scholarly journals An Information Theoretic Image Steganalysis for LSB Steganography

2020 ◽  
Author(s):  
Sonam Chhikara ◽  
Rajeev Kumar
Keyword(s):  
Detection Rate ◽  
Information Gain ◽  
Attack Detection ◽  
False Alarms ◽  
Detection Accuracy ◽  
Joint Entropy ◽  
Ensemble Classifiers ◽  
Stego Image ◽  
Reliability Performance ◽  
Embedded Image

Steganography hides the data within a media file in an imperceptible way. Steganalysis exposes steganography by using detection measures. Traditionally, Steganalysis revealed steganography by targeting perceptible and statistical properties which results in developing secure steganography schemes. In this work, we target LSB image steganography by using entropy and joint entropy metrics for steganalysis. First, the Embedded image is processed for feature extraction then analyzed by entropy and joint entropy with their corresponding original image. Second, SVM and Ensemble classifiers are trained according to the analysis results. The decision of classifiers discriminates cover image from stego image. This scheme is further applied on attacked stego image for checking detection reliability. Performance evaluation of proposed scheme is conducted over grayscale image datasets. We analyzed LSB embedded images by Comparing information gain from entropy and joint entropy metrics. Results conclude that entropy of the suspected image is more preserving than joint entropy. As before histogram attack, detection rate with entropy metric is 70% and 98% with joint entropy metric. However after an attack, entropy metric ends with 30% detection rate while joint entropy metric gives 93% detection rate. Therefore, joint entropy proves to be better steganalysis measure with 93% detection accuracy and less false alarms with varying hiding ratio.

scholarly journals Steganographic Tool Detection using Specific Composite Feature Set and Weighted Decision Function

2019 ◽  
Vol 8 (2S3) ◽  
pp. 612-618
Keyword(s):  
Decision Function ◽  
Communication Process ◽  
Detection Accuracy ◽  
Ensemble Classifiers ◽  
Stego Image ◽  
Class A ◽  
Composite Feature ◽  
Statistical Steganalysis ◽  
Active Steganalysis

Steganographic tools available in the internet and other commercial steganographic tools are preferred than customized steganographic tools developed from scratch by unlawful groups. Hence a clue regarding the steganographic tool deployed in the covert communication process can save time for the steganalyst in the crucial active steganalysis phase. Signature analysis can lead to success in targeted steganalysis but tool detection needs to be taken forward from a point with a suspicious stego image in hand with no additional details available. In such scenarios, statistical steganalysis comes to rescue but with issues to be addressed like huge dimensionality of feature sets and complex ensemble classifiers. This work accomplishes tool detection with a specific composite feature set identified to distinguish one stego tool from the others with a weighted decision function to enhance the role of the specific feature set when it votes for a particular class. A tool detection accuracy of 85.25% has been achieved simultaneously addressing feature set dimensionality and complexity of ensemble classifiers and a comparison with a benchmark procedure has been made

scholarly journals An Improved Anomalous Intrusion Detection Model

2019 ◽  
Vol 4 (2) ◽  
Author(s):  
Bodunde O Akinyemi ◽  
Johnson B Adekunle ◽  
Temitope A Aladesanmi ◽  
Adesola G Aderounmu ◽  
Beman H Kamagate
Keyword(s):  
Intrusion Detection ◽  
Network Traffic ◽  
Clustering Algorithm ◽  
Information Gain ◽  
Attack Detection ◽  
Detection Accuracy ◽  
Cyber Attack ◽  
Network Resources ◽  
Detection Model ◽  
Normal Network

The volume of cyber-attack targeting network resources within the cyberspace is steadily increasing and evolving. Network intrusions compromise the confidentiality, integrity or availability of network resources causing reputational damage and the consequential financial loss. One of the key cyber-defense tools against these attacks is the Intrusion Detection System. Existing anomalous intrusion detection models often misclassified normal network traffics as attacks while minority attacks go undetected due to an extreme imbalance in network traffic data. This leads to a high false positive and low detection rate. This study focused on improving the detection accuracy by addressing the class imbalanced problem which is often associated with network traffic dataset. Live network traffic packets were collected within the test case environment with Wireshark during normal network activities, Syncflood attack, slowhttppost attack and exploitation of known vulnerabilities on a targeted machine. Fifty-two features including forty-two features similar to Knowledge Discovery in Database (KDD ’99) intrusion detection dataset were extracted from the packet meta-data using Spleen tool. The features were normalized with min-max normalization algorithm and Information Gain algorithm was used to select the best discriminatory features from the feature space. An anomalous intrusion detection model was formulated by a cascade of k-means clustering algorithm and random-forest classifier. The proposed model was simulated and its performance was evaluated using detection accuracy, sensitivity, and specificity as metrics. The result of the evaluation showed 10% higher detection accuracy, 29% sensitivity, and 0.2% specificity than the existing model. Keywords— anomalous, cyber-attack, Detection, Intrusion

scholarly journals Improving Image Steganalyser Performance using Second Order SPAM Features Extracting through Contourlet Transform

2019 ◽  
Vol 9 (1S3) ◽  
pp. 137-143
Keyword(s):  
Detection Rate ◽  
Image Features ◽  
Second Order ◽  
Contourlet Transform ◽  
Support Vector ◽  
Detection Accuracy ◽  
Accuracy Rate ◽  
Stego Image ◽  
Natural Noise ◽  
Feature Based

The major challenge posed by feature based blind steganalysers is the scheming of useful image features, which offers true existence of the stego noise rather than the natural noise in the images. Despite hundreds of features being applied in the real time implementation, only low detection accuracy could be achieved. Hence, this paper proposes a new model for detecting the stego image coupled with an examination of the task by applying a two-step process. (a) Extraction of the second order SPAM (Subtractive Pixel Adjacency Matrix) as features and the second order SPAM features of coefficients and co-occurrence matrices of sub band images from the contourlet transform. (b) Implementation of the system, based on an efficient classifier, Support Vector Machine which is capable of providing the higher detection rate than the existing classifers. Full- fledged experimentation with huge database of clean and steganogram images produced from seven steganographic schemes with varying embedding rates, and using five steganalysers were carried out in this study. The study shows that the proposed paradigm enhances the detection accuracy rate substantially and validates its efficiency with its better performance even at low embedding rates.

scholarly journals An Efficient Algorithm for the Detection of Exposed and Hidden Wormhole Attack

2016 ◽  
Vol 35 (3) ◽  
pp. 359-372
Author(s):  
Zubair Ahmed Khan ◽  
Saeed-ur - Rehman ◽  
Muhammad Hasan Islam
Keyword(s):  
Detection Rate ◽  
Ad Hoc ◽  
Time Synchronization ◽  
False Alarms ◽  
Delivery Ratio ◽  
Detection Accuracy ◽  
Wormhole Attack ◽  
Resource Requirements ◽  
Secure Networks ◽  
Hoc Networks

MANETs (Mobile Ad Hoc Networks) are slowly integrating into our everyday lives, their most prominent uses are visible in the disaster and war struck areas where physical infrastructure is almost impossible or very hard to build. MANETs like other networks are facing the threat of malicious users and their activities. A number of attacks have been identified but the most severe of them is the wormhole attack which has the ability to succeed even in case of encrypted traffic and secure networks. Once wormhole is launched successfully, the severity increases by the fact that attackers can launch other attacks too. This paper presents a comprehensive algorithm for the detection of exposed as well as hidden wormhole attack while keeping the detection rate to maximum and at the same reducing false alarms. The algorithm does not require any extra hardware, time synchronization or any special type of nodes. The architecture consists of the combination of Routing Table, RTT (Round Trip Time) and RSSI (Received Signal Strength Indicator) for comprehensive detection of wormhole attack. The proposed technique is robust, light weight, has low resource requirements and provides real-time detection against the wormhole attack. Simulation results show that the algorithm is able to provide a higher detection rate, packet delivery ratio, negligible false alarms and is also better in terms of Ease of Implementation, Detection Accuracy/ Speed and processing overhead.

Analysis of Feature Selection and Ensemble Classifier Methods for Intrusion Detection

2018 ◽  
Vol 7 (1) ◽  
pp. 57-72
Author(s):  
H.P. Vinutha ◽  
Poornima Basavaraju
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Detection Rate ◽  
Information Gain ◽  
False Positive Rate ◽  
Ensemble Classifier ◽  
Ensemble Classification ◽  
Chi Square ◽  
Traffic Pattern ◽  
Data Mining Algorithms

Day by day network security is becoming more challenging task. Intrusion detection systems (IDSs) are one of the methods used to monitor the network activities. Data mining algorithms play a major role in the field of IDS. NSL-KDD'99 dataset is used to study the network traffic pattern which helps us to identify possible attacks takes place on the network. The dataset contains 41 attributes and one class attribute categorized as normal, DoS, Probe, R2L and U2R. In proposed methodology, it is necessary to reduce the false positive rate and improve the detection rate by reducing the dimensionality of the dataset, use of all 41 attributes in detection technology is not good practices. Four different feature selection methods like Chi-Square, SU, Gain Ratio and Information Gain feature are used to evaluate the attributes and unimportant features are removed to reduce the dimension of the data. Ensemble classification techniques like Boosting, Bagging, Stacking and Voting are used to observe the detection rate separately with three base algorithms called Decision stump, J48 and Random forest.

A New Approach to Pipeline Leak Detection Using Electromagnetic Sensing

2016 ◽  
Author(s):  
Chris Dawson ◽  
Stuart Inkpen ◽  
Chris Nolan ◽  
David Bonnell
Keyword(s):  
Leak Detection ◽  
False Alarms ◽  
Detection Accuracy ◽  
Minimal Risk ◽  
Detection Systems ◽  
Acoustic Signatures ◽  
Cost System ◽  
Trade Offs ◽  
In Situ Sensors ◽  
Operational Range

Many different approaches have been adopted for identifying leaks in pipelines. Leak detection systems, however, generally suffer from a number of difficulties and limitations. For existing and new pipelines, these inevitably force significant trade-offs to be made between detection accuracy, operational range, responsiveness, deployment cost, system reliability, and overall effectiveness. Existing leak detection systems frequently rely on the measurement of secondary effects such as temperature changes, acoustic signatures or flow differences to infer the existence of a leak. This paper presents an alternative approach to leak detection employing electromagnetic measurements of the material in the vicinity of the pipeline that can potentially overcome some of the difficulties encountered with existing approaches. This sensing technique makes direct measurements of the material near the pipeline resulting in reliable detection and minimal risk of false alarms. The technology has been used successfully in other industries to make critical measurements of materials under challenging circumstances. A number of prototype sensors were constructed using this technology and they were tested by an independent research laboratory. The test results show that sensors based on this technique exhibit a strong capability to detect oil, and to distinguish oil from water (a key challenge with in-situ sensors).

scholarly journals RICNN: A ResNet&Inception convolutional neural network for intrusion detection of abnormal traffic

2021 ◽  
pp. 55-55
Author(s):  
Benhui Xia ◽  
Dezhi Han ◽  
Ximing Yin ◽  
Gao Na
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Convolutional Neural Network ◽  
Detection Rate ◽  
Recognition Rate ◽  
Identification Accuracy ◽  
Detection Accuracy ◽  
Traffic Classification ◽  
High Detection Rate ◽  
Network Intrusion

To secure cloud computing and outsourced data while meeting the requirements of automation, many intrusion detection schemes based on deep learn ing are proposed. Though the detection rate of many network intrusion detection solutions can be quite high nowadays, their identification accuracy on imbalanced abnormal network traffic still remains low. Therefore, this paper proposes a ResNet &Inception-based convolutional neural network (RICNN) model to abnormal traffic classification. RICNN can learn more traffic features through the Inception unit, and the degradation problem of the network is eliminated through the direct map ping unit of ResNet, thus the improvement of the model?s generalization ability can be achievable. In addition, to simplify the network, an improved version of RICNN, which makes it possible to reduce the number of parameters that need to be learnt without degrading identification accuracy, is also proposed in this paper. The experimental results on the dataset CICIDS2017 show that RICNN not only achieves an overall accuracy of 99.386% but also has a high detection rate across different categories, especially for small samples. The comparison experiments show that the recognition rate of RICNN outperforms a variety of CNN models and RNN models, and the best detection accuracy can be achieved.

scholarly journals A feature selection algorithm combining information gain and multi-objective genetic search for intrusion detection system

2021 ◽  
Vol 336 ◽  
pp. 08008
Author(s):  
Tao Xie
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Information Gain ◽  
Detection System ◽  
Selection Algorithm ◽  
Feature Selection Algorithm ◽  
Genetic Search ◽  
Multi Objective

In order to improve the detection rate and speed of intrusion detection system, this paper proposes a feature selection algorithm. The algorithm uses information gain to rank the features in descending order, and then uses a multi-objective genetic algorithm to gradually search the ranking features to find the optimal feature combination. We classified the Kddcup98 dataset into five classes, DOS, PROBE, R2L, and U2R, and conducted numerous experiments on each class. Experimental results show that for each class of attack, the proposed algorithm can not only speed up the feature selection, but also significantly improve the detection rate of the algorithm.

scholarly journals Bacterial colonies detecting and counting based on enhanced CNN detection method

2021 ◽  
Vol 233 ◽  
pp. 02012
Author(s):  
Shousheng Liu ◽  
Zhigang Gai ◽  
Xu Chai ◽  
Fengxiang Guo ◽  
Mei Zhang ◽  
...  
Keyword(s):  
Target Detection ◽  
Error Detection ◽  
Detection Rate ◽  
Detection Method ◽  
Difficult Problem ◽  
Detection Methods ◽  
Detection Accuracy ◽  
Detection Model ◽  
Confidence Threshold ◽  
Small Targets

Bacterial colonies detecting and counting is tedious and time-consuming work. Fortunately CNN (convolutional neural network) detection methods are effective for target detection. The bacterial colonies are a kind of small targets, which have been a difficult problem in the field of target detection technology. This paper proposes a small target enhancement detection method based on double CNNs, which can not only improve the detection accuracy, but also maintain the detection speed similar to the general detection model. The detection method uses double CNNs. The first CNN uses SSD_MOBILENET_V1 network with both target positioning and target recognition functions. The candidate targets are screened out with a low confidence threshold, which can ensure no missing detection of small targets. The second CNN obtains candidate target regions according to the first round of detection, intercepts image sub-blocks one by one, uses the MOBILENET_V1 network to filter out targets with a higher confidence threshold, which can ensure good detection of small targets. Through the two-round enhancement detection method has been transplanted to the embedded platform NVIDIA Jetson AGX Xavier, the detection accuracy of small targets is significantly improved, and the target error detection rate and missed detection rate are reduced to less than 1%.

Sign in / Sign up

Export Citation Format

Share Document