35 research outputs found
Using Bursty Announcements for Detecting BGP Routing Anomalies
Despite the robust structure of the Internet, it is still susceptible to
disruptive routing updates that prevent network traffic from reaching its
destination. Our research shows that BGP announcements that are associated with
disruptive updates tend to occur in groups of relatively high frequency,
followed by periods of infrequent activity. We hypothesize that we may use
these bursty characteristics to detect anomalous routing incidents. In this
work, we use manually verified ground truth metadata and volume of
announcements as a baseline measure, and propose a burstiness measure that
detects prior anomalous incidents with high recall and better precision than
the volume baseline. We quantify the burstiness of inter-arrival times around
the date and times of four large-scale incidents: the Indosat hijacking event
in April 2014, the Telecom Malaysia leak in June 2015, the Bharti Airtel Ltd.
hijack in November 2015, and the MainOne leak in November 2018; and three
smaller scale incidents that led to traffic interception: the Belarusian
traffic direction in February 2013, the Icelandic traffic direction in July
2013, and the Russian telecom that hijacked financial services in April 2017.
Our method leverages the burstiness of disruptive update messages to detect
these incidents. We describe limitations, open challenges, and how this method
can be used for routing anomaly detection.Comment: 16 pages, 13 figures, 4 tabl
Developing and Deploying Security Applications for In-Vehicle Networks
Radiological material transportation is primarily facilitated by heavy-duty
on-road vehicles. Modern vehicles have dozens of electronic control units or
ECUs, which are small, embedded computers that communicate with sensors and
each other for vehicle functionality. ECUs use a standardized network
architecture--Controller Area Network or CAN--which presents grave security
concerns that have been exploited by researchers and hackers alike. For
instance, ECUs can be impersonated by adversaries who have infiltrated an
automotive CAN and disable or invoke unintended vehicle functions such as
brakes, acceleration, or safety mechanisms. Further, the quality of security
approaches varies wildly between manufacturers. Thus, research and development
of after-market security solutions have grown remarkably in recent years. Many
researchers are exploring deployable intrusion detection and prevention
mechanisms using machine learning and data science techniques. However, there
is a gap between developing security system algorithms and deploying prototype
security appliances in-vehicle. In this paper, we, a research team at Oak Ridge
National Laboratory working in this space, highlight challenges in the
development pipeline, and provide techniques to standardize methodology and
overcome technological hurdles.Comment: 10 pages, PATRAM 2
JBeaver: un analizador de dependencias para el español
JBeaver es un analizador de dependencias para el español desarrollado
utilizando una herramienta de aprendizaje automático (Maltparser ). Este analizador
se caracteriza por ser el único públicamente disponible para el español, ser autónomo,
fácil de instalar y de utilizar (mediante interfaz gráfica o por comandos de consola)
y de elevada precisión. Además, el sistema desarrollado sirve para entrenar de
manera sencilla modelos de Maltparser, por lo que se configura en potencia como un
analizador de dependencias para cualquier idioma.JBeaver is a dependency parser built using the Maltparser machine-learning
tool. It is publically available , easy to install and to use, and provides high
precision. It also allows training Maltparser models for any language, so it can be
used to train dependency parsers for any language.Partially supported by the Spanish Ministry
of Education and Science (TIN2006-14433-C02-01
project)
What Can Johnny Do? - Factors in an End-User Expertise Instrument
Security and computer expertise of end users can be significant predictors of user behaviour and interactions in the security and privacy context. Standardized, externally valid instruments for measuring end-user security expertise are non-existent. To address this need, we developed a questionnaire to identify critical factors that constitute expertise in end-users. It combines skills and knowledge based questions. Using exploratory factor analysis on the results from 898 participants from a range of populations, we identified 12 questions within 4 factors that correspond to computing and security expertise. Ordered logistic regression models were applied to measure efficacy of proposed security and computing factors in predicting user comprehension of security concepts (phishing and certificates). We conclude with a framework for informing future user-centered security expertise research
Dissemination of Scholarly Literature in Social Media
Social media data have been increasingly used to assess the impact of scholarly research. Such data provide complementary metrics (often called altmetrics) to traditional impact indicators. This paper provides a summary on the diffusion of scholarly content in social media, based on a collection of tweets citing papers from a set of 27 academic publishers within various fields between 2011 and 2013. We first show that there has been an increasing adoption of Twitter as a channel to disseminate scholarly literature. In particular, between 2012 and 2013, the number of scholarly tweets and the fraction of tweets (over the entire corpus) have increased by 91.2% and 42.6% respectively. We then analyze the structure of the information diffusion network. We show that the distributions of the numbers of times a specific paper is tweeted, retweeted, and the number of connected components in the diffusion network are scale-free. These preliminary results suggest that, as for other kinds of information, there are underlying mechanisms that lead some scholars and their products to become viral
Graph-based machine learning improves just-in-time defect prediction
The increasing complexity of today’s software requires the contribution of thousands of developers. This complex collaboration structure makes developers more likely to introduce defect-prone changes that lead to software faults. Determining when these defect-prone changes are introduced has proven challenging, and using traditional machine learning (ML) methods to make these determinations seems to have reached a plateau. In this work, we build contribution graphs consisting of developers and source files to capture the nuanced complexity of changes required to build software. By leveraging these contribution graphs, our research shows the potential of using graph-based ML to improve Just-In-Time (JIT) defect prediction. We hypothesize that features extracted from the contribution graphs may be better predictors of defect-prone changes than intrinsic features derived from software characteristics. We corroborate our hypothesis using graph-based ML for classifying edges that represent defect-prone changes. This new framing of the JIT defect prediction problem leads to remarkably better results. We test our approach on 14 open-source projects and show that our best model can predict whether or not a code change will lead to a defect with an F1 score as high as 77.55% and a Matthews correlation coefficient (MCC) as high as 53.16%. This represents a 152% higher F1 score and a 3% higher MCC over the state-of-the-art JIT defect prediction. We describe limitations, open challenges, and how this method can be used for operational JIT defect prediction
Incompetents, criminals, or spies: Macroeconomic analysis of routing anomalies
Routing anomalies, beyond simple leaks, are occurring on the order of tens of thousands a year. These may be accidents, but there is anecdotal evidence that indicates criminal intent. There are case studies that illustrate the use of these for national intelligence. Any given anomaly could be an accident, a crime, or an attack. Although it is impossible to directly observe the motivation of those who generate these anomalies, aggregate data about the sources of these anomalies is available. Here we leverage tools of macroeconomics to provide insights into the possible nature of these anomalies. We offer an empirical investigation using multiple linear regression and unsupervised learning to analyze data over a four-year period in order to better understand the nature of routing anomalies. If routing anomalies are a result of limited technical competence, then countries with low levels of education, few technology exports, and less expertise should be over-represented. If routing anomalies are leveraged by criminals for profit, then economic theories and analytical approaches from criminology should show statistical significance. Or, if routing anomalies are primarily used by national intelligence agencies to attack either internal dissidents or those outside their borders, then the presence of conflict and measures of quality of governance are possible indicators. We examine anomalies as likely due to incompetence, potential ecrime, or intelligence operations using macroeconomics by leveraging three theories from criminology and global measures of technology adoption. We found that exports of technology were not statistically significant, undermining the argument for incompetence. We also found support for the possibility that anomalies are driven by crime, specifically for the guardianship and relative deprivation theories of crime. In addition to these findings from regression analysis, clustering indicates that civil conflict and surveillance are associated with the disproportionate origination of routing anomalies. This supports the possibility of use of routing anomalies for national intelligence
Factors in an End User Security Expertise Instrument
The purpose of this study is to identify factors that determine computer and security expertise in end users. They can be significant determinants of human behaviour and interactions in the security and privacy context. Standardized, externally valid instruments for measuring end-user security expertise are non-existent. A questionnaire encompassing skills and knowledge-based questions was developed to identify critical factors that constitute expertise in end users. Exploratory factor analysis was applied on the results from 898 participants from a wide range of populations. Cluster analysis was applied to characterize the relationship between computer and security expertise. Ordered logistic regression models were applied to measure efficacy of the proposed security and computing factors in predicting user comprehension of security concepts: phishing and certificates. There are levels to peoples’ computer and security expertise that could be reasonably measured and operationalized. Four factors that constitute computer security-related skills and knowledge are, namely, basic computer skills, advanced computer skills, security knowledge and advanced security skills, and these are identified as determinants of computer expertise. Findings from this work can be used to guide the design of security interfaces such that it caters to people with different expertise levels and does not force users to exercise more cognitive processes than required
Characterizing the Relationship Between Degree Distributions and Community Structures
Extended power laws and inhomogeneous connections are structural patterns often found in empirical networks. Mechanisms based on the formation of triads are able to explain the power law behavior of the degree distribution of such networks. The proposed model introduces a two-step mechanism of attachment and triad formation that illustrates how preferential linkage plays an important role in shaping the inhomogeneity of connections and the division of the network into groups of nodes (i.e., the growth of community structures). In particular, we identify conditions under which the scaling exponent of the power law correlates to a widely-used modularity measure of non-overlapping communities. Our analytical results characterize the asymptotic behavior of both the scaling exponent and the modularity, as a function of the strength with which nodes with similar characteristics tend to link to each other
Modeling and control of a new ball and beam system with magnetic levitation
[ES] En este artÃculo se presenta el modelado matemático y control de un nuevo sistema bola viga con levitación magnética. El sistema propuesto, es una combinación de un sistema de levitación magnética de un grado de libertad y un sistema bola viga convencional. De está manera, el sistema resultante es no lineal y subactuado, el cual presenta caracterÃsticas que resultan desafiantes desde el punto de vista de control para su uso como banco de pruebas en un laboratorio. El modelo dinámico del sistema es obtenido utilizando el método de Lagrange. Los algoritmos de control no lineal de ganancias programadas y modos deslizantes son utilizados para estabilizar el sistema en simulaciones y pruebas reales.[EN] This paper shows the mathematical model and control of a new ball and beam system with magnetic levitation. The proposed system is a combination between the magnetic levitation system of one degree of freedom and the conventional ball and beam system. The given system is nonlinear and under actuate showing interesting characteristics from the control point of view for using it in a control lab. The dynamic model of the system is obtained based on the Lagrange's method. The algorithms of gain scheduling and sliding mode are used to stabilize the system in simulations and in the lab.Moriano, P.; Naranjo, F. (2012). Modelado y control de un nuevo sistema bola viga con levitación magnética. Revista Iberoamericana de Automática e Informática industrial. 9(3):249-258. https://doi.org/10.1016/j.riai.2012.05.008OJS24925893Espinosa, U., Aceves, A., Vega, A., Carvajal, C., 1995. Sistema de levitación magnética controlado con lógica difusa y control clásico. Reporte interno del LEA-DGI del ITESM-CEM.Green, S.A., Hirsch, R.S., Craig, K.C., 1995. Magnetic levitation device as teaching aid for mechatronics at rensselaer. Proc. ASME Dynamic Syst. and Control Division 57 (2), 1047-1052.Hauser, J., Sastry, S., Kokotovic, P., 1992. Nonlinear control via approximate input-output linearization: ball and beam example. IEEE Trans. on Automatic Control 37, 392-398.Hirschorn, R.M., 2002. Incremental sliding mode control of the ball and beam. IEEE Trans. on Automatic Control 47 (10).Huang, J., Lin, C., 1995. Robust nonlinear control of the ball and beam system. In: Proceedings of the American Control Conference.Hurley, W.G., Wolfle, W.H., 1997. Electromagnetic design of a magnetic suspension system. IEEE Trans. Educ. 40 (2), 124-130.Ignatov, R.P., Lawrence, D.A., 2001. Gain scheduling via control signal interpolation: the ball and beam example. In: Proceedings of the 33rd Southeastern Symposium on System Theory.Jalili-Kharaajoo, M., Tousi, M.M., Bagherzadeh, H., Ashari, A.E., 2003. Sliding mode control of voltage-controlled magnetic levitation systems. In: Proceedings of IEEE Conference on Control Applications.Khalil, H.K., 2002. Nonlinear Systems. 3rd. Edition. Prentice Hall, N.J.Kim, Y.C., Kim, K.H., 1994. Gain scheduled control of magnetic suspension system. In: Proceedings of the American Control Conference.Lin, C.E., Ker, C.C.,Wang, R.T., Chen, C.L., 2005. A new ball and beam system using magnetic suspension actuator. In: Industrial Electronics Society. 31st Annual Conference of IEEE.Liu, Z., Yu, F.,Wang, Z., 2009. Application of sliding mode control to design of the inverted pendulum application of sliding mode control to design of the inverted pendulum control system. In: The Ninth International Conference on Electronic Measurement & Instruments.Lundberg, K.H., Lilienkamp, K.A., Marsden, G., 2004. Low-cost magnetic levitation project kits. IEEE Control Systems Magazine 24 (5), 65-69.Moriano, P., Burgos, E., 2008. Disẽno, construcción y control de un sistema bola viga con levitación magnética. Pontificia Universidad Javeriana.Ollervides, J., Santibá̃nez, V., Llama, M., Dzul, A., 2010. Aplicación de control borroso a un sistema de suspensión magnética: Comparación experimental. Revista Iberoamericana de Automática e Informática Industrial 7 (3), 63-71.RamÃrez, G.K. T., 2002. Disẽno, construcción y control de una plataforma de levitación magnética. Master's thesis, Departamento de ingenierÃa eléctrica sección de mecatrónica, centro de investigación y de estudios avanzados del instituto politécnico nacional, México.Rosales, E.A., 2004. A ball-on-beam project kit. Master's thesis, Massachusetts Institute of Technology.Santos, L.D., Simas, H., Rodrigues, A., 1999. Inexpensive apparatus for control laboratory experiments using advanced control methodologies. In: Proceedings of the 38th conference on decision and control.Shamma, J., Athans, M., 1990. Analysis of gain scheduled control for nonlinear plants. IEEE Trans. on Automatic Control 35 (8).Sira-Ramirez, H., 2000. On the control of the ball and beam system: A trajectory planning approach. In: Proc. IEEE Conf. Decision and Control. pp. 4042-4047.Xie, J., Xu, X., Xie, K., 2008. Modeling and simulation of the inverted pedulum based on granular hybrid system. In: Chinese Control and Decision Conference