22,712 research outputs found
Intrusion Detection in Mobile Ad Hoc Networks Using Classification Algorithms
In this paper we present the design and evaluation of intrusion detection
models for MANETs using supervised classification algorithms. Specifically, we
evaluate the performance of the MultiLayer Perceptron (MLP), the Linear
classifier, the Gaussian Mixture Model (GMM), the Naive Bayes classifier and
the Support Vector Machine (SVM). The performance of the classification
algorithms is evaluated under different traffic conditions and mobility
patterns for the Black Hole, Forging, Packet Dropping, and Flooding attacks.
The results indicate that Support Vector Machines exhibit high accuracy for
almost all simulated attacks and that Packet Dropping is the hardest attack to
detect.Comment: 12 pages, 7 figures, presented at MedHocNet 200
Dendritic Cells for Anomaly Detection
Artificial immune systems, more specifically the negative selection
algorithm, have previously been applied to intrusion detection. The aim of this
research is to develop an intrusion detection system based on a novel concept
in immunology, the Danger Theory. Dendritic Cells (DCs) are antigen presenting
cells and key to the activation of the human signals from the host tissue and
correlate these signals with proteins know as antigens. In algorithmic terms,
individual DCs perform multi-sensor data fusion based on time-windows. The
whole population of DCs asynchronously correlates the fused signals with a
secondary data stream. The behaviour of human DCs is abstracted to form the DC
Algorithm (DCA), which is implemented using an immune inspired framework,
libtissue. This system is used to detect context switching for a basic machine
learning dataset and to detect outgoing portscans in real-time. Experimental
results show a significant difference between an outgoing portscan and normal
traffic.Comment: 8 pages, 10 tables, 4 figures, IEEE Congress on Evolutionary
Computation (CEC2006), Vancouver, Canad
Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences
In this survey, we first briefly review the current state of cyber attacks,
highlighting significant recent changes in how and why such attacks are
performed. We then investigate the mechanics of malware command and control
(C2) establishment: we provide a comprehensive review of the techniques used by
attackers to set up such a channel and to hide its presence from the attacked
parties and the security tools they use. We then switch to the defensive side
of the problem, and review approaches that have been proposed for the detection
and disruption of C2 channels. We also map such techniques to widely-adopted
security controls, emphasizing gaps or limitations (and success stories) in
current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages.
Listing abstract compressed from version appearing in repor
A reconnaissance geochemical drainage survey of the Criffel-Dalbeattie granodiorite complex and its environs
Regional geochemical reconnaissance by stream sediments and panned
concentrates was undertaken over an area of 850 km
2
of south-west Scotland.
Rocks of Ordovician to Permian age are exposed within the area but the major
part is occupied by the Criffel-Dalbeattie granodiorite complex.
Multi-element analysis of the samples collected demonstrates
patterns of trace element distribution related to the geology and
Broad-scale patterns in the distribution of some elements reflect compositional
anumber of
mineralisation.
variations in both the Lower Palaeozoic turbidite sequence and the Criffel-
Dalbeattie granodiorite complex, both of which may be sub-divided into specific
units on the basis of the geochemical data.
The follow-up of copper anomalies in drainage samples from the Black
Stockarton Moor area led to the discovery of porphyry-style copper mineralisation
within an arcuate belt at least 5 km by 1 km within the Black Stockarton Moor
subvolcanic complex and of related disseminated copper mineralisation at Screel
Burn. The area to the west of the Criffel-Dalbeattie plutonic complex is also
characterised by relatively high boron levels in stream sediments reflecting
the widespread occurrence of tourmaline both in association with and peripheral
to the copper mineralisation. Vein mineralisation, usually containing baryte
in addition to base.metals, is also identifiable from the drainage survey at
the eastern margin of the Criffel-Dalbeattie granodiorite; in association with
the Lower Carboniferous rocks along the Solway coast; and within the Lower
Palaeozoic turbidites in the west of the area
- …