MOVICAB-IDS: Visual Analysis of Network Traffic Data Streams for Intrusion Detection

MOVICAB-IDS enables the more interesting projections of a massive traffic data set to be analysed, thereby providing an overview of any possible anomalous situations taking place on a computer network. This IDS responds to the challenges presented by traffic volume and diversity. It is a connectionist agent-based model extended by means of a functional and mobile visualization interface. The IDS is designed to be more flexible, accessible and portable by running on a great variety of applications, including small mobile ones such as PDA’s, mobile phones or embedded devices. Furthermore, its effectiveness has been demonstrated in different tests

Evolving temporal fuzzy association rules from quantitative data with a multi-objective evolutionary algorithm

A novel method for mining association rules that are both quantitative and temporal using a multi-objective evolutionary algorithm is presented. This method successfully identifies numerous temporal association rules that occur more frequently in areas of a dataset with specific quantitative values represented with fuzzy sets. The novelty of this research lies in exploring the composition of quantitative and temporal fuzzy association rules and the approach of using a hybridisation of a multi-objective evolutionary algorithm with fuzzy sets. Results show the ability of a multi-objective evolutionary algorithm (NSGA-II) to evolve multiple target itemsets that have been augmented into synthetic datasets

Modeling Internet as a User-Adapted Speech Service

Proceedings of: 7th International Conference, HAIS 2012, Salamanca, Spain, March 28-30th, 2012.The web has become the largest repository of multimedia information and its convergence with telecommunications is now bringing the benefits of web technology and hybrid artificial intelligence systems to hand-held devices. However, maximizing accessibility is not always the main objective in the design of web applications, specially if it is concerned with facilitating access for disabled people. This way, natural spoken conversation and multimodal conversational agents have been proposed as a solution to facilitate a more natural interaction with these kind of devices. In this paper, we describe a proposal to provide spoken access to Internet information that is valid not only to generate basic applications (e.g., web search engines), but also to develop dialog-based speech interfaces that facilitate a user-adapted access that enhances web services. We describe our proposal and detail several applications developed to provide evidences about the benefits of introducing speech to make the enormous web content accessible to all mobile phone users.Research funded by projects CICYT TIN2011-28620- C02-01, CICYT TEC2011-28626-C02-02,CAM CONTEXTS (S2009/TIC-1485), and DPS2008-07029-C02-02.Publicad

Unsupervised Ensembles Techniques for Visualization

In this paper we introduce two unsupervised techniques for visualization purposes based on the use of ensemble methods. The unsupervised techniques which are often quite sensitive to the presence of outliers are combined with the ensemble approaches in order to overcome the influence of outliers. The first technique is based on the use of Principal Component Analysis and the second one is known for its topology preserving characteristics and is based on the combination of the Scale Invariant Map and Maximum Likelihood Hebbian learning. In order to show the advantage of these novel ensemble-based techniques the results of some experiments carried out on artificial and real data sets are included

Intelligent Systems in Context-Based Distributed Information Fusion

Publicad

IDS Based on Bio-inspired Models

Unsupervised projection approaches can support Intrusion Detection Systems for computer network security. The involved technologies assist a network manager in detecting anomalies and potential threats by an intuitive display of the progression of network traffic. Projection methods operate as smart compression tools and map raw, high-dimensional traffic data into 2-D or 3-D spaces for subsequent graphical display. The paper compares three projection methods, namely, Cooperative Maximum Likelihood Hebbian Learning, Auto-Associative Back-Propagation networks and Principal Component Analysis. Empirical tests on anomalous situations related to the Simple Network Management Protocol (SNMP) confirm the validity of the projection-based approach. One of these anomalous situations (the SNMP community search) is faced by these projection models for the first time. This work also highlights the importance of the time-information dependence in the identification of anomalous situations in the case of the applied methods

Different approaches for the detection of SSH anomalous connections

Abstract The Secure Shell Protocol (SSH) is a well-known standard protocol, mainly used for remotely accessing shell accounts on Unix-like operating systems to perform administrative tasks. As a result, the SSH service has been an appealing target for attackers, aiming to guess root passwords performing dictionary attacks or to directly exploit the service itself. To identify such situations, this article addresses the detection of SSH anomalous connections from an intrusion detection perspective. The main idea is to compare several strategies and approaches for a better detection of SSH-based attacks. To test the classification performance of different classifiers and combinations of them, SSH data coming from a real-world honeynet are gathered and analysed. For comparison purposes and to draw conclusions about data collection, both packet-based and flow data are analysed. A wide range of classifiers and ensembles are applied to these data, as well as different validation schemes for better analysis of the obtained results. The high-rate classification results lead to positive conclusions about the identification of malicious SSH connections

A Generic Architecture for Integrating Health Monitoring and Advanced Care Provisioning

This paper presents a novel approach for advanced person- alized care and health services. It consists of four tiers and presents a high level of openness, privacy and manageability compared to existing systems. Moreover, the architecture is driven by realistic underlying business opportunities and is validated through the design of multiple scenarios.status: publishe

Improving the k-Nearest Neighbour Rule by an Evolutionary Voting Approach

This work presents an evolutionary approach to modify the voting system of the k-Nearest Neighbours (kNN). The main novelty of this article lies on the optimization process of voting regardless of the distance of every neighbour. The calculated real-valued vector through the evolutionary process can be seen as the relative contribution of every neighbour to select the label of an unclassified example. We have tested our approach on 30 datasets of the UCI repository and results have been compared with those obtained from other 6 variants of the kNN predictor, resulting in a realistic improvement statistically supported

Nostradamus: Modern Methods of Prediction, Modeling and Analysis of Nonlinear Systems

This proceeding book of Nostradamus conference (http://nostradamus-conference.org) contains accepted papers presented at this event in 2012. Nostradamus conference was held in the one of the biggest and historic city of Ostrava (the Czech Republic, http://www.ostrava.cz/en), in September 2012. Conference topics are focused on classical as well as modern methods for prediction of dynamical systems with applications in science, engineering and economy. Topics are (but not limited to): prediction by classical and novel methods, predictive control, deterministic chaos and its control, complex systems, modelling and prediction of its dynamics and much more