3,136 research outputs found
Applications of brain imaging methods in driving behaviour research
Applications of neuroimaging methods have substantially contributed to the
scientific understanding of human factors during driving by providing a deeper
insight into the neuro-cognitive aspects of driver brain. This has been
achieved by conducting simulated (and occasionally, field) driving experiments
while collecting driver brain signals of certain types. Here, this sector of
studies is comprehensively reviewed at both macro and micro scales. Different
themes of neuroimaging driving behaviour research are identified and the
findings within each theme are synthesised. The surveyed literature has
reported on applications of four major brain imaging methods. These include
Functional Magnetic Resonance Imaging (fMRI), Electroencephalography (EEG),
Functional Near-Infrared Spectroscopy (fNIRS) and Magnetoencephalography (MEG),
with the first two being the most common methods in this domain. While
collecting driver fMRI signal has been particularly instrumental in studying
neural correlates of intoxicated driving (e.g. alcohol or cannabis) or
distracted driving, the EEG method has been predominantly utilised in relation
to the efforts aiming at development of automatic fatigue/drowsiness detection
systems, a topic to which the literature on neuro-ergonomics of driving
particularly has shown a spike of interest within the last few years. The
survey also reveals that topics such as driver brain activity in semi-automated
settings or the brain activity of drivers with brain injuries or chronic
neurological conditions have by contrast been investigated to a very limited
extent. Further, potential topics in relation to driving behaviour are
identified that could benefit from the adoption of neuroimaging methods in
future studies
Catastrophe Models for Cognitive Workload and Fatigue
We reconceptualised several problems concerning the measurement of cognitive workload – fixed versus variable limits on channel capacity, work volume versus time pressure, adaptive strategies, resources demanded by tasks when performed simultaneously, and unclear distinctions between workload and fatigue effects – as two cusp catastrophe models: buckling stress resulting from acute workload, and fatigue resulting from extended engagement. Experimental participants completed a task that was intensive on non-verbal episodic memory and had an automatically speeded component. For buckling stress, the epoch of maximum (speeded) performance was the asymmetry parameter; however, anxiety did not contribute to bifurcation as expected. For fatigue, the bifurcation factor was the total work accomplished, and arithmetic, a compensatory ability, was the asymmetry parameter; R2 for the cusp models outperformed the linear comparison models in both cases. A research programme is outlined that revolves around the two models with different types of task and resource configurations
A hybrid performance evaluation approach for urban logistics using extended cross-efficiency with prospect theory and OWA operator
Urban logistics performance evaluation can provide reference for further
improving its level. However, most performance evaluation for
urban logistics premises that decision-makers (DMs) are completely
rational, which may not conform to the actual situation. Therefore,
this article aims to consider the DMs’ psychological factors in the performance
evaluation of urban logistics. Specifically, the cross-efficiency
evaluation (CEE) method with the DMs’ psychological factors
is used to measure the urban logistics efficiency in the central area of
Yangtze River Delta (YRD) urban agglomeration in China in 2019. The
main contributions in this article are to propose a hybrid CEE method
with prospect theory and ordered weighted average (OWA) operator
for urban logistics industry and to expand the evaluation perspectives
of urban logistics performance. The main conclusions are
obtained: (1) The DMs’ optimism level can indeed affect the efficiency
value and ranking of urban logistics. (2) The aggregation
based on the OWA operator is fair and reasonable because it can
make all self-evaluation efficiencies play the same role. (3) To make
the efficiencies and rankings of urban logistics in the central area of
the YRD have credibility and discrimination, the DMs’ optimism level
range is best between 0.8 and 0.8177
Detection of encrypted traffic generated by peer-to-peer live streaming applications using deep packet inspection
The number of applications using the peer-to-peer (P2P) networking paradigm and their popularity has substantially grown over the last decade. They evolved from the le-sharing applications to media streaming ones. Nowadays these applications commonly encrypt the communication contents or employ protocol obfuscation techniques. In this dissertation, it was conducted an investigation to identify encrypted traf c ows generated by three of the most popular P2P live streaming applications: TVUPlayer, Livestation and GoalBit. For this work, a test-bed that could simulate a near real scenario was created, and traf c was captured from a great variety of applications. The method proposed resort to Deep Packet Inspection (DPI), so we needed
to analyse the payload of the packets in order to nd repeated patterns, that later were used to create a set of SNORT rules that can be used to detect key network packets generated by these applications. The method was evaluated experimentally on the test-bed created for that purpose, being shown that its accuracy is of 97% for GoalBit.A popularidade e o número de aplicações que usam o paradigma de redes par-a-par (P2P)
têm crescido substancialmente na última década. Estas aplicações deixaram de serem usadas
simplesmente para partilha de ficheiros e são agora usadas também para distribuir conteúdo
multimédia. Hoje em dia, estas aplicações têm meios de cifrar o conteúdo da comunicação
ou empregar técnicas de ofuscação directamente no protocolo. Nesta dissertação, foi realizada
uma investigação para identificar fluxos de tráfego encriptados, que foram gerados por
três aplicações populares de distribuição de conteúdo multimédia em redes P2P: TVUPlayer,
Livestation e GoalBit. Para este trabalho, foi criada uma plataforma de testes que pretendia
simular um cenário quase real, e o tráfego que foi capturado, continha uma grande variedade
de aplicações. O método proposto nesta dissertação recorre à técnica de Inspecção Profunda
de Pacotes (DPI), e por isso, foi necessário 21nalisar o conteúdo dos pacotes a fim de encontrar
padrões que se repetissem, e que iriam mais tarde ser usados para criar um conjunto de regras
SNORT para detecção de pacotes chave· na rede, gerados por estas aplicações, afim de se
poder correctamente classificar os fluxos de tráfego. Após descobrir que a aplicação Livestation
deixou de funcionar com P2P, apenas as duas regras criadas até esse momento foram usadas.
Quanto à aplicação TVUPlayer, foram criadas várias regras a partir do tráfego gerado por ela
mesma e que tiveram uma boa taxa de precisão. Várias regras foram também criadas para
a aplicação GoalBit em que foram usados quatro cenários: com e sem encriptação usando a
opção de transmissão tracker, e com e sem encriptação usando a opção de transmissão sem
necessidade de tracker (aqui foi usado o protocolo Kademlia). O método foi avaliado experimentalmente
na plataforma de testes criada para o efeito, sendo demonstrado que a precisĂŁo
do conjunto de regras para a aplicação GoallBit é de 97%.Fundação para a Ciência e a Tecnologia (FCT
A Novel Feature Set for Application Identification
Classifying Internet traffic into applications is vital to many areas, from quality of service (QoS) provisioning, to network management and security. The task is challenging as network applications are rather dynamic in nature, tend to use a web front-end and are typically encrypted, rendering traditional port-based and deep packet inspection (DPI) method unusable. Recent classification studies proposed two alternatives: using the statistical properties of traffic or inferring the behavioural patterns of network applications, both aiming to describe the activity within and among network flows in order to understand application usage and behaviour. The aim of this paper is to propose and investigate a novel feature to define application behaviour as seen through the generated network traffic by considering the timing and pattern of user events during application sessions, leading to an extended traffic feature set based on burstiness. The selected features were further used to train and test a supervised C5.0 machine learning classifier and led to a better characterization of network applications, with a traffic classification accuracy ranging between 90- 98%
A Survey of Methods for Encrypted Traffic Classification and Analysis
With the widespread use of encrypted data transport network traffic encryption is becoming a standard nowadays. This presents a challenge for traffic measurement, especially for analysis and anomaly detection methods which are dependent on the type of network traffic. In this paper, we survey existing approaches for classification and analysis of encrypted traffic. First, we describe the most widespread encryption protocols used throughout the Internet. We show that the initiation of an encrypted connection and the protocol structure give away a lot of information for encrypted traffic classification and analysis. Then, we survey payload and feature-based classification methods for encrypted traffic and categorize them using an established taxonomy. The advantage of some of described classification methods is the ability to recognize the encrypted application protocol in addition to the encryption protocol. Finally, we make a comprehensive comparison of the surveyed feature-based classification methods and present their weaknesses and strengths.Ĺ ifrovánĂ sĂĹĄovĂ©ho provozu se v dnešnĂ dobÄ› stalo standardem. To pĹ™inášà vysokĂ© nároky na monitorovánĂ sĂĹĄovĂ©ho provozu, zejmĂ©na pak na analĂ˝zu provozu a detekci anomáliĂ, kterĂ© jsou závislĂ© na znalosti typu sĂĹĄovĂ©ho provozu. V tomto ÄŤlánku pĹ™inášĂme pĹ™ehled existujĂcĂch zpĹŻsobĹŻ klasifikace a analĂ˝zy šifrovanĂ©ho provozu. Nejprve popisujeme nejrozšĂĹ™enÄ›jšà šifrovacĂ protokoly, a ukazujeme, jakĂ˝m zpĹŻsobem lze zĂskat informace pro analĂ˝zu a klasifikaci šifrovanĂ©ho provozu. NáslednÄ› se zabĂ˝váme klasifikaÄŤnĂmi metodami zaloĹľenĂ˝mi na obsahu paketĹŻ a vlastnostech sĂĹĄovĂ©ho provozu. Tyto metody klasifikujeme pomocĂ zavedenĂ© taxonomie. VĂ˝hodou nÄ›kterĂ˝ch popsanĂ˝ch klasifikaÄŤnĂch metod je schopnost rozeznat nejen šifrovacĂ protokol, ale takĂ© šifrovanĂ˝ aplikaÄŤnĂ protokol. Na závÄ›r porovnáváme silnĂ© a slabĂ© stránky všech popsanĂ˝ch klasifikaÄŤnĂch metod
The influence of topology and information diffusion on networked game dynamics
This thesis studies the influence of topology and information diffusion on the strategic interactions of agents in a population. It shows that there exists a reciprocal relationship between the topology, information diffusion and the strategic interactions of a population of players. In order to evaluate the influence of topology and information flow on networked game dynamics, strategic games are simulated on populations of players where the players are distributed in a non-homogeneous spatial arrangement. The initial component of this research consists of a study of evolution of the coordination of strategic players, where the topology or the structure of the population is shown to be critical in defining the coordination among the players. Next, the effect of network topology on the evolutionary stability of strategies is studied in detail. Based on the results obtained, it is shown that network topology plays a key role in determining the evolutionary stability of a particular strategy in a population of players. Then, the effect of network topology on the optimum placement of strategies is studied. Using genetic optimisation, it is shown that the placement of strategies in a spatially distributed population of players is crucial in maximising the collective payoff of the population. Exploring further the effect of network topology and information diffusion on networked games, the non-optimal or bounded rationality of players is modelled using topological and directed information flow of the network. Based on the topologically distributed bounded rationality model, it is shown that the scale-free and small-world networks emerge in randomly connected populations of sub-optimal players. Thus, the topological and information theoretic interpretations of bounded rationality suggest the topology, information diffusion and the strategic interactions of socio-economical structures are cyclically interdependent
The influence of topology and information diffusion on networked game dynamics
This thesis studies the influence of topology and information diffusion on the strategic interactions of agents in a population. It shows that there exists a reciprocal relationship between the topology, information diffusion and the strategic interactions of a population of players. In order to evaluate the influence of topology and information flow on networked game dynamics, strategic games are simulated on populations of players where the players are distributed in a non-homogeneous spatial arrangement. The initial component of this research consists of a study of evolution of the coordination of strategic players, where the topology or the structure of the population is shown to be critical in defining the coordination among the players. Next, the effect of network topology on the evolutionary stability of strategies is studied in detail. Based on the results obtained, it is shown that network topology plays a key role in determining the evolutionary stability of a particular strategy in a population of players. Then, the effect of network topology on the optimum placement of strategies is studied. Using genetic optimisation, it is shown that the placement of strategies in a spatially distributed population of players is crucial in maximising the collective payoff of the population. Exploring further the effect of network topology and information diffusion on networked games, the non-optimal or bounded rationality of players is modelled using topological and directed information flow of the network. Based on the topologically distributed bounded rationality model, it is shown that the scale-free and small-world networks emerge in randomly connected populations of sub-optimal players. Thus, the topological and information theoretic interpretations of bounded rationality suggest the topology, information diffusion and the strategic interactions of socio-economical structures are cyclically interdependent
An Analysis of Pre-Infection Detection Techniques for Botnets and other Malware
Traditional techniques for detecting malware, such as viruses, worms and rootkits, rely on identifying virus-specific signature definitions within network traffic, applications or memory. Because a sample of malware is required to define an attack signature, signature detection has drawbacks when accounting for malware code mutation, has limited use in zero-day protection and is a post-infection technique requiring malware to be present on a device in order to be detected.
A malicious bot is a malware variant that interconnects with other bots to form a botnet. Amongst their multiple malicious uses, botnets are ideal for launching mass Distributed Denial of Services attacks against the ever increasing number of networked devices that are starting to form the Internet of Things and Smart Cities. Regardless of topology; centralised Command & Control or distributed Peer-to-Peer, bots must communicate with their commanding botmaster. This communication traffic can be used to detect malware activity in the cloud before it can evade network perimeter defences and to trace a route back to source to takedown the threat.
This paper identifies the inefficiencies exhibited by signature-based detection when dealing with botnets. Total botnet eradication relies on traffic-based detection methods such as DNS record analysis, against which malware authors have multiple evasion techniques. Signature-based detection displays further inefficiencies when located within virtual environments which form the backbone of data centre infrastructures, providing malware with a new attack vector. This paper highlights a lack of techniques for detecting malicious bot activity within such environments, proposing an architecture based upon flow sampling protocols to detect botnets within virtualised environments
- …