Associated Random Neural Networks for Collective Classification of Nodes in Botnet Attacks

Botnet attacks are a major threat to networked systems because of their ability to turn the network nodes that they compromise into additional attackers, leading to the spread of high volume attacks over long periods. The detection of such Botnets is complicated by the fact that multiple network IP addresses will be simultaneously compromised, so that Collective Classification of compromised nodes, in addition to the already available traditional methods that focus on individual nodes, can be useful. Thus this work introduces a collective Botnet attack classification technique that operates on traffic from an n-node IP network with a novel Associated Random Neural Network (ARNN) that identifies the nodes which are compromised. The ARNN is a recurrent architecture that incorporates two mutually associated, interconnected and architecturally identical n-neuron random neural networks, that act simultneously as mutual critics to reach the decision regarding which of n nodes have been compromised. A novel gradient learning descent algorithm is presented for the ARNN, and is shown to operate effectively both with conventional off-line training from prior data, and with on-line incremental training without prior off-line learning. Real data from a 107 node packet network is used with over 700,000 packets to evaluate the ARNN, showing that it provides accurate predictions. Comparisons with other well-known state of the art methods using the same learning and testing datasets, show that the ARNN offers significantly better performance

Exploring the Shift from Physical to Cybercrime at the Onset of the COVID-19 Pandemic

The novel coronavirus has made an impact on virtually every aspect of our lives. The current study utilizes secondary data to identify patterns and trends related to shifting crime from the physical to the cyber domain. With millions, if not billions, people staying at home, attackers now look for new ways to commit crimes. Our findings indicate that while a lot of crimes such as robbery, assault, rape, and murder have declined at the beginning of the pandemic, we are also witnessing a rise in cybercrime, vehicle theft, and domestic violence. The current study looks specifically at phishing and what new trends are observed due to COVID-19. The current work is grounded in routine activity theory and demonstrates its relevance to both the physical and cyberspace. The implications of our work can be used by scholars who want to continue researching this new phenomenon. Practitioners can utilize our findings to look for ways to improve the corporate security posture by protecting the employees and customers working from home. Developing new phishing training and awareness programs should be focused around possible scenarios involving COVID-19. Our study suggests victims are more likely to fall prey to those during times of fear and uncertainty like the current pandemic

A Novel Method of Spatiotemporal Dynamic Geo-Visualization of Criminal Data, Applied to Command and Control Centers for Public Safety

[EN] This article shows a novel geo-visualization method of dynamic spatiotemporal data that allows mobility and concentration of criminal activity to be study. The method was developed using, only and significantly, real data of Santiago de Cali (Colombia), collected by the Colombian National Police (PONAL). This method constitutes a tool that allows criminal influx to be analyzed by concentration, zone, time slot and date. In addition to the field experience of police commanders, it allows patterns of criminal activity to be detected, thereby enabling a better distribution and management of police resources allocated to crime deterrence, prevention and control. Additionally, it may be applied to the concepts of safe city and smart city of the PONAL within the architecture of Command and Control System (C2S) of Command and Control Centers for Public Safety. Furthermore, it contributes to a better situational awareness and improves the future projection, agility, efficiency and decision-making processes of police officers, which are all essential for fulfillment of police missions against crime. Finally, this was developed using an open source software, it can be adapted to any other city, be used with real-time data and be implemented, if necessary, with the geographic software of any other C2S.This work was co-funded by the European Commission as part of H2020 call SEC-12-FCT-2016-thrtopic3 under the project VICTORIA (No. 740754). This publication reflects the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein. The authors would like to thank Colombian National Police and its Office of Telematics for their support on development of this project.Salcedo-González, ML.; Suarez-Paez, JE.; Esteve Domingo, M.; Gomez, J.; Palau Salvador, CE. (2020). A Novel Method of Spatiotemporal Dynamic Geo-Visualization of Criminal Data, Applied to Command and Control Centers for Public Safety. ISPRS International Journal of Geo-Information. 9(3):1-17. https://doi.org/10.3390/ijgi9030160S11793Lacinák, M., & Ristvej, J. (2017). Smart City, Safety and Security. Procedia Engineering, 192, 522-527. doi:10.1016/j.proeng.2017.06.090Neumann, M., & Elsenbroich, C. (2016). Introduction: the societal dimensions of organized crime. Trends in Organized Crime, 20(1-2), 1-15. doi:10.1007/s12117-016-9294-zPhillips, P., & Lee, I. (2012). Mining co-distribution patterns for large crime datasets. Expert Systems with Applications, 39(14), 11556-11563. doi:10.1016/j.eswa.2012.03.071Linning, S. J. (2015). Crime seasonality and the micro-spatial patterns of property crime in Vancouver, BC and Ottawa, ON. Journal of Criminal Justice, 43(6), 544-555. doi:10.1016/j.jcrimjus.2015.05.007Spicer, V., & Song, J. (2017). The impact of transit growth on the perception of crime. Journal of Environmental Psychology, 54, 151-159. doi:10.1016/j.jenvp.2017.09.002Beland, L.-P., & Brent, D. A. (2018). Traffic and crime. Journal of Public Economics, 160, 96-116. doi:10.1016/j.jpubeco.2018.03.002Newspaper of National Circulation in Colombia, E.T. Robos en Trancones en El Tintal—Bogotá—.ELTIEMPO.COM https://www.eltiempo.com/bogota/robos-en-trancones-en-el-tintal-168226Nueva Modalidad de Atraco a Conductores en Los Trancones de Bogotá|ELESPECTADOR.COM http://www.elespectador.com/noticias/bogota/nueva-modalidad-de-atraco-conductores-en-los-trancones-de-bogota-articulo-697716Carrillo, P. E., Lopez-Luzuriaga, A., & Malik, A. S. (2018). Pollution or crime: The effect of driving restrictions on criminal activity. Journal of Public Economics, 164, 50-69. doi:10.1016/j.jpubeco.2018.05.007Twinam, T. (2017). Danger zone: Land use and the geography of neighborhood crime. Journal of Urban Economics, 100, 104-119. doi:10.1016/j.jue.2017.05.006Sadler, R. C., Pizarro, J., Turchan, B., Gasteyer, S. P., & McGarrell, E. F. (2017). Exploring the spatial-temporal relationships between a community greening program and neighborhood rates of crime. Applied Geography, 83, 13-26. doi:10.1016/j.apgeog.2017.03.017Roth, R. E., Ross, K. S., Finch, B. G., Luo, W., & MacEachren, A. M. (2013). Spatiotemporal crime analysis in U.S. law enforcement agencies: Current practices and unmet needs. Government Information Quarterly, 30(3), 226-240. doi:10.1016/j.giq.2013.02.001Sustainable Development Goals|UNDP https://www.undp.org/content/undp/en/home/sustainable-development-goals.htmlGiménez-Santana, A., Caplan, J. M., & Drawve, G. (2018). Risk Terrain Modeling and Socio-Economic Stratification: Identifying Risky Places for Violent Crime Victimization in Bogotá, Colombia. European Journal on Criminal Policy and Research, 24(4), 417-431. doi:10.1007/s10610-018-9374-5Kim, S., Jeong, S., Woo, I., Jang, Y., Maciejewski, R., & Ebert, D. S. (2018). Data Flow Analysis and Visualization for Spatiotemporal Statistical Data without Trajectory Information. IEEE Transactions on Visualization and Computer Graphics, 24(3), 1287-1300. doi:10.1109/tvcg.2017.2666146Kounadi, O., & Leitner, M. (2014). Spatial Information Divergence: Using Global and Local Indices to Compare Geographical Masks Applied to Crime Data. Transactions in GIS, 19(5), 737-757. doi:10.1111/tgis.12125Khalid, S., Shoaib, F., Qian, T., Rui, Y., Bari, A. I., Sajjad, M., … Wang, J. (2017). Network Constrained Spatio-Temporal Hotspot Mapping of Crimes in Faisalabad. Applied Spatial Analysis and Policy, 11(3), 599-622. doi:10.1007/s12061-017-9230-xLopez-Cuevas, A., Medina-Perez, M. A., Monroy, R., Ramirez-Marquez, J. E., & Trejo, L. A. (2018). FiToViz: A Visualisation Approach for Real-Time Risk Situation Awareness. IEEE Transactions on Affective Computing, 9(3), 372-382. doi:10.1109/taffc.2017.2741478Xue, Y., & Brown, D. E. (2006). Spatial analysis with preference specification of latent decision makers for criminal event prediction. Decision Support Systems, 41(3), 560-573. doi:10.1016/j.dss.2004.06.007Nakaya, T., & Yano, K. (2010). Visualising Crime Clusters in a Space-time Cube: An Exploratory Data-analysis Approach Using Space-time Kernel Density Estimation and Scan Statistics. Transactions in GIS, 14(3), 223-239. doi:10.1111/j.1467-9671.2010.01194.xAnuar, N. B., & Yap, B. W. (2018). Data Visualization of Violent Crime Hotspots in Malaysia. Soft Computing in Data Science, 350-363. doi:10.1007/978-981-13-3441-2_27Malik, A., Maciejewski, R., Towers, S., McCullough, S., & Ebert, D. S. (2014). Proactive Spatiotemporal Resource Allocation and Predictive Visual Analytics for Community Policing and Law Enforcement. IEEE Transactions on Visualization and Computer Graphics, 20(12), 1863-1872. doi:10.1109/tvcg.2014.2346926Arietta, S. M., Efros, A. A., Ramamoorthi, R., & Agrawala, M. (2014). City Forensics: Using Visual Elements to Predict Non-Visual City Attributes. IEEE Transactions on Visualization and Computer Graphics, 20(12), 2624-2633. doi:10.1109/tvcg.2014.2346446Hu, Y., Wang, F., Guin, C., & Zhu, H. (2018). A spatio-temporal kernel density estimation framework for predictive crime hotspot mapping and evaluation. Applied Geography, 99, 89-97. doi:10.1016/j.apgeog.2018.08.001Yang, D., Heaney, T., Tonon, A., Wang, L., & Cudré-Mauroux, P. (2017). CrimeTelescope: crime hotspot prediction based on urban and social media data fusion. World Wide Web, 21(5), 1323-1347. doi:10.1007/s11280-017-0515-4ToppiReddy, H. K. R., Saini, B., & Mahajan, G. (2018). Crime Prediction & Monitoring Framework Based on Spatial Analysis. Procedia Computer Science, 132, 696-705. doi:10.1016/j.procs.2018.05.075Devia, N., & Weber, R. (2013). Generating crime data using agent-based simulation. Computers, Environment and Urban Systems, 42, 26-41. doi:10.1016/j.compenvurbsys.2013.09.001Kuo, P.-F., Lord, D., & Walden, T. D. (2013). Using geographical information systems to organize police patrol routes effectively by grouping hotspots of crash and crime data. Journal of Transport Geography, 30, 138-148. doi:10.1016/j.jtrangeo.2013.04.006Camacho-Collados, M., & Liberatore, F. (2015). A Decision Support System for predictive police patrolling. Decision Support Systems, 75, 25-37. doi:10.1016/j.dss.2015.04.012Kagawa, T., Saiki, S., & Nakamura, M. (2019). Analyzing street crimes in Kobe city using PRISM. International Journal of Web Information Systems, 15(2), 183-200. doi:10.1108/ijwis-04-2018-0032Jentner, W., Sacha, D., Stoffel, F., Ellis, G., Zhang, L., & Keim, D. A. (2018). Making machine intelligence less scary for criminal analysts: reflections on designing a visual comparative case analysis tool. The Visual Computer, 34(9), 1225-1241. doi:10.1007/s00371-018-1483-0Suarez-Paez, J., Salcedo-Gonzalez, M., Esteve, M., Gómez, J. A., Palau, C., & Pérez-Llopis, I. (2018). Reduced computational cost prototype for street theft detection based on depth decrement in Convolutional Neural Network. Application to Command and Control Information Systems (C2IS) in the National Police of Colombia. International Journal of Computational Intelligence Systems, 12(1), 123. doi:10.2991/ijcis.2018.25905186Suarez-Paez, J., Salcedo-Gonzalez, M., Climente, A., Esteve, M., Gómez, J. A., Palau, C. E., & Pérez-Llopis, I. (2019). A Novel Low Processing Time System for Criminal Activities Detection Applied to Command and Control Citizen Security Centers. Information, 10(12), 365. doi:10.3390/info10120365Esteve, M., Perez-Llopis, I., & Palau, C. E. (2013). Friendly Force Tracking COTS solution. IEEE Aerospace and Electronic Systems Magazine, 28(1), 14-21. doi:10.1109/maes.2013.6470440Esteve, M., Perez-Llopis, I., Hernandez-Blanco, L. E., Palau, C. E., & Carvajal, F. (2007). SIMACOP: Small Units Management C4ISR System. Multimedia and Expo, 2007 IEEE International Conference on. doi:10.1109/icme.2007.4284862OpenStreetMap http://www.openstreetmap.or

CNA Tactics and Techniques: A Structure Proposal

[EN] Destructive and control operations are today a major threat for cyber physical systems. These operations, known as Computer Network Attack (CNA), and usually linked to state-sponsored actors, are much less analyzed than Computer Network Exploitation activities (CNE), those related to intelligence gathering. While in CNE operations the main tactics and techniques are defined and well structured, in CNA there is a lack of such consensuated approaches. This situation hinders the modeling of threat actors, which prevents an accurate definition of control to identify and to neutralize malicious activities. In this paper, we propose the first global approach for CNA operations that can be used to map real-world activities. The proposal significantly reduces the amount of effort need to identify, analyze, and neutralize advanced threat actors targeting cyber physical systems. It follows a logical structure that can be easy to expand and adapt.Villalón-Huerta, A.; Ripoll-Ripoll, I.; Marco-Gisbert, H. (2021). CNA Tactics and Techniques: A Structure Proposal. Journal of Sensor and Actuator Networks. 10(1):1-23. https://doi.org/10.3390/jsan10010014S12310

Biometric identity systems in law enforcement and the politics of (voice)recognition: the case of SiiP

Biometric identity systems are now a prominent feature of contemporary law enforcement, including in Europe. Often advanced on the premise of efficiency and accuracy, they have also been the subject of significant controversy. Much attention has focussed on longer-standing biometric data collection, such as finger-printing and facial recognition, foregrounding concerns with the impact such technologies can have on the nature of policing and fundamental human rights. Less researched is the growing use of voice recognition in law enforcement. This paper examines the case of the recent Speaker Identification Integrated Project, a European wide initiative to create the first international and interoperable database of voice biometrics, now the third largest biometric database at Interpol. Drawing on Freedom of Information requests, interviews and public documentation, we outline the emergence and features of SiiP and explore how voice is recognised and attributed meaning. We understand Speaker Identification Integrated Project as constituting a particular ‘regime of recognition’ premised on the use of soft biometrics (age, language, accent and gender) to disembed voice in order to optimise for difference. This, in turn, has implications for the nature and scope of law enforcement, people's position in society, and justice concerns more broadly

Sentiment Analysis Using Common-Sense and Context Information

Sentiment analysis research has been increasing tremendously in recent times due to the wide range of business and social applications. Sentiment analysis from unstructured natural language text has recently received considerable attention from the research community. In this paper, we propose a novel sentiment analysis model based on common-sense knowledge extracted from ConceptNet based ontology and context information. ConceptNet based ontology is used to determine the domain specific concepts which in turn produced the domain specific important features. Further, the polarities of the extracted concepts are determined using the contextual polarity lexicon which we developed by considering the context information of a word. Finally, semantic orientations of domain specific features of the review document are aggregated based on the importance of a feature with respect to the domain. The importance of the feature is determined by the depth of the feature in the ontology. Experimental results show the effectiveness of the proposed methods

A situation risk awareness approach for process systems safety

Promoting situation awareness is an important design objective for a wide variety of domains, especially for process systems where the information flow is quite high and poor decisions may lead to serious consequences. In today's process systems, operators are often moved to a control room far away from the physical environment, and increasing amounts of information are passed to them via automated systems, they therefore need a greater level of support to control and maintain the facilities in safe conditions. This paper proposes a situation risk awareness approach for process systems safety where the effect of ever-increasing situational complexity on human decision-makers is a concern. To develop the approach, two important aspects - addressing hazards that arise from hardware failure and reducing human error through decision-making - have been considered. The proposed situation risk awareness approach includes two major elements: an evidence preparation component and a situation assessment component. The evidence preparation component provides the soft evidence, using a fuzzy partitioning method, that is used in the subsequent situation assessment component. The situation assessment component includes a situational network based on dynamic Bayesian networks to model the abnormal situations, and a fuzzy risk estimation method to generate the assessment result. A case from US Chemical Safety Board investigation reports has been used to illustrate the application of the proposed approach. © 2013 Elsevier Ltd

Authentication and Authorization for Mobile IoT Devices Using Biofeatures: Recent Advances and Future Trends

Biofeatures are fast becoming a key tool to authenticate the IoT devices; in this sense, the purpose of this investigation is to summarise the factors that hinder biometrics models’ development and deployment on a large scale, including human physiological (e.g., face, eyes, fingerprints-palm, or electrocardiogram) and behavioral features (e.g., signature, voice, gait, or keystroke). The different machine learning and data mining methods used by authentication and authorization schemes for mobile IoT devices are provided. Threat models and countermeasures used by biometrics-based authentication schemes for mobile IoT devices are also presented. More specifically, we analyze the state of the art of the existing biometric-based authentication schemes for IoT devices. Based on the current taxonomy, we conclude our paper with different types of challenges for future research efforts in biometrics-based authentication schemes for IoT devices