Showing papers in "International Journal of Computer Science & Applications in 2016"
TL;DR: This paper describes an idealized meta-learning architecture comprising a variety of relevant component techniques and shows how metalearning has already been identified as an important component in real-world applications.
Abstract: Current data mining tools are characterized by a plethora of algorithms but a lack of guidelines to select the right method according to the nature of the problem under analysis. Producing such guidelines is a primary goal by the field of meta-learning; the research objective is to understand the interaction between the mechanism of learning and the concrete contexts in which that mechanism is applicable. The field of meta-learning has seen continuous growth in the past years with interesting new developments in the construction of practical model-selection assistants, task-adaptive learners, and a solid conceptual framework. In this paper, we give an overview of different techniques necessary to build meta-learning systems. We begin by describing an idealized meta-learning architecture comprising a variety of relevant component techniques. We then look at how each technique has been studied and implemented by previous research. In addition, we show how metalearning has already been identified as an important component in real-world applications.
88 citations
TL;DR: This paper introduces Cyber SA, provides definitions, examples and discusses applications of situation awareness in the Cyber domain.
Abstract: Historically, situation awareness has been applied to mainstream disciplines such as psychology, air traffic control, and aviation. This trend has since changed. Situation awareness has expanded now into the Cyber domain such as social media, vehicular networks (VANET), cybersecurity, CERTs and computer network defense (CND) etc. With every new innovation or its application, there is potential for misconceptions, misinterpretation and downright misunderstanding. This has led to situations where very many ‘things’ have now been ‘branded’ Cyber SA, many of which have nothing to do with situation awareness. This paper introduces Cyber SA, provides definitions, examples and discusses applications of situation awareness in the Cyber domain. Keyword: Cyber Situation Awareness, Cyber SA, Situation Awareness, Computer Network Defense, Situational Awareness, SA, CND, Cybersecurity, VANET, CERT, SOC, Cyber SA Applications
15 citations
TL;DR: An n-gram opcode features based approach that utilizes machine learning to identify and categorize Android malware and enables automated feature discovery without relying on prior expert or domain knowledge for pre-determined features is presented.
Abstract: Android malware has been on the rise in recent years due to the increasing popularity of Android and the proliferation of third party application markets. Emerging Android malware families are increasingly adopting sophisticated detection avoidance techniques and this calls for more effective approaches for Android malware detection. Hence, in this paper we present and evaluate an n-gram opcode features based approach that utilizes machine learning to identify and categorize Android malware. This approach enables automated feature discovery without relying on prior expert or domain knowledge for pre-determined features. Furthermore, by using a data segmentation technique for feature selection, our analysis is able to scale up to 10-gram opcodes. Our experiments on a dataset of 2520 samples showed an f-measure of 98% using the n-gram opcode based approach. We also provide empirical findings that illustrate factors that have probable impact on the overall n-gram opcodes performance trends.
15 citations
TL;DR: This study assesses the understanding of security and privacy of users in possession of wearable devices, and demonstrates privacy complacency, as the majority of users trust the application and the wearable device manufacturer.
Abstract: Situational Awareness provides a user centric approach to security and privacy. The human factor is often recognised as the weakest link in security, therefore situational perception and risk awareness play a leading role in the adoption and implementation of security mechanisms. In this study we assess the understanding of security and privacy of users in possession of wearable devices. The findings demonstrate privacy complacency, as the majority of users trust the application and the wearable device manufacturer. Moreover the survey findings demonstrate a lack of understanding of security and privacy by the sample population. Finally the theoretical implications of the findings are discussed. Keyword: Situational Awareness, eHealth, Wearables, Security, Privacy,
14 citations
TL;DR: The objective of the work is to investigate a community abstraction approach to agent based knowledge management.
Abstract: Virtual communities are becoming increasingly popular, particularly on the internet, as a means for like-minded individuals to meet, share or gain access to the information they are most interested in quickly and efficiently, from other individuals. The concept of a community of interest can be supported in a virtual community in order to bring the appropriate parties together, to share their knowledge with each other. The objective of our work is to investigate a community abstraction approach to agent based knowledge management.
13 citations
TL;DR: This paper reviews the selected energy consumption based malware detection methods and presents an analysis of the significance of the energyconsumption behaviour in determining the following: i) the causes of theenergy-drain in mobile devices, ii) energy consumption pattern indicating the type and hence the behaviour of an application iii) energy consumes anomaly in detecting malicious activity.
Abstract: Mobile devices, such as smartphones, have become an important part of modern lives. However, as these devices have tremendously become popular they are attracting a range of attacks. Malware is one of the serious threats posed to smartphones by the attackers. Due to the limited resources of mobile devices malware detection on these devices remains a challenge. Malware detection techniques based on energy-consumption anomaly present several advantages to circumvent the resource constraints of mobile devices. This paper reviews the selected energy consumption based malware detection methods and presents an analysis of the significance of the energyconsumption behaviour in determining the following: i) the causes of the energy-drain in mobile devices, ii) energy consumption pattern indicating the type and hence the behaviour of an application iii) energy consumption anomaly in detecting malicious activity. The challenges faced in developing energy-based detection methods and advantages of such methods are also discussed. The paper mainly focuses on Android platform.
13 citations
TL;DR: The verification procedures demonstrated in this study when applied in e-voting systems would help build voter’s confidence in iVoting systems.
Abstract: The purpose of this study was to design an e-voting system to improve verification and auditing of votes and election results to aid build confidence in the use of e-voting. A top-down design approach was adopted in the design and development of the evoting system. BK Web-based e-voting system after design was implemented in ten different elections in 2012, 2013 and 2014. It was very helpful in ensuring voter’s confidence in e-voting since they were able to verify their votes through Short Message Service, reports generated from the system and the provision of ‘strong room’ facility. The verification procedures demonstrated in this study when applied in e-voting systems would help build voter’s confidence in e-voting systems.
10 citations
TL;DR: It is demonstrated that the Cell BE processor can achieve a speedup of 10x on this application and shows good scalability with number of SPEs and it is shown that the speedup becomes limited by the number of memory transfer.
Abstract: The Cell Broadband Engine (BE) is a heterogeneous 9-core microprocessor which initially saw the light in the Sony PlayStation 3. This paper describes the parallelization of a video processing application on the Cell BE, and the programming model chosen for this application. Serial implementations on PPE only and parallel implementations on PPE-SPE with 8 SPEs are described. This is followed by the presentation of the speedup comparisons with and without DMA and thread creation overhead times. The results presented in this paper demonstrate that the Cell BE processor can achieve a speedup of 10x on this application and shows good scalability with number of SPEs. When the input data size is at least 512x512, we showed that the speedup becomes limited by the number of memory transfer.
7 citations
TL;DR: This paper extends the proposal of the Enhanced Personal Situation Awareness (ePSA) framework to consider the key details of cyber situation awareness that would be of concern to NEUs, and considers how such information can be effectively conveyed using a visual analytic approach.
Abstract: Situation awareness is often described as the perception and comprehension of the current situation, and the projection of future status. Whilst this may be well understood in an organisational cybersecurity context, there is a strong case to be made for effective cybersecurity situation awareness that is tailored to the needs of the Non-Expert User (NEU). Our online usage habits are rapidly evolving with smartphones and tablets being widely used to access resources online. In order for NEUs to remain safe online, there is a need to enhance awareness and understanding of cybersecurity concerns, such as how devices may be acting online, and what data is being shared between devices. In this paper, we extend our proposal of the Enhanced Personal Situation Awareness (ePSA) framework to consider the key details of cyber situation awareness that would be of concern to NEUs, and we consider how such information can be effectively conveyed using a visual analytic approach. We present the design of our visual analytics approach to show how this can represent the key details of cyber situation awareness whilst maintaining a simple and clean design scheme so as to not result in information-overload for the user. The guidance developed through the course of this work can help practitioners develop tools that could help NEUs better understand their online actions, with the aim of giving users greater control and safer experiences when their personal devices are acting online.
6 citations
TL;DR: In this article, a framework for classification of instant message topics of cyber security-themed discussion in Finnish is presented, which utilizes open source software components in morphological analysis, and subsequently converts the messages into Bag-of-Words representations before classifying them into predetermined incident categories.
Abstract: Instant messaging enables rapid collaboration between professionals during cyber security incidents. However, monitoring discussion manually becomes challenging as the number of communication channels increases. Failure to identify relevant information from the free-form instant messages may lead to reduced situational awareness. In this paper, the problem was approached by developing a framework for classification of instant message topics of cyber security-themed discussion in Finnish. The program utilizes open source software components in morphological analysis, and subsequently converts the messages into Bag-of-Words representations before classifying them into predetermined incident categories. We compared support vector machines (SVM), multinomial naive Bayes, and complement naive Bayes (CNB) classification methods with five-fold cross-validation. A combination of SVM and CNB achieved classification accuracy of over 85 %, while multiclass SVM achieved 87 % accuracy. The implemented program recognizes cyber security-related messages in IRC chat rooms and categorizes them accordingly.
3 citations
TL;DR: A novel multi-level botnet detection approach that performs network traffic analysis of three protocols widely considered as the main carriers of botnet Command and Control and attack traffic, i.e. TCP, UDP and DNS is introduced.
Abstract: Botnets, as networks of compromised “zombie” computers, represent one of the most serious security threats on the Internet today. This paper explores how machines compromised with bot malware can be identified at local and enterprise networks in accurate and time-efficient manner. The paper introduces a novel multi-level botnet detection approach that performs network traffic analysis of three protocols widely considered as the main carriers of botnet Command and Control (C&C) and attack traffic, i.e. TCP, UDP and DNS. The proposed method relies on supervised machine learning for identifying patterns of botnet network traffic. The method has been evaluated through a series of experiments using traffic traces originating from 40 different bot samples and diverse benign applications. The evaluation indicates accurate and time-efficient classification of botnet traffic for all the three protocols as well as promising performance of identifying potentially compromised machines. The future work will be devoted to the optimization of traffic analysis and correlation of findings from three analysis levels in order to increase the accuracy of identifying compromised clients within the network.
TL;DR: An energy efficient, lifetime improving, secure periodic Data Gathering scheme that is a hybrid of heuristic path establishment and secure data transmission that increases the network lifetime there by reducing the total traffic load.
Abstract: The most emerging prominent sensor network applications collect data from sensor nodes and monitors periodically. Resource constraint Sensor motes sense the environment and transit data to the remote sink via multiple hops. Minimum energy dissipation and secure data transmission are crucial to such applications. This paper delivers an energy efficient, lifetime improving, secure periodic Data Gathering scheme that is a hybrid of heuristic path establishment and secure data transmission. This protocol uses artificial intelligence (AI) based A* heuristic search algorithm to establish energy efficient admissible optimal path to sink in terms of high residual energy, minimum hop counts and high link quality. This scheme also adopts block encryption Rivest Cipher (RC6) Algorithm to secure the transmission of packets. This code and speed optimized block encryption provides confidentiality against critical data and consumes less energy for encryption. This proposed method increases the network lifetime there by reducing the total traffic load. Evaluation of performance analysis of this algorithm using Network Simulator (NS2) shows the superiority of the proposed scheme.
TL;DR: Evaluating an insider threat detection motto on its ability to detect different type of scenarios that have not previously been identify or contemplated by the developers of the system to find results that robustly achieves results.
Abstract: Problems from the inside of an organization’s perimeters are a significant threat, since it is very difficult to differentiate them from outside activity. In this dissertation, evaluate an insider threat detection motto on its ability to detect different type of scenarios that have not previously been identify or contemplated by the developers of the system. We show the ability to detect a large variety of insider threat scenario instances We report results of an ensemble-based, unsupervised technique for detecting potential insider threat, insider threat scenarios that robustly achieves results. We explore factors that contribute to the success of the ensemble method, such as the number and variety of unsupervised detectors and the use of existing knowledge encoded in scenario based detectors made for different known activity patterns. We report results over the entire period of the ensemble approach and of ablation experiments that remove the scenario-based detectors.
TL;DR: Non-inverting Four Switch buck-boost converter (NFSBBC) is presented to reach advances in generation with respect to solar condition and the advances of generation include maximum power point tracking using incremental conductance, reliable buck boost operation and voltage stability ratio.
Abstract: Solar power is a promising solution in recent environmental aspects so several methods of generation were implemented in past to reach advances in generation capacity and critical conditions of solar. This paper deals with Non-inverting Four Switch buck-boost converter (NFSBBC) which is presented to reach advances in generation with respect to solar condition. The advances of generation include maximum power point tracking using incremental conductance, reliable buck boost operation and voltage stability ratio. Incremental conductance can track rapidly on solar power than perturb and observer method, so proposed power generation draws a continuous power across DC-Link inverter drive for wide speed operation of brushless DC motor. A new phase current infusion is implemented to estimate flux, torque and control of speed in wide range without external infusion and sensing loops in present sensor less vector control. 110W/50V capacity of solar is implemented for present solar power generation; output capacity of converter reaches from 25-100V using buck boost operation. 25V/1500 rpm capacity of brushless DC Motor is controlled using proposed sensor less vector using current infusing logic.
TL;DR: This paper proposes an approach that can more inextricably link the use of information to the individual users who use and access them through theUse of transparent biometric imprinting, which enables the covert capture of a user’s biometric information—avoiding the potential for forgery.
Abstract: Insider misuse has become a real threat to many enterprises in the last decade. A major source of such threats originates from those individuals who have inside knowledge about the organization’s resources. Therefore, preventing or responding to such incidents has become a challenging task. Digital forensics has grown into a de-facto standard in the examination of electronic evidence, which provides a basis for investigating incidents. A key barrier however is often being able to associate an individual to the stolen data—especially when stolen credentials and the Trojan defense are two commonly cited arguments. This paper proposes an approach that can more inextricably link the use of information (e.g. images, documents and emails) to the individual users who use and access them through the use of transparent biometric imprinting. The use of transparent biometrics enables the covert capture of a user’s biometric information—avoiding the potential for forgery. A series of experiments are presented to evaluate the capability of retrieving the biometric information through a variety of file modification attacks. The preliminary feasibility study has shown that it is possible to correlate an individual’s biometric information with a digital object (images) and still be able to recover the biometric signal even with significant file modification. Intl. Journal on Cyber Situational Awareness, Vol. 1, No. 1, 2016
TL;DR: The potential of utilising users as human sensors for the detection of cyber threats, specifically on social media, is evaluated and features that are good predictors of a human sensor’s performance are identified and evaluated in both a theoretical ideal and two more realistic cases.
Abstract: While the human as a sensor concept has been utilised extensively for the detection of threats to safety and security in physical space, especially in emergency response and crime reporting, the concept is largely unexplored in the area of cyber security. Here, we evaluate the potential of utilising users as human sensors for the detection of cyber threats, specifically on social media. For this, we have conducted an online test and accompanying questionnaire-based survey, which was taken by 4,457 users. The test included eight realistic social media scenarios (four attack and four non-attack) in the form of screenshots, which the participants were asked to categorise as “likely attack” or “likely not attack”. We present the overall performance of human sensors in our experiment for each exhibit, and also apply logistic regression and Random Forest classifiers to evaluate the feasibility of predicting that performance based on different characteristics of the participants. Such prediction would be useful where accuracy of human sensors in detecting and reporting social media security threats is important. We identify features that are good predictors of a human sensor’s performance and evaluate them in both a theoretical ideal case and two more realistic cases, the latter corresponding to limited access to a user’s characteristics.
TL;DR: A clustering approach that has taken a heterogeneous environment and uses fuzzy logic to elect CHs more efficiently is presented and simulation shows that using fuzzy logic in SEP (Stability Election Protocol) will improve the energy efficiency by providing better load distribution and utilizing the benefits of heterogeneity of network.
Abstract: A number of research have taken place in the field of Wireless Sensor Networks (WSN) as there is continuous need of advancement in the field of wireless communication, digital technology and micro-electro-mechanical systems(MEMS) . So the need of growth of low cost, low power, multifunctional sensor nodes have been required. A Wireless Sensor Network is a collection of sensor nodes that have the capability of sensing any environmental phenomenon, processing that information and then sending that data to the base station. A single sensor node is not capable of capturing desired information from a particular region so a collection of nodes are arranged to get accurate and sufficient result. This collection of sensor nodes along with a base station will collaboratively form a network that is known as Wireless Sensor Network. As limited energy is one of the most important constraint of WSN so it must be assured that it is utilized in most efficient way. Clustering is best approach to remove redundant data transmission to base station. Each cluster has a cluster head that is responsible for transmitting data to base station for that cluster members. Cluster head (CH) collect the data from all members of its cluster and perform aggregation on these data to remove redundancy then send it to base station. So appropriate CH election is very important for improving efficiency. In this thesis we have presented a clustering approach that has taken a heterogeneous environment and uses fuzzy logic to elect CHs more efficiently. We have combined two parameters Distance and Residual Energy and apply fuzzy rules on that to find the priority of a node for being a CH. Simulation shows that using fuzzy logic in SEP (Stability Election Protocol) will improve the energy efficiency by providing better load distribution and utilizing the benefits of heterogeneity of network. We have shown our analysis on two parameters- Number of dead nodes and average energy of nodes
Journal Article•
TL;DR: A face recognition algorithm using feature points of face parts, which is classified as a feature-based method, which proves to take the frontal image in 0.27 second from video at most.
Abstract: This paper describes a face recognition algorithm using feature points of face parts, which is classified as a feature-based method. As recognition performance depends on the combination of extracted feature points, we utilize all reliable feature points effectively. From moving video input, well-conditioned face images with a frontal direction and without facial expression are extracted. To select such well-conditioned images, an iteratively minimizing variance method is used with variable input face images. This iteration drastically brings convergence to the minimum variance of 1 for a quarter to an eighth of all data, which proves to take the frontal image in 0.27 second from video at most. The proposed system using six statistic values realizes 98.3% as an authentication rate.
TL;DR: A novel attack simulation based software protection assessment method that relies on Petri Nets to specify and visualize attack models of mobile applications and developed a Monte Carlo based approach to simulate attacking processes and to deal with the uncertainty.
Abstract: Software protection is an essential aspect of information security to withstand malicious activities on software, and preserving valuable software assets. However, software developers still lack an effective methodology for the assessment of deployed protections, especially in the area of mobile applications. To solve these issues, we present a novel attack simulation based software protection assessment method to evaluate and compare different protection solutions. Our solution relies on Petri Nets to specify and visualize attack models of mobile applications. We developed a Monte Carlo based approach to simulate attacking processes and to deal with the uncertainty. Then, based on this simulation, a novel protection comparison model is proposed to compare different protection solutions. Finally, our attack simulation based software protection assessment method is presented. We illustrate our method by means of a case study process to demonstrate that our approach can provide a suitable software protection assessment for developers and software companies.
TL;DR: This approach proved to effectively build the ontology of semantic web applications using a metadesign approach and the survey of the participatory domain-experts in a case-study.
Abstract: This paper describes the ontology construction using a metadesign approach. The approach will constitutes key concepts such as: supporting human-problem interaction, underdesigning for emergent behavior, enabling legitimate peripheral participation, sharing control, promoting mutual learning and support, rewarding and recognizing contributions, and fostering reflective communities. The approach supports for flexibility and extensibility in the process and the used tools. The development of semantic web applications was part of the tools support to follow the metadesign framework. The central actor along the phases are the domain experts who also were respondencts in the survey. Based on the resultant ontology and the survey of the participatory domain-experts in a case-study, this approach proved to effectively build the ontology.