Combining human perception and geometric restrictions for automatic pedestrian detection

[EN]Automatic detection systems do not perform as well as human observers, even on simple detection tasks. A potential solution to this problem is training vision systems on appropriate regions of interests (ROIs), in contrast to training on predefined and arbitrarily selected regions. Here we focus on detecting pedestrians in static scenes. Our aim is to answer the following question: Can automatic vision systems for pedestrian detection be improved by training them on perceptually-defined ROIs?

Design and modeling of optical fibers for spatial division multiplexing using the orbital angular momentum of light

Les besoins toujours croissants en terme de transfert de données numériques poussent au développement de nouvelles technologies pour accroître la capacité des réseaux, notamment en ce qui concerne les réseaux de fibre optique. Parmi ces nouvelles technologies, le multiplexage spatial permet de multiplier la capacité des liens optiques actuels. Nous nous intéressons particulièrement à une forme de multiplexage spatial utilisant le moment cinétique orbital de la lumière comme base orthogonale pour séparer un certain nombre de canaux. Nous présentons d’abord les notions d’électromagnétisme et de physique nécessaires à la compréhension des développements ultérieurs. Les équations de Maxwell sont dérivées afin d’expliquer les modes scalaires et vectoriels de la fibre optique. Nous présentons également d’autres propriétés modales, soit la coupure des modes, et les indices de groupe et de dispersion. La notion de moment cinétique orbital est ensuite introduite, avec plus particulièrement ses applications dans le domaine des télécommunications. Dans une seconde partie, nous proposons la carte modale comme un outil pour aider au design des fibres optiques à quelques modes. Nous développons la solution vectorielle des équations de coupure des modes pour les fibres en anneau, puis nous généralisons ces équations pour tous les profils de fibres à trois couches. Enfin, nous donnons quelques exemples d’application de la carte modale. Dans la troisième partie, nous présentons des designs de fibres pour la transmission des modes avec un moment cinétique orbital. Les outils développés dans la seconde partie sont utilisés pour effectuer ces designs. Un premier design de fibre, caractérisé par un centre creux, est étudié et démontré. Puis un second design, une famille de fibres avec un profil en anneau, est étudié. Des mesures d’indice effectif et d’indice de groupe sont effectuées sur ces fibres. Les outils et les fibres développés auront permis une meilleure compréhension de la transmission dans la fibre optique des modes ayant un moment cinétique orbital. Nous espérons que ces avancements aideront à développer prochainement des systèmes de communications performants utilisant le multiplexage spatial.

Techniques en appui des formats de modulation avancés pour les futurs réseaux optiques

Les systèmes de communication optique avec des formats de modulation avancés sont actuellement l’un des sujets de recherche les plus importants dans le domaine de communication optique. Cette recherche est stimulée par les exigences pour des débits de transmission de donnée plus élevés. Dans cette thèse, on examinera les techniques efficaces pour la modulation avancée avec une détection cohérente, et multiplexage par répartition en fréquence orthogonale (OFDM) et multiples tonalités discrètes (DMT) pour la détection directe et la détection cohérente afin d’améliorer la performance de réseaux optiques. Dans la première partie, nous examinons la rétropropagation avec filtre numérique (DFBP) comme une simple technique d’atténuation de nonlinéarité d’amplificateur optique semiconducteur (SOA) dans le système de détection cohérente. Pour la première fois, nous démontrons expérimentalement l’efficacité de DFBP pour compenser les nonlinéarités générées par SOA dans un système de détection cohérente porteur unique 16-QAM. Nous comparons la performance de DFBP avec la méthode de Runge-Kutta quatrième ordre. Nous examinons la sensibilité de performance de DFBP par rapport à ses paramètres. Par la suite, nous proposons une nouvelle méthode d’estimation de paramètre pour DFBP. Finalement, nous démontrons la transmission de signaux de 16-QAM aux taux de 22 Gbaud sur 80km de fibre optique avec la technique d’estimation de paramètre proposée pour DFBP. Dans la deuxième partie, nous nous concentrons sur les techniques afin d’améliorer la performance des systèmes OFDM optiques en examinent OFDM optiques cohérente (CO-OFDM) ainsi que OFDM optiques détection directe (DDO-OFDM). Premièrement, nous proposons une combinaison de coupure et prédistorsion pour compenser les distorsions nonlinéaires d’émetteur de CO-OFDM. Nous utilisons une interpolation linéaire par morceaux (PLI) pour charactériser la nonlinéarité d’émetteur. Dans l’émetteur nous utilisons l’inverse de l’estimation de PLI pour compenser les nonlinéarités induites à l’émetteur de CO-OFDM. Deuxièmement, nous concevons des constellations irrégulières optimisées pour les systèmes DDO-OFDM courte distance en considérant deux modèles de bruit de canal. Nous démontrons expérimentalement 100Gb/s+ OFDM/DMT avec la détection directe en utilisant les constellations QAM optimisées. Dans la troisième partie, nous proposons une architecture réseaux optiques passifs (PON) avec DDO-OFDM pour la liaison descendante et CO-OFDM pour la liaison montante. Nous examinons deux scénarios pour l’allocations de fréquence et le format de modulation des signaux. Nous identifions la détérioration limitante principale du PON bidirectionnelle et offrons des solutions pour minimiser ses effets.

A survey of intrusion detection system technologies

This paper provides an overview of IDS types and how they work as well as configuration considerations and issues that affect them. Advanced methods of increasing the performance of an IDS are explored such as specification based IDS for protecting Supervisory Control And Data Acquisition (SCADA) and Cloud networks. Also by providing a review of varied studies ranging from issues in configuration and specific problems to custom techniques and cutting edge studies a reference can be provided to others interested in learning about and developing IDS solutions. Intrusion Detection is an area of much required study to provide solutions to satisfy evolving services and networks and systems that support them. This paper aims to be a reference for IDS technologies other researchers and developers interested in the field of intrusion detection.

A Mobile High Sensitivity On-field Organophosphorous Compounds Detecting System for IoT Based Food Safety Tracking

Food safety has always been a social issue that draws great public attention. With the rapid development of wireless communication technologies and intelligent devices, more and more Internet of Things (IoT) systems are applied in the food safety tracking field. However, connection between things and information system is usually established by pre-storing information of things into RFID Tag, which is inapplicable for on-field food safety detection. Therefore, considering pesticide residue is one of the severe threaten to food safety, a new portable, high-sensitivity, low-power, on-field organophosphorus (OP) compounds detection system is proposed in this thesis to realize the on-field food safety detection. The system is designed based on optical detection method by using a customized photo-detection sensor. A Micro Controller Unit (MCU) and a Bluetooth Low Energy (BLE) module are used to quantize and transmit detection result. An Android Application (APP) is also developed for the system to processing and display detection result as well as control the detection process. Besides, a quartzose sample container and black system box are also designed and made for the system demonstration. Several optimizations are made in wireless communication, circuit layout, Android APP and industrial design to realize the mobility, low power and intelligence.

'Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory'

The analysis of system calls is one method employed by anomaly detection systems to recognise malicious code execution. Similarities can be drawn between this process and the behaviour of certain cells belonging to the human immune system, and can be applied to construct an artificial immune system. A recently developed hypothesis in immunology, the Danger Theory, states that our immune system responds to the presence of intruders through sensing molecules belonging to those invaders, plus signals generated by the host indicating danger and damage. We propose the incorporation of this concept into a responsive intrusion detection system, where behavioural information of the system and running processes is combined with information regarding individual system calls.

Integrating Innate and Adaptive Immunity for Intrusion Detection

Network Intrusion Detection Systems (NIDS) monitor a net- work with the aim of discerning malicious from benign activity on that network. While a wide range of approaches have met varying levels of success, most IDS’s rely on having access to a database of known attack signatures which are written by security experts. Nowadays, in order to solve problems with false positive alerts, correlation algorithms are used to add additional structure to sequences of IDS alerts. However, such techniques are of no help in discovering novel attacks or variations of known attacks, something the human immune system (HIS) is capable of doing in its own specialised domain. This paper presents a novel immune algorithm for application to an intrusion detection problem. The goal is to discover packets containing novel variations of attacks covered by an existing signature base.

An Immune Network Intrusion Detection System Utilising Correlation Context

Network Intrusion Detection Systems (NIDS) are computer systems which monitor a network with the aim of discerning malicious from benign activity on that network. While a wide range of approaches have met varying levels of success, most IDSs rely on having access to a database of known attack signatures which are written by security experts. Nowadays, in order to solve problems with false positive alerts, correlation algorithms are used to add additional structure to sequences of IDS alerts. However, such techniques are of no help in discovering novel attacks or variations of known attacks, something the human immune system (HIS) is capable of doing in its own specialised domain. This paper presents a novel immune algorithm for application to the IDS problem. The goal is to discover packets containing novel variations of attacks covered by an existing signature base.

'Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory'

The analysis of system calls is one method employed by anomaly detection systems to recognise malicious code execution. Similarities can be drawn between this process and the behaviour of certain cells belonging to the human immune system, and can be applied to construct an artificial immune system. A recently developed hypothesis in immunology, the Danger Theory, states that our immune system responds to the presence of intruders through sensing molecules belonging to those invaders, plus signals generated by the host indicating danger and damage. We propose the incorporation of this concept into a responsive intrusion detection system, where behavioural information of the system and running processes is combined with information regarding individual system calls.

An immune inspired Network Intrusion Detection System utilising correlation

Network Intrusion Detection Systems (NIDS) are computer systems which monitor a network with the aim of discerning malicious from benign activity on that network. While a wide range of approaches have met varying levels of success, most IDSs rely on having access to a database of known attack signatures which are written by security experts. Nowadays, in order to solve problems with false positive alerts, correlation algorithms are used to add additional structure to sequences of IDS alerts. However, such techniques are of no help in discovering novel attacks or variations of known attacks, something the human immune system (HIS) is capable of doing in its own specialised domain. This paper presents a novel immune algorithm for application to the IDS problem. The goal is to discover packets containing novel variations of attacks covered by an existing signature base.

Preparation of an Immunosorbent and its use in the Solid Phase Extraction of Benzodiazepines

The use of capillary electrophoresis (CE) has been restricted to applications having high sample concentrations because of its low sensitivity caused by small injection volumes and, when ultraviolet (UV) detection is used, the short optical path length. Sensitivity in CE can be improved by using more sensitive detection systems, or by preconcentration techniques which are based on chromatographic and/or electrophoretic principles. One of the promising strategies to improve sensitivity is solid phase extraction (SPE). Solid Phase Extraction utilizes high sample volumes and a variety of complex matrixes to facilitate trace detection. To increase the specificity of the SPE a selective solid phase must be chosen. Immunosorbents, which are a combination of an antibody and a solid support, have proven to be an excellent option because of high selectivity of the antibody. This thesis is an exploratory study of the application of immunosorbent-SPE combined with CE for trace concentration of benzodiazepines. This research describes the immobilization and performance evaluation of an immunosorbent prepared by immobilizing a benzodiazepine-specific antibody on aminopropyl silica. The binding capacity of the immunosorbent, measured as µg of benzodiazepine/ gram of immunosorbent, was 39 ± 10. The long term stability of the prepared immunosorbent has been improved by capping the remaining aminopropyl groups by reaction with acetic anhydride. The capped immunosorbent retained its binding capacity after several uses.

Abstracting and correlating heterogeneous events to detect complex scenarios

The research presented in this thesis addresses inherent problems in signaturebased intrusion detection systems (IDSs) operating in heterogeneous environments. The research proposes a solution to address the difficulties associated with multistep attack scenario specification and detection for such environments. The research has focused on two distinct problems: the representation of events derived from heterogeneous sources and multi-step attack specification and detection. The first part of the research investigates the application of an event abstraction model to event logs collected from a heterogeneous environment. The event abstraction model comprises a hierarchy of events derived from different log sources such as system audit data, application logs, captured network traffic, and intrusion detection system alerts. Unlike existing event abstraction models where low-level information may be discarded during the abstraction process, the event abstraction model presented in this work preserves all low-level information as well as providing high-level information in the form of abstract events. The event abstraction model presented in this work was designed independently of any particular IDS and thus may be used by any IDS, intrusion forensic tools, or monitoring tools. The second part of the research investigates the use of unification for multi-step attack scenario specification and detection. Multi-step attack scenarios are hard to specify and detect as they often involve the correlation of events from multiple sources which may be affected by time uncertainty. The unification algorithm provides a simple and straightforward scenario matching mechanism by using variable instantiation where variables represent events as defined in the event abstraction model. The third part of the research looks into the solution to address time uncertainty. Clock synchronisation is crucial for detecting multi-step attack scenarios which involve logs from multiple hosts. Issues involving time uncertainty have been largely neglected by intrusion detection research. The system presented in this research introduces two techniques for addressing time uncertainty issues: clock skew compensation and clock drift modelling using linear regression. An off-line IDS prototype for detecting multi-step attacks has been implemented. The prototype comprises two modules: implementation of the abstract event system architecture (AESA) and of the scenario detection module. The scenario detection module implements our signature language developed based on the Python programming language syntax and the unification-based scenario detection engine. The prototype has been evaluated using a publicly available dataset of real attack traffic and event logs and a synthetic dataset. The distinct features of the public dataset are the fact that it contains multi-step attacks which involve multiple hosts with clock skew and clock drift. These features allow us to demonstrate the application and the advantages of the contributions of this research. All instances of multi-step attacks in the dataset have been correctly identified even though there exists a significant clock skew and drift in the dataset. Future work identified by this research would be to develop a refined unification algorithm suitable for processing streams of events to enable an on-line detection. In terms of time uncertainty, identified future work would be to develop mechanisms which allows automatic clock skew and clock drift identification and correction. The immediate application of the research presented in this thesis is the framework of an off-line IDS which processes events from heterogeneous sources using abstraction and which can detect multi-step attack scenarios which may involve time uncertainty.

Detecting and characterising malicious executable payloads

Buffer overflow vulnerabilities continue to prevail and the sophistication of attacks targeting these vulnerabilities is continuously increasing. As a successful attack of this type has the potential to completely compromise the integrity of the targeted host, early detection is vital. This thesis examines generic approaches for detecting executable payload attacks, without prior knowledge of the implementation of the attack, in such a way that new and previously unseen attacks are detectable. Executable payloads are analysed in detail for attacks targeting the Linux and Windows operating systems executing on an Intel IA-32 architecture. The execution flow of attack payloads are analysed and a generic model of execution is examined. A novel classification scheme for executable attack payloads is presented which allows for characterisation of executable payloads and facilitates vulnerability and threat assessments, and intrusion detection capability assessments for intrusion detection systems. An intrusion detection capability assessment may be utilised to determine whether or not a deployed system is able to detect a specific attack and to identify requirements for intrusion detection functionality for the development of new detection methods. Two novel detection methods are presented capable of detecting new and previously unseen executable attack payloads. The detection methods are capable of identifying and enumerating the executable payload’s interactions with the operating system on the targeted host at the time of compromise. The detection methods are further validated using real world data including executable payload attacks.

Bayesian methodology incorporating expert judgment for ranking countermeasure effectiveness under uncertainty: Example applied to at grade railroad crossings in Korea

This paper describes the formalization and application of a methodology to evaluate the safety benefit of countermeasures in the face of uncertainty. To illustrate the methodology, 18 countermeasures for improving safety of at grade railroad crossings (AGRXs) in the Republic of Korea are considered. Akin to “stated preference” methods in travel survey research, the methodology applies random selection and laws of large numbers to derive accident modification factor (AMF) densities from expert opinions. In a full Bayesian analysis framework, the collective opinions in the form of AMF densities (data likelihood) are combined with prior knowledge (AMF density priors) for the 18 countermeasures to obtain ‘best’ estimates of AMFs (AMF posterior credible intervals). The countermeasures are then compared and recommended based on the largest safety returns with minimum risk (uncertainty). To the author's knowledge the complete methodology is new and has not previously been applied or reported in the literature. The results demonstrate that the methodology is able to discern anticipated safety benefit differences across candidate countermeasures. For the 18 at grade railroad crossings considered in this analysis, it was found that the top three performing countermeasures for reducing crashes are in-vehicle warning systems, obstacle detection systems, and constant warning time systems.

Low cost railway level crossings

The Cooperative Research Centre (CRC) for Rail Innovation is conducting a tranche of industry-led research projects looking into safer rail level crossings. This paper will provide an overview of the Affordable Level Crossings project, a project that is performing research in both engineering and human factors aspects of low-cost level crossing warning devices (LCLCWDs), and is facilitating a comparative trial of these devices over a period of 12 months in several jurisdictions. Low-cost level crossing warning devices (LCLCWDs) are characterised by the use of alternative technologies for high cost components including train detection and connectivity (e.g. radar, acoustic, magnetic induction train detection systems and wireless connectivity replacing traditional track circuits and wiring). These devices often make use of solar power where mains power is not available, and aim to make substantial savings in lifecycle costs. The project involves trialling low-cost level crossing warning devices in shadow-mode, where devices are installed without the road-user interface at a number of existing level crossing sites that are already equipped with conventional active warning systems. It may be possible that the deployment of lower-cost devices can provide a significantly larger safety benefit over the network than a deployment of expensive conventional devices, as the lower cost would allow more passive level crossing sites to be upgraded with the same capital investment. The project will investigate reliability and safety integrity issues of the low-cost devices, as well as evaluate lifecycle costs and investigate human factors issues related to warning reliability. This paper will focus on the requirements and safety issues of LCLCWDs, and will provide an overview of the Rail CRC projects.