1,155 research outputs found

    Detecting explosive-device emplacement at multiple granularities

    Get PDF
    This paper appeared in the Proceedings of the Military Sensing Society (MSS) National Symposium, Las Vegas, Nevada, U.S., July 2010.We report on experiments with a nonimaging sensor network for detection of suspicious behavior related to pedestrian emplacement of IEDs. Emplacement is the time when detection is the most feasible for IEDs since it almost necessarily must involve some unusual behaviors. Sensors at particularly dangerous locations such as bridges, culverts, road narrowings, and road intersections could provide early warning of such activity. Imaging for surveillance has weaknesses in its susceptibility to occlusion, problems operating at night, sensitivity to angle of view, high processing requirements, and need to invade privacy. Our approach is to use a variety of nonimaging sensors with different modalities to track people. We particularly look for clues as to accelerations since these are often associated with suspicious behavior. Our approach involves preanalyzing terrain for the probability of emplacement of an IED, then combining this with real-time assessment of suspicious behavior obtained from probabilities of location derived from sensor data. We describe some experiments with a prototype sensor network and the promising results obtained.supported by the U.S. National Science Foundation under grant 0729696 of the EXP ProgramApproved for public release; distribution is unlimited

    Multimodal Data Fusion and Behavioral Analysis Tooling for Exploring Trust, Trust-propensity, and Phishing Victimization in Online Environments

    Get PDF
    Online environments, including email and social media platforms, are continuously threatened by malicious content designed by attackers to install malware on unsuspecting users and/or phish them into revealing sensitive data about themselves. Often slipping past technical mitigations (e.g. spam filters), attacks target the human element and seek to elicit trust as a means of achieving their nefarious ends. Victimized end-users lack the discernment, visual acuity, training, and/or experience to correctly identify the nefarious antecedents of trust that should prompt suspicion. Existing literature has explored trust, trust-propensity, and victimization, but studies lack data capture richness, realism, and/or the ability to investigate active user interactions. This paper defines a data collection and fusion approach alongside new open-sourced behavioral analysis tooling that addresses all three factors to provide researchers with empirical, evidence-based, insights into active end-user trust behaviors. The approach is evaluated in terms of comparative analysis, run-time performance, and fused data accuracy

    Formalizing and Integrating User Knowledge into Security Analytics

    Get PDF
    The Internet-of-Things and ubiquitous cyber-physical systems increase the attack surface for cyber-physical attacks. They exploit technical vulnerabilities and human weaknesses to wreak havoc on organizations’ information systems, physical machines, or even humans. Taking a stand against these multi-dimensional attacks requires automated measures to be com- bined with people as their knowledge has proven critical for security analytics. However, there is no uniform understanding of information security knowledge and its integration into security analytics activities. With this work, we structure and formalize the crucial notions of knowledge that we deem essential for holistic security analytics. A corresponding knowledge model is established based on the Incident Detection Lifecycle, which summarizes the security analytics activities. This idea of knowledge-based security analytics highlights a dichotomy in security analytics. Security experts can operate security mechanisms and thus contribute their knowledge. However, security novices often cannot operate security mechanisms and, therefore, cannot make their highly-specialized domain knowledge available for security analytics. This results in several severe knowledge gaps. We present a research prototype that shows how several of these knowledge gaps can be overcome by simplifying the interaction with automated security analytics techniques

    On the Nature and Types of Anomalies: A Review

    Full text link
    Anomalies are occurrences in a dataset that are in some way unusual and do not fit the general patterns. The concept of the anomaly is generally ill-defined and perceived as vague and domain-dependent. Moreover, despite some 250 years of publications on the topic, no comprehensive and concrete overviews of the different types of anomalies have hitherto been published. By means of an extensive literature review this study therefore offers the first theoretically principled and domain-independent typology of data anomalies, and presents a full overview of anomaly types and subtypes. To concretely define the concept of the anomaly and its different manifestations, the typology employs five dimensions: data type, cardinality of relationship, anomaly level, data structure and data distribution. These fundamental and data-centric dimensions naturally yield 3 broad groups, 9 basic types and 61 subtypes of anomalies. The typology facilitates the evaluation of the functional capabilities of anomaly detection algorithms, contributes to explainable data science, and provides insights into relevant topics such as local versus global anomalies.Comment: 38 pages (30 pages content), 10 figures, 3 tables. Preprint; review comments will be appreciated. Improvements in version 2: Explicit mention of fifth anomaly dimension; Added section on explainable anomaly detection; Added section on variations on the anomaly concept; Various minor additions and improvement

    Novel Alert Visualization: The Development of a Visual Analytics Prototype for Mitigation of Malicious Insider Cyber Threats

    Get PDF
    Cyber insider threat is one of the most difficult risks to mitigate in organizations. However, innovative validated visualizations for cyber analysts to better decipher and react to detected anomalies has not been reported in literature or in industry. Attacks caused by malicious insiders can cause millions of dollars in losses to an organization. Though there have been advances in Intrusion Detection Systems (IDSs) over the last three decades, traditional IDSs do not specialize in anomaly identification caused by insiders. There is also a profuse amount of data being presented to cyber analysts when deciphering big data and reacting to data breach incidents using complex information systems. Information visualization is pertinent to the identification and mitigation of malicious cyber insider threats. The main goal of this study was to develop and validate, using Subject Matter Experts (SME), an executive insider threat dashboard visualization prototype. Using the developed prototype, an experimental study was conducted, which aimed to assess the perceived effectiveness in enhancing the analysts’ interface when complex data correlations are presented to mitigate malicious insiders cyber threats. Dashboard-based visualization techniques could be used to give full visibility of network progress and problems in real-time, especially within complex and stressful environments. For instance, in an Emergency Room (ER), there are four main vital signs used for urgent patient triage. Cybersecurity vital signs can give cyber analysts clear focal points during high severity issues. Pilots must expeditiously reference the Heads Up Display (HUD), which presents only key indicators to make critical decisions during unwarranted deviations or an immediate threat. Current dashboard-based visualization techniques have yet to be fully validated within the field of cybersecurity. This study developed a visualization prototype based on SME input utilizing the Delphi method. SMEs validated the perceived effectiveness of several different types of the developed visualization dashboard. Quantitative analysis of SME’s perceived effectiveness via self-reported value and satisfaction data as well as qualitative analysis of feedback provided during the experiments using the prototype developed were performed. This study identified critical cyber visualization variables and identified visualization techniques. The identifications were then used to develop QUICK.vℱ a prototype to be used when mitigating potentially malicious cyber insider threats. The perceived effectiveness of QUICK.vℱ was then validated. Insights from this study can aid organizations in enhancing cybersecurity dashboard visualizations by depicting only critical cybersecurity vital signs

    UB Breakthroughs Summer 2016

    Get PDF
    The UB Breakthroughs newsletter for summer of 2016. This issue contains articles discussing Dr. Faezipour's research into a smartphone app for skin cancer detection, Dr. Katsifis' research into the mutagenic and carcinogenic effects of heavy metals, Dr. Oberleitner’s research into the link between social isolation and exclusion and physical and emotional pain, Dr. Lee’s classes and camps teaching college and high school students big data analytics, professor Good’s study into teaching chiropractic warm-up with resistance bands, professor Brett’s research into the safety and efficacy of electro-acupuncture, Dr. Picardi’s research into employee and employer perceptions and how to create better matches in employment, Dr. Richmond’s new book examining African-American student activism in the northeast from the 1960s through 2015, Dr. Xiong’s new MEMS-based sensor for detecting miniscule air pollutants, UB’s 3-D Printing and Advanced Manufacturing Center, Dr. Wei’s study of China and international relations regarding the South China Sea, and Dr. Pallis’ support of the UB CanSat Competition team
    • 

    corecore