831 resultados para network-based intrusion detection system


Relevância:

100.00% 100.00%

Publicador:

Resumo:

Building energy meter network, based on per-appliance monitoring system, willbe an important part of the Advanced Metering Infrastructure. Two key issues exist for designing such networks. One is the network structure to be used. The other is the implementation of the network structure on a large amount of small low power devices, and the maintenance of high quality communication when the devices have electric connection with high voltage AC line. The recent advancement of low-power wireless communication makes itself the right candidate for house and building energy network. Among all kinds of wireless solutions, the low speed but highly reliable 802.15.4 radio has been chosen in this design. While many network-layer solutions have been provided on top of 802.15.4, an IPv6 based method is used in this design. 6LOWPAN is the particular protocol which adapts IP on low power personal network radio. In order to extend the network into building area without, a specific network layer routing mechanism-RPL, is included in this design. The fundamental unit of the building energy monitoring system is a smart wall plug. It is consisted of an electricity energy meter, a RF communication module and a low power CPU. The real challenge for designing such a device is its network firmware. In this design, IPv6 is implemented through Contiki operation system. Customize hardware driver and meter application program have been developed on top of the Contiki OS. Some experiments have been done, in order to prove the network ability of this system.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

File system security is fundamental to the security of UNIX and Linux systems since in these systems almost everything is in the form of a file. To protect the system files and other sensitive user files from unauthorized accesses, certain security schemes are chosen and used by different organizations in their computer systems. A file system security model provides a formal description of a protection system. Each security model is associated with specified security policies which focus on one or more of the security principles: confidentiality, integrity and availability. The security policy is not only about “who” can access an object, but also about “how” a subject can access an object. To enforce the security policies, each access request is checked against the specified policies to decide whether it is allowed or rejected. The current protection schemes in UNIX/Linux systems focus on the access control. Besides the basic access control scheme of the system itself, which includes permission bits, setuid and seteuid mechanism and the root, there are other protection models, such as Capabilities, Domain Type Enforcement (DTE) and Role-Based Access Control (RBAC), supported and used in certain organizations. These models protect the confidentiality of the data directly. The integrity of the data is protected indirectly by only allowing trusted users to operate on the objects. The access control decisions of these models depend on either the identity of the user or the attributes of the process the user can execute, and the attributes of the objects. Adoption of these sophisticated models has been slow; this is likely due to the enormous complexity of specifying controls over a large file system and the need for system administrators to learn a new paradigm for file protection. We propose a new security model: file system firewall. It is an adoption of the familiar network firewall protection model, used to control the data that flows between networked computers, toward file system protection. This model can support decisions of access control based on any system generated attributes about the access requests, e.g., time of day. The access control decisions are not on one entity, such as the account in traditional discretionary access control or the domain name in DTE. In file system firewall, the access decisions are made upon situations on multiple entities. A situation is programmable with predicates on the attributes of subject, object and the system. File system firewall specifies the appropriate actions on these situations. We implemented the prototype of file system firewall on SUSE Linux. Preliminary results of performance tests on the prototype indicate that the runtime overhead is acceptable. We compared file system firewall with TE in SELinux to show that firewall model can accommodate many other access control models. Finally, we show the ease of use of firewall model. When firewall system is restricted to specified part of the system, all the other resources are not affected. This enables a relatively smooth adoption. This fact and that it is a familiar model to system administrators will facilitate adoption and correct use. The user study we conducted on traditional UNIX access control, SELinux and file system firewall confirmed that. The beginner users found it easier to use and faster to learn then traditional UNIX access control scheme and SELinux.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

AIMS: Bacillus anthracis strains of various origins were analysed with the view to describe intrinsic and persistent structural components of the Bacillus collagen-like protein of anthracis glycoprotein associated anthrose containing tetrasaccharide in the exosporium. METHODS AND RESULTS: The tetrasaccharide consists of three rhamnose residues and an unique monosaccharide--anthrose. As anthrose was not found in spores of related strains of bacteria, we envisioned the detection of B. anthracis spores based on antibodies against anthrose-containing polysaccharides. Carbohydrate-protein conjugates containing the synthetic tetrasaccharide, an anthrose-rhamnose disaccharide or anthrose alone were employed to immunize mice. All three formulations were immunogenic and elicited IgG responses with different fine specificities. All sera and monoclonal antibodies derived from tetrasaccharide immunized mice cross-reacted not only with spore lysates of a panel of virulent B. anthracis strains, but also with some of the B. cereus strains tested. CONCLUSIONS: Our results demonstrate that antibodies to synthetic carbohydrates are useful tools for epitope analyses of complex carbohydrate antigens and for the detection of particular target structures in biological specimens. SIGNIFICANCE AND IMPACT OF THE STUDY: Although not strictly specific for B. anthracis spores, antibodies against the tetrasaccharide may have potential as immuno-capturing components for a highly sensitive spore detection system.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

High-throughput assays, such as yeast two-hybrid system, have generated a huge amount of protein-protein interaction (PPI) data in the past decade. This tremendously increases the need for developing reliable methods to systematically and automatically suggest protein functions and relationships between them. With the available PPI data, it is now possible to study the functions and relationships in the context of a large-scale network. To data, several network-based schemes have been provided to effectively annotate protein functions on a large scale. However, due to those inherent noises in high-throughput data generation, new methods and algorithms should be developed to increase the reliability of functional annotations. Previous work in a yeast PPI network (Samanta and Liang, 2003) has shown that the local connection topology, particularly for two proteins sharing an unusually large number of neighbors, can predict functional associations between proteins, and hence suggest their functions. One advantage of the work is that their algorithm is not sensitive to noises (false positives) in high-throughput PPI data. In this study, we improved their prediction scheme by developing a new algorithm and new methods which we applied on a human PPI network to make a genome-wide functional inference. We used the new algorithm to measure and reduce the influence of hub proteins on detecting functionally associated proteins. We used the annotations of the Gene Ontology (GO) and the Kyoto Encyclopedia of Genes and Genomes (KEGG) as independent and unbiased benchmarks to evaluate our algorithms and methods within the human PPI network. We showed that, compared with the previous work from Samanta and Liang, our algorithm and methods developed in this study improved the overall quality of functional inferences for human proteins. By applying the algorithms to the human PPI network, we obtained 4,233 significant functional associations among 1,754 proteins. Further comparisons of their KEGG and GO annotations allowed us to assign 466 KEGG pathway annotations to 274 proteins and 123 GO annotations to 114 proteins with estimated false discovery rates of <21% for KEGG and <30% for GO. We clustered 1,729 proteins by their functional associations and made pathway analysis to identify several subclusters that are highly enriched in certain signaling pathways. Particularly, we performed a detailed analysis on a subcluster enriched in the transforming growth factor β signaling pathway (P<10-50) which is important in cell proliferation and tumorigenesis. Analysis of another four subclusters also suggested potential new players in six signaling pathways worthy of further experimental investigations. Our study gives clear insight into the common neighbor-based prediction scheme and provides a reliable method for large-scale functional annotations in this post-genomic era.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

Background Atrial fibrillation (AF) is common and may have severe consequences. Continuous long-term electrocardiogram (ECG) is widely used for AF screening. Recently, commercial ECG analysis software was launched, which automatically detects AF in long-term ECGs. It has been claimed that such tools offer reliable AF screening and save time for ECG analysis. However, this has not been investigated in a real-life patient cohort. Objective To investigate the performance of automatic software-based screening for AF in long-term ECGs. Methods Two independent physicians manually screened 22,601 hours of continuous long-term ECGs from 150 patients for AF. Presence, number, and duration of AF episodes were registered. Subsequently, the recordings were screened for AF by an established ECG analysis software (Pathfinder SL), and its performance was validated against the thorough manual analysis (gold standard). Results Sensitivity and specificity for AF detection was 98.5% (95% confidence interval 91.72%–99.96%) and 80.21% (95% confidence interval 70.83%–87.64%), respectively. Software-based AF detection was inferior to manual analysis by physicians (P < .0001). Median AF duration was underestimated (19.4 hours vs 22.1 hours; P < .001) and median number of AF episodes was overestimated (32 episodes vs 2 episodes; P < .001) by the software. In comparison to extensive quantitative manual ECG analysis, software-based analysis saved time (2 minutes vs 19 minutes; P < .001). Conclusion Owing to its high sensitivity and ability to save time, software-based ECG analysis may be used as a screening tool for AF. An additional manual confirmatory analysis may be required to reduce the number of false-positive findings.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

Indoor localization systems become more interesting for researchers because of the attractiveness of business cases in various application fields. A WiFi-based passive localization system can provide user location information to third-party providers of positioning services. However, indoor localization techniques are prone to multipath and Non-Line Of Sight (NLOS) propagation, which lead to significant performance degradation. To overcome these problems, we provide a passive localization system for WiFi targets with several improved algorithms for localization. Through Software Defined Radio (SDR) techniques, we extract Channel Impulse Response (CIR) information at the physical layer. CIR is later adopted to mitigate the multipath fading problem. We propose to use a Nonlinear Regression (NLR) method to relate the filtered power information to propagation distances, which significantly improves the ranging accuracy compared to the commonly used log-distance path loss model. To mitigate the influence of ranging errors, a new trilateration algorithm is designed as well by combining Weighted Centroid and Constrained Weighted Least Square (WC-CWLS) algorithms. Experiment results show that our algorithm is robust against ranging errors and outperforms the linear least square algorithm and weighted centroid algorithm.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

MAX dimerization protein 1 (MAD1) is a basic-helix-loop-helix transcription factors that recruits transcription repressor such as HDAC to suppress target genes transcription. It antagonizes to MYC because the promoter binding sites for MYC are usually also serve as the binding sites for MAD1 so they compete for it. However, the mechanism of the switch between MYC and MAD1 in turning on and off of genes' transcription is obscure. In this study, we demonstrated that AKT-mediated MAD1 phosphorylation inhibits MAD1 transcription repression function. The association between MAD1 and its target genes' promoter is reduced after been phosphorylated by AKT; therefore, consequently, allows MYC to occupy the binding site and activates transcription. Mutation of such phosphorylation site abrogates the inhibition from AKT. In addition, functional assays demonstrated that AKT suppressed MAD1-mediated transcription repression of its target genes hTERT and ODC. Cell cycle and cell growth were also been released from inhibition by MAD1 in the presents of AKT. Taken together, our study suggests that MAD1 is a novel substrate of AKT and AKT-mediated MAD1 phosphorylation inhibits MAD1function; therefore, activates MAD1 target genes expression. ^ Furthermore, analysis of protein-protein interaction is indispensable for current molecular biology research, but multiplex protein dynamics in cells is too complicated to be analyzed by using existing biochemical methods. To overcome the disadvantage, we have developed a single molecule level detection system with nanofluidic chip. Single molecule was analyzed based on their fluorescent profile and their profiles were plotted into 2 dimensional time co-incident photon burst diagram (2DTP). From this 2DTP, protein complexes were characterized. These results demonstrate that the nanochannel protein detection system is a promising tool for future molecular biology. ^

Relevância:

100.00% 100.00%

Publicador:

Resumo:

This paper discusses the issue of upgrading industrial clusters from the perspective of external linkages. It is taken for granted that in most developing countries, due to the limited domestic market and poor traditional commercial networks, industrial clusters are able to upgrade only when they are involved in global value chains. However, the rise of China’s industrial clusters challenges this view. Historically, China has had a lot of industrial clusters with their own traditional commercial networks. This fact combined with its huge population resulted in the formation of a unique external linage to China’s industrial clusters after the socialist planning period ended. In concrete terms, since the 1980s, a traditional commercial institution . the transaction market . began to appear in most clusters. These markets within the clusters get connected to those in the cities due to interaction between traditional merchants and local governments. This has resulted in the formation of a powerful market network-based distribution system which has played a crucial role for China’s industrial clusters in responding to exploding domestic demand. This paper explains these features in detail, using Yiwu China Commodity City as a case study.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

A small Positron Emission Tomography demonstrator based on LYSO slabs and Silicon Photomultiplier matrices is under construction at the University and INFN of Pisa. In this paper we present the characterization results of the read-out electronics and of the detection system. Two SiPM matrices, composed by 8 × 8 SiPM pixels, 1.5 mm pitch, have been coupled one to one to a LYSO crystals array. Custom Front-End ASICs were used to read the 64 channels of each matrix. Data from each Front-End were multiplexed and sent to a DAQ board for the digital conversion; a motherboard collects the data and communicates with a host computer through a USB port. Specific tests were carried out on the system in order to assess its performance. Futhermore we have measured some of the most important parameters of the system for PET application.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

This paper describes a stress detection system based on fuzzy logic and two physiological signals: Galvanic Skin Response and Heart Rate. Instead of providing a global stress classification, this approach creates an individual stress templates, gathering the behaviour of individuals under situations with different degrees of stress. The proposed method is able to detect stress properly with a rate of 99.5%, being evaluated with a database of 80 individuals. This result improves former approaches in the literature and well-known machine learning techniques like SVM, k-NN, GMM and Linear Discriminant Analysis. Finally, the proposed method is highly suitable for real-time applications

Relevância:

100.00% 100.00%

Publicador:

Resumo:

This paper proposes a stress detection system based on fuzzy logic and the physiological signals heart rate and galvanic skin response. The main contribution of this method relies on the creation of a stress template, collecting the behaviour of previous signals under situations with a different level of stress in each individual. The creation of this template provides an accuracy of 99.5% in stress detection, improving the results obtained by current pattern recognition techniques like GMM, k-NN, SVM or Fisher Linear Discriminant. In addition, this system can be embedded in security systems to detect critical situations in accesses as cross-border control. Furthermore, its applications can be extended to other fields as vehicle driver state-of-mind management, medicine or sport training.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

Actualmente la detección del rostro humano es un tema difícil debido a varios parámetros implicados. Llega a ser de interés cada vez mayor en diversos campos de aplicaciones como en la identificación personal, la interface hombre-máquina, etc. La mayoría de las imágenes del rostro contienen un fondo que se debe eliminar/discriminar para poder así detectar el rostro humano. Así, este proyecto trata el diseño y la implementación de un sistema de detección facial humana, como el primer paso en el proceso, dejando abierto el camino, para en un posible futuro, ampliar este proyecto al siguiente paso, que sería, el Reconocimiento Facial, tema que no trataremos aquí. En la literatura científica, uno de los trabajos más importantes de detección de rostros en tiempo real es el algoritmo de Viola and Jones, que ha sido tras su uso y con las librerías de Open CV, el algoritmo elegido para el desarrollo de este proyecto. A continuación explicaré un breve resumen sobre el funcionamiento de mi aplicación. Mi aplicación puede capturar video en tiempo real y reconocer el rostro que la Webcam captura frente al resto de objetos que se pueden visualizar a través de ella. Para saber que el rostro es detectado, éste es recuadrado en su totalidad y seguido si este mueve. A su vez, si el usuario lo desea, puede guardar la imagen que la cámara esté mostrando, pudiéndola almacenar en cualquier directorio del PC. Además, incluí la opción de poder detectar el rostro humano sobre una imagen fija, cualquiera que tengamos guardada en nuestro PC, siendo mostradas el número de caras detectadas y pudiendo visualizarlas sucesivamente cuantas veces queramos. Para todo ello como bien he mencionado antes, el algoritmo usado para la detección facial es el de Viola and Jones. Este algoritmo se basa en el escaneo de toda la superficie de la imagen en busca del rostro humano, para ello, primero la imagen se transforma a escala de grises y luego se analiza dicha imagen, mostrando como resultado el rostro encuadrado. ABSTRACT Currently the detection of human face is a difficult issue due to various parameters involved. Becomes of increasing interest in various fields of applications such as personal identification, the man-machine interface, etc. Most of the face images contain a fund to be removed / discriminate in order to detect the human face. Thus, this project is the design and implementation of a human face detection system, as the first step in the process, leaving the way open for a possible future, extend this project to the next step would be, Facial Recognition , a topic not covered here. In the literature, one of the most important face detection in real time is the algorithm of Viola and Jones, who has been after use with Open CV libraries, the algorithm chosen for the development of this project. I will explain a brief summary of the performance of my application. My application can capture video in real time and recognize the face that the Webcam Capture compared to other objects that can be viewed through it. To know that the face is detected, it is fully boxed and followed if this move. In turn, if the user may want to save the image that the camera is showing, could store in any directory on your PC. I also included the option to detect the human face on a still image, whatever we have stored in your PC, being shown the number of faces detected and can view them on more times. For all as well I mentioned before, the algorithm used for face detection is that of Viola and Jones. This algorithm is based on scanning the entire surface of the image for the human face, for this, first the image is converted to gray-scale and then analyzed the image, showing results in the face framed.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

Multi-dimensional Bayesian network classifiers (MBCs) are probabilistic graphical models recently proposed to deal with multi-dimensional classification problems, where each instance in the data set has to be assigned to more than one class variable. In this paper, we propose a Markov blanket-based approach for learning MBCs from data. Basically, it consists of determining the Markov blanket around each class variable using the HITON algorithm, then specifying the directionality over the MBC subgraphs. Our approach is applied to the prediction problem of the European Quality of Life-5 Dimensions (EQ-5D) from the 39-item Parkinson’s Disease Questionnaire (PDQ-39) in order to estimate the health-related quality of life of Parkinson’s patients. Fivefold cross-validation experiments were carried out on randomly generated synthetic data sets, Yeast data set, as well as on a real-world Parkinson’s disease data set containing 488 patients. The experimental study, including comparison with additional Bayesian network-based approaches, back propagation for multi-label learning, multi-label k-nearest neighbor, multinomial logistic regression, ordinary least squares, and censored least absolute deviations, shows encouraging results in terms of predictive accuracy as well as the identification of dependence relationships among class and feature variables.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

We are investigating the performances of a data acquisition system for Time of Flight PET, based on LYSO crystal slabs and 64 channels Silicon Photomultipliers matrices (1.2 cm2 of active area each). Measurements have been performed to test the timing capability of the detection system (SiPM matices coupled to a LYSO slab and the read-out electronics) with both test signal and radioactive source.

Relevância:

100.00% 100.00%

Publicador:

Resumo:

La seguridad en redes informáticas es un área que ha sido ampliamente estudiada y objeto de una extensa investigación en los últimos años. Debido al continuo incremento en la complejidad y sofisticación de los ataques informáticos, el aumento de su velocidad de difusión, y la lentitud de reacción frente a las intrusiones existente en la actualidad, se hace patente la necesidad de mecanismos de detección y respuesta a intrusiones, que detecten y además sean capaces de bloquear el ataque, y mitiguen su impacto en la medida de lo posible. Los Sistemas de Detección de Intrusiones o IDSs son tecnologías bastante maduras cuyo objetivo es detectar cualquier comportamiento malicioso que ocurra en las redes. Estos sistemas han evolucionado rápidamente en los últimos años convirtiéndose en herramientas muy maduras basadas en diferentes paradigmas, que mejoran su capacidad de detección y le otorgan un alto nivel de fiabilidad. Por otra parte, un Sistema de Respuesta a Intrusiones (IRS) es un componente de seguridad que puede estar presente en la arquitectura de una red informática, capaz de reaccionar frente a los incidentes detectados por un Sistema de Detección de Intrusiones (IDS). Por desgracia, esta tecnología no ha evolucionado al mismo ritmo que los IDSs, y la reacción contra los ataques detectados es lenta y básica, y los sistemas presentan problemas para ejecutar respuestas de forma automática. Esta tesis doctoral trata de hacer frente al problema existente en la reacción automática frente a intrusiones, mediante el uso de ontologías, lenguajes formales de especificación de comportamiento y razonadores semánticos como base de la arquitectura del sistema de un sistema de respuesta automática frente a intrusiones o AIRS. El objetivo de la aproximación es aprovechar las ventajas de las ontologías en entornos heterogéneos, además de su capacidad para especificar comportamiento sobre los objetos que representan los elementos del dominio modelado. Esta capacidad para especificar comportamiento será de gran utilidad para que el AIRS infiera la respuesta óptima frente a una intrusión en el menor tiempo posible. Abstract Security in networks is an area that has been widely studied and has been the focus of extensive research over the past few years. The number of security events is increasing, and they are each time more sophisticated, and quickly spread, and slow reaction against intrusions, there is a need for intrusion detection and response systems to dynamically adapt so as to better detect and respond to attacks in order to mitigate them or reduce their impact. Intrusion Detection Systems (IDSs) are mature technologies whose aim is detecting malicious behavior in the networks. These systems have quickly evolved and there are now very mature tools based on different paradigms (statistic anomaly-based, signature-based and hybrids) with a high level of reliability. On the other hand, Intrusion Response System (IRS) is a security technology able to react against the intrusions detected by IDS. Unfortunately, the state of the art in IRSs is not as mature as with IDSs. The reaction against intrusions is slow and simple, and these systems have difficulty detecting intrusions in real time and triggering automated responses. This dissertation is to address the existing problem in automated reactions against intrusions using ontologies, formal behaviour languages and semantic reasoners as the basis of the architecture of an automated intrusion response systems or AIRS. The aim is to take advantage of ontologies in heterogeneous environments, in addition to its ability to specify behavior of objects representing the elements of the modeling domain. This ability to specify behavior will be useful for the AIRS in the inference process of the optimum response against an intrusion, as quickly as possible.