29,431 research outputs found
Robust Anomaly Detection in Dynamic Networks
We propose two robust methods for anomaly detection in dynamic networks in
which the properties of normal traffic are time-varying. We formulate the
robust anomaly detection problem as a binary composite hypothesis testing
problem and propose two methods: a model-free and a model-based one, leveraging
techniques from the theory of large deviations. Both methods require a family
of Probability Laws (PLs) that represent normal properties of traffic. We
devise a two-step procedure to estimate this family of PLs. We compare the
performance of our robust methods and their vanilla counterparts, which assume
that normal traffic is stationary, on a network with a diurnal normal pattern
and a common anomaly related to data exfiltration. Simulation results show that
our robust methods perform better than their vanilla counterparts in dynamic
networks.Comment: 6 pages. MED conferenc
An Attack Detection Mechanism Based on a Distributed Hierarchical Multi-agent Architecture for Protecting Databases
This paper presents an innovative approach to detect and classify SQL injection attacks. The existing approaches are centralized while this proposal is based on a distributed hierarchical architecture to provide a robust and dynamic strategy. The strategy for the classification and detection of SQL injection attacks uses a combination based on detection by anomalies and misuses. The detection by anomaly uses a case-based reasoning mechanism incorporating a mixture of neural networks. The approach has been tested and the results are presented in this paper.This paper presents an innovative approach to detect and classify SQL injection attacks. The existing approaches are centralized while this proposal is based on a distributed hierarchical architecture to provide a robust and dynamic strategy. The strategy for the classification and detection of SQL injection attacks uses a combination based on detection by anomalies and misuses. The detection by anomaly uses a case-based reasoning mechanism incorporating a mixture of neural networks. The approach has been tested and the results are presented in this paper
Unsupervised anomaly detection for underwater gliders using generative adversarial networks
An effective anomaly detection system is critical for marine autonomous systems operating in complex and dynamic marine environments to reduce operational costs and achieve concurrent large-scale fleet deployments. However, developing an automated fault detection system remains challenging for several reasons including limited data transmission via satellite services. Currently, most anomaly detection for marine autonomous systems, such as underwater gliders, rely on intensive analysis by pilots. This study proposes an unsupervised anomaly detection system using bidirectional generative adversarial networks guided by assistive hints for marine autonomous systems with time series data collected by multiple sensors. In this study, the anomaly detection system for a fleet of underwater gliders is trained on two healthy deployment datasets and tested on other nine deployment datasets collected by a selection of vehicles operating in a range of locations and environmental conditions. The system is successfully applied to detect anomalies in the nine test deployments, which include several different types of anomalies as well as healthy behaviour. Also, a sensitivity study of the data decimation settings suggests the proposed system is robust for Near Real-Time anomaly detection for underwater gliders
Secure Distributed Dynamic State Estimation in Wide-Area Smart Grids
Smart grid is a large complex network with a myriad of vulnerabilities,
usually operated in adversarial settings and regulated based on estimated
system states. In this study, we propose a novel highly secure distributed
dynamic state estimation mechanism for wide-area (multi-area) smart grids,
composed of geographically separated subregions, each supervised by a local
control center. We firstly propose a distributed state estimator assuming
regular system operation, that achieves near-optimal performance based on the
local Kalman filters and with the exchange of necessary information between
local centers. To enhance the security, we further propose to (i) protect the
network database and the network communication channels against attacks and
data manipulations via a blockchain (BC)-based system design, where the BC
operates on the peer-to-peer network of local centers, (ii) locally detect the
measurement anomalies in real-time to eliminate their effects on the state
estimation process, and (iii) detect misbehaving (hacked/faulty) local centers
in real-time via a distributed trust management scheme over the network. We
provide theoretical guarantees regarding the false alarm rates of the proposed
detection schemes, where the false alarms can be easily controlled. Numerical
studies illustrate that the proposed mechanism offers reliable state estimation
under regular system operation, timely and accurate detection of anomalies, and
good state recovery performance in case of anomalies
Anomaly Recognition in Wireless Ad-hoc Network by using Ant Colony Optimization and Deep Learning
As a result of lower initial investment, greater portability, and lower operational expenses, wireless networks are rapidly replacing their wired counterparts. The new technology that is on the rise is the Mobile Ad-Hoc Network (MANET), which operates without a fixed network infrastructure, can change its topology on the fly, and requires no centralised administration to manage its individual nodes. As a result, MANETs must focus on network efficiency and safety. It is crucial in MANET to pay attention to outliers that may affect QoS settings. Nonetheless, despite the numerous studies devoted to anomaly detection in MANET, security breaches and performance difficulties keep coming back. There is an increased need to provide strategies and approaches that help networks be more safe and robust due to the wide variety of security and performance challenges in MANET. This study presents outlier detection strategies for addressing security and performance challenges in MANET, with a special focus on network anomaly identification. The suggested work utilises a dynamic threshold and outlier detection to tackle the security and performance challenges in MANETs, taking into account metrics such as end-to-end delay, jitter, throughput, packet drop, and energy usage
- …