29 resultados para Network anomaly detection
em Repositório Institucional UNESP - Universidade Estadual Paulista "Julio de Mesquita Filho"
Resumo:
The computers and network services became presence guaranteed in several places. These characteristics resulted in the growth of illicit events and therefore the computers and networks security has become an essential point in any computing environment. Many methodologies were created to identify these events; however, with increasing of users and services on the Internet, many difficulties are found in trying to monitor a large network environment. This paper proposes a methodology for events detection in large-scale networks. The proposal approaches the anomaly detection using the NetFlow protocol, statistical methods and monitoring the environment in a best time for the application. © 2010 Springer-Verlag Berlin Heidelberg.
Resumo:
Recently, considerable research work have been conducted towards finding fast and accurate pattern classifiers for training Intrusion Detection Systems (IDSs). This paper proposes using the so called Fuzzy ARTMAT classifier to detect intrusions in computer network. Our investigation shows, through simulations, how efficient such a classifier can be when used as the learning mechanism of a typical IDS. The promising evaluation results in terms of both detection accuracy and training duration indicate that the Fuzzy ARTMAP is indeed viable for this sort of application.
Resumo:
Concept drift, which refers to non stationary learning problems over time, has increasing importance in machine learning and data mining. Many concept drift applications require fast response, which means an algorithm must always be (re)trained with the latest available data. But the process of data labeling is usually expensive and/or time consuming when compared to acquisition of unlabeled data, thus usually only a small fraction of the incoming data may be effectively labeled. Semi-supervised learning methods may help in this scenario, as they use both labeled and unlabeled data in the training process. However, most of them are based on assumptions that the data is static. Therefore, semi-supervised learning with concept drifts is still an open challenging task in machine learning. Recently, a particle competition and cooperation approach has been developed to realize graph-based semi-supervised learning from static data. We have extend that approach to handle data streams and concept drift. The result is a passive algorithm which uses a single classifier approach, naturally adapted to concept changes without any explicit drift detection mechanism. It has built-in mechanisms that provide a natural way of learning from new data, gradually "forgetting" older knowledge as older data items are no longer useful for the classification of newer data items. The proposed algorithm is applied to the KDD Cup 1999 Data of network intrusion, showing its effectiveness.
Resumo:
Coordenação de Aperfeiçoamento de Pessoal de Nível Superior (CAPES)
Resumo:
Coordenação de Aperfeiçoamento de Pessoal de Nível Superior (CAPES)
Resumo:
Fundação de Amparo à Pesquisa do Estado de São Paulo (FAPESP)
Resumo:
Coordenação de Aperfeiçoamento de Pessoal de Nível Superior (CAPES)
Resumo:
Pós-graduação em Ciências Cartográficas - FCT
Resumo:
In this paper we deal with the problem of boosting the Optimum-Path Forest (OPF) clustering approach using evolutionary-based optimization techniques. As the OPF classifier performs an exhaustive search to find out the size of sample's neighborhood that allows it to reach the minimum graph cut as a quality measure, we compared several optimization techniques that can obtain close graph cut values to the ones obtained by brute force. Experiments in two public datasets in the context of unsupervised network intrusion detection have showed the evolutionary optimization techniques can find suitable values for the neighborhood faster than the exhaustive search. Additionally, we have showed that it is not necessary to employ many agents for such task, since the neighborhood size is defined by discrete values, with constrain the set of possible solution to a few ones.
Resumo:
Esse trabalho tem por objetivo o desenvolvimento de um sistema inteligente para detecção da queima no processo de retificação tangencial plana através da utilização de uma rede neural perceptron multi camadas, treinada para generalizar o processo e, conseqüentemente, obter o limiar de queima. em geral, a ocorrência da queima no processo de retificação pode ser detectada pelos parâmetros DPO e FKS. Porém esses parâmetros não são eficientes nas condições de usinagem usadas nesse trabalho. Os sinais de emissão acústica e potência elétrica do motor de acionamento do rebolo são variáveis de entrada e a variável de saída é a ocorrência da queima. No trabalho experimental, foram empregados um tipo de aço (ABNT 1045 temperado) e um tipo de rebolo denominado TARGA, modelo ART 3TG80.3 NVHB.
Resumo:
Fundação de Amparo à Pesquisa do Estado de São Paulo (FAPESP)
Resumo:
This work studies the capability of generalization of Neural Network using vibration based measurement data aiming at operating condition and health monitoring of mechanical systems. The procedure uses the backpropagation algorithm to classify the input patters of a system with different stiffness ratios. It has been investigated a large set of input data, containing various stiffness ratios as well as a reduced set containing only the extreme ones in order to study generalizing capability of the network. This allows to definition of Neural Networks capable to use a reduced set of data during the training phase. Once it is successfully trained, it could identify intermediate failure condition. Several conditions and intensities of damages have been studied by using numerical data. The Neural Network demonstrated a good capacity of generalization for all case. Finally, the proposal was tested with experimental data.
Resumo:
This paper describes lightning characteristics as obtained in four sets of lightning measurements during recent field campaigns in different parts of the world from mid-latitudes to the tropics by the novel VLF/LF (very low frequency/low frequency) lightning detection network (LINET). The paper gives a general overview on the approach, and a synopsis of the statistical results for the observation periods as a whole and for one special day in each region. The focus is on the characteristics of lightning which can specifically be observed by this system like intra-cloud and cloud-to-ground stroke statistics, vertical distributions of intra-cloud strokes or peak current distributions. Some conclusions regarding lightning produced NOx are also presented as this was one of the aims of the tropical field campaigns TROCCINOX (Tropical Convection, Cirrus and Nitrogen Oxides Experiment) and TroCCiBras (Tropical Convection and Cirrus Experiment Brazil) in Brazil during January/February 2005, SCOUT-O3 (Stratospheric-Climate Links with Emphasis on the Upper Troposphere and Lower Stratosphere) and TWP-ICE (Tropical Warm Pool-International Cloud Experiment) during November/December 2005 and January/February 2006, respectively, in the Darwin area in N-Australia, and of AMMA (African Monsoon Multidisciplinary Analyses) in W-Africa during June-November 2006.
Resumo:
In this article, an implementation of structural health monitoring process automation based on vibration measurements is proposed. The work presents an alternative approach which intent is to exploit the capability of model updating techniques associated to neural networks to be used in a process of automation of fault detection. The updating procedure supplies a reliable model which permits to simulate any damage condition in order to establish direct correlation between faults and deviation in the response of the model. The ability of the neural networks to recognize, at known signature, changes in the actual data of a model in real time are explored to investigate changes of the actual operation conditions of the system. The learning of the network is performed using a compressed spectrum signal created for each specific type of fault. Different fault conditions for a frame structure are evaluated using simulated data as well as measured experimental data.
Resumo:
An artificial neural network (ANN) approach is proposed for the detection of workpiece `burn', the undesirable change in metallurgical properties of the material produced by overly aggressive or otherwise inappropriate grinding. The grinding acoustic emission (AE) signals for 52100 bearing steel were collected and digested to extract feature vectors that appear to be suitable for ANN processing. Two feature vectors are represented: one concerning band power, kurtosis and skew; and the other autoregressive (AR) coefficients. The result (burn or no-burn) of the signals was identified on the basis of hardness and profile tests after grinding. The trained neural network works remarkably well for burn detection. Other signal-processing approaches are also discussed, and among them the constant false-alarm rate (CFAR) power law and the mean-value deviance (MVD) prove useful.
