Adaptive and Lightweight Abnormal Node Detection via Biological Immune Game in Mobile Multimedia Networks

Considering the contradiction between limited node resources and high detection costs in mobile multimedia networks, an adaptive and lightweight abnormal node detection algorithm based on artificial immunity and game theory is proposed in order to balance the trade-off between network security and detection overhead. The algorithm can adapt to the highly dynamic mobile multimedia networking environment with a large number of heterogeneous nodes and multi-source big data. Specifically, the heterogeneous problem of nodes is solved based on the non-specificity of an immune algorithm. A niche strategy is used to identify dangerous areas, and antibody division generates an antibody library that can be updated online, so as to realize the dynamic detection of the abnormal behavior of nodes. Moreover, the priority of node recovery for abnormal nodes is decided through a game between nodes without causing excessive resource consumption for security detection. The results of comparative experiments show that the proposed algorithm has a relatively high detection rate and a low false-positive rate, can effectively reduce consumption time, and has good level of adaptability under the condition of dynamic nodes.

Download Full-text

Indoor Localisation through Probabilistic Ontologies

International Journal of Computers Communications & Control ◽

10.15837/ijccc.2018.6.3022 ◽

2018 ◽

Vol 13 (6) ◽

pp. 988-1006

Author(s):

Irina Mocanu ◽

Georgiana Scarlat ◽

Lucia Rusu ◽

Ionut Pandelica ◽

Bogdan Cramariuc

Keyword(s):

Object Recognition ◽

False Positive Rate ◽

Living Alone ◽

Main Aspect ◽

High Detection Rate ◽

High Detection ◽

Positive Rate ◽

Recognition Of Objects ◽

Probabilistic Ontology ◽

Indoor Localisation

For elderly people that are living alone in their homes there is a need to permanently monitor them. One of this aspect consist in knowing their indoor position and motion behavioural status, in real time. One possibility for indoor positioning of an user consists in understanding the images provided by supervising cameras. In this case the main aspect is represented by recognition of objects from these images. Thus, object recognition plays an essential part in understanding the environment and adding meaning to it. This paper presents a method for indoor localisation based on identifying the user’s context. The user’s context is computed based on object recognition and using a probabilistic ontology. The key element is represented by the probabilistic ontology that describes objects, scenes and relations between them. This ontology contains probabilistic relations that are learned using a large database. Results show that given a set of object detectors with high detection rate and low false positive rate, the system can recognize the user’s context with high accuracy.

Download Full-text

Contour Extraction of Flame for Fire Detection

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.383-390.1106 ◽

2011 ◽

Vol 383-390 ◽

pp. 1106-1110

Author(s):

Yun Yang Yan ◽

Shang Bing Gao ◽

Hong Yan Wang ◽

Zhi Bo Guo

Keyword(s):

False Positive ◽

Detection Rate ◽

False Positive Rate ◽

Fire Detection ◽

Video Sequences ◽

Contour Extraction ◽

High Detection Rate ◽

Contour Feature ◽

High Detection ◽

Positive Rate

Fire detection based on sequences of images is more suitable for the need in big room or badly environment. Color and contour are both the important features of a flame image. The method to extract the contour feature of a flame image is developed based on threshold of flame area. The edges of the burning flames jitter continuously, but their contour are similar each other. The method to detect flames in video sequences is proposed here based on flame’s dynamic contour. Many experiments show that the system is able to work well and get high detection rate with a low false positive rate.

Download Full-text

Hybrid Internal Anomaly Detection System for IoT: Reactive Nodes with Cross-Layer Operation

Security and Communication Networks ◽

10.1155/2018/3672698 ◽

2018 ◽

Vol 2018 ◽

pp. 1-15 ◽

Cited By ~ 4

Author(s):

Nanda Kumar Thanigaivelan ◽

Ethiopia Nigussie ◽

Seppo Virtanen ◽

Jouni Isoaho

Keyword(s):

Anomaly Detection ◽

False Positive ◽

Detection System ◽

False Positive Rate ◽

Security Analysis ◽

Abnormal Behavior ◽

Test Bed ◽

Positive Rate ◽

Parent Node ◽

Anomaly Detection System

We present a hybrid internal anomaly detection system that shares detection tasks between router and nodes. It allows nodes to react instinctively against the anomaly node by enforcing temporary communication ban on it. Each node monitors its own neighbors and if abnormal behavior is detected, the node blocks the packets of the anomaly node at link layer and reports the incident to its parent node. A novel RPL control message, Distress Propagation Object (DPO), is formulated and used for reporting the anomaly and network activities to the parent node and subsequently to the router. The system has configurable profile settings and is able to learn and differentiate between the nodes normal and suspicious activities without a need for prior knowledge. It has different subsystems and operation phases that are distributed in both the nodes and router, which act on data link and network layers. The system uses network fingerprinting to be aware of changes in network topology and approximate threat locations without any assistance from a positioning subsystem. The developed system was evaluated using test-bed consisting of Zolertia nodes and in-house developed PandaBoard based gateway as well as emulation environment of Cooja. The evaluation revealed that the system has low energy consumption overhead and fast response. The system occupies 3.3 KB of ROM and 0.86 KB of RAM for its operations. Security analysis confirms nodes reaction against abnormal nodes and successful detection of packet flooding, selective forwarding, and clone attacks. The system’s false positive rate evaluation demonstrates that the proposed system exhibited 5% to 10% lower false positive rate compared to simple detection system.

Download Full-text

ScoreNet: A neural network-based post-processing model for identifying epileptic seizure onset and offset in EEGs

10.1101/2020.12.21.423728 ◽

2020 ◽

Author(s):

Poomipat Boonyakitanont ◽

Apiwat Lek-uthai ◽

Jitkomut Songsiri

Keyword(s):

Neural Network ◽

Epileptic Seizure ◽

False Positive Rate ◽

Imbalanced Data ◽

Detection Algorithm ◽

Processing Technique ◽

Post Processing ◽

Scalp Eeg ◽

Positive Rate ◽

Eeg Recordings

AbstractThis article aims to design an automatic detection algorithm of epileptic seizure onsets and offsets in scalp EEGs. A proposed scheme consists of two sequential steps: the detection of seizure episodes, and the determination of seizure onsets and offsets in long EEG recordings. We introduce a neural network-based model called ScoreNet as a post-processing technique to determine the seizure onsets and offsets in EEGs. A cost function called a log-dice loss that has an analogous meaning to F1 is proposed to handle an imbalanced data problem. In combination with several classifiers including random forest, CNN, and logistic regression, the ScoreNet is then verified on the CHB-MIT Scalp EEG database. As a result, in seizure detection, the ScoreNet can significantly improve F1 to 70.15% and can considerably reduce false positive rate per hour to 0.05 on average. In addition, we propose detection delay metric, an effective latency index as a summation of the exponential of delays, that includes undetected events into account. The index can provide a better insight into onset and offset detection than conventional time-based metrics.

Download Full-text

IoT Dataset Validation Using Machine Learning Techniques for Traffic Anomaly Detection

Electronics ◽

10.3390/electronics10222857 ◽

2021 ◽

Vol 10 (22) ◽

pp. 2857

Author(s):

Laura Vigoya ◽

Diego Fernandez ◽

Victor Carneiro ◽

Francisco Nóvoa

Keyword(s):

Machine Learning ◽

Anomaly Detection ◽

False Positive Rate ◽

Machine Learning Techniques ◽

Support Vector ◽

High Detection Rate ◽

Security Vulnerabilities ◽

Smart Systems ◽

Learning Techniques ◽

Positive Rate

With advancements in engineering and science, the application of smart systems is increasing, generating a faster growth of the IoT network traffic. The limitations due to IoT restricted power and computing devices also raise concerns about security vulnerabilities. Machine learning-based techniques have recently gained credibility in a successful application for the detection of network anomalies, including IoT networks. However, machine learning techniques cannot work without representative data. Given the scarcity of IoT datasets, the DAD emerged as an instrument for knowing the behavior of dedicated IoT-MQTT networks. This paper aims to validate the DAD dataset by applying Logistic Regression, Naive Bayes, Random Forest, AdaBoost, and Support Vector Machine to detect traffic anomalies in IoT. To obtain the best results, techniques for handling unbalanced data, feature selection, and grid search for hyperparameter optimization have been used. The experimental results show that the proposed dataset can achieve a high detection rate in all the experiments, providing the best mean accuracy of 0.99 for the tree-based models, with a low false-positive rate, ensuring effective anomaly detection.

Download Full-text

A Secure Routing Scheme Against Malicious Nodes in Ad Hoc Networks

Security and Privacy in Smart Sensor Networks - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-5736-4.ch013 ◽

2018 ◽

pp. 284-307

Author(s):

Abdelaziz Amara Korba ◽

Mohamed Amine Ferrag

Keyword(s):

Ad Hoc Networks ◽

Ad Hoc ◽

False Positive Rate ◽

Secure Routing ◽

Malicious Nodes ◽

High Detection Rate ◽

Routing Scheme ◽

Wide Range ◽

Positive Rate ◽

Hoc Networks

This chapter proposes a new cluster-based secure routing scheme to detect and prevent intrusions in ad hoc networks. The proposed scheme combines both specification and anomaly detection techniques to provide an accurate detection of wide range of routing attacks. The proposed secure scheme provides an adaptive response mechanism to isolate malicious nodes from the network. A key advantage of the proposed secure scheme is its capacity to prevent wormhole and rushing attacks and its real-time detection of both known and unknown attacks which violate specification. The simulation results show that the proposed scheme shows high detection rate and low false positive rate compared to other security mechanisms.

Download Full-text

BANBAD

Network Security, Administration and Management ◽

10.4018/978-1-60960-777-7.ch013 ◽

2011 ◽

pp. 253-276

Author(s):

Rajeev Agrawal ◽

Chaoli Cai ◽

Ajay Gupta ◽

Rajib Paul ◽

Raed Salih

Keyword(s):

Energy Consumption ◽

Anomaly Detection ◽

False Alarm ◽

Joint Probability ◽

Detection Algorithm ◽

Abnormal Behavior ◽

Training Dataset ◽

Joint Probability Distribution ◽

High Detection ◽

Hoc Networks

Anomaly detection is an important aspect of any security mechanism. We present an efficient anomaly detection algorithm, named BANBAD. Using Belief Networks (BNs), the algorithm identifies abnormal behavior of a feature, like inappropriate energy consumption of a node in a network. By applying structure learning techniques to training dataset, BANBAD establishes a joint probability distribution among relevant features, such as average velocity, displacement, local computation and communication time, energy consumption, and response time of a node of the network. A directed acyclic graph (DAG) is used to represent the features and their dependencies. Using a training process, BANBAD maintains dynamic, updated profiles of network node behaviors and uses specific Bayesian inference algorithm to distinguish abnormal behavior during testing. BANBAD works especially well in ad hoc networks. Extensive simulation results demonstrate that a centralized BANBAD achieves low false alarm rates, below 5%, and high detection rates, greater than 95%. We also show that BANBAD detects anomaly efficiently and accurately in two real datasets. The key for achieving such high performance is bounding the false alarm rate at certain predefined threshold value. By fine-tuning at the threshold, we can achieve high detection rate as well.

Download Full-text

GroupFound: An effective approach to detect suspicious accounts in online social networks

International Journal of Distributed Sensor Networks ◽

10.1177/1550147717722499 ◽

2017 ◽

Vol 13 (7) ◽

pp. 155014771772249 ◽

Cited By ~ 2

Author(s):

Bo Feng ◽

Qiang Li ◽

Xiaowen Pan ◽

Jiahao Zhang ◽

Dong Guo

Keyword(s):

Social Networks ◽

Online Social Networks ◽

Social Relationship ◽

False Positive Rate ◽

High Detection Rate ◽

Sina Weibo ◽

Social Communities ◽

Positive Rate ◽

Local Graph ◽

Relationship Of

Online social networks are an important part of people’s life and also become the platform where spammers use suspicious accounts to spread malicious URLs. In order to detect suspicious accounts in online social networks, researchers make a lot of efforts. Most existing works mainly utilize machine learning based on features. However, once the spammers disguise the key features, the detection method will soon fail. Besides, such methods are unable to cope with the variable and unknown features. The works based on graph mainly use the location and social relationship of spammers, and they need to build a huge social graph, which leads to much computing cost. Thus, it is necessary to propose a lightweight algorithm which is hard to be evaded. In this article, we propose a lightweight algorithm GroupFound, which focuses on the structure of the local graph. As the bi-followers come from different social communities, we divide all accounts into different groups and compute the average number of accounts for these groups. We evaluate GroupFound on Sina Weibo dataset and find an appropriate threshold to identify suspicious accounts. Experimental results have demonstrated that our algorithm can accomplish a high detection rate of [Formula: see text] at a low false positive rate of [Formula: see text].

Download Full-text

Malicious Domain Names Detection Algorithm Based on N-Gram

Journal of Computer Networks and Communications ◽

10.1155/2019/4612474 ◽

2019 ◽

Vol 2019 ◽

pp. 1-9 ◽

Cited By ~ 2

Author(s):

Hong Zhao ◽

Zhaobin Chang ◽

Guangbin Bao ◽

Xiangyan Zeng

Keyword(s):

False Positive Rate ◽

False Negative ◽

False Negative Rate ◽

Detection Algorithm ◽

Internet Security ◽

Domain Name ◽

Domain Names ◽

Malicious Attack ◽

Positive Rate ◽

N Gram

Malicious domain name attacks have become a serious issue for Internet security. In this study, a malicious domain names detection algorithm based on N-Gram is proposed. The top 100,000 domain names in Alexa 2013 are used in the N-Gram method. Each domain name excluding the top-level domain is segmented into substrings according to its domain level with the lengths of 3, 4, 5, 6, and 7. The substring set of the 100,000 domain names is established, and the weight value of a substring is calculated according to its occurrence number in the substring set. To detect a malicious attack, the domain name is also segmented by the N-Gram method and its reputation value is calculated based on the weight values of its substrings. Finally, the judgment of whether the domain name is malicious is made by thresholding. In the experiments on Alexa 2017 and Malware domain list, the proposed detection algorithm yielded an accuracy rate of 94.04%, a false negative rate of 7.42%, and a false positive rate of 6.14%. The time complexity is lower than other popular malicious domain names detection algorithms.

Download Full-text

Efficient Half Face Detection System Based on Linear Binary Pattern

Journal of Computational and Theoretical Nanoscience ◽

10.1166/jctn.2020.8893 ◽

2020 ◽

Vol 17 (5) ◽

pp. 2342-2348

Author(s):

Ashutosh Upadhyay ◽

S. Vijayalakshmi

Keyword(s):

Face Detection ◽

Detection System ◽

False Positive Rate ◽

Computational Cost ◽

Detection Algorithm ◽

Data Set ◽

Computation Cost ◽

Face Features ◽

Positive Rate ◽

The Face

In the field of computer vision, face detection algorithms achieved accuracy to a great extent, but for the real time applications it remains a challenge to maintain the balance between the accuracy and efficiency i.e., to gain accuracy computational cost also increases to deal with the large data sets. This paper, propose half face detection algorithm to address the efficiency of the face detection algorithm. The full face detection algorithm consider complete face data set for training which incur more computation cost. To reduce the computation cost, proposed model captures the features of the half of the face by assuming that the human face is symmetric about the vertical axis passing through the nose and train the system using reduced half face features. The proposed algorithm extracts Linear Binary Pattern (LBP) features and train model using adaboost classifier. Algorithm performance is presented in terms of the accuracy i.e., True Positive Rate (TPR), False Positive Rate (FTR) and face recognition time complexity.

Download Full-text