This paper presents the modified exponential fitting test for automatically identifying malicious activities in honeypot data based on state of the art model order selection schemes. Model order selection (MOS) schemes are frequently applied in several signal processing applications, such as RADAR , SONAR, communications, channel modeling, medical imaging, and parameters estimation of dominant multipath components from MIMO channel measurements. "In this paper, we apply MOS schemes for the identification of malicious activity in honeypots." The proposed blind automatic techniques are efficient and need neither previous training nor knowledge of attack signatures for detecting malicious activities. In order to achieve such results an innovative approach is considered which models network traffic data as signals and noise allowing the application of signal processing methods. The model order selection schemes are adapted to process network data, showing that the Modified Exponential Fitting Test achieves the best performance and reliability in detecting attacks. The efficiency and accuracy of the theoretical results are tested on real data collected at a honeypot system located at the network border of a large banking institution in Latin America.
Resumo-Constitui uma prática comum aplicar técnicas de detecção de intrusos para detectar tráfego malicioso. Por conta do extenso número de vulnerabilidades em sistemas de informação e da grande criatividade dos invasores, torna-se cada vez mais necessário atualizar permanentemente as técnicas de detecção utilizadas. Portanto, é crucial operacionalizar um ambiente cibernético que propositadamente esteja preparado para ser invadido e comprometido, com a finalidade de permitir ao profissional de segurança analisar e verificar a evolução dos diversos tipos de ataques e vulnerabilidades exploradas por invasores. Este trabalho apresenta uma solução de segurança projetada especificamente para a pesquisa e a obtenção de informações de intrusos. Esse mesmo ambiente pode ser utilizado para a preservação de evidências de ataques para efeito forense.
Fraud detection is necessary for any financial system. However, the way of committing frauds and also for detecting them have evolved considerably in the lasts years, mainly due the development of new technologies. Therefore, fraud detection via statistical schemes has become an important tool to reduce the chances of frauds. In this paper, we present a study case applied to the tax collection per month of the Federal Patrimony Department (SPU). In this study case, we analyze some of the current methods for fraud detection, as Rule-Based Systems and Neural Networks classifiers, and propose the use of Neural Networks predictors for detecting fraud in time series data of the SPU.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.