Biblio

With the advancement of network technology, users can now easily gain access to and benefit from networks. However, the number of network violations is increasing. The main issue with this violation is that irresponsible individuals are infiltrating the network. Network intrusion can be interpreted in a variety of ways, including cyber criminals forcibly attempting to disrupt network connections, gaining unauthorized access to valuable data, and then stealing, corrupting, or destroying the data. There are already numerous systems in place to detect network intrusion. However, the systems continue to fall short in detecting and counter-attacking network intrusion attacks. This research aims to enhance the detection of Denial of service (DoS) by identifying significant features and identifying abnormal network activities more accurately. To accomplish this goal, the study proposes an Intrusion Analysis System for detecting Denial of service (DoS) network attacks using machine learning. The accuracy rate of the proposed method using random forest was demonstrated in our experimental results. It was discovered that the accuracy rate with each dataset is greater than 98.8 percent when compared to traditional approaches. Furthermore, when features are selected, the detection time is significantly reduced.

This paper is concerned with the problem of adaptive finite-time prescribed performance control for a category of uncertain nonlinear systems subject to fuzzy dead-zone input. Via combining the technologies of command filter and backstepping control, the ``singularity'' and the ``explosion of complexity'' issues within controller design procedure are avoided. Moreover, by designing a state observer and utilizing the center-of-gravity theorem, the unmeasured states of system are estimated and the fuzzy issue result from fuzzy dead-zone input is disposed, respectively. Meanwhile, a finite-time fuzzy controller is constructed via combining with finite-time stability criterion, which guarantees all the signals in closed-loop system are convergent and the trajectory of tracking error also strictly evolves within a predefined range in finite time. At last, some simulation results confirm the viability of presented theoretical results.

Vehicle-logo location is a crucial step in vehicle-logo recognition system. In this paper, a novel approach of the vehicle-logo location based on edge detection and morphological filter is proposed. Firstly, the approximate location of the vehicle-logo region is determined by the prior knowledge about the position of the vehicle-logo; Secondly, the texture measure is defined to recognize the texture of the vehicle-logo background; Then, vertical edge detection is executed for the vehicle-logo background with the horizontal texture and horizontal edge detection is implemented for the vehicle-logo background with the vertical texture; Finally, position of the vehicle-logo is located accurately by mathematical morphology filter. Experimental results show the proposed method is effective.

{The paper considers the efficiency of an adaptive non-recursive filter using the adjustment algorithm for weighting coefficients taking into account the constant envelope of the desired signal when receiving signals with multi-position phase shift keying against the background of noise and non-fluctuation interference. Two types of such interference are considered - harmonic and retranslated. The optimal filter parameters (adaptation coefficient and length) are determined by using simulation; the effect of the filter on the noise immunity of a quadrature coherent signal receiver with multi-position phase shift keying for different combinations of interference and their intensity is estimated. It is shown that such an adaptive filter can successfully deal with the most dangerous sighting harmonic interference}.

Modern computer peripherals are diverse in their capabilities and functionality, ranging from keyboards and printers to smartphones and external GPUs. In recent years, peripherals increasingly connect over a small number of standardized communication protocols, including USB, Bluetooth, and NFC. The host operating system is responsible for managing these devices; however, malicious peripherals can request additional functionality from the OS resulting in system compromise, or can craft data packets to exploit vulnerabilities within OS software stacks. Defenses against malicious peripherals to date only partially cover the peripheral attack surface and are limited to specific protocols (e.g., USB). In this paper, we propose Linux (e)BPF Modules (LBM), a general security framework that provides a unified API for enforcing protection against malicious peripherals within the Linux kernel. LBM leverages the eBPF packet filtering mechanism for performance and extensibility and we provide a high-level language to facilitate the development of powerful filtering functionality. We demonstrate how LBM can provide host protection against malicious USB, Bluetooth, and NFC devices; we also instantiate and unify existing defenses under the LBM framework. Our evaluation shows that the overhead introduced by LBM is within 1 μs per packet in most cases, application and system overhead is negligible, and LBM outperforms other state-of-the-art solutions. To our knowledge, LBM is the first security framework designed to provide comprehensive protection against malicious peripherals within the Linux kernel.

In order to solve the interference of burrs, aliasing and other noises in the background area of millimeter wave human security inspection on the objects identification, an adaptive template matching filtering method is proposed. First, the preprocessed original image is segmented by level set algorithm, then the result is used as a template to filter the background of the original image. Finally, the image after background filtered is used as the input of bilateral filtering. The contrast experiments based on the actual millimeter wave image verifies the improvement of this algorithm compared with the traditional filtering method, and proves that this algorithm can filter the background noise of the human security image, retain the image details of the human body area, and is conducive to the object recognition and location in the millimeter wave security image.

Advanced metering infrastructure (AMI) is a key component in the smart grid. Transmitting data robustly and reliably between the tremendous smart meters in the AMI is one of the most crucial tasks for providing various services in smart grid. Among the many efforts for designing practical routing protocols for the AMI, the Routing Protocol for Low-Power and Lossy Networks (RPL) proposed by the IETF ROLL working group is considered the most consolidated candidate. Resent research has shown cyber attacks such as blackhole attack and version number attack can seriously damage the performance of the network implementing RPL. The main reason that RPL is vulnerable to these kinds of attacks is the lack an authentication mechanism. In this paper, we study the impact of blackhole attacks on the performance of the AMI network and proposed a new blackhole attack that can bypass the existing defense mechanism. Then, we propose a cuckoo filter based RPL to defend the AMI network from blackhole attacks. We also give the security analysis of the proposed method.

The ubiquitous internetworking of devices in all areas of life is boosted by various trends for instance the Internet of Things. Promising technologies that can be used for such future environments come from Wireless Sensor Networks. It ensures connectivity between distributed, tiny and simple sensor nodes as well as sensor nodes and base stations in order to monitor physical or environmental conditions such as vibrations, temperature or motion. Security plays an increasingly important role in the coming decades in which attacking strategies are becoming more and more sophisticated. Contemporary cryptographic mechanisms face a great threat from quantum computers in the near future and together with Intrusion Detection Systems are hardly applicable on sensors due to strict resource constraints. Thus, in this work a future-proof lightweight and resource-aware security concept for sensor networks with a processing stage permeated filtering mechanism is proposed. A special focus in the concepts evaluation lies on the novel Magic Number filter to mitigate a special kind of Denial-of-Service attack performed on CC1350 LaunchPad ARM Cortex-M3 microcontroller boards.

In this paper a new physical layer security method is proposed against eavesdropping attacks. Our purpose is to demonstrate that performance of the legitimate receiver can be increased and performance of the eavesdropper can be decreased by matching between the roll of factors of root raised cosine filters in the transmitter and receiver. Through the matching between the roll of factors (a), a performance difference is generated between the legitimate receiver and the eavesdropper. By using three software defined radio nodes error vector magnitude of the legitimate receiver and the eavesdropper is measured according to roll of factors. Performance differences the receiver are demonstrated when the roll off factor is matched and mismatched.

This paper focuses on optimizing the sigmoid filter for detecting Low-Rate DoS attacks. Though sigmoid filter could help for detecting the attacker, it could severely affect the network efficiency. Unlike high rate attacks, Low-Rate DoS attacks such as ``Shrew'' and ``New Shrew'' are hard to detect. Attackers choose a malicious low-rate bandwidth to exploit the TCP's congestion control window algorithm and the re-transition timeout mechanism. We simulated the attacker traffic by editing using NS3. The Sigmoid filter was used to create a threshold bandwidth filter at the router that allowed a specific bandwidth, so when traffic that exceeded the threshold occurred, it would be dropped, or it would be redirected to a honey-pot server, instead. We simulated the Sigmoid filter using MATLAB and took the attacker's and legitimate user's traffic generated by NS-3 as the input for the Sigmoid filter in the MATLAB. We run the experiment three times with different threshold values correlated to the TCP packet size. We found the probability to detect the attacker traffic as follows: the first was 25%, the second 50% and the third 60%. However, we observed a drop in legitimate user traffic with the following probabilities, respectively: 75%, 50%, and 85%.

Feature selection is an important step in data analysis to address the curse of dimensionality. Such dimensionality reduction techniques are particularly important when if a classification is required and the model scales in polynomial time with the size of the feature (e.g., some applications include genomics, life sciences, cyber-security, etc.). Feature selection is the process of finding the minimum subset of features that allows for the maximum predictive power. Many of the state-of-the-art information-theoretic feature selection approaches use a greedy forward search; however, there are concerns with the search in regards to the efficiency and optimality. A unified framework was recently presented for information-theoretic feature selection that tied together many of the works in over the past twenty years. The work showed that joint mutual information maximization (JMI) is generally the best options; however, the complexity of greedy search for JMI scales quadratically and it is infeasible on high dimensional datasets. In this contribution, we propose a fast approximation of JMI based on information theory. Our approach takes advantage of decomposing the calculations within JMI to speed up a typical greedy search. We benchmarked the proposed approach against JMI on several UCI datasets, and we demonstrate that the proposed approach returns feature sets that are highly consistent with JMI, while decreasing the run time required to perform feature selection.

Optical Coherence Tomography (OCT) has shown a great potential as a complementary imaging tool in the diagnosis of skin diseases. Speckle noise is the most prominent artifact present in OCT images and could limit the interpretation and detection capabilities. In this work we evaluate various denoising filters with high edge-preserving potential for the reduction of speckle noise in 256 dermatological OCT B-scans. Our results show that the Enhanced Sigma Filter and the Block Matching 3-D (BM3D) as 2D denoising filters and the Wavelet Multiframe algorithm considering adjacent B-scans achieved the best results in terms of the enhancement quality metrics used. Our results suggest that a combination of 2D filtering followed by a wavelet based compounding algorithm may significantly reduce speckle, increasing signal-to-noise and contrast-to-noise ratios, without the need of extra acquisitions of the same frame.

With the rapid development of the information technology, more and more high-speed networks came out. The 4G LTE network as a recently emerging network has gradually entered the mainstream of the communication network. This paper proposed an effective content-based information filtering based on the 4G LTE high-speed network by combing the content-based filter and traditional simple filter. Firstly, raw information is pre-processed by five-tuple filter. Secondly, we determine the topics and character of the source data by key nearest neighbor text classification after minimum-risk Bayesian classification. Finally, the improved AdaBoost algorithm achieves the four-level content-based information filtering. The experiments reveal that the effective information filtering method can be applied to the network security, big data analysis and other fields. It has high research value and market value.

The delay-tolerant-network (DTN) model is becoming a viable communication alternative to the traditional infrastructural model for modern mobile consumer electronics equipped with short-range communication technologies such as Bluetooth, NFC, and Wi-Fi Direct. Proximity malware is a class of malware that exploits the opportunistic contacts and distributed nature of DTNs for propagation. Behavioral characterization of malware is an effective alternative to pattern matching in detecting malware, especially when dealing with polymorphic or obfuscated malware. In this paper, we first propose a general behavioral characterization of proximity malware which based on naive Bayesian model, which has been successfully applied in non-DTN settings such as filtering email spams and detecting botnets. We identify two unique challenges for extending Bayesian malware detection to DTNs ("insufficient evidence versus evidence collection risk" and "filtering false evidence sequentially and distributedly"), and propose a simple yet effective method, look ahead, to address the challenges. Furthermore, we propose two extensions to look ahead, dogmatic filtering, and adaptive look ahead, to address the challenge of "malicious nodes sharing false evidence." Real mobile network traces are used to verify the effectiveness of the proposed methods.
 

Misalignment angles estimation of strapdown inertial navigation system (INS) using global positioning system (GPS) data is highly affected by measurement noises, especially with noises displaying time varying statistical properties. Hence, adaptive filtering approach is recommended for the purpose of improving the accuracy of in-motion alignment. In this paper, a simplified form of Celso's adaptive stochastic filtering is derived and applied to estimate both the INS error states and measurement noise statistics. To detect and bound the influence of outliers in INS/GPS integration, outlier detection based on jerk tracking model is also proposed. The accuracy and validity of the proposed algorithm is tested through ground based navigation experiments.

A robust adaptive filtering algorithm based on the convex combination of two adaptive filters under the maximum correntropy criterion (MCC) is proposed. Compared with conventional minimum mean square error (MSE) criterion-based adaptive filtering algorithm, the MCC-based algorithm shows a better robustness against impulsive interference. However, its major drawback is the conflicting requirements between convergence speed and steady-state mean square error. In this letter, we use the convex combination method to overcome the tradeoff problem. Instead of minimizing the squared error to update the mixing parameter in conventional convex combination scheme, the method of maximizing the correntropy is introduced to make the proposed algorithm more robust against impulsive interference. Additionally, we report a novel weight transfer method to further improve the tracking performance. The good performance in terms of convergence rate and steady-state mean square error is demonstrated in plant identification scenarios that include impulsive interference and abrupt changes.

In adaptive processing applications, the design of the adaptive filter requires estimation of the unknown interference-plus-noise covariance matrix from secondary training data. The presence of outliers in the training data can severely degrade the performance of adaptive processing. By exploiting the sparse prior of the outliers, a Bayesian framework to develop a computationally efficient outlier-resistant adaptive filter based on sparse Bayesian learning (SBL) is proposed. The expectation-maximisation (EM) algorithm is used therein to obtain a maximum a posteriori (MAP) estimate of the interference-plus-noise covariance matrix. Numerical simulations demonstrate the superiority of the proposed method over existing methods.

In view of the difficulty in selecting wavelet base and decomposition level for wavelet-based de-noising method, this paper proposes an adaptive de-noising method based on Ensemble Empirical Mode Decomposition (EEMD). The autocorrelation, cross-correlation method is used to adaptively find the signal-to-noise boundary layer of the EEMD in this method. Then the noise dominant layer is filtered directly and the signal dominant layer is threshold de-noised. Finally, the de-noising signal is reconstructed by each layer component which is de-noised. This method solves the problem of mode mixing in Empirical Mode Decomposition (EMD) by using EEMD and combines the advantage of wavelet threshold. In this paper, we focus on the analysis and verification of the correctness of the adaptive determination of the noise dominant layer. The simulation experiment results prove that this de-noising method is efficient and has good adaptability.
 

Detecting stationary crowd groups and analyzing their behaviors have important applications in crowd video surveillance, but have rarely been studied. The contributions of this paper are in two aspects. First, a stationary crowd detection algorithm is proposed to estimate the stationary time of foreground pixels. It employs spatial-temporal filtering and motion filtering in order to be robust to noise caused by occlusions and crowd clutters. Second, in order to characterize the emergence and dispersal processes of stationary crowds and their behaviors during the stationary periods, three attributes are proposed for quantitative analysis. These attributes are recognized with a set of proposed crowd descriptors which extract visual features from the results of stationary crowd detection. The effectiveness of the proposed algorithms is shown through experiments on a benchmark dataset.