. AHIDS uses anomaly detection and misuse detection based on fuzzy rule sets along with the Multilayer Perceptron Neural Network. The Feed Forward Neural Network along with the Backpropagation Neural Network are utilized to integrate the detection results and indicate the different types of attackers (i.e., Sybil attack, wormhole attack, and hello flood attack. For detection of Sybil attack, Advanced Sybil Attack Detection Algorithm is developed while the detection of wormhole attack is done by Wormhole Resistant Hybrid Technique. The detection of hello flood attack is done by using signal strength and distance. An experimental analysis is carried out in a set of nodes; 13.33% of the nodes are determined as misbehaving nodes, which classified attackers along with a detection rate of the true positive rate and false positive rate. Sybil attack is detected at a rate of 99,40%; hello flood attack has a detection rate of 98, 20%; and wormhole attack has a detection rate of 99, 20%.

  11. Reading between the fields: practical, effective intrusion detection for industrial control systems

    Yüksel, Ömer; den Hartog, Jeremy; Etalle, Sandro

    2016-01-01

    Detection of previously unknown attacks and malicious messages is a challenging problem faced by modern network intrusion detection systems. Anomaly-based solutions, despite being able to detect unknown attacks, have not been used often in practice due to their high false positive rate, and because

  12. RIDES: Robust Intrusion Detection System for IP-Based Ubiquitous Sensor Networks.

    Amin, Syed Obaid; Siddiqui, Muhammad Shoaib; Hong, Choong Seon; Lee, Sungwon

    2009-01-01

    The IP-based Ubiquitous Sensor Network (IP-USN) is an effort to build the "Internet of things". By utilizing IP for low power networks, we can benefit from existing well established tools and technologies of IP networks. Along with many other unresolved issues, securing IP-USN is of great concern for researchers so that future market satisfaction and demands can be met. Without proper security measures, both reactive and proactive, it is hard to envisage an IP-USN realm. In this paper we present a design of an IDS (Intrusion Detection System) called RIDES (Robust Intrusion DEtection System) for IP-USN. RIDES is a hybrid intrusion detection system, which incorporates both Signature and Anomaly based intrusion detection components. For signature based intrusion detection this paper only discusses the implementation of distributed pattern matching algorithm with the help of signature-code, a dynamically created attack-signature identifier. Other aspects, such as creation of rules are not discussed. On the other hand, for anomaly based detection we propose a scoring classifier based on the SPC (Statistical Process Control) technique called CUSUM charts. We also investigate the settings and their effects on the performance of related parameters for both of the components.

  13. RIDES: Robust Intrusion Detection System for IP-Based Ubiquitous Sensor Networks

    Sungwon Lee

    2009-05-01

    Full Text Available TheIP-based Ubiquitous Sensor Network (IP-USN is an effort to build the “Internet of things”. By utilizing IP for low power networks, we can benefit from existing well established tools and technologies of IP networks. Along with many other unresolved issues, securing IP-USN is of great concern for researchers so that future market satisfaction and demands can be met. Without proper security measures, both reactive and proactive, it is hard to envisage an IP-USN realm. In this paper we present a design of an IDS (Intrusion Detection System called RIDES (Robust Intrusion DEtection System for IP-USN. RIDES is a hybrid intrusion detection system, which incorporates both Signature and Anomaly based intrusion detection components. For signature based intrusion detection this paper only discusses the implementation of distributed pattern matching algorithm with the help of signature-code, a dynamically created attack-signature identifier. Other aspects, such as creation of rules are not discussed. On the other hand, for anomaly based detection we propose a scoring classifier based on the SPC (Statistical Process Control technique called CUSUM charts. We also investigate the settings and their effects on the performance of related parameters for both of the components.

  14. Cellular Neural Network-Based Methods for Distributed Network Intrusion Detection

    Kang Xie

    2015-01-01

    Full Text Available According to the problems of current distributed architecture intrusion detection systems (DIDS, a new online distributed intrusion detection model based on cellular neural network (CNN was proposed, in which discrete-time CNN (DTCNN was used as weak classifier in each local node and state-controlled CNN (SCCNN was used as global detection method, respectively. We further proposed a new method for design template parameters of SCCNN via solving Linear Matrix Inequality. Experimental results based on KDD CUP 99 dataset show its feasibility and effectiveness. Emerging evidence has indicated that this new approach is affordable to parallelism and analog very large scale integration (VLSI implementation which allows the distributed intrusion detection to be performed better.

  15. PERFORMANCE COMPARISON FOR INTRUSION DETECTION SYSTEM USING NEURAL NETWORK WITH KDD DATASET

    S. Devaraju

    2014-04-01

    Full Text Available Intrusion Detection Systems are challenging task for finding the user as normal user or attack user in any organizational information systems or IT Industry. The Intrusion Detection System is an effective method to deal with the kinds of problem in networks. Different classifiers are used to detect the different kinds of attacks in networks. In this paper, the performance of intrusion detection is compared with various neural network classifiers. In the proposed research the four types of classifiers used are Feed Forward Neural Network (FFNN, Generalized Regression Neural Network (GRNN, Probabilistic Neural Network (PNN and Radial Basis Neural Network (RBNN. The performance of the full featured KDD Cup 1999 dataset is compared with that of the reduced featured KDD Cup 1999 dataset. The MATLAB software is used to train and test the dataset and the efficiency and False Alarm Rate is measured. It is proved that the reduced dataset is performing better than the full featured dataset.

  16. A novel intrusion detection method based on OCSVM and K-means recursive clustering

    Leandros A. Maglaras

    2015-01-01

    Full Text Available In this paper we present an intrusion detection module capable of detecting malicious network traffic in a SCADA (Supervisory Control and Data Acquisition system, based on the combination of One-Class Support Vector Machine (OCSVM with RBF kernel and recursive k-means clustering. Important parameters of OCSVM, such as Gaussian width o and parameter v affect the performance of the classifier. Tuning of these parameters is of great importance in order to avoid false positives and over fitting. The combination of OCSVM with recursive k- means clustering leads the proposed intrusion detection module to distinguish real alarms from possible attacks regardless of the values of parameters o and v, making it ideal for real-time intrusion detection mechanisms for SCADA systems. Extensive simulations have been conducted with datasets extracted from small and medium sized HTB SCADA testbeds, in order to compare the accuracy, false alarm rate and execution time against the base line OCSVM method.

  17. Intrusion detection in Mobile Ad-hoc Networks: Bayesian game formulation

    Basant Subba

    2016-06-01

    Full Text Available Present Intrusion Detection Systems (IDSs for MANETs require continuous monitoring which leads to rapid depletion of a node's battery life. To address this issue, we propose a new IDS scheme comprising a novel cluster leader election process and a hybrid IDS. The cluster leader election process uses the Vickrey–Clarke–Groves mechanism to elect the cluster leader which provides the intrusion detection service. The hybrid IDS comprises a threshold based lightweight module and a powerful anomaly based heavyweight module. Initially, only the lightweight module is activated. The decision to activate the heavyweight module is taken by modeling the intrusion detection process as an incomplete information non-cooperative game between the elected leader node and the potential malicious node. Simulation results show that the proposed scheme significantly reduces the IDS traffic and overall power consumption in addition to maintaining a high detection rate and accuracy.

  18. Intrusion Detection System Based on Decision Tree over Big Data in Fog Environment

    Kai Peng

    2018-01-01

    Full Text Available Fog computing, as the supplement of cloud computing, can provide low-latency services between mobile users and the cloud. However, fog devices may encounter security challenges as a result of the fog nodes being close to the end users and having limited computing ability. Traditional network attacks may destroy the system of fog nodes. Intrusion detection system (IDS is a proactive security protection technology and can be used in the fog environment. Although IDS in tradition network has been well investigated, unfortunately directly using them in the fog environment may be inappropriate. Fog nodes produce massive amounts of data at all times, and, thus, enabling an IDS system over big data in the fog environment is of paramount importance. In this study, we propose an IDS system based on decision tree. Firstly, we propose a preprocessing algorithm to digitize the strings in the given dataset and then normalize the whole data, to ensure the quality of the input data so as to improve the efficiency of detection. Secondly, we use decision tree method for our IDS system, and then we compare this method with Naïve Bayesian method as well as KNN method. Both the 10% dataset and the full dataset are tested. Our proposed method not only completely detects four kinds of attacks but also enables the detection of twenty-two kinds of attacks. The experimental results show that our IDS system is effective and precise. Above all, our IDS system can be used in fog computing environment over big data.

  19. Technologies, Methodologies and Challenges in Network Intrusion Detection and Prevention Systems

    Nicoleta STANCIU

    2013-01-01

    Full Text Available This paper presents an overview of the technologies and the methodologies used in Network Intrusion Detection and Prevention Systems (NIDPS. Intrusion Detection and Prevention System (IDPS technologies are differentiated by types of events that IDPSs can recognize, by types of devices that IDPSs monitor and by activity. NIDPSs monitor and analyze the streams of network packets in order to detect security incidents. The main methodology used by NIDPSs is protocol analysis. Protocol analysis requires good knowledge of the theory of the main protocols, their definition, how each protocol works.

  20. Improving Intrusion Detection System Based on Snort Rules for Network Probe Attacks Detection with Association Rules Technique of Data Mining

    Nattawat Khamphakdee

    2015-07-01

    Full Text Available The intrusion detection system (IDS is an important network security tool for securing computer and network systems. It is able to detect and monitor network traffic data. Snort IDS is an open-source network security tool. It can search and match rules with network traffic data in order to detect attacks, and generate an alert. However, the Snort IDS  can detect only known attacks. Therefore, we have proposed a procedure for improving Snort IDS rules, based on the association rules data mining technique for detection of network probe attacks.  We employed the MIT-DARPA 1999 data set for the experimental evaluation. Since behavior pattern traffic data are both normal and abnormal, the abnormal behavior data is detected by way of the Snort IDS. The experimental results showed that the proposed Snort IDS rules, based on data mining detection of network probe attacks, proved more efficient than the original Snort IDS rules, as well as icmp.rules and icmp-info.rules of Snort IDS.  The suitable parameters for the proposed Snort IDS rules are defined as follows: Min_sup set to 10%, and Min_conf set to 100%, and through the application of eight variable attributes. As more suitable parameters are applied, higher accuracy is achieved.

  1. Intrusion detection on oil pipeline right of way using monogenic signal representation

    Nair, Binu M.; Santhaseelan, Varun; Cui, Chen; Asari, Vijayan K.

    2013-05-01

    We present an object detection algorithm to automatically detect and identify possible intrusions such as construction vehicles and equipment on the regions designated as the pipeline right-of-way (ROW) from high resolution aerial imagery. The pipeline industry has buried millions of miles of oil pipelines throughout the country and these regions are under constant threat of unauthorized construction activities. We propose a multi-stage framework which uses a pyramidal template matching scheme in the local phase domain by taking a single high resolution training image to classify a construction vehicle. The proposed detection algorithm makes use of the monogenic signal representation to extract the local phase information. Computing the monogenic signal from a two dimensional object region enables us to separate out the local phase information (structural details) from the local energy (contrast) thereby achieving illumination invariance. The first stage involves the local phase based template matching using only a single high resolution training image in a local region at multiple scales. Then, using the local phase histogram matching, the orientation of the detected region is determined and a voting scheme gives a certain weightage to the resulting clusters. The final stage involves the selection of clusters based on the number of votes attained and using the histogram of oriented phase feature descriptor, the object is located at the correct orientation and scale. The algorithm is successfully tested on four different datasets containing imagery with varying image resolution and object orientation.

  2. Combining Host-based and network-based intrusion detection system

    These attacks were simulated using hping. The proposed system is implemented in Java. The results show that the proposed system is able to detect attacks both from within (host-based) and outside sources (network-based). Key Words: Intrusion Detection System (IDS), Host-based, Network-based, Signature, Security log.

  3. Towards software-based signature detection for intrusion prevention on the network card

    Bos, H.; Huang, Kaiming

    2006-01-01

    CardGuard is a signature detection system for intrusion detection and prevention that scans the entire payload of packets for suspicious patterns and is implemented in software on a network card equiped with an Intel IXP1200 network processor. One card can be used to protect either a single host, or

  4. Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

    Bolzoni, D.; Etalle, Sandro; Hartel, Pieter H.; Kirda, E.; Jha, S.; Balzarotti, D.

    Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

  5. Panacea : Automating attack classification for anomaly-based network intrusion detection systems

    Bolzoni, D.; Etalle, S.; Hartel, P.H.; Kirda, E.; Jha, S.; Balzarotti, D.

    2009-01-01

    Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attacks, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

  6. Panacea : Automating attack classification for anomaly-based network intrusion detection systems

    Bolzoni, D.; Etalle, S.; Hartel, P.H.

    2009-01-01

    Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

  7. Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

    Bolzoni, D.; Etalle, Sandro; Hartel, Pieter H.

    2009-01-01

    Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

  8. Towards real-time intrusion detection for NetFlow and IPFIX

    Hofstede, R.J.; Bartos, Vaclav; Sperotto, Anna; Pras, Aiko

    2013-01-01

    DDoS attacks bring serious economic and technical damage to networks and enterprises. Timely detection and mitigation are therefore of great importance. However, when flow monitoring systems are used for intrusion detection, as it is often the case in campus, enterprise and backbone networks, timely

  9. A Survey on Cross-Layer Intrusion Detection System for Wireless ...

    pc

    2018-03-05

    Mar 5, 2018 ... forwarding, and open wireless medium are the factors that make ... Wireless Sensor Network (WSN) is a kind of network that ... These tiny sensors are mainly small sized and have low ..... they were integrated to WSN for intrusion detection in ..... Anomaly Detection Techniques for Smart City Wireless Sensor.

  10. LIDeA: A Distributed Lightweight Intrusion Detection Architecture for Sensor Networks

    Giannetsos, Athanasios; Krontiris, Ioannis; Dimitriou, Tassos

    2008-01-01

    to achieve a more autonomic and complete defense mechanism, even against attacks that have not been anticipated in advance. In this paper, we present a lightweight intrusion detection system, called LIDeA, designed for wireless sensor networks. LIDeA is based on a distributed architecture, in which nodes......Wireless sensor networks are vulnerable to adversaries as they are frequently deployed in open and unattended environments. Preventive mechanisms can be applied to protect them from an assortment of attacks. However, more sophisticated methods, like intrusion detection systems, are needed...

  11. Computer Game Play Reduces Intrusive Memories of Experimental Trauma via Reconsolidation-Update Mechanisms.

    James, Ella L; Bonsall, Michael B; Hoppitt, Laura; Tunbridge, Elizabeth M; Geddes, John R; Milton, Amy L; Holmes, Emily A

    2015-08-01

    Memory of a traumatic event becomes consolidated within hours. Intrusive memories can then flash back repeatedly into the mind's eye and cause distress. We investigated whether reconsolidation-the process during which memories become malleable when recalled-can be blocked using a cognitive task and whether such an approach can reduce these unbidden intrusions. We predicted that reconsolidation of a reactivated visual memory of experimental trauma could be disrupted by engaging in a visuospatial task that would compete for visual working memory resources. We showed that intrusive memories were virtually abolished by playing the computer game Tetris following a memory-reactivation task 24 hr after initial exposure to experimental trauma. Furthermore, both memory reactivation and playing Tetris were required to reduce subsequent intrusions (Experiment 2), consistent with reconsolidation-update mechanisms. A simple, noninvasive cognitive-task procedure administered after emotional memory has already consolidated (i.e., > 24 hours after exposure to experimental trauma) may prevent the recurrence of intrusive memories of those emotional events. © The Author(s) 2015.

  12. Network Intrusion Dataset Assessment

    2013-03-01

    International Conference on Computational Intelligence and Natural Computing, volume 2, pages 413–416, June 2009. • Rung Ching Chen, Kai -Fan Cheng, and...Chia-Fen Hsieh . “Using rough set and support vector machine for network intrusion detection.” International Journal of Network Security & Its...intrusion detection using FP tree rules.” Journal Of Advanced Networking and Applications, 1(1):30–39, 2009. • Ming-Yang Su, Gwo-Jong Yu , and Chun-Yuen

  13. Intelligent Agent-Based Intrusion Detection System Using Enhanced Multiclass SVM

    Ganapathy, S.; Yogesh, P.; Kannan, A.

    2012-01-01

    Intrusion detection systems were used in the past along with various techniques to detect intrusions in networks effectively. However, most of these systems are able to detect the intruders only with high false alarm rate. In this paper, we propose a new intelligent agent-based intrusion detection model for mobile ad hoc networks using a combination of attribute selection, outlier detection, and enhanced multiclass SVM classification methods. For this purpose, an effective preprocessing technique is proposed that improves the detection accuracy and reduces the processing time. Moreover, two new algorithms, namely, an Intelligent Agent Weighted Distance Outlier Detection algorithm and an Intelligent Agent-based Enhanced Multiclass Support Vector Machine algorithm are proposed for detecting the intruders in a distributed database environment that uses intelligent agents for trust management and coordination in transaction processing. The experimental results of the proposed model show that this system detects anomalies with low false alarm rate and high-detection rate when tested with KDD Cup 99 data set. PMID:23056036

  14. Energy Efficient Monitoring for Intrusion Detection in Battery-Powered Wireless Mesh Networks

    Hassanzadeh, Amin; Stoleru, Radu; Shihada, Basem

    2011-01-01

    in such environments battery-powered mesh routers, operating in an energy efficient manner, are required. To the best of our knowledge, the impact of energy efficient solutions, e.g., involving duty-cycling, on WMN intrusion detection systems, which require continuous

  15. Real-Time and Resilient Intrusion Detection: A Flow-Based Approach

    Hofstede, R.J.; Pras, Aiko

    Due to the demanding performance requirements of packet-based monitoring solutions on network equipment, flow-based intrusion detection systems will play an increasingly important role in current high-speed networks. The required technologies are already available and widely deployed: NetFlow and

  16. Anomaly based intrusion detection for a biometric identification system using neural networks

    Mgabile, T

    2012-10-01

    Full Text Available detection technique that analyses the fingerprint biometric network traffic for evidence of intrusion. The neural network algorithm that imitates the way a human brain works is used in this study to classify normal traffic and learn the correct traffic...

  17. Feature selection for anomaly–based network intrusion detection using cluster validity indices

    Naidoo, T

    2015-09-01

    Full Text Available for Anomaly–Based Network Intrusion Detection Using Cluster Validity Indices Tyrone Naidoo_, Jules–Raymond Tapamoy, Andre McDonald_ Modelling and Digital Science, Council for Scientific and Industrial Research, South Africa 1tnaidoo2@csir.co.za 3...

  18. ATLANTIDES: An Architecture for Alert Verification in Network Intrusion Detection Systems

    Bolzoni, D.; Crispo, Bruno; Etalle, Sandro

    2007-01-01

    We present an architecture designed for alert verification (i.e., to reduce false positives) in network intrusion-detection systems. Our technique is based on a systematic (and automatic) anomaly-based analysis of the system output, which provides useful context information regarding the network

  19. Performance Analysis of Hierarchical Group Key Management Integrated with Adaptive Intrusion Detection in Mobile ad hoc Networks

    2016-04-05

    applications in wireless networks such as military battlefields, emergency response, mobile commerce , online gaming, and collaborative work are based on the...www.elsevier.com/locate/peva Performance analysis of hierarchical group key management integrated with adaptive intrusion detection in mobile ad hoc...Accepted 19 September 2010 Available online 26 September 2010 Keywords: Mobile ad hoc networks Intrusion detection Group communication systems Group

  20. Automatic, non-intrusive, flame detection in pipelines

    Morgan, M.D.; Mehta, S.A.; Moore, R.G. [Calgary Univ., AB (Canada). Dept. of Chemical and Petroleum Engineering; Al-Himyary, T.J. [Al-Himyary Consulting Inc., Calgary, AB (Canada)

    2004-07-01

    Flames have been known to occur within small diameter pipes operating under conditions of high turbulent flow. Although there are several methods of flame detection, few offer remote, non-line-of-site detection. In particular, combustion cannot be detected in cases where flammable mixtures are carried in flare lines, storage tank vents, air drilling or improperly designed purging operations. Combustion noise is being examined as a means to address this problem. A study was conducted in which flames within a small diameter tube were automatically detected using high speed pressure measurements and a newly developed algorithm. Commercially available, high-pressure, dynamic-pressure transducers were used for the measurements. The results of an experimental study showed that combustion noise can be distinguished from other sources of noise by its inverse power law relationship with frequency. This paper presented a newly developed algorithm which provides early detection of flames when combined with high-speed pressure measurements. The algorithm can also separate combustion noise automatically from other sources of noise when combined with other filters. In this study, the noise generated by a fluttering check valve was attenuated using a stop band filter. This detection method was found to be very reliable under the conditions tests, as long as there was no flow restriction between the sensor and the flame. A flow restriction would have resulted in the detection of only the strongest flame noise. It was shown that acoustic flame detection can be applied successfully in flare stacks, industrial burners and turbine combustors. It can be 15 times more sensitive than optical or electrical methods in diagnosing combustion problems with lean burning combustors. It may also be the only method available in applications that require remote, non-line-of-sight detection. 11 refs., 3 tabs., 15 figs.

  1. An Integrated Intrusion Detection Model of Cluster-Based Wireless Sensor Network.

    Sun, Xuemei; Yan, Bo; Zhang, Xinzhong; Rong, Chuitian

    2015-01-01

    Considering wireless sensor network characteristics, this paper combines anomaly and mis-use detection and proposes an integrated detection model of cluster-based wireless sensor network, aiming at enhancing detection rate and reducing false rate. Adaboost algorithm with hierarchical structures is used for anomaly detection of sensor nodes, cluster-head nodes and Sink nodes. Cultural-Algorithm and Artificial-Fish-Swarm-Algorithm optimized Back Propagation is applied to mis-use detection of Sink node. Plenty of simulation demonstrates that this integrated model has a strong performance of intrusion detection.

  2. On Cyber Attacks and Signature Based Intrusion Detection for MODBUS Based Industrial Control Systems

    Wei Gao

    2014-03-01

    Full Text Available Industrial control system communication networks are vulnerable to reconnaissance, response injection, command injection, and denial of service attacks.  Such attacks can lead to an inability to monitor and control industrial control systems and can ultimately lead to system failure. This can result in financial loss for control system operators and economic and safety issues for the citizens who use these services.  This paper describes a set of 28 cyber attacks against industrial control systems which use the MODBUS application layer network protocol. The paper also describes a set of standalone and state based intrusion detection system rules which can be used to detect cyber attacks and to store evidence of attacks for post incident analysis. All attacks described in this paper were validated in a laboratory environment. The detection rate of the intrusion detection system rules presented by attack class is also presented.

  3. Using discriminant analysis to detect intrusions in external communication for self-driving vehicles

    Khattab M.Ali Alheeti

    2017-08-01

    Full Text Available Security systems are a necessity for the deployment of smart vehicles in our society. Security in vehicular ad hoc networks is crucial to the reliable exchange of information and control data. In this paper, we propose an intelligent Intrusion Detection System (IDS to protect the external communication of self-driving and semi self-driving vehicles. This technology has the ability to detect Denial of Service (DoS and black hole attacks on vehicular ad hoc networks (VANETs. The advantage of the proposed IDS over existing security systems is that it detects attacks before they causes significant damage. The intrusion prediction technique is based on Linear Discriminant Analysis (LDA and Quadratic Discriminant Analysis (QDA which are used to predict attacks based on observed vehicle behavior. We perform simulations using Network Simulator 2 to demonstrate that the IDS achieves a low rate of false alarms and high accuracy in detection.

  4. Designing and Implementing a Family of Intrusion Detection Systems

    2004-11-01

    configure (train), generates many false alarms – Misuse detection (signature analysis) (NFR, Emerald , Snort, STAT) • Generates few false alarms • Detects...to create .rhosts file in world-writable ftp home directory – rlogin using bogus .rhosts file S0 create_file read_rhosts S3S2 login S1 STAT KN-14...world-writable ftp home directory – rlogin using bogus .rhosts file S0 create_file read_rhosts S3S2 login S1 STAT KN-17 ftp-write in STATL use ustat

  5. Design and implementation of an intrusion detection system based on IPv6 protocol

    Liu, Bin; Li, Zhitang; Li, Yao; Li, Zhanchun

    2005-11-01

    Network intrusion detection systems (NIDS) are important parts of network security architecture. Although many NIDS have been proposed, there is little effort to expand the current set of NIDS to support IPv6 protocol. This paper presents the design and implementation of a Network-based Intrusion Detection System that supports both IPv6 protocol and IPv4 protocol. It characters rules based logging to perform content pattern matching and detect a variety of attacks and probes from IPv4 and IPv6.There are four primary subsystems to make it up: packet capture, packet decoder, detection engine, and logging and alerting subsystem. A new approach to packet capture that combined NAPI with MMAP is proposed in this paper. The test results show that the efficiency of packet capture can be improved significantly by this method. Several new attack tools for IPv6 have been developed for intrusion detection evaluation. Test shows that more than 20 kinds of IPv6 attacks can be detected by this system and it also has a good performance under heavy traffic load.

  6. Research on intrusion detection based on Kohonen network and support vector machine

    Shuai, Chunyan; Yang, Hengcheng; Gong, Zeweiyi

    2018-05-01

    In view of the problem of low detection accuracy and the long detection time of support vector machine, which directly applied to the network intrusion detection system. Optimization of SVM parameters can greatly improve the detection accuracy, but it can not be applied to high-speed network because of the long detection time. a method based on Kohonen neural network feature selection is proposed to reduce the optimization time of support vector machine parameters. Firstly, this paper is to calculate the weights of the KDD99 network intrusion data by Kohonen network and select feature by weight. Then, after the feature selection is completed, genetic algorithm (GA) and grid search method are used for parameter optimization to find the appropriate parameters and classify them by support vector machines. By comparing experiments, it is concluded that feature selection can reduce the time of parameter optimization, which has little influence on the accuracy of classification. The experiments suggest that the support vector machine can be used in the network intrusion detection system and reduce the missing rate.

  7. Multimodal UAV detection: study of various intrusion scenarios

    Hengy, Sebastien; Laurenzis, Martin; Schertzer, Stéphane; Hommes, Alexander; Kloeppel, Franck; Shoykhetbrod, Alex; Geibig, Thomas; Johannes, Winfried; Rassy, Oussama; Christnacher, Frank

    2017-10-01

    Small unmanned aerial vehicles (UAVs) are becoming increasingly popular and affordable the last years for professional and private consumer market, with varied capacities and performances. Recent events showed that illicit or hostile uses constitute an emergent, quickly evolutionary threat. Recent developments in UAV technologies tend to bring autonomous, highly agile and capable unmanned aerial vehicles to the market. These UAVs can be used for spying operations as well as for transporting illicit or hazardous material (smuggling, flying improvised explosive devices). The scenario of interest concerns the protection of sensitive zones against the potential threat constituted by small drones. In the recent past, field trials were carried out to investigate the detection and tracking of multiple UAV flying at low altitude. Here, we present results which were achieved using a heterogeneous sensor network consisting of acoustic antennas, small FMCW RADAR systems and optical sensors. While acoustics and RADAR was applied to monitor a wide azimuthal area (360°), optical sensors were used for sequentially identification. The localization results have been compared to the ground truth data to estimate the efficiency of each detection system. Seven-microphone acoustic arrays allow single source localization. The mean azimuth and elevation estimation error has been measured equal to 1.5 and -2.5 degrees respectively. The FMCW radar allows tracking of multiple UAVs by estimating their range, azimuth and motion speed. Both technologies can be linked to the electro-optical system for final identification of the detected object.

  8. Prototype of Intrusion Detection Model using UML 5.0 and Forward Engineering

    Muthaiyan MADIAJAGAN,

    2011-01-01

    Full Text Available In this paper we are using UML (Unified Modeling Language which is the blueprint language between the programmers, analysts, and designer’s for easy representation of pictures or diagrammatic notation with some textual data. Here we are using UML 5.0 to show “prototype of the Intrusion Detection Model” and by explaining it by combining various parts by drawing various UML diagrams such as Use cases and Activity diagrams and Class Diagram using which we show forward engineering using the class diagram of the IDM( Intrusion Detection Model. IDM is a device or software that works on detecting malicious activities by unauthorized users that can cause breach to the security policy within a network.

  9. A Protocol Layer Trust-Based Intrusion Detection Scheme for Wireless Sensor Networks

    Jian Wang

    2017-05-01

    Full Text Available This article proposes a protocol layer trust-based intrusion detection scheme for wireless sensor networks. Unlike existing work, the trust value of a sensor node is evaluated according to the deviations of key parameters at each protocol layer considering the attacks initiated at different protocol layers will inevitably have impacts on the parameters of the corresponding protocol layers. For simplicity, the paper mainly considers three aspects of trustworthiness, namely physical layer trust, media access control layer trust and network layer trust. The per-layer trust metrics are then combined to determine the overall trust metric of a sensor node. The performance of the proposed intrusion detection mechanism is then analyzed using the t-distribution to derive analytical results of false positive and false negative probabilities. Numerical analytical results, validated by simulation results, are presented in different attack scenarios. It is shown that the proposed protocol layer trust-based intrusion detection scheme outperforms a state-of-the-art scheme in terms of detection probability and false probability, demonstrating its usefulness for detecting cross-layer attacks.

  10. A Hybrid Spectral Clustering and Deep Neural Network Ensemble Algorithm for Intrusion Detection in Sensor Networks.

    Ma, Tao; Wang, Fen; Cheng, Jianjun; Yu, Yang; Chen, Xiaoyun

    2016-10-13

    The development of intrusion detection systems (IDS) that are adapted to allow routers and network defence systems to detect malicious network traffic disguised as network protocols or normal access is a critical challenge. This paper proposes a novel approach called SCDNN, which combines spectral clustering (SC) and deep neural network (DNN) algorithms. First, the dataset is divided into k subsets based on sample similarity using cluster centres, as in SC. Next, the distance between data points in a testing set and the training set is measured based on similarity features and is fed into the deep neural network algorithm for intrusion detection. Six KDD-Cup99 and NSL-KDD datasets and a sensor network dataset were employed to test the performance of the model. These experimental results indicate that the SCDNN classifier not only performs better than backpropagation neural network (BPNN), support vector machine (SVM), random forest (RF) and Bayes tree models in detection accuracy and the types of abnormal attacks found. It also provides an effective tool of study and analysis of intrusion detection in large networks.

  11. A Novel Algorithm for Intrusion Detection Based on RASL Model Checking

    Weijun Zhu

    2013-01-01

    Full Text Available The interval temporal logic (ITL model checking (MC technique enhances the power of intrusion detection systems (IDSs to detect concurrent attacks due to the strong expressive power of ITL. However, an ITL formula suffers from difficulty in the description of the time constraints between different actions in the same attack. To address this problem, we formalize a novel real-time interval temporal logic—real-time attack signature logic (RASL. Based on such a new logic, we put forward a RASL model checking algorithm. Furthermore, we use RASL formulas to describe attack signatures and employ discrete timed automata to create an audit log. As a result, RASL model checking algorithm can be used to automatically verify whether the automata satisfy the formulas, that is, whether the audit log coincides with the attack signatures. The simulation experiments show that the new approach effectively enhances the detection power of the MC-based intrusion detection methods for a number of telnet attacks, p-trace attacks, and the other sixteen types of attacks. And these experiments indicate that the new algorithm can find several types of real-time attacks, whereas the existing MC-based intrusion detection approaches cannot do that.

  12. Improving Accuracy of Intrusion Detection Model Using PCA and optimized SVM

    Sumaiya Thaseen Ikram

    2016-06-01

    Full Text Available Intrusion detection is very essential for providing security to different network domains and is mostly used for locating and tracing the intruders. There are many problems with traditional intrusion detection models (IDS such as low detection capability against unknown network attack, high false alarm rate and insufficient analysis capability. Hence the major scope of the research in this domain is to develop an intrusion detection model with improved accuracy and reduced training time. This paper proposes a hybrid intrusiondetection model by integrating the principal component analysis (PCA and support vector machine (SVM. The novelty of the paper is the optimization of kernel parameters of the SVM classifier using automatic parameter selection technique. This technique optimizes the punishment factor (C and kernel parameter gamma (γ, thereby improving the accuracy of the classifier and reducing the training and testing time. The experimental results obtained on the NSL KDD and gurekddcup dataset show that the proposed technique performs better with higher accuracy, faster convergence speed and better generalization. Minimum resources are consumed as the classifier input requires reduced feature set for optimum classification. A comparative analysis of hybrid models with the proposed model is also performed.

  13. Indian program for development of technologies relevant to reliable, non-intrusive, concealed-contraband detection

    Auluck, S.K.H.

    2007-01-01

    Generating capability for reliable, non-intrusive detection of concealed-contraband, particularly, organic contraband like explosives and narcotics, has become a national priority. This capability spans a spectrum of technologies. If a technology mission addressing the needs of a highly sophisticated technology like PFNA is set up, the capabilities acquired would be adequate to meet the requirements of many other sets of technologies. This forms the background of the Indian program for development of technologies relevant to reliable, non-intrusive, concealed contraband detection. One of the central themes of the technology development programs would be modularization of the neutron source and detector technologies, so that common elements can be combined in different ways for meeting a variety of application requirements. (author)

  14. Accurate Modeling of The Siemens S7 SCADA Protocol For Intrusion Detection And Digital Forensic

    Amit Kleinmann

    2014-09-01

    Full Text Available The Siemens S7 protocol is commonly used in SCADA systems for communications between a Human Machine Interface (HMI and the Programmable Logic Controllers (PLCs. This paper presents a model-based Intrusion Detection Systems (IDS designed for S7 networks. The approach is based on the key observation that S7 traffic to and from a specific PLC is highly periodic; as a result, each HMI-PLC channel can be modeled using its own unique Deterministic Finite Automaton (DFA. The resulting DFA-based IDS is very sensitive and is able to flag anomalies such as a message appearing out of its position in the normal sequence or a message referring to a single unexpected bit. The intrusion detection approach was evaluated on traffic from two production systems. Despite its high sensitivity, the system had a very low false positive rate - over 99.82% of the traffic was identified as normal.

  15. A Targeted Attack For Enhancing Resiliency of Intelligent Intrusion Detection Modules in Energy Cyber Physical Systems

    Youssef, Tarek [Florida Intl Univ., Miami, FL (United States); El Hariri, Mohammad [Florida Intl Univ., Miami, FL (United States); Habib, Hani [Florida Intl Univ., Miami, FL (United States); Mohammed, Osama [Florida Intl Univ., Miami, FL (United States); Harmon, E [Florida Intl Univ., Miami, FL (United States)

    2017-02-28

    Abstract— Secure high-speed communication is required to ensure proper operation of complex power grid systems and prevent malicious tampering activities. In this paper, artificial neural networks with temporal dependency are introduced for false data identification and mitigation for broadcasted IEC 61850 SMV messages. The fast responses of such intelligent modules in intrusion detection make them suitable for time- critical applications, such as protection. However, care must be taken in selecting the appropriate intelligence model and decision criteria. As such, this paper presents a customizable malware script to sniff and manipulate SMV messages and demonstrates the ability of the malware to trigger false positives in the neural network’s response. The malware developed is intended to be as a vaccine to harden the intrusion detection system against data manipulation attacks by enhancing the neural network’s ability to learn and adapt to these attacks.

  16. PMFA: Toward Passive Message Fingerprint Attacks on Challenge-Based Collaborative Intrusion Detection Networks

    Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For

    2016-01-01

    To enhance the performance of single intrusion detection systems (IDSs), collaborative intrusion detection networks (CIDNs) have been developed, which enable a set of IDS nodes to communicate with each other. In such a distributed network, insider attacks like collusion attacks are the main threat...... to advanced insider attacks in practical deployment. In this paper, we design a novel type of collusion attack, called passive message fingerprint attack (PMFA), which can collect messages and identify normal requests in a passive way. In the evaluation, we explore the attack performance under both simulated...... and real network environments. Experimental results indicate that under our attack, malicious nodes can send malicious responses to normal requests while maintaining their trust values....

  17. Developing advanced fingerprint attacks on challenge-based collaborative intrusion detection networks

    Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For

    2017-01-01

    Traditionally, an isolated intrusion detection system (IDS) is vulnerable to various types of attacks. In order to enhance IDS performance, collaborative intrusion detection networks (CIDNs) are developed through enabling a set of IDS nodes to communicate with each other. Due to the distributed...... network architecture, insider attacks are one of the major threats. In the literature, challenge-based trust mechanisms have been built to identify malicious nodes by evaluating the satisfaction levels between challenges and responses. However, such mechanisms rely on two major assumptions, which may...... result in a weak threat model. In this case, CIDNs may be still vulnerable to advanced insider attacks in real-world deployment. In this paper, we propose a novel collusion attack, called passive message fingerprint attack (PMFA), which can collect messages and identify normal requests in a passive way...

  18. Geophysical detection of marine intrusions in Black Sea coastal areas (Romania) using VES and ERT data

    CHITEA, Florina; GEORGESCU, Paul; IOANE, Dumitru

    2011-01-01

    Abstract. Communities living in coastal areas depend in a great extent on the fresh water resources exploited from aquifers which are usually in a natural hydrodynamic equilibrium with the sea water. The contamination of fresh water with marine saltwater determines a significant increase in the aquifers electric conductivity, allowing an efficient application of resistivity methods in detecting and monitoring the marine intrusions. We present case studies from Romania (Costinesti and Vama Vec...

  19. A Metrics-Based Approach to Intrusion Detection System Evaluation for Distributed Real-Time Systems

    2002-04-01

    Based Approach to Intrusion Detection System Evaluation for Distributed Real - Time Systems Authors: G. A. Fink, B. L. Chappell, T. G. Turner, and...Distributed, Security. 1 Introduction Processing and cost requirements are driving future naval combat platforms to use distributed, real - time systems of...distributed, real - time systems . As these systems grow more complex, the timing requirements do not diminish; indeed, they may become more constrained

  20. Industrial Control System Process-Oriented Intrusion Detection (iPoid) Algorithm

    2016-08-01

    SUBJECT TERMS supervisory control and data acquisition (SCADA), Modbus, industrial control system, intrusion detection system 16. SECURITY...List of Tables iv Acknowledgments v 1. Background 1 2. iPoid Modbus Packet-Inspection Capability 2 2.1 Software Requirements 2 2.2 Startup ...Mr Curtis Arnold’s support of Industrial Control Systems–Supervisory Control and Data Acquisition research at the US Army Research Laboratory

  1. Hybrid Modified K-Means with C4.5 for Intrusion Detection Systems in Multiagent Systems.

    Laftah Al-Yaseen, Wathiq; Ali Othman, Zulaiha; Ahmad Nazri, Mohd Zakree

    2015-01-01

    Presently, the processing time and performance of intrusion detection systems are of great importance due to the increased speed of traffic data networks and a growing number of attacks on networks and computers. Several approaches have been proposed to address this issue, including hybridizing with several algorithms. However, this paper aims at proposing a hybrid of modified K-means with C4.5 intrusion detection system in a multiagent system (MAS-IDS). The MAS-IDS consists of three agents, namely, coordinator, analysis, and communication agent. The basic concept underpinning the utilized MAS is dividing the large captured network dataset into a number of subsets and distributing these to a number of agents depending on the data network size and core CPU availability. KDD Cup 1999 dataset is used for evaluation. The proposed hybrid modified K-means with C4.5 classification in MAS is developed in JADE platform. The results show that compared to the current methods, the MAS-IDS reduces the IDS processing time by up to 70%, while improving the detection accuracy.

  2. Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS)

    Jared Verba; Michael Milvich

    2008-05-01

    Current Intrusion Detection System (IDS) technology is not suited to be widely deployed inside a Supervisory, Control and Data Acquisition (SCADA) environment. Anomaly- and signature-based IDS technologies have developed methods to cover information technology-based networks activity and protocols effectively. However, these IDS technologies do not include the fine protocol granularity required to ensure network security inside an environment with weak protocols lacking authentication and encryption. By implementing a more specific and more intelligent packet inspection mechanism, tailored traffic flow analysis, and unique packet tampering detection, IDS technology developed specifically for SCADA environments can be deployed with confidence in detecting malicious activity.

  3. Network Intrusion Detection System (NIDS in Cloud Environment based on Hidden Naïve Bayes Multiclass Classifier

    Hafza A. Mahmood

    2018-04-01

    Full Text Available Cloud Environment is next generation internet based computing system that supplies customiza-ble services to the end user to work or access to the various cloud applications. In order to provide security and decrease the damage of information system, network and computer system it is im-portant to provide intrusion detection system (IDS. Now Cloud environment are under threads from network intrusions, as one of most prevalent and offensive means Denial of Service (DoS attacks that cause dangerous impact on cloud computing systems. This paper propose Hidden naïve Bayes (HNB Classifier to handle DoS attacks which is a data mining (DM model used to relaxes the conditional independence assumption of Naïve Bayes classifier (NB, proposed sys-tem used HNB Classifier supported with discretization and feature selection where select the best feature enhance the performance of the system and reduce consuming time. To evaluate the per-formance of proposal system, KDD 99 CUP and NSL KDD Datasets has been used. The experi-mental results show that the HNB classifier improves the performance of NIDS in terms of accu-racy and detecting DoS attacks, where the accuracy of detect DoS is 100% in three test KDD cup 99 dataset by used only 12 feature that selected by use gain ratio while in NSL KDD Dataset the accuracy of detect DoS attack is 90 % in three Experimental NSL KDD dataset by select 10 fea-ture only.

  4. Attacks and intrusion detection in wireless sensor networks of industrial SCADA systems

    Kamaev, V. A.; Finogeev, A. G.; Finogeev, A. A.; Parygin, D. S.

    2017-01-01

    The effectiveness of automated process control systems (APCS) and supervisory control and data acquisition systems (SCADA) information security depends on the applied protection technologies of transport environment data transmission components. This article investigates the problems of detecting attacks in wireless sensor networks (WSN) of SCADA systems. As a result of analytical studies, the authors developed the detailed classification of external attacks and intrusion detection in sensor networks and brought a detailed description of attacking impacts on components of SCADA systems in accordance with the selected directions of attacks.

  5. Non-intrusive uncertainty quantification of computational fluid dynamics simulations: notes on the accuracy and efficiency

    Zimoń, Małgorzata; Sawko, Robert; Emerson, David; Thompson, Christopher

    2017-11-01

    Uncertainty quantification (UQ) is increasingly becoming an indispensable tool for assessing the reliability of computational modelling. Efficient handling of stochastic inputs, such as boundary conditions, physical properties or geometry, increases the utility of model results significantly. We discuss the application of non-intrusive generalised polynomial chaos techniques in the context of fluid engineering simulations. Deterministic and Monte Carlo integration rules are applied to a set of problems, including ordinary differential equations and the computation of aerodynamic parameters subject to random perturbations. In particular, we analyse acoustic wave propagation in a heterogeneous medium to study the effects of mesh resolution, transients, number and variability of stochastic inputs. We consider variants of multi-level Monte Carlo and perform a novel comparison of the methods with respect to numerical and parametric errors, as well as computational cost. The results provide a comprehensive view of the necessary steps in UQ analysis and demonstrate some key features of stochastic fluid flow systems.

  6. A New Unified Intrusion Anomaly Detection in Identifying Unseen Web Attacks

    Muhammad Hilmi Kamarudin

    2017-01-01

    Full Text Available The global usage of more sophisticated web-based application systems is obviously growing very rapidly. Major usage includes the storing and transporting of sensitive data over the Internet. The growth has consequently opened up a serious need for more secured network and application security protection devices. Security experts normally equip their databases with a large number of signatures to help in the detection of known web-based threats. In reality, it is almost impossible to keep updating the database with the newly identified web vulnerabilities. As such, new attacks are invisible. This research presents a novel approach of Intrusion Detection System (IDS in detecting unknown attacks on web servers using the Unified Intrusion Anomaly Detection (UIAD approach. The unified approach consists of three components (preprocessing, statistical analysis, and classification. Initially, the process starts with the removal of irrelevant and redundant features using a novel hybrid feature selection method. Thereafter, the process continues with the application of a statistical approach to identifying traffic abnormality. We performed Relative Percentage Ratio (RPR coupled with Euclidean Distance Analysis (EDA and the Chebyshev Inequality Theorem (CIT to calculate the normality score and generate a finest threshold. Finally, Logitboost (LB is employed alongside Random Forest (RF as a weak classifier, with the aim of minimising the final false alarm rate. The experiment has demonstrated that our approach has successfully identified unknown attacks with greater than a 95% detection rate and less than a 1% false alarm rate for both the DARPA 1999 and the ISCX 2012 datasets.

  7. A Multiagent-based Intrusion Detection System with the Support of Multi-Class Supervised Classification

    Shyu, Mei-Ling; Sainani, Varsha

    The increasing number of network security related incidents have made it necessary for the organizations to actively protect their sensitive data with network intrusion detection systems (IDSs). IDSs are expected to analyze a large volume of data while not placing a significantly added load on the monitoring systems and networks. This requires good data mining strategies which take less time and give accurate results. In this study, a novel data mining assisted multiagent-based intrusion detection system (DMAS-IDS) is proposed, particularly with the support of multiclass supervised classification. These agents can detect and take predefined actions against malicious activities, and data mining techniques can help detect them. Our proposed DMAS-IDS shows superior performance compared to central sniffing IDS techniques, and saves network resources compared to other distributed IDS with mobile agents that activate too many sniffers causing bottlenecks in the network. This is one of the major motivations to use a distributed model based on multiagent platform along with a supervised classification technique.

  8. An Intrusion Detection System for the Protection of Railway Assets Using Fiber Bragg Grating Sensors

    Angelo Catalano

    2014-09-01

    Full Text Available We demonstrate the ability of Fiber Bragg Gratings (FBGs sensors to protect large areas from unauthorized activities in railway scenarios such as stations or tunnels. We report on the technological strategy adopted to protect a specific depot, representative of a common scenario for security applications in the railway environment. One of the concerns in the protection of a railway area centers on the presence of rail-tracks, which cannot be obstructed with physical barriers. We propose an integrated optical fiber system composed of FBG strain sensors that can detect human intrusion for protection of the perimeter combined with FBG accelerometer sensors for protection of rail-track access. Several trials were carried out in indoor and outdoor environments. The results demonstrate that FBG strain sensors bonded under a ribbed rubber mat enable the detection of intruder break-in via the pressure induced on the mat, whereas the FBG accelerometers installed under the rails enable the detection of intruders walking close to the railroad tracks via the acoustic surface waves generated by footsteps. Based on a single enabling technology, this integrated system represents a valuable intrusion detection system for railway security and could be integrated with other sensing functionalities in the railway field using fiber optic technology.

  9. Design of an Acoustic Target Intrusion Detection System Based on Small-Aperture Microphone Array

    Zu, Xingshui; Guo, Feng; Huang, Jingchang; Zhao, Qin; Liu, Huawei; Li, Baoqing; Yuan, Xiaobing

    2017-01-01

    Automated surveillance of remote locations in a wireless sensor network is dominated by the detection algorithm because actual intrusions in such locations are a rare event. Therefore, a detection method with low power consumption is crucial for persistent surveillance to ensure longevity of the sensor networks. A simple and effective two-stage algorithm composed of energy detector (ED) and delay detector (DD) with all its operations in time-domain using small-aperture microphone array (SAMA) is proposed. The algorithm analyzes the quite different velocities between wind noise and sound waves to improve the detection capability of ED in the surveillance area. Experiments in four different fields with three types of vehicles show that the algorithm is robust to wind noise and the probability of detection and false alarm are 96.67% and 2.857%, respectively. PMID:28273838

  10. Probabilistic monitoring in intrusion detection module for energy efficiency in mobile ad hoc networks

    De Rango, Floriano; Lupia, Andrea

    2016-05-01

    MANETs allow mobile nodes communicating to each other using the wireless medium. A key aspect of these kind of networks is the security, because their setup is done without an infrastructure, so external nodes could interfere in the communication. Mobile nodes could be compromised, misbehaving during the multi-hop transmission of data, or they could have a selfish behavior to save energy, which is another important constraint in MANETs. The detection of these behaviors need a framework that takes into account the latest interactions among nodes, so malicious or selfish nodes could be detected also if their behavior is changed over time. The monitoring activity increases the energy consumption, so our proposal takes into account this issue reducing the energy required by the monitoring system, keeping the effectiveness of the intrusion detection system. The results show an improvement in the saved energy, improving the detection performance too.

  11. Intrusion Detection in NEAR System by Anti-denoising Traffic Data Series using Discrete Wavelet Transform

    VANCEA, F.

    2014-11-01

    Full Text Available The paper presents two methods for detecting anomalies in data series derived from network traffic. Intrusion detection systems based on network traffic analysis are able to respond to incidents never seen before by detecting anomalies in data series extracted from the traffic. Some anomalies manifest themselves as pulses of various sizes and shapes, superimposed on series corresponding to normal traffic. In order to detect those impulses we propose two methods based on discrete wavelet transformation. Their effectiveness expressed in relative thresholds on pulse amplitude for no false negatives and no false positives is then evaluated against pulse duration and Hurst characteristic of original series. Different base functions are also evaluated for efficiency in the context of the proposed methods.

  12. A two-stage flow-based intrusion detection model for next-generation networks.

    Umer, Muhammad Fahad; Sher, Muhammad; Bi, Yaxin

    2018-01-01

    The next-generation network provides state-of-the-art access-independent services over converged mobile and fixed networks. Security in the converged network environment is a major challenge. Traditional packet and protocol-based intrusion detection techniques cannot be used in next-generation networks due to slow throughput, low accuracy and their inability to inspect encrypted payload. An alternative solution for protection of next-generation networks is to use network flow records for detection of malicious activity in the network traffic. The network flow records are independent of access networks and user applications. In this paper, we propose a two-stage flow-based intrusion detection system for next-generation networks. The first stage uses an enhanced unsupervised one-class support vector machine which separates malicious flows from normal network traffic. The second stage uses a self-organizing map which automatically groups malicious flows into different alert clusters. We validated the proposed approach on two flow-based datasets and obtained promising results.

  13. A Hypergraph and Arithmetic Residue-based Probabilistic Neural Network for classification in Intrusion Detection Systems.

    Raman, M R Gauthama; Somu, Nivethitha; Kirthivasan, Kannan; Sriram, V S Shankar

    2017-08-01

    Over the past few decades, the design of an intelligent Intrusion Detection System (IDS) remains an open challenge to the research community. Continuous efforts by the researchers have resulted in the development of several learning models based on Artificial Neural Network (ANN) to improve the performance of the IDSs. However, there exists a tradeoff with respect to the stability of ANN architecture and the detection rate for less frequent attacks. This paper presents a novel approach based on Helly property of Hypergraph and Arithmetic Residue-based Probabilistic Neural Network (HG AR-PNN) to address the classification problem in IDS. The Helly property of Hypergraph was exploited for the identification of the optimal feature subset and the arithmetic residue of the optimal feature subset was used to train the PNN. The performance of HG AR-PNN was evaluated using KDD CUP 1999 intrusion dataset. Experimental results prove the dominance of HG AR-PNN classifier over the existing classifiers with respect to the stability and improved detection rate for less frequent attacks. Copyright © 2017 Elsevier Ltd. All rights reserved.

  14. Energy Efficient Monitoring for Intrusion Detection in Battery-Powered Wireless Mesh Networks

    Hassanzadeh, Amin

    2011-07-18

    Wireless Mesh Networks (WMN) are easy-to-deploy, low cost solutions for providing networking and internet services in environments with no network infrastructure, e.g., disaster areas and battlefields. Since electric power is not readily available in such environments battery-powered mesh routers, operating in an energy efficient manner, are required. To the best of our knowledge, the impact of energy efficient solutions, e.g., involving duty-cycling, on WMN intrusion detection systems, which require continuous monitoring, remains an open research problem. In this paper we propose that carefully chosen monitoring mesh nodes ensure continuous and complete detection coverage, while allowing non-monitoring mesh nodes to save energy through duty-cycling. We formulate the monitoring node selection problem as an optimization problem and propose distributed and centralized solutions for it, with different tradeoffs. Through extensive simulations and a proof-of-concept hardware/software implementation we demonstrate that our solutions extend the WMN lifetime by 8%, while ensuring, at the minimum, a 97% intrusion detection rate.

  15. HPNAIDM: The High-Performance Network Anomaly/Intrusion Detection and Mitigation System

    Chen, Yan [Northwesten University

    2013-12-05

    Identifying traffic anomalies and attacks rapidly and accurately is critical for large network operators. With the rapid growth of network bandwidth, such as the next generation DOE UltraScience Network, and fast emergence of new attacks/virus/worms, existing network intrusion detection systems (IDS) are insufficient because they: • Are mostly host-based and not scalable to high-performance networks; • Are mostly signature-based and unable to adaptively recognize flow-level unknown attacks; • Cannot differentiate malicious events from the unintentional anomalies. To address these challenges, we proposed and developed a new paradigm called high-performance network anomaly/intrustion detection and mitigation (HPNAIDM) system. The new paradigm is significantly different from existing IDSes with the following features (research thrusts). • Online traffic recording and analysis on high-speed networks; • Online adaptive flow-level anomaly/intrusion detection and mitigation; • Integrated approach for false positive reduction. Our research prototype and evaluation demonstrate that the HPNAIDM system is highly effective and economically feasible. Beyond satisfying the pre-set goals, we even exceed that significantly (see more details in the next section). Overall, our project harvested 23 publications (2 book chapters, 6 journal papers and 15 peer-reviewed conference/workshop papers). Besides, we built a website for technique dissemination, which hosts two system prototype release to the research community. We also filed a patent application and developed strong international and domestic collaborations which span both academia and industry.

  16. Cross-layer design for intrusion detection and data security in wireless ad hoc sensor networks

    Hortos, William S.

    2007-09-01

    A wireless ad hoc sensor network is a configuration for area surveillance that affords rapid, flexible deployment in arbitrary threat environments. There is no infrastructure support and sensor nodes communicate with each other only when they are in transmission range. The nodes are severely resource-constrained, with limited processing, memory and power capacities and must operate cooperatively to fulfill a common mission in typically unattended modes. In a wireless sensor network (WSN), each sensor at a node can observe locally some underlying physical phenomenon and sends a quantized version of the observation to sink (destination) nodes via wireless links. Since the wireless medium can be easily eavesdropped, links can be compromised by intrusion attacks from nodes that may mount denial-of-service attacks or insert spurious information into routing packets, leading to routing loops, long timeouts, impersonation, and node exhaustion. A cross-layer design based on protocol-layer interactions is proposed for detection and identification of various intrusion attacks on WSN operation. A feature set is formed from selected cross-layer parameters of the WSN protocol to detect and identify security threats due to intrusion attacks. A separate protocol is not constructed from the cross-layer design; instead, security attributes and quantified trust levels at and among nodes established during data exchanges complement customary WSN metrics of energy usage, reliability, route availability, and end-to-end quality-of-service (QoS) provisioning. Statistical pattern recognition algorithms are applied that use observed feature-set patterns observed during network operations, viewed as security audit logs. These algorithms provide the "best" network global performance in the presence of various intrusion attacks. A set of mobile (software) agents distributed at the nodes implement the algorithms, by moving among the layers involved in the network response at each active node

  17. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

    Min-Joo Kang

    Full Text Available A novel intrusion detection system (IDS using a deep neural network (DNN is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN, therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN bus.

  18. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

    Kang, Min-Joo; Kang, Je-Won

    2016-01-01

    A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus.

  19. An Intelligent Tutor for Intrusion Detection on Computer Systems

    Rowe, Neil C; Schiavo, Sandra

    1998-01-01

    ... critical. We describe a tutor incorporating two programs. The first program uses artificial-intelligence planning methods to generate realistic audit files reporting actions of a variety of simulated users (including intruders...

  20. Long-distance fiber optic sensing solutions for pipeline leakage, intrusion, and ground movement detection

    Nikles, Marc

    2009-05-01

    An increasing number of pipelines are constructed in remote regions affected by harsh environmental conditions where pipeline routes often cross mountain areas which are characterized by unstable grounds and where soil texture changes between winter and summer increase the probability of hazards. Third party intentional interference or accidental intrusions are a major cause of pipeline failures leading to large leaks or even explosions. Due to the long distances to be monitored and the linear nature of pipelines, distributed fiber optic sensing techniques offer significant advantages and the capability to detect and localize pipeline disturbance with great precision. Furthermore pipeline owner/operators lay fiber optic cable parallel to transmission pipelines for telecommunication purposes and at minimum additional cost monitoring capabilities can be added to the communication system. The Brillouin-based Omnisens DITEST monitoring system has been used in several long distance pipeline projects. The technique is capable of measuring strain and temperature over 100's kilometers with meter spatial resolution. Dedicated fiber optic cables have been developed for continuous strain and temperature monitoring and their deployment along the pipeline has enabled permanent and continuous pipeline ground movement, intrusion and leak detection. This paper presents a description of the fiber optic Brillouin-based DITEST sensing technique, its measurement performance and limits, while addressing future perspectives for pipeline monitoring. The description is supported by case studies and illustrated by field data.

  1. The Use of Artificial-Intelligence-Based Ensembles for Intrusion Detection: A Review

    Gulshan Kumar

    2012-01-01

    Full Text Available In supervised learning-based classification, ensembles have been successfully employed to different application domains. In the literature, many researchers have proposed different ensembles by considering different combination methods, training datasets, base classifiers, and many other factors. Artificial-intelligence-(AI- based techniques play prominent role in development of ensemble for intrusion detection (ID and have many benefits over other techniques. However, there is no comprehensive review of ensembles in general and AI-based ensembles for ID to examine and understand their current research status to solve the ID problem. Here, an updated review of ensembles and their taxonomies has been presented in general. The paper also presents the updated review of various AI-based ensembles for ID (in particular during last decade. The related studies of AI-based ensembles are compared by set of evaluation metrics driven from (1 architecture & approach followed; (2 different methods utilized in different phases of ensemble learning; (3 other measures used to evaluate classification performance of the ensembles. The paper also provides the future directions of the research in this area. The paper will help the better understanding of different directions in which research of ensembles has been done in general and specifically: field of intrusion detection systems (IDSs.

  2. Non-intrusive gesture recognition system combining with face detection based on Hidden Markov Model

    Jin, Jing; Wang, Yuanqing; Xu, Liujing; Cao, Liqun; Han, Lei; Zhou, Biye; Li, Minggao

    2014-11-01

    A non-intrusive gesture recognition human-machine interaction system is proposed in this paper. In order to solve the hand positioning problem which is a difficulty in current algorithms, face detection is used for the pre-processing to narrow the search area and find user's hand quickly and accurately. Hidden Markov Model (HMM) is used for gesture recognition. A certain number of basic gesture units are trained as HMM models. At the same time, an improved 8-direction feature vector is proposed and used to quantify characteristics in order to improve the detection accuracy. The proposed system can be applied in interaction equipments without special training for users, such as household interactive television

  3. Non-intrusive, fast and sensitive ammonia detection by laser photothermal deflection

    Vries, H.S.M. de; Harren, F.J.M.; Wyers, G.P.; Otjes, R.P.; Slanina, J.; Reuss, J.

    1995-01-01

    A recently developed non-intrusive photothermal deflection (PTD) instrument allows sensitive, rapid and quantitative detection of local ammonia concentrations in the air. Ammonia is vibrationally excited by an infrared CO 2 laser in an intracavity configuration. A HeNe beam passing over the CO 2 laser beam (multipass arrangement) is deflected by the induced refractive index gradient. The detection limit for ammonia in ambient air is 0.5 ppbv with a spatial resolution of a few mm 3 . The time resolution is 0.1 s (single line) or 15 s (multi line). The system is fully automated and suited for non-stop measuring periods of at least one week. Results were compared to those obtained with a continuous-flow denuder (CFD). (author)

  4. Alerts Analysis and Visualization in Network-based Intrusion Detection Systems

    Yang, Dr. Li [University of Tennessee

    2010-08-01

    The alerts produced by network-based intrusion detection systems, e.g. Snort, can be difficult for network administrators to efficiently review and respond to due to the enormous number of alerts generated in a short time frame. This work describes how the visualization of raw IDS alert data assists network administrators in understanding the current state of a network and quickens the process of reviewing and responding to intrusion attempts. The project presented in this work consists of three primary components. The first component provides a visual mapping of the network topology that allows the end-user to easily browse clustered alerts. The second component is based on the flocking behavior of birds such that birds tend to follow other birds with similar behaviors. This component allows the end-user to see the clustering process and provides an efficient means for reviewing alert data. The third component discovers and visualizes patterns of multistage attacks by profiling the attacker s behaviors.

  5. Playing the computer game Tetris prior to viewing traumatic film material and subsequent intrusive memories: Examining proactive interference.

    James, Ella L; Lau-Zhu, Alex; Tickle, Hannah; Horsch, Antje; Holmes, Emily A

    2016-12-01

    Visuospatial working memory (WM) tasks performed concurrently or after an experimental trauma (traumatic film viewing) have been shown to reduce subsequent intrusive memories (concurrent or retroactive interference, respectively). This effect is thought to arise because, during the time window of memory consolidation, the film memory is labile and vulnerable to interference by the WM task. However, it is not known whether tasks before an experimental trauma (i.e. proactive interference) would also be effective. Therefore, we tested if a visuospatial WM task given before a traumatic film reduced intrusions. Findings are relevant to the development of preventative strategies to reduce intrusive memories of trauma for groups who are routinely exposed to trauma (e.g. emergency services personnel) and for whom tasks prior to trauma exposure might be beneficial. Participants were randomly assigned to 1 of 2 conditions. In the Tetris condition (n = 28), participants engaged in the computer game for 11 min immediately before viewing a 12-min traumatic film, whereas those in the Control condition (n = 28) had no task during this period. Intrusive memory frequency was assessed using an intrusion diary over 1-week and an Intrusion Provocation Task at 1-week follow-up. Recognition memory for the film was also assessed at 1-week. Compared to the Control condition, participants in the Tetris condition did not report statistically significant difference in intrusive memories of the trauma film on either measure. There was also no statistically significant difference in recognition memory scores between conditions. The study used an experimental trauma paradigm and findings may not be generalizable to a clinical population. Compared to control, playing Tetris before viewing a trauma film did not lead to a statistically significant reduction in the frequency of later intrusive memories of the film. It is unlikely that proactive interference, at least with this task

  6. Time-resolved seismic tomography detects magma intrusions at Mount Etna.

    Patanè, D; Barberi, G; Cocina, O; De Gori, P; Chiarabba, C

    2006-08-11

    The continuous volcanic and seismic activity at Mount Etna makes this volcano an important laboratory for seismological and geophysical studies. We used repeated three-dimensional tomography to detect variations in elastic parameters during different volcanic cycles, before and during the October 2002-January 2003 flank eruption. Well-defined anomalous low P- to S-wave velocity ratio volumes were revealed. Absent during the pre-eruptive period, the anomalies trace the intrusion of volatile-rich (>/=4 weight percent) basaltic magma, most of which rose up only a few months before the onset of eruption. The observed time changes of velocity anomalies suggest that four-dimensional tomography provides a basis for more efficient volcano monitoring and short- and midterm eruption forecasting of explosive activity.

  7. The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware

    Tierney, Brian L; Vallentin, Matthias; Sommer, Robin; Lee, Jason; Leres, Craig; Paxson, Vern; Tierney, Brian

    2007-09-19

    In this work we present a NIDS cluster as a scalable solution for realizing high-performance, stateful network intrusion detection on commodity hardware. The design addresses three challenges: (i) distributing traffic evenly across an extensible set of analysis nodes in a fashion that minimizes the communication required for coordination, (ii) adapting the NIDS's operation to support coordinating its low-level analysis rather than just aggregating alerts; and (iii) validating that the cluster produces sound results. Prototypes of our NIDS cluster now operate at the Lawrence Berkeley National Laboratory and the University of California at Berkeley. In both environments the clusters greatly enhance the power of the network security monitoring.

  8. Intelligent Intrusion Detection of Grey Hole and Rushing Attacks in Self-Driving Vehicular Networks

    Khattab M. Ali Alheeti

    2016-07-01

    Full Text Available Vehicular ad hoc networks (VANETs play a vital role in the success of self-driving and semi self-driving vehicles, where they improve safety and comfort. Such vehicles depend heavily on external communication with the surrounding environment via data control and Cooperative Awareness Messages (CAMs exchanges. VANETs are potentially exposed to a number of attacks, such as grey hole, black hole, wormhole and rushing attacks. This work presents an intelligent Intrusion Detection System (IDS that relies on anomaly detection to protect the external communication system from grey hole and rushing attacks. These attacks aim to disrupt the transmission between vehicles and roadside units. The IDS uses features obtained from a trace file generated in a network simulator and consists of a feed-forward neural network and a support vector machine. Additionally, the paper studies the use of a novel systematic response, employed to protect the vehicle when it encounters malicious behaviour. Our simulations of the proposed detection system show that the proposed schemes possess outstanding detection rates with a reduction in false alarms. This safe mode response system has been evaluated using four performance metrics, namely, received packets, packet delivery ratio, dropped packets and the average end to end delay, under both normal and abnormal conditions.

  9. Computer Viruses: Pathology and Detection.

    Maxwell, John R.; Lamon, William E.

    1992-01-01

    Explains how computer viruses were originally created, how a computer can become infected by a virus, how viruses operate, symptoms that indicate a computer is infected, how to detect and remove viruses, and how to prevent a reinfection. A sidebar lists eight antivirus resources. (four references) (LRW)

  10. Preliminary experimental results for a non-intrusive scheme for the detection of flaws in metal pipelines

    Aydin, K.; Shinde, S.; Suhail, M.; Vyas, A.; Zieher, K. W.

    2002-05-01

    An acoustic pulse echo scheme for non-intrusive detection of flaws in metal pipelines has been investigated in the laboratory. The primary pulse is generated by a pulsed magnetic field enclosing a short section of a free pipe. The detection is by an electrostatic detector surrounding a short section of the pipe. Reflected pulses from thin areas, with a longitudinal extension of about one pipe radius and a reduction of the wall thickness of 40%, can be detected clearly.

  11. Non-Intrusive Magneto-Optic Detecting System for Investigations of Air Switching Arcs

    Zhang Pengfei; Zhang Guogang; Dong Jinlong; Liu Wanying; Geng Yingsan

    2014-01-01

    In current investigations of electric arc plasmas, experiments based on modern testing technology play an important role. To enrich the testing methods and contribute to the understanding and grasping of the inherent mechanism of air switching arcs, in this paper, a non-intrusive detecting system is described that combines the magneto-optic imaging (MOI) technique with the solution to inverse electromagnetic problems. The detecting system works in a sequence of main steps as follows: MOI of the variation of the arc flux density over a plane, magnetic field information extracted from the magneto-optic (MO) images, arc current density distribution and spatial pattern reconstruction by inverting the resulting field data. Correspondingly, in the system, an MOI set-up is designed based on the Faraday effect and the polarization properties of light, and an intelligent inversion algorithm is proposed that involves simulated annealing (SA). Experiments were carried out for high current (2 kA RMS) discharge cases in a typical low-voltage switchgear. The results show that the MO detection system possesses the advantages of visualization, high resolution and response, and electrical insulation, which provides a novel diagnostics tool for further studies of the arc. (low temperature plasma)

  12. Investigating the Influence of Special On–Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks

    Wenjuan Li

    2018-01-01

    Full Text Available Intrusions are becoming more complicated with the recent development of adversarial techniques. To boost the detection accuracy of a separate intrusion detector, the collaborative intrusion detection network (CIDN has thus been developed by allowing intrusion detection system (IDS nodes to exchange data with each other. Insider attacks are a great threat for such types of collaborative networks, where an attacker has the authorized access within the network. In literature, a challenge-based trust mechanism is effective at identifying malicious nodes by sending challenges. However, such mechanisms are heavily dependent on two assumptions, which would cause CIDNs to be vulnerable to advanced insider attacks in practice. In this work, we investigate the influence of advanced on–off attacks on challenge-based CIDNs, which can respond truthfully to one IDS node but behave maliciously to another IDS node. To evaluate the attack performance, we have conducted two experiments under a simulated and a real CIDN environment. The obtained results demonstrate that our designed attack is able to compromise the robustness of challenge-based CIDNs in practice; that is, some malicious nodes can behave untruthfully without a timely detection.

  13. Computational benefits using artificial intelligent methodologies for the solution of an environmental design problem: saltwater intrusion.

    Papadopoulou, Maria P; Nikolos, Ioannis K; Karatzas, George P

    2010-01-01

    Artificial Neural Networks (ANNs) comprise a powerful tool to approximate the complicated behavior and response of physical systems allowing considerable reduction in computation time during time-consuming optimization runs. In this work, a Radial Basis Function Artificial Neural Network (RBFN) is combined with a Differential Evolution (DE) algorithm to solve a water resources management problem, using an optimization procedure. The objective of the optimization scheme is to cover the daily water demand on the coastal aquifer east of the city of Heraklion, Crete, without reducing the subsurface water quality due to seawater intrusion. The RBFN is utilized as an on-line surrogate model to approximate the behavior of the aquifer and to replace some of the costly evaluations of an accurate numerical simulation model which solves the subsurface water flow differential equations. The RBFN is used as a local approximation model in such a way as to maintain the robustness of the DE algorithm. The results of this procedure are compared to the corresponding results obtained by using the Simplex method and by using the DE procedure without the surrogate model. As it is demonstrated, the use of the surrogate model accelerates the convergence of the DE optimization procedure and additionally provides a better solution at the same number of exact evaluations, compared to the original DE algorithm.

  14. 基于信息熵的SVM入侵检测技术%Exploring SVM-based intrusion detection through information entropy theory

    朱文杰; 王强; 翟献军

    2013-01-01

    在传统基于SVM的入侵检测中,核函数构造和特征选择采用先验知识,普遍存在准确度不高、效率低下的问题.通过信息熵理论与SVM算法相结合的方法改进为基于信息熵的SVM入侵检测算法,可以提高入侵检测的准确性,提升入侵检测的效率.基于信息熵的SVM入侵检测算法包括两个方面:一方面,根据样本包含的用户信息熵和方差,将样本特征统一,以特征是否属于置信区间来度量.将得到的样本特征置信向量作为SVM核函数的构造参数,既可保证训练样本集与最优分类面之间的对应关系,又可得到入侵检测需要的最大分类间隔;另一方面,将样本包含的用户信息量作为度量大幅度约简样本特征子集,不但降低了样本计算规模,而且提高了分类器的训练速度.实验表明,该算法在入侵检测系统中的应用优于传统的SVM算法.%In traditional SVM based intrusion detection approaches,both core function construction and feature selection use prior knowdege.Due to this,they are not only inefficient but also inaccurate.It is observed that integrating information entropy theory into SVM-based intrusion detection can enhance both the precision and the speed.Concludely speaking,SVM-based entropy intrusion detection algorithms are made up of two aspects:on one hand,setting sample confidence vector as core function's constructor of SVM algorithm can guarantee the mapping relationship between training sample and optimization classification plane.Also,the intrusion detection's maximum interval can be acquired.On the other hand,simplifying feature subset with samples's entropy as metric standard can not only shrink the computing scale but also improve the speed.Experiments prove that the SVM based entropy intrusion detection algoritm outperfomrs other tradional algorithms.

  15. Using Hybrid Algorithm to Improve Intrusion Detection in Multi Layer Feed Forward Neural Networks

    Ray, Loye Lynn

    2014-01-01

    The need for detecting malicious behavior on a computer networks continued to be important to maintaining a safe and secure environment. The purpose of this study was to determine the relationship of multilayer feed forward neural network architecture to the ability of detecting abnormal behavior in networks. This involved building, training, and…

  16. PERFORMANCE COMPARISON OF INTRUSION DETECTION SYSTEM USING VARIOUS TECHNIQUES – A REVIEW

    S. Devaraju

    2013-09-01

    Full Text Available Nowadays, the security has become a critical part of any organization or industry information systems. The Intrusion Detection System is an effective method to deal with the new kind of threats such as DoS, Porbe, R2L and U2R. In this paper, we analyze the various approaches such as Hidden Semi Markov Model, Conditional Random Fields and Layered Approach, Bayesian classification, Data Mining techniques, Clustering Algorithms such as K-Means and Fuzzy c-Means, Back Propagation Neural Network, SOM Neural Network, Rough Set Neural Network Algorithm, Genetic Algorithm, Pattern Matching, Principle Component Analysis, Linear Discriminant Analysis, Independent Component Analysis, Multivariate Statistical Analysis, SOM/PSO algorithm etc. The performance is measured for two different datasets using various approaches. The datasets are trained and tested for identifying the new attacks that will affect the hosts or networks. The well known KDD Cup 1999 or DARPA 1999 dataset has been used to improve the accuracy and performance. The four groups of attacks are identified as Probe, DoS, U2R and R2L. The dataset used for training set is 494,021 and testing set is 311,028. The aim is to improve the detection rate and performance of the proposed system.

  17. FSM-F: Finite State Machine Based Framework for Denial of Service and Intrusion Detection in MANET.

    N Ahmed, Malik; Abdullah, Abdul Hanan; Kaiwartya, Omprakash

    2016-01-01

    Due to the continuous advancements in wireless communication in terms of quality of communication and affordability of the technology, the application area of Mobile Adhoc Networks (MANETs) significantly growing particularly in military and disaster management. Considering the sensitivity of the application areas, security in terms of detection of Denial of Service (DoS) and intrusion has become prime concern in research and development in the area. The security systems suggested in the past has state recognition problem where the system is not able to accurately identify the actual state of the network nodes due to the absence of clear definition of states of the nodes. In this context, this paper proposes a framework based on Finite State Machine (FSM) for denial of service and intrusion detection in MANETs. In particular, an Interruption Detection system for Adhoc On-demand Distance Vector (ID-AODV) protocol is presented based on finite state machine. The packet dropping and sequence number attacks are closely investigated and detection systems for both types of attacks are designed. The major functional modules of ID-AODV includes network monitoring system, finite state machine and attack detection model. Simulations are carried out in network simulator NS-2 to evaluate the performance of the proposed framework. A comparative evaluation of the performance is also performed with the state-of-the-art techniques: RIDAN and AODV. The performance evaluations attest the benefits of proposed framework in terms of providing better security for denial of service and intrusion detection attacks.

  18. FSM-F: Finite State Machine Based Framework for Denial of Service and Intrusion Detection in MANET.

    Malik N Ahmed

    Full Text Available Due to the continuous advancements in wireless communication in terms of quality of communication and affordability of the technology, the application area of Mobile Adhoc Networks (MANETs significantly growing particularly in military and disaster management. Considering the sensitivity of the application areas, security in terms of detection of Denial of Service (DoS and intrusion has become prime concern in research and development in the area. The security systems suggested in the past has state recognition problem where the system is not able to accurately identify the actual state of the network nodes due to the absence of clear definition of states of the nodes. In this context, this paper proposes a framework based on Finite State Machine (FSM for denial of service and intrusion detection in MANETs. In particular, an Interruption Detection system for Adhoc On-demand Distance Vector (ID-AODV protocol is presented based on finite state machine. The packet dropping and sequence number attacks are closely investigated and detection systems for both types of attacks are designed. The major functional modules of ID-AODV includes network monitoring system, finite state machine and attack detection model. Simulations are carried out in network simulator NS-2 to evaluate the performance of the proposed framework. A comparative evaluation of the performance is also performed with the state-of-the-art techniques: RIDAN and AODV. The performance evaluations attest the benefits of proposed framework in terms of providing better security for denial of service and intrusion detection attacks.

  19. A comparative performance evaluation of intrusion detection techniques for hierarchical wireless sensor networks

    H.H. Soliman

    2012-11-01

    Full Text Available An explosive growth in the field of wireless sensor networks (WSNs has been achieved in the past few years. Due to its important wide range of applications especially military applications, environments monitoring, health care application, home automation, etc., they are exposed to security threats. Intrusion detection system (IDS is one of the major and efficient defensive methods against attacks in WSN. Therefore, developing IDS for WSN have attracted much attention recently and thus, there are many publications proposing new IDS techniques or enhancement to the existing ones. This paper evaluates and compares the most prominent anomaly-based IDS systems for hierarchical WSNs and identifying their strengths and weaknesses. For each IDS, the architecture and the related functionality are briefly introduced, discussed, and compared, focusing on both the operational strengths and weakness. In addition, a comparison of the studied IDSs is carried out using a set of critical evaluation metrics that are divided into two groups; the first one related to performance and the second related to security. Finally based on the carried evaluation and comparison, a set of design principles are concluded, which have to be addressed and satisfied in future research of designing and implementing IDS for WSNs.

  20. A Survey on Cross-Layer Intrusion Detection System for Wireless ...

    pc

    2018-03-05

    Mar 5, 2018 ... excessive packet collision, artificially increases contention, decrease signal .... Intelligent security architecture was conducted by [36], as an intrusion ... the main disadvantages of this scheme is: The IDS node is static (runs ...

  1. Reduction of Motion Artifacts and Improvement of R Peak Detecting Accuracy Using Adjacent Non-Intrusive ECG Sensors

    Minho Choi

    2016-05-01

    Full Text Available Non-intrusive electrocardiogram (ECG monitoring has many advantages: easy to measure and apply in daily life. However, motion noise in the measured signal is the major problem of non-intrusive measurement. This paper proposes a method to reduce the noise and to detect the R peaks of ECG in a stable manner in a sitting arrangement using non-intrusive sensors. The method utilizes two capacitive ECG sensors (cECGs to measure ECG, and another two cECGs located adjacent to the sensors for ECG are added to obtain the information on motion. Then, active noise cancellation technique and the motion information are used to reduce motion noise. To verify the proposed method, ECG was measured indoors and during driving, and the accuracy of the detected R peaks was compared. After applying the method, the sum of sensitivity and positive predictivity increased 8.39% on average and 26.26% maximally in the data. Based on the results, it was confirmed that the motion noise was reduced and that more reliable R peak positions could be obtained by the proposed method. The robustness of the new ECG measurement method will elicit benefits to various health care systems that require noninvasive heart rate or heart rate variability measurements.

  2. On-line detection of Escherichia coli intrusion in a pilot-scale drinking water distribution system.

    Ikonen, Jenni; Pitkänen, Tarja; Kosse, Pascal; Ciszek, Robert; Kolehmainen, Mikko; Miettinen, Ilkka T

    2017-08-01

    Improvements in microbial drinking water quality monitoring are needed for the better control of drinking water distribution systems and for public health protection. Conventional water quality monitoring programmes are not always able to detect a microbial contamination of drinking water. In the drinking water production chain, in addition to the vulnerability of source waters, the distribution networks are prone to contamination. In this study, a pilot-scale drinking-water distribution network with an on-line monitoring system was utilized for detecting bacterial intrusion. During the experimental Escherichia coli intrusions, the contaminant was measured by applying a set of on-line sensors for electric conductivity (EC), pH, temperature (T), turbidity, UV-absorbance at 254 nm (UVAS SC) and with a device for particle counting. Monitored parameters were compared with the measured E. coli counts using the integral calculations of the detected peaks. EC measurement gave the strongest signal compared with the measured baseline during the E. coli intrusion. Integral calculations showed that the peaks in the EC, pH, T, turbidity and UVAS SC data were detected corresponding to the time predicted. However, the pH and temperature peaks detected were barely above the measured baseline and could easily be mixed with the background noise. The results indicate that on-line monitoring can be utilized for the rapid detection of microbial contaminants in the drinking water distribution system although the peak interpretation has to be performed carefully to avoid being mixed up with normal variations in the measurement data. Copyright © 2017 Elsevier Ltd. All rights reserved.

  3. BLACK HOLE ATTACK IN AODV & FRIEND FEATURES UNIQUE EXTRACTION TO DESIGN DETECTION ENGINE FOR INTRUSION DETECTION SYSTEM IN MOBILE ADHOC NETWORK

    HUSAIN SHAHNAWAZ

    2012-10-01

    Full Text Available Ad-hoc network is a collection of nodes that are capable to form dynamically a temporary network without the support of any centralized fixed infrastructure. Since there is no central controller to determine the reliable & secure communication paths in Mobile Adhoc Network, each node in the ad hoc network has to rely on each other in order to forward packets, thus highly cooperative nodes are required to ensure that the initiated data transmission process does not fail. In a mobile ad hoc network (MANET where security is a crucial issue and they are forced to rely on the neighbor node, trust plays an important role that could improve the number of successful data transmission. Larger the number of trusted nodes, higher successful data communication process rates could be expected. In this paper, Black Hole attack is applied in the network, statistics are collected to design intrusion detection engine for MANET Intrusion Detection System (IDS. Feature extraction and rule inductions are applied to find out the accuracy of detection engine by using support vector machine. In this paper True Positive generated by the detection engine is very high and this is a novel approach in the area of Mobile Adhoc Intrusion detection system.

  4. Human intrusion

    Hora, S.; Neill, R.; Williams, R.; Bauser, M.; Channell, J.

    1993-01-01

    This paper focused on the possible approaches to evaluating the impacts of human intrusion on nuclear waste disposal. Several major issues were reviewed. First, it was noted that human intrusion could be addressed either quantitatively through performance assessments or qualitatively through design requirements. Second, it was decided that it was impossible to construct a complete set of possible future human intrusion scenarios. Third, the question of when the effect of possible human intrusion should be considered, before or after site selection was reviewed. Finally, the time frame over which human intrusion should be considered was discussed

  5. Research on the technology of detecting the SQL injection attack and non-intrusive prevention in WEB system

    Hu, Haibin

    2017-05-01

    Among numerous WEB security issues, SQL injection is the most notable and dangerous. In this study, characteristics and procedures of SQL injection are analyzed, and the method for detecting the SQL injection attack is illustrated. The defense resistance and remedy model of SQL injection attack is established from the perspective of non-intrusive SQL injection attack and defense. Moreover, the ability of resisting the SQL injection attack of the server has been comprehensively improved through the security strategies on operation system, IIS and database, etc.. Corresponding codes are realized. The method is well applied in the actual projects.

  6. Towards effective and robust list-based packet filter for signature-based network intrusion detection: an engineering approach

    Meng, Weizhi; Li, Wenjuan; Kwok, Lam For

    2017-01-01

    Network intrusion detection systems (NIDSs) which aim to identify various attacks, have become an essential part of current security infrastructure. In particular, signature-based NIDSs are being widely implemented in industry due to their low rate of false alarms. However, the signature matching...... this problem, packet filtration is a promising solution to reduce unwanted traffic. Motivated by this, in this work, a list-based packet filter was designed and an engineering method of combining both blacklist and whitelist techniques was introduced. To further secure such filters against IP spoofing attacks...... in traffic filtration as well as workload reduction, and is robust against IP spoofing attacks....

  7. Intrusion Detection: Generics and State-of-the-Art (la Detection de l’intrusion: Modeles generiques et etat de l’art)

    2002-01-01

    person operating on a host, e.g. identified by a login account; Systems: hardware, operating system; Network services (e.g. PKI, DNS); Applications...mobile-agent technology combined with network topology features. The Emerald environment is a distributed, scalable tool suite, for network surveillance...RAID ’99, Computer Networks, volume 34, number 4, 2000. 21. Source: http://www.sdl.sri.com/ emerald /project.html, 6-11-2000. 22. Lippmann

  8. An automated computer misuse detection system for UNICOS

    Jackson, K.A.; Neuman, M.C.; Simmonds, D.D.; Stallings, C.A.; Thompson, J.L.; Christoph, G.G.

    1994-09-27

    An effective method for detecting computer misuse is the automatic monitoring and analysis of on-line user activity. This activity is reflected in the system audit record, in the system vulnerability posture, and in other evidence found through active testing of the system. During the last several years we have implemented an automatic misuse detection system at Los Alamos. This is the Network Anomaly Detection and Intrusion Reporter (NADIR). We are currently expanding NADIR to include processing of the Cray UNICOS operating system. This new component is called the UNICOS Realtime NADIR, or UNICORN. UNICORN summarizes user activity and system configuration in statistical profiles. It compares these profiles to expert rules that define security policy and improper or suspicious behavior. It reports suspicious behavior to security auditors and provides tools to aid in follow-up investigations. The first phase of UNICORN development is nearing completion, and will be operational in late 1994.

  9. Reactive and multiphase modelling for the identification of monitoring parameters to detect CO2 intrusion into freshwater aquifers

    Fahrner, S.; Schaefer, D.; Wiegers, C.; Köber, R.; Dahmke, A.

    2011-12-01

    A monitoring at geological CO2 storage sites has to meet environmental, regulative, financial and public demands and thus has to enable the detection of CO2 leakages. Current monitoring concepts for the detection of CO2 intrusion into freshwater aquifers located above saline storage formations in course of leakage events lack the identification of monitoring parameters. Their response to CO2 intrusion still has to be enlightened. Scenario simulations of CO2 intrusion in virtual synthetic aquifers are performed using the simulators PhreeqC and TOUGH2 to reveal relevant CO2-water-mineral interactions and multiphase behaviour on potential monitoring parameters. The focus is set on pH, total dissolved inorganic carbon (TIC) and the hydroelectric conductivity (EC). The study aims at identifying at which conditions the parameters react rapidly, durable and in a measurable degree. The depth of the aquifer, the mineralogy, the intrusion rates, the sorption specification and capacities, and groundwater flow velocities are varied in the course of the scenario modelling. All three parameters have been found suited in most scenarios. However, in case of a lack of calcite combined with low saturation of the water with respect to CO2 and shallow conditions, changes are close to the measurement resolution. Predicted changes in EC result from the interplay between carbonic acid production and its dissociation, and pH buffering by mineral dissolution. The formation of a discrete gas phase in cases of full saturation of the groundwater in confined aquifers illustrates the potential bipartite resistivity response: An increased hydroelectric conductivity at locations with dissolved CO2, and a high resistivity where the gas phase dominates the pore volume occupation. Increased hydrostatic pressure with depth and enhanced groundwater flow velocities enforce gas dissolution and diminish the formation of a discrete gas phase. Based on the results, a monitoring strategy is proposed which

  10. Non-Intrusive Computational Method and Uncertainty Quantification Tool for isolator operability calculations, Phase I

    National Aeronautics and Space Administration — Computational fluid dynamics (CFD) simulations are extensively used by NASA for hypersonic aerothermodynamics calculations. The physical models used in CFD codes and...

  11. Radiation Detection Computational Benchmark Scenarios

    Shaver, Mark W.; Casella, Andrew M.; Wittman, Richard S.; McDonald, Ben S.

    2013-09-24

    Modeling forms an important component of radiation detection development, allowing for testing of new detector designs, evaluation of existing equipment against a wide variety of potential threat sources, and assessing operation performance of radiation detection systems. This can, however, result in large and complex scenarios which are time consuming to model. A variety of approaches to radiation transport modeling exist with complementary strengths and weaknesses for different problems. This variety of approaches, and the development of promising new tools (such as ORNL’s ADVANTG) which combine benefits of multiple approaches, illustrates the need for a means of evaluating or comparing different techniques for radiation detection problems. This report presents a set of 9 benchmark problems for comparing different types of radiation transport calculations, identifying appropriate tools for classes of problems, and testing and guiding the development of new methods. The benchmarks were drawn primarily from existing or previous calculations with a preference for scenarios which include experimental data, or otherwise have results with a high level of confidence, are non-sensitive, and represent problem sets of interest to NA-22. From a technical perspective, the benchmarks were chosen to span a range of difficulty and to include gamma transport, neutron transport, or both and represent different important physical processes and a range of sensitivity to angular or energy fidelity. Following benchmark identification, existing information about geometry, measurements, and previous calculations were assembled. Monte Carlo results (MCNP decks) were reviewed or created and re-run in order to attain accurate computational times and to verify agreement with experimental data, when present. Benchmark information was then conveyed to ORNL in order to guide testing and development of hybrid calculations. The results of those ADVANTG calculations were then sent to PNNL for

  12. Catalog of physical protection equipment. Book 1: Volume II. Intrusion detection components

    Haberman, W.

    1977-06-01

    This volume covers acoustic components, microwave/radar components, electro-optic barriers, electric field components, orientation components, ferrous metal detection components, proximity detection components, vibration detection components, seismic components, pressure-sensitive components, pressure mats, continuity components, electrical/magnetic switches, fire detection components, and mechanical contact switches

  13. Windows Based Data Sets for Evaluation of Robustness of Host Based Intrusion Detection Systems (IDS to Zero-Day and Stealth Attacks

    Waqas Haider

    2016-07-01

    Full Text Available The Windows Operating System (OS is the most popular desktop OS in the world, as it has the majority market share of both servers and personal computing necessities. However, as its default signature-based security measures are ineffectual for detecting zero-day and stealth attacks, it needs an intelligent Host-based Intrusion Detection System (HIDS. Unfortunately, a comprehensive data set that reflects the modern Windows OS’s normal and attack surfaces is not publicly available. To fill this gap, in this paper two open data sets generated by the cyber security department of the Australian Defence Force Academy (ADFA are introduced, namely: Australian Defence Force Academy Windows Data Set (ADFA-WD; and Australian Defence Force Academy Windows Data Set with a Stealth Attacks Addendum (ADFA-WD: SAA. Statistical analysis results based on these data sets show that, due to the low foot prints of modern attacks and high similarity of normal and attacked data, both these data sets are complex, and highly intelligent Host based Anomaly Detection Systems (HADS design will be required.

  14. Intrusion Detection and Marking Transactions in a Cloud of Databases Environment

    Syrine Chatti; Habib Ounelli

    2016-01-01

    The cloud computing is a paradigm for large scale distributed computing that includes several existing technologies. A database management is a collection of programs that enables you to store, modify and extract information from a database. Now, the database has moved to cloud computing, but it introduces at the same time a set of threats that target a cloud of database system. The unification of transaction based application in these environments present also a set of vulnerabilities and th...

  15. Adaptively detecting changes in Autonomic Grid Computing

    Zhang, Xiangliang; Germain, Cé cile; Sebag, Michè le

    2010-01-01

    Detecting the changes is the common issue in many application fields due to the non-stationary distribution of the applicative data, e.g., sensor network signals, web logs and gridrunning logs. Toward Autonomic Grid Computing, adaptively detecting

  16. Intrusion Detection of DoS Attacks in WSNs Using Classification ...

    pc

    2018-03-05

    Mar 5, 2018 ... Abstract- Wireless Sensor Networks (WSNs) consist of a large number of ... have limited energy and memory capacity [2]. The computation of ..... Access (TDMA) schedules for the data transmission time slots. Here the attacker ...

  17. Improving Air Force Active Network Defense Systems through an Analysis of Intrusion Detection Techniques

    Dunklee, David R

    2007-01-01

    .... The research then presents four recommendations to improve DCC operations. These include: Transition or improve the current signature-based IDS systems to include the capability to query and visualize network flows to detect malicious traffic...

  18. Improvising Intrusion Detection for Malware Activities on Dual-Stack Network Environment

    Zulkiflee M.; Robiah Y.; Nur Azman Abu; Shahrin S.

    2012-01-01

    Malware is software which was invented and meant for doing harms on computers. Malware is becoming a significant threat in computer network nowadays. Malware attack is not just only involving financial lost but it can also cause fatal errors which may cost lives in some cases. As new Internet Protocol version 6 (IPv6) emerged, many people believe this protocol could solve most malware propagation issues due to its broader addressing scheme. As IPv6 is still new compares to native IPv4, some t...

  19. Zero Trust Intrusion Containment for Telemedicine

    Sood, Arun

    2002-01-01

    .... Our objective is the design and analysis of 'zero-trust' Intrusion Tolerant Systems. These are systems built under the extreme assumption that all intrusion detection techniques will eventually fail...

  20. Development of computer program ENAUDIBL for computation of the sensation levels of multiple, complex, intrusive sounds in the presence of residual environmental masking noise

    Liebich, R. E.; Chang, Y.-S.; Chun, K. C.

    2000-03-31

    The relative audibility of multiple sounds occurs in separate, independent channels (frequency bands) termed critical bands or equivalent rectangular (filter-response) bandwidths (ERBs) of frequency. The true nature of human hearing is a function of a complex combination of subjective factors, both auditory and nonauditory. Assessment of the probability of individual annoyance, community-complaint reaction levels, speech intelligibility, and the most cost-effective mitigation actions requires sensation-level data; these data are one of the most important auditory factors. However, sensation levels cannot be calculated by using single-number, A-weighted sound level values. This paper describes specific steps to compute sensation levels. A unique, newly developed procedure is used, which simplifies and improves the accuracy of such computations by the use of maximum sensation levels that occur, for each intrusive-sound spectrum, within each ERB. The newly developed program ENAUDIBL makes use of ERB sensation-level values generated with some computational subroutines developed for the formerly documented program SPECTRAN.

  1. Link failure detection in a parallel computer

    Archer, Charles J.; Blocksome, Michael A.; Megerian, Mark G.; Smith, Brian E.

    2010-11-09

    Methods, apparatus, and products are disclosed for link failure detection in a parallel computer including compute nodes connected in a rectangular mesh network, each pair of adjacent compute nodes in the rectangular mesh network connected together using a pair of links, that includes: assigning each compute node to either a first group or a second group such that adjacent compute nodes in the rectangular mesh network are assigned to different groups; sending, by each of the compute nodes assigned to the first group, a first test message to each adjacent compute node assigned to the second group; determining, by each of the compute nodes assigned to the second group, whether the first test message was received from each adjacent compute node assigned to the first group; and notifying a user, by each of the compute nodes assigned to the second group, whether the first test message was received.

  2. Adaptive intrusion data system

    Johnson, C.S.

    1976-01-01

    An Adaptive Intrusion Data System (AIDS) was developed to collect data from intrusion alarm sensors as part of an evaluation system to improve sensor performance. AIDS is a unique digital data compression, storage, and formatting system. It also incorporates capability for video selection and recording for assessment of the sensors monitored by the system. The system is software reprogrammable to numerous configurations that may be utilized for the collection of environmental, bi-level, analog and video data. The output of the system is digital tapes formatted for direct data reduction on a CDC 6400 computer, and video tapes containing timed tagged information that can be correlated with the digital data

  3. Testing alternative conceptual models of seawater intrusion in a coastal aquifer using computer simulation, southern California, USA

    Nishikawa, Tracy

    1997-01-01

    Two alternative conceptual models of the physical processes controlling seawater intrusion in a coastal basin in California, USA, were tested to identify a likely principal pathway for seawater intrusion. The conceptual models were tested by using a two-dimensional, finite-element groundwater flow and transport model. This pathway was identified by the conceptual model that best replicated the historical data. The numerical model was applied in cross section to a submarine canyon that is a main avenue for seawater to enter the aquifer system underlying the study area. Both models are characterized by a heterogeneous, layered, water-bearing aquifer. However, the first model is characterized by flat-lying aquifer layers and by a high value of hydraulic conductivity in the basal aquifer layer, which is thought to be a principal conduit for seawater intrusion. The second model is characterized by offshore folding, which was modeled as a very nearshore outcrop, thereby providing a shorter path for seawater to intrude. General conclusions are that: 1) the aquifer system is best modeled as a flat, heterogeneous, layered system; 2) relatively thin basal layers with relatively high values of hydraulic conductivity are the principal pathways for seawater intrusion; and 3) continuous clay layers of low hydraulic conductivity play an important role in controlling the movement of seawater.

  4. Eye Detection and Tracking for Intelligent Human Computer Interaction

    Yin, Lijun

    2006-01-01

    .... In this project, Dr. Lijun Yin has developed a new algorithm for detecting and tracking eyes under an unconstrained environment using a single ordinary camera or webcam. The new algorithm is advantageous in that it works in a non-intrusive way based on a socalled Topographic Context approach.

  5. Touchable Computing: Computing-Inspired Bio-Detection.

    Chen, Yifan; Shi, Shaolong; Yao, Xin; Nakano, Tadashi

    2017-12-01

    We propose a new computing-inspired bio-detection framework called touchable computing (TouchComp). Under the rubric of TouchComp, the best solution is the cancer to be detected, the parameter space is the tissue region at high risk of malignancy, and the agents are the nanorobots loaded with contrast medium molecules for tracking purpose. Subsequently, the cancer detection procedure (CDP) can be interpreted from the computational optimization perspective: a population of externally steerable agents (i.e., nanorobots) locate the optimal solution (i.e., cancer) by moving through the parameter space (i.e., tissue under screening), whose landscape (i.e., a prescribed feature of tissue environment) may be altered by these agents but the location of the best solution remains unchanged. One can then infer the landscape by observing the movement of agents by applying the "seeing-is-sensing" principle. The term "touchable" emphasizes the framework's similarity to controlling by touching the screen with a finger, where the external field for controlling and tracking acts as the finger. Given this analogy, we aim to answer the following profound question: can we look to the fertile field of computational optimization algorithms for solutions to achieve effective cancer detection that are fast, accurate, and robust? Along this line of thought, we consider the classical particle swarm optimization (PSO) as an example and propose the PSO-inspired CDP, which differs from the standard PSO by taking into account realistic in vivo propagation and controlling of nanorobots. Finally, we present comprehensive numerical examples to demonstrate the effectiveness of the PSO-inspired CDP for different blood flow velocity profiles caused by tumor-induced angiogenesis. The proposed TouchComp bio-detection framework may be regarded as one form of natural computing that employs natural materials to compute.

  6. Computer simulation of probability of detection

    Fertig, K.W.; Richardson, J.M.

    1983-01-01

    This paper describes an integrated model for assessing the performance of a given ultrasonic inspection system for detecting internal flaws, where the performance of such a system is measured by probability of detection. The effects of real part geometries on sound propagations are accounted for and the noise spectra due to various noise mechanisms are measured. An ultrasonic inspection simulation computer code has been developed to be able to detect flaws with attributes ranging over an extensive class. The detection decision is considered to be a binary decision based on one received waveform obtained in a pulse-echo or pitch-catch setup. This study focuses on the detectability of flaws using an amplitude thresholding type. Some preliminary results on the detectability of radially oriented cracks in IN-100 for bore-like geometries are given

  7. Perimeter intrusion sensors

    Eaton, M.J.

    1977-01-01

    To obtain an effective perimeter intrusion detection system requires careful sensor selection, procurement, and installation. The selection process involves a thorough understanding of the unique site features and how these features affect the performance of each type of sensor. It is necessary to develop procurement specifications to establish acceptable sensor performance limits. Careful explanation and inspection of critical installation dimensions is required during on-site construction. The implementation of these activities at a particular site is discussed

  8. Acoustic emission intrusion detector

    Carver, D.W.; Whittaker, J.W.

    1980-01-01

    An intrusion detector is provided for detecting a forcible entry into a secured structure while minimizing false alarms. The detector uses a piezoelectric crystal transducer to sense acoustic emissions. The transducer output is amplified by a selectable gain amplifier to control the sensitivity. The rectified output of the amplifier is applied to a Schmitt trigger circuit having a preselected threshold level to provide amplitude discrimination. Timing circuitry is provided which is activated by successive pulses from the Schmitt trigger which lie within a selected time frame for frequency discrimination. Detected signals having proper amplitude and frequency trigger an alarm within the first complete cycle time of a detected acoustical disturbance signal

  9. Adaptively detecting changes in Autonomic Grid Computing

    Zhang, Xiangliang

    2010-10-01

    Detecting the changes is the common issue in many application fields due to the non-stationary distribution of the applicative data, e.g., sensor network signals, web logs and gridrunning logs. Toward Autonomic Grid Computing, adaptively detecting the changes in a grid system can help to alarm the anomalies, clean the noises, and report the new patterns. In this paper, we proposed an approach of self-adaptive change detection based on the Page-Hinkley statistic test. It handles the non-stationary distribution without the assumption of data distribution and the empirical setting of parameters. We validate the approach on the EGEE streaming jobs, and report its better performance on achieving higher accuracy comparing to the other change detection methods. Meanwhile this change detection process could help to discover the device fault which was not claimed in the system logs. © 2010 IEEE.

  10. A Multi Agent System for Flow-Based Intrusion Detection Using Reputation and Evolutionary Computation

    2011-03-01

    pertinent example of the application of Evolutionary Algorithms to pattern recognition comes from Radtke et al. [130]. The authors apply Multi- Objective...J., T. Zseby, and B. Claise. S. Zander,” Requirements for IP Flow Information Export (IPFIX). Technical report, RFC 3917, October 2004. [130] Radtke ...hal.inria.fr/inria-00104200/en/. [131] Radtke , P.V.W., T. Wong, and R. Sabourin. “A multi-objective memetic al- gorithm for intelligent feature extraction

  11. An Evolutionary, Agent-Based Model to Aid in Computer Intrusion Detection and Prevention

    Shargel, Ben; Bonabeau, Eric; Budynek, Julien; Gaudiano, Paolo

    2005-01-01

    We have developed a realistic agent-based simulation model of hacker behavior. In the model, hacker scripts are generated using a simple but powerful hacker grammar that has the potential to cover all possible hacker scripts...

  12. Computer Screen Use Detection Using Smart Eyeglasses

    Florian Wahl

    2017-05-01

    Full Text Available Screen use can influence the circadian phase and cause eye strain. Smart eyeglasses with an integrated color light sensor can detect screen use. We present a screen use detection approach based on a light sensor embedded into the bridge of smart eyeglasses. By calculating the light intensity at the user’s eyes for different screens and content types, we found only computer screens to have a significant impact on the circadian phase. Our screen use detection is based on ratios between color channels and used a linear support vector machine to detect screen use. We validated our detection approach in three studies. A test bench was built to detect screen use under different ambient light sources and intensities in a controlled environment. In a lab study, we evaluated recognition performance for different ambient light intensities. By using participant-independent models, we achieved an ROC AUC above 0.9 for ambient light intensities below 200 lx. In a study of typical ADLs, screen use was detected with an average ROC AUC of 0.83 assuming screen use for 30% of the time.

  13. Computer-Mediated Communication in Intimate Relationships: Associations of Boundary Crossing, Intrusion, Relationship Satisfaction, and Partner Responsiveness.

    Norton, Aaron M; Baptist, Joyce; Hogan, Bernie

    2018-01-01

    This study examined the impact of technology on couples in committed relationships through the lens of the couple and technology framework. Specifically, we used data from 6,756 European couples to examine associations between online boundary crossing, online intrusion, relationship satisfaction, and partner responsiveness. The results suggest that participants' reports of online boundary crossing were linked with lower relationship satisfaction and partner responsiveness. Also, lower relationship satisfaction and partner responsiveness were associated with increased online boundary crossing. The results suggest that men, but not women, who reported greater acceptability for online boundary crossing were more likely to have partners who reported lower relationship satisfaction in their relationships. Implications for clinicians, relationship educators, and researchers are discussed. © 2017 American Association for Marriage and Family Therapy.

  14. Intrusion scenarios in fusion waste disposal sites

    Zucchetti, M.; Zucchetti, M.; Rocco, P.

    1998-01-01

    Results of analyses on human intrusions into repositories of fusion radioactive waste are presented. The main topics are: duration of the institutional control, occurrence of intrusion, intrusion scenarios, acceptable risk limits and probabilistic data. Application to fusion waste repositories is implemented with a computational model: wells drilling is considered as the possible scenario. Doses and risks to intruder for different SEAFP-2 cases turn out to be very small. No intervention to reduce the hazard is necessary. (authors)

  15. Intrusion scenarios in fusion waste disposal sites

    Zucchetti, M. [European Commission, JRC, Institute for Advanced Material, Ispra, Vatican City State, Holy See (Italy); Zucchetti, M.; Rocco, P. [Energetics Dept., Polytechnic of Turin (Italy)

    1998-07-01

    Results of analyses on human intrusions into repositories of fusion radioactive waste are presented. The main topics are: duration of the institutional control, occurrence of intrusion, intrusion scenarios, acceptable risk limits and probabilistic data. Application to fusion waste repositories is implemented with a computational model: wells drilling is considered as the possible scenario. Doses and risks to intruder for different SEAFP-2 cases turn out to be very small. No intervention to reduce the hazard is necessary. (authors)

  16. Detecting Soft Errors in Stencil based Computations

    Sharma, V. [Univ. of Utah, Salt Lake City, UT (United States); Gopalkrishnan, G. [Univ. of Utah, Salt Lake City, UT (United States); Bronevetsky, G. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

    2015-05-06

    Given the growing emphasis on system resilience, it is important to develop software-level error detectors that help trap hardware-level faults with reasonable accuracy while minimizing false alarms as well as the performance overhead introduced. We present a technique that approaches this idea by taking stencil computations as our target, and synthesizing detectors based on machine learning. In particular, we employ linear regression to generate computationally inexpensive models which form the basis for error detection. Our technique has been incorporated into a new open-source library called SORREL. In addition to reporting encouraging experimental results, we demonstrate techniques that help reduce the size of training data. We also discuss the efficacy of various detectors synthesized, as well as our future plans.

  17. Orthodontic intrusion : Conventional and mini-implant assisted intrusion mechanics

    Anup Belludi

    2012-01-01

    intrusion has revolutionized orthodontic anchorage and biomechanics by making anchorage perfectly stable. This article addresses various conventional clinical intrusion mechanics and especially intrusion using mini-implants that have proven effective over the years for intrusion of maxillary anteriors.

  18. Petroleum Vapor Intrusion

    One type of vapor intrusion is PVI, in which vapors from petroleum hydrocarbons such as gasoline, diesel, or jet fuel enter a building. Intrusion of contaminant vapors into indoor spaces is of concern.

  19. Human intrusion: New ideas?

    Cooper, J.R.

    2002-01-01

    Inadvertent human intrusion has been an issue for the disposal of solid radioactive waste for many years. This paper discusses proposals for an approach for evaluating the radiological significance of human intrusion as put forward by ICRP with contribution from work at IAEA. The approach focuses on the consequences of the intrusion. Protective actions could, however, include steps to reduce the probability of human intrusion as well as the consequences. (author)

  20. Intrusion recognition for optic fiber vibration sensor based on the selective attention mechanism

    Xu, Haiyan; Xie, Yingjuan; Li, Min; Zhang, Zhuo; Zhang, Xuewu

    2017-11-01

    Distributed fiber-optic vibration sensors receive extensive investigation and play a significant role in the sensor panorama. A fiber optic perimeter detection system based on all-fiber interferometric sensor is proposed, through the back-end analysis, processing and intelligent identification, which can distinguish effects of different intrusion activities. In this paper, an intrusion recognition based on the auditory selective attention mechanism is proposed. Firstly, considering the time-frequency of vibration, the spectrogram is calculated. Secondly, imitating the selective attention mechanism, the color, direction and brightness map of the spectrogram is computed. Based on these maps, the feature matrix is formed after normalization. The system could recognize the intrusion activities occurred along the perimeter sensors. Experiment results show that the proposed method for the perimeter is able to differentiate intrusion signals from ambient noises. What's more, the recognition rate of the system is improved while deduced the false alarm rate, the approach is proved by large practical experiment and project.

  1. Multi-scale characteristics of coal structure by x-ray computed tomography (x-ray CT), scanning electron microscope (SEM) and mercury intrusion porosimetry (MIP)

    Cai, Ting-ting; Feng, Zeng-chao; Zhou, Dong

    2018-02-01

    It is of great benefit to study the material and structural heterogeneity of coal for better understanding the coalbed methane (CBM) storage and enrichment. In this paper, multi-scale X-ray computed tomography (CT), scanning electron microscope (SEM) and mercury intrusion porosimetry (MIP) at multi scales were conducted to thoroughly study the material distribution, heterogeneity, pore development, porosity and permeability of coal. It is suitable and reasonable to divide the testing samples into three structural categories by average density and heterogeneity degree, and the meso structure in the three categories accords with the morphology on SEM images. The pore size distribution and pore development of each subsample cannot be correspondingly related to their respective structure category or morphology due to different observation scales, while the macro pore size development, accumulated macro pore volume and macro pores porosity accord with the meso structure category and morphology information by CT and SEM at the same scale very well. Given the effect of macro pores on permeability and the contribution of micro pores to CBM storage capacity, reservoirs with developed micro pores and macro pores may be the most suitable coal reservoir for CBM exploitation.

  2. Real-Time, Non-Intrusive Detection of Liquid Nitrogen in Liquid Oxygen at High Pressure and High Flow

    Singh, Jagdish P.; Yueh, Fang-Yu; Kalluru, Rajamohan R.; Harrison, Louie

    2012-01-01

    An integrated fiber-optic Raman sensor has been designed for real-time, nonintrusive detection of liquid nitrogen in liquid oxygen (LOX) at high pressures and high flow rates in order to monitor the quality of LOX used during rocket engine ground testing. The integrated sensor employs a high-power (3-W) Melles Griot diode-pumped, solid-state (DPSS), frequency-doubled Nd:YAG 532- nm laser; a modified Raman probe that has built-in Raman signal filter optics; two high-resolution spectrometers; and photomultiplier tubes (PMTs) with selected bandpass filters to collect both N2 and O2 Raman signals. The PMT detection units are interfaced with National Instruments Lab- VIEW for fast data acquisition. Studies of sensor performance with different detection systems (i.e., spectrometer and PMT) were carried out. The concentration ratio of N2 and O2 can be inferred by comparing the intensities of the N2 and O2 Raman signals. The final system was fabricated to measure N2 and O2 gas mixtures as well as mixtures of liquid N2 and LOX

  3. Options for human intrusion

    Bauser, M.; Williams, R.

    1993-01-01

    This paper addresses options for dealing with human intrusion in terms of performance requirements and repository siting and design requirements. Options are presented, along with the advantages and disadvantages of certain approaches. At the conclusion, a conceptual approach is offered emphasizing both the minimization of subjective judgements concerning future human activity, and specification of repository requirements to minimize the likelihood of human intrusion and any resulting, harmful effects should intrusion occur

  4. Cheater detection in SPDZ multiparty computation

    G. Spini (Gabriele); S. Fehr (Serge); A. Nascimento; P. Barreto

    2016-01-01

    textabstractIn this work we revisit the SPDZ multiparty computation protocol by Damgård et al. for securely computing a function in the presence of an unbounded number of dishonest parties. The SPDZ protocol is distinguished by its fast performance. A downside of the SPDZ protocol is that one single

  5. Computer vision as an alternative for collision detection

    Drangsholt, Marius Aarvik

    2015-01-01

    The goal of this thesis was to implement a computer vision system on a low power platform, to see if that could be an alternative for a collision detection system. To achieve this, research into fundamentals in computer vision were performed, and both hardware and software implementation were carried out. To create the computer vision system, a stereo rig were constructed using low cost Logitech webcameras, and connected to a Raspberry Pi 2 development board. The computer vision library Op...

  6. Adaptive Intrusion Data System (AIDS)

    Corlis, N.E.

    1980-05-01

    The adaptive intrusion data system (AIDS) was developed to collect data from intrusion alarm sensors as part of an evaluation system to improve sensor performance. AIDS is a unique data system which uses computer controlled data systems, video cameras and recorders, analog-to-digital conversion, environmental sensors, and digital recorders to collect sensor data. The data can be viewed either manually or with a special computerized data-reduction system which adds new data to a data base stored on a magnetic disc recorder. This report provides a synoptic account of the AIDS as it presently exists. Modifications to the purchased subsystems are described, and references are made to publications which describe the Sandia-designed subsystems

  7. An ontology-based intrusion patterns classification system | Shonubi ...

    Studies have shown that computer intrusions have been on the increase in recent times. Many techniques and patterns are being used by intruders to gain access to data on host computer networks. In this work, intrusion patterns were identified and classified and inherent knowledge were represented using an ontology of ...

  8. Computer Detection of Low Contrast Targets.

    1982-06-18

    computed from the Hessian and the gradient and is given by the formula W) = - U Hf( IVf (M), Vf()) IVfj 3 Because of the amount of noise present in these...IT (nz + 1 + Zn cost ) 1/2 and this integral is a maximum for n=1 and decreases as n increases, exactly what a good measure of curvature should do

  9. A New Generic Taxonomy on Hybrid Malware Detection Technique

    Robiah, Y.; Rahayu, S. Siti; Zaki, M. Mohd; Shahrin, S.; Faizal, M. A.; Marliza, R.

    2009-01-01

    Malware is a type of malicious program that replicate from host machine and propagate through network. It has been considered as one type of computer attack and intrusion that can do a variety of malicious activity on a computer. This paper addresses the current trend of malware detection techniques and identifies the significant criteria in each technique to improve malware detection in Intrusion Detection System (IDS). Several existing techniques are analyzing from 48 various researches and...

  10. Delamination detection using methods of computational intelligence

    Ihesiulor, Obinna K.; Shankar, Krishna; Zhang, Zhifang; Ray, Tapabrata

    2012-11-01

    Abstract Reliable delamination prediction scheme is indispensable in order to prevent potential risks of catastrophic failures in composite structures. The existence of delaminations changes the vibration characteristics of composite laminates and hence such indicators can be used to quantify the health characteristics of laminates. An approach for online health monitoring of in-service composite laminates is presented in this paper that relies on methods based on computational intelligence. Typical changes in the observed vibration characteristics (i.e. change in natural frequencies) are considered as inputs to identify the existence, location and magnitude of delaminations. The performance of the proposed approach is demonstrated using numerical models of composite laminates. Since this identification problem essentially involves the solution of an optimization problem, the use of finite element (FE) methods as the underlying tool for analysis turns out to be computationally expensive. A surrogate assisted optimization approach is hence introduced to contain the computational time within affordable limits. An artificial neural network (ANN) model with Bayesian regularization is used as the underlying approximation scheme while an improved rate of convergence is achieved using a memetic algorithm. However, building of ANN surrogate models usually requires large training datasets. K-means clustering is effectively employed to reduce the size of datasets. ANN is also used via inverse modeling to determine the position, size and location of delaminations using changes in measured natural frequencies. The results clearly highlight the efficiency and the robustness of the approach.

  11. Flow-based intrusion detection

    Sperotto, Anna

    2010-01-01

    The spread of 1-10Gbps technology has in recent years paved the way to a flourishing landscape of new, high-bandwidth Internet services. As users, we depend on the Internet in our daily life for simple tasks such as checking e-mails, but also for managing private and financial information. However,

  12. Intrusion Detection in SCADA Networks

    Barbosa, R.R.R.; Pras, Aiko; Stiller, Burckhard; De Turck, Filip

    Supervisory Control and Data Acquisition (SCADA) sys- tems are a critical part of large industrial facilities, such as water dis- tribution infrastructures. With the goal of reducing costs and increas- ing efficiency, these systems are becoming increasingly interconnected. However, this has also

  13. Community-Based Intrusion Detection

    Weigert, Stefan

    2017-01-01

    Today, virtually every company world-wide is connected to the Internet. This wide-spread connectivity has given rise to sophisticated, targeted, Internet-based attacks. For example, between 2012 and 2013 security researchers counted an average of about 74 targeted attacks per day. These attacks are motivated by economical, financial, or political interests and commonly referred to as “Advanced Persistent Threat (APT)” attacks. Unfortunately, many of these attacks are successful and the advers...

  14. Flow-Based Intrusion Detection

    Sperotto, Anna; Pras, Aiko

    The spread of 1-10 Gbps technology has in recent years paved the way to a flourishing landscape of new, high-bandwidth Internet services.At the same time, we have also observed increasingly frequent and widely diversified attacks. To this threat, the research community has answered with a growing

  15. Computer Aided Detection of Breast Masses in Digital Tomosynthesis

    Singh, Swatee; Lo, Joseph

    2008-01-01

    The purpose of this study was to investigate feasibility of computer-aided detection of masses and calcification clusters in breast tomosynthesis images and obtain reliable estimates of sensitivity...

  16. Self-adaptive change detection in streaming data with non-stationary distribution

    Zhang, Xiangliang; Wang, Wei

    2010-01-01

    Non-stationary distribution, in which the data distribution evolves over time, is a common issue in many application fields, e.g., intrusion detection and grid computing. Detecting the changes in massive streaming data with a non

  17. Quantum computing. Defining and detecting quantum speedup.

    Rønnow, Troels F; Wang, Zhihui; Job, Joshua; Boixo, Sergio; Isakov, Sergei V; Wecker, David; Martinis, John M; Lidar, Daniel A; Troyer, Matthias

    2014-07-25

    The development of small-scale quantum devices raises the question of how to fairly assess and detect quantum speedup. Here, we show how to define and measure quantum speedup and how to avoid pitfalls that might mask or fake such a speedup. We illustrate our discussion with data from tests run on a D-Wave Two device with up to 503 qubits. By using random spin glass instances as a benchmark, we found no evidence of quantum speedup when the entire data set is considered and obtained inconclusive results when comparing subsets of instances on an instance-by-instance basis. Our results do not rule out the possibility of speedup for other classes of problems and illustrate the subtle nature of the quantum speedup question. Copyright © 2014, American Association for the Advancement of Science.

  18. A new fault detection method for computer networks

    Lu, Lu; Xu, Zhengguo; Wang, Wenhai; Sun, Youxian

    2013-01-01

    Over the past few years, fault detection for computer networks has attracted extensive attentions for its importance in network management. Most existing fault detection methods are based on active probing techniques which can detect the occurrence of faults fast and precisely. But these methods suffer from the limitation of traffic overhead, especially in large scale networks. To relieve traffic overhead induced by active probing based methods, a new fault detection method, whose key is to divide the detection process into multiple stages, is proposed in this paper. During each stage, only a small region of the network is detected by using a small set of probes. Meanwhile, it also ensures that the entire network can be covered after multiple detection stages. This method can guarantee that the traffic used by probes during each detection stage is small sufficiently so that the network can operate without severe disturbance from probes. Several simulation results verify the effectiveness of the proposed method

  19. A Nuisance Alarm Data System for evaluation of intrusion detectors

    Ream, W.K.

    1990-01-01

    A Nuisance Alarm Data System (NADS) was developed to gather long-term background alarm data on exterior intrusion detectors as part of their evaluation. Since nuisance alarms play an important part in the selection of intrusion detectors for use at Department of Energy (DOE) facilities, an economical and reliable way to monitor and record these alarms was needed. NADS consists of an IBM personal computer and printer along with other commercial units to communicate with the detectors, to gather weather data, and to record video for assessment. Each alarm, its assessment, and the weather conditions occurring at alarm time are placed into a data base that is used in the evaluation of the detector. The operating software is written in Turbo Pascal for easy maintenance and modification. A portable system, based on the NADS design, has been built and shipped to other DOE locations to do on-site alarm monitoring. This has been valuable for the comparison of different detectors in the on-site environment and for testing new detectors when the appropriate conditions do not exist or cannot be simulated at the Exterior Intrusion Detection Testbed

  20. Computer-Aided Detection of Kidney Tumor on Abdominal Computed Tomography Scans

    Kim, D.Y.; Park, J.W.

    2004-01-01

    Purpose: To implement a computer-aided detection system for kidney segmentation and kidney tumor detection on abdominal computed tomography (CT) scans. Material and Methods: Abdominal CT images were digitized with a film digitizer, and a gray-level threshold method was used to segment the kidney. Based on texture analysis performed on sample images of kidney tumors, a portion of the kidney tumor was selected as seed region for start point of the region-growing process. The average and standard deviations were used to detect the kidney tumor. Starting at the detected seed region, the region-growing method was used to segment the kidney tumor with intensity values used as an acceptance criterion for a homogeneous test. This test was performed to merge the neighboring region as kidney tumor boundary. These methods were applied on 156 transverse images of 12 cases of kidney tumors scanned using a G.E. Hispeed CT scanner and digitized with a Lumisys LS-40 film digitizer. Results: The computer-aided detection system resulted in a kidney tumor detection sensitivity of 85% and no false-positive findings. Conclusion: This computer-aided detection scheme was useful for kidney tumor detection and gave the characteristics of detected kidney tumors

  1. CERN Computing Colloquia Spring Series: IT Security - A High-Performance Pattern Matching Engine for Intrusion Detection

    CERN. Geneva

    2006-01-01

    The flexible and modular design of the engine allows a broad spectrum of applications, ranging from high-end enterprise level network devices that need to match hundreds of thousands of patterns at speeds of tens of gigabits per second, to low-end dev...

  2. A Machine Learning Based Intrusion Impact Analysis Scheme for Clouds

    Junaid Arshad

    2012-01-01

    Full Text Available Clouds represent a major paradigm shift, inspiring the contemporary approach to computing. They present fascinating opportunities to address dynamic user requirements with the provision of on demand expandable computing infrastructures. However, Clouds introduce novel security challenges which need to be addressed to facilitate widespread adoption. This paper is focused on one such challenge - intrusion impact analysis. In particular, we highlight the significance of intrusion impact analysis for the overall security of Clouds. Additionally, we present a machine learning based scheme to address this challenge in accordance with the specific requirements of Clouds for intrusion impact analysis. We also present rigorous evaluation performed to assess the effectiveness and feasibility of the proposed method to address this challenge for Clouds. The evaluation results demonstrate high degree of effectiveness to correctly determine the impact of an intrusion along with significant reduction with respect to the intrusion response time.

  3. Plagiarism Detection Algorithm for Source Code in Computer Science Education

    Liu, Xin; Xu, Chan; Ouyang, Boyu

    2015-01-01

    Nowadays, computer programming is getting more necessary in the course of program design in college education. However, the trick of plagiarizing plus a little modification exists among some students' home works. It's not easy for teachers to judge if there's plagiarizing in source code or not. Traditional detection algorithms cannot fit this…

  4. Edge detection based on computational ghost imaging with structured illuminations

    Yuan, Sheng; Xiang, Dong; Liu, Xuemei; Zhou, Xin; Bing, Pibin

    2018-03-01

    Edge detection is one of the most important tools to recognize the features of an object. In this paper, we propose an optical edge detection method based on computational ghost imaging (CGI) with structured illuminations which are generated by an interference system. The structured intensity patterns are designed to make the edge of an object be directly imaged from detected data in CGI. This edge detection method can extract the boundaries for both binary and grayscale objects in any direction at one time. We also numerically test the influence of distance deviations in the interference system on edge extraction, i.e., the tolerance of the optical edge detection system to distance deviation. Hopefully, it may provide a guideline for scholars to build an experimental system.

  5. Efficacy of computer-aided detection system for screening mammography

    Saito, Mioko; Ohnuki, Koji; Yamada, Takayuki; Saito, Haruo; Ishibashi, Tadashi; Ohuchi, Noriaki; Takahashi, Shoki

    2002-01-01

    A study was conducted to evaluate the efficacy of a computer-aided detection (CAD) system for screening mammography (MMG). Screening mammograms of 2,231 women aged over 50 yr were examined. Medio-lateral oblique (MLO) images were obtained, and two expert observers interpreted the mammograms by consensus. First, each mammogram was interpreted without the assistance of CAD, followed immediately by a re-evaluation of areas marked by the CAD system. Data were recorded to measure the effect of CAD on the recall rate, cancer detection rate and detection rate of masses, microcalcifications and other findings. The CAD system increased the recall rate from 2.3% to 2.6%. Six recalled cases were diagnosed as breast cancer pathologically, and CAD detected all of these lesions. Seven additional cases in which CAD detected abnormal findings had no malignancy. The detection rate of CAD for microcalcifications was high (95.0%). However, the detection rate for mass lesions and other findings was low (29.2% and 25.0% respectively). The false positivity rate was 0.13/film for microcalcifications, and 0.25/film for mass lesions. The efficacy of the CAD system for detecting microcalcifications on screening mammograms was confirmed. However, the low detection rate of mass lesions and relatively high rate of false positivity need to be further improved. (author)

  6. Interior intrusion alarm systems

    Prell, J.A.

    1978-01-01

    In meeting the requirements for the safeguarding of special nuclear material and the physical protection of licensed facilities, the licensee is required to design a physical security system that will meet minimum performance requirements. An integral part of any physical security system is the interior intrusion alarm system. The purpose of this report is to provide the potential user of an interior intrusion alarm system with information on the various types, components, and performance capabilities available so that he can design and install the optimum alarm system for his particular environment. In addition, maintenance and testing procedures are discussed and recommended which, if followed, will help the user obtain the optimum results from his system

  7. Feature Selection of Network Intrusion Data using Genetic Algorithm and Particle Swarm Optimization

    Iwan Syarif

    2016-12-01

    Full Text Available This paper describes the advantages of using Evolutionary Algorithms (EA for feature selection on network intrusion dataset. Most current Network Intrusion Detection Systems (NIDS are unable to detect intrusions in real time because of high dimensional data produced during daily operation. Extracting knowledge from huge data such as intrusion data requires new approach. The more complex the datasets, the higher computation time and the harder they are to be interpreted and analyzed. This paper investigates the performance of feature selection algoritms in network intrusiona data. We used Genetic Algorithms (GA and Particle Swarm Optimizations (PSO as feature selection algorithms. When applied to network intrusion datasets, both GA and PSO have significantly reduces the number of features. Our experiments show that GA successfully reduces the number of attributes from 41 to 15 while PSO reduces the number of attributes from 41 to 9. Using k Nearest Neighbour (k-NN as a classifier,the GA-reduced dataset which consists of 37% of original attributes, has accuracy improvement from 99.28% to 99.70% and its execution time is also 4.8 faster than the execution time of original dataset. Using the same classifier, PSO-reduced dataset which consists of 22% of original attributes, has the fastest execution time (7.2 times faster than the execution time of original datasets. However, its accuracy is slightly reduced 0.02% from 99.28% to 99.26%. Overall, both GA and PSO are good solution as feature selection techniques because theyhave shown very good performance in reducing the number of features significantly while still maintaining and sometimes improving the classification accuracy as well as reducing the computation time.

  8. Computer-assisted detection of epileptiform focuses on SPECT images

    Grzegorczyk, Dawid; Dunin-Wąsowicz, Dorota; Mulawka, Jan J.

    2010-09-01

    Epilepsy is a common nervous system disease often related to consciousness disturbances and muscular spasm which affects about 1% of the human population. Despite major technological advances done in medicine in the last years there was no sufficient progress towards overcoming it. Application of advanced statistical methods and computer image analysis offers the hope for accurate detection and later removal of an epileptiform focuses which are the cause of some types of epilepsy. The aim of this work was to create a computer system that would help to find and diagnose disorders of blood circulation in the brain This may be helpful for the diagnosis of the epileptic seizures onset in the brain.

  9. Compact Gaussian quantum computation by multi-pixel homodyne detection

    Ferrini, G; Fabre, C; Treps, N; Gazeau, J P; Coudreau, T

    2013-01-01

    We study the possibility of producing and detecting continuous variable cluster states in an extremely compact optical setup. This method is based on a multi-pixel homodyne detection system recently demonstrated experimentally, which includes classical data post-processing. It allows the incorporation of the linear optics network, usually employed in standard experiments for the production of cluster states, in the stage of the measurement. After giving an example of cluster state generation by this method, we further study how this procedure can be generalized to perform Gaussian quantum computation. (paper)

  10. Evaluation of computer-aided detection and diagnosis systems.

    Petrick, Nicholas; Sahiner, Berkman; Armato, Samuel G; Bert, Alberto; Correale, Loredana; Delsanto, Silvia; Freedman, Matthew T; Fryd, David; Gur, David; Hadjiiski, Lubomir; Huo, Zhimin; Jiang, Yulei; Morra, Lia; Paquerault, Sophie; Raykar, Vikas; Samuelson, Frank; Summers, Ronald M; Tourassi, Georgia; Yoshida, Hiroyuki; Zheng, Bin; Zhou, Chuan; Chan, Heang-Ping

    2013-08-01

    Computer-aided detection and diagnosis (CAD) systems are increasingly being used as an aid by clinicians for detection and interpretation of diseases. Computer-aided detection systems mark regions of an image that may reveal specific abnormalities and are used to alert clinicians to these regions during image interpretation. Computer-aided diagnosis systems provide an assessment of a disease using image-based information alone or in combination with other relevant diagnostic data and are used by clinicians as a decision support in developing their diagnoses. While CAD systems are commercially available, standardized approaches for evaluating and reporting their performance have not yet been fully formalized in the literature or in a standardization effort. This deficiency has led to difficulty in the comparison of CAD devices and in understanding how the reported performance might translate into clinical practice. To address these important issues, the American Association of Physicists in Medicine (AAPM) formed the Computer Aided Detection in Diagnostic Imaging Subcommittee (CADSC), in part, to develop recommendations on approaches for assessing CAD system performance. The purpose of this paper is to convey the opinions of the AAPM CADSC members and to stimulate the development of consensus approaches and "best practices" for evaluating CAD systems. Both the assessment of a standalone CAD system and the evaluation of the impact of CAD on end-users are discussed. It is hoped that awareness of these important evaluation elements and the CADSC recommendations will lead to further development of structured guidelines for CAD performance assessment. Proper assessment of CAD system performance is expected to increase the understanding of a CAD system's effectiveness and limitations, which is expected to stimulate further research and development efforts on CAD technologies, reduce problems due to improper use, and eventually improve the utility and efficacy of CAD in

  11. Computer-aided detection in computed tomography colonography. Current status and problems with detection of early colorectal cancer

    Morimoto, Tsuyoshi; Nakijima, Yasuo; Iinuma, Gen; Arai, Yasuaki; Shiraishi, Junji; Moriyama, Noriyuki; Beddoe, G.

    2008-01-01

    The aim of this study was to evaluate the usefulness of computer-aided detection (CAD) in diagnosing early colorectal cancer using computed tomography colonography (CTC). A total of 30 CTC data sets for 30 early colorectal cancers in 30 patients were retrospectively reviewed by three radiologists. After primary evaluation, a second reading was performed using CAD findings. The readers evaluated each colorectal segment for the presence or absence of colorectal cancer using five confidence rating levels. To compare the assessment results, the sensitivity and specificity with and without CAD were calculated on the basis of the confidence rating, and differences in these variables were analyzed by receiver operating characteristic (ROC) analysis. The average sensitivities for the detection without and with CAD for the three readers were 81.6% and 75.6%, respectively. Among the three readers, only one reader improved sensitivity with CAD compared to that without. CAD decreased specificity in all three readers. CAD detected 100% of protruding lesions but only 69.2% of flat lesions. On ROC analysis, the diagnostic performance of all three readers was decreased by use of CAD. Currently available CAD with CTC does not improve diagnostic performance for detecting early colorectal cancer. An improved CAD algorithm is required for detecting fiat lesions and reducing the false-positive rate. (author)

  12. Automatic Solitary Lung Nodule Detection in Computed Tomography Images Slices

    Sentana, I. W. B.; Jawas, N.; Asri, S. A.

    2018-01-01

    Lung nodule is an early indicator of some lung diseases, including lung cancer. In Computed Tomography (CT) based image, nodule is known as a shape that appears brighter than lung surrounding. This research aim to develop an application that automatically detect lung nodule in CT images. There are some steps in algorithm such as image acquisition and conversion, image binarization, lung segmentation, blob detection, and classification. Data acquisition is a step to taking image slice by slice from the original *.dicom format and then each image slices is converted into *.tif image format. Binarization that tailoring Otsu algorithm, than separated the background and foreground part of each image slices. After removing the background part, the next step is to segment part of the lung only so the nodule can localized easier. Once again Otsu algorithm is use to detect nodule blob in localized lung area. The final step is tailoring Support Vector Machine (SVM) to classify the nodule. The application has succeed detecting near round nodule with a certain threshold of size. Those detecting result shows drawback in part of thresholding size and shape of nodule that need to enhance in the next part of the research. The algorithm also cannot detect nodule that attached to wall and Lung Chanel, since it depend the searching only on colour differences.

  13. Foundations of computer vision computational geometry, visual image structures and object shape detection

    Peters, James F

    2017-01-01

    This book introduces the fundamentals of computer vision (CV), with a focus on extracting useful information from digital images and videos. Including a wealth of methods used in detecting and classifying image objects and their shapes, it is the first book to apply a trio of tools (computational geometry, topology and algorithms) in solving CV problems, shape tracking in image object recognition and detecting the repetition of shapes in single images and video frames. Computational geometry provides a visualization of topological structures such as neighborhoods of points embedded in images, while image topology supplies us with structures useful in the analysis and classification of image regions. Algorithms provide a practical, step-by-step means of viewing image structures. The implementations of CV methods in Matlab and Mathematica, classification of chapter problems with the symbols (easily solved) and (challenging) and its extensive glossary of key words, examples and connections with the fabric of C...

  14. Failure detection in high-performance clusters and computers using chaotic map computations

    Rao, Nageswara S.

    2015-09-01

    A programmable media includes a processing unit capable of independent operation in a machine that is capable of executing 10.sup.18 floating point operations per second. The processing unit is in communication with a memory element and an interconnect that couples computing nodes. The programmable media includes a logical unit configured to execute arithmetic functions, comparative functions, and/or logical functions. The processing unit is configured to detect computing component failures, memory element failures and/or interconnect failures by executing programming threads that generate one or more chaotic map trajectories. The central processing unit or graphical processing unit is configured to detect a computing component failure, memory element failure and/or an interconnect failure through an automated comparison of signal trajectories generated by the chaotic maps.

  15. COMPUTER-AIDED DETECTION OF ACINAR SHADOWS IN CHEST RADIOGRAPHS

    Tao Xu

    2013-05-01

    Full Text Available Despite the technological advances in medical diagnosis, accurate detection of infectious tuberculosis (TB still poses challenges due to complex image features and thus infectious TB continues to be a public health problem of global proportions. Currently, the detection of TB is mainly conducted visually by radiologists examining chest radiographs (CXRs. To reduce the backlog of CXR examination and provide more precise quantitative assessment, computer-aided detection (CAD systems for potential lung lesions have been increasingly adopted and commercialized for clinical practice. CADs work as supporting tools to alert radiologists on suspected features that could have easily been neglected. In this paper, an effective CAD system aimed for acinar shadow regions detection in CXRs is proposed. This system exploits textural and photometric features analysis techniques which include local binary pattern (LBP, grey level co-occurrence matrix (GLCM and histogram of oriented gradients (HOG to analyze target regions in CXRs. Classification of acinar shadows using Adaboost is then deployed to verify the performance of a combination of these techniques. Comparative study in different image databases shows that the proposed CAD system delivers consistent high accuracy in detecting acinar shadows.

  16. From experiment to design -- Fault characterization and detection in parallel computer systems using computational accelerators

    Yim, Keun Soo

    This dissertation summarizes experimental validation and co-design studies conducted to optimize the fault detection capabilities and overheads in hybrid computer systems (e.g., using CPUs and Graphics Processing Units, or GPUs), and consequently to improve the scalability of parallel computer systems using computational accelerators. The experimental validation studies were conducted to help us understand the failure characteristics of CPU-GPU hybrid computer systems under various types of hardware faults. The main characterization targets were faults that are difficult to detect and/or recover from, e.g., faults that cause long latency failures (Ch. 3), faults in dynamically allocated resources (Ch. 4), faults in GPUs (Ch. 5), faults in MPI programs (Ch. 6), and microarchitecture-level faults with specific timing features (Ch. 7). The co-design studies were based on the characterization results. One of the co-designed systems has a set of source-to-source translators that customize and strategically place error detectors in the source code of target GPU programs (Ch. 5). Another co-designed system uses an extension card to learn the normal behavioral and semantic execution patterns of message-passing processes executing on CPUs, and to detect abnormal behaviors of those parallel processes (Ch. 6). The third co-designed system is a co-processor that has a set of new instructions in order to support software-implemented fault detection techniques (Ch. 7). The work described in this dissertation gains more importance because heterogeneous processors have become an essential component of state-of-the-art supercomputers. GPUs were used in three of the five fastest supercomputers that were operating in 2011. Our work included comprehensive fault characterization studies in CPU-GPU hybrid computers. In CPUs, we monitored the target systems for a long period of time after injecting faults (a temporally comprehensive experiment), and injected faults into various types of

  17. Genomecmp: computer software to detect genomic rearrangements using markers

    Kulawik, Maciej; Nowak, Robert M.

    2017-08-01

    Detection of genomics rearrangements is a tough task, because of the size of data to be processed. As genome sequences may consist of hundreds of millions symbols, it is not only practically impossible to compare them by hand, but it is also complex problem for computer software. The way to significantly accelerate the process is to use rearrangement detection algorithm based on unique short sequences called markers. The algorithm described in this paper develops markers using base genome and find the markers positions on other genome. The algorithm has been extended by support for ambiguity symbols. Web application with graphical user interface has been created using three-layer architecture, where users could run the task simultaneously. The accuracy and efficiency of proposed solution has been studied using generated and real data.

  18. Security and policy driven computing

    Liu, Lei

    2010-01-01

    Security and Policy Driven Computing covers recent advances in security, storage, parallelization, and computing as well as applications. The author incorporates a wealth of analysis, including studies on intrusion detection and key management, computer storage policy, and transactional management.The book first describes multiple variables and index structure derivation for high dimensional data distribution and applies numeric methods to proposed search methods. It also focuses on discovering relations, logic, and knowledge for policy management. To manage performance, the text discusses con

  19. Detection of Organophosphorus Pesticides with Colorimetry and Computer Image Analysis.

    Li, Yanjie; Hou, Changjun; Lei, Jincan; Deng, Bo; Huang, Jing; Yang, Mei

    2016-01-01

    Organophosphorus pesticides (OPs) represent a very important class of pesticides that are widely used in agriculture because of their relatively high-performance and moderate environmental persistence, hence the sensitive and specific detection of OPs is highly significant. Based on the inhibitory effect of acetylcholinesterase (AChE) induced by inhibitors, including OPs and carbamates, a colorimetric analysis was used for detection of OPs with computer image analysis of color density in CMYK (cyan, magenta, yellow and black) color space and non-linear modeling. The results showed that there was a gradually weakened trend of yellow intensity with the increase of the concentration of dichlorvos. The quantitative analysis of dichlorvos was achieved by Artificial Neural Network (ANN) modeling, and the results showed that the established model had a good predictive ability between training sets and predictive sets. Real cabbage samples containing dichlorvos were detected by colorimetry and gas chromatography (GC), respectively. The results showed that there was no significant difference between colorimetry and GC (P > 0.05). The experiments of accuracy, precision and repeatability revealed good performance for detection of OPs. AChE can also be inhibited by carbamates, and therefore this method has potential applications in real samples for OPs and carbamates because of high selectivity and sensitivity.

  20. Data-Driven Approaches for Computation in Intelligent Biomedical Devices: A Case Study of EEG Monitoring for Chronic Seizure Detection

    Naveen Verma

    2011-04-01

    Full Text Available Intelligent biomedical devices implies systems that are able to detect specific physiological processes in patients so that particular responses can be generated. This closed-loop capability can have enormous clinical value when we consider the unprecedented modalities that are beginning to emerge for sensing and stimulating patient physiology. Both delivering therapy (e.g., deep-brain stimulation, vagus nerve stimulation, etc. and treating impairments (e.g., neural prosthesis requires computational devices that can make clinically relevant inferences, especially using minimally-intrusive patient signals. The key to such devices is algorithms that are based on data-driven signal modeling as well as hardware structures that are specialized to these. This paper discusses the primary application-domain challenges that must be overcome and analyzes the most promising methods for this that are emerging. We then look at how these methods are being incorporated in ultra-low-energy computational platforms and systems. The case study for this is a seizure-detection SoC that includes instrumentation and computation blocks in support of a system that exploits patient-specific modeling to achieve accurate performance for chronic detection. The SoC samples each EEG channel at a rate of 600 Hz and performs processing to derive signal features on every two second epoch, consuming 9 μJ/epoch/channel. Signal feature extraction reduces the data rate by a factor of over 40×, permitting wireless communication from the patient’s head while reducing the total power on the head by 14×.

  1. Computer aided detection system for lung cancer using computer tomography scans

    Mahesh, Shanthi; Rakesh, Spoorthi; Patil, Vidya C.

    2018-04-01

    Lung Cancer is a disease can be defined as uncontrolled cell growth in tissues of the lung. If we detect the Lung Cancer in its early stage, then that could be the key of its cure. In this work the non-invasive methods are studied for assisting in nodule detection. It supplies a Computer Aided Diagnosis System (CAD) for early detection of lung cancer nodules from the Computer Tomography (CT) images. CAD system is the one which helps to improve the diagnostic performance of radiologists in their image interpretations. The main aim of this technique is to develop a CAD system for finding the lung cancer using the lung CT images and classify the nodule as Benign or Malignant. For classifying cancer cells, SVM classifier is used. Here, image processing techniques have been used to de-noise, to enhance, for segmentation and edge detection of an image is used to extract the area, perimeter and shape of nodule. The core factors of this research are Image quality and accuracy.

  2. 77 FR 39498 - Guidances for Industry and Food and Drug Administration Staff: Computer-Assisted Detection...

    2012-07-03

    ...] Guidances for Industry and Food and Drug Administration Staff: Computer-Assisted Detection Devices Applied... Clinical Performance Assessment: Considerations for Computer-Assisted Detection Devices Applied to... guidance, entitled ``Computer-Assisted Detection Devices Applied to Radiology Images and Radiology Device...

  3. An intrusion prevention system as a proactive security mechanism in network infrastructure

    Dulanović Nenad

    2008-01-01

    Full Text Available A properly configured firewall is a good starting point in securing a computer network. However, complex network environments that involve higher number of participants and endpoints require better security infrastructure. Intrusion Detection Systems (IDS, proposed as a solution to perimeter defense, have many open problems and it is clear that better solutions must be found. Due to many unsolved problems associated with IDS, Intrusion Prevention Systems (IPS are introduced. The main idea in IPS is to be proactive. This paper gives an insight of Cobrador Bouncer IPS implementation. System architecture is given and three different Bouncer IPS deployment modes are presented. The Bouncer IPS as a proactive honeypot is also discussed.

  4. Computer-aided detection of pulmonary nodules: influence of nodule characteristics on detection performance

    Marten, K.; Engelke, C.; Seyfarth, T.; Grillhoesl, A.; Obenauer, S.; Rummeny, E.J.

    2005-01-01

    AIM: To evaluate prospectively the influence of pulmonary nodule characteristics on detection performances of a computer-aided diagnosis (CAD) tool and experienced chest radiologists using multislice CT (MSCT). MATERIALS AND METHODS: MSCT scans of 20 consecutive patients were evaluated by a CAD system and two independent chest radiologists for presence of pulmonary nodules. Nodule size, position, margin, matrix characteristics, vascular and pleural attachments and reader confidence were recorded and data compared with an independent standard of reference. Statistical analysis for predictors influencing nodule detection or reader performance included chi-squared, retrograde stepwise conditional logistic regression with odds ratios and nodule detection proportion estimates (DPE), and ROC analysis. RESULTS: For 135 nodules, detection rates for CAD and readers were 76.3, 52.6 and 52.6%, respectively; false-positive rates were 0.55, 0.25 and 0.15 per examination, respectively. In consensus with CAD the reader detection rate increased to 93.3%, and the false-positive rate dropped to 0.1/scan. DPEs for nodules ≤5 mm were significantly higher for ICAD than for the readers (p<0.05). Absence of vascular attachment was the only significant predictor of nodule detection by CAD (p=0.0006-0.008). There were no predictors of nodule detection for reader consensus with CAD. In contrast, vascular attachment predicted nodule detection by the readers (p=0.0001-0.003). Reader sensitivity was higher for nodules with vascular attachment than for unattached nodules (sensitivities 0.768 and 0.369; 95% confidence intervals=0.651-0.861 and 0.253-0.498, respectively). CONCLUSION: CAD increases nodule detection rates, decreases false-positive rates and compensates for deficient reader performance in detection of smallest lesions and of nodules without vascular attachment

  5. Detection of Mild Emphysema by Computed Tomography Density Measurements

    Vikgren, J.; Friman, O.; Borga, M.; Boijsen, M.; Gustavsson, S.; Bake, B.; Tylen, U.; Ekberg-Jansson, A.

    2005-01-01

    Purpose: To assess the ability of a conventional density mask method to detect mild emphysema by high-resolution computed tomography (HRCT); to analyze factors influencing quantification of mild emphysema; and to validate a new algorithm for detection of mild emphysema. Material and Methods: Fifty-five healthy male smokers and 34 never-smokers, 61-62 years of age, were examined. Emphysema was evaluated visually, by the conventional density mask method, and by a new algorithm compensating for the effects of gravity and artifacts due to motion and the reconstruction algorithm. Effects of the reconstruction algorithm, slice thickness, and various threshold levels on the outcome of the density mask area were evaluated. Results: Forty-nine percent of the smokers had mild emphysema. The density mask area was higher the thinner the slice irrespective of the reconstruction algorithm and threshold level. The sharp algorithm resulted in increased density mask area. The new reconstruction algorithm could discriminate between smokers with and those without mild emphysema, whereas the density mask method could not. The diagnostic ability of the new algorithm was dependent on lung level. At about 90% specificity, sensitivity was 65-100% in the apical levels, but low in the rest of the lung. Conclusion: The conventional density mask method is inadequate for detecting mild emphysema, while the new algorithm improves the diagnostic ability but is nevertheless still imperfect

  6. Lung nodule detection on chest CT: evaluation of a computer-aided detection (CAD) system

    Lee, In Jae; Gamsu, Gordon; Czum, Julianna; Johnson, Rebecca; Chakrapani, Sanjay; Wu, Ning

    2005-01-01

    To evaluate the capacity of a computer-aided detection (CAD) system to detect lung nodules in clinical chest CT. A total of 210 consecutive clinical chest CT scans and their reports were reviewed by two chest radiologists and 70 were selected (33 without nodules and 37 with 1-6 nodules, 4-15.4 mm in diameter). The CAD system (ImageChecker CT LN-1000) developed by R2 Technology, Inc. (Sunnyvale, CA) was used. Its algorithm was designed to detect nodules with a diameter of 4-20 mm. The two chest radiologists working with the CAD system detected a total of 78 nodules. These 78 nodules form the database for this study. Four independent observers interpreted the studies with and without the CAD system. The detection rates of the four independent observers without CAD were 81% (63/78), 85% (66/78), 83% (65/78), and 83% (65/78), respectively. With CAD their rates were 87% (68/78), 85% (66/78), 86% (67/78), and 85% (66/78), respectively. The differences between these two sets of detection rates did not reach statistical significance. In addition, CAD detected eight nodules that were not mentioned in the original clinical radiology reports. The CAD system produced 1.56 false-positive nodules per CT study. The four test observers had 0, 0.1, 0.17, and 0.26 false-positive results per study without CAD and 0.07, 0.2, 0.23, and 0.39 with CAD, respectively. The CAD system can assist radiologists in detecting pulmonary nodules in chest CT, but with a potential increase in their false positive rates. Technological improvements to the system could increase the sensitivity and specificity for the detection of pulmonary nodules and reduce these false-positive results

  7. The Monitoring, Detection, Isolation and Assessment of Information Warfare Attacks Through Multi-Level, Multi-Scale System Modeling and Model Based Technology

    Ye, Nong

    2004-01-01

    With the goal of protecting computer and networked systems from various attacks, the following intrusion detection techniques were developed and tested using the 1998 and 2000 MIT Lincoln Lab Evaluation Data...

  8. Does Computer-aided Detection Assist in the Early Detection of Breast Cancer?

    Hukkinen, K.; Pamilo, M.

    2005-01-01

    Purpose: To evaluate whether breast cancers detected at screening are visible in previous mammograms, and to assess the performance of a computer-aided detection (CAD) system in detecting lesions in preoperative and previous mammograms. Material and Methods: Initial screening detected 67 women with 69 surgically verified breast cancers (Group A). An experienced screening radiologist retrospectively analyzed previous mammograms for visible lesions (Group B), noting in particular their size and morphology. Preoperative and previous mammograms were analyzed with CAD; a relatively inexperienced resident also analyzed previous mammograms. The performances of CAD and resident were then compared. Results: Of the 69 lesions identified, 36 were visible in previous mammograms. Of these 36 'missed' lesions, 14 were under 10 mm in diameter and 29 were mass lesions. The sensitivity of CAD was 81% in Group A and 64% in Group B. Small mass lesions were harder for CAD to detect. The specificity of CAD was 3% in Group A and 9% in Group B. Together, CAD and the resident found more 'missed' lesions than separately. Conclusion: Of the 69 breast cancers, 36 were visible in previous mammograms. CAD's sensitivity in detecting cancer lesions ranged from 64% to 81%, while specificity ranged from 9% to as low as 3%. CAD may be helpful if the radiologist is less subspecialized in mammography

  9. [Computed tomography with computer-assisted detection of pulmonary nodules in dogs and cats].

    Niesterok, C; Piesnack, S; Köhler, C; Ludewig, E; Alef, M; Kiefer, I

    2015-01-01

    The aim of this study was to assess the potential benefit of computer-assisted detection (CAD) of pulmonary nodules in veterinary medicine. Therefore, the CAD rate was compared to the detection rates of two individual examiners in terms of its sensitivity and false-positive findings. We included 51 dogs and 16 cats with pulmonary nodules previously diagnosed by computed tomography. First, the number of nodules ≥ 3 mm was recorded for each patient by two independent examiners. Subsequently, each examiner used the CAD software for automated nodule detection. With the knowledge of the CAD results, a final consensus decision on the number of nodules was achieved. The software used was a commercially available CAD program. The sensitivity of examiner 1 was 89.2%, while that of examiner 2 reached 87.4%. CAD had a sensitivity of 69.4%. With CAD, the sensitivity of examiner 1 increased to 94.7% and that of examiner 2 to 90.8%. The CAD-system, which we used in our study, had a moderate sensitivity of 69.4%. Despite its severe limitations, with a high level of false-positive and false-negative results, CAD increased the examiners' sensitivity. Therefore, its supportive role in diagnostics appears to be evident.

  10. Computational methods for ab initio detection of microRNAs

    Malik eYousef

    2012-10-01

    Full Text Available MicroRNAs are small RNA sequences of 18-24 nucleotides in length, which serve as templates to drive post transcriptional gene silencing. The canonical microRNA pathway starts with transcription from DNA and is followed by processing via the Microprocessor complex, yielding a hairpin structure. Which is then exported into the cytosol where it is processed by Dicer and then incorporated into the RNA induced silencing complex. All of these biogenesis steps add to the overall specificity of miRNA production and effect. Unfortunately, their modes of action are just beginning to be elucidated and therefore computational prediction algorithms cannot model the process but are usually forced to employ machine learning approaches. This work focuses on ab initio prediction methods throughout; and therefore homology-based miRNA detection methods are not discussed. Current ab initio prediction algorithms, their ties to data mining, and their prediction accuracy are detailed.

  11. Engineering of an Extreme Rainfall Detection System using Grid Computing

    Olivier Terzo

    2012-10-01

    Full Text Available This paper describes a new approach for intensive rainfall data analysis. ITHACA's Extreme Rainfall Detection System (ERDS is conceived to provide near real-time alerts related to potential exceptional rainfalls worldwide, which can be used by WFP or other humanitarian assistance organizations to evaluate the event and understand the potentially floodable areas where their assistance is needed. This system is based on precipitation analysis and it uses rainfall data from satellite at worldwide extent. This project uses the Tropical Rainfall Measuring Mission Multisatellite Precipitation Analysis dataset, a NASA-delivered near real-time product for current rainfall condition monitoring over the world. Considering the great deal of data to process, this paper presents an architectural solution based on Grid Computing techniques. Our focus is on the advantages of using a distributed architecture in terms of performances for this specific purpose.

  12. PACS-Based Computer-Aided Detection and Diagnosis

    Huang, H. K. (Bernie); Liu, Brent J.; Le, Anh HongTu; Documet, Jorge

    The ultimate goal of Picture Archiving and Communication System (PACS)-based Computer-Aided Detection and Diagnosis (CAD) is to integrate CAD results into daily clinical practice so that it becomes a second reader to aid the radiologist's diagnosis. Integration of CAD and Hospital Information System (HIS), Radiology Information System (RIS) or PACS requires certain basic ingredients from Health Level 7 (HL7) standard for textual data, Digital Imaging and Communications in Medicine (DICOM) standard for images, and Integrating the Healthcare Enterprise (IHE) workflow profiles in order to comply with the Health Insurance Portability and Accountability Act (HIPAA) requirements to be a healthcare information system. Among the DICOM standards and IHE workflow profiles, DICOM Structured Reporting (DICOM-SR); and IHE Key Image Note (KIN), Simple Image and Numeric Report (SINR) and Post-processing Work Flow (PWF) are utilized in CAD-HIS/RIS/PACS integration. These topics with examples are presented in this chapter.

  13. Fossa navicularis magna detection on cone-beam computed tomography

    Syed, Ali Z. [Dept. of Oral and Maxillofacial Medicine and Diagnostic Sciences, School of Dental Medicine, Case Western Reserve University, Cleveland(United States); Mupparapu, Mel [Div. of Radiology, University of Pennsylvania School of Dental Medicine, Philadelphia (United States)

    2016-03-15

    Herein, we report and discuss the detection of fossa navicularis magna, a close radiographic anatomic variant of canalis basilaris medianus of the basiocciput, as an incidental finding in cone-beam computed tomography (CBCT) imaging. The CBCT data of the patients in question were referred for the evaluation of implant sites and to rule out pathology in the maxilla and mandible. CBCT analysis showed osseous, notch-like defects on the inferior aspect of the clivus in all four cases. The appearance of fossa navicularis magna varied among the cases. In some, it was completely within the basiocciput and mimicked a small rounded, corticated, lytic defect, whereas it appeared as a notch in others. Fossa navicularis magna is an anatomical variant that occurs on the inferior aspect of the clivus. The pertinent literature on the anatomical variations occurring in this region was reviewed.

  14. Distributed fiber optic moisture intrusion sensing system

    Weiss, Jonathan D.

    2003-06-24

    Method and system for monitoring and identifying moisture intrusion in soil such as is contained in landfills housing radioactive and/or hazardous waste. The invention utilizes the principle that moist or wet soil has a higher thermal conductance than dry soil. The invention employs optical time delay reflectometry in connection with a distributed temperature sensing system together with heating means in order to identify discrete areas within a volume of soil wherein temperature is lower. According to the invention an optical element and, optionally, a heating element may be included in a cable or other similar structure and arranged in a serpentine fashion within a volume of soil to achieve efficient temperature detection across a large area or three dimensional volume of soil. Remediation, moisture countermeasures, or other responsive action may then be coordinated based on the assumption that cooler regions within a soil volume may signal moisture intrusion where those regions are located.

  15. New Computer Assisted Diagnostic to Detect Alzheimer Disease

    Ben Rabeh Amira

    2016-08-01

    Full Text Available We describe a new Computer Assisted Diagnosis (CAD to automatically detect Alzheimer Patients (AD, Mild Cognitive Impairment (MCI and elderly Controls, based on the segmentation and classification of the Hippocampus (H and Corpus Calosum (CC from Magnetic Resonance Images (MRI. For the segmentation we used a new method based on a deformable model to extract the area wishes, and then we computed the geometric and texture features. For the classification we proposed a new supervised method. We evaluated the accuracy of our method in a group of 25 patients with AD (age±standard-deviation (SD =70±6 years, 25 patients with MCI (age±SD=65±8 years and 25 elderly healthy controls (age±SD=60±8 years. For the AD patients we found an accuracy of the classification of 92%, for the MCI we found 88% and for the elderly patients we found 96%. Overall, we found our method to be 92% accurate. Our method can be a useful tool for diagnosing Alzheimer’s Disease in any of these Steps.

  16. Matrix駭客任務:刑法第358條入侵電腦罪 Matrix-Criminal Law Article 358 Intrusion of Computer

    蔡榮耕 Rong-Geng Tsai

    2008-06-01

    Full Text Available 刑法第 358 條並沒有定義什麼是電腦。不過,這應該是正確的作法,因為實務可以因而有較大的彈性,以因應未來的科技發展。即便是要在法條中明文電腦的意義,也應該參考美國聯邦電腦詐欺及濫用防制法(CFAA)的規定,採取較為開放的定義。本文也建議,刑法第358 條的構成要件行為應修正為「無故入侵」電腦即為已足。至於「無故輸入他人帳號密碼」、「破解使用電腦之保護措施」或「利用電腦系統之漏洞」應屬蛇足的規定。「無故入侵」的解釋,可以參考美國聯邦電腦詐欺及濫用防制法(CFAA)中, 關於「無(越)權使用」的規定及相關判決。 rapid technology development. The legislature ought to visit CFAA even though it wants to give a definition. This article suggests that actus reus requirements of the current article 358 are improper. It is unnecessary to narrow down the actus reus requirement to inputting other’s account and password, hacking the protecting measure of a computer, and making use of the hole of computer system. The proper actus reus requirement should be “accessing a computer without authorization, or exceeding authorized access.” When interpreting and applying, we could refer to CFAA and the judicial decisions thereof.

  17. Computer Aided Diagnosis System for Early Lung Cancer Detection

    Fatma Taher

    2015-11-01

    Full Text Available Lung cancer continues to rank as the leading cause of cancer deaths worldwide. One of the most promising techniques for early detection of cancerous cells relies on sputum cell analysis. This was the motivation behind the design and the development of a new computer aided diagnosis (CAD system for early detection of lung cancer based on the analysis of sputum color images. The proposed CAD system encompasses four main processing steps. First is the preprocessing step which utilizes a Bayesian classification method using histogram analysis. Then, in the second step, mean shift segmentation is applied to segment the nuclei from the cytoplasm. The third step is the feature analysis. In this step, geometric and chromatic features are extracted from the nucleus region. These features are used in the diagnostic process of the sputum images. Finally, the diagnosis is completed using an artificial neural network and support vector machine (SVM for classifying the cells into benign or malignant. The performance of the system was analyzed based on different criteria such as sensitivity, specificity and accuracy. The evaluation was carried out using Receiver Operating Characteristic (ROC curve. The experimental results demonstrate the efficiency of the SVM classifier over other classifiers, with 97% sensitivity and accuracy as well as a significant reduction in the number of false positive and false negative rates.

  18. Comparison of computer workstation with film for detecting setup errors

    Fritsch, D.S.; Boxwala, A.A.; Raghavan, S.; Coffee, C.; Major, S.A.; Muller, K.E.; Chaney, E.L.

    1997-01-01

    Purpose/Objective: Workstations designed for portal image interpretation by radiation oncologists provide image displays and image processing and analysis tools that differ significantly compared with the standard clinical practice of inspecting portal films on a light box. An implied but unproved assumption associated with the clinical implementation of workstation technology is that patient care is improved, or at least not adversely affected. The purpose of this investigation was to conduct observer studies to test the hypothesis that radiation oncologists can detect setup errors using a workstation at least as accurately as when following standard clinical practice. Materials and Methods: A workstation, PortFolio, was designed for radiation oncologists to display and inspect digital portal images for setup errors. PortFolio includes tools to enhance images; align cross-hairs, field edges, and anatomic structures on reference and acquired images; measure distances and angles; and view registered images superimposed on one another. In a well designed and carefully controlled observer study, nine radiation oncologists, including attendings and residents, used PortFolio to detect setup errors in realistic digitally reconstructed portal (DRPR) images computed from the NLM visible human data using a previously described approach † . Compared with actual portal images where absolute truth is ill defined or unknown, the DRPRs contained known translation or rotation errors in the placement of the fields over target regions in the pelvis and head. Twenty DRPRs with randomly induced errors were computed for each site. The induced errors were constrained to a plane at the isocenter of the target volume and perpendicular to the central axis of the treatment beam. Images used in the study were also printed on film. Observers interpreted the film-based images using standard clinical practice. The images were reviewed in eight sessions. During each session five images were

  19. Novel computed tomographic chest metrics to detect pulmonary hypertension

    Chan, Andrew L; Juarez, Maya M; Shelton, David K; MacDonald, Taylor; Li, Chin-Shang; Lin, Tzu-Chun; Albertson, Timothy E

    2011-01-01

    Early diagnosis of pulmonary hypertension (PH) can potentially improve survival and quality of life. Detecting PH using echocardiography is often insensitive in subjects with lung fibrosis or hyperinflation. Right heart catheterization (RHC) for the diagnosis of PH adds risk and expense due to its invasive nature. Pre-defined measurements utilizing computed tomography (CT) of the chest may be an alternative non-invasive method of detecting PH. This study retrospectively reviewed 101 acutely hospitalized inpatients with heterogeneous diagnoses, who consecutively underwent CT chest and RHC during the same admission. Two separate teams, each consisting of a radiologist and pulmonologist, blinded to clinical and RHC data, individually reviewed the chest CT's. Multiple regression analyses controlling for age, sex, ascending aortic diameter, body surface area, thoracic diameter and pulmonary wedge pressure showed that a main pulmonary artery (PA) diameter ≥29 mm (odds ratio (OR) = 4.8), right descending PA diameter ≥19 mm (OR = 7.0), true right descending PA diameter ≥ 16 mm (OR = 4.1), true left descending PA diameter ≥ 21 mm (OR = 15.5), right ventricular (RV) free wall ≥ 6 mm (OR = 30.5), RV wall/left ventricular (LV) wall ratio ≥0.32 (OR = 8.8), RV/LV lumen ratio ≥1.28 (OR = 28.8), main PA/ascending aorta ratio ≥0.84 (OR = 6.0) and main PA/descending aorta ratio ≥ 1.29 (OR = 5.7) were significant predictors of PH in this population of hospitalized patients. This combination of easily measured CT-based metrics may, upon confirmatory studies, aid in the non-invasive detection of PH and hence in the determination of RHC candidacy in acutely hospitalized patients

  20. SODA-IIoT4Factory: Blockchain to keep the A.I. of your Intrusion Detection System up-to-date

    Planchon , Frederic; Costa , Fernand; Nicaise , Vincent; Bouzerna , Nabil

    2017-01-01

    International audience; Co-designed with FPC Ingénierie, SODA-IIoT4Factory offers a secure way to update CyPRES rule engines & cyber security/attack models.CyPRES is an intelligent IDS that strengthens industrial information systems. It learns then verifies the operation and behaviour of the system to the lowest level of detail. It detects the first signs of attacks before damage is incurred.

  1. Computer aided detection of surgical retained foreign object for prevention

    Hadjiiski, Lubomir; Marentis, Theodore C.; Rondon, Lucas; Chan, Heang-Ping; Chaudhury, Amrita R.; Chronis, Nikolaos

    2015-01-01

    Purpose: Surgical retained foreign objects (RFOs) have significant morbidity and mortality. They are associated with approximately $1.5 × 10 9 annually in preventable medical costs. The detection accuracy of radiographs for RFOs is a mediocre 59%. The authors address the RFO problem with two complementary technologies: a three-dimensional (3D) gossypiboma micro tag, the μTag that improves the visibility of RFOs on radiographs, and a computer aided detection (CAD) system that detects the μTag. It is desirable for the CAD system to operate in a high specificity mode in the operating room (OR) and function as a first reader for the surgeon. This allows for fast point of care results and seamless workflow integration. The CAD system can also operate in a high sensitivity mode as a second reader for the radiologist to ensure the highest possible detection accuracy. Methods: The 3D geometry of the μTag produces a similar two dimensional (2D) depiction on radiographs regardless of its orientation in the human body and ensures accurate detection by a radiologist and the CAD. The authors created a data set of 1800 cadaver images with the 3D μTag and other common man-made surgical objects positioned randomly. A total of 1061 cadaver images contained a single μTag and the remaining 739 were without μTag. A radiologist marked the location of the μTag using an in-house developed graphical user interface. The data set was partitioned into three independent subsets: a training set, a validation set, and a test set, consisting of 540, 560, and 700 images, respectively. A CAD system with modules that included preprocessing μTag enhancement, labeling, segmentation, feature analysis, classification, and detection was developed. The CAD system was developed using the training and the validation sets. Results: On the training set, the CAD achieved 81.5% sensitivity with 0.014 false positives (FPs) per image in a high specificity mode for the surgeons in the OR and 96

  2. Computer-Aided Detection of Polyps in CT Colonography Using Logistic Regression

    Van Ravesteijn, V.F.; Van Wijk, C.; Vos, F.M.; Truyen, R.; Peters, J.F.; Stoker, J.; Van Vliet, L.J.

    2010-01-01

    We present a computer-aided detection (CAD) system for computed tomography colonography that orders the polyps according to clinical relevance. TheCADsystem consists of two steps: candidate detection and supervised classification. The characteristics of the detection step lead to specific choices

  3. Computer-aided Detection of Lung Cancer on Chest Radiographs: Effect on Observer Performance

    de Hoop, Bartjan; de Boo, Diederik W.; Gietema, Hester A.; van Hoorn, Frans; Mearadji, Banafsche; Schijf, Laura; van Ginneken, Bram; Prokop, Mathias; Schaefer-Prokop, Cornelia

    2010-01-01

    Purpose: To assess how computer-aided detection (CAD) affects reader performance in detecting early lung cancer on chest radiographs. Materials and Methods: In this ethics committee-approved study, 46 individuals with 49 computed tomographically (CT)-detected and histologically proved lung cancers

  4. Standalone computer-aided detection compared to radiologists' performance for the detection of mammographic masses

    Hupse, Rianne; Samulski, Maurice; Imhof-Tas, Mechli W.; Karssemeijer, Nico; Lobbes, Marc; Boetes, Carla; Heeten, Ard den; Beijerinck, David; Pijnappel, Ruud

    2013-01-01

    We developed a computer-aided detection (CAD) system aimed at decision support for detection of malignant masses and architectural distortions in mammograms. The effect of this system on radiologists' performance depends strongly on its standalone performance. The purpose of this study was to compare the standalone performance of this CAD system to that of radiologists. In a retrospective study, nine certified screening radiologists and three residents read 200 digital screening mammograms without the use of CAD. Performances of the individual readers and of CAD were computed as the true-positive fraction (TPF) at a false-positive fraction of 0.05 and 0.2. Differences were analysed using an independent one-sample t-test. At a false-positive fraction of 0.05, the performance of CAD (TPF = 0.487) was similar to that of the certified screening radiologists (TPF = 0.518, P = 0.17). At a false-positive fraction of 0.2, CAD performance (TPF = 0.620) was significantly lower than the radiologist performance (TPF = 0.736, P <0.001). Compared to the residents, CAD performance was similar for all false-positive fractions. The sensitivity of CAD at a high specificity was comparable to that of human readers. These results show potential for CAD to be used as an independent reader in breast cancer screening. (orig.)

  5. Noise and contrast detection in computed tomography images

    Faulkner, K.; Moores, B.M.

    1984-01-01

    A discrete representation of the reconstruction process is used in an analysis of noise in computed tomography (CT) images. This model is consistent with the method of data collection in actual machines. An expression is derived which predicts the variance on the measured linear attenuation coefficient of a single pixel in an image. The dependence of the variance on various CT scanner design parameters such as pixel size, slice width, scan time, number of detectors, etc., is then described. The variation of noise with sampling area is theoretically explained. These predictions are in good agreement with a set of experimental measurements made on a range of CT scanners. The equivalent sampling aperture of the CT process is determined and the effect of the reconstruction filter on the variance of the linear attenuation coefficient is also noted, in particular, the choice and its consequences for reconstructed images and noise behaviour. The theory has been extended to include contrast detail behaviour, and these predictions compare favourably with experimental measurements. The theory predicts that image smoothing will have little effect on the contrast-detail detectability behaviour of reconstructed images. (author)

  6. Brain lesions in congenital nystagmus as detected by computed tomography

    Lo, Chin-Ying

    1982-01-01

    Computed tomography (CT) was performed in a series of 60 cases with congenital nystagmus. The type of nystagmus was pendular in 20 and jerky in 40 cases. The age ranged from 3 months to 13 years. Abnormal CT findings of the central nervous system were detected in 31 cases (52%). There were 5 major CT findings: midline anomalies, cortical atrophy, ventricular dilatation, brain stem atrophy and low density area. The midline anomalies involved cavum septi pellucidi, cavum Vergae, cavum veli interpositi and partial agenesis of corpus callosum. The abnormal CT findings were more prominent in pendular type than in jerky type. The incidence of congenital nystagmus and positive CT findings were the same in the first and the second birth. There was a history of abnormalities during the prenatal or perinatal period in 28 out of the 60 cases (47%). This feature seemed to play a significant role in the occurrence of congenital nystagmus. The observed organic lesions in the central nervous system by CT would contribute to the elucidation of pathomechanism of congenital nystagmus. (author)

  7. Computer-aided detection of small pulmonary nodules in multidetector spiral computed tomography (MSCT) in children

    Honnef, D.; Behrendt, F.F.; Hohl, C.; Mahnken, A.H.; Guenther, R.W.; Das, M.; Mertens, R.; Stanzel, S.

    2008-01-01

    Purpose: Retrospective evaluation of computer-aided detection software (CAD) for automated detection (LungCAD, Siemens Medical solutions, Forchheim, Germany) and volumetry (LungCARE) of pulmonary nodules in dose-reduced pediatric MDCT. Materials and Methods: 30 scans of 24 children (10.4±5.9 years, 13 girls, 11 boys, 39.7±29.3 kg body weight) were performed on a 16-MDCT for tumor staging (n=18), inflammation (n=9), other indications (n=3). Tube voltage 120 kVp and effective mAs were adapted to body weight. Slice thickness 2 mm, increment 1 mm. A pediatric radiologist (U1), a CAD expert (U2) and an inexperienced radiologist (U3) independently analyzed the lung window images without and with the CAD as a second reader. In a consensus decision U1 and U2 were the reference standard. Results: Five examinations had to be excluded from the study due to other underlying lung disease. A total of 24 pulmonary nodules were found in all data sets with a minimal diameter of 0.35 mm to 3.81 mm (mean 1.7±0.85 mm). The sensitivities were as follows: U1 95.8% and 100% with CAD; U2 91.7% U3 66.7%. U2 and U3 did not detect further nodules with CAD. The sensitivity of CAD alone was 41.7% with 0.32 false-positive findings per examination. Interobserver agreement between U1/U2 regarding nodule detection with CAD was good (k=0.6500) and without CAD very good (k=0.8727). For the rest (U1/U3; U2/U3 with and without CAD), it was weak (k=0.0667-0.1884). Depending on the measured value (axial measurement, volume), there is a significant correlation (p=0.0026-0.0432) between nodule size and CAD detection. Undetected pulmonary nodules (mean 1.35 mm; range 0.35-2.61 mm) were smaller than the detected ones (mean 2.19 mm; range 1.35-3.81 mm). No significant correlation was found between CAD findings and patient age (p=0.9263) and body weight (p=0.9271) as well as nodule location (subpleural, intraparenchymal; p=1.0) and noise/SNR. (orig.)

  8. Computer aided detection of ureteral stones in thin slice computed tomography volumes using Convolutional Neural Networks.

    Längkvist, Martin; Jendeberg, Johan; Thunberg, Per; Loutfi, Amy; Lidén, Mats

    2018-06-01

    Computed tomography (CT) is the method of choice for diagnosing ureteral stones - kidney stones that obstruct the ureter. The purpose of this study is to develop a computer aided detection (CAD) algorithm for identifying a ureteral stone in thin slice CT volumes. The challenge in CAD for urinary stones lies in the similarity in shape and intensity of stones with non-stone structures and how to efficiently deal with large high-resolution CT volumes. We address these challenges by using a Convolutional Neural Network (CNN) that works directly on the high resolution CT volumes. The method is evaluated on a large data base of 465 clinically acquired high-resolution CT volumes of the urinary tract with labeling of ureteral stones performed by a radiologist. The best model using 2.5D input data and anatomical information achieved a sensitivity of 100% and an average of 2.68 false-positives per patient on a test set of 88 scans. Copyright © 2018 The Authors. Published by Elsevier Ltd.. All rights reserved.

  9. From intrusive to oscillating thoughts.

    Peirce, Anne Griswold

    2007-10-01

    This paper focused on the possibility that intrusive thoughts (ITs) are a form of an evolutionary, adaptive, and complex strategy to prepare for and resolve stressful life events through schema formation. Intrusive thoughts have been studied in relation to individual conditions, such as traumatic stress disorder and obsessive-compulsive disorder. They have also been documented in the average person experiencing everyday stress. In many descriptions of thought intrusion, it is accompanied by thought suppression. Several theories have been put forth to describe ITs, although none provides a satisfactory explanation as to whether ITs are a normal process, a normal process gone astray, or a sign of pathology. There is also no consistent view of the role that thought suppression plays in the process. I propose that thought intrusion and thought suppression may be better understood by examining them together as a complex and adaptive mechanism capable of escalating in times of need. The ability of a biological mechanism to scale up in times of need is one hallmark of a complex and adaptive system. Other hallmarks of complexity, including self-similarity across scales, sensitivity to initial conditions, presence of feedback loops, and system oscillation, are also discussed in this article. Finally, I propose that thought intrusion and thought suppression are better described together as an oscillatory cycle.

  10. Saltwater intrusion monitoring in Florida

    Prinos, Scott T.

    2016-01-01

    Florida's communities are largely dependent on freshwater from groundwater aquifers. Existing saltwater in the aquifers, or seawater that intrudes parts of the aquifers that were fresh, can make the water unusable without additional processing. The quality of Florida's saltwater intrusion monitoring networks varies. In Miami-Dade and Broward Counties, for example, there is a well-designed network with recently constructed short open-interval monitoring wells that bracket the saltwater interface in the Biscayne aquifer. Geochemical analyses of water samples from the network help scientists evaluate pathways of saltwater intrusion and movement of the saltwater interface. Geophysical measurements, collected in these counties, aid the mapping of the saltwater interface and the design of monitoring networks. In comparison, deficiencies in the Collier County monitoring network include the positioning of monitoring wells, reliance on wells with long open intervals that when sampled might provide questionable results, and the inability of existing analyses to differentiate between multiple pathways of saltwater intrusion. A state-wide saltwater intrusion monitoring network is being planned; the planned network could improve saltwater intrusion monitoring by adopting the applicable strategies of the networks of Miami-Dade and Broward Counties, and by addressing deficiencies such as those described for the Collier County network.

  11. Local pulmonary structure classification for computer-aided nodule detection

    Bahlmann, Claus; Li, Xianlin; Okada, Kazunori

    2006-03-01

    We propose a new method of classifying the local structure types, such as nodules, vessels, and junctions, in thoracic CT scans. This classification is important in the context of computer aided detection (CAD) of lung nodules. The proposed method can be used as a post-process component of any lung CAD system. In such a scenario, the classification results provide an effective means of removing false positives caused by vessels and junctions thus improving overall performance. As main advantage, the proposed solution transforms the complex problem of classifying various 3D topological structures into much simpler 2D data clustering problem, to which more generic and flexible solutions are available in literature, and which is better suited for visualization. Given a nodule candidate, first, our solution robustly fits an anisotropic Gaussian to the data. The resulting Gaussian center and spread parameters are used to affine-normalize the data domain so as to warp the fitted anisotropic ellipsoid into a fixed-size isotropic sphere. We propose an automatic method to extract a 3D spherical manifold, containing the appropriate bounding surface of the target structure. Scale selection is performed by a data driven entropy minimization approach. The manifold is analyzed for high intensity clusters, corresponding to protruding structures. Techniques involve EMclustering with automatic mode number estimation, directional statistics, and hierarchical clustering with a modified Bhattacharyya distance. The estimated number of high intensity clusters explicitly determines the type of pulmonary structures: nodule (0), attached nodule (1), vessel (2), junction (>3). We show accurate classification results for selected examples in thoracic CT scans. This local procedure is more flexible and efficient than current state of the art and will help to improve the accuracy of general lung CAD systems.

  12. Computer-aided detection system for lung cancer in computed tomography scans: Review and future prospects

    2014-01-01

    Introduction The goal of this paper is to present a critical review of major Computer-Aided Detection systems (CADe) for lung cancer in order to identify challenges for future research. CADe systems must meet the following requirements: improve the performance of radiologists providing high sensitivity in the diagnosis, a low number of false positives (FP), have high processing speed, present high level of automation, low cost (of implementation, training, support and maintenance), the ability to detect different types and shapes of nodules, and software security assurance. Methods The relevant literature related to “CADe for lung cancer” was obtained from PubMed, IEEEXplore and Science Direct database. Articles published from 2009 to 2013, and some articles previously published, were used. A systemic analysis was made on these articles and the results were summarized. Discussion Based on literature search, it was observed that many if not all systems described in this survey have the potential to be important in clinical practice. However, no significant improvement was observed in sensitivity, number of false positives, level of automation and ability to detect different types and shapes of nodules in the studied period. Challenges were presented for future research. Conclusions Further research is needed to improve existing systems and propose new solutions. For this, we believe that collaborative efforts through the creation of open source software communities are necessary to develop a CADe system with all the requirements mentioned and with a short development cycle. In addition, future CADe systems should improve the level of automation, through integration with picture archiving and communication systems (PACS) and the electronic record of the patient, decrease the number of false positives, measure the evolution of tumors, evaluate the evolution of the oncological treatment, and its possible prognosis. PMID:24713067

  13. 3D computer-aided detection for digital breast tomosynthesis: Comparison with 2D computer-aided detection for digital mammography in the detection of calcifications

    Chu, A Jung; Cho, Nariya; Chang, Jung Min; Kim, Won Hwa; Lee, Su Hyun; Song, Sung Eun; Shin, Sung Ui; Moon, Woo Kyung [Dept. of Radiology, Seoul National University College of Medicine, Seoul National University Hospital, Seoul (Korea, Republic of)

    2017-08-15

    To retrospectively evaluate the performance of 3D computer-aided detection (CAD) for digital breast tomosynthesis (DBT) in the detection of calcifications in comparison with 2D CAD for digital mammography (DM). Between 2012 and 2013, both 3D CAD and 2D CAD systems were retrospectively applied to the calcification data set including 69 calcifications (31 malignant calcifications and 38 benign calcifications) and the normal data set including 20 bilateral normal mammograms. Each data set consisted of paired DBT and DM images. Sensitivities for the detection of malignant calcifications were calculated from the calcification data set. False-positive mark rates were calculated from the normal data set. They were compared between the two systems. Sensitivities of 3D CAD [100% (31/31) at levels 2, 1, and 0] were same as those of the 2D CAD system [100% (31/31) at levels 2 and 1] (p = 1.0, respectively). The mean value of false-positive marks per view with 3D CAD was higher than that with 2D CAD at level 2 (0.52 marks ± 0.91 vs. 0.07 marks ± 0.26, p = 0.009). 3D CAD for DBT showed equivalent sensitivity, albeit with a higher false-positive mark rate, than 2D CAD for DM in the detection of calcifications.

  14. Acoustic emission intrusion detector

    Carver, D.W.

    1978-01-01

    In order to improve the security of handling special nuclear materials at the Oak Ridge Y-12 Plant, a sensitive acoustic emission detector has been developed that will detect forcible entry through block or tile walls, concrete floors, or concrete/steel vault walls. A small, low-powered processor was designed to convert the output from a sensitive, crystal-type acoustic transducer to an alarm relay signal for use with a supervised alarm loop. The unit may be used to detect forcible entry through concrete, steel, block, tile, and/or glass

  15. Improved cancer detection in automated breast ultrasound by radiologists using Computer Aided Detection

    Zelst, J.C.M. van, E-mail: Jan.vanZelst@radboudumc.nl [Radboud University Medical Center, Department of Radiology and Nuclear Medicine, Nijmegen (Netherlands); Tan, T.; Platel, B. [Radboud University Medical Center, Department of Radiology and Nuclear Medicine, Nijmegen (Netherlands); Jong, M. de [Jeroen Bosch Medical Centre, Department of Radiology, ‘s-Hertogenbosch (Netherlands); Steenbakkers, A. [Radboud University Medical Center, Department of Radiology and Nuclear Medicine, Nijmegen (Netherlands); Mourits, M. [Jeroen Bosch Medical Centre, Department of Radiology, ‘s-Hertogenbosch (Netherlands); Grivegnee, A. [Jules Bordet Institute, Department of Radiology, Brussels (Belgium); Borelli, C. [Catholic University of the Sacred Heart, Department of Radiological Sciences, Rome (Italy); Karssemeijer, N.; Mann, R.M. [Radboud University Medical Center, Department of Radiology and Nuclear Medicine, Nijmegen (Netherlands)

    2017-04-15

    Objective: To investigate the effect of dedicated Computer Aided Detection (CAD) software for automated breast ultrasound (ABUS) on the performance of radiologists screening for breast cancer. Methods: 90 ABUS views of 90 patients were randomly selected from a multi-institutional archive of cases collected between 2010 and 2013. This dataset included normal cases (n = 40) with >1 year of follow up, benign (n = 30) lesions that were either biopsied or remained stable, and malignant lesions (n = 20). Six readers evaluated all cases with and without CAD in two sessions. CAD-software included conventional CAD-marks and an intelligent minimum intensity projection of the breast tissue. Readers reported using a likelihood-of-malignancy scale from 0 to 100. Alternative free-response ROC analysis was used to measure the performance. Results: Without CAD, the average area-under-the-curve (AUC) of the readers was 0.77 and significantly improved with CAD to 0.84 (p = 0.001). Sensitivity of all readers improved (range 5.2–10.6%) by using CAD but specificity decreased in four out of six readers (range 1.4–5.7%). No significant difference was observed in the AUC between experienced radiologists and residents both with and without CAD. Conclusions: Dedicated CAD-software for ABUS has the potential to improve the cancer detection rates of radiologists screening for breast cancer.

  16. Improved cancer detection in automated breast ultrasound by radiologists using Computer Aided Detection

    Zelst, J.C.M. van; Tan, T.; Platel, B.; Jong, M. de; Steenbakkers, A.; Mourits, M.; Grivegnee, A.; Borelli, C.; Karssemeijer, N.; Mann, R.M.

    2017-01-01

    Objective: To investigate the effect of dedicated Computer Aided Detection (CAD) software for automated breast ultrasound (ABUS) on the performance of radiologists screening for breast cancer. Methods: 90 ABUS views of 90 patients were randomly selected from a multi-institutional archive of cases collected between 2010 and 2013. This dataset included normal cases (n = 40) with >1 year of follow up, benign (n = 30) lesions that were either biopsied or remained stable, and malignant lesions (n = 20). Six readers evaluated all cases with and without CAD in two sessions. CAD-software included conventional CAD-marks and an intelligent minimum intensity projection of the breast tissue. Readers reported using a likelihood-of-malignancy scale from 0 to 100. Alternative free-response ROC analysis was used to measure the performance. Results: Without CAD, the average area-under-the-curve (AUC) of the readers was 0.77 and significantly improved with CAD to 0.84 (p = 0.001). Sensitivity of all readers improved (range 5.2–10.6%) by using CAD but specificity decreased in four out of six readers (range 1.4–5.7%). No significant difference was observed in the AUC between experienced radiologists and residents both with and without CAD. Conclusions: Dedicated CAD-software for ABUS has the potential to improve the cancer detection rates of radiologists screening for breast cancer.

  17. Computer-aided-detection marker value and breast density in the detection of invasive lobular carcinoma

    Destounis, Stamatia; Hanson, Sarah [The Elizabeth Wende Breast Clinic, Rochester, NY (United States); Roehrig, Jimmy [R2/Hologic, Inc., Santa Clara, CA (United States)

    2007-08-15

    Invasive Lobular Carcinoma (ILC) is frequently a mammographic and diagnostic dilemma; thus any additional information that CAD (Computer-Aided Detection) systems can give radiologists may be helpful. Our study was to evaluate the role of CAD numeric values as indicators of malignancy and the effect of breast density in the diagnosis of ILC. Eighty consecutive biopsy-proven ILC cases with CAD (ImageChecker {sup registered}, Hologic vertical stroke R2, Santa Clara, CA, versions 2.3, 3.1, 3.2, 5.0, 5.2) diagnosed between June 2002 and December 2004 were retrospectively reviewed. Data included: BIRADS {sup registered} breast density, whether CAD marked the cancer at diagnosis year or years prior, and lesion type. Study mammograms underwent additional CAD scans (Image Checker {sup registered} V5.3, V8.0, V8.1) to obtain a numeric value associated with each marker, low values represent increasingly suspicious features. CAD correctly marked 65% (52/80) of ILC cases, detection was found to decrease with increased breast density. Numeric values of CAD marks at sites of carcinoma showed median score of 171 (range 0 - 1121). The CAD marker may potentially be used as an additional indicator of suspicious lesion features in all breast densities and higher likelihood that an area on the mammogram requires further investigation. (orig.)

  18. Computer-aided-detection marker value and breast density in the detection of invasive lobular carcinoma

    Destounis, Stamatia; Hanson, Sarah; Roehrig, Jimmy

    2007-01-01

    Invasive Lobular Carcinoma (ILC) is frequently a mammographic and diagnostic dilemma; thus any additional information that CAD (Computer-Aided Detection) systems can give radiologists may be helpful. Our study was to evaluate the role of CAD numeric values as indicators of malignancy and the effect of breast density in the diagnosis of ILC. Eighty consecutive biopsy-proven ILC cases with CAD (ImageChecker registered , Hologic vertical stroke R2, Santa Clara, CA, versions 2.3, 3.1, 3.2, 5.0, 5.2) diagnosed between June 2002 and December 2004 were retrospectively reviewed. Data included: BIRADS registered breast density, whether CAD marked the cancer at diagnosis year or years prior, and lesion type. Study mammograms underwent additional CAD scans (Image Checker registered V5.3, V8.0, V8.1) to obtain a numeric value associated with each marker, low values represent increasingly suspicious features. CAD correctly marked 65% (52/80) of ILC cases, detection was found to decrease with increased breast density. Numeric values of CAD marks at sites of carcinoma showed median score of 171 (range 0 - 1121). The CAD marker may potentially be used as an additional indicator of suspicious lesion features in all breast densities and higher likelihood that an area on the mammogram requires further investigation. (orig.)

  19. Reproducibility of computer-aided detection system in digital mammograms

    Kim, Seung Ja; Cho, Nariya; Cha, Joo Hee; Chung, Hye Kyung; Lee, Sin Ho; Cho, Kyung Soo; Kim, Sun Mi; Moon, Woo Kyung

    2005-01-01

    To evaluate the reproducibility of the computer-aided detection (CAD) system for digital mammograms. We applied the CAD system (ImageChecker M1000-DM, version 3.1; R2 Technology) to full field digital mammograms. These mammograms were taken twice at an interval of 10-45 days (mean:25 days) for 34 preoperative patients (breast cancer n=27, benign disease n=7, age range:20-66 years, mean age:47.9 years). On the mammograms, lesions were visible in 19 patients and these were depicted as 15 masses and 12 calcification clusters. We analyzed the sensitivity, the false positive rate (FPR) and the reproducibility of the CAD marks. The broader sensitivities of the CAD system were 80% (12 of 15), 67%(10 of 15) for masses and those for calcification clusters were 100% (12 of 12). The strict sensitivities were 50% (15 of 30) and 50% (15 of 30) for masses and 92% (22 of 24) and 79% (19 of 24) for the clusters. The FPR for the masses was 0.21-0.22/image, the FPR for the clusters was 0.03-0.04/image and the total FPR was 0.24-0.26/image. Among 132 mammography images, the identical images regardless of the existence of CAD marks were 59% (78 of 132), and the identical images with CAD marks were 22% (15 of 69). The reproducibility of the CAD marks for the true positive mass was 67% (12 of 18) and 71% (17 of 24) for the true positive cluster. The reproducibility of CAD marks for the false positive mass was 8% (4 of 53), and the reproducibility of CAD marks for the false positive clusters was 14% (1 of 7). The reproducibility of the total mass marks was 23% (16 of 71), and the reproducibility of the total cluster marks was 58% (18 of 31). CAD system showed higher sensitivity and reproducibility of CAD marks for the calcification clusters which are related to breast cancer. Yet the overall reproducibility of CAD marks was low; therefore, the CAD system must be applied considering this limitation

  20. Computed tomography with energy-resolved detection: a feasibility study

    Shikhaliev, Polad M.

    2008-03-01

    The feasibility of computed tomography (CT) with energy-resolved x-ray detection has been investigated. A breast CT design with multi slit multi slice (MSMS) data acquisition was used for this study. The MSMS CT includes linear arrays of photon counting detectors separated by gaps. This CT configuration allows for efficient scatter rejection and 3D data acquisition. The energy-resolved CT images were simulated using a digital breast phantom and the design parameters of the proposed MSMS CT. The phantom had 14 cm diameter and 50/50 adipose/glandular composition, and included carcinoma, adipose, blood, iodine and CaCO3 as contrast elements. The x-ray technique was 90 kVp tube voltage with 660 mR skin exposure. Photon counting, charge (energy) integrating and photon energy weighting CT images were generated. The contrast-to-noise (CNR) improvement with photon energy weighting was quantified. The dual energy subtracted images of CaCO3 and iodine were generated using a single CT scan at a fixed x-ray tube voltage. The x-ray spectrum was electronically split into low- and high-energy parts by a photon counting detector. The CNR of the energy weighting CT images of carcinoma, blood, adipose, iodine, and CaCO3 was higher by a factor of 1.16, 1.20, 1.21, 1.36 and 1.35, respectively, as compared to CT with a conventional charge (energy) integrating detector. Photon energy weighting was applied to CT projections prior to dual energy subtraction and reconstruction. Photon energy weighting improved the CNR in dual energy subtracted CT images of CaCO3 and iodine by a factor of 1.35 and 1.33, respectively. The combination of CNR improvements due to scatter rejection and energy weighting was in the range of 1.71-2 depending on the type of the contrast element. The tilted angle CZT detector was considered as the detector of choice. Experiments were performed to test the effect of the tilting angle on the energy spectrum. Using the CZT detector with 20° tilting angle decreased the

  1. Hydrodynamic modeling of the intrusion phenomenon in water distribution systems; Modelacion hidrodinamica del fenomeno de intrusion en tuberia de abastecimiento

    Lopez-Jimenez, Petra Amparo; Mora-Rodriguez, Jose de Jesus; Perez-Garcia, Rafael; Martinez-Solano, F. Javier [Universidad Politecnica de Valencia (Spain)

    2008-10-15

    This paper describes a strategy for the hydrodynamic modeling of the pathogen intrusion phenomenon in water distribution systems by the combination of a breakage with a depression situation. This scenario will be modeled computationally and experimentally. The phenomenon to be represented by both simulations is the same: the entrance of an external volume into the circulation of a main volume, known as a pathogen intrusion, as long as the main volume is potable water. To this end, a prototype and a computational model based on Computational Fluid Dynamics (CFD) are used, which allow visualizing the fields of speeds and pressures in a simulated form. With the comparison of the results of both models, conclusions will be drawn on the detail of the studied pathogen intrusion phenomenon. [Spanish] En el presente documento se describe una estrategia de modelacion del fenomeno hidrodinamico de la intrusion patogena en redes de distribucion de agua por combinacion de una rotura con una situacion de depresion. Este escenario sera modelado computacional y experimentalmente. El fenomeno que se desea representar con ambas simulaciones es el mismo: la entrada de un caudal externo a una conduccion para la que circula un caudal principal, denominado intrusion patogena, siempre y cuando el caudal principal sea agua potable. Para ello se dispone de un prototipo y un modelo computacional basado en la Dinamica de Fluidos Computacional (DFC de aqui en adelante), que permite visualizar los campos de velocidades y presiones de forma simulada. Con la comparacion de los resultados de ambos modelos se extraeran conclusiones sobre el detalle del fenomeno de la intrusion patogena estudiado.

  2. Comparison of computed tomography and radiography for detecting changes induced by malignant nasal neoplasia in dogs

    Park, R.D.; Beck, E.R.; LeCouteur, R.A.

    1992-01-01

    The ability of computed tomography and radiography to detect changes associated with nasal neoplasia was compared in dogs. Eighteen areas or anatomic structures were evaluated in 21 dogs for changes indicative of neoplasia. Computed tomography was superior (P < or = 0.05) to radiography for detecting changes in 14 of 18 areas. Radiography was not superior for detecting changes in any structure or area. Computed tomography reveals vital information not always detected radiographically to assist in providing a prognosis and in planning treatment for nasal neoplasms in dogs

  3. Non-intrusive refractometer sensor

    An experimental realization of a simple non-intrusive refractometer sensor .... and after amplification is finally read by a digital multimeter (Fluke make: 179 true ... To study the response of the present FO refractometer, propylene glycol has been ... values of all the samples were initially measured by Abbe's refractometer.

  4. The Effects of Saltwater Intrusion to Flood Mitigation Project

    Azida Abu Bakar, Azinoor; Khairudin Khalil, Muhammad

    2018-03-01

    The objective of this study is to determine the effects of saltwater intrusion to flood mitigation project located in the flood plains in the district of Muar, Johor. Based on the studies and designs carried out, one of the effective flood mitigation options identified is the Kampung Tanjung Olak bypass and Kampung Belemang bypass at the lower reaches of Sungai Muar. But, the construction of the Kampung Belemang and Tanjung Olak bypass, while speeding up flood discharges, may also increase saltwater intrusion during drought low flows. Establishing the dynamics of flooding, including replicating the existing situation and the performance with prospective flood mitigation interventions, is most effectively accomplished using computer-based modelling tools. The finding of this study shows that to overcome the problem, a barrage should be constructed at Sungai Muar to solve the saltwater intrusion and low yield problem of the river.

  5. A software tool for network intrusion detection

    Van der Walt, C

    2012-10-01

    Full Text Available ? Online services include internet banking, e-commerce, video streaming, Gmail ? Data services include Dropbox, Google Docs, Google Drive ? Threats: hacking, Denial of Service (DoS) attacks ? Victims of DoS attacks include Yahoo, eBay, e-trade, CNN...S attacks use the TCP protocol ? SYN flood is the most commonly-used TCP attack ? Exploits the limitation of the three-way hand shake , that maintains half-open connections for a certain time period ? Neptune - SYN flood denial of service on one or more...

  6. Intrusion Detection in Bluetooth Enabled Mobile Phones

    Nair, Kishor Krishnan

    2015-11-23

    Full Text Available . Bluetooth Logging Agent (BLA) is a mechanism that has been developed for this purpose. It alleviates the current security issues by making the users aware of their incoming Bluetooth connections and gives them an option to either accept or reject...

  7. Intrusion Detection using Open Source Tools

    Jack TIMOFTE

    2008-01-01

    We have witnessed in the recent years that open source tools have gained popularity among all types of users, from individuals or small businesses to large organizations and enterprises. In this paper we will present three open source IDS tools: OSSEC, Prelude and SNORT.

  8. Cloud Intrusion Detection and Repair (CIDAR)

    2016-02-01

    form for VLC , Swftools-png2swf, Swftools-jpeg2swf, Dillo and GIMP. The superscript indicates the bit width of each expression atom. “sext(v, w... challenges in input rectification is the need to deal with nested fields. In general, input formats are in tree structures containing arbitrarily...length indicator constraints is challeng - ing, because of the presence of nested fields in hierarchical input format. For example, an integer field may

  9. Computer-Assisted Detection of 90% of EFL Student Errors

    Harvey-Scholes, Calum

    2018-01-01

    Software can facilitate English as a Foreign Language (EFL) students' self-correction of their free-form writing by detecting errors; this article examines the proportion of errors which software can detect. A corpus of 13,644 words of written English was created, comprising 90 compositions written by Spanish-speaking students at levels A2-B2…

  10. Intrusive luxation of 60 permanent incisors

    Tsilingaridis, Georgios; Malmgren, Barbro; Andreasen, Jens O

    2012-01-01

    Intrusive luxation in the permanent dentition is an uncommon injury but it is considered one of the most severe types of dental trauma because of the risk for damage to the periodontal ligament, pulp and alveolar bone. Management of intrusive luxation in the permanent dentition is controversial....... The purpose of this study was to evaluate pulp survival and periodontal healing in intrusive luxated permanent teeth in relation to treatment alternatives, degree of intrusion and root development....

  11. Computer-based instrumentation for partial discharge detection in GIS

    Md Enamul Haque; Ahmad Darus; Yaacob, M.M.; Halil Hussain; Feroz Ahmed

    2000-01-01

    Partial discharge is one of the prominent indicators of defects and insulation degradation in a Gas Insulated Switchgear (GIS). Partial discharges (PD) have a harmful effect on the life of insulation of high voltage equipment. The PD detection using acoustic technique and subsequent analysis is currently an efficient method of performing non-destructive testing of GIS apparatus. A low cost PC-based acoustic PD detection instrument has been developed for the non-destructive diagnosis of GIS. This paper describes the development of a PC-based instrumentation system for partial discharge detection in GIS and some experimental results have also presented. (Author)

  12. An improved computing method for the image edge detection

    Gang Wang; Liang Xiao; Anzhi He

    2007-01-01

    The framework of detecting the image edge based on the sub-pixel multi-fractal measure (SPMM) is presented. The measure is defined, which gives the sub-pixel local distribution of the image gradient. The more precise singularity exponent of every pixel can be obtained by performing the SPMM analysis on the image. Using the singularity exponents and the multi-fractal spectrum of the image, the image can be segmented into a series of sets with different singularity exponents, thus the image edge can be detected automatically and easily. The simulation results show that the SPMM has higher quality factor in the image edge detection.

  13. Pipeline leak detection and location by on-line-correlation with a process computer

    Siebert, H.; Isermann, R.

    1977-01-01

    A method for leak detection using a correlation technique in pipelines is described. For leak detection and also for leak localisation and estimation of the leak flow recursive estimation algorithms are used. The efficiency of the methods is demonstrated with a process computer and a pipeline model operating on-line. It is shown that very small leaks can be detected. (orig.) [de

  14. Effect of noise in computed tomographic reconstructions on detectability

    Hanson, K.M.

    1982-01-01

    The detectability of features in an image is ultimately limited by the random fluctuations in density or noise present in that image. The noise in CT reconstructions arising from the statistical fluctuations in the one-dimensional input projection measurements has an unusual character owing to the reconstruction procedure. Such CT image noise differs from the white noise normally found in images in its lack of low-frequency components. The noise power spectrum of CT reconstructions can be related to the effective density of x-ray quanta detected in the projection measurements, designated as NEQ (noise-equivalent quanta). The detectability of objects that are somewhat larger than the spatial resolution is directly related to NEQ. Since contrast resolution may be defined in terms of the ability to detect large, low-contrast objects, the measurement of a CT scanner's NEQ may be used to characterize its contrast sensitivity

  15. Change Detection Algorithms for Information Assurance of Computer Networks

    Cardenas, Alvaro A

    2002-01-01

    .... In this thesis, the author will focus on the detection of three attack scenarios: the spreading of active worms throughout the Internet, distributed denial of service attacks, and routing attacks to wireless ad hoc networks...

  16. Influence of seawater intrusion on microbial communities in groundwater.

    Unno, Tatsuya; Kim, Jungman; Kim, Yumi; Nguyen, Son G; Guevarra, Robin B; Kim, Gee Pyo; Lee, Ji-Hoon; Sadowsky, Michael J

    2015-11-01

    Groundwater is the sole source of potable water on Jeju Island in the Republic of (South) Korea. Groundwater is also used for irrigation and industrial purposes, and it is severely impacted by seawater intrusion in coastal areas. Consequently, monitoring the intrusion of seawater into groundwater on Jeju is very important for health and environmental reasons. A number of studies have used hydrological models to predict the deterioration of groundwater quality caused by seawater intrusion. However, there is conflicting evidence of intrusion due to complicated environmental influences on groundwater quality. Here we investigated the use of next generation sequencing (NGS)-based microbial community analysis as a way to monitor groundwater quality and detect seawater intrusion. Pristine groundwater, groundwater from three coastal areas, and seawater were compared. Analysis of the distribution of bacterial species clearly indicated that the high and low salinity groundwater differed significantly with respect to microbial composition. While members of the family Parvularculaceae were only identified in high salinity water samples, a greater percentage of the phylum Actinobacteria was predominantly observed in pristine groundwater. In addition, we identified 48 shared operational taxonomic units (OTUs) with seawater, among which the high salinity groundwater sample shared a greater number of bacterial species with seawater (6.7%). In contrast, other groundwater samples shared less than 0.5%. Our results suggest that NGS-based microbial community analysis of groundwater may be a useful tool for monitoring groundwater quality and detect seawater intrusion. This technology may also provide additional insights in understanding hydrological dynamics. Copyright © 2015 Elsevier B.V. All rights reserved.

  17. [Accuracy of computer aided measurement for detecting dental proximal caries lesions in images of cone-beam computed tomography].

    Zhang, Z L; Li, J P; Li, G; Ma, X C

    2017-02-09

    Objective: To establish and validate a computer program used to aid the detection of dental proximal caries in the images cone beam computed tomography (CBCT) images. Methods: According to the characteristics of caries lesions in X-ray images, a computer aided detection program for proximal caries was established with Matlab and Visual C++. The whole process for caries lesion detection included image import and preprocessing, measuring average gray value of air area, choosing region of interest and calculating gray value, defining the caries areas. The program was used to examine 90 proximal surfaces from 45 extracted human teeth collected from Peking University School and Hospital of Stomatology. The teeth were then scanned with a CBCT scanner (Promax 3D). The proximal surfaces of the teeth were respectively detected by caries detection program and scored by human observer for the extent of lesions with 6-level-scale. With histologic examination serving as the reference standard, the caries detection program and the human observer performances were assessed with receiver operating characteristic (ROC) curves. Student t -test was used to analyze the areas under the ROC curves (AUC) for the differences between caries detection program and human observer. Spearman correlation coefficient was used to analyze the detection accuracy of caries depth. Results: For the diagnosis of proximal caries in CBCT images, the AUC values of human observers and caries detection program were 0.632 and 0.703, respectively. There was a statistically significant difference between the AUC values ( P= 0.023). The correlation between program performance and gold standard (correlation coefficient r (s)=0.525) was higher than that of observer performance and gold standard ( r (s)=0.457) and there was a statistically significant difference between the correlation coefficients ( P= 0.000). Conclusions: The program that automatically detects dental proximal caries lesions could improve the

  18. The use of gold nanoparticle aggregation for DNA computing and logic-based biomolecular detection

    Lee, In-Hee; Yang, Kyung-Ae; Zhang, Byoung-Tak; Lee, Ji-Hoon; Park, Ji-Yoon; Chai, Young Gyu; Lee, Jae-Hoon

    2008-01-01

    The use of DNA molecules as a physical computational material has attracted much interest, especially in the area of DNA computing. DNAs are also useful for logical control and analysis of biological systems if efficient visualization methods are available. Here we present a quick and simple visualization technique that displays the results of the DNA computing process based on a colorimetric change induced by gold nanoparticle aggregation, and we apply it to the logic-based detection of biomolecules. Our results demonstrate its effectiveness in both DNA-based logical computation and logic-based biomolecular detection

  19. Intrusive Images in Psychological Disorders

    Brewin, Chris R.; Gregory, James D.; Lipton, Michelle; Burgess, Neil

    2010-01-01

    Involuntary images and visual memories are prominent in many types of psychopathology. Patients with posttraumatic stress disorder, other anxiety disorders, depression, eating disorders, and psychosis frequently report repeated visual intrusions corresponding to a small number of real or imaginary events, usually extremely vivid, detailed, and with highly distressing content. Both memory and imagery appear to rely on common networks involving medial prefrontal regions, posterior regions in th...

  20. Detectability in the presence of computed tomographic reconstruction noise

    Hanson, K.M.

    1977-01-01

    The multitude of commercial computed tomographic (CT) scanners which have recently been introduced for use in diagnostic radiology has given rise to a need to compare these different machines in terms of image quality and dose to the patient. It is therefore desirable to arrive at a figure of merit for a CT image which gives a measure of the diagnostic efficacy of that image. This figure of merit may well be dependent upon the specific visual task being performed. It is clearly important that the capabilities and deficiencies of the human observer as well as the interface between man and machine, namely the viewing system, be taken into account in formulating the figure of merit. Since the CT reconstruction is the result of computer processing, it is possible to use this processing to alter the characteristics of the displayed images. This image processing may improve or degrade the figure of merit

  1. USBcat - Towards an Intrusion Surveillance Toolset

    Chris Chapman

    2014-10-01

    Full Text Available This paper identifies an intrusion surveillance framework which provides an analyst with the ability to investigate and monitor cyber-attacks in a covert manner. Where cyber-attacks are perpetrated for the purposes of espionage the ability to understand an adversary's techniques and objectives are an important element in network and computer security. With the appropriate toolset, security investigators would be permitted to perform both live and stealthy counter-intelligence operations by observing the behaviour and communications of the intruder. Subsequently a more complete picture of the attacker's identity, objectives, capabilities, and infiltration could be formulated than is possible with present technologies. This research focused on developing an extensible framework to permit the covert investigation of malware. Additionally, a Universal Serial Bus (USB Mass Storage Device (MSD based covert channel was designed to enable remote command and control of the framework. The work was validated through the design, implementation and testing of a toolset.

  2. Article Commentary: Computer-Aided Detection of Breast Cancer — Have All Bases Been Covered?

    Gautam S. Muralidhar

    2008-01-01

    Full Text Available The use of computer-aided detection (CAD systems in mammography has been the subject of intense research for many years. These systems have been developed with the aim of helping radiologists to detect signs of breast cancer. However, the effectiveness of CAD systems in practice has sparked recent debate. In this commentary, we argue that computer-aided detection will become an increasingly important tool for radiologists in the early detection of breast cancer, but there are some important issues that need to be given greater focus in designing CAD systems if they are to reach their full potential.

  3. Using new edges for anomaly detection in computer networks

    Neil, Joshua Charles

    2015-05-19

    Creation of new edges in a network may be used as an indication of a potential attack on the network. Historical data of a frequency with which nodes in a network create and receive new edges may be analyzed. Baseline models of behavior among the edges in the network may be established based on the analysis of the historical data. A new edge that deviates from a respective baseline model by more than a predetermined threshold during a time window may be detected. The new edge may be flagged as potentially anomalous when the deviation from the respective baseline model is detected. Probabilities for both new and existing edges may be obtained for all edges in a path or other subgraph. The probabilities may then be combined to obtain a score for the path or other subgraph. A threshold may be obtained by calculating an empirical distribution of the scores under historical conditions.

  4. Computer Aided Detection of Breast Masses in Digital Tomosynthesis

    2008-06-01

    of unknown pathology , all other ROIs generated from that specific subject’s reconstructed volumes were excluded from the KB. For scheme B, all the FPs...query ROI of unknown pathology , all other ROIs generated from that specific subject’s reconstructed volumes were excluded from the KB. For scheme B...Qian, L. Li, and L.P. Clarke, "Image feature extraction for mass detection in digital mammography: Influence of wavelet analysis." Med. Phys. 26

  5. Deception Detection in a Computer-Mediated Environment: Gender, Trust, and Training Issues

    Dziubinski, Monica

    2003-01-01

    .... This research draws on communication and deception literature to develop a conceptual model proposing relationships between deception detection abilities in a computer-mediated environment, gender, trust, and training...

  6. Incidentally Detected Enhancing Breast Lesions on Chest Computed Tomography

    Lin, Wen Chiung; Hsu, Hsian He; Yu, Jyh Cherng; Hsu, Giu Cheng; Yu, Cheng Ping; Chang, Tsun Hou; Huang, Guo Shu; Li, Chao Shiang

    2011-01-01

    To evaluate the nature and imaging appearance of incidental enhancing breast lesions detected on a routine contrast-enhanced chest CT. Twenty-three patients with incidental enhancing breast lesions on contrast-enhanced chest CT were retrospectively reviewed. The breast lesions were reviewed by unenhanced and enhanced CT, and evaluated by observing the shapes, margins, enhancement patterns and backgrounds of breast lesions. A histopathologic diagnosis or long-term follow-up served as reference standard. Sixteen (70%) patients had malignant breast lesions and seven (30%) had benign lesions. In 10 patients, the breast lesions were exclusively detected on contrast-enhanced CT. Using unenhanced CT, breast lesions with fi broglandular backgrounds were prone to be obscured (p < 0.001). Incidental primary breast cancer showed an non-significant trend of a higher percentage irregular margin (p = 0.056). All of the four incidental breast lesions with non-mass-like enhancement were proven to be malignant. Routine contrast-enhanced chest CT can reveal sufficient details to allow for the detection of unsuspected breast lesions, in which some cases may be proven as malignant. An irregular margin of incidental enhancing breast lesion can be considered a suggestive sign of malignancy

  7. Computed Tomography Features of Incidentally Detected Diffuse Thyroid Disease

    Myung Ho Rho

    2014-01-01

    Full Text Available Objective. This study aimed to evaluate the CT features of incidentally detected DTD in the patients who underwent thyroidectomy and to assess the diagnostic accuracy of CT diagnosis. Methods. We enrolled 209 consecutive patients who received preoperative neck CT and subsequent thyroid surgery. Neck CT in each case was retrospectively investigated by a single radiologist. We evaluated the diagnostic accuracy of individual CT features and the cut-off CT criteria for detecting DTD by comparing the CT features with histopathological results. Results. Histopathological examination of the 209 cases revealed normal thyroid (n=157, Hashimoto thyroiditis (n=17, non-Hashimoto lymphocytic thyroiditis (n=34, and diffuse hyperplasia (n=1. The CT features suggestive of DTD included low attenuation, inhomogeneous attenuation, increased glandular size, lobulated margin, and inhomogeneous enhancement. ROC curve analysis revealed that CT diagnosis of DTD based on the CT classification of “3 or more” abnormal CT features was superior. When the “3 or more” CT classification was selected, the sensitivity, specificity, positive and negative predictive values, and accuracy of CT diagnosis for DTD were 55.8%, 95.5%, 80.6%, 86.7%, and 85.6%, respectively. Conclusion. Neck CT may be helpful for the detection of incidental DTD.

  8. Automatic pitch detection for a computer game interface

    Fonseca Solis, Juan M.

    2015-01-01

    A software able to recognize notes played by musical instruments is created through automatic pitch recognition. A pitch recognition algorithm is embedded into a software project, using the C implementation of SWIPEP. A memory game is chosen for project. A sequence of notes is listened and played by user to the computer, using a soprano recorder flute. The basic concepts to understand the acoustic phenomena involved are explained. The paper is aimed for all students with basic programming knowledge and want to incorporate sound processing to their projects. (author) [es

  9. USBeSafe: Applying One Class SVM for Effective USB Event Anomaly Detection

    2016-04-25

    2012. [5] Phil Muncaster. Indian navy computers stormed by malware-ridden USBs. 2012. [6] Ponemon. 2011 Second Annual Cost of Cyber Crime Study...Zhang, and Shanshan Sun. “A mixed unsu- pervised clustering-based intrusion detection model”. In: Genetic and Evolutionary Computing, 2009. WGEC’09

  10. Automatic Extraction and Coordination of Audit Data and Features for Intrusion and Damage Assessment

    Ye, Nong

    2006-01-01

    .... We create a new attack-norm separation approach to developing detection models for building cyber sensors monitoring and identifying intrusion data characteristics at various points along the path...

  11. Reproducibility of Computer-Aided Detection Marks in Digital Mammography

    Kim, Seung Ja; Moon, Woo Kyung; Cho, Nariya; Kim, Sun Mi; Im, Jung Gi; Cha, Joo Hee

    2007-01-01

    To evaluate the performance and reproducibility of a computeraided detection (CAD) system in mediolateral oblique (MLO) digital mammograms taken serially, without release of breast compression. A CAD system was applied preoperatively to the fulfilled digital mammograms of two MLO views taken without release of breast compression in 82 patients (age range: 33 83 years; mean age: 49 years) with previously diagnosed breast cancers. The total number of visible lesion components in 82 patients was 101: 66 masses and 35 microcalcifications. We analyzed the sensitivity and reproducibility of the CAD marks. The sensitivity of the CAD system for first MLO views was 71% (47/66) for masses and 80% (28/35) for microcalcifications. The sensitivity of the CAD system for second MLO views was 68% (45/66) for masses and 17% (6/35) for microcalcifications. In 84 ipsilateral serial MLO image sets (two patients had bilateral cancers), identical images, regardless of the existence of CAD marks, were obtained for 35% (29/84) and identical images with CAD marks were obtained for 29% (23/78). Identical images, regardless of the existence of CAD marks, for contralateral MLO images were 65% (52/80) and identical images with CAD marks were obtained for 28% (11/39). The reproducibility of CAD marks for the true positive masses in serial MLO views was 84% (42/50) and that for the true positive microcalcifications was 0% (0/34). The CAD system in digital mammograms showed a high sensitivity for detecting masses and microcalcifications. However, reproducibility of microcalcification marks was very low in MLO views taken serially without release of breast compression. Minute positional change and patient movement can alter the images and result in a significant effect on the algorithm utilized by the CAD for detecting microcalcifications

  12. Computational optimisation of targeted DNA sequencing for cancer detection

    Martinez, Pierre; McGranahan, Nicholas; Birkbak, Nicolai Juul

    2013-01-01

    Despite recent progress thanks to next-generation sequencing technologies, personalised cancer medicine is still hampered by intra-tumour heterogeneity and drug resistance. As most patients with advanced metastatic disease face poor survival, there is need to improve early diagnosis. Analysing...... detection. Dividing 4,467 samples into one discovery and two independent validation cohorts, we show that up to 76% of 10 cancer types harbour at least one mutation in a panel of only 25 genes, with high sensitivity across most tumour types. Our analyses demonstrate that targeting "hotspot" regions would...

  13. Detection of Failure in Asynchronous Motor Using Soft Computing Method

    Vinoth Kumar, K.; Sony, Kevin; Achenkunju John, Alan; Kuriakose, Anto; John, Ano P.

    2018-04-01

    This paper investigates the stator short winding failure of asynchronous motor also their effects on motor current spectrums. A fuzzy logic approach i.e., model based technique possibly will help to detect the asynchronous motor failure. Actually, fuzzy logic similar to humanoid intelligent methods besides expected linguistic empowering inferences through vague statistics. The dynamic model is technologically advanced for asynchronous motor by means of fuzzy logic classifier towards investigate the stator inter turn failure in addition open phase failure. A hardware implementation was carried out with LabVIEW for the online-monitoring of faults.

  14. Evaluation of intrusion sensors and video assessment in areas of restricted passage

    Hoover, C.E.; Ringler, C.E.

    1996-04-01

    This report discusses an evaluation of intrusion sensors and video assessment in areas of restricted passage. The discussion focuses on applications of sensors and video assessment in suspended ceilings and air ducts. It also includes current and proposed requirements for intrusion detection and assessment. Detection and nuisance alarm characteristics of selected sensors as well as assessment capabilities of low-cost board cameras were included in the evaluation

  15. Overlapped flowers yield detection using computer-based interface

    Anuradha Sharma

    2016-09-01

    Full Text Available Precision agriculture has always dealt with the accuracy and timely information about agricultural products. With the help of computer hardware and software technology designing a decision support system that could generate flower yield information and serve as base for management and planning of flower marketing is made so easy. Despite such technologies, some problem still arise, for example, a colour homogeneity of a specimen which cannot be obtained similar to actual colour of image and overlapping of image. In this paper implementing a new ‘counting algorithm’ for overlapped flower is being discussed. For implementing this algorithm, some techniques and operations such as colour image segmentation technique, image segmentation, using HSV colour space and morphological operations have been used. In this paper used two most popular colour space; those are RGB and HSV. HSV colour space decouples brightness from a chromatic component in the image, by which it provides better result in case for occlusion and overlapping.

  16. A two-tier system for web attack detection using linear discriminant method

    Tan, Zhiyuan; Jamdagni, Aruna; Nanda, Priyadarsi; He, Xiangjian; Liu, Ren Ping; Jia, Wenjing; Yeh, Wei-chang

    2010-01-01

    Computational cost is one of the major concerns of the commercial Intrusion Detection Systems (IDSs). Although these systems are proven to be promising in detecting network attacks, they need to check all the signatures to identify a suspicious attack in the worst case. This is time consuming. This

  17. Analysis of the United States Computer Emergency Readiness Team’s (U.S. CERT) EINSTEIN III Intrusion Detection System, and Its Impact on Privacy

    2013-03-01

    61 3. FISA and CyberSpace as a Foreign Domain ...................................62 4. Freedom of Speech and...amendment’s primary intent is to protect the freedom of speech . It states: Congress shall make no law respecting an establishment of religion, or...prohibiting the free exercise thereof; or abridging the freedom of speech , or of the press; or the right of the people peaceably to assemble, and to

  18. The efficacy of using computer-aided detection (CAD) for detection of breast cancer in mammography screening

    Henriksen, Emilie L; Carlsen, Jonathan F; Vejborg, Ilse Mm

    2018-01-01

    Background Early detection of breast cancer (BC) is crucial in lowering the mortality. Purpose To present an overview of studies concerning computer-aided detection (CAD) in screening mammography for early detection of BC and compare diagnostic accuracy and recall rates (RR) of single reading (SR......) with SR + CAD and double reading (DR) with SR + CAD. Material and Methods PRISMA guidelines were used as a review protocol. Articles on clinical trials concerning CAD for detection of BC in a screening population were included. The literature search resulted in 1522 records. A total of 1491 records were...... excluded by abstract and 18 were excluded by full text reading. A total of 13 articles were included. Results All but two studies from the SR vs. SR + CAD group showed an increased sensitivity and/or cancer detection rate (CDR) when adding CAD. The DR vs. SR + CAD group showed no significant differences...

  19. Observer training for computer-aided detection of pulmonary nodules in chest radiography

    de Boo, Diederick W.; van Hoorn, François; van Schuppen, Joost; Schijf, Laura; Scheerder, Maeke J.; Freling, Nicole J.; Mets, Onno; Weber, Michael; Schaefer-Prokop, Cornelia M.

    2012-01-01

    To assess whether short-term feedback helps readers to increase their performance using computer-aided detection (CAD) for nodule detection in chest radiography. The 140 CXRs (56 with a solitary CT-proven nodules and 84 negative controls) were divided into four subsets of 35; each were read in a

  20. Computer-assisted detection (CAD) methodology for early detection of response to pharmaceutical therapy in tuberculosis patients

    Lieberman, Robert; Kwong, Heston; Liu, Brent; Huang, H. K.

    2009-02-01

    The chest x-ray radiological features of tuberculosis patients are well documented, and the radiological features that change in response to successful pharmaceutical therapy can be followed with longitudinal studies over time. The patients can also be classified as either responsive or resistant to pharmaceutical therapy based on clinical improvement. We have retrospectively collected time series chest x-ray images of 200 patients diagnosed with tuberculosis receiving the standard pharmaceutical treatment. Computer algorithms can be created to utilize image texture features to assess the temporal changes in the chest x-rays of the tuberculosis patients. This methodology provides a framework for a computer-assisted detection (CAD) system that may provide physicians with the ability to detect poor treatment response earlier in pharmaceutical therapy. Early detection allows physicians to respond with more timely treatment alternatives and improved outcomes. Such a system has the potential to increase treatment efficacy for millions of patients each year.

  1. Salt Intrusion in the Tweed Estuary

    Uncles, R. J.; Stephens, J. A.

    1996-09-01

    Results are presented from a 2-week field programme in the Tweed Estuary, U.K. Maximum values of the empirically based Estuarine Richardson Number, Ri E, occurred during neap tides, and minimum values occurred during spring tides. Estimated values of Ri Evaried between 0·3 and 2·3, suggesting the occurrence of partially mixed to stratified conditions, depending on tidal state and freshwater inflow. These relatively large values of Ri Ewere consistent with both observed strong salinity stratification and large salt fluxes due to vertical shear transport. Low values (0·5) values in the halocline. A velocity maximum occurred within the halocline during the early flood. Wave-like spatial oscillations of the halocline occurred on the ebb. The oscillation troughs were situated above deep holes located just down-estuary of the rail and old road bridges. There was an indication that the constricted flow between the bridges' arches resulted in enhanced mixing of near-surface waters and a thickening of the halocline. It is also possible that these wave-like structures were stationary, near-critical internal lee waves, triggered by the deep holes. Trapping of high-salinity waters occurred on the ebb. Saline pools were isolated within a deep hole or deeper section of bed by the falling halocline. When the salt wedge moved further down-estuary, the ' trapped ' waters were subjected to strongly ebbing, overlying freshwater, and were subsequently entrained and flushed. The salinity intrusion was a strong function of spring-neap tidal state and a weaker function of freshwater inflow. The estimated salinity intrusion varied from about 4·7 to 7·6 km during the fieldwork period. The strong dependence on tidal range followed from the comparable lengths of the tidal excursion and salinity intrusion. Long excursion lengths were also partly responsible for the short residence (or flushing) times and their strong dependence on spring-neap tidal state. For typical summer freshwater

  2. A Sensitivity Analysis of a Computer Model-Based Leak Detection System for Oil Pipelines

    Zhe Lu; Yuntong She; Mark Loewen

    2017-01-01

    Improving leak detection capability to eliminate undetected releases is an area of focus for the energy pipeline industry, and the pipeline companies are working to improve existing methods for monitoring their pipelines. Computer model-based leak detection methods that detect leaks by analyzing the pipeline hydraulic state have been widely employed in the industry, but their effectiveness in practical applications is often challenged by real-world uncertainties. This study quantitatively ass...

  3. Computed tomography in the detection of pulmonary metastases. Improvement by application of spiral technology

    Kauczor, H.U.; Hansen, M.; Schweden, F.; Strunk, H.; Mildenberger, P.; Thelen, M.

    1994-01-01

    Computed tomography is the imaging modality of choice for detection or exclusion of pulmonary metastases. In most cases these are spheric, multiple, bilateral, and located in the peripheral areas of the middle and lower fields of the lungs. Differential diagnosis of solitary pulmonary nodules is difficult. Evaluating whether they are malignant or benign is insufficient despite the application of multiple CT criteria. Spiral computed tomography acquiring an imaging volume in a breathhold has led to significant improvement in the sensitivity of detecting pulmonary nodules. Imaging protocols are presented, and the influence of the different parameters is discussed. Although not all pulmonary metastases may be detected with spiral computed tomography, it is the most important examination when considering pulmonary metastasectomy. Computed tomography is the imaging modality of choice when monitoring pulmonary metastases during systemic therapeutic regimens by measuring all nodules or 'indicator lesions'. (orig.) [de

  4. Iterative reconstruction with boundary detection for carbon ion computed tomography

    Shrestha, Deepak; Qin, Nan; Zhang, You; Kalantari, Faraz; Niu, Shanzhou; Jia, Xun; Pompos, Arnold; Jiang, Steve; Wang, Jing

    2018-03-01

    In heavy ion radiation therapy, improving the accuracy in range prediction of the ions inside the patient’s body has become essential. Accurate localization of the Bragg peak provides greater conformity of the tumor while sparing healthy tissues. We investigated the use of carbon ions directly for computed tomography (carbon CT) to create the relative stopping power map of a patient’s body. The Geant4 toolkit was used to perform a Monte Carlo simulation of the carbon ion trajectories, to study their lateral and angular deflections and the most likely paths, using a water phantom. Geant4 was used to create carbonCT projections of a contrast and spatial resolution phantom, with a cone beam of 430 MeV/u carbon ions. The contrast phantom consisted of cranial bone, lung material, and PMMA inserts while the spatial resolution phantom contained bone and lung material inserts with line pair (lp) densities ranging from 1.67 lp cm-1 through 5 lp cm-1. First, the positions of each carbon ion on the rear and front trackers were used for an approximate reconstruction of the phantom. The phantom boundary was extracted from this approximate reconstruction, by using the position as well as angle information from the four tracking detectors, resulting in the entry and exit locations of the individual ions on the phantom surface. Subsequent reconstruction was performed by the iterative algebraic reconstruction technique coupled with total variation minimization (ART-TV) assuming straight line trajectories for the ions inside the phantom. The influence of number of projections was studied with reconstruction from five different sets of projections: 15, 30, 45, 60 and 90. Additionally, the effect of number of ions on the image quality was investigated by reducing the number of ions/projection while keeping the total number of projections at 60. An estimation of carbon ion range using the carbonCT image resulted in improved range prediction compared to the range calculated using a

  5. Computer-aided system for detecting runway incursions

    Sridhar, Banavar; Chatterji, Gano B.

    1994-07-01

    A synthetic vision system for enhancing the pilot's ability to navigate and control the aircraft on the ground is described. The system uses the onboard airport database and images acquired by external sensors. Additional navigation information needed by the system is provided by the Inertial Navigation System and the Global Positioning System. The various functions of the system, such as image enhancement, map generation, obstacle detection, collision avoidance, guidance, etc., are identified. The available technologies, some of which were developed at NASA, that are applicable to the aircraft ground navigation problem are noted. Example images of a truck crossing the runway while the aircraft flies close to the runway centerline are described. These images are from a sequence of images acquired during one of the several flight experiments conducted by NASA to acquire data to be used for the development and verification of the synthetic vision concepts. These experiments provide a realistic database including video and infrared images, motion states from the Inertial Navigation System and the Global Positioning System, and camera parameters.

  6. Computational Intelligence based techniques for islanding detection of distributed generation in distribution network: A review

    Laghari, J.A.; Mokhlis, H.; Karimi, M.; Bakar, A.H.A.; Mohamad, Hasmaini

    2014-01-01

    Highlights: • Unintentional and intentional islanding, their causes, and solutions are presented. • Remote, passive, active and hybrid islanding detection techniques are discussed. • The limitation of these techniques in accurately detect islanding are discussed. • Computational intelligence techniques ability in detecting islanding is discussed. • Review of ANN, fuzzy logic control, ANFIS, Decision tree techniques is provided. - Abstract: Accurate and fast islanding detection of distributed generation is highly important for its successful operation in distribution networks. Up to now, various islanding detection technique based on communication, passive, active and hybrid methods have been proposed. However, each technique suffers from certain demerits that cause inaccuracies in islanding detection. Computational intelligence based techniques, due to their robustness and flexibility in dealing with complex nonlinear systems, is an option that might solve this problem. This paper aims to provide a comprehensive review of computational intelligence based techniques applied for islanding detection of distributed generation. Moreover, the paper compares the accuracies of computational intelligence based techniques over existing techniques to provide a handful of information for industries and utility researchers to determine the best method for their respective system

  7. [Analysis of intrusion errors in free recall].

    Diesfeldt, H F A

    2017-06-01

    Extra-list intrusion errors during five trials of the eight-word list-learning task of the Amsterdam Dementia Screening Test (ADST) were investigated in 823 consecutive psychogeriatric patients (87.1% suffering from major neurocognitive disorder). Almost half of the participants (45.9%) produced one or more intrusion errors on the verbal recall test. Correct responses were lower when subjects made intrusion errors, but learning slopes did not differ between subjects who committed intrusion errors and those who did not so. Bivariate regression analyses revealed that participants who committed intrusion errors were more deficient on measures of eight-word recognition memory, delayed visual recognition and tests of executive control (the Behavioral Dyscontrol Scale and the ADST-Graphical Sequences as measures of response inhibition). Using hierarchical multiple regression, only free recall and delayed visual recognition retained an independent effect in the association with intrusion errors, such that deficient scores on tests of episodic memory were sufficient to explain the occurrence of intrusion errors. Measures of inhibitory control did not add significantly to the explanation of intrusion errors in free recall, which makes insufficient strength of memory traces rather than a primary deficit in inhibition the preferred account for intrusion errors in free recall.

  8. An international perspective on Facebook intrusion.

    Błachnio, Agata; Przepiorka, Aneta; Benvenuti, Martina; Cannata, Davide; Ciobanu, Adela Magdalena; Senol-Durak, Emre; Durak, Mithat; Giannakos, Michail N; Mazzoni, Elvis; Pappas, Ilias O; Popa, Camelia; Seidman, Gwendolyn; Yu, Shu; Wu, Anise M S; Ben-Ezra, Menachem

    2016-08-30

    Facebook has become one of the most popular social networking websites in the world. The main aim of the study was to present an international comparison of Facebook intrusion and Internet penetration while examining possible gender differences. The study consisted of 2589 participants from eight countries: China, Greece, Israel, Italy, Poland, Romania, Turkey, USA. Facebook intrusion and Internet penetration were taken into consideration. In this study the relationship between Facebook intrusion and Internet penetration was demonstrated. Facebook intrusion was slightly negatively related to Internet penetration in each country. Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.

  9. Intrusive Images in Psychological Disorders

    Brewin, Chris R.; Gregory, James D.; Lipton, Michelle; Burgess, Neil

    2010-01-01

    Involuntary images and visual memories are prominent in many types of psychopathology. Patients with posttraumatic stress disorder, other anxiety disorders, depression, eating disorders, and psychosis frequently report repeated visual intrusions corresponding to a small number of real or imaginary events, usually extremely vivid, detailed, and with highly distressing content. Both memory and imagery appear to rely on common networks involving medial prefrontal regions, posterior regions in the medial and lateral parietal cortices, the lateral temporal cortex, and the medial temporal lobe. Evidence from cognitive psychology and neuroscience implies distinct neural bases to abstract, flexible, contextualized representations (C-reps) and to inflexible, sensory-bound representations (S-reps). We revise our previous dual representation theory of posttraumatic stress disorder to place it within a neural systems model of healthy memory and imagery. The revised model is used to explain how the different types of distressing visual intrusions associated with clinical disorders arise, in terms of the need for correct interaction between the neural systems supporting S-reps and C-reps via visuospatial working memory. Finally, we discuss the treatment implications of the new model and relate it to existing forms of psychological therapy. PMID:20063969

  10. Numerical Continuation Methods for Intrusive Uncertainty Quantification Studies

    Safta, Cosmin [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Najm, Habib N. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Phipps, Eric Todd [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2014-09-01

    Rigorous modeling of engineering systems relies on efficient propagation of uncertainty from input parameters to model outputs. In recent years, there has been substantial development of probabilistic polynomial chaos (PC) Uncertainty Quantification (UQ) methods, enabling studies in expensive computational models. One approach, termed ”intrusive”, involving reformulation of the governing equations, has been found to have superior computational performance compared to non-intrusive sampling-based methods in relevant large-scale problems, particularly in the context of emerging architectures. However, the utility of intrusive methods has been severely limited due to detrimental numerical instabilities associated with strong nonlinear physics. Previous methods for stabilizing these constructions tend to add unacceptably high computational costs, particularly in problems with many uncertain parameters. In order to address these challenges, we propose to adapt and improve numerical continuation methods for the robust time integration of intrusive PC system dynamics. We propose adaptive methods, starting with a small uncertainty for which the model has stable behavior and gradually moving to larger uncertainty where the instabilities are rampant, in a manner that provides a suitable solution.

  11. Intrusive and Non-Intrusive Load Monitoring (A Survey

    Marco Danilo Burbano Acuña

    2015-05-01

    Full Text Available There is not discussion about the need of energyconservation, it is well known that energy resources are limitedmoreover the global energy demands will double by the end of2030, which certainly will bring implications on theenvironment and hence to all of us.Non-Intrusive load monitoring (NILM is the process ofrecognize electrical devices and its energy consumption basedon whole home electric signals, where this aggregated load datais acquired from a single point of measurement outside thehousehold. The aim of this approach is to get optimal energyconsumption and avoid energy wastage. Intrusive loadmonitoring (ILM is the process of identify and locate singledevices through the use of sensing systems to support control,monitor and intervention of such devices. The aim of thisapproach is to offer a base for the development of importantapplications for remote and automatic intervention of energyconsumption inside buildings and homes as well. For generalpurposes this paper states a general framework of NILM andILM approaches.Appliance discerns can be tackled using approaches fromdata mining and machine learning, finding out the techniquesthat fit the best this requirements, is a key factor for achievingfeasible and suitable appliance load monitoring solutions. Thispaper presents common and interesting methods used.Privacy concerns have been one of the bigger obstacles forimplementing a widespread adoption of these solutions; despitethis fact, developed countries like those inside the EU and theUK have established a deadline for the implementation ofsmart meters in the whole country, whereas USA governmentstill struggles with the acceptance of this solution by itscitizens.The implementation of security over these approachesalong with fine-grained energy monitoring would lead to abetter public agreement of these solutions and hence a fasteradoption of such approaches. This paper reveals a lack ofsecurity over these approaches with a real scenario.

  12. Trouble Brewing: Using Observations of Invariant Behavior to Detect Malicious Agency in Distributed Control Systems

    McEvoy, Thomas Richard; Wolthusen, Stephen D.

    Recent research on intrusion detection in supervisory data acquisition and control (SCADA) and DCS systems has focused on anomaly detection at protocol level based on the well-defined nature of traffic on such networks. Here, we consider attacks which compromise sensors or actuators (including physical manipulation), where intrusion may not be readily apparent as data and computational states can be controlled to give an appearance of normality, and sensor and control systems have limited accuracy. To counter these, we propose to consider indirect relations between sensor readings to detect such attacks through concurrent observations as determined by control laws and constraints.

  13. Rapid Detection of Biological and Chemical Threat Agents Using Physical Chemistry, Active Detection, and Computational Analysis

    Chung, Myung; Dong, Li; Fu, Rong; Liotta, Lance; Narayanan, Aarthi; Petricoin, Emanuel; Ross, Mark; Russo, Paul; Zhou, Weidong; Luchini, Alessandra; Manes, Nathan; Chertow, Jessica; Han, Suhua; Kidd, Jessica; Senina, Svetlana; Groves, Stephanie

    2007-01-01

    Basic technologies have been successfully developed within this project: rapid collection of aerosols and a rapid ultra-sensitive immunoassay technique. Water-soluble, humidity-resistant polyacrylamide nano-filters were shown to (1) capture aerosol particles as small as 20 nm, (2) work in humid air and (3) completely liberate their captured particles in an aqueous solution compatible with the immunoassay technique. The immunoassay technology developed within this project combines electrophoretic capture with magnetic bead detection. It allows detection of as few as 150-600 analyte molecules or viruses in only three minutes, something no other known method can duplicate. The technology can be used in a variety of applications where speed of analysis and/or extremely low detection limits are of great importance: in rapid analysis of donor blood for hepatitis, HIV and other blood-borne infections in emergency blood transfusions, in trace analysis of pollutants, or in search of biomarkers in biological fluids. Combined in a single device, the water-soluble filter and ultra-sensitive immunoassay technique may solve the problem of early warning type detection of aerosolized pathogens. These two technologies are protected with five patent applications and are ready for commercialization.

  14. Human intrusion: issues concerning its assessment

    Grimwood, P.D.; Smith, G.M.

    1989-01-01

    The potential significance of human intrusion in the performance assessment of radioactive waste repositories has been increasingly recognized in recent years. It is however an area of assessment in which subjective judgments dominate. This paper identifies some of the issues involved. These include regulatory criteria, scenario development, probability assignment, consequence assessment and measures to mitigate human intrusion

  15. Difficulties encountered managing nodules detected during a computed tomography lung cancer screening program.

    Veronesi, Giulia; Bellomi, Massimo; Scanagatta, Paolo; Preda, Lorenzo; Rampinelli, Cristiano; Guarize, Juliana; Pelosi, Giuseppe; Maisonneuve, Patrick; Leo, Francesco; Solli, Piergiorgio; Masullo, Michele; Spaggiari, Lorenzo

    2008-09-01

    The main challenge of screening a healthy population with low-dose computed tomography is to balance the excessive use of diagnostic procedures with the risk of delayed cancer detection. We evaluated the pitfalls, difficulties, and sources of mistakes in the management of lung nodules detected in volunteers in the Cosmos single-center screening trial. A total of 5201 asymptomatic high-risk volunteers underwent screening with multidetector low-dose computed tomography. Nodules detected at baseline or new nodules at annual screening received repeat low-dose computed tomography at 1 year if less than 5 mm, repeat low-dose computed tomography 3 to 6 months later if between 5 and 8 mm, and fluorodeoxyglucose positron emission tomography if more than 8 mm. Growing nodules at the annual screening received low-dose computed tomography at 6 months and computed tomography-positron emission tomography or surgical biopsy according to doubling time, type, and size. During the first year of screening, 106 patients underwent lung biopsy and 91 lung cancers were identified (70% were stage I). Diagnosis was delayed (false-negative) in 6 patients (stage IIB in 1 patient, stage IIIA in 3 patients, and stage IV in 2 patients), including 2 small cell cancers and 1 central lesion. Surgical biopsy revealed benign disease (false-positives) in 15 cases (14%). Positron emission tomography sensitivity was 88% for prevalent cancers and 70% for cancers diagnosed after first annual screening. No needle biopsy procedures were performed in this cohort of patients. Low-dose computed tomography screening is effective for the early detection of lung cancers, but nodule management remains a challenge. Computed tomography-positron emission tomography is useful at baseline, but its sensitivity decreases significantly the subsequent year. Multidisciplinary management and experience are crucial for minimizing misdiagnoses.

  16. Role of Computer Aided Diagnosis (CAD) in the detection of pulmonary nodules on 64 row multi detector computed tomography.

    Prakashini, K; Babu, Satish; Rajgopal, K V; Kokila, K Raja

    2016-01-01

    To determine the overall performance of an existing CAD algorithm with thin-section computed tomography (CT) in the detection of pulmonary nodules and to evaluate detection sensitivity at a varying range of nodule density, size, and location. A cross-sectional prospective study was conducted on 20 patients with 322 suspected nodules who underwent diagnostic chest imaging using 64-row multi-detector CT. The examinations were evaluated on reconstructed images of 1.4 mm thickness and 0.7 mm interval. Detection of pulmonary nodules, initially by a radiologist of 2 years experience (RAD) and later by CAD lung nodule software was assessed. Then, CAD nodule candidates were accepted or rejected accordingly. Detected nodules were classified based on their size, density, and location. The performance of the RAD and CAD system was compared with the gold standard that is true nodules confirmed by consensus of senior RAD and CAD together. The overall sensitivity and false-positive (FP) rate of CAD software was calculated. Of the 322 suspected nodules, 221 were classified as true nodules on the consensus of senior RAD and CAD together. Of the true nodules, the RAD detected 206 (93.2%) and 202 (91.4%) by the CAD. CAD and RAD together picked up more number of nodules than either CAD or RAD alone. Overall sensitivity for nodule detection with the CAD program was 91.4%, and FP detection per patient was 5.5%. The CAD showed comparatively higher sensitivity for nodules of size 4-10 mm (93.4%) and nodules in hilar (100%) and central (96.5%) location when compared to RAD's performance. CAD performance was high in detecting pulmonary nodules including the small size and low-density nodules. CAD even with relatively high FP rate, assists and improves RAD's performance as a second reader, especially for nodules located in the central and hilar region and for small nodules by saving RADs time.

  17. Image covariance and lesion detectability in direct fan-beam x-ray computed tomography.

    Wunderlich, Adam; Noo, Frédéric

    2008-05-21

    We consider noise in computed tomography images that are reconstructed using the classical direct fan-beam filtered backprojection algorithm, from both full- and short-scan data. A new, accurate method for computing image covariance is presented. The utility of the new covariance method is demonstrated by its application to the implementation of a channelized Hotelling observer for a lesion detection task. Results from the new covariance method and its application to the channelized Hotelling observer are compared with results from Monte Carlo simulations. In addition, the impact of a bowtie filter and x-ray tube current modulation on reconstruction noise and lesion detectability are explored for full-scan reconstruction.

  18. Robust fault detection of linear systems using a computationally efficient set-membership method

    Tabatabaeipour, Mojtaba; Bak, Thomas

    2014-01-01

    In this paper, a computationally efficient set-membership method for robust fault detection of linear systems is proposed. The method computes an interval outer-approximation of the output of the system that is consistent with the model, the bounds on noise and disturbance, and the past measureme...... is trivially parallelizable. The method is demonstrated for fault detection of a hydraulic pitch actuator of a wind turbine. We show the effectiveness of the proposed method by comparing our results with two zonotope-based set-membership methods....

  19. Experimental detection of nonclassical correlations in mixed-state quantum computation

    Passante, G.; Moussa, O.; Trottier, D. A.; Laflamme, R.

    2011-01-01

    We report on an experiment to detect nonclassical correlations in a highly mixed state. The correlations are characterized by the quantum discord and are observed using four qubits in a liquid-state nuclear magnetic resonance quantum information processor. The state analyzed is the output of a DQC1 computation, whose input is a single quantum bit accompanied by n maximally mixed qubits. This model of computation outperforms the best known classical algorithms and, although it contains vanishing entanglement, it is known to have quantum correlations characterized by the quantum discord. This experiment detects nonvanishing quantum discord, ensuring the existence of nonclassical correlations as measured by the quantum discord.

  20. Image covariance and lesion detectability in direct fan-beam x-ray computed tomography

    Wunderlich, Adam; Noo, Frederic

    2008-01-01

    We consider noise in computed tomography images that are reconstructed using the classical direct fan-beam filtered backprojection algorithm, from both full- and short-scan data. A new, accurate method for computing image covariance is presented. The utility of the new covariance method is demonstrated by its application to the implementation of a channelized Hotelling observer for a lesion detection task. Results from the new covariance method and its application to the channelized Hotelling observer are compared with results from Monte Carlo simulations. In addition, the impact of a bowtie filter and x-ray tube current modulation on reconstruction noise and lesion detectability are explored for full-scan reconstruction

  1. Performance of computer-aided diagnosis for detection of lacunar infarcts on brain MR images: ROC analysis of radiologists' detection

    Uchiyama, Y.; Yokoyama, R.; Hara, T.; Fujita, H.; Asano, T.; Kato, H.; Hoshi, H.; Yamakawa, H.; Iwama, T.; Ando, H.; Yamakawa, H.

    2007-01-01

    The detection and management of asymptomatic lacunar infarcts on magnetic resonance (MR) images are important tasks for radiologists to ensure the prevention of sever cerebral infarctions. However, accurate identification of lacunar infarcts is a difficult. Therefore, we developed a computer-aided diagnosis (CAD) scheme for detection of lacunar infarcts. The purpose of this study was to evaluate radiologists' performance in detection of lacunar infarcts without and with use of CAD scheme. 30 T1- and 30 T2- weighted images obtained from 30 patients were used for an observer study, which were consisted of 15 cases with a single lacunar infarct and 15 cases without any lacunar infarct. Six radiologists participated in the observer study. They interpreted lacunar infarcts first without and then with use of the scheme. For all six observers, average area under the receiver operating characteristic curve value was increased from 0.920 to 0.965 when they used the computer output. This CAD scheme might have the potential to improve the accuracy of radiologists' performance in the detection of lacunar infarcts on MR images. (orig.)

  2. Computer-aided detection and automated CT volumetry of pulmonary nodules

    Marten, Katharina; Engelke, Christoph

    2007-01-01

    With use of multislice computed tomography (MSCT), small pulmonary nodules are being detected in vast numbers, constituting the majority of all noncalcified lung nodules. Although the prevalence of lung cancers among such lesions in lung cancer screening populations is low, their isolation may contribute to increased patient survival. Computer-aided diagnosis (CAD) has emerged as a diverse set of diagnostic tools to handle the large number of images in MSCT datasets and most importantly, includes automated detection and volumetry of pulmonary nodules. Current CAD systems can significantly enhance experienced radiologists' performance and outweigh human limitations in identifying small lesions and manually measuring their diameters, augment observer consistency in the interpretation of such examinations and may thus help to detect significantly higher rates of early malignomas and give more precise estimates on chemotherapy response than can radiologists alone. In this review, we give an overview of current CAD in lung nodule detection and volumetry and discuss their relative merits and limitations. (orig.)

  3. Contributions of non-intrusive coupling in nonlinear structural mechanics

    Duval, Mickael

    2016-01-01

    This PhD thesis, part of the ANR ICARE project, aims at developing methods for complex analysis of large scale structures. The scientific challenge is to investigate very localised areas, but potentially critical as of mechanical systems resilience. Classically, representation models, discretizations, mechanical behaviour models and numerical tools are used at both global and local scales for simulation needs of graduated complexity. Global problem is handled by a generic code with topology (plate formulation, geometric approximation...) and behaviour (homogenization) simplifications while local analysis needs implementation of specialized tools (routines, dedicated codes) for an accurate representation of the geometry and behaviour. The main goal of this thesis is to develop an efficient non-intrusive coupling tool for multi-scale and multi-model structural analysis. Constraints of non-intrusiveness result in the non-modification of the stiffness operator, connectivity and the global model solver, allowing to work in a closed source software environment. First, we provide a detailed study of global/local non-intrusive coupling algorithm. Making use of several relevant examples (cracking, elastic-plastic behaviour, contact...), we show the efficiency and the flexibility of such coupling method. A comparative analysis of several optimisation tools is also carried on, and the interacting multiple patches situation is handled. Then, non-intrusive coupling is extended to globally non-linear cases, and a domain decomposition method with non-linear re-localization is proposed. Such methods allowed us to run a parallel computation using only sequential software, on a high performance computing cluster. Finally, we apply the coupling algorithm to mesh refinement with patches of finite elements. We develop an explicit residual based error estimator suitable for multi-scale solutions arising from the non-intrusive coupling, and apply it inside an error driven local mesh

  4. Cloud Computing Security

    Ngongang, Guy

    2011-01-01

    This project aimed to show how possible it is to use a network intrusion detection system in the cloud. The security in the cloud is a concern nowadays and security professionals are still finding means to make cloud computing more secure. First of all the installation of the ESX4.0, vCenter Server and vCenter lab manager in server hardware was successful in building the platform. This allowed the creation and deployment of many virtual servers. Those servers have operating systems and a...

  5. SU-F-I-43: A Software-Based Statistical Method to Compute Low Contrast Detectability in Computed Tomography Images

    Chacko, M; Aldoohan, S [University of Oklahoma Health Sciences Center, Oklahoma City, OK (United States)

    2016-06-15

    Purpose: The low contrast detectability (LCD) of a CT scanner is its ability to detect and display faint lesions. The current approach to quantify LCD is achieved using vendor-specific methods and phantoms, typically by subjectively observing the smallest size object at a contrast level above phantom background. However, this approach does not yield clinically applicable values for LCD. The current study proposes a statistical LCD metric using software tools to not only to assess scanner performance, but also to quantify the key factors affecting LCD. This approach was developed using uniform QC phantoms, and its applicability was then extended under simulated clinical conditions. Methods: MATLAB software was developed to compute LCD using a uniform image of a QC phantom. For a given virtual object size, the software randomly samples the image within a selected area, and uses statistical analysis based on Student’s t-distribution to compute the LCD as the minimal Hounsfield Unit’s that can be distinguished from the background at the 95% confidence level. Its validity was assessed by comparison with the behavior of a known QC phantom under various scan protocols and a tissue-mimicking phantom. The contributions of beam quality and scattered radiation upon the computed LCD were quantified by using various external beam-hardening filters and phantom lengths. Results: As expected, the LCD was inversely related to object size under all scan conditions. The type of image reconstruction kernel filter and tissue/organ type strongly influenced the background noise characteristics and therefore, the computed LCD for the associated image. Conclusion: The proposed metric and its associated software tools are vendor-independent and can be used to analyze any LCD scanner performance. Furthermore, the method employed can be used in conjunction with the relationships established in this study between LCD and tissue type to extend these concepts to patients’ clinical CT

  6. Computer-aided detection of lung nodules in digital chest radiographs

    Giger, M.L.; Doi, K.; MacMahon, H.M.

    1986-01-01

    The authors are developing an automated method to detect lung nodules by eliminating the ''camouflaging: effect of the lung background. In order to increase the conspicuity of the nodules, we created, from a single chest radiograph, two images: one in which the signal-to-noise ratio (S/N) of the nodule is maximized and another in which that S/N is suppressed. The difference between these two processed images was subjected to feature-extraction technique in order to isolate the nodules. The detection accuracy of the computer-aided detection scheme, as compared with unaided radiologists' performance, was determined using receiver operating characteristic curve analysis

  7. Performance of computer-aided detection applied to full-field digital mammography in detection of breast cancers

    Sadaf, Arifa; Crystal, Pavel; Scaranelo, Anabel; Helbich, Thomas

    2011-01-01

    Objective: The aim of this retrospective study was to evaluate performance of computer-aided detection (CAD) with full-field digital mammography (FFDM) in detection of breast cancers. Materials and Methods: CAD was retrospectively applied to standard mammographic views of 127 cases with biopsy proven breast cancers detected with FFDM (Senographe 2000, GE Medical Systems). CAD sensitivity was assessed in total group of 127 cases and for subgroups based on breast density, mammographic lesion type, mammographic lesion size, histopathology and mode of presentation. Results: Overall CAD sensitivity was 91% (115 of 127 cases). There were no statistical differences (p > 0.1) in CAD detection of cancers in dense breasts 90% (53/59) versus non-dense breasts 91% (62/68). There was statistical difference (p 20 mm 97% (22/23). Conclusion: CAD applied to FFDM showed 100% sensitivity in identifying cancers manifesting as microcalcifications only and high sensitivity 86% (71/83) for other mammographic appearances of cancer. Sensitivity is influenced by lesion size. CAD in FFDM is an adjunct helping radiologist in early detection of breast cancers.

  8. Accuracy of detecting stenotic changes on coronary cineangiograms using computer image processing

    Sugahara, Tetsuo; Kimura, Koji; Maeda, Hirofumi.

    1990-01-01

    To accurately interprets stenotic changes on coronary cineangiograms, an automatic method of detecting stenotic lesion using computer image processing was developed. First, tracing of artery was performed. The vessel edges were then determined by unilateral Gaussian fitting. The stenotic change was detected on the basis of the reference diameter estimated by Hough transformation. This method was evaluated in 132 segments of 27 arteries in 18 patients. Three observers carried out visual interpretation and computer-aided interpretation. The rate of detection by visual interpretation was 6.1, 28.8 and 20.5%, and by computer-aided interpretation, 39.4, 39.4 and 45.5%. With computer-aided interpretation, the agreement between any two observers on lesions and non-lesions was 40.2% and 59.8%, respectively. Therefore, visual interpretation tended to underestimate the stenotic changes on coronary cineangiograms. We think that computer-aided interpretation increase the reliability of diagnosis on coronary cineangiograms. (author)

  9. Computer-aided detection in breast MRI : a systematic review and meta-analysis

    Dorrius, Monique D.; Jansen-van der Weide, Marijke C.; van Ooijen, Peter M. A.; Pijnappel, Ruud M.; Oudkerk, Matthijs

    To evaluate the additional value of computer-aided detection (CAD) in breast MRI by assessing radiologists' accuracy in discriminating benign from malignant breast lesions. A literature search was performed with inclusion of relevant studies using a commercially available CAD system with automatic

  10. Automated Detection of Heuristics and Biases among Pathologists in a Computer-Based System

    Crowley, Rebecca S.; Legowski, Elizabeth; Medvedeva, Olga; Reitmeyer, Kayse; Tseytlin, Eugene; Castine, Melissa; Jukic, Drazen; Mello-Thoms, Claudia

    2013-01-01

    The purpose of this study is threefold: (1) to develop an automated, computer-based method to detect heuristics and biases as pathologists examine virtual slide cases, (2) to measure the frequency and distribution of heuristics and errors across three levels of training, and (3) to examine relationships of heuristics to biases, and biases to…

  11. Comparison of Computed Tomography and Chest Radiography in the Detection of Rib Fractures in Abused Infants

    Wootton-Gorges, Sandra L.; Stein-Wexler, Rebecca; Walton, John W.; Rosas, Angela J.; Coulter, Kevin P.; Rogers, Kristen K.

    2008-01-01

    Purpose: Chest radiographs (CXR) are the standard method for evaluating rib fractures in abused infants. Computed tomography (CT) is a sensitive method to detect rib fractures. The purpose of this study was to compare CT and CXR in the evaluation of rib fractures in abused infants. Methods: This retrospective study included all 12 abused infants…

  12. Detection of User Independent Single Trial ERPs in Brain Computer Interfaces: An Adaptive Spatial Filtering Approach

    Leza, Cristina; Puthusserypady, Sadasivan

    2017-01-01

    Brain Computer Interfaces (BCIs) use brain signals to communicate with the external world. The main challenges to address are speed, accuracy and adaptability. Here, a novel algorithm for P300 based BCI spelling system is presented, specifically suited for single-trial detection of Event...

  13. Computer-aided detection of early interstitial lung diseases using low-dose CT images

    Park, Sang Cheol; Kim, Soo Hyung [School of Electronics and Computer Engineering, Chonnam National University, Gwangju 500-757 (Korea, Republic of); Tan, Jun; Wang Xingwei; Lederman, Dror; Leader, Joseph K; Zheng Bin, E-mail: zhengb@upmc.edu [Department of Radiology, University of Pittsburgh, Pittsburgh, PA 15213 (United States)

    2011-02-21

    This study aims to develop a new computer-aided detection (CAD) scheme to detect early interstitial lung disease (ILD) using low-dose computed tomography (CT) examinations. The CAD scheme classifies each pixel depicted on the segmented lung areas into positive or negative groups for ILD using a mesh-grid-based region growth method and a multi-feature-based artificial neural network (ANN). A genetic algorithm was applied to select optimal image features and the ANN structure. In testing each CT examination, only pixels selected by the mesh-grid region growth method were analyzed and classified by the ANN to improve computational efficiency. All unselected pixels were classified as negative for ILD. After classifying all pixels into the positive and negative groups, CAD computed a detection score based on the ratio of the number of positive pixels to all pixels in the segmented lung areas, which indicates the likelihood of the test case being positive for ILD. When applying to an independent testing dataset of 15 positive and 15 negative cases, the CAD scheme yielded the area under receiver operating characteristic curve (AUC = 0.884 {+-} 0.064) and 80.0% sensitivity at 85.7% specificity. The results demonstrated the feasibility of applying the CAD scheme to automatically detect early ILD using low-dose CT examinations.

  14. Detection of defects in logs using computer assisted tomography (CAT) scanning

    Tonner, P.D.; Lupton, L.R.

    1985-01-01

    The Chalk River Nuclear Laboratories of AECL have performed a preliminary feasibility study on the applicability of computer assisted tomographic techniques to detect the internal structure of logs. Cross sections of three logs have been obtained using a medical CAT scanner. The results show that knots, rot and growth rings are easily recognized in both dry and wet logs

  15. Progress in analysis of computed tomography (CT) images of hardwood logs for defect detection

    Erol Sarigul; A. Lynn Abbott; Daniel L. Schmoldt

    2003-01-01

    This paper addresses the problem of automatically detecting internal defects in logs using computed tomography (CT) images. The overall purpose is to assist in breakdown optimization. Several studies have shown that the commercial value of resulting boards can be increased substantially if defect locations are known in advance, and if this information is used to make...

  16. Detecting and Understanding the Impact of Cognitive and Interpersonal Conflict in Computer Supported Collaborative Learning Environments

    Prata, David Nadler; Baker, Ryan S. J. d.; Costa, Evandro d. B.; Rose, Carolyn P.; Cui, Yue; de Carvalho, Adriana M. J. B.

    2009-01-01

    This paper presents a model which can automatically detect a variety of student speech acts as students collaborate within a computer supported collaborative learning environment. In addition, an analysis is presented which gives substantial insight as to how students' learning is associated with students' speech acts, knowledge that will…

  17. Comparison of five cone beam computed tomography systems for the detection of vertical root fractures

    Hassan, B.; Metska, M.E.; Ozok, A.R.; van der Stelt, P.; Wesselink, P.R.

    2010-01-01

    Introduction This study compared the accuracy of cone beam computed tomography (CBCT) scans made by five different systems in detecting vertical root fractures (VRFs). It also assessed the influence of the presence of root canal filling (RCF), CBCT slice orientation selection, and the type of tooth

  18. Detection of vertical root fractures in endodontically treated teeth by a cone beam computed tomography scan

    Hassan, B.; Metska, M.E.; Özok, A.R.; van der Stelt, P.; Wesselink, P.R.

    2009-01-01

    Our aim was to compare the accuracy of cone beam computed tomography (CBCT) scans and periapical radiographs (PRs) in detecting vertical root fractures (VRFs) and to assess the influence of root canal filling (RCF) on fracture visibility. Eighty teeth were endodontically prepared and divided into

  19. A Real-Time Plagiarism Detection Tool for Computer-Based Assessments

    Jeske, Heimo J.; Lall, Manoj; Kogeda, Okuthe P.

    2018-01-01

    Aim/Purpose: The aim of this article is to develop a tool to detect plagiarism in real time amongst students being evaluated for learning in a computer-based assessment setting. Background: Cheating or copying all or part of source code of a program is a serious concern to academic institutions. Many academic institutions apply a combination of…

  20. Computer-Aided Detection in Breast Magnetic Resonance Imaging: A Review

    Dorrius, M. D.; Van Ooijen, P.M.A.

    2008-01-01

    The aim of this study is to give an overview on the accuracy of the discrimination between benign and malignant breast lesions on MRI with and without the use of a computer-aided detection (CAD) system. One investigator selected relevant articles based on title and abstract. Ten articles were

  1. On Combining Multiple-Instance Learning and Active Learning for Computer-Aided Detection of Tuberculosis

    Melendez Rodriguez, J.C.; Ginneken, B. van; Maduskar, P.; Philipsen, R.H.H.M.; Ayles, H.; Sanchez, C.I.

    2016-01-01

    The major advantage of multiple-instance learning (MIL) applied to a computer-aided detection (CAD) system is that it allows optimizing the latter with case-level labels instead of accurate lesion outlines as traditionally required for a supervised approach. As shown in previous work, a MIL-based

  2. Hybrid Intrusion Forecasting Framework for Early Warning System

    Kim, Sehun; Shin, Seong-Jun; Kim, Hyunwoo; Kwon, Ki Hoon; Han, Younggoo

    Recently, cyber attacks have become a serious hindrance to the stability of Internet. These attacks exploit interconnectivity of networks, propagate in an instant, and have become more sophisticated and evolutionary. Traditional Internet security systems such as firewalls, IDS and IPS are limited in terms of detecting recent cyber attacks in advance as these systems respond to Internet attacks only after the attacks inflict serious damage. In this paper, we propose a hybrid intrusion forecasting system framework for an early warning system. The proposed system utilizes three types of forecasting methods: time-series analysis, probabilistic modeling, and data mining method. By combining these methods, it is possible to take advantage of the forecasting technique of each while overcoming their drawbacks. Experimental results show that the hybrid intrusion forecasting method outperforms each of three forecasting methods.

  3. A Robust and Fast System for CTC Computer-Aided Detection of Colorectal Lesions

    Gareth Beddoe

    2010-01-01

    Full Text Available We present a complete, end-to-end computer-aided detection (CAD system for identifying lesions in the colon, imaged with computed tomography (CT. This system includes facilities for colon segmentation, candidate generation, feature analysis, and classification. The algorithms have been designed to offer robust performance to variation in image data and patient preparation. By utilizing efficient 2D and 3D processing, software optimizations, multi-threading, feature selection, and an optimized cascade classifier, the CAD system quickly determines a set of detection marks. The colon CAD system has been validated on the largest set of data to date, and demonstrates excellent performance, in terms of its high sensitivity, low false positive rate, and computational efficiency.

  4. Global Journal of Computer Science and Technology. Volume 1.2

    Dixit, R. K.

    2009-01-01

    Articles in this issue of "Global Journal of Computer Science and Technology" include: (1) Input Data Processing Techniques in Intrusion Detection Systems--Short Review (Suhair H. Amer and John A. Hamilton, Jr.); (2) Semantic Annotation of Stock Photography for CBIR Using MPEG-7 standards (R. Balasubramani and V. Kannan); (3) An Experimental Study…

  5. Intrusion mechanics according to Burstone with the NiTi-SE-steel uprighting spring.

    Sander, F G; Wichelhaus, A; Schiemann, C

    1996-08-01

    Intrusion mechanics according to Burstone can be regarded as a practicable method for the intrusion of incisors. 1. By applying the NiTi-SE-steel uprighting spring, relatively constant forces can be exerted over a large range of intrusion on both sides of the anterior tooth archwire. 2. By bending a 150 degrees tip-back bend or a curvature into the steel portion, the uprighting spring presented here is brought into the plastic range of the characteristic curve of force. 3. Application of sliding hooks on the intrusion spring permits readjustment for force transfer onto the anterior archwire. 4. Connecting the anterior archwire with the posterior elements by means of a steel ligature can be recommended only in some cases, because sagittally directed forces may be produced. 5. The adult patients presented showed an average intrusion of 0.6 mm/month, if a linear connection was presupposed. 6. An intrusive effect on the incisors could first be detected clinically after 6 to 8 weeks. 7. Application of a torque-key proves especially useful in controlling the incisor position during intrusion in order to avoid unnecessary radiography. 8. Actual prediction of the centre of resistance with the help of a cephalometric radiograph proved not to be feasible. 9. The calculated maximal intrusion of the mandibular incisors was 7 mm. 10. The torque-segmented archwire with crimped hooks and pseudoelastic springs between the molars and the crimped hooks proved very effective for retrusion and intrusion of maxillary incisors. The maxillary anterior teeth can be retruded by a total of 7 mm without readjustment. 11. Constant moments and forces could be transferred by applying preformed arch wires and segmented arch wires.

  6. Alpha intrusion on ovenight polysomnogram

    Nahapetian R

    2014-06-01

    Full Text Available No abstract available. Article truncated after 150 words. A 30 year-old Army veteran with a past medical history significant for chronic lumbar back pain stemming from a fall-from-height injury sustained in 2006 was referred to the sleep laboratory for evaluation of chronic fatigue and excessive daytime hypersomnolence. His Epworth sleepiness scale score was 16. He denied a history of snoring and witnessed apnea. Body Mass Index (BMI was 25.7 kg/m2. His main sleep related complaints were frequent nocturnal arousals, poor sleep quality, un-refreshing sleep, prolonged latency to sleep onset, and nightmares. An In-lab attended diagnostic polysomnogram was performed. Sleep efficiency was reduced (73% and overall arousal index was not significantly elevated (3.2 events/hour. The sleep study showed rapid eye movement (REM related sleep disordered breathing that did not meet diagnostic criteria for sleep apnea. There was no evidence for period limb movement disorder. However, the study was significant for alpha wave intrusion in stage N2 non-REM and stage ...

  7. Role of Computer Aided Diagnosis (CAD in the detection of pulmonary nodules on 64 row multi detector computed tomography

    K Prakashini

    2016-01-01

    Full Text Available Aims and Objectives: To determine the overall performance of an existing CAD algorithm with thin-section computed tomography (CT in the detection of pulmonary nodules and to evaluate detection sensitivity at a varying range of nodule density, size, and location. Materials and Methods: A cross-sectional prospective study was conducted on 20 patients with 322 suspected nodules who underwent diagnostic chest imaging using 64-row multi-detector CT. The examinations were evaluated on reconstructed images of 1.4 mm thickness and 0.7 mm interval. Detection of pulmonary nodules, initially by a radiologist of 2 years experience (RAD and later by CAD lung nodule software was assessed. Then, CAD nodule candidates were accepted or rejected accordingly. Detected nodules were classified based on their size, density, and location. The performance of the RAD and CAD system was compared with the gold standard that is true nodules confirmed by consensus of senior RAD and CAD together. The overall sensitivity and false-positive (FP rate of CAD software was calculated. Observations and Results: Of the 322 suspected nodules, 221 were classified as true nodules on the consensus of senior RAD and CAD together. Of the true nodules, the RAD detected 206 (93.2% and 202 (91.4% by the CAD. CAD and RAD together picked up more number of nodules than either CAD or RAD alone. Overall sensitivity for nodule detection with the CAD program was 91.4%, and FP detection per patient was 5.5%. The CAD showed comparatively higher sensitivity for nodules of size 4-10 mm (93.4% and nodules in hilar (100% and central (96.5% location when compared to RAD′s performance. Conclusion: CAD performance was high in detecting pulmonary nodules including the small size and low-density nodules. CAD even with relatively high FP rate, assists and improves RAD′s performance as a second reader, especially for nodules located in the central and hilar region and for small nodules by saving RADs time.

  8. A Computationally Intelligent Approach to the Detection of Wormhole Attacks in Wireless Sensor Networks

    Mohammad Nurul Afsar Shaon

    2017-05-01

    Full Text Available A wormhole attack is one of the most critical and challenging security threats for wireless sensor networks because of its nature and ability to perform concealed malicious activities. This paper proposes an innovative wormhole detection scheme to detect wormhole attacks using computational intelligence and an artificial neural network (ANN. Most wormhole detection schemes reported in the literature assume the sensors are uniformly distributed in a network, and, furthermore, they use statistical and topological information and special hardware for their detection. However, these schemes may perform poorly in non-uniformly distributed networks, and, moreover, they may fail to defend against “out of band” and “in band” wormhole attacks. The aim of the proposed research is to develop a detection scheme that is able to detect all kinds of wormhole attacks in both uniformly and non-uniformly distributed sensor networks. Furthermore, the proposed research does not require any special hardware and causes no significant network overhead throughout the network. Most importantly, the probable location of the malicious nodes can be identified by the proposed ANN based detection scheme. We evaluate the efficacy of the proposed detection scheme in terms of detection accuracy, false positive rate, and false negative rate. The performance of the proposed algorithm is also compared with other machine learning techniques (i.e. SVM and regularized nonlinear logistic regression (LR based detection models. The simulation results show that proposed ANN based algorithm outperforms the SVM or LR based detection schemes in terms of detection accuracy, false positive rate, and false negative rates.

  9. Periodontal changes following molar intrusion with miniscrews

    Shahin Bayani

    2015-01-01

    Conclusion: Within the limitations of this study, these results suggest that not only periodontal status was not negatively affected by intrusion, but also there were signs of periodontal improvement including attachment gain and shortening of clinical crown height.

  10. A Citizen's Guide to Vapor Intrusion Mitigation

    This guide describes how vapor intrusion is the movement of chemical vapors from contaminated soil and groundwater into nearby buildings.Vapors primarily enter through openings in the building foundation or basement walls.

  11. Acknowledging the dilemmas of intrusive media

    Mathieu, David; Finger, Juliane; Dias, Patrcia

    2017-01-01

    Part of the stakeholder consultation addressed strategies that media audiences are developing to cope with pressures and intrusions in a changing media environment, characterised by digitalisation and interactive possibilities. We interviewed ten stakeholders representing interests such as content...... production, media literacy, media regulation, and activism. Consulting with these stakeholders left the impression that pressures and intrusions from media lack widespread acknowledgement, and that little is known about audiences’ strategies to cope with media. Even when intrusions are acknowledged, we find...... no consensual motivation, nor any clear avenue for action. Therefore, we have analysed different discursive positions that prevent acknowledging or taking action upon the pressures and intrusions that we presented to these stakeholders. The discursive positions are outlined below....

  12. Prevention and analysis of hacker's intrusion

    Liu Baoxu; An Dehai; Xu Rongsheng

    2000-01-01

    The author analyzes the behavior characteristics and relevant technologies about the hacker's intrusion, and gives some corresponding solutions pertinently. To the recent events about hackers, the author gives detailed introduction and puts forward the relevant advice and valuable consideration

  13. Whole lung computed tomography for detection of pulmonary metastasis of osteosarcoma confirmed at thoracotomy

    Ishida, Itsuro; Fukuma, Seigo; Sawada, Kinya; Seki, Yasuo; Tanaka, Fumitaka

    1980-01-01

    Whole lung computed tomography (CT) was performed in patients with osteosarcoma of bone to evaluate its diagnostic efficacy in comparison to that in conventional chest radiography and in whole lung tomography to detect metastatic nodules in the lung. In 11 of the 12 patients with osteosarcoma, CT detected pulmonary nodules and in 6 of the 11 patients pulmonary nodules were detected by CT, conventional chest radiography and whole lung tomography, respectively, and 22 pulmonary nodules were resected at thoracotomy and proved to be metastatic lesions. Nineteen nodules of the 22 nodules resected were detected by CT and nine of the 22 nodules were discovered only by CT, while only 10 of 22 nodules were recognized by the conventional chest radiography and the whole lung tomography. Two pulmonary nodules, measuring 1 mm and 2 mm in diameter, respectively, were not detected by any of these three methods. In three nodules that showed to be false positive in CT in the two patients, two nodules were histologically suture granulomas induced by the previous operation, and a deformed protuberance of the chest wall was erroneously interpreted to be a subpleural and intrapulmonary nodule in the remaining. We conclude that CT is the most efficient method to detect pulmonary nodules in the patients with osteosarcoma, but that the minimal size of the detectable nodule by CT is 3 mm in diameter. But a smaller nodule having a tendency to ossify can be detected by CT. (author)

  14. A Sensitivity Analysis of a Computer Model-Based Leak Detection System for Oil Pipelines

    Zhe Lu

    2017-08-01

    Full Text Available Improving leak detection capability to eliminate undetected releases is an area of focus for the energy pipeline industry, and the pipeline companies are working to improve existing methods for monitoring their pipelines. Computer model-based leak detection methods that detect leaks by analyzing the pipeline hydraulic state have been widely employed in the industry, but their effectiveness in practical applications is often challenged by real-world uncertainties. This study quantitatively assessed the effects of uncertainties on leak detectability of a commonly used real-time transient model-based leak detection system. Uncertainties in fluid properties, field sensors, and the data acquisition system were evaluated. Errors were introduced into the input variables of the leak detection system individually and collectively, and the changes in leak detectability caused by the uncertainties were quantified using simulated leaks. This study provides valuable quantitative results contributing towards a better understanding of how real-world uncertainties affect leak detection. A general ranking of the importance of the uncertainty sources was obtained: from high to low it is time skew, bulk modulus error, viscosity error, and polling time. It was also shown that inertia-dominated pipeline systems were less sensitive to uncertainties compared to friction-dominated systems.

  15. Intrusion problematic during water supply systems’ operation

    Jesus Mora-Rodriguez, P. Amparo López-Jimenez, Helena M. Ramos

    2011-01-01

    Intrusion through leaks occurrence is a phenomenon when external fluid comes into water pipe systems. This phenomenon can cause contamination problems in drinking pipe systems. Hence, this paper focuses on the entry of external fluids across small leaks during normal operation conditions. This situation is especially important in elevated points of the pipe profile. Pressure variations can origin water volume losses and intrusion of contaminants into the drinking water pipes. This work focuse...

  16. A Novel Method for Detecting and Computing Univolatility Curves in Ternary Mixtures

    Shcherbakov, Nataliya; Rodriguez-Donis, Ivonne; Abildskov, Jens

    2017-01-01

    Residue curve maps (RCMs) and univolatility curves are crucial tools for analysis and design of distillation processes. Even in the case of ternary mixtures, the topology of these maps is highly non-trivial. We propose a novel method allowing detection and computation of univolatility curves...... of the generalized univolatility and unidistribution curves in the three dimensional composition – temperature state space lead to a simple and efficient algorithm of computation of the univolatility curves. Two peculiar ternary systems, namely diethylamine – chloroform – methanol and hexane – benzene...

  17. Development of a Wireless Computer Vision Instrument to Detect Biotic Stress in Wheat

    Joaquin J. Casanova

    2014-09-01

    Full Text Available Knowledge of crop abiotic and biotic stress is important for optimal irrigation management. While spectral reflectance and infrared thermometry provide a means to quantify crop stress remotely, these measurements can be cumbersome. Computer vision offers an inexpensive way to remotely detect crop stress independent of vegetation cover. This paper presents a technique using computer vision to detect disease stress in wheat. Digital images of differentially stressed wheat were segmented into soil and vegetation pixels using expectation maximization (EM. In the first season, the algorithm to segment vegetation from soil and distinguish between healthy and stressed wheat was developed and tested using digital images taken in the field and later processed on a desktop computer. In the second season, a wireless camera with near real-time computer vision capabilities was tested in conjunction with the conventional camera and desktop computer. For wheat irrigated at different levels and inoculated with wheat streak mosaic virus (WSMV, vegetation hue determined by the EM algorithm showed significant effects from irrigation level and infection. Unstressed wheat had a higher hue (118.32 than stressed wheat (111.34. In the second season, the hue and cover measured by the wireless computer vision sensor showed significant effects from infection (p = 0.0014, as did the conventional camera (p < 0.0001. Vegetation hue obtained through a wireless computer vision system in this study is a viable option for determining biotic crop stress in irrigation scheduling. Such a low-cost system could be suitable for use in the field in automated irrigation scheduling applications.

  18. Diagnostic accuracy of multi-slice computed tomographic angiography in the detection of cerebral aneurysms

    Haghighatkhah, H. R.; Sabouri, S.; Borzouyeh, F.; Bagherzadeh, M. H.; Bakhshandeh, H.; Jalali, A. H.

    2008-01-01

    Multislice computed tomographic angiography is a rapid and minimally invasive method for the detection of intracranial aneurysms. The purpose of this study was to compare Multislice computed tomographic angiography with digital subtraction angiography In the diagnosis of cerebral aneurysms. Patients and Methods: In this cross sectional study we evaluated 111 consecutive patients [42(37.8%) male and 69(62.2%) female], who were admitted under clinical symptoms and signs. suggestive of harboring an intracranial aneurysm by using a four detector Multislice computed tomographic angiography. Then we compared results of Multislice computed tomographic angiography with digital subtraction angiography results as a gold standard method. Digital subtraction angiography was performed by bilateral selective common carotid artery injections and either unilateral or bilateral vertebral artery injections, as necessary. Multislice computed tomographic angiography images were interpreted by one radiologist and digital subtraction angiography was performed by another radiologist who was blinded to the interpretation of the Multislice computed tomographic angiograms. Results: The mean ±S D age of the patients was 49.1±13.6 years (range: 12-84 years). We performed Multislice computed tomographic in 111 and digital subtraction angiography in 85 patients. The sensitivity, specificity, positive predictive value, negative predictive value, positive and negative likelihood ratio of Multislice computed tomographic angiography, when compared with digital subtraction angiography as the gold standard, were 100%, 90%, 87.5%, 100%, 10 and 0, respectively. Conclusion: Multislice computed tomographic angiography seems to be an accurate and noninvasive imaging modality in the diagnosis of intracranial aneurysms

  19. The efficacy of using computer-aided detection (CAD) for detection of breast cancer in mammography screening: a systematic review.

    Henriksen, Emilie L; Carlsen, Jonathan F; Vejborg, Ilse Mm; Nielsen, Michael B; Lauridsen, Carsten A

    2018-01-01

    Background Early detection of breast cancer (BC) is crucial in lowering the mortality. Purpose To present an overview of studies concerning computer-aided detection (CAD) in screening mammography for early detection of BC and compare diagnostic accuracy and recall rates (RR) of single reading (SR) with SR + CAD and double reading (DR) with SR + CAD. Material and Methods PRISMA guidelines were used as a review protocol. Articles on clinical trials concerning CAD for detection of BC in a screening population were included. The literature search resulted in 1522 records. A total of 1491 records were excluded by abstract and 18 were excluded by full text reading. A total of 13 articles were included. Results All but two studies from the SR vs. SR + CAD group showed an increased sensitivity and/or cancer detection rate (CDR) when adding CAD. The DR vs. SR + CAD group showed no significant differences in sensitivity and CDR. Adding CAD to SR increased the RR and decreased the specificity in all but one study. For the DR vs. SR + CAD group only one study reported a significant difference in RR. Conclusion All but two studies showed an increase in RR, sensitivity and CDR when adding CAD to SR. Compared to DR no statistically significant differences in sensitivity or CDR were reported. Additional studies based on organized population-based screening programs, with longer follow-up time, high-volume readers, and digital mammography are needed to evaluate the efficacy of CAD.

  20. Analysis of the performance capability of an infrared interior intrusion detector

    Dunn, D.R.

    1977-01-01

    Component performances are required by the LLL assessment procedure for material control and accounting (MC and A) systems. Monitors are an example of an MC and A component whose functions are to process measurements or observations for purposes of detecting abnormalities. This report develops a methodology for characterizing the performance of a class of infrared (IR) interior intrusion monitors or detectors. The methodology is developed around a specific commercial IR detector, the InfrAlarm, manufactured by Barnes Engineering Company (Models 19-124 and 19-115A). Statistical detection models for computing probabilities of detection and false alarms were derived, and the performance capability of the InfrAlarm IR detector was shown using these measures. The results obtained in the performance analysis show that the detection capability of the InfrAlarm is excellent (approx. 1), with very low false alarm rates, for a wide range in target characteristics. These results should be representative and particularly for non-hostile environments

  1. Effect of computer-aided detection as a second reader in multidetector-row CT colonography

    Mang, Thomas; Peloschek, Philipp; Plank, Christina; Maier, Andrea; Weber, Michael; Herold, Christian; Schima, Wolfgang; Graser, Anno; Bogoni, Luca

    2007-01-01

    Our purpose was to assess the effect of computer-aided detection (CAD) on lesion detection as a second reader in computed tomographic colonography, and to compare the influence of CAD on the performance of readers with different levels of expertise. Fifty-two CT colonography patient data-sets (37 patients: 55 endoscopically confirmed polyps ≥0.5 cm, seven cancers; 15 patients: no abnormalities) were retrospectively reviewed by four radiologists (two expert, two nonexpert). After primary data evaluation, a second reading augmented with findings of CAD (polyp-enhanced view, Siemens) was performed. Sensitivities and reading time were calculated for each reader without CAD and supported by CAD findings. The sensitivity of expert readers was 91% each, and of nonexpert readers, 76% and 75%, respectively, for polyp detection. CAD increased the sensitivity of expert readers to 96% (P = 0.25) and 93% (P = 1), and that of nonexpert readers to 91% (P = 0.008) and 95% (P = 0.001), respectively. All four readers diagnosed 100% of cancers, but CAD alone only 43%. CAD increased reading time by 2.1 min (mean). CAD as a second reader significantly improves sensitivity for polyp detection in a high disease prevalence population for nonexpert readers. CAD causes a modest increase in reading time. CAD is of limited value in the detection of cancer. (orig.)

  2. Detection of small traumatic hemorrhages using a computer-generated average human brain CT.

    Afzali-Hashemi, Liza; Hazewinkel, Marieke; Tjepkema-Cloostermans, Marleen C; van Putten, Michel J A M; Slump, Cornelis H

    2018-04-01

    Computed tomography is a standard diagnostic imaging technique for patients with traumatic brain injury (TBI). A limitation is the poor-to-moderate sensitivity for small traumatic hemorrhages. A pilot study using an automatic method to detect hemorrhages [Formula: see text] in diameter in patients with TBI is presented. We have created an average image from 30 normal noncontrast CT scans that were automatically aligned using deformable image registration as implemented in Elastix software. Subsequently, the average image was aligned to the scans of TBI patients, and the hemorrhages were detected by a voxelwise subtraction of the average image from the CT scans of nine TBI patients. An experienced neuroradiologist and a radiologist in training assessed the presence of hemorrhages in the final images and determined the false positives and false negatives. The 9 CT scans contained 67 small haemorrhages, of which 97% was correctly detected by our system. The neuroradiologist detected three false positives, and the radiologist in training found two false positives. For one patient, our method showed a hemorrhagic contusion that was originally missed. Comparing individual CT scans with a computed average may assist the physicians in detecting small traumatic hemorrhages in patients with TBI.

  3. Value of a Computer-aided Detection System Based on Chest Tomosynthesis Imaging for the Detection of Pulmonary Nodules.

    Yamada, Yoshitake; Shiomi, Eisuke; Hashimoto, Masahiro; Abe, Takayuki; Matsusako, Masaki; Saida, Yukihisa; Ogawa, Kenji

    2018-04-01

    Purpose To assess the value of a computer-aided detection (CAD) system for the detection of pulmonary nodules on chest tomosynthesis images. Materials and Methods Fifty patients with and 50 without pulmonary nodules underwent both chest tomosynthesis and multidetector computed tomography (CT) on the same day. Fifteen observers (five interns and residents, five chest radiologists, and five abdominal radiologists) independently evaluated tomosynthesis images of 100 patients for the presence of pulmonary nodules in a blinded and randomized manner, first without CAD, then with the inclusion of CAD marks. Multidetector CT images served as the reference standard. Free-response receiver operating characteristic analysis was used for the statistical analysis. Results The pooled diagnostic performance of 15 observers was significantly better with CAD than without CAD (figure of merit [FOM], 0.74 vs 0.71, respectively; P = .02). The average true-positive fraction and false-positive rate per all cases with CAD were 0.56 and 0.26, respectively, whereas those without CAD were 0.47 and 0.20, respectively. Subanalysis showed that the diagnostic performance of interns and residents was significantly better with CAD than without CAD (FOM, 0.70 vs 0.62, respectively; P = .001), whereas for chest radiologists and abdominal radiologists, the FOM with CAD values were greater but not significantly: 0.80 versus 0.78 (P = .38) and 0.74 versus 0.73 (P = .65), respectively. Conclusion CAD significantly improved diagnostic performance in the detection of pulmonary nodules on chest tomosynthesis images for interns and residents, but provided minimal benefit for chest radiologists and abdominal radiologists. © RSNA, 2017 Online supplemental material is available for this article.

  4. Characterization of mixed waste for sorting and inspection using non-intrusive methods

    Roberson, G.P.; Ryon, R.W.; Bull, N.L.

    1994-12-01

    Characterization of mixed wastes (that is, radioactive and otherwise hazardous) requires that all hazardous, non-conforming, and radioactive materials be identified, localized, and quantified. With such information, decisions can be made regarding whether the item is treatable or has been adequately treated. Much of the required information can be gained without taking representative samples and analyzing them in a chemistry laboratory. Non-intrusive methods can be used to provide this information on-line at the waste treatment facility. Ideally, the characterization would be done robotically, and either automatically or semi-automatically in order to improve efficiency and safety. For the FY94 Mixed Waste Operations (MWO) project, a treatable waste item is defined as a homogeneous metal object that has external radioactive or heavy metal hazardous contamination. Surface treatment of some kind would therefore be the treatment method to be investigated. The authors developed sorting and inspection requirements, and assessed viable non-intrusive techniques to meet these requirements. They selected radiography, computed tomography and X-ray fluorescence. They have characterized selected mock waste items, and determined minimum detectable amounts of materials. They have demonstrated the efficiency possible by integrating radiographic with tomographic data. Here, they developed a technique to only use radiographic data where the material is homogeneous (fast), and then switching to tomography in those areas where heterogeneity is detected (slower). They also developed a tomographic technique to quantify the volume of each component of a mixed material. This is useful for such things as determining ash content. Lastly, they have developed a document in MOSAIC, an Internet multi-media browser. This document is used to demonstrate the ability to share data and information world-wide

  5. Expert judgement on inadvertent human intrusion into the Waste Isolation Pilot Plant

    Hora, S.C.; von Winterfeldt, D.; Trauth, K.M.

    1991-12-01

    Four expert-judgment teams have developed analyses delineating possible future societies in the next 10,000 years in the vicinity of the Waste Isolation Pilot Plant (WIPP). Expert-judgment analysis was used to address the question of future societies because neither experimentation, observation, nor modeling can resolve such uncertainties. Each of the four, four-member teams, comprised of individuals with expertise in the physical, social, or political sciences, developed detailed qualitative assessments of possible future societies. These assessments include detailed discussions of the underlying physical and societal factors that would influence society and the likely modes of human-intrusion at the WIPP, as well as the probabilities of intrusion. Technological development, population growth, economic development, conservation of information, persistence of government control, and mitigation of danger from nuclear waste were the factors the teams believed to be most important. Likely modes of human-intrusion were categorized as excavation, disposal/storage, tunneling, drilling, and offsite activities. Each team also developed quantitative assessments by providing probabilities of various alternative futures, of inadvertent human intrusion, and in some cases, of particular modes of intrusion. The information created throughout this study will be used in conjunction with other types of information, including experimental data, calculations from physical principles and computer models, and perhaps other judgments, as input to ''performance assessment.'' The more qualitative results of this study will be used as input to another expert panel considering markers to deter inadvertent human intrusion at the WIPP

  6. Computational cost for detecting inspiralling binaries using a network of laser interferometric detectors

    Pai, Archana; Bose, Sukanta; Dhurandhar, Sanjeev

    2002-01-01

    We extend a coherent network data-analysis strategy developed earlier for detecting Newtonian waveforms to the case of post-Newtonian (PN) waveforms. Since the PN waveform depends on the individual masses of the inspiralling binary, the parameter-space dimension increases by one from that of the Newtonian case. We obtain the number of templates and estimate the computational costs for PN waveforms: for a lower mass limit of 1M o-dot , for LIGO-I noise and with 3% maximum mismatch, the online computational speed requirement for single detector is a few Gflops; for a two-detector network it is hundreds of Gflops and for a three-detector network it is tens of Tflops. Apart from idealistic networks, we obtain results for realistic networks comprising of LIGO and VIRGO. Finally, we compare costs incurred in a coincidence detection strategy with those incurred in the coherent strategy detailed above

  7. SYN Flood Attack Detection in Cloud Computing using Support Vector Machine

    Zerina Mašetić

    2017-11-01

    Full Text Available Cloud computing is a trending technology, as it reduces the cost of running a business. However, many companies are skeptic moving about towards cloud due to the security concerns. Based on the Cloud Security Alliance report, Denial of Service (DoS attacks are among top 12 attacks in the cloud computing. Therefore, it is important to develop a mechanism for detection and prevention of these attacks. The aim of this paper is to evaluate Support Vector Machine (SVM algorithm in creating the model for classification of DoS attacks and normal network behaviors. The study was performed in several phases: a attack simulation, b data collection, cfeature selection, and d classification. The proposedmodel achieved 100% classification accuracy with true positive rate (TPR of 100%. SVM showed outstanding performance in DoS attack detection and proves that it serves as a valuable asset in the network security area.

  8. Computational cost for detecting inspiralling binaries using a network of laser interferometric detectors

    Pai, A; Dhurandhar, S V

    2002-01-01

    We extend a coherent network data-analysis strategy developed earlier for detecting Newtonian waveforms to the case of post-Newtonian (PN) waveforms. Since the PN waveform depends on the individual masses of the inspiralling binary, the parameter-space dimension increases by one from that of the Newtonian case. We obtain the number of templates and estimate the computational costs for PN waveforms: for a lower mass limit of 1M sub o sub - sub d sub o sub t , for LIGO-I noise and with 3% maximum mismatch, the online computational speed requirement for single detector is a few Gflops; for a two-detector network it is hundreds of Gflops and for a three-detector network it is tens of Tflops. Apart from idealistic networks, we obtain results for realistic networks comprising of LIGO and VIRGO. Finally, we compare costs incurred in a coincidence detection strategy with those incurred in the coherent strategy detailed above.

  9. Management algorithm for images of hepatic incidentalomas, renal and adrenal detected by computed tomography

    Montero Gonzalez, Allan

    2012-01-01

    A literature review has been carried out in the diagnostic and monitoring algorithms for image of incidentalomas of solid abdominal organs (liver, kidney and adrenal glands) detected by computed tomography (CT). The criteria have been unified and updated for a effective diagnosis. Posed algorithms have been made in simplified form. The imaging techniques have been specified for each pathology, showing the advantages and disadvantages of using it and justifying the application in daily practice [es

  10. Detection of Malware and Kernel-Level Rootkits in Cloud Computing Environments

    Win, Thu Yein; Tianfield, Huaglory; Mair, Quentin

    2016-01-01

    Cyberattacks targeted at virtualization infrastructure underlying cloud computing services has become increasingly sophisticated. This paper presents a novel malware and rookit detection system which protects the guests against different attacks. It combines system call monitoring and system call hashing on the guest kernel together with Support Vector Machines (SVM)-based external monitoring on the host. We demonstrate the effectiveness of our solution by evaluating it against well-known use...

  11. Progress of computer-aided detection/diagnosis (CAD in dentistryCAD in dentistry

    Akitoshi Katsumata

    2014-08-01

    CAD is also useful in the detection and evaluation of dental and maxillofacial lesions. Identifying alveolar bone resorption due to periodontitis and radiolucent jaw lesions (such as radicular and dentigerous cysts are important goals for CAD. CAD can be applied not only to panoramic radiography but also to dental cone-beam computed tomography (CBCT images. Linking of CAD and teleradiology will be an important issue.

  12. Noninvasive Characterization of Indeterminate Pulmonary Nodules Detected on Chest High-Resolution Computed Tomography

    2017-10-01

    Chest High- Resolution Computed Tomography 5b. GRANT NUMBER W81XWH-15-1-0110 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR(S) Fabien Maldonado 5d. PROJECT...Selection of cancer cases and controls, flowcharts : Screen-detected lung cancers (N=649) Adenocarcinomas (N=353) Squamous cell carcinomas (N=136...during the process, and I hope everyone has a nice weekend! Best, Liz …… Elizabeth S. Moses, Ph.D. | Scientific Program Manager, DECAMP Boston

  13. A dimension reduction strategy for improving the efficiency of computer-aided detection for CT colonography

    Song, Bowen; Zhang, Guopeng; Wang, Huafeng; Zhu, Wei; Liang, Zhengrong

    2013-02-01

    Various types of features, e.g., geometric features, texture features, projection features etc., have been introduced for polyp detection and differentiation tasks via computer aided detection and diagnosis (CAD) for computed tomography colonography (CTC). Although these features together cover more information of the data, some of them are statistically highly-related to others, which made the feature set redundant and burdened the computation task of CAD. In this paper, we proposed a new dimension reduction method which combines hierarchical clustering and principal component analysis (PCA) for false positives (FPs) reduction task. First, we group all the features based on their similarity using hierarchical clustering, and then PCA is employed within each group. Different numbers of principal components are selected from each group to form the final feature set. Support vector machine is used to perform the classification. The results show that when three principal components were chosen from each group we can achieve an area under the curve of receiver operating characteristics of 0.905, which is as high as the original dataset. Meanwhile, the computation time is reduced by 70% and the feature set size is reduce by 77%. It can be concluded that the proposed method captures the most important information of the feature set and the classification accuracy is not affected after the dimension reduction. The result is promising and further investigation, such as automatically threshold setting, are worthwhile and are under progress.

  14. Computer-aided pulmonary nodule detection. Performance of two CAD systems at different CT dose levels

    Hein, Patrick Alexander; Rogalla, P.; Klessen, C.; Lembcke, A.; Romano, V.C.

    2009-01-01

    Purpose: To evaluate the impact of dose reduction on the performance of computer-aided lung nodule detection systems (CAD) of two manufacturers by comparing respective CAD results on ultra-low-dose computed tomography (ULD-CT) and standard dose CT (SD-CT). Materials and Methods: Multi-slice computed tomography (MSCT) data sets of 26 patients (13 male and 13 female, patients 31 - 74 years old) were retrospectively selected for CAD analysis. Indication for CT examination was staging of a known primary malignancy or suspected pulmonary malignancy. CT images were consecutively acquired at 5 mAs (ULD-CT) and 75 mAs (SD-CT) with 120kV tube voltage (1 mm slice thickness). The standard of reference was determined by three experienced readers in consensus. CAD reading algorithms (pre-commercial CAD system, Philips, Netherlands: CAD-1; LungCARE, Siemens, Germany: CAD-2) were applied to the CT data sets. Results: Consensus reading identified 253 nodules on SD-CT and ULD-CT. Nodules ranged in diameter between 2 and 41 mm (mean diameter 4.8 mm). Detection rates were recorded with 72% and 62% (CAD-1 vs. CAD-2) for SD-CT and with 73% and 56% for ULD-CT. Median also positive rates per patient were calculated with 6 and 5 (CAD-1 vs. CAD-2) for SD-CT and with 8 and 3 for ULD-CT. After separate statistical analysis of nodules with diameters of 5 mm and greater, the detection rates increased to 83% and 61% for SD-CT and to 89% and 67% for ULD-CT (CAD-1 vs. CAD-2). For both CAD systems there were no significant differences between the detection rates for standard and ultra-low-dose data sets (p>0.05). Conclusion: Dose reduction of the underlying CT scan did not significantly influence nodule detection performance of the tested CAD systems. (orig.)

  15. CT colonography: computer-aided detection of morphologically flat T1 colonic carcinoma

    Taylor, Stuart A.; Iinuma, Gen; Saito, Yutaka; Zhang, Jie; Halligan, Steve

    2008-01-01

    The purpose was to evaluate the ability of computer-aided detection (CAD) software to detect morphologically flat early colonic carcinoma using CT colonography (CTC). Twenty-four stage T1 colonic carcinomas endoscopically classified as flat (width over twice height) were accrued from patients undergoing staging CTC. Tumor location was annotated by three experienced radiologists in consensus aided by the endosocpic report. CAD software was then applied at three settings of sphericity (0, 0.75, and 1). Computer prompts were categorized as either true positive (overlapping tumour boundary) or false positive. True positives were subclassified as focal or non focal. The 24 cancers were endoscopically classified as type IIa (n=11) and type IIa+IIc (n=13). Mean size (range) was 27 mm (7-70 mm). CAD detected 20 (83.3%), 17 (70.8%), and 13 (54.1%) of the 24 cancers at filter settings of 0, 0.75, and 1, respectively with 3, 4, and 8 missed cancers of type IIa, respectively. The mean total number of false-positive CAD marks per patient at each filter setting was 36.5, 21.1, and 9.5, respectively, excluding polyps. At all settings, >96.1% of CAD true positives were classified as focal. CAD may be effective for the detection of morphologically flat cancer, although minimally raised laterally spreading tumors remain problematic. (orig.)

  16. Count out your intrusions: Effects of verbal encoding on intrusive memories

    Krans, J.; Näring, G.W.B.; Becker, E.S.

    2009-01-01

    Peri-traumatic information processing is thought to affect the development of intrusive trauma memories. This study aimed to replicate and improve the study by Holmes, Brewin, and Hennessy (2004, Exp. 3) on the role of peri-traumatic verbal processing in analogue traumatic intrusion development.

  17. Repeated magmatic intrusions at El Hierro Island following the 2011-2012 submarine eruption

    Benito-Saz, Maria A.; Parks, Michelle M.; Sigmundsson, Freysteinn; Hooper, Andrew; García-Cañada, Laura

    2017-09-01

    After more than 200 years of quiescence, in July 2011 an intense seismic swarm was detected beneath the center of El Hierro Island (Canary Islands), culminating on 10 October 2011 in a submarine eruption, 2 km off the southern coast. Although the eruption officially ended on 5 March 2012, magmatic activity continued in the area. From June 2012 to March 2014, six earthquake swarms, indicative of magmatic intrusions, were detected underneath the island. We have studied these post-eruption intrusive events using GPS and InSAR techniques to characterize the ground surface deformation produced by each of these intrusions, and to determine the optimal source parameters (geometry, location, depth, volume change). Source inversions provide insight into the depth of the intrusions ( 11-16 km) and the volume change associated with each of them (between 0.02 and 0.13 km3). During this period, > 20 cm of uplift was detected in the central-western part of the island, corresponding to approximately 0.32-0.38 km3 of magma intruded beneath the volcano. We suggest that these intrusions result from deep magma migrating from the mantle, trapped at the mantle/lower crust discontinuity in the form of sill-like bodies. This study, using joint inversion of GPS and InSAR data in a post-eruption period, provides important insight into the characteristics of the magmatic plumbing system of El Hierro, an oceanic intraplate volcanic island.

  18. Detection Performance of Packet Arrival under Downclocking for Mobile Edge Computing

    Zhimin Wang

    2018-01-01

    Full Text Available Mobile edge computing (MEC enables battery-powered mobile nodes to acquire information technology services at the network edge. These nodes desire to enjoy their service under power saving. The sampling rate invariant detection (SRID is the first downclocking WiFi technique that can achieve this objective. With SRID, a node detects one packet arrival at a downclocked rate. Upon a successful detection, the node reverts to a full-clocked rate to receive the packet immediately. To ensure that a node acquires its service immediately, the detection performance (namely, the miss-detection probability and the false-alarm probability of SRID is of importance. This paper is the first one to theoretically study the crucial impact of SRID attributes (e.g., tolerance threshold, correlation threshold, and energy ratio threshold on the packet detection performance. Extensive Monte Carlo experiments show that our theoretical model is very accurate. This study can help system developers set reasonable system parameters for WiFi downclocking.

  19. A Simulation-Optimization Model for Seawater Intrusion Management at Pingtung Coastal Area, Taiwan

    Po-Syun Huang

    2018-02-01

    Full Text Available The coastal regions of Pingtung Plain in southern Taiwan rely on groundwater as their main source of fresh water for aquaculture, agriculture, domestic, and industrial sectors. The availability of fresh groundwater is threatened by unsustainable groundwater extraction and the over-pumpage leads to the serious problem of seawater intrusion. It is desired to find appropriate management strategies to control groundwater salinity and mitigate seawater intrusion. In this study, a simulation–optimization model has been presented to solve the problem of seawater intrusion along the coastal aquifers in Pingtung Plain and the objective is using injection well barriers and minimizing the total injection rate based on the pre-determined locations of injection barriers. The SEAWAT code is used to simulate the process of seawater intrusion and the surrogate model of artificial neural networks (ANNs is used to approximate the seawater intrusion (SWI numerical model to increase the computational efficiency during the optimization process. The heuristic optimization scheme of differential evolution (DE algorithm is selected to identify the global optimal management solution. Two different management scenarios, one is the injection barriers located along the coast and the other is the injection barrier located at the inland, are considered and the optimized results show that the deployment of injection barriers at the inland is more effective to reduce total dissolved solids (TDS concentrations and mitigate seawater intrusion than that along the coast. The computational time can be reduced by more than 98% when using ANNs to replace the numerical model and the DE algorithm has been confirmed as a robust optimization scheme to solve groundwater management problems. The proposed framework can identify the most reliable management strategies and provide a reference tool for decision making with regard to seawater intrusion remediation.

  20. Computer-aided Detection Fidelity of Pulmonary Nodules in Chest Radiograph

    Nikolaos Dellios

    2017-01-01

    Full Text Available Aim: The most ubiquitous chest diagnostic method is the chest radiograph. A common radiographic finding, quite often incidental, is the nodular pulmonary lesion. The detection of small lesions out of complex parenchymal structure is a daily clinical challenge. In this study, we investigate the efficacy of the computer-aided detection (CAD software package SoftView™ 2.4A for bone suppression and OnGuard™ 5.2 (Riverain Technologies, Miamisburg, OH, USA for automated detection of pulmonary nodules in chest radiographs. Subjects and Methods: We retrospectively evaluated a dataset of 100 posteroanterior chest radiographs with pulmonary nodular lesions ranging from 5 to 85 mm. All nodules were confirmed with a consecutive computed tomography scan and histologically classified as 75% malignant. The number of detected lesions by observation in unprocessed images was compared to the number and dignity of CAD-detected lesions in bone-suppressed images (BSIs. Results: SoftView™ BSI does not affect the objective lesion-to-background contrast. OnGuard™ has a stand-alone sensitivity of 62% and specificity of 58% for nodular lesion detection in chest radiographs. The false positive rate is 0.88/image and the false negative (FN rate is 0.35/image. From the true positive lesions, 20% were proven benign and 80% were malignant. FN lesions were 47% benign and 53% malignant. Conclusion: We conclude that CAD does not qualify for a stand-alone standard of diagnosis. The use of CAD accompanied with a critical radiological assessment of the software suggested pattern appears more realistic. Accordingly, it is essential to focus on studies assessing the quality-time-cost profile of real-time (as opposed to retrospective CAD implementation in clinical diagnostics.

  1. Is Neural Activity Detected by ERP-Based Brain-Computer Interfaces Task Specific?

    Markus A Wenzel

    Full Text Available Brain-computer interfaces (BCIs that are based on event-related potentials (ERPs can estimate to which stimulus a user pays particular attention. In typical BCIs, the user silently counts the selected stimulus (which is repeatedly presented among other stimuli in order to focus the attention. The stimulus of interest is then inferred from the electroencephalogram (EEG. Detecting attention allocation implicitly could be also beneficial for human-computer interaction (HCI, because it would allow software to adapt to the user's interest. However, a counting task would be inappropriate for the envisaged implicit application in HCI. Therefore, the question was addressed if the detectable neural activity is specific for silent counting, or if it can be evoked also by other tasks that direct the attention to certain stimuli.Thirteen people performed a silent counting, an arithmetic and a memory task. The tasks required the subjects to pay particular attention to target stimuli of a random color. The stimulus presentation was the same in all three tasks, which allowed a direct comparison of the experimental conditions.Classifiers that were trained to detect the targets in one task, according to patterns present in the EEG signal, could detect targets in all other tasks (irrespective of some task-related differences in the EEG.The neural activity detected by the classifiers is not strictly task specific but can be generalized over tasks and is presumably a result of the attention allocation or of the augmented workload. The results may hold promise for the transfer of classification algorithms from BCI research to implicit relevance detection in HCI.

  2. Deep learning of contrast-coated serrated polyps for computer-aided detection in CT colonography

    Näppi, Janne J.; Pickhardt, Perry; Kim, David H.; Hironaka, Toru; Yoshida, Hiroyuki

    2017-03-01

    Serrated polyps were previously believed to be benign lesions with no cancer potential. However, recent studies have revealed a novel molecular pathway where also serrated polyps can develop into colorectal cancer. CT colonography (CTC) can detect serrated polyps using the radiomic biomarker of contrast coating, but this requires expertise from the reader and current computer-aided detection (CADe) systems have not been designed to detect the contrast coating. The purpose of this study was to develop a novel CADe method that makes use of deep learning to detect serrated polyps based on their contrast-coating biomarker in CTC. In the method, volumetric shape-based features are used to detect polyp sites over soft-tissue and fecal-tagging surfaces of the colon. The detected sites are imaged using multi-angular 2D image patches. A deep convolutional neural network (DCNN) is used to review the image patches for the presence of polyps. The DCNN-based polyp-likelihood estimates are merged into an aggregate likelihood index where highest values indicate the presence of a polyp. For pilot evaluation, the proposed DCNN-CADe method was evaluated with a 10-fold cross-validation scheme using 101 colonoscopy-confirmed cases with 144 biopsy-confirmed serrated polyps from a CTC screening program, where the patients had been prepared for CTC with saline laxative and fecal tagging by barium and iodine-based diatrizoate. The average per-polyp sensitivity for serrated polyps >=6 mm in size was 93+/-7% at 0:8+/-1:8 false positives per patient on average. The detection accuracy was substantially higher that of a conventional CADe system. Our results indicate that serrated polyps can be detected automatically at high accuracy in CTC.

  3. Nuclear-power-plant perimeter-intrusion alarm systems

    Halsey, D.J.

    1982-04-01

    Timely intercept of an intruder requires the examination of perimeter barriers and sensors in terms of reliable detection, immediate assessment and prompt response provisions. Perimeter security equipment and operations must at the same time meet the requirements of the Code of Federal Regulations, 10 CFR 73.55 with some attention to the performance and testing figures of Nuclear Regulatory Guide 5.44, Revision 2, May 1980. A baseline system is defined which recommends a general approach to implementing perimeter security elements: barriers, lighting, intrusion detection, alarm assessment. The baseline approach emphasizes cost/effectiveness achieved by detector layering and logic processing of alarm signals to produce reliable alarms and low nuisance alarm rates. A cost benefit of layering along with video assessment is reduction in operating expense. The concept of layering is also shown to minimize testing costs where detectability performance as suggested by Regulatory Guide 5.44 is to be performed. Synthesis of the perimeter intrusion alarm system and limited testing of CCTV and Video Motion Detectors (VMD), were performed at E-Systems, Greenville Division, Greenville, Texas during 1981

  4. Pulmonary Emphysema in Cystic Fibrosis Detected by Densitometry on Chest Multidetector Computed Tomography

    Wielpütz, Mark O.; Weinheimer, Oliver; Eichinger, Monika; Wiebel, Matthias; Biederer, Jürgen; Kauczor, Hans-Ulrich; Heußel, Claus P.

    2013-01-01

    Background Histopathological studies on lung specimens from patients with cystic fibrosis (CF) and recent results from a mouse model indicate that emphysema may contribute to CF lung disease. However, little is known about the relevance of emphysema in patients with CF. In the present study, we used computationally generated density masks based on multidetector computed tomography (MDCT) of the chest for non-invasive characterization and quantification of emphysema in CF. Methods Volumetric MDCT scans were acquired in parallel to pulmonary function testing in 41 patients with CF (median age 20.1 years; range 7-66 years) and 21 non-CF controls (median age 30.4 years; range 4-68 years), and subjected to dedicated software. The lung was segmented, low attenuation volumes below a threshold of -950 Hounsfield units were assigned to emphysema volume (EV), and the emphysema index was computed (EI). Results were correlated with forced expiratory volume in 1 s percent predicted (FEV1%), residual volume (RV), and RV/total lung capacity (RV/TLC). Results We show that EV was increased in CF (457±530 ml) compared to non-CF controls (78±90 ml) (PEmphysema in CF was detected from early adolescence (~13 years) and increased with age (rs=0.67, Pemphysema detected by densitometry on chest MDCT is a characteristic pathology that contributes to airflow limitation and may serve as a novel endpoint for monitoring lung disease in CF. PMID:23991177

  5. Computer-aided detection in CT colonography: initial clinical experience using a prototype system

    Graser, A.; Geisbuesch, S.; Reiser, M.F.; Becker, C.R.; Kolligs, F.T.; Schaefer, C.; Mang, T.

    2007-01-01

    Computer-aided detection (CAD) algorithms help to detect colonic polyps at CT colonography (CTC). The purpose of this study was to evaluate the accuracy of CAD versus an expert reader in CTC. One hundred forty individuals (67 men, 73 women; mean age, 59 years) underwent screening 64-MDCT colonography after full cathartic bowel cleansing without fecal tagging. One expert reader interpreted supine and prone scans using a 3D workstation with integrated CAD used as ''second reader.'' The system's sensitivity for the detection of polyps, the number of false-positive findings, and its running time were evaluated. Polyps were classified as small (≤5 mm), medium (6-9 mm), and large (≥10 mm). A total of 118 polyps (small, 85; medium, 19; large, 14) were found in 56 patients. CAD detected 72 polyps (61%) with an average of 2.2 false-positives. Sensitivity was 51% (43/85) for small, 90% (17/19) for medium, and 86% (12/14) for large polyps. For all polyps, per-patient sensitivity was 89% (50/56) for the radiologist and 73% (41/56) for CAD. For large and medium polyps, per-patient sensitivity was 100% for the radiologist, and 96% for CAD. In conclusion, CAD shows high sensitivity in the detection of clinically significant polyps with acceptable false-positive rates. (orig.)

  6. Toward the automatic detection of coronary artery calcification in non-contrast computed tomography data.

    Brunner, Gerd; Chittajallu, Deepak R; Kurkure, Uday; Kakadiaris, Ioannis A

    2010-10-01

    Measurements related to coronary artery calcification (CAC) offer significant predictive value for coronary artery disease (CAD). In current medical practice CAC scoring is a labor-intensive task. The objective of this paper is the development and evaluation of a family of coronary artery region (CAR) models applied to the detection of CACs in coronary artery zones and sections. Thirty patients underwent non-contrast electron-beam computed tomography scanning. Coronary artery trajectory points as presented in the University of Houston heart-centered coordinate system were utilized to construct the CAR models which automatically detect coronary artery zones and sections. On a per-patient and per-zone basis the proposed CAR models detected CACs with a sensitivity, specificity and accuracy of 85.56 (± 15.80)%, 93.54 (± 1.98)%, and 85.27 (± 14.67)%, respectively while the corresponding values in the zones and segments based case were 77.94 (± 7.78)%, 96.57 (± 4.90)%, and 73.58 (± 8.96)%, respectively. The results of this study suggest that the family of CAR models provide an effective method to detect different regions of the coronaries. Further, the CAR classifiers are able to detect CACs with a mean sensitivity and specificity of 86.33 and 93.78%, respectively.

  7. Potential contribution of multiplanar reconstruction (MPR) to computer-aided detection of lung nodules on MDCT

    Matsumoto, Sumiaki; Ohno, Yoshiharu; Yamagata, Hitoshi; Nogami, Munenobu; Kono, Atsushi; Sugimura, Kazuro

    2012-01-01

    Purpose: To evaluate potential benefits of using multiplanar reconstruction (MPR) in computer-aided detection (CAD) of lung nodules on multidetector computed tomography (MDCT). Materials and methods: MDCT datasets of 60 patients with suspected lung nodules were retrospectively collected. Using “second-read” CAD, two radiologists (Readers 1 and 2) independently interpreted these datasets for the detection of non-calcified nodules (≥4 mm) with concomitant confidence rating. They did this task twice, first without MPR (using only axial images), and then 4 weeks later with MPR (using also coronal and sagittal MPR images), where the total reading time per dataset, including the time taken to assess the detection results of CAD software (CAD assessment time), was recorded. The total reading time and CAD assessment time without MPR and those with MPR were statistically compared for each reader. The radiologists’ performance for detecting nodules without MPR and the performance with MPR were compared using jackknife free-response receiver operating characteristic (JAFROC) analysis. Results: Compared to the CAD assessment time without MPR (mean, 69 s and 57 s for Readers 1 and 2), the CAD assessment time with MPR (mean, 46 s and 45 s for Readers 1 and 2) was significantly reduced (P < 0.001). For Reader 1, the total reading time was also significantly shorter in the case with MPR. There was no significant difference between the detection performances without MPR and with MPR. Conclusion: The use of MPR has the potential to improve the workflow in CAD of lung nodules on MDCT.

  8. Smart container UWB sensor system for situational awareness of intrusion alarms

    Romero, Carlos E.; Haugen, Peter C.; Zumstein, James M.; Leach, Jr., Richard R.; Vigars, Mark L.

    2013-06-11

    An in-container monitoring sensor system is based on an UWB radar intrusion detector positioned in a container and having a range gate set to the farthest wall of the container from the detector. Multipath reflections within the container make every point on or in the container appear to be at the range gate, allowing intrusion detection anywhere in the container. The system also includes other sensors to provide false alarm discrimination, and may include other sensors to monitor other parameters, e.g. radiation. The sensor system also includes a control subsystem for controlling system operation. Communications and information extraction capability may also be included. A method of detecting intrusion into a container uses UWB radar, and may also include false alarm discrimination. A secure container has an UWB based monitoring system

  9. Automated detection of heuristics and biases among pathologists in a computer-based system.

    Crowley, Rebecca S; Legowski, Elizabeth; Medvedeva, Olga; Reitmeyer, Kayse; Tseytlin, Eugene; Castine, Melissa; Jukic, Drazen; Mello-Thoms, Claudia

    2013-08-01

    The purpose of this study is threefold: (1) to develop an automated, computer-based method to detect heuristics and biases as pathologists examine virtual slide cases, (2) to measure the frequency and distribution of heuristics and errors across three levels of training, and (3) to examine relationships of heuristics to biases, and biases to diagnostic errors. The authors conducted the study using a computer-based system to view and diagnose virtual slide cases. The software recorded participant responses throughout the diagnostic process, and automatically classified participant actions based on definitions of eight common heuristics and/or biases. The authors measured frequency of heuristic use and bias across three levels of training. Biases studied were detected at varying frequencies, with availability and search satisficing observed most frequently. There were few significant differences by level of training. For representativeness and anchoring, the heuristic was used appropriately as often or more often than it was used in biased judgment. Approximately half of the diagnostic errors were associated with one or more biases. We conclude that heuristic use and biases were observed among physicians at all levels of training using the virtual slide system, although their frequencies varied. The system can be employed to detect heuristic use and to test methods for decreasing diagnostic errors resulting from cognitive biases.

  10. Perceived illness intrusion among patients on hemodialysis

    Bapat, Usha; Kedlaya, Prashanth G; Gokulnath

    2009-01-01

    Dialysis therapy is extremely stressful as it interferes with all spheres of daily activities of the patients. This study is aimed at understanding the perceived illness intrusion among patients on hemodialysis (HD) and to find the association between illness intrusion and patient demo-graphics as well as duration of dialysis. A cross sectional study involving 90 patients with chronic kidney disease (CKD) stage V, on HD was performed during the period from 2005 to 2006. The subjects included were above 18 years of age, willing, stable and on dialysis for at least two months. Patients with psychiatric co-morbidity were excluded. A semi-structured interview schedule covering sociodemographics and a 13 item illness intrusion checklist covering the various aspects of life was carried out. The study patients were asked to rate the illness intrusion and the extent. The data were analyzed statistically. The mean age of the subjects was 50.28 + - 13.69 years, males were predominant (85%), 73% were married, 50% belonged to Hindu religion, 25% had pre-degree education, 25% were employed and 22% were housewives. About 40% and 38% of the study patients belonged to middle and upper socio-economic strata respectively; 86% had urban background and lived in nuclear families. The mean duration on dialysis was 24 + - 29.6 months. All the subjects reported illness intrusion to a lesser or greater extent in various areas including: health (44%), work (70%) finance (55%), diet (50%) sexual life (38%) and psychological status (25%). Illness had not intruded in areas of relationship with spouse (67%), friends (76%), family (79%), social (40%) and religious functions (72%). Statistically significant association was noted between illness intrusion and occupation (P= 0.02). (author)

  11. Perceived illness intrusion among patients on hemodialysis

    Bapat Usha

    2009-01-01

    Full Text Available Dialysis therapy is extremely stressful as it interferes with all spheres of daily acti-vities of the patients. This study is aimed at understanding the perceived illness intrusion among pa-tients on hemodialysis (HD and to find the association between illness intrusion and patient demo-graphics as well as duration of dialysis. A cross sectional study involving 90 patients with chronic kidney disease (CKD stage V, on HD was performed during the period from 2005 to 2006. The subjects included were above 18 years of age, willing, stable and on dialysis for at least two months. Patients with psychiatric co-morbidity were excluded. A semi-structured interview schedule covering socio-demographics and a 13 item illness intrusion checklist covering the various aspects of life was ca-rried out. The study patients were asked to rate the illness intrusion and the extent. The data were ana-lyzed statistically. The mean age of the subjects was 50.28 ± 13.69 years, males were predominant (85%, 73% were married, 50% belonged to Hindu religion, 25% had pre-degree education, 25% were employed and 22% were housewives. About 40% and 38% of the study patients belonged to middle and upper socio-economic strata respectively; 86% had urban background and lived in nuclear fami-lies. The mean duration on dialysis was 24 ± 29.6 months. All the subjects reported illness intrusion to a lesser or greater extent in various areas including: health (44%, work (70% finance (55%, diet (50% sexual life (38% and psychological status (25%. Illness had not intruded in areas of rela-tionship with spouse (67%, friends (76%, family (79%, social (40% and religious functions (72%. Statistically significant association was noted between illness intrusion and occupation (P= 0.02.

  12. Relationship between vapor intrusion and human exposure to trichloroethylene.

    Archer, Natalie P; Bradford, Carrie M; Villanacci, John F; Crain, Neil E; Corsi, Richard L; Chambers, David M; Burk, Tonia; Blount, Benjamin C

    2015-01-01

    Trichloroethylene (TCE) in groundwater has the potential to volatilize through soil into indoor air where it can be inhaled. The purpose of this study was to determine whether individuals living above TCE-contaminated groundwater are exposed to TCE through vapor intrusion. We examined associations between TCE concentrations in various environmental media and TCE concentrations in residents. For this assessment, indoor air, outdoor air, soil gas, and tap water samples were collected in and around 36 randomly selected homes; blood samples were collected from 63 residents of these homes. Additionally, a completed exposure survey was collected from each participant. Environmental and blood samples were analyzed for TCE. Mixed model multiple linear regression analyses were performed to determine associations between TCE in residents' blood and TCE in indoor air, outdoor air, and soil gas. Blood TCE concentrations were above the limit of quantitation (LOQ; ≥ 0.012 µg L(-1)) in 17.5% of the blood samples. Of the 36 homes, 54.3%, 47.2%, and >84% had detectable concentrations of TCE in indoor air, outdoor air, and soil gas, respectively. Both indoor air and soil gas concentrations were statistically significantly positively associated with participants' blood concentrations (P = 0.0002 and P = 0.04, respectively). Geometric mean blood concentrations of residents from homes with indoor air concentrations of >1.6 µg m(-3) were approximately 50 times higher than geometric mean blood TCE concentrations in participants from homes with no detectable TCE in indoor air (P < .0001; 95% CI 10.4-236.4). This study confirms the occurrence of vapor intrusion and demonstrates the magnitude of exposure from vapor intrusion of TCE in a residential setting.

  13. Computer-Aided Detection of Malignant Lung Nodules on Chest Radiographs: Effect on Observers' Performance

    Lee, Kyung Hee; Goo, Jin Mo; Park, Chang Min; Lee, Hyun Ju; Jin, Kwang Nam

    2012-01-01

    To evaluate the effect of computer-aided detection (CAD) system on observer performance in the detection of malignant lung nodules on chest radiograph. Two hundred chest radiographs (100 normal and 100 abnormal with malignant solitary lung nodules) were evaluated. With CT and histological confirmation serving as a reference, the mean nodule size was 15.4 mm (range, 7-20 mm). Five chest radiologists and five radiology residents independently interpreted both the original radiographs and CAD output images using the sequential testing method. The performances of the observers for the detection of malignant nodules with and without CAD were compared using the jackknife free-response receiver operating characteristic analysis. Fifty-nine nodules were detected by the CAD system with a false positive rate of 1.9 nodules per case. The detection of malignant lung nodules significantly increased from 0.90 to 0.92 for a group of observers, excluding one first-year resident (p = 0.04). When lowering the confidence score was not allowed, the average figure of merit also increased from 0.90 to 0.91 (p = 0.04) for all observers after a CAD review. On average, the sensitivities with and without CAD were 87% and 84%, respectively; the false positive rates per case with and without CAD were 0.19 and 0.17, respectively. The number of additional malignancies detected following true positive CAD marks ranged from zero to seven for the various observers. The CAD system may help improve observer performance in detecting malignant lung nodules on chest radiographs and contribute to a decrease in missed lung cancer.

  14. Detection of Steganography-Producing Software Artifacts on Crime-Related Seized Computers

    Asawaree Kulkarni

    2009-06-01

    Full Text Available Steganography is the art and science of hiding information within information so that an observer does not know that communication is taking place. Bad actors passing information using steganography are of concern to the national security establishment and law enforcement. An attempt was made to determine if steganography was being used by criminals to communicate information. Web crawling technology was used and images were downloaded from Web sites that were considered as likely candidates for containing information hidden using steganographic techniques. A detection tool was used to analyze these images. The research failed to demonstrate that steganography was prevalent on the public Internet. The probable reasons included the growth and availability of large number of steganography-producing tools and the limited capacity of the detection tools to cope with them. Thus, a redirection was introduced in the methodology and the detection focus was shifted from the analysis of the ‘product’ of the steganography-producing software; viz. the images, to the 'artifacts’ left by the steganography-producing software while it is being used to generate steganographic images. This approach was based on the concept of ‘Stego-Usage Timeline’. As a proof of concept, a sample set of criminal computers was scanned for the remnants of steganography-producing software. The results demonstrated that the problem of ‘the detection of the usage of steganography’ could be addressed by the approach adopted after the research redirection and that certain steganographic software was popular among the criminals. Thus, the contribution of the research was in demonstrating that the limitations of the tools based on the signature detection of steganographically altered images can be overcome by focusing the detection effort on detecting the artifacts of the steganography-producing tools.

  15. Automatic epileptic seizure detection in EEGs using MF-DFA, SVM based on cloud computing.

    Zhang, Zhongnan; Wen, Tingxi; Huang, Wei; Wang, Meihong; Li, Chunfeng

    2017-01-01

    Epilepsy is a chronic disease with transient brain dysfunction that results from the sudden abnormal discharge of neurons in the brain. Since electroencephalogram (EEG) is a harmless and noninvasive detection method, it plays an important role in the detection of neurological diseases. However, the process of analyzing EEG to detect neurological diseases is often difficult because the brain electrical signals are random, non-stationary and nonlinear. In order to overcome such difficulty, this study aims to develop a new computer-aided scheme for automatic epileptic seizure detection in EEGs based on multi-fractal detrended fluctuation analysis (MF-DFA) and support vector machine (SVM). New scheme first extracts features from EEG by MF-DFA during the first stage. Then, the scheme applies a genetic algorithm (GA) to calculate parameters used in SVM and classify the training data according to the selected features using SVM. Finally, the trained SVM classifier is exploited to detect neurological diseases. The algorithm utilizes MLlib from library of SPARK and runs on cloud platform. Applying to a public dataset for experiment, the study results show that the new feature extraction method and scheme can detect signals with less features and the accuracy of the classification reached up to 99%. MF-DFA is a promising approach to extract features for analyzing EEG, because of its simple algorithm procedure and less parameters. The features obtained by MF-DFA can represent samples as well as traditional wavelet transform and Lyapunov exponents. GA can always find useful parameters for SVM with enough execution time. The results illustrate that the classification model can achieve comparable accuracy, which means that it is effective in epileptic seizure detection.

  16. Magmatic intrusions in the lunar crust

    Michaut, C.; Thorey, C.

    2015-10-01

    The lunar highlands are very old, with ages covering a timespan between 4.5 to 4.2 Gyr, and probably formed by flotation of light plagioclase minerals on top of the lunar magma ocean. The lunar crust provides thus an invaluable evidence of the geological and magmatic processes occurring in the first times of the terrestrial planets history. According to the last estimates from the GRAIL mission, the lunar primary crust is particularly light and relatively thick [1] This low-density crust acted as a barrier for the dense primary mantle melts. This is particularly evident in the fact that subsequent mare basalts erupted primarily within large impact basin: at least part of the crust must have been removed for the magma to reach the surface. However, the trajectory of the magma from the mantle to the surface is unknown. Using a model of magma emplacement below an elastic overlying layer with a flexural wavelength Λ, we characterize the surface deformations induced by the presence of shallow magmatic intrusions. We demonstrate that, depending on its size, the intrusion can show two different shapes: a bell shape when its radius is smaller than 4 times Λ or a flat top with small bended edges if its radius is larger than 4 times Λ[2]. These characteristic shapes for the intrusion result in characteristic deformations at the surface that also depend on the topography of the layer overlying the intrusion [3].Using this model we provide evidence of the presence of intrusions within the crust of the Moon as surface deformations in the form of low-slope lunar domes and floor-fractured craters. All these geological features have morphologies consistent with models of magma spreading at depth and deforming an overlying elastic layer. Further more,at floor-fractured craters, the deformation is contained within the crater interior, suggesting that the overpressure at the origin of magma ascent and intrusion was less than the pressure due to the weight of the crust removed by

  17. Adaptive intrusion data system (AIDS) software routines

    Corlis, N.E.

    1980-07-01

    An Adaptive Intrusion Data System (AIDS) was developed to collect information from intrusion alarm sensors as part of an evaluation system to improve sensor performance. AIDS is a unique digital data-compression, storage, and formatting system; it also incorporates a capability for video selection and recording for assessment of the sensors monitored by the system. The system is software reprogrammable to numerous configurations that may be used for the collection of environmental, bilevel, analog, and video data. This report describes the software routines that control the different AIDS data-collection modes, the diagnostic programs to test the operating hardware, and the data format. Sample data printouts are also included

  18. Modern Approaches to the Computation of the Probability of Target Detection in Cluttered Environments

    Meitzler, Thomas J.

    The field of computer vision interacts with fields such as psychology, vision research, machine vision, psychophysics, mathematics, physics, and computer science. The focus of this thesis is new algorithms and methods for the computation of the probability of detection (Pd) of a target in a cluttered scene. The scene can be either a natural visual scene such as one sees with the naked eye (visual), or, a scene displayed on a monitor with the help of infrared sensors. The relative clutter and the temperature difference between the target and background (DeltaT) are defined and then used to calculate a relative signal -to-clutter ratio (SCR) from which the Pd is calculated for a target in a cluttered scene. It is shown how this definition can include many previous definitions of clutter and (DeltaT). Next, fuzzy and neural -fuzzy techniques are used to calculate the Pd and it is shown how these methods can give results that have a good correlation with experiment. The experimental design for actually measuring the Pd of a target by observers is described. Finally, wavelets are applied to the calculation of clutter and it is shown how this new definition of clutter based on wavelets can be used to compute the Pd of a target.

  19. Experimental Study of Nuclear Security System Components for Achieving the Intrusion Process via Sensor's Network System

    EL-Kafas, A.A.

    2011-01-01

    Cluster sensors are one of nuclear security system components which are used to detect any intrusion process of the nuclear sites. In this work, an experimental measuring test for sensor performance and procedures are presented. Sensor performance testing performed to determine whether a particular sensor will be acceptable in a proposed design. We have access to a sensors test field in which the sensor of interest is already properly installed and the parameters have been set to optimal levels by preliminary testing. The glass-breakage (G.B) and open door (O.D) sensors construction, operation and design for the investigated nuclear site are explained. Intrusion tests were carried out inside the field areas of the sensors to evaluate the sensor performance during the intrusion process. Experimental trials were performed for achieving the intrusion process via sensor network system. The performance and intrusion senses of cluster sensors inside the internal zones was recorded and evaluated. The obtained results explained that the tested and experimented G.B sensors have a probability of detection P (D) value 65% founded, and 80% P (D) of Open-door sensor

  20. Diagnostic ability of Barrett's index to detect dysthyroid optic neuropathy using multidetector computed tomography

    Monteiro, Mario L.R.; Goncalves, Allan C.P.; Silva, Carla T.M.; Moura, Janete P.; Ribeiro, Carolina S.; Gebrim, Eloisa M.M.S.; Universidade de Sao Paulo; Universidade de Sao Paulo

    2008-01-01

    Objectives: The objective of this study was to evaluate the ability of a muscular index (Barrett's Index), calculated with multidetector computed tomography, to detect dysthyroid optic neuropathy in patients with Graves' orbitopathy. Methods: Thirty-six patients with Graves' orbitopathy were prospectively studied and submitted to neuro-ophthalmic evaluation and multidetector computed tomography scans of the orbits. Orbits were divided into two groups: those with and without dysthyroid optic neuropathy. Barrett's index was calculated as the percentage of the orbit occupied by muscles. Sensitivity and specificity were determined for several index values. Results: Sixty-four orbits (19 with and 45 without dysthyroid optic neuropathy) met the inclusion criteria for the study. The mean Barrett's index values (±SD) were 64.47% ± 6.06% and 49.44% ± 10.94% in the groups with and without dysthyroid optic neuropathy, respectively (p 60% should be carefully examined and followed for the development of dysthyroid optic neuropathy. (author)