Cloud computing paradigm is growing rapidly, and it allows users to get services via the Internet as pay-per-use and it is convenient for developing, deploying, and accessing mobile applications. Currently, security is a requisite concern owning to the open and distributed nature of the cloud. Copious amounts of data are responsible for alluring hackers. Thus, developing efficacious IDS is an imperative task. This article analyzed four intrusion detection systems for the detection of attacks. Two standard benchmark (...) datasets, namely, NSL-KDD and UNSW-NB15, were used for the simulations. Additionally, this study highlights the proliferating challenges for the security of sensitive user data and gives useful recommendations to address the identified issues. Finally, the projected results show that the hybridization method with support vector machine classifier outperforms the existing techniques in the case of the datasets investigated. (shrink)

Detecting Intrusions and anomalies is becoming much more challenging with new attacks popping out over a period of time. Achieving better accuracies by applying benchmark classifier algorithms used for identifying intrusions and anomalies have several hidden data mining challenges. Although neglected by many research findings, one of the most important and biggest challenges is the similarity or membership computation. Another challenge that cannot be simply neglected is the number of features that attributes to dimensionality. This research aims to come up (...) with a new membership function to carry similarity computation that can be helpful for addressing feature dimensionality issues. In principle, this work is aimed at introducing a novel membership function that can help to achieve better classification accuracies and eventually lead to better intrusion and anomaly detection. Experiments are performed on KDD dataset with 41 attributes and also KDD dataset with 19 attributes. Recent approaches CANN and CLAPP have showed new approaches for intrusion detection. The proposed classifier is named as UTTAMA. UTTAMA performed better to both CANN and CLAPP approaches w.r.t overall classifier accuracy. Another promising outcome achieved using UTTAMA is the U2R and R2L attack accuracies. The importance of proposed approach is that the accuracy achieved using proposed approach outperforms CLAPP, CANN, SVM, KNN and other existing classifiers. (shrink)

To design and develop AI-based cybersecurity systems ), users can justifiably trust, one needs to evaluate the impact of trust using machine learning and deep learning technologies. To guide the design and implementation of trusted AI-based systems in IDS, this paper provides a comparison among machine learning and deep learning models to investigate the trust impact based on the accuracy of the trusted AI-based systems regarding the malicious data in IDs. The four machine learning techniques are decision (...) tree, K nearest neighbour, random forest, and naïve Bayes. The four deep learning techniques are LSTM and GRU. Two datasets are used to classify the IDS attack type, including wireless sensor network detection system and KDD Cup network intrusion dataset. A detailed comparison of the eight techniques’ performance using all features and selected features is made by measuring the accuracy, precision, recall, and F1-score. Considering the findings related to the data, methodology, and expert accountability, interpretability for AI-based solutions also becomes demanded to enhance trust in the IDS. (shrink)

Despite the growing popularity of machine learning models in the cyber-security applications ), most of these models are perceived as a black-box. The eXplainable Artificial Intelligence has become increasingly important to interpret the machine learning models to enhance trust management by allowing human experts to understand the underlying data evidence and causal reasoning. According to IDS, the critical role of trust management is to understand the impact of the malicious data to detect any intrusion in the system. The previous (...) studies focused more on the accuracy of the various classification algorithms for trust in IDS. They do not often provide insights into their behavior and reasoning provided by the sophisticated algorithm. Therefore, in this paper, we have addressed XAI concept to enhance trust management by exploring the decision tree model in the area of IDS. We use simple decision tree algorithms that can be easily read and even resemble a human approach to decision-making by splitting the choice into many small subchoices for IDS. We experimented with this approach by extracting rules in a widely used KDD benchmark dataset. We also compared the accuracy of the decision tree approach with the other state-of-the-art algorithms. (shrink)

Policy Interaction Graph Analysis is a Host-based Intrusion Detection tool that uses Linux MAC Mandatory access control policy to build the licit information flow graph and uses a detection policy defined by the administrator to extract illicit behaviour from the graph. The main limitation of this tool is the generation of a huge signature base of illicit behaviours; hence, this leads to the use of huge memory space to store it. Our primary goal in this article is (...) to reduce this memory space while keeping the tool’s efficiency in terms of intrusion detection rate and false generated alarms. First, the interactions between the two nodes of the graph were grouped into a single interaction. The notion of equivalence class was used to classify the paths in the graph and was compressed by using a genetic algorithm. Such an approach showed its efficiency compared to the approach proposed by Pierre Clairet, by which the detection rate obtained was 99.9%, and no false-positive with a compression rate of illicit behaviour signature database reached 99.44%. Having these results is one of the critical aspects of realizing successful host-based intrusion detection systems. (shrink)

In cloud security, intrusion detection system (IDS) is one of the challenging research areas. In a cloud environment, security incidents such as denial of service, scanning, malware code injection, virus, worm, and password cracking are getting usual. These attacks surely affect the company and may develop a financial loss if not distinguished in time. Therefore, securing the cloud from these types of attack is very much needed. To discover the problem, this paper suggests a novel IDS established on (...) a combination of a leader-based k-means clustering (LKM), optimal fuzzy logic system. Here, at first, the input dataset is grouped into clusters with the use of LKM. Then, cluster data are afforded to the fuzzy logic system (FLS). Here, normal and abnormal data are inquired by the FLS, while FLS training is done by the grey wolf optimization algorithm through maximizing the rules. The clouds simulator and NSL-Knowledge Discovery and DataBase (KDD) Cup 99 dataset are applied to inquire about the suggested method. Precision, recall, and F-measure are conceived as evaluation criteria. The obtained results have denoted the superiority of the suggested method in comparison with other methods. (shrink)

Over the years, artificial neural networks have been applied successfully in many areas including IT security. Yet, neural networks can only process continuous input data. This is particularly challenging for security-related, non-continuous data like system calls of an operating system. This work focuses on five different options to preprocess sequences of system calls so that they can be processed by neural networks. These input options are based on one-hot encodings and learning word2vec, GloVe or fastText representations of system calls. As (...) an additional option, we analyse if mapping system calls to their respective kernel modules is an adequate generalization step for replacing system calls or enhancing system call data with additional information regarding their context. When performing such preprocessing steps it is important to ensure that no relevant information is lost during the process. The overall objective of system call analysis in the context of IT security is to categorize a sequence of them as benign or malicious behavior. Therefore, this scenario is used to evaluate different system call representations in a classification task. Results indicate that a broader range of attacks can be detected when enriching system call representations with corresponding kernel module information. Prior learning of embeddings does not achieve significant improvements. This work is an extension of the work by Wunderlich et al. [1] published in Advances in Intelligent Systems and Computing. (shrink)

Specifically tailored industrial control systems attacks are becoming increasingly sophisticated, accentuating the need of ICS cyber security. The nature of these systems makes traditional IT security measures not suitable, requiring expressly developed security countermeasures. Within the past decades, research has been focused in network-based intrusion detection systems. With the appearance of software-defined networks, new opportunities and challenges have shown up in the research community. This paper describes the potential benefits of using SDNs in industrial networks (...) with security purposes and presents the set up and results of a pilot experiment carried out in a scaled physical implementation. The experimental set up consists in the detection of ICMP flood and packet payload alteration based on signature comparison. Results point to the potential viability of the technology for intrusion detection and the need of researching in architectural scalability. (shrink)

In order to correct the deficiencies of intrusion detection technology, the entire computer and network security system are needed to be more perfect. This work proposes an improved k-means algorithm and an improved Apriori algorithm applied in data mining technology to detect network intrusion and security maintenance. The classical KDDCUP99 dataset has been utilized in this work for performing the experimentation with the improved algorithms. The algorithm’s detection rate and false alarm rate are compared with the (...) experimental data before the improvement. The outcomes of proposed algorithms are analyzed in terms of various simulation parameters like average time, false alarm rate, absolute error as well as accuracy value. The results show that the improved algorithm advances the detection efficiency and accuracy using the designed detection model. The improved and tested detection model is then applied to a new intrusion detection system. After intrusion detection experiments, the experimental results show that the proposed system improves detection accuracy and reduces the false alarm rate. A significant improvement of 90.57% can be seen in detecting new attack type intrusion detection using the proposed algorithm. (shrink)

Relational database management system is the most popular database system. It is important to maintain data security from information leakage and data corruption. RDBMS can be attacked by an outsider or an insider. It is difficult to detect an insider attack because its patterns are constantly changing and evolving. In this paper, we propose an adaptive database intrusion detection system that can be resistant to potential insider misuse using evolutionary reinforcement learning, which combines reinforcement learning and evolutionary learning. (...) The model consists of two neural networks, an evaluation network and an action network. The action network detects the intrusion, and the evaluation network provides feedback to the detection of the action network. Evolutionary learning is effective for dynamic patterns and atypical patterns, and reinforcement learning enables online learning. Experimental results show that the performance for detecting abnormal queries improves as the proposed model learns the intrusion adaptively using Transaction Processing performance Council-E scenario-based virtual query data. The proposed method achieves the highest performance at 94.86%, and we demonstrate the usefulness of the proposed method by performing 5-fold cross-validation. (shrink)

For a better detection in Network information security monitoring system, the author proposes a method based on adaptive depth detection. A deep belief network was designed and implemented, and the intrusion detection system model was combined with a support vector machine. The data set adopts the NSL-KDD network communication data set, and this data set is authoritative in the security field. Redundant cleaning, data type conversion, normalization, and other processing operations are performed on the data set. (...) Using the data conversion method based on the probability mass function probability mass function coding, a standard data set with low redundancy and low dimensionality can be obtained. Research indicates that when the batch size reaches 64, the accuracy of the test set reaches its maximum value. As the batch size increases, the accuracy first increases and then decreases. When the batch size continues to increase, the model will inevitably fall into the local optimal state, resulting in the degradation of the detection performance of the system. In terms of the false alarm rate, the DBN-SVM model is also the highest; however, it is only 10.73%. Under the premise of increasing the detection rate, the false alarm rate is improved; for the overall detection performance of the model, it is within an acceptable range. In terms of accuracy, the DBN-SVM model also scored the highest. The accuracy rate is the ratio of normal and correct classification for intrusion detection. It can explain the detection ability of the model. In summary, the overall detection ability of the DBN-SVM model is the best. The good classification ability to use SVM is proved, and the classification of low-dimensional features is expected to increase the detection rate of the system. (shrink)

The large number of sensors and actuators that make up the Internet of Things obliges these systems to use diverse technologies and protocols. This means that IoT networks are more heterogeneous than traditional networks. This gives rise to new challenges in cybersecurity to protect these systems and devices which are characterized by being connected continuously to the Internet. Intrusion detection systems are used to protect IoT systems from the various anomalies and attacks at the (...) network level. Intrusion Detection Systems can be improved through machine learning techniques. Our work focuses on creating classification models that can feed an IDS using a dataset containing frames under attacks of an IoT system that uses the MQTT protocol. We have addressed two types of method for classifying the attacks, ensemble methods and deep learning models, more specifically recurrent networks with very satisfactory results. (shrink)

Role-based database management systems are most widely used for information storage and analysis but are known as vulnerable to insider attacks. The core of intrusion detection lies in an adaptive system, where an insider attack can be judged if it is different from the predicted role by performing classification on the user’s queries accessing the database and comparing it with the authorized role. In order to handle the high similarity of user queries for misclassified roles, this paper (...) proposes a deep metric neural network with strategic sampling algorithm that properly extracts salient features and directly learns a quantitative measure of similarity. A strategic sampling method of heuristically generating and learning training pairs through Monte Carlo search is proposed to select a training pair that can represent the entire dataset. With the TPC-E–based benchmark data trained with 11,000 queries for 11 roles, the proposed model produces the classification accuracy of 95.41%, which is the highest compared with the previous models. The results are verified through comparison of quantitative and qualitative evaluations, and the feature space modelled in the neural network is analysed by t-SNE algorithm. (shrink)

With the rapid growth of informatics systems’ technology in this modern age, the Internet of Things (IoT) has become more valuable and vital to everyday life in many ways. IoT applications are now more popular than they used to be due to the availability of many gadgets that work as IoT enablers, including smartwatches, smartphones, security cameras, and smart sensors. However, the insecure nature of IoT devices has led to several difficulties, one of which is distributed denial-of-service (DDoS) attacks. (...) IoT systems have several security limitations due to their disreputability characteristics, like dynamic communication between IoT devices. The dynamic communications resulted from the limited resources of these devices, such as their data storage and processing units. Recently, many attempts have been made to develop intelligent models to protect IoT networks against DDoS attacks. The main ongoing research issue is developing a model capable of protecting the network from DDoS attacks that is sensitive to various classes of DDoS and can recognize legitimate traffic to avoid false alarms. Subsequently, this study proposes combining three deep learning algorithms, namely recurrent neural network (RNN), long short-term memory (LSTM)-RNN, and convolutional neural network (CNN), to build a bidirectional CNN-BiLSTM DDoS detection model. The RNN, CNN, LSTM, and CNN-BiLSTM are implemented and tested to determine the most effective model against DDoS attacks that can accurately detect and distinguish DDoS from legitimate traffic. The intrusion detection evaluation dataset (CICIDS2017) is used to provide more realistic detection. The CICIDS2017 dataset includes benign and up-to-date examples of typical attacks, closely matching real-world data of Packet Capture. The four models are tested and assessed using Confusion Metrix against four commonly used criteria: accuracy, precision, recall, and F-measure. The performance of the models is quite effective as they obtain an accuracy rate of around 99.00%, except for the CNN model, which achieves an accuracy of 98.82%. The CNN-BiLSTM achieves the best accuracy of 99.76% and precision of 98.90%. (shrink)

Ritualized behavior, intuitively recognizable by its stereotypy, rigidity, repetition, and apparent lack of rational motivation, is found in a variety of life conditions, customs, and everyday practices: in cultural rituals, whether religious or non-religious; in many children's complicated routines; in the pathology of obsessive-compulsive disorders (OCD); in normal adults around certain stages of the life-cycle, birthing in particular. Combining evidence from evolutionary anthropology, neuropsychology and neuroimaging, we propose an explanation of ritualized behavior in terms of an evolved Precaution System geared (...) to the detection of and reaction to inferred threats to fitness. This system, distinct from fear-systems geared to respond to manifest danger, includes a repertoire of clues for potential danger as well as a repertoire of species-typical precautions. In OCD pathology, this system does not supply a negative feedback to the appraisal of potential threats, resulting in doubts about the proper performance of precautions, and repetition of action. Also, anxiety levels focus the attention on low-level gestural units of behavior rather than on the goal-related higher-level units normally used in parsing the action-flow. Normally automatized actions are submitted to cognitive control. This “swamps” working memory, an effect of which is a temporary relief from intrusions but also their long-term strengthening. Normal activation of this Precaution System explains intrusions and ritual behaviors in normal adults. Gradual calibration of the system occurs through childhood rituals. Cultural mimicry of this system's normal input makes cultural rituals attention-grabbing and compelling. A number of empirical predictions follow from this synthetic model. (Published Online February 8 2007) Key Words: childhood ritual; compulsion; event boundaries; evolutionary psychology; obsessive-compulsive disorder; ritual; thought intrusion. (shrink)

In programs of acoustic survey, the amount of data collected and the lack of automatic routines for their classification and interpretation can represent a serious obstacle to achieving quick results. To overcome these obstacles, we are proposing an ecosemiotic model of data mining, ecoacoustic event detection and identification, that uses a combination of the acoustic complexity indices and automatically extracts the ecoacoustic events of interest from the sound files. These events may be indicators of environmental functioning at the scale (...) of individual vocal species, the acoustic community, the sound marks, or the soundscape. The EEDI model is represented by three procedural steps: 1) selecting acoustic data according to environmental variables, 2) detecting the events by creating an ecoacoustic event space produced by plotting ACIft and its evenness, 3) identifying events according to the level of correlation between the acoustic signature of the detected events and an ad hoc library of previously identified events. The EEDI procedure can be extensively used in basic and applied research. In particular, EEDI may be used in long-term monitoring programs to assess the effect of climate change on individual vocal species behavior, population, and acoustic community dynamics. The EEDI model can be also used to investigate acoustic human intrusion in natural systems and the effect in urban areas. (shrink)

This paper aims to enhance security in IoT device networks through a visual tool that utilizes three projection techniques, including Beta Hebbian Learning (BHL), t-distributed Stochastic Neighbor Embedding (t-SNE) and ISOMAP, in order to facilitate the identification of network attacks by human experts. This work research begins with the creation of a testing environment with IoT devices and web clients, simulating attacks over Message Queuing Telemetry Transport (MQTT) for recording all relevant traffic information. The unsupervised algorithms chosen provide a set (...) of projections that enable human experts to visually identify most attacks in real-time, making it a powerful tool that can be implemented in IoT environments easily. (shrink)

Background Outbreaks of infectious disease cause serious and costly health and social problems. Two new technologies – pathogen whole genome sequencing and Big Data analytics – promise to improve our capacity to detect and control outbreaks earlier, saving lives and resources. However, routinely using these technologies to capture more detailed and specific personal information could be perceived as intrusive and a threat to privacy. Method Four community juries were convened in two demographically different Sydney municipalities and two regional cities in (...) New South Wales, Australia to elicit the views of well-informed community members on the acceptability and legitimacy of: making pathogen WGS and linked administrative data available for public health researchusing this information in concert with data linkage and machine learning to enhance communicable disease surveillance systems Fifty participants of diverse backgrounds, mixed genders and ages were recruited by random-digit-dialling and topic-blinded social-media advertising. Each jury was presented with balanced factual evidence supporting different expert perspectives on the potential benefits and costs of technologically enhanced public health research and communicable disease surveillance and given the opportunity to question experts. Results Almost all jurors supported data linkage and WGS on routinely collected patient isolates for the purposes of public health research, provided standard de-identification practices were applied. However, allowing this information to be operationalised as a syndromic surveillance system was highly contentious with three juries voting in favour, and one against by narrow margins. For those in favour, support depended on several conditions related to system oversight and security being met. Those against were concerned about loss of privacy and did not trust Australian governments to run secure and effective systems. Conclusions Participants across all four events strongly supported the introduction of data linkage and pathogenomics to public health research under current research governance structures. Combining pathogen WGS with event-based data surveillance systems, however, is likely to be controversial because of a lack of public trust, even when the potential public health benefits are clear. Any suggestion of private sector involvement or commercialisation of WGS or surveillance data was unanimously rejected. (shrink)

The superfluous and systemic problem of fraud and corruption in South African universities has intentionally paralysed internal control measures that detect and combat corruption. This reality has been aggravated by the deployment of unskilled workers in strategic positions in universities, driving the corruption agenda and frustrating those skilled quality employees capable of operating the systems that detect and combat corruption. This article explores employees’ experience and knowledge in previously disadvantaged universities relating to operating systems that enable the (...) class='Hi'>detection and prevention of fraud and corruption. This paper further attempts to assess whether these universities employ and retain knowledgeable and quality employees who can operate these systems. The qualitative multi-case study was conducted using a sample of 20 middle and senior managers, with data collected through interviews. The study generated five themes from the research findings, which appear to have allowed the corrupt practices to occur. These include, first, intentionally paralysed internal control systems and processes; second, the deliberate employment and retention of incompetent employees; third, the inconsistent application of policies and practices which favour those driving the corruption agenda; fourth, the lack of the requisite knowledge and skills; and lastly, the absence of retention and succession plans, with those who are ethical being isolated and purged from the corrupt system. This study has not been explored previously and therefore adds value to theories and realities of corruption in universities. The research also contributes by shedding light on the extent of organised and systemic corruption in South African universities, assisting decision-makers in implementing the appropriate interventions to combat corruption. (shrink)

The study considers the development of methods for detecting anomalous network connections based on hybridization of computational intelligence methods. An analysis of approaches to detecting anomalies and abuses in computer networks. In the framework of this analysis, a classification of methods for detecting network attacks is proposed. The main results are reduced to the construction of multi-class models that increase the efficiency of the attack detection system, and can be used to build systems for classifying network parameters during (...) the attack. A model of an artificial immune system based on an evolutionary approach, an algorithm for genetic-competitive learning of the Kohonen network and a method of hierarchical hybridization of binary classifiers with the addition to the detection of anomalous network connections have been developed. The architecture of the network distributed attack detection system has been developed. The architecture of the attack detection system is two-tier: the first level provides the primary analysis of individual packets and network connections using signature analysis, the second level processes the processing of aggregate network data streams using adaptive classifiers. A signature analysis was performed to study network performance based on the Aho-Korasik and Boyer-Moore algorithms and their improved analogues were implemented using OpenMP and CUDA technologies. The architecture is presented and the main points of operation of the network attack generator are shown. A system for generating network attacks has been developed. This system consists of two components: an asynchronous transparent proxy server for TCP sessions and a frontend interface for a network attack generator. The results of the experiments confirmed that the functional and non-functional requirements, as well as the requirements for computing intelligent systems, are met for the developed attack detection system. (shrink)

Connected devices, such as smartphones and tablets, are exposed to a large variety of attacks. Their protection is often challenged by their resource constraints in terms of CPU, memory and energy. Security chains, composed of security functions such as firewalls, intrusion detection systems and data leakage prevention mechanisms, offer new perspectives to protect these devices using software-defined networking and network function virtualization. However, the complexity and dynamics of these chains require new automation techniques to orchestrate them. This (...) chapter describes an automated orchestration methodology for security chains in order to secure connected devices and their applications. This methodology exploits process learning to establish behavioral models and infer security constraints represented as logical predicates. It then generates and merges a set of chains of security functions on the basis of these predicates. These chains are finally compiled into low-level configuration rules and deployed into the network, optimizing for the underlying topology. The benefits and limits of such a methodology combining machine learning and verification techniques are evaluated by a set of experimental results. (shrink)

One of the major problems of intrusion detection concerns the large amount of alerts that intrusion detection systems (IDS) produce. Security operator who analyzes alerts and takes decisions, is often submerged by the high number of alerts to analyze. In this paper, we present a new alert correlation approach based on knowledge and preferences of security operators. This approach, which is complementary to existing ones, allows to rank-order produced alerts on the basis of a security (...) operator knowledge about the system, used IDS and his preferences about alerts that he wants to analyze or to ignore. Our approach is based on the development of a new non-classical logic for representing preferences, called FO-MQCL (First Order - Minimal Qualitative Choice Logic). Our logic extends a fragment of the first order logic by adding a new logical connective. The general idea is to present only alerts that fully fit security operator's preferences and knowledge. And if needed, less preferred alerts can also be presented. (shrink)

One of the major problems of intrusion detection concerns the large amount of alerts that intrusion detection systems (IDS) produce. Security operator who analyzes alerts and takes decisions, is often submerged by the high number of alerts to analyze. In this paper, we present a new alert correlation approach based on knowledge and preferences of security operators. This approach, which is complementary to existing ones, allows to rank-order produced alerts on the basis of a security (...) operator knowledge about the system, used IDS and his preferences about alerts that he wants to analyze or to ignore. Our approach is based on the development of a new non-classical logic for representing preferences, called FO-MQCL (First Order - Minimal Qualitative Choice Logic). Our logic extends a fragment of the first order logic by adding a new logical connective. The general idea is to present only alerts that fully fit security operator's preferences and knowledge. And if needed, less preferred alerts can also be presented. (shrink)

This paper proposes a roadmap for how privacy leakages from outsourced managed security services using intrusion detection systems can be controlled. The paper first analyses the risk of leaking private or confidential information from signature-based intrusion detection systems. It then discusses how the situation can be improved by developing adequate privacy enforcement methods and privacy leakage metrics in order to control and reduce the leakage of private and confidential information over time. Such metrics should (...) allow for quantifying how much information that is leaking, where these information leakages are, as well as showing what these leakages mean. This includes adding enforcement mechanisms ensuring that operation on sensitive information is transparent and auditable. The data controller or external quality assurance organisations can then verify or certify that the security operation operates in a privacy friendly manner. The roadmap furthermore outlines how privacy-enhanced intrusion detection systems should be implemented by initially providing privacy-enhanced alarm handling and then gradually extending support for privacy enhancing operation to other areas like digital forensics, exchange of threat information and big data analytics based attack detection. (shrink)

There is much effort nowadays to protect communication networks against different cybersecurity attacks (which are more and more sophisticated) that look for systems’ vulnerabilities they could exploit for malicious purposes. Network Intrusion Detection Systems (NIDSs) are popular tools to detect and classify such attacks, most of them based on ML models. However, ML-based NIDSs cannot be trained by feeding them with network traffic data as it is. Thus, a Feature Engineering (FE) process plays a crucial role (...) transforming network traffic raw data onto derived one suitable for ML models. In this work, we study the effects of applying one such FE technique in different ways on the performance of two ML models (linear and non-linear) and their selected features. This the Feature as a Counter approach. The derived observations are computed from either with the same number of raw samples, (batch-based approaches) or by aggregating them by time intervals (timestamp-based approach). Results show that there is no significant differences between the proposed approaches neither in the performance of the models nor in the selected features that validate our proposal making it feasible to be widely used as a standard FE method. (shrink)

This paper argues that the inappropriate framing and implementation of plagiarism detection systems in UK universities can unwittingly construct international students as ‘plagiarists’. It argues that these systems are often implemented with inappropriate assumptions about plagiarism and the way in which new members of a community of practice develop the skills to become full members of that community. Drawing on the literature and some primary data it shows how expectations, norms and practices become translated and negotiated in (...) such a way that legitimate attempts to conform with the expectations of the community of practice often become identified as plagiarism and illegitimate attempts at cheating often become obscured from view. It argues that this inappropriate framing and implementation of plagiarism detection systems may make academic integrity more illusive rather than less. It argues that in its current framing – as systems for ‘detection and discipline’ – plagiarism detection systems may become a new micro-politics of power with devastating consequences for those excluded. (shrink)

Research suggests that the mind contains a set of adaptations for detecting alliances: an alliance detection system, which monitors for, encodes, and stores alliance information and then modifies the activation of stored alliance categories according to how likely they will predict behavior within a particular social interaction. Previous studies have established the activation of this system when exposed to explicit competition or cooperation between individuals. In the current studies we examine if shared political opinions produce these same effects. In (...) particular, if participants will spontaneously categorize individuals according to the parties they support, even when explicit cooperation and antagonism are absent, and if party support is sufficiently powerful to decrease participants’ categorization by an orthogonal but typically-diagnostic alliance cue . Evidence was found for both: Participants spontaneously and implicitly kept track of who supported which party, and when party cross-cut race—such that the race of targets was not predictive of party support—categorization by race was dramatically reduced. To verify that these results reflected the operation of a cognitive system for modifying the activation of alliance categories, and not just socially-relevant categories in general, an identical set of studies was also conducted with in which party was either crossed with sex or age . As predicted, categorization by party occurred to the same degree, and there was no reduction in either categorization by sex or by age. All effects were replicated across two sets of between-subjects conditions. These studies provide the first direct empirical evidence that party politics engages the mind’s systems for detecting alliances and establish two important social categorization phenomena: that categorization by age is, like sex, not affected by alliance information and that political contexts can reduce the degree to which individuals are represented in terms of their race. (shrink)

To study the static software defect detection system, based on the traditional static software defect detection system design, a new static software defect detection system design based on big data technology is proposed. The proposed method can optimize the distribution of test resources and improve the quality of software products by predicting the potential defect program modules and design the software and hardware of the static software defect detection system of big data technology. It is found (...) that the traditional static software defect detection system design based on code source data takes a long time, averaging 65 h /day. However, the traditional static software defect detection system based on deep learning has a short detection time, averaging 35 h/day. In this article, the detection time of the static software defect detection system based on big data is shorter than that of the other two traditional system designs, with an average of 15 h/day. Because the system design adjusts the operating state of the system, it improves the accuracy of data operation. On the premise of data collection, the system inspection research is completed, which ensures the operational safety of software data, alleviates the contradiction between system and data to a high degree, improves the efficiency of system operation, reduces unnecessary operations, further shortens the time required for inspection, improves the system performance, and has higher research and operation value. (shrink)

With the rapid development of science and technology, UAVs have become a new type of weapon in the informatization battlefield by their advantages of low loss and zero casualty rate. In recent years, UAV navigation electromagnetic decoy and electromagnetic interference crashes have activated widespread international attention. The UAV LiDAR detection system is susceptible to electromagnetic interference in a complex electromagnetic environment, which results in inaccurate detection and causes the mission to fail. Therefore, it is very necessary to predict (...) the effects of the electromagnetic environment. Traditional electromagnetic environment effect prediction methods mostly use a single model of mathematical model and machine learning, but the traditional prediction method has poor processing nonlinear ability and weak generalization ability. Therefore, this paper uses the Stacking fusion model algorithm in machine learning to study the electromagnetic environment effect prediction. This paper proposes a Stacking fusion model based on machine learning to predict electromagnetic environment effects. The method consists of Extreme Gradient Boosting algorithm, Gradient Boosting Decision Tree algorithm, K Nearest Neighbor algorithm, and Decision Tree algorithm. Experimental results show that, comprising with the other seven machine learning algorithms, the Stacking fusion model has a better classification prediction accuracy of 0.9762, a lower Hamming code distance of 0.0336, and a higher Kappa coefficient of 0.955. The fusion model proposed in this paper has a better predictive effect on electromagnetic environment effects and is of great significance for improving the accuracy and safety of UAV LiDAR detection systems under the complex electromagnetic environment on the battlefield. (shrink)

Nowadays, batteries play an important role in a lot of different applications like energy storage, electro-mobility, consumer electronic and so on. All the battery types have a common factor that is their complexity, independently of its nature. Usually, the batteries have an electrochemical nature. Several different test are accomplished to check the batteries performance, and commonly, it is predictable how they work depending of their technology. The present research describes the hybrid intelligent system created to accomplish fault detection over (...) a Lithium Iron Phosphate—LiFePO4 power cell type, commonly used in electro-mobility applications. The approach is based on the cell temperatures behaviour for voltage and current specific values. Taken into account the operating range of a real system based on a LiFePO4 cell, a large set of points of operation have been used to achieve the dataset. The different behaviour zones have been obtained by clustering as a first step. Then, different regression techniques have been used over each cluster. Polynomial regression, artificial neural networks and support vector regression were the combined techniques to develop the hybrid intelligent model proposed. The intelligent system gives very good results over the operating range, detecting all the faults tested during the validation. (shrink)

Computer vision and human–computer interaction are essential in many technological fields. Researchers in CV are particularly interested in real-time object detection techniques, which have a wide range of applications, including inspection systems. In this study, we design and implement real-time object detection and recognition systems using the single-shoot detector algorithm and deep learning techniques with pre-trained models. The system can detect static and moving objects in real-time and recognize the object’s class. The primary goals of this (...) research were to investigate and develop a real-time object detection system that employs deep learning and neural systems for real-time object detection and recognition. In addition, we evaluated the free available, pre-trained models with the SSD algorithm on various types of datasets to determine which models have high accuracy and speed when detecting an object. Moreover, the system is required to be operational on reasonable equipment. We tried and evaluated several deep learning structures and techniques during the coding procedure and developed and proposed a highly accurate and efficient object detection system. This system utilizes freely available datasets such as MS Common Objects in Context, PASCAL VOC, and Kitti. We evaluated our system’s accuracy using various metrics such as precision and recall. The proposed system achieved a high accuracy of 97% while detecting and recognizing real-time objects. (shrink)

Plagiarism detection services are a powerful tool to help encourage academic integrity. Adoption of these services has proven to be controversial due to ethical concerns about students’ rights. Central to these concerns is the fact that most such systems make permanent archives of student work to be re-used in plagiarism detection. This computerization and automation of plagiarism detection is changing the relationships of trust and responsibility between students, educators, educational institutions, and private corporations. Educators must respect (...) student privacy rights when implementing such systems. Student work is personal information, not the property of the educator or institution. The student has the right to be fully informed about how plagiarism detection works, and the fact that their work will be permanently archived as a result. Furthermore, plagiarism detection should not be used if the permanent archiving of a student’s work may expose him or her to future harm. (shrink)

Today’s everyone normal life can include a normal rate of playing computer games or video games; but what about an excessive or compulsive use of video games that impact on our life? Our kids, who usually spend a lot of time in playing video games will likely have a trouble in paying attention to their school lessons. In this paper, we introduce an expert system to help users in getting the correct diagnosis of the health problem of video game addictions (...) that range from (Musculoskeletal issues, Vision problems and Obesity). Moreover, this expert system provides information about the problem and tell us how we can solve it. SL5 Object expert system language was used to design and implement the expert system. (shrink)

Evidence from many different paradigms (e.g. change blindness, inattentional blindness, transsaccadic integration) indicate that observers are often very poor at reporting changes to their visual environment. Such evidence has been used to suggest that the spatio-temporal coherence needed to represent change can only occur in the presence of focused attention. In four experiments we use modified change blindness tasks to demonstrate (a) that sensitivity to change does occur in the absence of awareness, and (b) this sensitivity does not rely on (...) the redeploy- ment of attention. We discuss these results in relation to theories of scene percep- tion, and propose a reinterpretatio n of the role of attention in representing change. (shrink)

In cybersecurity, there is a call for adaptive, accurate and efficient procedures to identifying performance shortcomings and security breaches. The increasing complexity of both Internet services and traffic determines a scenario that in many cases impedes the proper deployment of intrusion detection and prevention systems. Although it is a common practice to monitor network and applications activity, there is not a general methodology to codify and interpret the recorded events. Moreover, this lack of methodology somehow erodes the (...) possibility of diagnosing whether event detection and recording is adequately performed. As a result, there is an urge to construct general codification and classification procedures to be applied on any type of security event in any activity log. This work is focused on defining such a method using the so-called normalized compression distance (NCD). NCD is parameter-free and can be applied to determine the distance between events expressed using strings. As a first step in the concretion of a methodology for the integral interpretation of security events, this work is devoted to the characterization of web logs. On the grounds of the NCD, we propose an anomaly-based procedure for identifying web attacks from web logs. Given a web query as stored in a security log, a NCD-based feature vector is created and classified using a support vector machine. The method is tested using the CSIC-2010 data set, and the results are analyzed with respect to similar proposals. (shrink)

Llewellyn's proposal that rapid eye movement dreaming reflects elaborative encoding mediated by the hippocampus offers an interesting perspective for understanding hallucinations accompanying sleep paralysis. SP arises from anomalous intrusion of REM processes into waking consciousness, including threat-detection systems mediated by the amygdala. Unique aspects of SP hallucinations offer additional prospects for investigation of Llewellyn's theory of elaborative encoding.

Reputation detection in traditional distributed systems relies heavily on the factor of interaction reputation, which can be derived from direct interactions between agents through bidirectional relationships. However, in the current information diffusion in social network systems, the characteristic of the unidirectional relationship between agents and the decay property of diffusion will result in lacking direct interactions; therefore, interaction reputations will be difficult to be obtained by agents in a distributed manner. To solve this problem, a novel distributed (...) reputation detection model following the pattern “from path to individual” is proposed, which can provide a new reputation factor as an alternative to interaction reputation in such environments. The main idea is that the positive observation of an information diffusion process increases the belief of the corresponding diffusion path, which further increases the reputation of each involved agent. Thus, the reputation of a target agent can be assessed by the superimposition of reputations of multiple paths on which this agent has participated in past information diffusion processes. Furthermore, being aware of agent’s limited capacity for reputation detection in SNS, we then propose the enhanced FPTI model, which simplifies the detection source to reduce detection costs and achieve the approximate performance as FPTI. Theoretical analyses and experimental evaluations validate the efficiency and effectiveness of our models and also show several properties of the models, for example, the robustness for dynamic environments. (shrink)

This paper examines the concept of “terminological gaps” and strives to identify suitable methods for dealing with them during translation. The analysis begins with an investigation of the contended notion of gaps in terminology based on empirical examples drawn from a German-Italian terminological database specifically designed for translation purposes. Two macro categories of gaps are identified, conceptual and linguistic level gaps, which only partially correspond to previous observations in the literature. The paper uses examples to explore the advantages of ontological (...) representations for detecting conceptual terminological gaps and identifying appropriate translation strategies. However, limitations are also observed and an attempt is made to resolve these using a frame-based approach. A frame-based analysis reveals that while certain designations may appear to refer to convergent conceptual units with matching distinctive features, differences also emerge due to the way the two language systems build designations. Examples from the corpus make it evident that a frame-based approach is helpful for identifying both kinds of terminological gaps, and then resolving them during translation. An important presupposition for this approach is that larger units of analysis need to be addressed rather than just terms themselves. There is confirmation of the existing idea that methods embracing entire segments or paragraphs as units of investigation are preferable during translation, and this is also seen to apply in terminological studies. (shrink)