Search results for "Anomaly Detection"

showing 10 items of 82 documents

Understanding deep learning in land use classification based on Sentinel-2 time series

2020

AbstractThe use of deep learning (DL) approaches for the analysis of remote sensing (RS) data is rapidly increasing. DL techniques have provided excellent results in applications ranging from parameter estimation to image classification and anomaly detection. Although the vast majority of studies report precision indicators, there is a lack of studies dealing with the interpretability of the predictions. This shortcoming hampers a wider adoption of DL approaches by a wider users community, as model’s decisions are not accountable. In applications that involve the management of public budgets or policy compliance, a better interpretability of predictions is strictly required. This work aims …

010504 meteorology & atmospheric sciencesEnvironmental economicsComputer scienceProcess (engineering)0211 other engineering and technologieslcsh:MedicineClimate changeContext (language use)02 engineering and technology01 natural sciencesArticleRelevance (information retrieval)lcsh:Science021101 geological & geomatics engineering0105 earth and related environmental sciencesInterpretabilityMultidisciplinaryLand useContextual image classificationbusiness.industryDeep learninglcsh:RClimate-change policy15. Life on landComputer scienceData scienceEnvironmental sciencesEnvironmental social sciences13. Climate actionlcsh:QAnomaly detectionArtificial intelligencebusinessCommon Agricultural PolicyAgroecologyScientific Reports
researchProduct

A Clustering approach for profiling LoRaWAN IoT devices

2019

Internet of Things (IoT) devices are starting to play a predominant role in our everyday life. Application systems like Amazon Echo and Google Home allow IoT devices to answer human requests, or trigger some alarms and perform suitable actions. In this scenario, any data information, related device and human interaction are stored in databases and can be used for future analysis and improve the system functionality. Also, IoT information related to the network level (wireless or wired) may be stored in databases and can be processed to improve the technology operation and to detect network anomalies. Acquired data can be also used for profiling operation, in order to group devices according…

050101 languages & linguisticsIoTComputer scienceIoT; LoRa; LoRaWAN; machine learning; k-means; anomaly detection; cluster analysisk-means02 engineering and technologyLoRaSilhouette0202 electrical engineering electronic engineering information engineeringProfiling (information science)Wireless0501 psychology and cognitive sciencesCluster analysisbusiness.industryNetwork packetSettore ING-INF/03 - Telecomunicazioni05 social sciencesk-means clusteringanomaly detectionLoRaWANmachine learning020201 artificial intelligence & image processingAnomaly detectionInternet of ThingsbusinessComputer networkcluster analysis
researchProduct

Knowledge Discovery from Network Logs

2015

Modern communications networks are complex systems, which facilitates malicious behavior. Dynamic web services are vulnerable to unknown intrusions, but traditional cyber security measures are based on fingerprinting. Anomaly detection differs from fingerprinting in that it finds events that differ from the baseline traffic. The anomaly detection methodology can be modelled with the knowledge discovery process. Knowledge discovery is a high-level term for the whole process of deriving actionable knowledge from databases. This article presents the theory behind this approach, and showcases research that has produced network log analysis tools and methods. peerReviewed

Actionable knowledgeKnowledge extractionComputer scienceProcess (engineering)cyber securityComplex systemAnomaly detectionDynamic web pageBaseline (configuration management)kyberturvallisuusData scienceTerm (time)
researchProduct

A Hierarchical Detection and Response System to Enhance Security Against Lethal Cyber-Attacks in UAV Networks

2018

International audience; Unmanned aerial vehicles (UAVs) networks have not yet received considerable research attention. Specifically, security issues are a major concern because such networks, which carry vital information, are prone to various attacks. In this paper, we design and implement a novel intrusion detection and response scheme, which operates at the UAV and ground station levels, to detect malicious anomalies that threaten the network. In this scheme, a set of detection and response techniques are proposed to monitor the UAV behaviors and categorize them into the appropriate list (normal, abnormal, suspect, and malicious) according to the detected cyber-attack. We focus on the m…

Ad hoc networksMonitoringAnomaly-based intrusion detection systemWireless ad hoc networkComputer science[ INFO.INFO-NI ] Computer Science [cs]/Networking and Internet Architecture [cs.NI]UAVMobile computing[ INFO.INFO-CR ] Computer Science [cs]/Cryptography and Security [cs.CR]JammingComputerApplications_COMPUTERSINOTHERSYSTEMS02 engineering and technologyIntrusion detection systemAnomaly detection and rules-based intrusion detection techniquesIDSBlack hole (networking)Computer securitycomputer.software_genreMobile communicationUnmanned aerial vehicles[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR][INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI]0202 electrical engineering electronic engineering information engineeringFalse positive paradoxOverhead (computing)Intrusion detectionElectrical and Electronic Engineering020206 networking & telecommunicationsComputer Science ApplicationsHuman-Computer InteractionControl and Systems Engineeringintrusion detection system020201 artificial intelligence & image processingcyber-attacksIntrusion prevention systemcomputerSoftware
researchProduct

State of the Art Literature Review on Network Anomaly Detection

2018

As network attacks are evolving along with extreme growth in the amount of data that is present in networks, there is a significant need for faster and more effective anomaly detection methods. Even though current systems perform well when identifying known attacks, previously unknown attacks are still difficult to identify under occurrence. To emphasize, attacks that might have more than one ongoing attack vectors in one network at the same time, or also known as APT (Advanced Persistent Threat) attack, may be hardly notable since it masquerades itself as legitimate traffic. Furthermore, with the help of hiding functionality, this type of attack can even hide in a network for years. Additi…

Advanced persistent threatComputer science05 social sciences050801 communication & media studiesDenial-of-service attack02 engineering and technology021001 nanoscience & nanotechnologyComputer securitycomputer.software_genrenetwork anomaly detection0508 media and communicationsAnomaly detectionState (computer science)tietoturva0210 nano-technologyverkkohyökkäyksetcomputer
researchProduct

A Novel Method for Detecting APT Attacks by Using OODA Loop and Black Swan Theory

2018

Advanced Persistent Threat(APT) attacks are a major concern for the modern societal digital infrastructures due to their highly sophisticated nature. The purpose of these attacks varies from long period espionage in high level environment to causing maximal destruction for targeted cyber environment. Attackers are skilful and well funded by governments in many cases. Due to sophisticated methods it is highly important to study proper countermeasures to detect these attacks as early as possible. Current detection methods under-performs causing situations where an attack can continue months or even years in a targeted environment. We propose a novel method for analysing APT attacks through OO…

Advanced persistent threatNoticeComputer science05 social sciences020206 networking & telecommunicationsOODA loop02 engineering and technologyBlack Swan theoryComputer securitycomputer.software_genreFlow networkBlack swan theorynetwork anomaly detectionLong periodAdvanced Persistent Thread (APT)0502 economics and businessOODA loop0202 electrical engineering electronic engineering information engineeringcomputer050203 business & management
researchProduct

A Novel Deep Learning Stack for APT Detection

2019

We present a novel Deep Learning (DL) stack for detecting Advanced Persistent threat (APT) attacks. This model is based on a theoretical approach where an APT is observed as a multi-vector multi-stage attack with a continuous strategic campaign. To capture these attacks, the entire network flow and particularly raw data must be used as an input for the detection process. By combining different types of tailored DL-methods, it is possible to capture certain types of anomalies and behaviour. Our method essentially breaks down a bigger problem into smaller tasks, tries to solve these sequentially and finally returns a conclusive result. This concept paper outlines, for example, the problems an…

Advanced persistent threatProcess (engineering)Computer science020209 energyDistributed computing02 engineering and technologylcsh:Technologylcsh:ChemistryStack (abstract data type)020204 information systemsAdvanced Persistent Thread (APT)0202 electrical engineering electronic engineering information engineeringGeneral Materials Sciencetietoturvalcsh:QH301-705.5Instrumentationta113Fluid Flow and Transfer Processeslcsh:Tbusiness.industryProcess Chemistry and TechnologyDeep learningGeneral EngineeringFlow networklcsh:QC1-999Computer Science Applicationsnetwork anomaly detectionkoneoppiminenlcsh:Biology (General)lcsh:QD1-999lcsh:TA1-2040Deep Learning (DL)Artificial intelligencelcsh:Engineering (General). Civil engineering (General)Raw databusinessverkkohyökkäyksetlcsh:Physics
researchProduct

State of the Art Literature Review on Network Anomaly Detection with Deep Learning

2018

As network attacks are evolving along with extreme growth in the amount of data that is present in networks, there is a significant need for faster and more effective anomaly detection methods. Even though current systems perform well when identifying known attacks, previously unknown attacks are still difficult to identify under occurrence. To emphasize, attacks that might have more than one ongoing attack vectors in one network at the same time, or also known as APT (Advanced Persistent Threat) attack, may be hardly notable since it masquerades itself as legitimate traffic. Furthermore, with the help of hiding functionality, this type of attack can even hide in a network for years. Additi…

Advanced persistent threatbusiness.industryComputer scienceDeep learningdeep learning020206 networking & telecommunications02 engineering and technologyComputer securitycomputer.software_genrenetwork anomaly detectionkoneoppiminen0202 electrical engineering electronic engineering information engineering020201 artificial intelligence & image processingAnomaly detectionState (computer science)Artificial intelligencetietoturvabusinessverkkohyökkäyksetcomputer
researchProduct

Anomaly detection in dynamic systems using weak estimators

2011

Accepted version of an article from the journal: ACM transactions on internet technology. Published version available from the ACM: http://dx.doi.org/10.1145/1993083.1993086 Anomaly detection involves identifying observations that deviate from the normal behavior of a system. One of the ways to achieve this is by identifying the phenomena that characterize “normal” observations. Subsequently, based on the characteristics of data learned from the “normal” observations, new observations are classified as being either “normal” or not. Most state-of-the-art approaches, especially those which belong to the family of parameterized statistical schemes, work under the assumption that the underlying…

Change over timeVDP::Mathematics and natural science: 400::Mathematics: 410::Applied mathematics: 413education.field_of_studyComputer Networks and CommunicationsComputer sciencePopulationEstimatorParameterized complexityVDP::Technology: 500::Information and communication technology: 550Network monitoringcomputer.software_genreOutlierAnomaly detectionData miningeducationcomputer
researchProduct

A Methodology to Detect Temporal Regularities in User Behavior for Anomaly Detection

2001

Network security, and intrusion detection in particular, represents an area of increased in security community over last several years. However, the majority of work in this area has been concentrated upon implementation of misuse detection systems for intrusion patterns monitoring among network traffic. In anomaly detection the classification was mainly based on statistical or sequential analysis of data often neglect ion temporal events' information as well as existing relations between them. In this paper we consider an anomaly detection problem as one of classification of user behavior in terms of incoming multiple discrete sequences. We present and approach that allows creating and mai…

Class (computer programming)User profileNetwork securitybusiness.industryAnomaly-based intrusion detection systemComputer scienceIntrusion detection systemcomputer.software_genreMisuse detectionData analysisAnomaly detectionData miningbusinesscomputer
researchProduct