Real valued negative selection for anomaly detection in wireless ad hoc networks

Wireless ad hoc network is one of the network technologies that have gained lots of attention from computer scientists for the future telecommunication applications. However it has inherits the major vulnerabilities from its ancestor (i.e., the fixed wired networks) but cannot inherit all the conventional intrusion detection capabilities due to its features and characteristics. Wireless ad hoc network has the potential to become the de facto standard for future wireless networking because of its open medium and dynamic features. Non-infrastructure network such as wireless ad hoc networks are expected to become an important part of 4G architecture in the future. In this paper, we study the use of an Artificial Immune System (AIS) as anomaly detector in a wireless ad hoc network. The main goal of our research is to build a system that can learn and detect new and unknown attacks. To achieve our goal, we studied how the real-valued negative selection algorithm can be applied in wireless ad hoc network network and finally we proposed the enhancements to real-valued negative selection algorithm for anomaly detection in wireless ad hoc network

Video Mining using LIM Based Clustering and Self Organizing Maps

AbstractVideo mining has grown as an energetic research area and given incremental concentration in recent years due to impressive and rapid raise in the volume of digital video databases. The aim of this research work is to find out new objects in videos. This work proposes a novel approach for video mining using LIM based clustering technique and self organizing maps to recognize novelty in the frames of video sequence. The proposed work is designed and implemented on MATLAB. It is tested with the sample videos and provides promising results. And it is suitable for day to day video mining applications and object detection systems including remote video surveillance in defense for national and international border tracking

Novel Intrusion Detection using Probabilistic Neural Network and Adaptive Boosting

This article applies Machine Learning techniques to solve Intrusion Detection problems within computer networks. Due to complex and dynamic nature of computer networks and hacking techniques, detecting malicious activities remains a challenging task for security experts, that is, currently available defense systems suffer from low detection capability and high number of false alarms. To overcome such performance limitations, we propose a novel Machine Learning algorithm, namely Boosted Subspace Probabilistic Neural Network (BSPNN), which integrates an adaptive boosting technique and a semi parametric neural network to obtain good tradeoff between accuracy and generality. As the result, learning bias and generalization variance can be significantly minimized. Substantial experiments on KDD 99 intrusion benchmark indicate that our model outperforms other state of the art learning algorithms, with significantly improved detection accuracy, minimal false alarms and relatively small computational complexity.Comment: 9 pages IEEE format, International Journal of Computer Science and Information Security, IJCSIS 2009, ISSN 1947 5500, Impact Factor 0.423, http://sites.google.com/site/ijcsis

model checking for data anomaly detection

Abstract Data tipically evolve according to specific processes, with the consequent possibility to identify a profile of evolution: the values it may assume, the frequencies at which it changes, the temporal variation in relation to other data, or other constraints that are directly connected to the reference domain. A violation of these conditions could be the signal of different menaces that threat the system, as well as: attempts of a tampering or a cyber attack, a failure in the system operation, a bug in the applications which manage the life cycle of data. To detect such violations is not straightforward as processes could be unknown or hard to extract. In this paper we propose an approach to detect data anomalies. We represent data user behaviours in terms of labelled transition systems and through the model checking techniques we demonstrate the proposed modeling can be exploited to successfully detect data anomalies

Asymptotic normality of plug-in level set estimates

We establish the asymptotic normality of the $G$-measure of the symmetric difference between the level set and a plug-in-type estimator of it formed by replacing the density in the definition of the level set by a kernel density estimator. Our proof will highlight the efficacy of Poissonization methods in the treatment of large sample theory problems of this kind.Comment: Published in at http://dx.doi.org/10.1214/08-AAP569 the Annals of Applied Probability (http://www.imstat.org/aap/) by the Institute of Mathematical Statistics (http://www.imstat.org

Hyperparameter selection of one-class support vector machine by self-adaptive data shifting

With flexible data description ability, one-class Support Vector Machine (OCSVM) is one of the most popular and widely-used methods for one-class classification (OCC). Nevertheless, the performance of OCSVM strongly relies on its hyperparameter selection, which is still a challenging open problem due to the absence of outlier data. This paper proposes a fully automatic OCSVM hyperparameter selection method, which requires no tuning of additional hyperparameter, based on a novel self-adaptive “data shifting” mechanism: Firstly, by efficient edge pattern detection (EPD) and “negatively” shifting edge patterns along the negative direction of estimated data density gradient, a constrained number of high-quality pseudo outliers are self-adaptively generated at more desirable locations, which readily avoids two major difficulties in previous outlier generation methods. Secondly, to avoid time-consuming cross-validation and enhance robustness to noise in the given training data, a pseudo target set is generated for model validation by “positively” shifting each given target datum along the positive direction of data density gradient. Experiments on synthetic and benchmark datasets demonstrate the effectiveness of the proposed method.This work was sponsored by the National Natural Science Foundation of China (Project no. 61170287, 61232016)

A Comprehensive Survey of Data Mining-based Fraud Detection Research

This survey paper categorises, compares, and summarises from almost all published technical and review articles in automated fraud detection within the last 10 years. It defines the professional fraudster, formalises the main types and subtypes of known fraud, and presents the nature of data evidence collected within affected industries. Within the business context of mining the data to achieve higher cost savings, this research presents methods and techniques together with their problems. Compared to all related reviews on fraud detection, this survey covers much more technical articles and is the only one, to the best of our knowledge, which proposes alternative data and solutions from related domains.Comment: 14 page

Detecting Errors in Korean Corpus based on GMM

In computational linguistics, a corpus is a large and structured set of language samples collected from real world text for a specific purpose. There are be various types of errors in the corpus because most corpus are built manually and/or semi-automatically and the errors are caused by human intervention. Such errors make corpus-based learning systems worse in performance. Many studies have therefore been conducted to detect and correct such errors in various ways and most studies have been done from pre-built corpus. Human intervention is, however, still required. In addition, error correction is not only very tedious as well as laborious and cost-expensive. In this paper, we propose a method for detecting corpus errors using GMM clustering algorithm. The purpose of this paper to detect errors under the small size of corpus. That is, the proposed method can be used in developing corpus by integrating into annotation tools. The proposed method consists of three steps. The first step is to make word embedding vectors of some error-prone context. The second step is to reduce the dimension of the vectors because clustering with a large dimension of vectors is time-consuming. The third step is to group the reduced vectors and to detect outliers as errors. For experiments, we have used two kinds of corpora: Korean dependency corpus and Korean semantic role labelling (SRL) corpus of which each one comprises only 1000 sentences. Our results show that the proposed method can serve as a error detector in early stage of corpus development. Our best results achieve recall of 65.15% for Korean dependency corpus and recall of 69.46% for Korean SRL corpus. In the future, we will do research on representing features for detecting errors and also on correcting errors as well as detecting errors. Motivated by the proposed method, we will start to investigate error detection in case that there is a large tagged corpus.|말뭉치란 특정 목적을 가지고 언어 표본을 추출한 집합을 의미한다. 이런 말뭉치에는 목적에 따라 다양한 종류가 있다. 대부분의 말뭉치는 사람의 수작업으로 구축되기 때문에 다양한 오류들이 포함되어 있으며, 오류가 포함된 말뭉치를 사용하는 시스템은 좋은 성능을 기대할 수 없다. 이러한 문제점을 해결하기 위해 다양한 방법으로 오류를 탐지하고 수정하는 연구가 진행되었다. 하지만 대부분의 방법들이 이미 제작된 말뭉치를 학습하여 오류를 탐지하고 수정한다. 이러한 작업을 여러 번 수행하여야 하며 많은 비용이 소요된다. 이 문제를 다소 완화시키기 위해 본 논문에서는 GMM(Gaussian Mixture Model)을 이용한 군집화를 통해 오류 탐지 방법은 제안한다. 군집화는 비지도학습의 한 방법으로 표지가 부착된 학습데이터가 없거나 적더라도 오류 탐지를 수행할 수 있다. 따라서 이미 제작된 말뭉치가 아니라 말뭉치를 구축하는 과정에도 사용할 수 있다. 본 논문에서 제안하는 방법으로 수행된 오류 탐지를 검증하기 위하여 구문분석 말뭉치와 의미역 말뭉치를 사용하였다. 성능 평가의 척도는 정보검색에서 널리 사용되는 정밀도와 재현율을 사용하였다. 구문분석 말뭉치와 의미역 말뭉치에서 각각 65.15%와 69.46%의 재현율을 보였다. 이와 같은 결과를 바탕으로 제안한 모델을 사용하여 다양한 말뭉치의 오류 탐지를 수행할 수 있음을 알 수 있다. 재현율을 좀 더 향상시킬 수 있도록 자질 확장 등의 연구를 진행할 수 있을 것이다. 또한 말뭉치 구축 도구에 직접 적용하여 제안된 시스템이 얼마나 효율적인지도 평가할 계획이다.제 1 장 서 론 1 제 2 장 관련 연구 3 2.1 오류 탐지 3 2.2 GMM 알고리즘 6 2.3 차원 축소 10 2.4 한국어 구문분석 말뭉치 11 2.5 한국어 의미역 말뭉치 13 제 3 장 오류 후보 탐지 시스템 15 3.1 문맥 표상 16 3.1.1 구문분석 말뭉치에서의 문맥 표상 16 3.1.2 의미역 말뭉치에서의 문맥 표상 17 3.2 문맥 표상의 차원 축소 19 3.3 GMM을 이용한 말뭉치에서의 오류 탐지 20 제 4 장 실험 및 평가 24 4.1 실험 데이터 24 4.2 실험 결과 26 제 5 장 결론 및 향후 연구 30 참고문헌 32 감사의 글 38Maste