Dataset Generation for Development of Multi-Node Cyber Threat Detection Systems

This paper presents a new approach to generate datasets for cyber threat research in a multi-node system. For this purpose, the proof-of-concept of such a system is implemented. The system will be used to collect unique datasets with examples of information hiding techniques. These techniques are not present in publicly available cyber threat detection datasets, while the cyber threats that use them represent an emerging cyber defense challenge worldwide. The network data were collected thanks to the development of a dedicated application that automatically generates random network configurations and runs scenarios of information hiding techniques. The generated datasets were used in the data-driven research workflow for cyber threat detection, including the generation of data representations (network flows), feature selection based on correlations, data augmentation of training datasets, and preparation of machine learning classifiers based on Random Forest and Multilayer Perceptron architectures. The presented results show the usefulness and correctness of the design process to detect information hiding techniques. The challenges and research directions to detect cyber deception methods are discussed in general in the paper.

Download Full-text

A Study on the Next Generation Security Control Model for Cyber Threat Detection in the Internet of Things (IoT) Environment

2021 21st ACIS International Winter Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD-Winter) ◽

10.1109/snpdwinter52325.2021.00053 ◽

2021 ◽

Author(s):

Wonhyung Park ◽

GwangHyun Ahn

Keyword(s):

Internet Of Things ◽

Control Model ◽

The Internet ◽

Threat Detection ◽

Next Generation ◽

Security Control ◽

Cyber Threat ◽

The Internet Of Things

Download Full-text

Data Augmentation for Roller Bearing Health Indicator Estimation Using Multi-Channel Frequency Data Representations

10.1115/detc2021-66701 ◽

2021 ◽

Author(s):

Jacob Hendriks ◽

Patrick Dumond

Keyword(s):

Data Augmentation ◽

Roller Bearing ◽

Health Indicators ◽

Remaining Useful Life ◽

Failure Data ◽

Data Representations ◽

Masking Noise ◽

Augmentation Techniques ◽

Added Benefit ◽

Useful Life

Abstract This paper demonstrates various data augmentation techniques that can be used when working with limited run-to-failure data to estimate health indicators related to the remaining useful life of roller bearings. The PRONOSTIA bearing prognosis dataset is used for benchmarking data augmentation techniques. The input to the networks are multi-dimensional frequency representations obtained by combining the spectra taken from two accelerometers. Data augmentation techniques are adapted from other machine learning fields and include adding Gaussian noise, region masking, masking noise, and pitch shifting. Augmented datasets are used in training a conventional CNN architecture comprising two convolutional and pooling layer sequences with batch normalization. Results from individually separating each bearing’s data for the purpose of validation shows that all methods, except pitch shifting, give improved validation accuracy on average. Masking noise and region masking both show the added benefit of dataset regularization by giving results that are more consistent after repeatedly training each configuration with new randomly generated augmented datasets. It is shown that gradually deteriorating bearings and bearings with abrupt failure are not treated significantly differently by the augmentation techniques.

Download Full-text

Facing disruptive technologies: aligning purchasing maturity to contingencies

Supply Chain Management An International Journal ◽

10.1108/scm-03-2018-0087 ◽

2019 ◽

Vol 24 (1) ◽

pp. 147-169 ◽

Cited By ~ 1

Author(s):

Britta Søgaard ◽

Heather Dawn Skipworth ◽

Michael Bourlakis ◽

Carlos Mena ◽

Richard Wilding

Keyword(s):

Strategic Alignment ◽

Future Research ◽

Research Directions ◽

Company Strategy ◽

New Approach ◽

Content Type ◽

Disruptive Technologies ◽

Future Research Directions ◽

Exploratory Case Studies ◽

Selection Of

PurposeThis paper aims to explore how purchasing could respond to disruptive technologies by examining the assumptions underlying purchasing strategic alignment and purchasing maturity through a contingency lens.Design/methodology/approachThis study uses a systematic review across purchasing maturity and purchasing strategic alignment literature. This is supplemented with exploratory case studies to include practitioners’ views.FindingsThis research demonstrates that neither purchasing maturity nor purchasing strategic alignment are suitable approaches to respond to disruptive technologies. Purchasing maturity does not allow purchasing managers to select relevant practices. It also shows no consideration of any contingencies, which practitioners highlight as important for the selection of practices. Purchasing strategic alignment includes the company strategy as a contingency but does not provide any practices to choose from. It does not include any other contextual contingencies considered important by practitioners. The findings indicate that linking the two research streams may provide a more suitable approach to responding to disruptive technologies.Research limitations/implicationsThis research demonstrates the requirement to develop a new approach to responding to disruptive technologies, by linking purchasing maturity and purchasing strategic alignment to contextual contingencies. This is a currently unexplored approach in academic literature, which refutes the generally accepted premise that higher maturity unilaterally supports a better positioning towards technological disruption. This research also highlights a requirement for practitioners to shift their approach to “best practices”.Originality/valueThis is the first research to systematically review the relationships between purchasing maturity and purchasing strategic alignment. It adds to contingency theory by suggesting that purchasing maturity models can support the achievement of strategic alignment. Also, future research directions are suggested to explore these relationships.

Download Full-text

A Systematic Survey on Deep Generative Models for Graph Generation

10.36227/techrxiv.12733037 ◽

2020 ◽

Author(s):

Xiaojie Guo ◽

Liang Zhao

Keyword(s):

Generative Models ◽

Future Research ◽

Specific Domain ◽

Research Directions ◽

Wide Range ◽

Data Representations ◽

Future Research Directions ◽

Definition Of ◽

Rich History ◽

Graph Generation

Graphs are important data representations for describing objects and their relationships, which appear in a wide diversity of real-world scenarios. As one of a critical problem in this area, graph generation considers learning the distributions of given graphs and generating more novel graphs. Owing to its wide range of applications, generative models for graphs have a rich history, which, however, are traditionally hand-crafted and only capable of modeling a few statistical properties of graphs. Recent advances in deep generative models for graph generation is an important step towards improving the fidelity of generated graphs and paves the way for new kinds of applications. This article provides an extensive overview of the literature in the field of deep generative models for graph generation. Firstly, the formal definition of deep generative models for the graph generation as well as preliminary knowledge is provided. Secondly, two taxonomies of deep generative models for unconditional, and conditional graph generation respectively are proposed; the existing works of each are compared and analyzed. After that, an overview of the evaluation metrics in this specific domain is provided. Finally, the applications that deep graph generation enables are summarized and five promising future research directions are highlighted.

Download Full-text

FastPacket: Towards Pre-trained Packets Embedding based on FastText for next-generation NIDS

10.21203/rs.3.rs-555961/v1 ◽

2021 ◽

Author(s):

Khloud Al Jallad

Keyword(s):

Big Data ◽

Deep Learning ◽

Language Processing ◽

Intrusion Detection Systems ◽

Dynamic Feature ◽

Statistical Features ◽

Text Data ◽

New Approach ◽

New Era ◽

Detection Systems

Abstract New Attacks are increasingly used by attackers every day but many of them are not detected by Intrusion Detection Systems as most IDS ignore raw packet information and only care about some basic statistical information extracted from PCAP files. Using networking programs to extract fixed statistical features from packets is good, but may not enough to detect nowadays challenges. We think that it is time to utilize big data and deep learning for automatic dynamic feature extraction from packets. It is time to get inspired by deep learning pre-trained models in computer vision and natural language processing, so security deep learning solutions will have its pre-trained models on big datasets to be used in future researches. In this paper, we proposed a new approach for embedding packets based on character-level embeddings, inspired by FastText success on text data. We called this approach FastPacket. Results are measured on subsets of CIC-IDS-2017 dataset, but we expect promising results on big data pre-trained models. We suggest building pre-trained FastPacket on MAWI big dataset and make it available to community, similar to FastText. To be able to outperform currently used NIDS, to start a new era of packet-level NIDS that can better detect complex attacks

Download Full-text

Supporting features for flow-level packet analysis towards cyber threat detection: a pilot study

International Journal of Information and Computer Security ◽

10.1504/ijics.2021.10040717 ◽

2021 ◽

Vol 16 (1/2) ◽

pp. 137

Author(s):

Shade O. Kuyoro ◽

Emmanuel C. Ogu ◽

Oludele Awodele ◽

Olusegun A. Ojesanmi

Keyword(s):

Pilot Study ◽

Threat Detection ◽

Cyber Threat

Download Full-text

Generalized Evidential Processing in Multiple Simultaneous Threat Detection in UNIX

Enhancing Enterprise and Service-Oriented Architectures with Advanced Web Portal Technologies ◽

10.4018/978-1-4666-0336-3.ch009 ◽

2012 ◽

pp. 104-120

Author(s):

Zafar Sultan ◽

Paul Kwan

Keyword(s):

Data Fusion ◽

Detection System ◽

Set Cover ◽

Threat Detection ◽

Fusion Model ◽

Detection Systems ◽

Size Groups ◽

On Line ◽

And Performance ◽

Statistical Data Fusion

In this paper, a hybrid identity fusion model at decision level is proposed for Simultaneous Threat Detection Systems. The hybrid model is comprised of mathematical and statistical data fusion engines; Dempster Shafer, Extended Dempster and Generalized Evidential Processing (GEP). Simultaneous Threat Detection Systems improve threat detection rate by 39%. In terms of efficiency and performance, the comparison of 3 inference engines of the Simultaneous Threat Detection Systems showed that GEP is the better data fusion model. GEP increased precision of threat detection from 56% to 95%. Furthermore, set cover packing was used as a middle tier data fusion tool to discover the reduced size groups of threat data. Set cover provided significant improvement and reduced threat population from 2272 to 295, which helped in minimizing the processing complexity of evidential processing cost and time in determining the combined probability mass of proposed Multiple Simultaneous Threat Detection System. This technique is particularly relevant to on-line and Internet dependent applications including portals.

Download Full-text

Generalized Evidential Processing in Multiple Simultaneous Threat Detection in UNIX

International Journal of Web Portals ◽

10.4018/jwp.2010040105 ◽

2010 ◽

Vol 2 (2) ◽

pp. 51-67

Author(s):

Zafar Sultan ◽

Paul Kwan

Keyword(s):

Data Fusion ◽

Detection System ◽

Set Cover ◽

Threat Detection ◽

Fusion Model ◽

Data Set ◽

Detection Systems ◽

Processing Cost ◽

Size Groups ◽

And Performance

Download Full-text

A Review of Insider Threat Detection: Classification, Machine Learning Techniques, Datasets, Open Challenges, and Recommendations

Applied Sciences ◽

10.3390/app10155208 ◽

2020 ◽

Vol 10 (15) ◽

pp. 5208

Author(s):

Mohammed Nasser Al-Mhiqani ◽

Rabiah Ahmad ◽

Z. Zainal Abidin ◽

Warusia Yassin ◽

Aslinda Hassan ◽

...

Keyword(s):

Machine Learning ◽

Conceptual Understanding ◽

Machine Learning Techniques ◽

Insider Threat ◽

Threat Detection ◽

Insider Threats ◽

Fast Detection ◽

Detection Systems ◽

Learning Techniques ◽

Security Property

Insider threat has become a widely accepted issue and one of the major challenges in cybersecurity. This phenomenon indicates that threats require special detection systems, methods, and tools, which entail the ability to facilitate accurate and fast detection of a malicious insider. Several studies on insider threat detection and related areas in dealing with this issue have been proposed. Various studies aimed to deepen the conceptual understanding of insider threats. However, there are many limitations, such as a lack of real cases, biases in making conclusions, which are a major concern and remain unclear, and the lack of a study that surveys insider threats from many different perspectives and focuses on the theoretical, technical, and statistical aspects of insider threats. The survey aims to present a taxonomy of contemporary insider types, access, level, motivation, insider profiling, effect security property, and methods used by attackers to conduct attacks and a review of notable recent works on insider threat detection, which covers the analyzed behaviors, machine-learning techniques, dataset, detection methodology, and evaluation metrics. Several real cases of insider threats have been analyzed to provide statistical information about insiders. In addition, this survey highlights the challenges faced by other researchers and provides recommendations to minimize obstacles.

Download Full-text

Localization of cerium-based reaction products by scanning laser reflectance confocal microscopy.

Journal of Histochemistry & Cytochemistry ◽

10.1177/38.3.2406336 ◽

1990 ◽

Vol 38 (3) ◽

pp. 315-318 ◽

Cited By ~ 31

Author(s):

J M Robinson ◽

B E Batten

Keyword(s):

Hydrogen Peroxide ◽

Confocal Microscopy ◽

Scanning Laser ◽

Reaction Products ◽

Laser Confocal Microscopy ◽

Light Microscope Level ◽

New Approach ◽

Detection Systems ◽

Laser Reflectance ◽

Hydrogen Peroxide Release

Scanning laser confocal microscopy was utilized to visualize sites of hydrogen peroxide release from stimulated neutrophils and lysosomal acid phosphatase in these and other cells using cerium in the detection systems. Imaging of the cerium-containing reactions was achieved by employing the reflectance mode of this instrument. Localization of these products at the light microscope level was direct and did not require other reactions to generate a visible product. This new approach to cerium cytochemistry should prove useful for many applications.

Download Full-text