An Uncertainty Measure for Interval-valued Evidences

Interval-valued belief structure (IBS), as an extension of single-valued belief structures in Dempster-Shafer evidence theory, is gradually applied in many fields. An IBS assigns belief degrees to interval numbers rather than precise numbers, thereby it can handle more complex uncertain information. However, how to measure the uncertainty of an IBS is still an open issue. In this paper, a new method based on Deng entropy denoted as UIV is proposed to measure the uncertainty of the IBS. Moreover, it is proved that UIV meets some desirable axiomatic requirements. Numerical examples are shown in the paper to demonstrate the efficiency of UIV by comparing the proposed UIV with existing approaches.

Advances and Applications of Dezert-Smarandache Theory (DSmT) for Information Fusion (Collected Works), Vol. 4

The fourth volume on Advances and Applications of Dezert-Smarandache Theory (DSmT) for information fusion collects theoretical and applied contributions of researchers working in different fields of applications and in mathematics. The contributions (see List of Articles published in this book, at the end of the volume) have been published or presented after disseminating the third volume (2009, http://fs.unm.edu/DSmT-book3.pdf) in international conferences, seminars, workshops and journals. First Part of this book presents the theoretical advancement of DSmT, dealing with Belief functions, conditioning and deconditioning, Analytic Hierarchy Process, Decision Making, Multi-Criteria, evidence theory, combination rule, evidence distance, conflicting belief, sources of evidences with different importance and reliabilities, importance of sources, pignistic probability transformation, Qualitative reasoning under uncertainty, Imprecise belief structures, 2-Tuple linguistic label, Electre Tri Method, hierarchical proportional redistribution, basic belief assignment, subjective probability measure, Smarandache codification, neutrosophic logic, Evidence theory, outranking methods, Dempster-Shafer Theory, Bayes fusion rule, frequentist probability, mean square error, controlling factor, optimal assignment solution, data association, Transferable Belief Model, and others. More applications of DSmT have emerged in the past years since the apparition of the third book of DSmT 2009. Subsequently, the second part of this volume is about applications of DSmT in correlation with Electronic Support Measures, belief function, sensor networks, Ground Moving Target and Multiple target tracking, Vehicle-Born Improvised Explosive Device, Belief Interacting Multiple Model filter, seismic and acoustic sensor, Support Vector Machines, Alarm classification, ability of human visual system, Uncertainty Representation and Reasoning Evaluation Framework, Threat Assessment, Handwritten Signature Verification, Automatic Aircraft Recognition, Dynamic Data-Driven Application System, adjustment of secure communication trust analysis, and so on. Finally, the third part presents a List of References related with DSmT published or presented along the years since its inception in 2004, chronologically ordered

Advanced attack tree based intrusion detection

Computer network systems are constantly under attack or have to deal with attack attempts. The first step in any network’s ability to fight against intrusive attacks is to be able to detect intrusions when they are occurring. Intrusion Detection Systems (IDS) are therefore vital in any kind of network, just as antivirus is a vital part of a computer system. With the increasing computer network intrusion sophistication and complexity, most of the victim systems are compromised by sophisticated multi-step attacks. In order to provide advanced intrusion detection capability against the multi-step attacks, it makes sense to adopt a rigorous and generalising view to tackling intrusion attacks. One direction towards achieving this goal is via modelling and consequently, modelling based detection. An IDS is required that has good quality of detection capability, not only to be able to detect higher-level attacks and describe the state of ongoing multi-step attacks, but also to be able to determine the achievement of high-level attack detection even if any of the modelled low-level attacks are missed by the detector, because no alert being generated may represent that the corresponding low-level attack is either not being conducted by the adversary or being conducted by the adversary but evades the detection. This thesis presents an attack tree based intrusion detection to detect multistep attacks. An advanced attack tree modelling technique, Attack Detection Tree, is proposed to model the multi-step attacks and facilitate intrusion detection. In addition, the notion of Quality of Detectability is proposed to describe the ongoing states of both intrusion and intrusion detection. Moreover, a detection uncertainty assessment mechanism is proposed to apply the measured evidence to deal with the uncertainty issues during the assessment process to determine the achievement of high-level attacks even if any modelled low-level incidents may be missing

Incorporating trust into Department of Defense acquisition risk management

Risk management has been proven to be a valuable tool to identify and mitigate risks early in the program life-cycle. Modernization and communication advances have recently changed the commercial economy from national to global. Companies are starting to venture into new partnerships with foreign companies. However, there has also been an increase in business corruption, like Fannie Mac and Enron, which has raised skepticism in entering new partnerships. Industry is addressing this fact by no longer exclusively depending on science as the determining factor in risk assessment and starting to include trust as a factor in risk management. Qualitative measurements are being analyzed in attempted to address these uncertainties by incorporating trust into the risk management process. The purpose of this paper was to determine whether it was feasible and advantageous to incorporate trust into the risk management process for Department of Defense (DOD) acquisition. The premise of this research was that there were hidden risk factors attributed to qualitative measures that were not being identified in current DOD risk management processes. A preliminary conclusion of this thesis is that trust is a valuable factor in the risk assessment process that can help identify qualitative risk elements.http://archive.org/details/incorporatingtru1094543986Outstanding ThesisCivilian, Department of the NavyApproved for public release; distribution is unlimited

Collaborative Intrusion Detection in Federated Cloud Environments using Dempster-Shafer Theory of Evidence

Moving services to the Cloud environment is a trend that has been increasing in recent years, with a constant increase in sophistication and complexity of such services. Today, even critical infrastructure operators are considering moving their services and data to the Cloud. As Cloud computing grows in popularity, new models are deployed to further the associated benefits. Federated Clouds are one such concept, which are an alternative for companies reluctant to move their data out of house to a Cloud Service Providers (CSP) due to security and confidentiality concerns. Lack of collaboration among different components within a Cloud federation, or among CSPs, for detection or prevention of attacks is an issue. For protecting these services and data, as Cloud environments and Cloud federations are large scale, it is essential that any potential solution should scale alongside the environment adapt to the underlying infrastructure without any issues or performance implications. This thesis presents a novel architecture for collaborative intrusion detection specifically for CSPs within a Cloud federation. Our approach offers a proactive model for Cloud intrusion detection based on the distribution of responsibilities, whereby the responsibility for managing the elements of the Cloud is distributed among several monitoring nodes and brokering, utilising our Service-based collaborative intrusion detection – “Security as a Service” methodology. For collaborative intrusion detection, the Dempster-Shafer (D-S) theory of evidence is applied, executing as a fusion node with the role of collecting and fusing the information provided by the monitoring entities, taking the final decision regarding a possible attack. This type of detection and prevention helps increase resilience to attacks in the Cloud. The main novel contribution of this project is that it provides the means by which DDoS attacks are detected within a Cloud federation, so as to enable an early propagated response to block the attack. This inter-domain cooperation will offer holistic security, and add to the defence in depth. However, while the utilisation of D-S seems promising, there is an issue regarding conflicting evidences which is addressed with an extended two stage D-S fusion process. The evidence from the research strongly suggests that fusion algorithms can play a key role in autonomous decision making schemes, however our experimentation highlights areas upon which improvements are needed before fully applying to federated environments

Constructing Probability Boxes and Dempster-Shafer Structures

This report summarizes a variety of the most useful and commonly applied methods for obtaining Dempster-Shafer structures, and their mathematical kin probability boxes, from empirical information or theoretical knowledge. The report includes a review of the aggregation methods for handling agreement and conflict when multiple such objects are obtained from different sources

Risk management of offshore logistics support operations in remote harsh environments

Activities in northern offshore regions are increasing due to proven reserves of natural resources. These regions are considered to have a harsh marine environment due to extreme weather conditions, namely low temperatures, frequent storms and the presence of sea ice. In general these activities are moving further offshore. Thus many new developments are faced with operations in extreme environments at long distances from shore support. Design, operational and regulatory planning for such offshore installations must consider the environmental challenges along with additional difficulties that arise due to remoteness. The most significant aspects of an offshore development that are affected by the factors of environment and remoteness, are the logistical support functions required for daily operations and the rapid response required for emergencies. In the early stages of design it would be beneficial to have a means of assessing the high risk elements of such operations and the risk reduction cost effectiveness of proposed solutions. This study presents an end-to-end risk reduction analysis of the logistical support functions for a typical remote harsh-environment offshore operation including; risk assessment to provide identification of most significant risks, risk reduction modeling and development of a solution to provide the identified most effective reduction strategy, and finally a cost benefit analysis that includes the costed initial risk factors, the solution cost and the costed net reduction in risk arising from implementation. This research serves three functions. It develops a procedure for evaluating offshore operations that have inherently high logistical risks due mainly to distance but also applicable to other factors. It provides a risk analysis based solution to the specific problem of remote operations in harsh environments. Finally it develops a method of determining the utility of a possible solution or of alternative solutions through rational risk based cost analysis. The study is divided into four phases, Risk Analysis, Risk Reduction, Specific Solution and Cost-Benefit Analysis. In phase one – risk analysis, an advanced probabilistic model is developed using fault trees to identify the main contributing factors of the logistical challenges. A fuzzy-based and evidence-based approach is implemented to address inherent data limitations. It is found that existing modes of logistics support such as marine vessel or helicopter are not sufficiently reliable and quick for remote offshore operations. Moving towards in phase two – risk reduction, a conditional dependence-based Bayesian model is developed that has integrated multiple alternative risk reduction measures. The analysis depicts that a nearby offshore refuge and an additional layer of safety inventory are found to the most effective measures. In phase three – specific solution, the concept of a moored vessel, which is termed as offshore resource centre (ORC) is proposed that can meet the functions of both these measures. The overall dimensions of the ORC are derived based on the functional requirements and the model is validated for stability and mooring requirements. In phase four – cost-benefit analysis, the life cycle costs of an ORC is estimated from historical vessel data using regression analysis. A loss model is developed for a hypothetical blowout incident, which is a function response time and the distance from shore support. These models are integrated into a single framework that can project the costed risk with or without the ORC. The analysis reveals that an ORC becomes more and more viable when the offshore distance becomes longer and if there is a higher probability of any platform incident, recognizing that it is desirable to keep the probability as low as possible. Taken together these phases form a full analysis from problem identification through solution cost-benefit