Efficacy Improvement of Anomaly Detection by Using Intelligence Sharing Scheme

Tahir, Muhammad Faizan; Li, Mingchu; Ayoub, Naeem; Aamir, Muhammad

doi:10.3390/app9030364

Cited by 6 publications

(2 citation statements)

References 34 publications

(39 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, machine learning has not been applied to radioactive source search scenarios, which shares many parallels with domains within computer security. A central factor for deploying machine learning in securitysensitive domains is feature scaling [23,30,31]. In network intrusion detection, there are many different kinds of features, which can contain outliers that can negatively affect standardization [30].…”

Section: Problem Definitionmentioning

confidence: 99%

Improving Radioactive Material Localization by Leveraging Cyber-Security Model Optimizations

Sheatsley¹,

Durbin²,

Lintereur³

et al. 2022

Preprint

View full text Add to dashboard Cite

One of the principal uses of physical-space sensors in public safety applications is the detection of unsafe conditions (e.g., release of poisonous gases, weapons in airports, tainted food). However, current detection methods in these applications are often costly, slow to use, and can be inaccurate in complex, changing, or new environments. In this paper, we explore how machine learning methods used successfully in cyber domains, such as malware detection, can be leveraged to substantially enhance physical space detection. We focus on one important exemplar application-the detection and localization of radioactive materials. We show that the ML-based approaches can significantly exceed traditional table-based approaches in predicting angular direction. Moreover, the developed models can be expanded to include approximations of the distance to radioactive material (a critical dimension that reference tables used in practice do not capture). With four and eight detector arrays, we collect counts of gamma-rays as features for a suite of machine learning models to localize radioactive material. We explore seven unique scenarios via simulation frameworks frequently used for radiation detection and with physical experiments using radioactive material in laboratory environments. We observe that our approach can outperform the standard table-based method, reducing the angular error by 37 % and reliably predicting distance within 2.4 %. In this way, we show that advances in cyber-detection provide substantial opportunities for enhancing detection in public safety applications and beyond.

show abstract

Section: Problem Definitionmentioning

confidence: 99%

Improving Radioactive Material Localization by Leveraging Cyber-Security Model Optimizations

Sheatsley¹,

Durbin²,

Lintereur³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Chandola et al [5] reviewed different types of anomalies, the different fields where anomaly detection is used, challenges of anomaly detection and algorithms that could be used for anomaly detection. The paper [6], mentioned that one of the main challenges of applying anomaly detection in the field of network security is that the nature of anomalies keeps changing with time and intruders try to adapt to evade detection.…”

Section: Related Work and State-of-the-artmentioning

confidence: 99%

A Novel Network user Behaviors and Profile Testing based on Anomaly Detection Techniques

Tahir

Xiao

et al. 2019

IJACSA

Self Cite

View full text Add to dashboard Cite

The proliferation of smart devices and computer networks has led to a huge rise in internet traffic and network attacks that necessitate efficient network traffic monitoring. There have been many attempts to address these issues; however, agile detecting solutions are needed. This research work deals with the problem of malware infections or detection is one of the most challenging tasks in modern computer security. In recent years, anomaly detection has been the first detection approach followed by results from other classifiers. Anomaly detection methods are typically designed to new model normal user behaviors and then seek for deviations from this model. However, anomaly detection techniques may suffer from a variety of problems, including missing validations for verification and a large number of false positives. This work proposes and describes a new profile-based method for identifying anomalous changes in network user behaviors. Profiles describe user behaviors from different perspectives using different flags. Each profile is composed of information about what the user has done over a period of time. The symptoms extracted in the profile cover a wide range of user actions and try to analyze different actions. Compared to other symptom anomaly detectors, the profiles offer a higher level of user experience. It is assumed that it is possible to look for anomalies using high-level symptoms while producing less false positives while effectively finding real attacks. Also, the problem of obtaining truly tagged data for training anomaly detection algorithms has been addressed in this work. It has been designed and created datasets that contain real normal user actions while the user is infected with real malware. These datasets were used to train and evaluate anomaly detection algorithms. Among the investigated algorithms for example, local outlier factor (LOF) and one class support vector machine (SVM). The results show that the proposed anomaly-based and profile-based algorithm causes very few false positives and relatively high true positive detection. The two main contributions of this work are a new approaches based on network anomaly detection and datasets containing a combination of genuine malware and actual user traffic. Finally, the future directions will focus on applying the proposed approaches for protecting the internet of things (IOT) devices.

show abstract

Imputation Method Based on Collaborative Filtering and Clustering for the Missing Data of the Squeeze Casting Process Parameters

Deng

Shan

et al. 2022

Integr Mater Manuf Innov

View full text Add to dashboard Cite

Efficacy Improvement of Anomaly Detection by Using Intelligence Sharing Scheme

Cited by 6 publications

References 34 publications

Improving Radioactive Material Localization by Leveraging Cyber-Security Model Optimizations

Improving Radioactive Material Localization by Leveraging Cyber-Security Model Optimizations

A Novel Network user Behaviors and Profile Testing based on Anomaly Detection Techniques

Imputation Method Based on Collaborative Filtering and Clustering for the Missing Data of the Squeeze Casting Process Parameters

Contact Info

Product

Resources

About