A formalised ontology for network attack classification

One of the most popular attack vectors against computers are their network connections. Attacks on computers through their networks are commonplace and have various levels of complexity. This research formally describes network-based computer attacks in the form of a story, formally and within an ontology. The ontology categorises network attacks where attack scenarios are the focal class. This class consists of: Denial-of- Service, Industrial Espionage, Web Defacement, Unauthorised Data Access, Financial Theft, Industrial Sabotage, Cyber-Warfare, Resource Theft, System Compromise, and Runaway Malware. This ontology was developed by building a taxonomy and a temporal network attack model. Network attack instances (also know as individuals) are classified according to their respective attack scenarios, with the use of an automated reasoner within the ontology. The automated reasoner deductions are verified formally; and via the automated reasoner, a relaxed set of scenarios is determined, which is relevant in a near real-time environment. A prototype system (called Aeneas) was developed to classify network-based attacks. Aeneas integrates the sensors into a detection system that can classify network attacks in a near real-time environment. To verify the ontology and the prototype Aeneas, a virtual test bed was developed in which network-based attacks were generated to verify the detection system. Aeneas was able to detect incoming attacks and classify them according to their scenario. The novel part of this research is the attack scenarios that are described in the form of a story, as well as formally and in an ontology. The ontology is used in a novel way to determine to which class attack instances belong and how the network attack ontology is affected in a near real-time environment

Hidden Markov models for robust recognition of vehicle licence plates

In this dissertation the problem of recognising vehicle licence plates of which the sym¬bols can not be segmented by standard image processing techniques is addressed. Most licence plate recognition systems proposed in the literature do not compensate for dis¬torted, obscured and damaged licence plates. We implemented a novel system which uses a neural network/ hidden Markov model hybrid for licence plate recognition. We implemented a region growing algorithm, which was shown to work well when used to extract the licence plate from a vehicle image. Our vertical edges algorithm was not as successful. We also used the region growing algorithm to separate the symbols in the licence plate. Where the region growing algorithm failed, possible symbol borders were identified by calculating local minima of a vertical projection of the region. A multilayer perceptron neural network was used to estimate symbol probabilities of all the possible symbols in the region. The licence plate symbols were the inputs of the neural network, and were scaled to a constant size. We found that 7 x 12 gave the best character recognition rate. Out of 2117 licence plate symbols we achieved a symbol recognition rate of 99.53%. By using the vertical projection of a licence plate image, we were able to separate the licence plate symbols out of images for which the region growing algorithm failed. Legal licence plate sequences were used to construct a hidden Markov model contain¬ing all allowed symbol orderings. By adapting the Viterbi algorithm with sequencing constraints, the most likely licence plate symbol sequences were calculated, along with a confidence measure. The confidence measure enabled us to use more than one licence plate and symbol segmentation technique. Our recognition rate increased dramatically when we com¬bined the different techniques. The results obtained showed that the system developed worked well, and achieved a licence plate recognition rate of 93.7%.Dissertation (MEng (Computer Engineering))--University of Pretoria, 2002.Electrical, Electronic and Computer Engineeringunrestricte