Multiple Simultaneous Threats Detection in Distributed Systems

This research examines a simultaneous threats detection system for distributed systems that uses a hybrid identification fusion model. This hybrid model is comprised of mathematical and statistical data fusion engines: Dempster-Shafer, Extended Dempster-Shafer, and Generalised Evidential Processing (GEP). The simultaneous threats detection system produced threat detection rates of 56% using Dempster-Shafer whilst Extended Dempster-Shafer and Generalised Evidential Processing (GEP) achieved 80% and 95% threat detection rate. Thus, the simultaneous threats detection system can improve threat detection rates by 39% (i.e. 95% - 56%) simply by adopting a more effective hybrid fusion model. In terms of efficiency and performance, the comparison of the three inference engines of the simultaneous threats detection system showed that Generalised Evidential Processing is a better data fusion model than Dempster-Shafer or Extended Dempster-Shafer. In addition, the set cover packing technique was used as a middle-tier data fusion tool to determine the reduced size groups of the threat data. Set cover provided significant improvement and reduced the threat population from 2,272 to 295. This helped to minimise the complexity of evidential processing, and therefore reduced the cost and time taken to determine the combined probability mass of the multiple simultaneous threats detection system. This technique is particularly relevant to online and internet-dependent applications, including portals

NASA space station automation: AI-based technology review

Research and Development projects in automation for the Space Station are discussed. Artificial Intelligence (AI) based automation technologies are planned to enhance crew safety through reduced need for EVA, increase crew productivity through the reduction of routine operations, increase space station autonomy, and augment space station capability through the use of teleoperation and robotics. AI technology will also be developed for the servicing of satellites at the Space Station, system monitoring and diagnosis, space manufacturing, and the assembly of large space structures

Second CLIPS Conference Proceedings, volume 1

Topics covered at the 2nd CLIPS Conference held at the Johnson Space Center, September 23-25, 1991 are given. Topics include rule groupings, fault detection using expert systems, decision making using expert systems, knowledge representation, computer aided design and debugging expert systems

Auditing Symposium XIII: Proceedings of the 1996 Deloitte & Touche/University of Kansas Symposium on Auditing Problems

Meeting the challenge of technological change -- A standard setter\u27s perspective / James M. Sylph, Gregory P. Shields; Technological change -- A glass half empty or a glass half full: Discussion of Meeting the challenge of technological change, and Business and auditing impacts of new technologies / Urton Anderson; Opportunities for assurance services in the 21st century: A progress report of the Special Committee on Assurance Services / Richard Lea; Model of errors and irregularities as a general framework for risk-based audit planning / Jere R. Francis, Richard A. Grimlund; Discussion of A Model of errors and irregularities as a general framework for risk-based audit planning / Timothy B. Bell; Framing effects and output interference in a concurring partner review context: Theory and exploratory analysis / Karla M. Johnstone, Stanley F. Biggs, Jean C. Bedard; Discussant\u27s comments on Framing effects and output interference in a concurring partner review context: Theory and exploratory analysis / David Plumlee; Implementation and acceptance of expert systems by auditors / Maureen McGowan; Discussion of Opportunities for assurance services in the 21st century: A progress report of the Special Committee on Assurance Services / Katherine Schipper; CPAS/CCM experiences: Perspectives for AI/ES research in accounting / Miklos A. Vasarhelyi; Discussant comments on The CPAS/CCM experiences: Perspectives for AI/ES research in accounting / Eric Denna; Digital analysis and the reduction of auditor litigation risk / Mark Nigrini; Discussion of Digital analysis and the reduction of auditor litigation risk / James E. Searing; Institute of Internal Auditors: Business and auditing impacts of new technologies / Charles H. Le Grandhttps://egrove.olemiss.edu/dl_proceedings/1012/thumbnail.jp

Systemic Risk Analysis of Human Factors in Phishing

The scope of this study is the systemic risk of the role of humans in the risk of phishing. The relevance to engineering managers and systems engineers of the risks of phishing attacks is the theft of data which has significantly increased in the past couple of years. Phishing has become a systemic persistent threat to all internet users. Understanding the role of humans in phishing from a systemic perspective is a critical objective towards creating a strong defense against complex and manipulative phishing attacks. The systemic view of phishing concentrates on how phishing affects the entire organizational system, not just parts or individual components of a system. This study will address the systemic view of phishing which puts focus on how the entire organizational system performs and the purposeful tasks and goals to minimize phishing. This study will use a grounded theory approach to the following questions. First, how can the interaction between the human and the phishing lure be adjusted to mitigate the risk of phishing (i.e., from a systemic perspective)? Second, how can developing a systematic method help in mitigating the risk of phishing by reducing the likelihood of a successful attack? With the advanced persistent threat of phishing, this study anticipates assisting organizations in measuring how proficiently they are presently handling the risk of phishing and to suggest how the organizations can increase their proficiency and mitigate the risk of phishing

Auditing Symposium VIII: Proceedings of the 1986 Touche Ross/University of Kansas Symposium on Auditing Problems

Discussant\u27s response to On the economics of product differentiation in auditing / Howard R. Osharow; Unresolved issues in classical audit sample evaluations / Donald R. Nichols, Rajendra P. Srivastava, Bart H. Ward; Discussant\u27s response to Unresolved issues in classical audit sample evaluations / Abraham D. Akresh; Under the spreading chestnut tree, accountants\u27 legal liability -- A historical perspective / Paul J. Ostling; Impact of technological events and trends on audit evidence in the year 2000: Phase I / Gary L. Holstrum, Theodore J. Mock, Robert N. West; Discussant\u27s Response to Impact of technological events and trends on audit evidence in the year 2000: Phase I; Is the second standard of fieldwork necessary / Thomas P. Bintinger; Discussant\u27s response to Is the second standard of fieldwork necessary / Andrew D. Bailey; Interim report on the development of an expert system for the auditor\u27s loan loss evaluation / Kirk P. Kelly, Gary S. Ribar, John J. Willingham; Discussant\u27s response to Interim report on the development of an expert system for the auditor\u27s loan loss evaluation / William F. Messier; Work of the Special Investigations Committee / R. K. (Robert Kuhn) Mautz (1915-2002); Discussant\u27s response to Under the spreading chestnut tree, accountants\u27 legal liability -- A historical perspective / Thomas A. Gavin; Assertion based approach to auditing / Donald A. Leslie; Discussant\u27s response to An assertion-based approach to auditing / William L. Felixhttps://egrove.olemiss.edu/dl_proceedings/1007/thumbnail.jp

An Interactive Distributed Simulation Framework With Application To Wireless Networks And Intrusion Detection

In this dissertation, we describe the portable, open-source distributed simulation framework (WINDS) targeting simulations of wireless network infrastructures that we have developed. We present the simulation framework which uses modular architecture and apply the framework to studies of mobility pattern effects, routing and intrusion detection mechanisms in simulations of large-scale wireless ad hoc, infrastructure, and totally mobile networks. The distributed simulations within the framework execute seamlessly and transparently to the user on a symmetric multiprocessor cluster computer or a network of computers with no modifications to the code or user objects. A visual graphical interface precisely depicts simulation object states and interactions throughout the simulation execution, giving the user full control over the simulation in real time. The network configuration is detected by the framework, and communication latency is taken into consideration when dynamically adjusting the simulation clock, allowing the simulation to run on a heterogeneous computing system. The simulation framework is easily extensible to multi-cluster systems and computing grids. An entire simulation system can be constructed in a short time, utilizing user-created and supplied simulation components, including mobile nodes, base stations, routing algorithms, traffic patterns and other objects. These objects are automatically compiled and loaded by the simulation system, and are available for dynamic simulation injection at runtime. Using our distributed simulation framework, we have studied modern intrusion detection systems (IDS) and assessed applicability of existing intrusion detection techniques to wireless networks. We have developed a mobile agent-based IDS targeting mobile wireless networks, and introduced load-balancing optimizations aimed at limited-resource systems to improve intrusion detection performance. Packet-based monitoring agents of our IDS employ a CASE-based reasoner engine that performs fast lookups of network packets in the existing SNORT-based intrusion rule-set. Experiments were performed using the intrusion data from MIT Lincoln Laboratories studies, and executed on a cluster computer utilizing our distributed simulation system

Behaviour monitoring: investigation of local and distributed approaches

Nowadays, the widespread availability of cheap and efficient unmanned systems (either aerial, ground or surface) has led to significant opportunities in the field of remote sensing and automated monitoring. On the one hand, the definition of efficient approaches to information collection, filtering and fusion has been the focus of extremely relevant research streams over the last decades. On the other hand, far less attention has been given to the problem of ‘interpreting’ the data, thus implementing inference processes able to, e.g., spot anomalies and possible threats in the monitored scenario. It is easy to understand how the automation of the ‘target assessment’ process could bring a great impact on monitoring applications since it would allow sensibly alleviating the analysis burden for human operators. To this end, the research project proposed in this thesis addresses the problem of behaviour assessment leading to the identification of targets that exhibit features “of interest”. Firstly, this thesis has addressed the problem of distributed target assessment based on behavioural and contextual features. The assessment problem is analysed making reference to a layered structure and a possible implementation approach for the middle-layer has been proposed. An extensive analysis of the ‘feature’ concept is provided, together with considerations about the target assessment process. A case study considering a road-traffic monitoring application is then introduced, suggesting a possible implementation for a set of features related to this particular scenario. The distributed approach has been implemented employing a consensus protocol, which allows achieving agreement about high-level, non-measurable, characteristics of the monitored vehicles. Two different techniques, ‘Belief’ and ‘Average’ consensus, for distributed target assessment based on features are finally presented, enabling the comparison of consensus effects when implemented at different level of the considered conceptual hierarchy. Then, the problem of identifying targets concerning features is tackled using a different approach: a probabilistic description is adopted for the target characteristics of interest and a hypothesis testing technique is applied to the feature probability density functions. Such approach is expected to allow discerning whether a given vehicle is a target of interest or not. The assessment process introduced is also able to account for information about the context of the vehicle, i.e. the environment where it moves or is operated. In so doing the target assessment process can be effectively adapted to the contour conditions. Results from simulations involving a road monitoring scenario are presented, considering both synthetic and real-world data. Lastly, the thesis addresses the problem of manoeuvre recognition and behaviour anomalies detection for generic targets through pattern matching techniques. This problem is analysed considering motor vehicles in a multi-lane road scenario. The proposed approach, however, can be easily extended to significantly different monitoring contexts. The overall proposed solution consists in a trajectory analysis tool, which classifies the target position over time into a sequence of ‘driving modes’, and a string-matching technique. This classification allows, as result of two different approaches, detecting both a priori defined patterns of interest and general behaviours standing out from those regularly exhibited from the monitored targets. Regarding the pattern matching process, two techniques are introduced and compared: a basic approach based on simple strings and a newly proposed method based on ‘regular expressions’. About reference patterns, a technique for the automatic definition of a dictionary of regular expressions matching the commonly observed target manoeuvres is presented. Its assessment results are then compared to those of a classic multi-layered neural network. In conclusion, this thesis proposes some novel approaches, both local and distributed, for the identification of the ‘targets of interest’ within a multi-target scenario. Such assessment is solely based on the behaviour actually exhibited by a target and does not involve any specific knowledge about the targets (analytic dynamic models, previous data, signatures of any type, etc.), being thus easily applicable to different scenarios and target types. For all the novel approaches described in the thesis, numerical results from simulations are reported: these results, in all the cases, confirm the effectiveness of the proposed techniques, even if they appear to be open to interpretation because of the inherent subjectivity of the assessment process

End-to-end security in active networks

Active network solutions have been proposed to many of the problems caused by the increasing heterogeneity of the Internet. These ystems allow nodes within the network to process data passing through in several ways. Allowing code from various sources to run on routers introduces numerous security concerns that have been addressed by research into safe languages, restricted execution environments, and other related areas. But little attention has been paid to an even more critical question: the effect on end-to-end security of active flow manipulation. This thesis first examines the threat model implicit in active networks. It develops a framework of security protocols in use at various layers of the networking stack, and their utility to multimedia transport and flow processing, and asks if it is reasonable to give active routers access to the plaintext of these flows. After considering the various security problem introduced, such as vulnerability to attacks on intermediaries or coercion, it concludes not. We then ask if active network systems can be built that maintain end-to-end security without seriously degrading the functionality they provide. We describe the design and analysis of three such protocols: a distributed packet filtering system that can be used to adjust multimedia bandwidth requirements and defend against denial-of-service attacks; an efficient composition of link and transport-layer reliability mechanisms that increases the performance of TCP over lossy wireless links; and a distributed watermarking servicethat can efficiently deliver media flows marked with the identity of their recipients. In all three cases, similar functionality is provided to designs that do not maintain end-to-end security. Finally, we reconsider traditional end-to-end arguments in both networking and security, and show that they have continuing importance for Internet design. Our watermarking work adds the concept of splitting trust throughout a network to that model; we suggest further applications of this idea