A novel framework for intelligent surveillance system based on abnormal human activity detection in academic environments

Abnormal activity detection plays a crucial role in surveillance applications, and a surveillance system thatcan perform robustly in an academic environment has become an urgent need. In this paper, we propose a novel framework for an automatic real-time video-based surveillance system which can simultaneously perform the tracking, semantic scene learning, and abnormality detection in an academic environment. To develop our system, we have divided the work into three phases: preprocessing phase, abnormal human activity detection phase, and content-based image retrieval phase. For motion object detection, we used the temporal-differencing algorithm and then located the motions region using the Gaussian function.Furthermore, the shape model based on OMEGA equation was used as a filter for the detected objects (i.e.,human and non-human). For object activities analysis, we evaluated and analyzed the human activities of the detected objects. We classified the human activities into two groups:normal activities and abnormal activities based on the support vector machine. The machine then provides an automatic warning in case of abnormal human activities. It also embeds a method to retrieve the detected object from the database for object recognition and identification using content-based image retrieval.Finally,a software-based simulation using MATLAB was performed and the results of the conducted experiments showed an excellent surveillance system that can simultaneously perform the tracking, semantic scene learning, and abnormality detection in an academic environment with no human intervention

Privacy risk analysis and metrics in capturing and storing network traffic

Network traffic analysis is a process of paramount importance to monitor network availability and operational activity, identify anomalies, maximize performance, find threats, and detect attacks. Due to this fact, in everyday work network managers need to capture, analyze and store a tremendous amount of data which can definitely be classified as 'Big Data'. On the other side, it is crucial to point out that the captured network traffic has significant privacy implications, in particular in the territorial scope of GDPR or other similar regulations because, according to GDPR, not only the payload but also the IP address of the sender and the receiver of packets have to be considered personal data. This paper deals with the privacy issues related to network traffic capture/processing/storage, the risks, and the associated mitigation techniques. As a conclusion of the work, a privacy risk analysis using PIA, together with the methodology developed by the French Data Protection Authority (CNIL) is discussed. The analysis performed highlights the effect of the use of some well-known anonymization and pseudonymization techniques on the severity and likelihood of risk

Effective Rules for a Rule-Based SIEM System in Detecting DoS Attacks: An Association Rule Mining Approach

In today’s interconnected digital landscape, Security Information and Event Management (SIEM) systems play a vital role as the frontline defense against cyber threats, providing prompt detection of the most common cyber-threats. As Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks remain among the most challenging hazards for organizations worldwide, their quick and effective detection is a major concern. This research paper explores innovative methods to enhance the effectiveness of rule-based SIEM systems in detecting DoS and DDoS attacks. The SIEM rule sets are augmented leveraging Association Rule Mining (ARM), a data mining technique for uncovering hidden relationships within dataset’s features. By identifying and applying association rules to network traffic data, our methodology aims to strengthen SIEM rules, ultimately leading to more accurate DDoS attack detection

An Innovative Approach to Real-Time Concept Drift Detection in Network Security

In the realm of cybersecurity, the detection of Concept Drift holds the potential to improve the adaptability and effectiveness of security systems. In particular, Security Information and Event Management (SIEM) frameworks can benefit from real-time Drift Detection, enabling prompt detection of changing attack patterns, and consequent update of the detection criteria. To explore such an opportunity, the proposed approach extends a previously introduced SIEM solution with Concept Drift Detectors. An experimental evaluation is presented using two well-known unsupervised detectors on a merged dataset featuring Concept Drift, taking into consideration metrics such as Error Rate, Precision, Recall, and Window Average Error Rate. The results demonstrate that the integrated mechanism successfully identifies Concept Drift, triggering SIEM alerts and prompting timely updates to correlation rules. The experiment’s implications, limitations, and future directions are discussed, emphasizing the importance of continuous improvement in cybersecurity measures

The human role in tools for improving robustness and resilience of critical infrastructures

This paper presents a project dedicated to the development of means for improving the resilience of Critical Infrastructures (CIs) with respect to cyber attacks. The ability to sustain and protect the flow of information and data and the possibility to early detect, isolate and eliminate cyber hazards have become issues of paramount importance when developing the Supervisory Control And Data Acquisition (SCADA) systems of such a CI. The majority of tools dedicated to these goals are based on fully automatic autonomous self-reconfigurable systems that operate within the network, or online. However, the possibility to enable also human intervention for the further reduction in the vulnerability of CIs is equally possible. In this case, the intervention is considered offline and requires the active co-operation between a decision aid tool and a human operator. This paper presents a project aimed at improving robustness and resilience of CIs and discusses in particular the human interfaces associated with the offline tools. In essence, it is found that while the guidelines of the usability principle must be preserved, special account must be given to the type of issues involved and high professionalism of their users. This implies that certain basic criteria of the usability principle may be less relevant and their limitations may not be respected without loosing effectiveness and strength of the tools