Traffic anomaly detection and characterization in the tunisian national university network

Abstract. Traffic anomalies are characterized by unusual and significant changes in a network traffic behavior. They can be malicious or unintentional. Malicious traffic anomalies can be caused by attacks, abusive network usage and worms or virus propagations. However unintentional ones can be caused by failures, flash crowds or router misconfigurations. In this paper, we present an anomaly detection system derived from the anomaly detection schema presented by Mei-Ling Shyu i

Real time cyber analytics data collection framework

For effective security, it is critical that event data is collected in near real time as possible to enable early detection and response to threats. Performing analytics from event logs stored in databases slows down the response time due to the time cost of database insertion and retrieval operations. We present a data collection framework that minimizes the need for long term storage. Events are buffered in memory, up to a configurable threshold, before being streamed in real time using live streaming technologies. The framework deploys virtualized data collecting agents that ingest data from multiple sources including external Threat Intelligence. The framework enables the correlation of events from various sources, improving detection precision. We have tested the framework in a real time, machine-learning based threat detection system. Our results show a time gain of 300 milliseconds in transmission time from event capture to analytics system, compared with storage based collection frameworks. Threat detection was measured at 95%, which is comparable to the benchmark snort IDS

Coastal sea level monitoring in the Mediterranean and Black seas

Employed for over a century, the traditional way of monitoring sea level variability by tide gauges – in combination with modern observational techniques like satellite altimetry – is an inevitable ingredient in sea level studies over the climate scales and in coastal seas. The development of the instrumentation, remote data acquisition, processing, and archiving in the last decades has allowed the extension of the applications to a variety of users and coastal hazard managers. The Mediterranean and Black seas are examples of such a transition – while having a long tradition of sea level observations with several records spanning over a century, the number of modern tide gauge stations is growing rapidly, with data available both in real time and as a research product at different time resolutions. As no comprehensive survey of the tide gauge networks has been carried out recently in these basins, the aim of this paper is to map the existing coastal sea level monitoring infrastructures and the respective data availability. The survey encompasses a description of major monitoring networks in the Mediterranean and Black seas and their characteristics, including the type of sea level sensors, measuring resolutions, data availability, and existence of ancillary measurements, altogether collecting information about 240 presently operational tide gauge stations. The availability of the Mediterranean and Black seas sea level data in the global and European sea level repositories has been also screened and classified following their sampling interval and level of quality check, pointing to the necessity of harmonization of the data available with different metadata and series in different repositories. Finally, an assessment of the networks' capabilities for their use in different sea level applications has been done, with recommendations that might mitigate the bottlenecks and ensure further development of the networks in a coordinated way, a critical need in the era of human-induced climate changes and sea level rise.En prens

Graphs behind data: A network-based approach to model different scenarios

openAl giorno d’oggi, i contesti che possono beneficiare di tecniche di estrazione della conoscenza a partire dai dati grezzi sono aumentati drasticamente. Di conseguenza, la definizione di modelli capaci di rappresentare e gestire dati altamente eterogenei è un argomento di ricerca molto dibattuto in letteratura. In questa tesi, proponiamo una soluzione per affrontare tale problema. In particolare, riteniamo che la teoria dei grafi, e più nello specifico le reti complesse, insieme ai suoi concetti ed approcci, possano rappresentare una valida soluzione. Infatti, noi crediamo che le reti complesse possano costituire un modello unico ed unificante per rappresentare e gestire dati altamente eterogenei. Sulla base di questa premessa, mostriamo come gli stessi concetti ed approcci abbiano la potenzialità di affrontare con successo molti problemi aperti in diversi contesti. ​Nowadays, the amount and variety of scenarios that can benefit from techniques for extracting and managing knowledge from raw data have dramatically increased. As a result, the search for models capable of ensuring the representation and management of highly heterogeneous data is a hot topic in the data science literature. In this thesis, we aim to propose a solution to address this issue. In particular, we believe that graphs, and more specifically complex networks, as well as the concepts and approaches associated with them, can represent a solution to the problem mentioned above. In fact, we believe that they can be a unique and unifying model to uniformly represent and handle extremely heterogeneous data. Based on this premise, we show how the same concepts and/or approach has the potential to address different open issues in different contexts. ​INGEGNERIA DELL'INFORMAZIONEopenVirgili, Luc

Coastal Sea Level Monitoring in the Mediterranean and Black Seas

Spanning over a century, a traditional way to monitor sea level variability by tide gauges is – in combination with modern observational techniques like satellite altimetry – an inevitable ingredient in sea level studies over the climate scales and in coastal seas. The development of the instrumentation, remote data acquisition, processing and archiving in last decades allowed for extending the applications towards a variety of users and coastal hazard managers. The Mediterranean and Black50 seas are an example for such a transition – while having a long tradition for sea level observations with several records spanning over a century, the number of modern tide gauge stations are growing rapidly, with data available both in real-time and as a research product at different time resolutions. As no comprehensive survey of the tide gauge networks has been carried out recently in these basins, the aim of this paper is to map the existing coastal sea level monitoring infrastructures and the respective data availability. The survey encompasses description of major monitoring networks in the Mediterranean and Black55 seas and their characteristics, including the type of sea level sensors, measuring resolutions, data availability and existence of ancillary measurements, altogether collecting information about 236 presently operational tide gauge stations. The availability of the Mediterranean and Black seas sea level data in the global and European sea level repositories has been also screened and classified following their sampling interval and level of quality-check, pointing to the necessity of harmonization of the data available with different metadata and series at different repositories. Finally, an assessment of the networks’ capabilities60 for their usage in different sea level applications has been done, with recommendations that might mitigate the bottlenecks and assure further development of the networks in a coordinated way, being that more necessary in the era of the human-induced climate changes and the sea level ris

QU Research and COVID-19 Pandemic

The launch of "Qatar University Research Magazine" marks the university's numerous achievements in the field of scientific research. It will also serve as a platform to highlight all our research related initiatives and activities carried out by the various research centers and colleges within the university

Improving Access and Mental Health for Youth Through Virtual Models of Care

The overall objective of this research is to evaluate the use of a mobile health smartphone application (app) to improve the mental health of youth between the ages of 14–25 years, with symptoms of anxiety/depression. This project includes 115 youth who are accessing outpatient mental health services at one of three hospitals and two community agencies. The youth and care providers are using eHealth technology to enhance care. The technology uses mobile questionnaires to help promote self-assessment and track changes to support the plan of care. The technology also allows secure virtual treatment visits that youth can participate in through mobile devices. This longitudinal study uses participatory action research with mixed methods. The majority of participants identified themselves as Caucasian (66.9%). Expectedly, the demographics revealed that Anxiety Disorders and Mood Disorders were highly prevalent within the sample (71.9% and 67.5% respectively). Findings from the qualitative summary established that both staff and youth found the software and platform beneficial

The Impact of Digital Technologies on Public Health in Developed and Developing Countries

This open access book constitutes the refereed proceedings of the 18th International Conference on String Processing and Information Retrieval, ICOST 2020, held in Hammamet, Tunisia, in June 2020.* The 17 full papers and 23 short papers presented in this volume were carefully reviewed and selected from 49 submissions. They cover topics such as: IoT and AI solutions for e-health; biomedical and health informatics; behavior and activity monitoring; behavior and activity monitoring; and wellbeing technology. *This conference was held virtually due to the COVID-19 pandemic

Graph-based, systems approach for detecting violent extremist radicalization trajectories and other latent behaviors, A

2017 Summer.Includes bibliographical references.The number and lethality of violent extremist plots motivated by the Salafi-jihadist ideology have been growing for nearly the last decade in both the U.S and Western Europe. While detecting the radicalization of violent extremists is a key component in preventing future terrorist attacks, it remains a significant challenge to law enforcement due to the issues of both scale and dynamics. Recent terrorist attack successes highlight the real possibility of missed signals from, or continued radicalization by, individuals whom the authorities had formerly investigated and even interviewed. Additionally, beyond considering just the behavioral dynamics of a person of interest is the need for investigators to consider the behaviors and activities of social ties vis-à-vis the person of interest. We undertake a fundamentally systems approach in addressing these challenges by investigating the need and feasibility of a radicalization detection system, a risk assessment assistance technology for law enforcement and intelligence agencies. The proposed system first mines public data and government databases for individuals who exhibit risk indicators for extremist violence, and then enables law enforcement to monitor those individuals at the scope and scale that is lawful, and account for the dynamic indicative behaviors of the individuals and their associates rigorously and automatically. In this thesis, we first identify the operational deficiencies of current law enforcement and intelligence agency efforts, investigate the environmental conditions and stakeholders most salient to the development and operation of the proposed system, and address both programmatic and technical risks with several initial mitigating strategies. We codify this large effort into a radicalization detection system framework. The main thrust of this effort is the investigation of the technological opportunities for the identification of individuals matching a radicalization pattern of behaviors in the proposed radicalization detection system. We frame our technical approach as a unique dynamic graph pattern matching problem, and develop a technology called INSiGHT (Investigative Search for Graph Trajectories) to help identify individuals or small groups with conforming subgraphs to a radicalization query pattern, and follow the match trajectories over time. INSiGHT is aimed at assisting law enforcement and intelligence agencies in monitoring and screening for those individuals whose behaviors indicate a significant risk for violence, and allow for the better prioritization of limited investigative resources. We demonstrated the performance of INSiGHT on a variety of datasets, to include small synthetic radicalization-specific data sets, a real behavioral dataset of time-stamped radicalization indicators of recent U.S. violent extremists, and a large, real-world BlogCatalog dataset serving as a proxy for the type of intelligence or law enforcement data networks that could be utilized to track the radicalization of violent extremists. We also extended INSiGHT by developing a non-combinatorial neighbor matching technique to enable analysts to maintain visibility of potential collective threats and conspiracies and account for the role close social ties have in an individual's radicalization. This enhancement was validated on small, synthetic radicalization-specific datasets as well as the large BlogCatalog dataset with real social network connections and tagging behaviors for over 80K accounts. The results showed that our algorithm returned whole and partial subgraph matches that enabled analysts to gain and maintain visibility on neighbors' activities. Overall, INSiGHT led to consistent, informed, and reliable assessments about those who pose a significant risk for some latent behavior in a variety of settings. Based upon these results, we maintain that INSiGHT is a feasible and useful supporting technology with the potential to optimize law enforcement investigative efforts and ultimately enable the prevention of individuals from carrying out extremist violence. Although the prime motivation of this research is the detection of violent extremist radicalization, we found that INSiGHT is applicable in detecting latent behaviors in other domains such as on-line student assessment and consumer analytics. This utility was demonstrated through experiments with real data. For on-line student assessment, we tested INSiGHT on a MOOC dataset of students and time-stamped on-line course activities to predict those students who persisted in the course. For consumer analytics, we tested the performance on a real, large proprietary consumer activities dataset from a home improvement retailer. Lastly, motivated by the desire to validate INSiGHT as a screening technology when ground truth is known, we developed a synthetic data generator of large population, time-stamped, individual-level consumer activities data consistent with an a priori project set designation (latent behavior). This contribution also sets the stage for future work in developing an analogous synthetic data generator for radicalization indicators to serve as a testbed for INSiGHT and other data mining algorithms