Analyzing the effectiveness of graph metrics for anomaly detection in online social networks

Online social networks can be modelled as graphs; in this paper, we analyze the use of graph metrics for identifying users with anomalous relationships to other users. A framework is proposed for analyzing the effectiveness of various graph theoretic properties such as the number of neighbouring nodes and edges, betweenness centrality, and community cohesiveness in detecting anomalous users. Experimental results on real-world data collected from online social networks show that the majority of users typically have friends who are friends themselves, whereas anomalous users’ graphs typically do not follow this common rule. Empirical analysis also shows that the relationship between average betweenness centrality and edges identifies anomalies more accurately than other approaches.

Static analysis of executables for collaborative malware detection on Android

Smartphones are getting increasingly popular and several malwares appeared targeting these devices. General countermeasures to smartphone malwares are currently limited to signature-based antivirus scanners which efficiently detect known malwares, but they have serious shortcomings with new and unknown malwares creating a window of opportunity for attackers. As smartphones become host for sensitive data and applications, extended malware detection mechanisms are necessary complying with the corresponding resource constraints. The contribution of this paper is twofold. First, we perform static analysis on the executables to extract their function calls in Android environment using the command readelf. Function call lists are compared with malware executables for classifying them with PART, Prism and Nearest Neighbor Algorithms. Second, we present a collaborative malware detection approach to extend these results. Corresponding simulation results are presented.

An Android application sandbox system for suspicious software detection

Smartphones are steadily gaining popularity, creating new application areas as their capabilities increase in terms of computational power, sensors and communication. Emerging new features of mobile devices give opportunity to new threats. Android is one of the newer operating systems targeting smartphones. While being based on a Linux kernel, Android has unique properties and specific limitations due to its mobile nature. This makes it harder to detect and react upon malware attacks if using conventional techniques. In this paper, we propose an Android Application Sandbox (AASandbox) which is able to perform both static and dynamic analysis on Android programs to automatically detect suspicious applications. Static analysis scans the software for malicious patterns without installing it. Dynamic analysis executes the application in a fully isolated environment, i.e. sandbox, which intervenes and logs low-level interactions with the system for further analysis. Both the sandbox and the detection algorithms can be deployed in the cloud, providing a fast and distributed detection of suspicious software in a mobile software store akin to Google's Android Market. Additionally, AASandbox might be used to improve the efficiency of classical anti-virus applications available for the Android operating system.

Collaborative intrusion detection framework : characteristics, adversarial opportunities and countermeasures

Complex Internet attacks may come from multiple sources, and target multiple networks and technologies. Nevertheless, Collaborative Intrusion Detection Systems (CIDS) emerges as a promising solution by using information from multiple sources to gain a better understanding of objective and impact of complex Internet attacks. CIDS also help to cope with classical problems of Intrusion Detection Systems (IDS) such as zero-day attacks, high false alarm rates and architectural challenges, e. g., centralized designs exposing the Single-Point-of-Failure. Improved complexity on the other hand gives raise to new exploitation opportunities for adversaries. The contribution of this paper is twofold. We first investigate related research on CIDS to identify the common building blocks and to understand vulnerabilities of the Collaborative Intrusion Detection Framework (CIDF). Second, we focus on the problem of anonymity preservation in a decentralized intrusion detection related message exchange scheme. We use techniques from design theory to provide multi-path peer-to-peer communication scheme where the adversary can not perform better than guessing randomly the originator of an alert message.

Framework for evaluating collaborative intrusion detection systems

Securing IT infrastructures of our modern lives is a challenging task because of their increasing complexity, scale and agile nature. Monolithic approaches such as using stand-alone firewalls and IDS devices for protecting the perimeter cannot cope with complex malwares and multistep attacks. Collaborative security emerges as a promising approach. But, research results in collaborative security are not mature, yet, and they require continuous evaluation and testing. In this work, we present CIDE, a Collaborative Intrusion Detection Extension for the network security simulation platform ( NeSSi 2 ). Built-in functionalities include dynamic group formation based on node preferences, group-internal communication, group management and an approach for handling the infection process for malware-based attacks. The CIDE simulation environment provides functionalities for easy implementation of collaborating nodes in large-scale setups. We evaluate the group communication mechanism on the one hand and provide a case study and evaluate our collaborative security evaluation platform in a signature exchange scenario on the other.

Detection of banana bunchy top virus in virus-infected plants using polymerase chain reaction

Polymerase chain reaction (PCR) was developed for the detection of Banana bunchy top virus (BBTV) at maximum after 210 min and at minimum after 90 min using Pc-1 and Pc-2, respectively. PCR detection of BBTV in crude sap indicated that the freezing of banana tissue in liquid nitrogen (LN2) before extraction was more effective than using sand as the extraction technique. BBTV was also detected using PCR assay in 69 healthy and diseased plants using Na-PO4 buffer containing 1 % SDS. PCR detection of BBTV in nucleic acid extracts using seven different extraction buffers to adapt the use of PCR in routine detection in the field was studied. Results proved that BBTV was detected with high sensitivity in nucleic acid extracts more than in infectious sap. The results also suggested the common aetiology for the BBTV by the PCR reactions of BBTV in nucleic acid extracts from Australia, Burundi, Egypt, France, Gabon, Philippines and Taiwan. Results also proved a positive relation between the Egyptian-BBTV isolate and abaca bunchy top isolate from the Philippines, but there no relation was found with the Cucumber mosaic cucumovirus (CMV) isolates from Egypt and Philippines and Banana bract mosaic virus (BBMV) were found.

Eyes on 3D-Current 3D biomimetic disease concept models and potential applications in age-related macular degeneration

Three dimensional cellular models that mimic disease are being increasingly investigated and have opened an exciting new research area into understanding pathomechanisms. The advantage of 3D in vitro disease models is that they allow systematic and in-depth studies of physiological and pathophysiological processes with less costs and ethical concerns that have arisen with animal models. The purpose of the 3D approach is to allow crosstalk between cells and microenvironment, and with cues from the microenvironment, cells can assemble their niche similar to in vivo conditions. The use of 3D models for mimicking disease processes such as cancer, osteoarthritis etc., is only emerging and allows multidisciplinary teams consisting of tissue engineers, biologist biomaterial scientists and clinicians to work closely together. While in vitro systems require rigorous testing before they can be considered as replicates of the in vivo model, major steps have been made, suggesting that they will become powerful tools for studying physiological and pathophysiological processes. This paper aims to summarize some of the existing 3D models and proposes a novel 3D model of the eye structures that are involved in the most common cause of blindness in the Western World, namely age-related macular degeneration (AMD).

Decentralized detector generation in cooperative intrusion detection system

We consider Cooperative Intrusion Detection System (CIDS) which is a distributed AIS-based (Artificial Immune System) IDS where nodes collaborate over a peer-to-peer overlay network. The AIS uses the negative selection algorithm for the selection of detectors (e.g., vectors of features such as CPU utilization, memory usage and network activity). For better detection performance, selection of all possible detectors for a node is desirable but it may not be feasible due to storage and computational overheads. Limiting the number of detectors on the other hand comes with the danger of missing attacks. We present a scheme for the controlled and decentralized division of detector sets where each IDS is assigned to a region of the feature space. We investigate the trade-off between scalability and robustness of detector sets. We address the problem of self-organization in CIDS so that each node generates a distinct set of the detectors to maximize the coverage of the feature space while pairs of nodes exchange their detector sets to provide a controlled level of redundancy. Our contribution is twofold. First, we use Symmetric Balanced Incomplete Block Design, Generalized Quadrangles and Ramanujan Expander Graph based deterministic techniques from combinatorial design theory and graph theory to decide how many and which detectors are exchanged between which pair of IDS nodes. Second, we use a classical epidemic model (SIR model) to show how properties from deterministic techniques can help us to reduce the attack spread rate.

Visualization of thermal characteristics around the absorber tube of a standard parabolic trough thermal collector by 3D simulation

Three dimensional conjugate heat transfer simulation of a standard parabolic trough thermal collector receiver is performed numerically in order to visualize and analyze the surface thermal characteristics. The computational model is developed in Ansys Fluent environment based on some simplified assumptions. Three test conditions are selected from the existing literature to verify the numerical model directly, and reasonably good agreement between the model and the test results confirms the reliability of the simulation. Solar radiation flux profile around the tube is also approximated from the literature. An in house macro is written to read the input solar flux as a heat flux wall boundary condition for the tube wall. The numerical results show that there is an abrupt variation in the resultant heat flux along the circumference of the receiver. Consequently, the temperature varies throughout the tube surface. The lower half of the horizontal receiver enjoys the maximum solar flux, and therefore, experiences the maximum temperature rise compared to the upper part with almost leveled temperature. Reasonable attributions and suggestions are made on this particular type of conjugate thermal system. The knowledge that gained so far from this study will be used to further the analysis and to design an efficient concentrator photovoltaic collector in near future.

Molecular dynamics investigation on edge stress and shape transition in graphene nanoribbons

Graphene nanoribbon (GNR) with free edges demonstrates unique pre-existing edge energy and edge stress, leading to non-flat morphologies. Using molecular dynamics (MD) methods, we evaluated edge energies as well as edge stresses for four different edge types, including regular edges (armchair and zigzag), armchair edge terminated with hydrogen and reconstructed armchair. The results showed that compressive stress exists in the regular and hydrogen-terminated edges along the edge direction. In contrast, the reconstructed armchair edge is generally subject to tension. Furthermore, we also investigated shape transition between flat and rippled configurations of GNRs with different free edges. It was found that the pre-existing stress at free edges can greatly influence the initial energy state and the shape transition.

Hot topic detection in news blogs from the perspective of W2T

News blog hot topics are important for the information recommendation service and marketing. However, information overload and personalized management make the information arrangement more difficult. Moreover, what influences the formation and development of blog hot topics is seldom paid attention to. In order to correctly detect news blog hot topics, the paper first analyzes the development of topics in a new perspective based on W2T (Wisdom Web of Things) methodology. Namely, the characteristics of blog users, context of topic propagation and information granularity are unified to analyze the related problems. Some factors such as the user behavior pattern, network opinion and opinion leader are subsequently identified to be important for the development of topics. Then the topic model based on the view of event reports is constructed. At last, hot topics are identified by the duration, topic novelty, degree of topic growth and degree of user attention. The experimental results show that the proposed method is feasible and effective.

Elemental characterisation and detection of heavy metals in house dusts collected from sites in South-East Queensland, Australia

Knowledge of the elements present in house dusts is important in understanding potential health effects on humans. In this study, dust samples collected from 10 houses in south-east Queensland have been analysed by scanning electron microscopy and X-ray microanalysis to measure the inorganic element compositions and to investigate the form of heavy metals in the dusts. The overall analytical results were then used to discriminate between different localities using chemometric techniques. The relative amounts of elements, particularly of Si, Ca, and Fe, varied between size fractions and between different locations for the same size fraction. By analysing individual small particles, many other constituents were identified including Ti, Cr, Mn, Ni, Cu, Zn, Ba, Ag, W, Au, Hg, Pb, Bi, La and Ce. The heavy metals were mostly concentrated in small particles in the smaller size fractions, which allowed detection by particle analysis, though their average concentrations were very low.

Static smartphone malware detection

Static anaylsis represents an approach of checking source code or compiled code of applications before it gets executed. Chess and McGraw state that static anaylsis promises to identify common coding problems automatically. While manual code checking is also a form of static analysis, software tools are used in most cases in order to perform the checks. Chess and McGraw additionaly claim that good static checkers can help to spot and eradicate common security bugs.