996 resultados para Threat detection
Resumo:
Deep Raman spectroscopy has been utilized for the standoff detection of concealed chemical threat agents from a distance of 15 meters under real life background illumination conditions. By using combined time and space resolved measurements, various explosive precursors hidden in opaque plastic containers were identified non-invasively. Our results confirm that combined time and space resolved Raman spectroscopy leads to higher selectivity towards the sub-layer over the surface layer as well as enhanced rejection of fluorescence from the container surface when compared to standoff spatially offset Raman spectroscopy. Raman spectra that have minimal interference from the packaging material and good signal-to-noise ratio were acquired within 5 seconds of measurement time. A new combined time and space resolved Raman spectrometer has been designed with nanosecond laser excitation and gated detection, making it of lower cost and complexity than picosecond-based laboratory systems.
Resumo:
The Internet of things (IoT) is still in its infancy and has attracted much interest in many industrial sectors including medical fields, logistics tracking, smart cities and automobiles. However, as a paradigm, it is susceptible to a range of significant intrusion threats. This paper presents a threat analysis of the IoT and uses an Artificial Neural Network (ANN) to combat these threats. A multi-level perceptron, a type of supervised ANN, is trained using internet packet traces, then is assessed on its ability to thwart Distributed Denial of Service (DDoS/DoS) attacks. This paper focuses on the classification of normal and threat patterns on an IoT Network. The ANN procedure is validated against a simulated IoT network. The experimental results demonstrate 99.4% accuracy and can successfully detect various DDoS/DoS attacks.
Resumo:
Despite all attempts to prevent fraud, it continues to be a major threat to industry and government. Traditionally, organizations have focused on fraud prevention rather than detection, to combat fraud. In this paper we present a role mining inspired approach to represent user behaviour in Enterprise Resource Planning (ERP) systems, primarily aimed at detecting opportunities to commit fraud or potentially suspicious activities. We have adapted an approach which uses set theory to create transaction profiles based on analysis of user activity records. Based on these transaction profiles, we propose a set of (1) anomaly types to detect potentially suspicious user behaviour, and (2) scenarios to identify inadequate segregation of duties in an ERP environment. In addition, we present two algorithms to construct a directed acyclic graph to represent relationships between transaction profiles. Experiments were conducted using a real dataset obtained from a teaching environment and a demonstration dataset, both using SAP R/3, presently the predominant ERP system. The results of this empirical research demonstrate the effectiveness of the proposed approach.
Resumo:
High-rate flooding attacks (aka Distributed Denial of Service or DDoS attacks) continue to constitute a pernicious threat within the Internet domain. In this work we demonstrate how using packet source IP addresses coupled with a change-point analysis of the rate of arrival of new IP addresses may be sufficient to detect the onset of a high-rate flooding attack. Importantly, minimizing the number of features to be examined, directly addresses the issue of scalability of the detection process to higher network speeds. Using a proof of concept implementation we have shown how pre-onset IP addresses can be efficiently represented using a bit vector and used to modify a “white list” filter in a firewall as part of the mitigation strategy.
Resumo:
Video surveillance technology, based on Closed Circuit Television (CCTV) cameras, is one of the fastest growing markets in the field of security technologies. However, the existing video surveillance systems are still not at a stage where they can be used for crime prevention. The systems rely heavily on human observers and are therefore limited by factors such as fatigue and monitoring capabilities over long periods of time. To overcome this limitation, it is necessary to have “intelligent” processes which are able to highlight the salient data and filter out normal conditions that do not pose a threat to security. In order to create such intelligent systems, an understanding of human behaviour, specifically, suspicious behaviour is required. One of the challenges in achieving this is that human behaviour can only be understood correctly in the context in which it appears. Although context has been exploited in the general computer vision domain, it has not been widely used in the automatic suspicious behaviour detection domain. So, it is essential that context has to be formulated, stored and used by the system in order to understand human behaviour. Finally, since surveillance systems could be modeled as largescale data stream systems, it is difficult to have a complete knowledge base. In this case, the systems need to not only continuously update their knowledge but also be able to retrieve the extracted information which is related to the given context. To address these issues, a context-based approach for detecting suspicious behaviour is proposed. In this approach, contextual information is exploited in order to make a better detection. The proposed approach utilises a data stream clustering algorithm in order to discover the behaviour classes and their frequency of occurrences from the incoming behaviour instances. Contextual information is then used in addition to the above information to detect suspicious behaviour. The proposed approach is able to detect observed, unobserved and contextual suspicious behaviour. Two case studies using video feeds taken from CAVIAR dataset and Z-block building, Queensland University of Technology are presented in order to test the proposed approach. From these experiments, it is shown that by using information about context, the proposed system is able to make a more accurate detection, especially those behaviours which are only suspicious in some contexts while being normal in the others. Moreover, this information give critical feedback to the system designers to refine the system. Finally, the proposed modified Clustream algorithm enables the system to both continuously update the system’s knowledge and to effectively retrieve the information learned in a given context. The outcomes from this research are: (a) A context-based framework for automatic detecting suspicious behaviour which can be used by an intelligent video surveillance in making decisions; (b) A modified Clustream data stream clustering algorithm which continuously updates the system knowledge and is able to retrieve contextually related information effectively; and (c) An update-describe approach which extends the capability of the existing human local motion features called interest points based features to the data stream environment.
Resumo:
Generally wireless sensor networks rely of many-to-one communication approach for data gathering. This approach is extremely susceptible to sinkhole attack, where an intruder attracts surrounding nodes with unfaithful routing information, and subsequently presents selective forwarding or change the data that carry through it. A sinkhole attack causes an important threat to sensor networks and it should be considered that the sensor nodes are mostly spread out in open areas and of weak computation and battery power. In order to detect the intruder in a sinkhole attack this paper suggests an algorithm which firstly finds a group of suspected nodes by analyzing the consistency of data. Then, the intruder is recognized efficiently in the group by checking the network flow information. The proposed algorithm's performance has been evaluated by using numerical analysis and simulations. Therefore, accuracy and efficiency of algorithm would be verified.
Resumo:
Detection and prevention of global network satellite system (GNSS) “spoofing” attacks, or the broadcast of false global navigation satellite system services, has recently attracted much research interest. This survey aims to fill three gaps in the literature: first, to assess in detail the exact nature of threat scenarios posed by spoofing against the most commonly cited targets; second, to investigate the many practical impediments, often underplayed, to carrying out GNSS spoofing attacks in the field; and third, to survey and assess the effectiveness of a wide range of proposed defences against GNSS spoofing. Our conclusion lists promising areas of future research.
Resumo:
Fossil fuel power generation and other industrial emissions of carbon dioxide are a threat to global climate1, yet many economies will remain reliant on these technologies for several decades2. Carbon dioxide capture and storage (CCS) in deep geological formations provides an effective option to remove these emissions from the climate system3. In many regions storage reservoirs are located offshore4, 5, over a kilometre or more below societally important shelf seas6. Therefore, concerns about the possibility of leakage7, 8 and potential environmental impacts, along with economics, have contributed to delaying development of operational CCS. Here we investigate the detectability and environmental impact of leakage from a controlled sub-seabed release of CO2. We show that the biological impact and footprint of this small leak analogue (<1 tonne CO2 d−1) is confined to a few tens of metres. Migration of CO2 through the shallow seabed is influenced by near-surface sediment structure, and by dissolution and re-precipitation of calcium carbonate naturally present in sediments. Results reported here advance the understanding of environmental sensitivity to leakage and identify appropriate monitoring strategies for full-scale carbon storage operations.
Resumo:
Fossil fuel power generation and other industrial emissions of carbon dioxide are a threat to global climate1, yet many economies will remain reliant on these technologies for several decades2. Carbon dioxide capture and storage (CCS) in deep geological formations provides an effective option to remove these emissions from the climate system3. In many regions storage reservoirs are located offshore4, 5, over a kilometre or more below societally important shelf seas6. Therefore, concerns about the possibility of leakage7, 8 and potential environmental impacts, along with economics, have contributed to delaying development of operational CCS. Here we investigate the detectability and environmental impact of leakage from a controlled sub-seabed release of CO2. We show that the biological impact and footprint of this small leak analogue (<1 tonne CO2 d−1) is confined to a few tens of metres. Migration of CO2 through the shallow seabed is influenced by near-surface sediment structure, and by dissolution and re-precipitation of calcium carbonate naturally present in sediments. Results reported here advance the understanding of environmental sensitivity to leakage and identify appropriate monitoring strategies for full-scale carbon storage operations.
Resumo:
Saxitoxin and its analogs, the causative agents of paralytic shellfish poisoning (PSP), are a worldwide threat to seafood safety. Effective monitoring of potentially contaminated fishing areas as well as screening of seafood samples is necessary to adequately protect the public. While many analytical methods exist for detecting paralytic shellfish toxins (PSTs), each technique has challenges associated with routine use. One recently developed method [1] that overcomes ethical or performance-related issues of other techniques is the surface plasmon resonance (SPR) bioassay. Notwithstanding the advantages of this method, much research remains in optimizing the sensor substrate and assay conditions to create a robust technique for rapid and sensitive measurement of PSTs. This manuscript describes a more rigorous and stable SPR inhibition immunoassay through optimization of the surface chemistry as well as determination of optimum mixture ratios and mixing times. The final system provides rapid substrate formation (18 h saxitoxin conjugation with low reagent consumption), contains a reference channel for each assay, and is capable of triplicate measurements in a single run with detection limits well below the regulatory action level. Published by Elsevier B.V.
Resumo:
Paralytic shellfish poisoning is a toxic syndrome described in humans following the ingestion of seafood contaminated with saxitoxin and/or its derivatives. The presence of these toxins in shellfish is considered an important health threat and their levels in seafood destined to human consumption are regulated in many countries, as well as the levels of other chemically unrelated toxins. We studied the feasibility of immunodetection of saxitoxin and its analogs using a solid-phase microsphere assay coupled to flow cytometry detection in a Luminex 200 system. The technique consists of a competition assay where the toxins in solution compete with bead-bound saxitoxin for binding to an antigonyautoxin 2/3 monoclonal antibody (GT-13A). The assay allowed the detection of saxitoxin both in buffer and mussel extracts in the range of 2.2-19.7 ng/mL (IC(20)-IC(80)). Moreover, the assay cross-reactivity with other toxins of the group is similar to previously published immunoassays, with adequate detection of most analogs except N-1 hydroxy analogs. The recovery rate of the assay for saxitoxin was close to 100%. This microsphere-based immunoassay is suitable to be used as a screening method, detecting saxitoxin from 260 to 2360 µg/kg. This microsphere/flow cytometry system provided similar sensitivities to previously published immunoassays and provides a solid background for the development of easy, flexible multiplexing of toxin detection in one sample.
Resumo:
The IDS (Intrusion Detection System) is a common means of protecting networked systems from attack or malicious misuse. The development and rollout of an IDS can take many different forms in terms of equipment, protocols, connectivity, cost and automation. This is particularly true of WIDS (Wireless Intrusion Detection Systems) which have many more opportunities and challenges associated with data transmission through an open, shared medium.
The operation of a WIDS is a multistep process from origination of an attack through to human readable evaluation. Attention to the performance of each of the processes in the chain from attack detection to evaluation is imperative if an optimum solution is to be sought. At present, research focuses very much on each discrete aspect of a WIDS with little consideration to the operation of the whole system. Taking a holistic view of the technology shows the interconnectivity and inter-dependence between stages, leading to improvements and novel research areas for investigation.
This chapter will outline the general structure of Wireless Intrusion Detection Systems and briefly describe the functions of each development stage, categorised into the following 6 areas:
• Threat Identification,
• Architecture,
• Data Collection,
• Intrusion Detection,
• Alert Correlation,
• Evaluation.
These topics will be considered in broad terms designed for those new to the area. Focus will be placed on ensuring the readers are aware of the impact of choices made at early stages in WIDS development on future stages.
Resumo:
In this paper, we report a coupling of fluorophore-DNA barcode and bead-based
immunoassay for the detection of Avian Influenza Virus (AIV), a potential pandemic threat for human health and enormous economic losses. The detection strategy is based on the use of sandwich immunoassay and fluorophore-tagged oligonucleotides as representatively fluorescent barcodes. Despite its simplicity the assay has sensitivity comparable to RT-PCR amplification, and possesses a great potential as a rapid and sensitive on-chip detection format.
Resumo:
The presence of paralytic shellfish poisoning (PSP), diarrheic shellfish poisoning (DSP) and amnesic shellfish poisoning (ASP) toxins in seafood is a severe and growing threat to human health. In order to minimize the risks of human exposure, the maximum content of these toxins in seafood has been limited by legal regulations worldwide. The regulated limits are established in equivalents of the main representatives of the groups: saxitoxin (STX), okadaic acid (OA) and domoic acid (DA), for PSP, DSP and ASP, respectively. In this study a multi-detection method to screen shellfish samples for the presence of these toxins simultaneously was developed. Multiplexing was achieved using a solid-phase microsphere assay coupled to flow-fluorimetry detection, based on the Luminex xMap technology. The multi-detection method consists of three simultaneous competition immunoassays. Free toxins in solution compete with STX, OA or DA immobilized on the surface of three different classes of microspheres for binding to specific monoclonal antibodies. The IC50 obtained in buffer was similar in single- and multi-detection: 5.6 ± 1.1 ng/mL for STX, 1.1 ± 0.03 ng/mL for OA and 1.9 ± 0.1 ng/mL for DA. The sample preparation protocol was optimized for the simultaneous extraction of STX, OA and DA with a mixture of methanol and acetate buffer. The three immunoassays performed well with mussel and scallop matrixes displaying adequate dynamic ranges and recovery rates (around 90 % for STX, 80 % for OA and 100 % for DA). This microsphere-based multi-detection immunoassay provides an easy and rapid screening method capable of detecting simultaneously in the same sample three regulated groups of marine toxins.
