301 resultados para Detecting
Resumo:
Video surveillance infrastructure has been widely installed in public places for security purposes. However, live video feeds are typically monitored by human staff, making the detection of important events as they occur difficult. As such, an expert system that can automatically detect events of interest in surveillance footage is highly desirable. Although a number of approaches have been proposed, they have significant limitations: supervised approaches, which can detect a specific event, ideally require a large number of samples with the event spatially and temporally localised; while unsupervised approaches, which do not require this demanding annotation, can only detect whether an event is abnormal and not specific event types. To overcome these problems, we formulate a weakly-supervised approach using Kullback-Leibler (KL) divergence to detect rare events. The proposed approach leverages the sparse nature of the target events to its advantage, and we show that this data imbalance guarantees the existence of a decision boundary to separate samples that contain the target event from those that do not. This trait, combined with the coarse annotation used by weakly supervised learning (that only indicates approximately when an event occurs), greatly reduces the annotation burden while retaining the ability to detect specific events. Furthermore, the proposed classifier requires only a decision threshold, simplifying its use compared to other weakly supervised approaches. We show that the proposed approach outperforms state-of-the-art methods on a popular real-world traffic surveillance dataset, while preserving real time performance.
Resumo:
Existing business process drift detection methods do not work with event streams. As such, they are designed to detect inter-trace drifts only, i.e. drifts that occur between complete process executions (traces), as recorded in event logs. However, process drift may also occur during the execution of a process, and may impact ongoing executions. Existing methods either do not detect such intra-trace drifts, or detect them with a long delay. Moreover, they do not perform well with unpredictable processes, i.e. processes whose logs exhibit a high number of distinct executions to the total number of executions. We address these two issues by proposing a fully automated and scalable method for online detection of process drift from event streams. We perform statistical tests over distributions of behavioral relations between events, as observed in two adjacent windows of adaptive size, sliding along with the stream. An extensive evaluation on synthetic and real-life logs shows that our method is fast and accurate in the detection of typical change patterns, and performs significantly better than the state of the art.
Resumo:
The measurement of Cobb angles from radiographs is routine practice in spinal clinics. The technique relies on the use and availability of specialist equipment such as a goniometer, cobbometer or protractor. The aim of this study was to validate the use of i-Phone (Apple Inc) combined with Tilt Meter Pro software as compared to a protractor in the measurement of Cobb angles. Between November 2008 and December 2008 20 patients were selected at random from the Paediatric Spine Research Groups Database. A power calculation was performed which indicated if n=240 measurements the study had a 96% chance of detecting a 5 degree difference between groups. All patients had idiopathic scoliosis with a range of curve types and severities. The study found the i-Phone combined with Tilt Meter Pro software offers a faster alternative to the traditional method of Cobb angle measurement. The use of i-Phone offers a more convenient way of measuring Cobb angles in the outpatient setting. The intra-observer repeatability of the iPhone is equivalent to the protractor in the measurement of Cobb angles.
Resumo:
Denial-of-service attacks (DoS) and distributed denial-of-service attacks (DDoS) attempt to temporarily disrupt users or computer resources to cause service un- availability to legitimate users in the internetworking system. The most common type of DoS attack occurs when adversaries °ood a large amount of bogus data to interfere or disrupt the service on the server. The attack can be either a single-source attack, which originates at only one host, or a multi-source attack, in which multiple hosts coordinate to °ood a large number of packets to the server. Cryptographic mechanisms in authentication schemes are an example ap- proach to help the server to validate malicious tra±c. Since authentication in key establishment protocols requires the veri¯er to spend some resources before successfully detecting the bogus messages, adversaries might be able to exploit this °aw to mount an attack to overwhelm the server resources. The attacker is able to perform this kind of attack because many key establishment protocols incorporate strong authentication at the beginning phase before they can iden- tify the attacks. This is an example of DoS threats in most key establishment protocols because they have been implemented to support con¯dentiality and data integrity, but do not carefully consider other security objectives, such as availability. The main objective of this research is to design denial-of-service resistant mechanisms in key establishment protocols. In particular, we focus on the design of cryptographic protocols related to key establishment protocols that implement client puzzles to protect the server against resource exhaustion attacks. Another objective is to extend formal analysis techniques to include DoS- resistance. Basically, the formal analysis approach is used not only to analyse and verify the security of a cryptographic scheme carefully but also to help in the design stage of new protocols with a high level of security guarantee. In this research, we focus on an analysis technique of Meadows' cost-based framework, and we implement DoS-resistant model using Coloured Petri Nets. Meadows' cost-based framework is directly proposed to assess denial-of-service vulnerabil- ities in the cryptographic protocols using mathematical proof, while Coloured Petri Nets is used to model and verify the communication protocols using inter- active simulations. In addition, Coloured Petri Nets are able to help the protocol designer to clarify and reduce some inconsistency of the protocol speci¯cation. Therefore, the second objective of this research is to explore vulnerabilities in existing DoS-resistant protocols, as well as extend a formal analysis approach to our new framework for improving DoS-resistance and evaluating the performance of the new proposed mechanism. In summary, the speci¯c outcomes of this research include following results; 1. A taxonomy of denial-of-service resistant strategies and techniques used in key establishment protocols; 2. A critical analysis of existing DoS-resistant key exchange and key estab- lishment protocols; 3. An implementation of Meadows's cost-based framework using Coloured Petri Nets for modelling and evaluating DoS-resistant protocols; and 4. A development of new e±cient and practical DoS-resistant mechanisms to improve the resistance to denial-of-service attacks in key establishment protocols.
Resumo:
This PhD project has expanded the knowledge in the area of profluorescent nitroxides with regard to the synthesis and characterisations of novel profluorescent nitroxide probes as well as physical characterisation of the probe molecules in various polymer/physical environments. The synthesis of the first example of an azaphenalene-based fused aromatic nitroxide TMAO, [1,1,3,3-tetramethyl-2,3-dihydro-2-azaphenalen-2-yloxyl, was described. This novel nitroxide possesses some of the structural rigidity of the isoindoline class of nitroxides, as well as some properties akin to TEMPO nitroxides. Additionally, the integral aromatic ring imparts fluorescence that is switched on by radical scavenging reactions of the nitroxide, which makes it a sensitive probe for polymer degradation. In addition to the parent TMAO, 5 other azaphenalene derivatives were successfully synthesised. This new class of nitroxide was expected to have interesting redox properties when the structure was investigated by high-level ab initio molecular orbitals theory. This was expected to have implications with biological relevance as the calculated redox potentials for the azaphenalene ring class would make them potent antioxidant compounds. The redox potentials of 25 cyclic nitroxides from four different structural classes (pyrroline, piperidine, isoindoline and azaphenalene) were determined by cyclic voltammetry in acetonitrile. It was shown that potentials related to the one electron processes of the nitroxide were influenced by the type of ring system, ring substituents or groups surrounding the moiety. Favourable comparisons were found between theoretical and experimental potentials for pyrroline, piperidine and isoindoline ring classes. Substitution of these ring classes, were correctly calculated to have a small yet predictable effect on the potentials. The redox potentials of the azaphenalene ring class were underestimated by the calculations in all cases by at least a factor of two. This is believed to be due to another process influencing the redox potentials of the azaphenalene ring class which is not taken into account by the theoretical model. It was also possible to demonstrate the use of both azaphenalene and isoindoline nitroxides as additives for monitoring radical mediated damage that occurs in polypropylene as well as in more commercially relevant polyester resins. Polymer sample doped with nitroxide were exposed to both thermo-and photo-oxidative conditions with all nitroxides showing a protective effect. It was found that isoindoline nitroxides were able to indicate radical formation in polypropylene aged at elevated temperatures via fluorescence build-up. The azaphenalene nitroxide TMAO showed no such build-up of fluorescence. This was believed to be due to the more labile bond between the nitroxide and macromolecule and the protection may occur through a classical Denisov cycle, as is expected for commercially available HAS units. Finally, A new profluorescent dinitroxide, BTMIOA (9,10-bis(1,1,3,3- tetramethylisoindolin-2-yloxyl-5-yl)anthracene), was synthesised and shown to be a powerful probe for detecting changes during the initial stages of thermo-oxidative degradation of polypropylene. This probe, which contains a 9,10-diphenylanthracene core linked to two nitroxides, possesses strongly suppressed fluorescence due to quenching by the two nitroxide groups. This molecule also showed the greatest protective effect on thermo-oxidativly aged polypropylene. Most importantly, BTMIOA was found to be a valuable tool for imaging and mapping free-radical generation in polypropylene using fluorescence microscopy.
Resumo:
The research presented in this thesis addresses inherent problems in signaturebased intrusion detection systems (IDSs) operating in heterogeneous environments. The research proposes a solution to address the difficulties associated with multistep attack scenario specification and detection for such environments. The research has focused on two distinct problems: the representation of events derived from heterogeneous sources and multi-step attack specification and detection. The first part of the research investigates the application of an event abstraction model to event logs collected from a heterogeneous environment. The event abstraction model comprises a hierarchy of events derived from different log sources such as system audit data, application logs, captured network traffic, and intrusion detection system alerts. Unlike existing event abstraction models where low-level information may be discarded during the abstraction process, the event abstraction model presented in this work preserves all low-level information as well as providing high-level information in the form of abstract events. The event abstraction model presented in this work was designed independently of any particular IDS and thus may be used by any IDS, intrusion forensic tools, or monitoring tools. The second part of the research investigates the use of unification for multi-step attack scenario specification and detection. Multi-step attack scenarios are hard to specify and detect as they often involve the correlation of events from multiple sources which may be affected by time uncertainty. The unification algorithm provides a simple and straightforward scenario matching mechanism by using variable instantiation where variables represent events as defined in the event abstraction model. The third part of the research looks into the solution to address time uncertainty. Clock synchronisation is crucial for detecting multi-step attack scenarios which involve logs from multiple hosts. Issues involving time uncertainty have been largely neglected by intrusion detection research. The system presented in this research introduces two techniques for addressing time uncertainty issues: clock skew compensation and clock drift modelling using linear regression. An off-line IDS prototype for detecting multi-step attacks has been implemented. The prototype comprises two modules: implementation of the abstract event system architecture (AESA) and of the scenario detection module. The scenario detection module implements our signature language developed based on the Python programming language syntax and the unification-based scenario detection engine. The prototype has been evaluated using a publicly available dataset of real attack traffic and event logs and a synthetic dataset. The distinct features of the public dataset are the fact that it contains multi-step attacks which involve multiple hosts with clock skew and clock drift. These features allow us to demonstrate the application and the advantages of the contributions of this research. All instances of multi-step attacks in the dataset have been correctly identified even though there exists a significant clock skew and drift in the dataset. Future work identified by this research would be to develop a refined unification algorithm suitable for processing streams of events to enable an on-line detection. In terms of time uncertainty, identified future work would be to develop mechanisms which allows automatic clock skew and clock drift identification and correction. The immediate application of the research presented in this thesis is the framework of an off-line IDS which processes events from heterogeneous sources using abstraction and which can detect multi-step attack scenarios which may involve time uncertainty.
Resumo:
Automatic detection of suspicious activities in CCTV camera feeds is crucial to the success of video surveillance systems. Such a capability can help transform the dumb CCTV cameras into smart surveillance tools for fighting crime and terror. Learning and classification of basic human actions is a precursor to detecting suspicious activities. Most of the current approaches rely on a non-realistic assumption that a complete dataset of normal human actions is available. This paper presents a different approach to deal with the problem of understanding human actions in video when no prior information is available. This is achieved by working with an incomplete dataset of basic actions which are continuously updated. Initially, all video segments are represented by Bags-Of-Words (BOW) method using only Term Frequency-Inverse Document Frequency (TF-IDF) features. Then, a data-stream clustering algorithm is applied for updating the system's knowledge from the incoming video feeds. Finally, all the actions are classified into different sets. Experiments and comparisons are conducted on the well known Weizmann and KTH datasets to show the efficacy of the proposed approach.
Resumo:
Objective: To examine the reliability and validity of the Alcohol Use Disorders Identification Test (AUDIT) compared to a structured diagnostic interview, the Composite international Diagnostic Interview (CIDI; 12-month version) in psychiatric patients with a diagnosis of schizophrenia. Method: Patients (N = 71, 53 men) were interviewed using the CIDI (Alcohol Misuse Section; 12-month version) and then completed the AUDIT. Results: The CIDI identified 32.4% of the sample as having an alcohol use disorder. Of these, 5 (7.0%) met diagnostic criteria for harmful use of alcohol, 1 (1.4%) met diagnostic criteria for alcohol abuse and 17 (23.9%) met diagnostic criteria for alcohol dependence. The AUDIT was found to have good internal reliability (coefficient = 0.85). An AUDIT cutoff of greater than or equal to 8 had a sensitivity of 87% and specificity of 90% in detecting CIDI-diagnosed alcohol disorders. All items except Item 9 contributed significantly to discriminant validity. Conclusions: The findings replicate and extend previous findings of high rates of alcohol use disorders in people with severe mental illness. The AUDIT was found to be reliable and valid in this sample and can be used with confidence as a screening instrument for alcohol use disorders in people with schizophrenia.
Resumo:
Spatial information captured from optical remote sensors on board unmanned aerial vehicles (UAVs) has great potential in automatic surveillance of electrical infrastructure. For an automatic vision-based power line inspection system, detecting power lines from a cluttered background is one of the most important and challenging tasks. In this paper, a novel method is proposed, specifically for power line detection from aerial images. A pulse coupled neural filter is developed to remove background noise and generate an edge map prior to the Hough transform being employed to detect straight lines. An improved Hough transform is used by performing knowledge-based line clustering in Hough space to refine the detection results. The experiment on real image data captured from a UAV platform demonstrates that the proposed approach is effective for automatic power line detection.
Resumo:
Human-specific Bacteroides HF183 (HS-HF183), human-specific Enterococci faecium esp (HS-esp), human-specific adenoviruses (HS-AVs) and human-specific polyomaviruses (HS-PVs) assays were evaluated in freshwater, seawater and distilled water to detect fresh sewage. The sewage spiked water samples were also tested for the concentrations of traditional fecal indicators (i.e., Escherichia coli, enterococci and Clostridium perfringens) and enteric viruses such as enteroviruses (EVs), sapoviruses (SVs), and torquetenoviruses (TVs). The overall host-specificity of the HS-HF183 marker to differentiate between humans and other animals was 98%. However, the HS-esp, HS-AVs and HS-PVs showed 100% hostspecificity. All the human-specific markers showed >97% sensitivity to detect human fecal pollution. E. coli, enterococci and, C. perfringens were detected up to dilutions of sewage 10_5, 10_4 and 10_3 respectively.HS-esp, HS-AVs, HS-PVs, SVs and TVs were detected up to dilution of sewage 10_4 whilst EVs were detected up to dilution 10_5. The ability of the HS-HF183 marker to detect freshsewagewas3–4 orders ofmagnitude higher than that of the HS-esp and viral markers. The ability to detect fresh sewage in freshwater, seawater and distilled water matrices was similar for human-specific bacterial and viral marker. Based on our data, it appears that human-specific molecular markers are sensitive measures of fresh sewage pollution, and the HS-HF183 marker appears to be the most sensitive among these markers in terms of detecting fresh sewage. However, the presence of the HS-HF183 marker in environmental waters may not necessarily indicate the presence of enteric viruses due to their high abundance in sewage compared to enteric viruses. More research is required on the persistency of these markers in environmental water samples in relation to traditional fecal indicators and enteric pathogens.
Resumo:
This research investigates wireless intrusion detection techniques for detecting attacks on IEEE 802.11i Robust Secure Networks (RSNs). Despite using a variety of comprehensive preventative security measures, the RSNs remain vulnerable to a number of attacks. Failure of preventative measures to address all RSN vulnerabilities dictates the need for a comprehensive monitoring capability to detect all attacks on RSNs and also to proactively address potential security vulnerabilities by detecting security policy violations in the WLAN. This research proposes novel wireless intrusion detection techniques to address these monitoring requirements and also studies correlation of the generated alarms across wireless intrusion detection system (WIDS) sensors and the detection techniques themselves for greater reliability and robustness. The specific outcomes of this research are: A comprehensive review of the outstanding vulnerabilities and attacks in IEEE 802.11i RSNs. A comprehensive review of the wireless intrusion detection techniques currently available for detecting attacks on RSNs. Identification of the drawbacks and limitations of the currently available wireless intrusion detection techniques in detecting attacks on RSNs. Development of three novel wireless intrusion detection techniques for detecting RSN attacks and security policy violations in RSNs. Development of algorithms for each novel intrusion detection technique to correlate alarms across distributed sensors of a WIDS. Development of an algorithm for automatic attack scenario detection using cross detection technique correlation. Development of an algorithm to automatically assign priority to the detected attack scenario using cross detection technique correlation.
Resumo:
Despite all attempts to prevent fraud, it continues to be a major threat to industry and government. Traditionally, organizations have focused on fraud prevention rather than detection, to combat fraud. In this paper we present a role mining inspired approach to represent user behaviour in Enterprise Resource Planning (ERP) systems, primarily aimed at detecting opportunities to commit fraud or potentially suspicious activities. We have adapted an approach which uses set theory to create transaction profiles based on analysis of user activity records. Based on these transaction profiles, we propose a set of (1) anomaly types to detect potentially suspicious user behaviour and (2) scenarios to identify inadequate segregation of duties in an ERP environment. In addition, we present two algorithms to construct a directed acyclic graph to represent relationships between transaction profiles. Experiments were conducted using a real dataset obtained from a teaching environment and a demonstration dataset, both using SAP R/3, presently the most predominant ERP system. The results of this empirical research demonstrate the effectiveness of the proposed approach.
Resumo:
Surveillance for invasive non-indigenous species (NIS) is an integral part of a quarantine system. Estimating the efficiency of a surveillance strategy relies on many uncertain parameters estimated by experts, such as the efficiency of its components in face of the specific NIS, the ability of the NIS to inhabit different environments, and so on. Due to the importance of detecting an invasive NIS within a critical period of time, it is crucial that these uncertainties be accounted for in the design of the surveillance system. We formulate a detection model that takes into account, in addition to structured sampling for incursive NIS, incidental detection by untrained workers. We use info-gap theory for satisficing (not minimizing) the probability of detection, while at the same time maximizing the robustness to uncertainty. We demonstrate the trade-off between robustness to uncertainty, and an increase in the required probability of detection. An empirical example based on the detection of Pheidole megacephala on Barrow Island demonstrates the use of info-gap analysis to select a surveillance strategy.
Resumo:
This paper describes protection and control of a microgrid with converter interfaced micro sources. The proposed protection and control scheme consider both grid connected and autonomous operation of the microgrid. A protection scheme, capable of detecting faults effectively in both grid connected and islanded operations is proposed. The main challenge of the protection, due to current limiting state of the converters is overcome by using admittance relays. The relays operate according to the inverse time characteristic based on measured admittance of the line. The proposed scheme isolates the fault from both sides, while downstream side of the microgrid operates in islanding condition. Moreover faults can be detected in autonomous operation. In grid connected mode distributed generators (DG) supply the rated power while in absence of the grid, DGs share the entire power requirement proportional to rating based on output voltage angle droop control. The protection scheme ensures minimum load shedding with isolating the faulted network and DG control provides a smooth islanding and resynchronization operation. The efficacy of coordinated control and protection scheme has been validated through simulation for various operating conditions.
Resumo:
Concern regarding the health effects of indoor air quality has grown in recent years, due to the increased prevalence of many diseases, as well as the fact that many people now spend most of their time indoors. While numerous studies have reported on the dynamics of aerosols indoors, the dynamics of bioaerosols in indoor environments are still poorly understood and very few studies have focused on fungal spore dynamics in indoor environments. Consequently, this work investigated the dynamics of fungal spores in indoor air, including fungal spore release and deposition, as well as investigating the mechanisms involved in the fungal spore fragmentation process. In relation to the investigation of fungal spore dynamics, it was found that the deposition rates of the bioaerosols (fungal propagules) were in the same range as the deposition rates of nonbiological particles and that they were a function of their aerodynamic diameters. It was also found that fungal particle deposition rates increased with increasing ventilation rates. These results (which are reported for the first time) are important for developing an understanding of the dynamics of fungal spores in the air. In relation to the process of fungal spore fragmentation, important information was generated concerning the airborne dynamics of the spores, as well as the part/s of the fungi which undergo fragmentation. The results obtained from these investigations into the dynamics of fungal propagules in indoor air significantly advance knowledge about the fate of fungal propagules in indoor air, as well as their deposition in the respiratory tract. The need to develop an advanced, real-time method for monitoring bioaerosols has become increasingly important in recent years, particularly as a result of the increased threat from biological weapons and bioterrorism. However, to date, the Ultraviolet Aerodynamic Particle Sizer (UVAPS, Model 3312, TSI, St Paul, MN) is the only commercially available instrument capable of monitoring and measuring viable airborne micro-organisms in real-time. Therefore (for the first time), this work also investigated the ability of the UVAPS to measure and characterise fungal spores in indoor air. The UVAPS was found to be sufficiently sensitive for detecting and measuring fungal propagules. Based on fungal spore size distributions, together with fluorescent percentages and intensities, it was also found to be capable of discriminating between two fungal spore species, under controlled laboratory conditions. In the field, however, it would not be possible to use the UVAPS to differentiate between different fungal spore species because the different micro-organisms present in the air may not only vary in age, but may have also been subjected to different environmental conditions. In addition, while the real-time UVAPS was found to be a good tool for the investigation of fungal particles under controlled conditions, it was not found to be selective for bioaerosols only (as per design specifications). In conclusion, the UVAPS is not recommended for use in the direct measurement of airborne viable bioaerosols in the field, including fungal particles, and further investigations into the nature of the micro-organisms, the UVAPS itself and/or its use in conjunction with other conventional biosamplers, are necessary in order to obtain more realistic results. Overall, the results obtained from this work on airborne fungal particle dynamics will contribute towards improving the detection capabilities of the UVAPS, so that it is capable of selectively monitoring and measuring bioaerosols, for which it was originally designed. This work will assist in finding and/or improving other technologies capable of the real-time monitoring of bioaerosols. The knowledge obtained from this work will also be of benefit in various other bioaerosol applications, such as understanding the transport of bioaerosols indoors.
