3,351 research outputs found
Data Mining in Electronic Commerce
Modern business is rushing toward e-commerce. If the transition is done
properly, it enables better management, new services, lower transaction costs
and better customer relations. Success depends on skilled information
technologists, among whom are statisticians. This paper focuses on some of the
contributions that statisticians are making to help change the business world,
especially through the development and application of data mining methods. This
is a very large area, and the topics we cover are chosen to avoid overlap with
other papers in this special issue, as well as to respect the limitations of
our expertise. Inevitably, electronic commerce has raised and is raising fresh
research problems in a very wide range of statistical areas, and we try to
emphasize those challenges.Comment: Published at http://dx.doi.org/10.1214/088342306000000204 in the
Statistical Science (http://www.imstat.org/sts/) by the Institute of
Mathematical Statistics (http://www.imstat.org
Time is of the Essence: Machine Learning-based Intrusion Detection in Industrial Time Series Data
The Industrial Internet of Things drastically increases connectivity of
devices in industrial applications. In addition to the benefits in efficiency,
scalability and ease of use, this creates novel attack surfaces. Historically,
industrial networks and protocols do not contain means of security, such as
authentication and encryption, that are made necessary by this development.
Thus, industrial IT-security is needed. In this work, emulated industrial
network data is transformed into a time series and analysed with three
different algorithms. The data contains labeled attacks, so the performance can
be evaluated. Matrix Profiles perform well with almost no parameterisation
needed. Seasonal Autoregressive Integrated Moving Average performs well in the
presence of noise, requiring parameterisation effort. Long Short Term
Memory-based neural networks perform mediocre while requiring a high training-
and parameterisation effort.Comment: Extended version of a publication in the 2018 IEEE International
Conference on Data Mining Workshops (ICDMW
Assessing and augmenting SCADA cyber security: a survey of techniques
SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability
Recommended from our members
A survey of intrusion detection techniques in Cloud
Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. It examines proposals incorporating Intrusion Detection Systems (IDS) in Cloud and discusses various types and techniques of IDS and Intrusion Prevention Systems (IPS), and recommends IDS/IPS positioning in Cloud architecture to achieve desired security in the next generation networks
A Novel Zero-Trust Network Access Control Scheme based on the Security Profile of Devices and Users
Security constitutes a principal concern for communication networks and services at present. This way, threats should be under control to minimize risks over time in real environments. With this aim, we introduce here a new approach for access control aimed to strengthen security in corporate networks and service providers related environments. Our proposal, named SADAC (Security Attribute-based Dynamic Access Control) presents three main novel features: (i) security related attributes regarding both configuration and operation are considered for network access control of final devices/users; (ii) a dynamic supervision procedure is implemented to evaluate the security profile associated to devices/users over time and, if so, to apply corresponding access restrictions; and (iii) a supervision procedure that also permits to diagnose the causes of inadequate security behaviours, so that the final devices/users can adapt their configuration and/or operation. We describe the overall access control methodology as well as the aspects for its implementation. In particular, we present and evaluate the specific deployment of SADAC for a corporate WiFi environment supported on a Raspberry Pi-based AP to provide Internet access to mobile devices. Through this experimentation we can conclude the convenience of adopting the approach for improving security by minimizing risks in network and communication environments
A Methodology for Trustworthy IoT in Healthcare-Related Environments
The transition to the so-called retirement years, comes with the freedom to pursue old passions
and hobbies that were not possible to do in the past busy life. Unfortunately, that freedom
does not come alone, as the previous young years are gone, and the body starts to feel the
time that passed. The necessity to adapt elder way of living, grows as they become more prone
to health problems. Often, the solution for the attention required by the elders is nursing
homes, or similar, that take away their so cherished independence.
IoT has the great potential to help elder citizens stay healthier at home, since it has the
possibility to connect and create non-intrusive systems capable of interpreting data and act
accordingly. With that capability, comes the responsibility to ensure that the collected data is
reliable and trustworthy, as human wellbeing may rely on it. Addressing this uncertainty is the
motivation for the presented work.
The proposed methodology to reduce this uncertainty and increase confidence relies on
a data fusion and a redundancy approach, using a sensor set. Since the scope of wellbeing
environment is wide, this thesis focuses its proof of concept on the detection of falls inside
home environments, through an android app using an accelerometer sensor and a micro-
phone. The experimental results demonstrates that the implemented system has more than
80% of reliable performance and can provide trustworthy results. Currently the app is being
tested also in the frame of the European Union projects Smart4Health and Smart Bear.A transição para os chamados anos de reforma, vem com a liberdade de perseguir velhas pai-
xões e passatempos que na passada vida ocupada não eram possíveis de realizar. Infelizmente,
essa liberdade não vem sozinha, uma vez que os anos jovens anteriores terminaram, e o corpo
começa a sentir o tempo que passou. A necessidade de adaptar o modo de vida dos menos
jovens, cresce à medida que estes se tornam mais propensos a problemas de saúde. Muitas
vezes, a solução para a atenção que os mais idosos necessitam são os lares de idosos, ou
similares, que lhes tiram a tão querida independência.
IoT tem o grande potencial de ajudar os cidadãos idosos a permanecerem mais saudá-
veis em casa, uma vez que tem a possibilidade de se ligar e criar sistemas não intrusivos capa-
zes de interpretar dados e agir em conformidade. Com essa capacidade, vem a responsabili-
dade de assegurar que os dados recolhidos são fiáveis e de confiança, uma vez que o bem-
estar humano possa depender dos mesmos. Abordar esta incerteza é a motivação para o tra-
balho apresentado.
A metodologia proposta para reduzir esta incerteza e aumentar a confiança no sistema
baseia-se numa fusão de dados e numa abordagem de redundância, utilizando um conjunto
de sensores. Uma vez que o assunto de bem-estar e saúde é vasto, esta tese concentra a sua
prova de conceito na deteção de quedas dentro de ambientes domésticos, através de uma
aplicação android, utilizando um sensor de acelerómetro e um microfone. Os resultados expe-
rimentais demonstram que o sistema implementado tem um desempenho superior a 80% e
pode fornecer dados fiáveis. Atualmente a aplicação está a ser testada também no âmbito dos
projetos da União Europeia Smart4Health e Smart Bear
Role based behavior analysis
Tese de mestrado, Segurança Informática, Universidade de Lisboa, Faculdade de Ciências, 2009Nos nossos dias, o sucesso de uma empresa depende da sua agilidade e capacidade de se adaptar a condições que se alteram rapidamente. Dois requisitos para esse sucesso são trabalhadores proactivos e uma infra-estrutura ágil de Tecnologias de Informacão/Sistemas de Informação (TI/SI) que os consiga suportar. No entanto, isto nem sempre sucede. Os requisitos dos utilizadores ao nível da rede podem nao ser completamente conhecidos, o que causa atrasos nas mudanças de local e reorganizações. Além disso, se não houver um conhecimento preciso dos requisitos, a infraestrutura de TI/SI poderá ser utilizada de forma ineficiente, com excessos em algumas áreas e deficiências noutras. Finalmente, incentivar a proactividade não implica acesso completo e sem restrições, uma vez que pode deixar os sistemas vulneráveis a ameaças externas e internas. O objectivo do trabalho descrito nesta tese é desenvolver um sistema que consiga caracterizar o comportamento dos utilizadores do ponto de vista da rede. Propomos uma arquitectura de sistema modular para extrair informação de fluxos de rede etiquetados. O processo é iniciado com a criação de perfis de utilizador a partir da sua informação de fluxos de rede. Depois, perfis com características semelhantes são agrupados automaticamente, originando perfis de grupo. Finalmente, os perfis individuais são comprados com os perfis de grupo, e os que diferem significativamente são marcados como anomalias para análise detalhada posterior. Considerando esta arquitectura, propomos um modelo para descrever o comportamento de rede dos utilizadores e dos grupos. Propomos ainda métodos de visualização que permitem inspeccionar rapidamente toda a informação contida no modelo. O sistema e modelo foram avaliados utilizando um conjunto de dados reais obtidos de um operador de telecomunicações. Os resultados confirmam que os grupos projectam com precisão comportamento semelhante. Além disso, as anomalias foram as esperadas, considerando a população subjacente. Com a informação que este sistema consegue extrair dos dados em bruto, as necessidades de rede dos utilizadores podem sem supridas mais eficazmente, os utilizadores suspeitos são assinalados para posterior análise, conferindo uma vantagem competitiva a qualquer empresa que use este sistema.In our days, the success of a corporation hinges on its agility and ability to adapt to fast changing conditions. Proactive workers and an agile IT/IS infrastructure that can support them is a requirement for this success. Unfortunately, this is not always the case. The user’s network requirements may not be fully understood, which slows down relocation and reorganization. Also, if there is no grasp on the real requirements, the IT/IS infrastructure may not be efficiently used, with waste in some areas and deficiencies in others. Finally, enabling proactivity does not mean full unrestricted access, since this may leave the systems vulnerable to outsider and insider threats. The purpose of the work described on this thesis is to develop a system that can characterize user network behavior. We propose a modular system architecture to extract information from tagged network flows. The system process begins by creating user profiles from their network flows’ information. Then, similar profiles are automatically grouped into clusters, creating role profiles. Finally, the individual profiles are compared against the roles, and the ones that differ significantly are flagged as anomalies for further inspection. Considering this architecture, we propose a model to describe user and role network behavior. We also propose visualization methods to quickly inspect all the information contained in the model. The system and model were evaluated using a real dataset from a large telecommunications operator. The results confirm that the roles accurately map similar behavior. The anomaly results were also expected, considering the underlying population. With the knowledge that the system can extract from the raw data, the users network needs can be better fulfilled, the anomalous users flagged for inspection, giving an edge in agility for any company that uses it
- …