57 resultados para Subclassing Anomaly
Resumo:
The increasingly widespread use of large-scale 3D virtual environments has translated into an increasing effort required from designers, developers and testers. While considerable research has been conducted into assisting the design of virtual world content and mechanics, to date, only limited contributions have been made regarding the automatic testing of the underpinning graphics software and hardware. In the work presented in this paper, two novel neural network-based approaches are presented to predict the correct visualization of 3D content. Multilayer perceptrons and self-organizing maps are trained to learn the normal geometric and color appearance of objects from validated frames and then used to detect novel or anomalous renderings in new images. Our approach is general, for the appearance of the object is learned rather than explicitly represented. Experiments were conducted on a game engine to determine the applicability and effectiveness of our algorithms. The results show that the neural network technology can be effectively used to address the problem of automatic and reliable visual testing of 3D virtual environments.
Resumo:
Collaborative methods are promising tools for solving complex security tasks. In this context, the authors present the security overlay framework CIMD (Collaborative Intrusion and Malware Detection), enabling participants to state objectives and interests for joint intrusion detection and find groups for the exchange of security-related data such as monitoring or detection results accordingly; to these groups the authors refer as detection groups. First, the authors present and discuss a tree-oriented taxonomy for the representation of nodes within the collaboration model. Second, they introduce and evaluate an algorithm for the formation of detection groups. After conducting a vulnerability analysis of the system, the authors demonstrate the validity of CIMD by examining two different scenarios inspired sociology where the collaboration is advantageous compared to the non-collaborative approach. They evaluate the benefit of CIMD by simulation in a novel packet-level simulation environment called NeSSi (Network Security Simulator) and give a probabilistic analysis for the scenarios.
Resumo:
The IEEE Wireless LAN standard has been a true success story by enabling convenient, efficient and low-cost access to broadband networks for both private and professional use. However, the increasing density and uncoordinated operation of wireless access points, combined with constantly growing traffic demands have started hurting the users' quality of experience. On the other hand, the emerging ubiquity of wireless access has placed it at the center of attention for network attacks, which not only raises users' concerns on security but also indirectly affects connection quality due to proactive measures against security attacks. In this work, we introduce an integrated solution to congestion avoidance and attack mitigation problems through cooperation among wireless access points. The proposed solution implements a Partially Observable Markov Decision Process (POMDP) as an intelligent distributed control system. By successfully differentiating resource hampering attacks from overload cases, the control system takes an appropriate action in each detected anomaly case without disturbing the quality of service for end users. The proposed solution is fully implemented on a small-scale testbed, on which we present our observations and demonstrate the effectiveness of the system to detect and alleviate both attack and congestion situations.
Resumo:
We consider Cooperative Intrusion Detection System (CIDS) which is a distributed AIS-based (Artificial Immune System) IDS where nodes collaborate over a peer-to-peer overlay network. The AIS uses the negative selection algorithm for the selection of detectors (e.g., vectors of features such as CPU utilization, memory usage and network activity). For better detection performance, selection of all possible detectors for a node is desirable but it may not be feasible due to storage and computational overheads. Limiting the number of detectors on the other hand comes with the danger of missing attacks. We present a scheme for the controlled and decentralized division of detector sets where each IDS is assigned to a region of the feature space. We investigate the trade-off between scalability and robustness of detector sets. We address the problem of self-organization in CIDS so that each node generates a distinct set of the detectors to maximize the coverage of the feature space while pairs of nodes exchange their detector sets to provide a controlled level of redundancy. Our contribution is twofold. First, we use Symmetric Balanced Incomplete Block Design, Generalized Quadrangles and Ramanujan Expander Graph based deterministic techniques from combinatorial design theory and graph theory to decide how many and which detectors are exchanged between which pair of IDS nodes. Second, we use a classical epidemic model (SIR model) to show how properties from deterministic techniques can help us to reduce the attack spread rate.
Resumo:
Across central Australia and south-west Queensland, a large (~800,000km2) subsurface temperature anomaly occurs (Figure 1). Temperatures are interpreted to be greater than 235°C at 5km depth, ca. 85°C higher than the average geothermal gradient for the upper continental crust (Chopra & Holgate, 2005; Holgate & Gerner, 2011). This anomaly has driven the development of Engineered Geothermal Systems (EGS) at Innamincka, where high temperatures have been related to the radiogenic heat production of High Heat Producing Granites (HHPG) at depth, below thermally insulative sedimentary cover (Chopra & Holgate, 2005; Draper & D’Arcy, 2006; Meixner & Holgate, 2009). To evaluate the role of granitic rocks at depth in generating the broader temperature anomaly in SW-Queensland, we sampled 25 granitic rocks from basement intervals of petroleum drill cores below thermal insulative cover along two transects (WNW–ESE and NNE–SSW — Figure 1) and performed a multidisciplinary study involving petrography, whole-rock chemistry, zircon dating and thermal conductivity measurements.
Resumo:
Australia has many isolated communities that require human services provided by qualified professionals. Maintaining a viable and equitable spread of such educational capital across space as a public good is a challenge. Reports investigating this problem repeatedly point to ‘family issues’ such as limited options for children’s education, and limited access to ongoing professional development, as deterrents for rural/remote employment despite lucrative incentive schemes. This paper draws on semi-structured interviews with 30 parents of school-aged children, who work as doctors, nurses, teachers and police in six rural/remote towns in Queensland. We asked them how their family units reconcile career opportunities with educational strategy for family members over time and space. This paper considers these issues as a sociology of education problem in a context of educational marketisation and spiralling credentialism. This paper offers the concept of ‘mobius markets’ to capture the cyclical and intergenerational process underway in middle class professional families of investing in educational capitals, maintaining or maximising their value and profiting from them. A mobius strip is the topological anomaly of a single loop with one twist in it, whereby the loop becomes one continuous surface, not the double-sided shape it appears to be. This project is interested in how the middle class professional family is similarly on a constant circuit, investing in educational capitals, upgrading their currency/value, and profiting from them. This elaborated sense of educational markets extends the more usual sociological focus on school choice.
Resumo:
In this paper, we propose a semi-supervised approach of anomaly detection in Online Social Networks. The social network is modeled as a graph and its features are extracted to detect anomaly. A clustering algorithm is then used to group users based on these features and fuzzy logic is applied to assign degree of anomalous behavior to the users of these clusters. Empirical analysis shows effectiveness of this method.
Resumo:
Increases in functionality, power and intelligence of modern engineered systems led to complex systems with a large number of interconnected dynamic subsystems. In such machines, faults in one subsystem can cascade and affect the behavior of numerous other subsystems. This complicates the traditional fault monitoring procedures because of the need to train models of the faults that the monitoring system needs to detect and recognize. Unavoidable design defects, quality variations and different usage patterns make it infeasible to foresee all possible faults, resulting in limited diagnostic coverage that can only deal with previously anticipated and modeled failures. This leads to missed detections and costly blind swapping of acceptable components because of one’s inability to accurately isolate the source of previously unseen anomalies. To circumvent these difficulties, a new paradigm for diagnostic systems is proposed and discussed in this paper. Its feasibility is demonstrated through application examples in automotive engine diagnostics.
Resumo:
A large subsurface, elevated temperature anomaly is well documented in Central Australia. High Heat Producing Granites (HHPGs) intersected by drilling at Innamincka are often assumed to be the dominant cause of the elevated subsurface temperatures, although their presence in other parts of the temperature anomaly has not been confirmed. Geological controls on the temperature anomaly remain poorly understood. Additionally, methods previously used to predict temperature at 5 km depth in this area are simplistic and possibly do not give an accurate representation of the true distribution and magnitude of the temperature anomaly. Here we re-evaluate the geological controls on geothermal potential in the Queensland part of the temperature anomaly using a stochastic thermal model. The results illustrate that the temperature distribution is most sensitive to the thermal conductivity structure of the top 5 km. Furthermore, the results indicate the presence of silicic crust enriched in heat producing elements between and 40 km.
Resumo:
This project was a step forward in developing intrusion detection systems in distributed environments such as web services. It investigates a new approach of detection based on so-called "taint-marking" techniques and introduces a theoretical framework along with its implementation in the Linux kernel.
Resumo:
Problem-solving courts appear to achieve outcomes that are not common in mainstream courts. There are increasing calls for the adoption of more therapeutic and problem-solving practices by mainstream judges in civil and criminal courts in a number of jurisdictions, most notably in the United States and Australia. Currently, a judge who sets out to exercise a significant therapeutic function is likely to be doing so in a specialist court or jurisdiction, outside the mainstream court system, and arguably, outside the adversarial paradigm itself. To some extent, this work is tolerated but marginalised. However, do therapeutic and problem-solving functions have the potential to help define, rather than simply complement, the role of judicial officers? The core question addressed in this thesis is whether the judicial role could evolve to be not just less adversarial, but fundamentally non-adversarial. In other words, could we see—or are we seeing—a juristic paradigm shift not just in the colloquial, casual sense of the word, but in the strong, worldview changing sense meant by Thomas Kuhn? This thesis examines the current relationship between adversarialism and therapeutic jurisprudence in the context of Kuhn’s conception of the transition from periods of ‘normal science’, through periods of anomaly and disciplinary crises to paradigm shifts. It considers whether therapeutic jurisprudence and adversarialism are incommensurable in the Kuhnian sense, and if so, what this means for the relationship between the two, and for the agenda to mainstream therapeutic jurisprudence. The thesis asserts that Kuhnian incommensurability is, in fact, a characteristic of the relationship between adversarialism and therapeutic jurisprudence, but that the possibility of a therapeutic paradigm shift in law can be reconciled with many adversarial and due process principles by relating this incommensurability to a broader disciplinary matrix.
Resumo:
In this paper, a framework for isolating unprecedented faults for an EGR valve system is presented. Using normal behavior data generated by a high fidelity engine simulation, the recently introduced Growing Structure Multiple Model System (GSMMS) is used to construct models of normal behavior for an EGR valve system and its various subsystems. Using the GSMMS models as a foundation, anomalous behavior of the entire system is then detected as statistically significant departures of the most recent modeling residuals from the modeling residuals during normal behavior. By reconnecting anomaly detectors to the constituent subsystems, the anomaly can be isolated without the need for prior training using faulty data. Furthermore, faults that were previously encountered (and modeled) are recognized using the same approach as the anomaly detectors.
Resumo:
In this paper, a recently introduced model-based method for precedent-free fault detection and isolation (FDI) is modified to deal with multiple input, multiple output (MIMO) systems and is applied to an automotive engine with exhaust gas recirculation (EGR) system. Using normal behavior data generated by a high fidelity engine simulation, the growing structure multiple model system (GSMMS) approach is used to construct dynamic models of normal behavior for the EGR system and its constituent subsystems. Using the GSMMS models as a foundation, anomalous behavior is detected whenever statistically significant departures of the most recent modeling residuals away from the modeling residuals displayed during normal behavior are observed. By reconnecting the anomaly detectors (ADs) to the constituent subsystems, EGR valve, cooler, and valve controller faults are isolated without the need for prior training using data corresponding to particular faulty system behaviors.
Resumo:
Novel computer vision techniques have been developed for automatic monitoring of crowed environments such as airports, railway stations and shopping malls. Using video feeds from multiple cameras, the techniques enable crowd counting, crowd flow monitoring, queue monitoring and abnormal event detection. The outcome of the research is useful for surveillance applications and for obtaining operational metrics to improve business efficiency.
Resumo:
The Modicon Communication Bus (Modbus) protocol is one of the most commonly used protocols in industrial control systems. Modbus was not designed to provide security. This paper confirms that the Modbus protocol is vulnerable to flooding attacks. These attacks involve injection of commands that result in disrupting the normal operation of the control system. This paper describes a set of experiments that shows that an anomaly-based change detection algorithm and signature-based Snort threshold module are capable of detecting Modbus flooding attacks. In comparing these intrusion detection techniques, we find that the signature-based detection requires a carefully selected threshold value, and that the anomaly-based change detection algorithm may have a short delay before detecting the attacks depending on the parameters used. In addition, we also generate a network traffic dataset of flooding attacks on the Modbus control system protocol.
