9,367 research outputs found
A Survey on the Security of Pervasive Online Social Networks (POSNs)
Pervasive Online Social Networks (POSNs) are the extensions of Online Social
Networks (OSNs) which facilitate connectivity irrespective of the domain and
properties of users. POSNs have been accumulated with the convergence of a
plethora of social networking platforms with a motivation of bridging their
gap. Over the last decade, OSNs have visually perceived an altogether
tremendous amount of advancement in terms of the number of users as well as
technology enablers. A single OSN is the property of an organization, which
ascertains smooth functioning of its accommodations for providing a quality
experience to their users. However, with POSNs, multiple OSNs have coalesced
through communities, circles, or only properties, which make
service-provisioning tedious and arduous to sustain. Especially, challenges
become rigorous when the focus is on the security perspective of cross-platform
OSNs, which are an integral part of POSNs. Thus, it is of utmost paramountcy to
highlight such a requirement and understand the current situation while
discussing the available state-of-the-art. With the modernization of OSNs and
convergence towards POSNs, it is compulsory to understand the impact and reach
of current solutions for enhancing the security of users as well as associated
services. This survey understands this requisite and fixates on different sets
of studies presented over the last few years and surveys them for their
applicability to POSNs...Comment: 39 Pages, 10 Figure
Big Data Quality: A systematic literature review and future research directions
One of the most significant problems of Big Data is to extract knowledge
through the huge amount of data. The usefulness of the extracted information
depends strongly on data quality. In addition to the importance, data quality
has recently been taken into consideration by the big data community and there
is not any comprehensive review conducted in this area. Therefore, the purpose
of this study is to review and present the state of the art on the quality of
big data research through a hierarchical framework. The dimensions of the
proposed framework cover various aspects in the quality assessment of Big Data
including 1) the processing types of big data, i.e. stream, batch, and hybrid,
2) the main task, and 3) the method used to conduct the task. We compare and
critically review all of the studies reported during the last ten years through
our proposed framework to identify which of the available data quality
assessment methods have been successfully adopted by the big data community.
Finally, we provide a critical discussion on the limitations of existing
methods and offer suggestions on potential valuable research directions that
can be taken in future research in this domain
Survey on Incremental Approaches for Network Anomaly Detection
As the communication industry has connected distant corners of the globe
using advances in network technology, intruders or attackers have also
increased attacks on networking infrastructure commensurately. System
administrators can attempt to prevent such attacks using intrusion detection
tools and systems. There are many commercially available signature-based
Intrusion Detection Systems (IDSs). However, most IDSs lack the capability to
detect novel or previously unknown attacks. A special type of IDSs, called
Anomaly Detection Systems, develop models based on normal system or network
behavior, with the goal of detecting both known and unknown attacks. Anomaly
detection systems face many problems including high rate of false alarm,
ability to work in online mode, and scalability. This paper presents a
selective survey of incremental approaches for detecting anomaly in normal
system or network traffic. The technological trends, open problems, and
challenges over anomaly detection using incremental approach are also
discussed.Comment: 14 pages, 1 figure, 11 tables referred journal publicatio
Neural Stochastic Block Model & Scalable Community-Based Graph Learning
This paper proposes a novel scalable community-based neural framework for
graph learning. The framework learns the graph topology through the task of
community detection and link prediction by optimizing with our proposed joint
SBM loss function, which results from a non-trivial adaptation of the
likelihood function of the classic Stochastic Block Model (SBM). Compared with
SBM, our framework is flexible, naturally allows soft labels and digestion of
complex node attributes. The main goal is efficient valuation of complex graph
data, therefore our design carefully aims at accommodating large data, and
ensures there is a single forward pass for efficient evaluation. For large
graph, it remains an open problem of how to efficiently leverage its underlying
structure for various graph learning tasks. Previously it can be heavy work.
With our community-based framework, this becomes less difficult and allows the
task models to basically plug-in-and-play and perform joint training. We
currently look into two particular applications, the graph alignment and the
anomalous correlation detection, and discuss how to make use of our framework
to tackle both problems. Extensive experiments are conducted to demonstrate the
effectiveness of our approach. We also contributed tweaks of classic techniques
which we find helpful for performance and scalability. For example, 1) the
GAT+, an improved design of GAT (Graph Attention Network), the scaled-cosine
similarity, and a unified implementation of the convolution/attention based and
the random-walk based neural graph models
Online Multivariate Anomaly Detection and Localization for High-dimensional Settings
This paper considers the real-time detection of anomalies in high-dimensional
systems. The goal is to detect anomalies quickly and accurately so that the
appropriate countermeasures could be taken in time, before the system possibly
gets harmed. We propose a sequential and multivariate anomaly detection method
that scales well to high-dimensional datasets. The proposed method follows a
nonparametric, i.e., data-driven, and semi-supervised approach, i.e., trains
only on nominal data. Thus, it is applicable to a wide range of applications
and data types. Thanks to its multivariate nature, it can quickly and
accurately detect challenging anomalies, such as changes in the correlation
structure and stealth low-rate cyberattacks. Its asymptotic optimality and
computational complexity are comprehensively analyzed. In conjunction with the
detection method, an effective technique for localizing the anomalous data
dimensions is also proposed. We further extend the proposed detection and
localization methods to a supervised setup where an additional anomaly dataset
is available, and combine the proposed semi-supervised and supervised
algorithms to obtain an online learning algorithm under the semi-supervised
framework. The practical use of proposed algorithms are demonstrated in DDoS
attack mitigation, and their performances are evaluated using a real IoT-botnet
dataset and simulations.Comment: 16 pages, LaTeX; references adde
A Survey on Social Media Anomaly Detection
Social media anomaly detection is of critical importance to prevent malicious
activities such as bullying, terrorist attack planning, and fraud information
dissemination. With the recent popularity of social media, new types of
anomalous behaviors arise, causing concerns from various parties. While a large
amount of work have been dedicated to traditional anomaly detection problems,
we observe a surge of research interests in the new realm of social media
anomaly detection. In this paper, we present a survey on existing approaches to
address this problem. We focus on the new type of anomalous phenomena in the
social media and review the recent developed techniques to detect those special
types of anomalies. We provide a general overview of the problem domain, common
formulations, existing methodologies and potential directions. With this work,
we hope to call out the attention from the research community on this
challenging problem and open up new directions that we can contribute in the
future.Comment: 23 page
Should I Raise The Red Flag? A comprehensive survey of anomaly scoring methods toward mitigating false alarms
Nowadays, advanced intrusion detection systems (IDSs) rely on a combination
of anomaly detection and signature-based methods. An IDS gathers observations,
analyzes behavioral patterns, and reports suspicious events for further
investigation. A notorious issue anomaly detection systems (ADSs) and IDSs face
is the possibility of high false alarms, which even state-of-the-art systems
have not overcome. This is especially a problem with large and complex systems.
The number of non-critical alarms can easily overwhelm administrators and
increase the likelihood of ignoring future alerts. Mitigation strategies thus
aim to avoid raising `too many' false alarms without missing potentially
dangerous situations. There are two major categories of false alarm-mitigation
strategies: (1) methods that are customized to enhance the quality of anomaly
scoring; (2) approaches acting as filtering methods in contexts that aim to
decrease false alarm rates. These methods have been widely utilized by many
scholars. Herein, we review and compare the existing techniques for false alarm
mitigation in ADSs. We also examine the use of promising techniques in
signature-based IDS and other relevant contexts, such as commercial security
information and event management tools, which are promising for ADSs. We
conclude by highlighting promising directions for future research.Comment: arXiv admin note: text overlap with arXiv:1802.04431,
arXiv:1503.01158 by other author
Universal Anomaly Detection: Algorithms and Applications
Modern computer threats are far more complicated than those seen in the past.
They are constantly evolving, altering their appearance, perpetually changing
disguise. Under such circumstances, detecting known threats, a fortiori
zero-day attacks, requires new tools, which are able to capture the essence of
their behavior, rather than some fixed signatures. In this work, we propose
novel universal anomaly detection algorithms, which are able to learn the
normal behavior of systems and alert for abnormalities, without any prior
knowledge on the system model, nor any knowledge on the characteristics of the
attack. The suggested method utilizes the Lempel-Ziv universal compression
algorithm in order to optimally give probability assignments for normal
behavior (during learning), then estimate the likelihood of new data (during
operation) and classify it accordingly. The suggested technique is generic, and
can be applied to different scenarios. Indeed, we apply it to key problems in
computer security. The first is detecting Botnets Command and Control (C&C)
channels. A Botnet is a logical network of compromised machines which are
remotely controlled by an attacker using a C&C infrastructure, in order to
perform malicious activities. We derive a detection algorithm based on timing
data, which can be collected without deep inspection, from open as well as
encrypted flows. We evaluate the algorithm on real-world network traces,
showing how a universal, low complexity C&C identification system can be built,
with high detection rates and low false-alarm probabilities. Further
applications include malicious tools detection via system calls monitoring and
data leakage identification
A short review on Applications of Deep learning for Cyber security
Deep learning is an advanced model of traditional machine learning. This has
the capability to extract optimal feature representation from raw input
samples. This has been applied towards various use cases in cyber security such
as intrusion detection, malware classification, android malware detection, spam
and phishing detection and binary analysis. This paper outlines the survey of
all the works related to deep learning based solutions for various cyber
security use cases. Keywords: Deep learning, intrusion detection, malware
detection, Android malware detection, spam & phishing detection, traffic
analysis, binary analysis.Comment: 15 page
Detecting Irregular Patterns in IoT Streaming Data for Fall Detection
Detecting patterns in real time streaming data has been an interesting and
challenging data analytics problem. With the proliferation of a variety of
sensor devices, real-time analytics of data from the Internet of Things (IoT)
to learn regular and irregular patterns has become an important machine
learning problem to enable predictive analytics for automated notification and
decision support. In this work, we address the problem of learning an irregular
human activity pattern, fall, from streaming IoT data from wearable sensors. We
present a deep neural network model for detecting fall based on accelerometer
data giving 98.75 percent accuracy using an online physical activity monitoring
dataset called "MobiAct", which was published by Vavoulas et al. The initial
model was developed using IBM Watson studio and then later transferred and
deployed on IBM Cloud with the streaming analytics service supported by IBM
Streams for monitoring real-time IoT data. We also present the systems
architecture of the real-time fall detection framework that we intend to use
with mbientlabs wearable health monitoring sensors for real time patient
monitoring at retirement homes or rehabilitation clinics.Comment: 7 page
- …